diff --git a/services/graph/pkg/identity/cache/cache.go b/services/graph/pkg/identity/cache/cache.go index aa08823912..1e419f8765 100644 --- a/services/graph/pkg/identity/cache/cache.go +++ b/services/graph/pkg/identity/cache/cache.go @@ -107,6 +107,7 @@ func (cache IdentityCache) GetCS3User(ctx context.Context, tenantId, userid stri } cs3UserID := &cs3User.UserId{ OpaqueId: userid, + TenantId: tenantId, } user, err = revautils.GetUserNoGroups(ctx, cs3UserID, gatewayClient) if err != nil { @@ -123,9 +124,6 @@ func (cache IdentityCache) GetCS3User(ctx context.Context, tenantId, userid stri cache.users.Set(tenantId+"|"+userid, user, ttlcache.DefaultTTL) } else { - if item.Value().GetId().GetTenantId() != tenantId { - return nil, identity.ErrNotFound - } user = item.Value() } return user, nil diff --git a/services/graph/pkg/service/v0/api_driveitem_permissions.go b/services/graph/pkg/service/v0/api_driveitem_permissions.go index 01218ecf5a..aa68e8d0fe 100644 --- a/services/graph/pkg/service/v0/api_driveitem_permissions.go +++ b/services/graph/pkg/service/v0/api_driveitem_permissions.go @@ -104,6 +104,7 @@ func NewDriveItemPermissionsService(logger log.Logger, gatewaySelector pool.Sele // Invite invites a user to a drive item. func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *storageprovider.ResourceId, invite libregraph.DriveItemInvite) (libregraph.Permission, error) { + tenantId := revactx.ContextMustGetUser(ctx).GetId().GetTenantId() gatewayClient, err := s.gatewaySelector.Next() if err != nil { return libregraph.Permission{}, err @@ -185,8 +186,7 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto cTime = createShareResponse.GetShare().GetCtime() expiration = createShareResponse.GetShare().GetExpiration() default: - // TODO: get tenantId from revactx.ContextGetUser(ctx), maybe we need to extent the user struct - user, err := s.identityCache.GetCS3User(ctx, "", objectID) + user, err := s.identityCache.GetCS3User(ctx, tenantId, objectID) if errors.Is(err, identity.ErrNotFound) && s.config.IncludeOCMSharees { user, err = s.identityCache.GetAcceptedCS3User(ctx, objectID) if err == nil && IsSpaceRoot(statResponse.GetInfo().GetId()) { @@ -261,8 +261,7 @@ func (s DriveItemPermissionsService) Invite(ctx context.Context, resourceId *sto } if user, ok := revactx.ContextGetUser(ctx); ok { - // TODO: get tenantId from revactx.ContextGetUser(ctx), maybe we need to extent the user struct - userIdentity, err := userIdToIdentity(ctx, s.identityCache, "", user.GetId().GetOpaqueId()) + userIdentity, err := userIdToIdentity(ctx, s.identityCache, tenantId, user.GetId().GetOpaqueId()) if err != nil { s.logger.Error().Err(err).Msg("identity lookup failed") return libregraph.Permission{}, errorcode.New(errorcode.InvalidRequest, err.Error()) diff --git a/services/graph/pkg/service/v0/base.go b/services/graph/pkg/service/v0/base.go index bb65dc69be..4b2c8edd2c 100644 --- a/services/graph/pkg/service/v0/base.go +++ b/services/graph/pkg/service/v0/base.go @@ -17,6 +17,7 @@ import ( storageprovider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1" libregraph "github.com/opencloud-eu/libre-graph-api-go" + revactx "github.com/opencloud-eu/reva/v2/pkg/ctx" "golang.org/x/sync/errgroup" "google.golang.org/protobuf/types/known/fieldmaskpb" @@ -171,8 +172,8 @@ func (g BaseGraphService) cs3SpacePermissionsToLibreGraph(ctx context.Context, s } isGroup = true } else { - // TODO: get tenantId from revactx.ContextGetUser(ctx), maybe we need to extent the user struct - cs3Identity, err = userIdToIdentity(ctx, g.identityCache, "", tmp) + tenantId := revactx.ContextMustGetUser(ctx).GetId().GetTenantId() + cs3Identity, err = userIdToIdentity(ctx, g.identityCache, tenantId, tmp) if err != nil { g.logger.Warn().Str("userid", tmp).Msg("User not found by id") }