diff --git a/scripts/create-files.sh b/scripts/create-files.sh index 0c2973c3d4..880ff38aae 100644 --- a/scripts/create-files.sh +++ b/scripts/create-files.sh @@ -4,8 +4,8 @@ COUNT=${COUNT:-100} OC_URL=${OC_URL:-https://localhost:9200} ENDPOINT=${ENDPOINT:-/webdav} FOLDER=${FOLDER:-c$CLIENTS x i$COUNT files} -USER=${USER:-einstein} -PASSWORD=${PASSWORD:-relativity} +USER=${USER:-alan} +PASSWORD=${PASSWORD:-demo} CURL_OPTS=${CURL_OPTS:--k} curl -X MKCOL "$OC_URL$ENDPOINT/$FOLDER/" -u $USER:$PASSWORD $CURL_OPTS || { echo "could not create collection '$OC_URL$ENDPOINT/$FOLDER/'" >&2; exit 1; } @@ -17,4 +17,4 @@ do curl -X PUT -d "$c,$i" "$OC_URL$ENDPOINT/$FOLDER/file c$c i$i.txt" -u $USER:$PASSWORD $CURL_OPTS done } & -done \ No newline at end of file +done diff --git a/scripts/create-tree.sh b/scripts/create-tree.sh index f8f512abe4..fc011f36b8 100644 --- a/scripts/create-tree.sh +++ b/scripts/create-tree.sh @@ -4,8 +4,8 @@ WIDTH=${WIDTH:-10} OC_URL=${OC_URL:-https://localhost:9200} ENDPOINT=${ENDPOINT:-/webdav} FOLDER=${FOLDER:-w$WIDTH x d$DEPTH folders} -USER=${USER:-einstein} -PASSWORD=${PASSWORD:-relativity} +USER=${USER:-alan} +PASSWORD=${PASSWORD:-demo} CURL_OPTS=${CURL_OPTS:--k} COUNT=0 diff --git a/services/auth-app/README.md b/services/auth-app/README.md index 304473dcfb..7aa045d11a 100644 --- a/services/auth-app/README.md +++ b/services/auth-app/README.md @@ -108,7 +108,7 @@ To impersonate, the respective requests from the CLI commands above extend with * The `userName` in the form of: `userName={value}`\ Example:\ - `userName=einstein` + `userName=alan` Example:\ A final create request would then look like: diff --git a/services/graph/pkg/service/v0/drives_test.go b/services/graph/pkg/service/v0/drives_test.go index 491dfd4047..fbbb7af1e4 100644 --- a/services/graph/pkg/service/v0/drives_test.go +++ b/services/graph/pkg/service/v0/drives_test.go @@ -22,9 +22,9 @@ var time3, time5, time6 *time.Time var time4 = time.Date(2022, 02, 05, 15, 00, 00, 00, time.UTC) var drives = []*libregraph.Drive{ drive("3", "project", "Admin", time3), - drive("1", "project", "Einstein", &time1), - drive("2", "project", "Marie", &time2), - drive("4", "project", "Richard", &time4), + drive("1", "project", "Alan", &time1), + drive("2", "project", "Mary", &time2), + drive("4", "project", "Margaret", &time4), } var drivesLong = append(drives, []*libregraph.Drive{ drive("5", "project", "bob", time5), @@ -45,9 +45,9 @@ var sortTests = []sortTest{ }, DrivesSorted: []*libregraph.Drive{ drive("3", "project", "Admin", time3), - drive("1", "project", "Einstein", &time1), - drive("2", "project", "Marie", &time2), - drive("4", "project", "Richard", &time4), + drive("1", "project", "Alan", &time1), + drive("2", "project", "Mary", &time2), + drive("4", "project", "Margaret", &time4), }, }, { @@ -62,9 +62,9 @@ var sortTests = []sortTest{ }, }, DrivesSorted: []*libregraph.Drive{ - drive("4", "project", "Richard", &time4), - drive("2", "project", "Marie", &time2), - drive("1", "project", "Einstein", &time1), + drive("4", "project", "Margaret", &time4), + drive("2", "project", "Mary", &time2), + drive("1", "project", "Alan", &time1), drive("3", "project", "Admin", time3), }, }, @@ -83,9 +83,9 @@ var sortTests = []sortTest{ drive("3", "project", "Admin", time3), drive("6", "project", "alice", time6), drive("5", "project", "bob", time5), - drive("1", "project", "Einstein", &time1), - drive("2", "project", "Marie", &time2), - drive("4", "project", "Richard", &time4), + drive("1", "project", "Alan", &time1), + drive("2", "project", "Mary", &time2), + drive("4", "project", "Margaret", &time4), }, }, { @@ -100,9 +100,9 @@ var sortTests = []sortTest{ }, }, DrivesSorted: []*libregraph.Drive{ - drive("4", "project", "Richard", &time4), - drive("2", "project", "Marie", &time2), - drive("1", "project", "Einstein", &time1), + drive("4", "project", "Margaret", &time4), + drive("2", "project", "Mary", &time2), + drive("1", "project", "Alan", &time1), drive("5", "project", "bob", time5), drive("6", "project", "alice", time6), drive("3", "project", "Admin", time3), diff --git a/services/idm/ldif/demousers.ldif.tmpl b/services/idm/ldif/demousers.ldif.tmpl index 8640c70641..6f78d4ac35 100644 --- a/services/idm/ldif/demousers.ldif.tmpl +++ b/services/idm/ldif/demousers.ldif.tmpl @@ -1,102 +1,78 @@ -dn: uid=einstein,ou=users,o=libregraph-idm +dn: uid=alan,ou=users,o=libregraph-idm objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: ownCloudUser objectClass: ownCloud objectClass: person objectClass: top -uid: einstein -givenName: Albert -sn: Einstein -cn: einstein -displayName: Albert Einstein -description: A German-born theoretical physicist who developed the theory of relativity, one of the two pillars of modern physics (alongside quantum mechanics). -mail: einstein@example.org +uid: alan +givenName: Alan +sn: Turing +cn: alan +displayName: Alan Turing +description: An English mathematician, computer scientist, logician, cryptanalyst, philosopher and theoretical biologist. He was highly influential in the development of theoretical computer science, providing a formalisation of the concepts of algorithm and computation with the Turing machine. +mail: alan@example.org ownCloudUserEnabled: TRUE -ownCloudUUID: 4c510ada-c86b-4815-8820-42cdf82c3d51 -oCExternalIdentity: $ {{.}} $ 4c510ada-c86b-4815-8820-42cdf82c3d51 -userPassword:: e0FSR09OMn0kYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MSxwPTIkOFpyclR0NXA1a0VmVlhL - akNHaVBEUSRnemZCWWwrTHdzTUhXQWJSMEJ2NnRiZk1XZjZaOVJ0Mms5Z3VkSWJ5bzg4 +ownCloudUUID: b1f74ec4-dd7e-11ef-a543-03775734d0f7 +oCExternalIdentity: $ {{.}} $ b1f74ec4-dd7e-11ef-a543-03775734d0f7 +userPassword:: -dn: uid=marie,ou=users,o=libregraph-idm +dn: uid=mary,ou=users,o=libregraph-idm objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: ownCloudUser objectClass: ownCloud objectClass: person objectClass: top -uid: marie -givenName: Marie -sn: Curie -cn: marie -displayName: Marie Skłodowska Curie -description: A Polish and naturalized-French physicist and chemist who conducted pioneering research on radioactivity. -mail: marie@example.org +uid: mary +givenName: Mary +sn: Kenneth Keller +cn: mary +displayName: Mary Kenneth Keller +description: Mary Kenneth Keller of the Sisters of Charity of the Blessed Virgin Mary was a pioneer in computer science. +mail: mary@example.org ownCloudUserEnabled: TRUE -ownCloudUUID: f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c -oCExternalIdentity: $ {{.}} $ f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c -userPassword:: e0FSR09OMn0kYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MSxwPTIkUHJzWkpQQW9pMkFwZHlJ - a2Q1NGkzQSRnalZzR3doTmk2K0djenJ4SVdPalN2UlBpWXhKSXpHVG4vcnpQZzkvSlZN +ownCloudUUID: 056fc874-dd7f-11ef-ba84-af6fca4b7289 +oCExternalIdentity: $ {{.}} $ 056fc874-dd7f-11ef-ba84-af6fca4b7289 +userPassword:: -dn: uid=katherine,ou=users,o=libregraph-idm +dn: uid=margaret,ou=users,o=libregraph-idm objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: ownCloudUser objectClass: ownCloud objectClass: person objectClass: top -uid: katherine -givenName: Katherine -sn: Johnson -cn: katherine -displayName: Katherine Johnson -description: An American mathematician whose calculations of orbital mechanics as a NASA employee were critical to the success of the first and subsequent U.S. crewed spaceflights. -mail: katherine@example.org +uid: margaret +givenName: Margaret +sn: Hamilton +cn: margaret +displayName: Margaret Hamilton +description: A director of the Software Engineering Division of the MIT Instrumentation Laboratory, which developed on-board flight software for NASA's Apollo program. +mail: margaret@example.org ownCloudUserEnabled: TRUE -ownCloudUUID: 534bb038-6f9d-4093-946f-133be61fa4e7 -oCExternalIdentity: $ {{.}} $ 534bb038-6f9d-4093-946f-133be61fa4e7 -userPassword:: e0FSR09OMn0kYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MSxwPTIkYVd0b1RXdHdZblZuYjB4 - Nk0wRm1adyRyeXVESVg0a3JSNGdmcnduZEh3aVpaSjVDUQ== +ownCloudUUID: 801abee4-dd7f-11ef-a324-83f55a754b62 +oCExternalIdentity: $ {{.}} $ 801abee4-dd7f-11ef-a324-83f55a754b62 +userPassword:: -dn: uid=richard,ou=users,o=libregraph-idm +dn: uid=dennis,ou=users,o=libregraph-idm objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: ownCloudUser objectClass: ownCloud objectClass: person objectClass: top -uid: richard -givenName: Richard -sn: Feynman -cn: richard -displayName: Richard Phillips Feynman -description: An American theoretical physicist, known for his work in the path integral formulation of quantum mechanics, the theory of quantum electrodynamics, the physics of the superfluidity of supercooled liquid helium, as well as his work in particle physics for which he proposed the parton model. -mail: richard@example.org +uid: dennis +givenName: Dennis +sn: Ritchie +cn: dennis +displayName: Dennis Ritchie +description: American computer scientist. He created the C programming language and the Unix operating system and B language with long-time colleague Ken Thompson. +mail: dennis@example.org ownCloudUserEnabled: TRUE -ownCloudUUID: 932b4540-8d16-481e-8ef4-588e4b6b151c -oCExternalIdentity: $ {{.}} $ 932b4540-8d16-481e-8ef4-588e4b6b151c -userPassword:: e0FSR09OMn0kYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MSxwPTIkNjlNcUQxem5sUUZ2SUha - d2dxU00xQSRVQmNEa2NDZktMemVpQnlyb0JjOTdCSVRhTFo2WjZIL2dhbytSTVh6OHhn - -dn: uid=moss,ou=users,o=libregraph-idm -objectClass: inetOrgPerson -objectClass: organizationalPerson -objectClass: ownCloudUser -objectClass: ownCloud -objectClass: person -objectClass: top -uid: moss -givenName: Maurice -sn: Moss -cn: moss -displayName: Maurice Moss -description: A worker in the IT Department of Reynholm Industries. Of all the working staff in the IT Department, he is the most hard-working, the most experienced, and the most capable of doing his job well. He puts a lot of effort into his work, however he does not get the credit he deserves. -mail: moss@example.org -ownCloudUserEnabled: TRUE -ownCloudUUID: 058bff95-6708-4fe5-91e4-9ea3d377588b -oCExternalIdentity: $ {{.}} $ 058bff95-6708-4fe5-91e4-9ea3d377588b -userPassword:: e0FSR09OMn0kYXJnb24yaWQkdj0xOSRtPTY1NTM2LHQ9MSxwPTIkZU0xaXR6amQ2dlNSSERx - NlZCbXBlQSQxNzBhcTB3YjJZZ2NLU2cwWDhHY3l6ckZwMUllcGplMTNraDdVNjUyNXk4 +ownCloudUUID: cd88bf9a-dd7f-11ef-a609-7f78deb2345f +oCExternalIdentity: $ {{.}} $ cd88bf9a-dd7f-11ef-a609-7f78deb2345f +userPassword:: dn: cn=users,ou=groups,o=libregraph-idm objectClass: groupOfNames @@ -105,20 +81,20 @@ objectClass: top cn: users description: Users ownCloudUUID: 509a9dcd-bb37-4f4f-a01a-19dca27d9cfa -member: uid=einstein,ou=users,o=libregraph-idm -member: uid=marie,ou=users,o=libregraph-idm -member: uid=richard,ou=users,o=libregraph-idm -member: uid=moss,ou=users,o=libregraph-idm +member: uid=alan,ou=users,o=libregraph-idm +member: uid=mary,ou=users,o=libregraph-idm +member: uid=margaret,ou=users,o=libregraph-idm +member: uid=dennis,ou=users,o=libregraph-idm member: uid=admin,ou=users,o=libregraph-idm -dn: cn=sailing-lovers,ou=groups,o=libregraph-idm +dn: cn=chess-lovers,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top cn: sailing-lovers -description: Sailing lovers -ownCloudUUID: 6040aa17-9c64-4fef-9bd0-77234d71bad0 -member: uid=einstein,ou=users,o=libregraph-idm +description: Chess lovers +ownCloudUUID: 9d31ec04-dd80-11ef-ac47-a38ba68cc36d +member: uid=alan,ou=users,o=libregraph-idm dn: cn=violin-haters,ou=groups,o=libregraph-idm objectClass: groupOfNames @@ -126,52 +102,52 @@ objectClass: ownCloud objectClass: top cn: violin-haters description: Violin haters -ownCloudUUID: dd58e5ec-842e-498b-8800-61f2ec6f911f -member: uid=einstein,ou=users,o=libregraph-idm +ownCloudUUID: d901562a-dd80-11ef-a510-fba1ed43fb21 +member: uid=alan,ou=users,o=libregraph-idm -dn: cn=radium-lovers,ou=groups,o=libregraph-idm +dn: cn=bible-readers,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top -cn: radium-lovers -description: Radium lovers -ownCloudUUID: 7b87fd49-286e-4a5f-bafd-c535d5dd997a -member: uid=marie,ou=users,o=libregraph-idm +cn: bible-readers +description: Bible readers +ownCloudUUID: 2fc6ba22-dd81-11ef-89e6-e3eff494a998 +member: uid=mary,ou=users,o=libregraph-idm -dn: cn=polonium-lovers,ou=groups,o=libregraph-idm +dn: cn=apollos,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top -cn: polonium-lovers -description: Polonium lovers -ownCloudUUID: cedc21aa-4072-4614-8676-fa9165f598ff -member: uid=marie,ou=users,o=libregraph-idm +cn: apollos +description: Contributors to the Appollo mission +ownCloudUUID: 6f9bab36-dd94-11ef-a252-dbbdd20299dd +member: uid=margaret,ou=users,o=libregraph-idm -dn: cn=quantum-lovers,ou=groups,o=libregraph-idm +dn: cn=unix-lovers,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top -cn: quantum-lovers -description: Quantum lovers -ownCloudUUID: a1726108-01f8-4c30-88df-2b1a9d1cba1a -member: uid=richard,ou=users,o=libregraph-idm +cn: unix-lovers +description: Unix lovers +ownCloudUUID: 75bc3882-dd94-11ef-ad60-335f3df6cef3 +member: uid=dennis,ou=users,o=libregraph-idm -dn: cn=philosophy-haters,ou=groups,o=libregraph-idm +dn: cn=basic-haters,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top -cn: philosophy-haters -description: Philosophy haters -ownCloudUUID: 167cbee2-0518-455a-bfb2-031fe0621e5d -member: uid=richard,ou=users,o=libregraph-idm +cn: basic-haters +description: Haters of the Basic programming language +ownCloudUUID: a4eb2c12-dd94-11ef-9ebe-eb96f938d517 +member: uid=dennis,ou=users,o=libregraph-idm -dn: cn=physics-lovers,ou=groups,o=libregraph-idm +dn: cn=programmers,ou=groups,o=libregraph-idm objectClass: groupOfNames objectClass: ownCloud objectClass: top -cn: physics-lovers -description: Physics lovers -ownCloudUUID: 262982c1-2362-4afa-bfdf-8cbfef64a06e -member: uid=einstein,ou=users,o=libregraph-idm -member: uid=marie,ou=users,o=libregraph-idm -member: uid=richard,ou=users,o=libregraph-idm +cn: programmers +description: Computer Programmer +ownCloudUUID: ce4aa240-dd94-11ef-82b8-4f4828849072 +member: uid=alan,ou=users,o=libregraph-idm +member: uid=margaret,ou=users,o=libregraph-idm +member: uid=dennis,ou=users,o=libregraph-idm diff --git a/services/proxy/pkg/proxy/policy/selector.go b/services/proxy/pkg/proxy/policy/selector.go index f5af26c3a8..c9806a962d 100644 --- a/services/proxy/pkg/proxy/policy/selector.go +++ b/services/proxy/pkg/proxy/policy/selector.go @@ -160,12 +160,12 @@ func NewClaimsSelector(cfg *config.ClaimsSelectorConf) Selector { // "policy_selector": { // "regex": { // "matches_policies": [ -// {"priority": 10, "property": "mail", "match": "marie@example.org", "policy": "opencloud"}, +// {"priority": 10, "property": "mail", "match": "mary@example.org", "policy": "opencloud"}, // {"priority": 20, "property": "mail", "match": "[^@]+@example.org", "policy": "oc10"}, -// {"priority": 30, "property": "username", "match": "(einstein|feynman)", "policy": "opencloud"}, +// {"priority": 30, "property": "username", "match": "(dennis|feynman)", "policy": "opencloud"}, // {"priority": 40, "property": "username", "match": ".+", "policy": "oc10"}, -// {"priority": 50, "property": "id", "match": "4c510ada-c86b-4815-8820-42cdf82c3d51", "policy": "opencloud"}, -// {"priority": 60, "property": "id", "match": "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", "policy": "oc10"} +// {"priority": 50, "property": "id", "match": "b1f74ec4-dd7e-11ef-a543-03775734d0f7", "policy": "opencloud"}, +// {"priority": 60, "property": "id", "match": "056fc874-dd7f-11ef-ba84-af6fca4b7289", "policy": "oc10"} // ], // "unauthenticated_policy": "oc10" // } diff --git a/services/proxy/pkg/proxy/policy/selector_test.go b/services/proxy/pkg/proxy/policy/selector_test.go index 93974304bb..24ed765596 100644 --- a/services/proxy/pkg/proxy/policy/selector_test.go +++ b/services/proxy/pkg/proxy/policy/selector_test.go @@ -105,12 +105,12 @@ func TestRegexSelector(t *testing.T) { sel := NewRegexSelector(&config.RegexSelectorConf{ DefaultPolicy: "default", MatchesPolicies: []config.RegexRuleConf{ - {Priority: 10, Property: "mail", Match: "marie@example.org", Policy: "opencloud"}, + {Priority: 10, Property: "mail", Match: "mary@example.org", Policy: "opencloud"}, {Priority: 20, Property: "mail", Match: "[^@]+@example.org", Policy: "oc10"}, - {Priority: 30, Property: "username", Match: "(einstein|feynman)", Policy: "opencloud"}, + {Priority: 30, Property: "username", Match: "(alan|feynman)", Policy: "opencloud"}, {Priority: 40, Property: "username", Match: ".+", Policy: "oc10"}, - {Priority: 50, Property: "id", Match: "4c510ada-c86b-4815-8820-42cdf82c3d51", Policy: "opencloud"}, - {Priority: 60, Property: "id", Match: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", Policy: "oc10"}, + {Priority: 50, Property: "id", Match: "b1f74ec4-dd7e-11ef-a543-03775734d0f7", Policy: "opencloud"}, + {Priority: 60, Property: "id", Match: "056fc874-dd7f-11ef-ba84-af6fca4b7289", Policy: "oc10"}, }, UnauthenticatedPolicy: "unauthenticated", }) @@ -118,14 +118,14 @@ func TestRegexSelector(t *testing.T) { var tests = []testCase{ {"unauthenticated", context.Background(), nil, "unauthenticated"}, {"default", revactx.ContextSetUser(context.Background(), &userv1beta1.User{}), nil, "default"}, - {"mail-opencloud", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Mail: "marie@example.org"}), nil, "opencloud"}, - {"mail-oc10", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Mail: "einstein@example.org"}), nil, "oc10"}, - {"username-einstein", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Username: "einstein"}), nil, "opencloud"}, + {"mail-opencloud", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Mail: "mary@example.org"}), nil, "opencloud"}, + {"mail-oc10", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Mail: "alan@example.org"}), nil, "oc10"}, + {"username-alan", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Username: "alan"}), nil, "opencloud"}, {"username-feynman", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Username: "feynman"}), nil, "opencloud"}, - {"username-marie", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Username: "marie"}), nil, "oc10"}, + {"username-mary", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Username: "mary"}), nil, "oc10"}, {"id-nil", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Id: &userv1beta1.UserId{}}), nil, "default"}, - {"id-1", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Id: &userv1beta1.UserId{OpaqueId: "4c510ada-c86b-4815-8820-42cdf82c3d51"}}), nil, "opencloud"}, - {"id-2", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Id: &userv1beta1.UserId{OpaqueId: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c"}}), nil, "oc10"}, + {"id-1", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Id: &userv1beta1.UserId{OpaqueId: "b1f74ec4-dd7e-11ef-a543-03775734d0f7"}}), nil, "opencloud"}, + {"id-2", revactx.ContextSetUser(context.Background(), &userv1beta1.User{Id: &userv1beta1.UserId{OpaqueId: "056fc874-dd7f-11ef-ba84-af6fca4b7289"}}), nil, "oc10"}, } for _, tc := range tests { diff --git a/services/search/pkg/content/content_test.go b/services/search/pkg/content/content_test.go index 09f8411e41..9b571a6d1c 100644 --- a/services/search/pkg/content/content_test.go +++ b/services/search/pkg/content/content_test.go @@ -18,8 +18,8 @@ func TestCleanContent(t *testing.T) { expect: "keeper keeper", }, { - given: "user1 shares the file to Marie", - expect: "user1 shares file marie", + given: "user1 shares the file to Mary", + expect: "user1 shares file mary", }, { given: "content contains https://localhost/remote.php/dav/files/admin/Photos/San%20Francisco.jpg and stop word", diff --git a/services/settings/pkg/store/defaults/defaults.go b/services/settings/pkg/store/defaults/defaults.go index 09b0bcb986..d40d33431b 100644 --- a/services/settings/pkg/store/defaults/defaults.go +++ b/services/settings/pkg/store/defaults/defaults.go @@ -651,25 +651,21 @@ func DefaultRoleAssignments(cfg *config.Config) []*settingsmsg.UserRoleAssignmen assignments = []*settingsmsg.UserRoleAssignment{ // default users with role "user" { - AccountUuid: "4c510ada-c86b-4815-8820-42cdf82c3d51", + AccountUuid: "b1f74ec4-dd7e-11ef-a543-03775734d0f7", RoleId: BundleUUIDRoleUser, }, { - AccountUuid: "f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c", - RoleId: BundleUUIDRoleUser, - }, - { - AccountUuid: "932b4540-8d16-481e-8ef4-588e4b6b151c", + AccountUuid: "056fc874-dd7f-11ef-ba84-af6fca4b7289", RoleId: BundleUUIDRoleUser, }, { // additional admin user - AccountUuid: "058bff95-6708-4fe5-91e4-9ea3d377588b", // demo user "moss" + AccountUuid: "cd88bf9a-dd7f-11ef-a609-7f78deb2345f", // demo user "dennis" RoleId: BundleUUIDRoleAdmin, }, { // default users with role "spaceadmin" - AccountUuid: "534bb038-6f9d-4093-946f-133be61fa4e7", + AccountUuid: "801abee4-dd7f-11ef-a324-83f55a754b62", RoleId: BundleUUIDRoleSpaceAdmin, }, { diff --git a/services/settings/pkg/store/metadata/assignments_test.go b/services/settings/pkg/store/metadata/assignments_test.go index 48e55cae33..25a87a842e 100644 --- a/services/settings/pkg/store/metadata/assignments_test.go +++ b/services/settings/pkg/store/metadata/assignments_test.go @@ -14,9 +14,9 @@ import ( ) var ( - einstein = "00000000-0000-0000-0000-000000000001" - marie = "00000000-0000-0000-0000-000000000002" - moss = "00000000-0000-0000-0000-000000000003" + alan = "00000000-0000-0000-0000-000000000001" + mary = "00000000-0000-0000-0000-000000000002" + dennis = "00000000-0000-0000-0000-000000000003" role1 = "11111111-1111-1111-1111-111111111111" role2 = "22222222-2222-2222-2222-222222222222" @@ -119,7 +119,7 @@ func TestAssignmentUniqueness(t *testing.T) { }{ { "roles assignments", - einstein, + alan, "f36db5e6-a03c-40df-8413-711c67e40b47", "44f1a664-0a7f-461a-b0be-5b59e46bbc7a", }, @@ -169,10 +169,10 @@ func TestListRoleAssignmentByRole(t *testing.T) { name: "just 2 assignments", assignments: []assignment{ { - userID: einstein, + userID: alan, roleID: role1, }, { - userID: marie, + userID: mary, roleID: role1, }, }, @@ -183,10 +183,10 @@ func TestListRoleAssignmentByRole(t *testing.T) { name: "no assignments match", assignments: []assignment{ { - userID: einstein, + userID: alan, roleID: role1, }, { - userID: marie, + userID: mary, roleID: role1, }, }, @@ -197,13 +197,13 @@ func TestListRoleAssignmentByRole(t *testing.T) { name: "only one assignment matches", assignments: []assignment{ { - userID: einstein, + userID: alan, roleID: role1, }, { - userID: marie, + userID: mary, roleID: role1, }, { - userID: moss, + userID: dennis, roleID: role2, }, }, @@ -241,7 +241,7 @@ func TestDeleteAssignment(t *testing.T) { }{ { "roles assignments", - einstein, + alan, "f36db5e6-a03c-40df-8413-711c67e40b47", "44f1a664-0a7f-461a-b0be-5b59e46bbc7a", }, diff --git a/services/settings/pkg/util/resource_helper_test.go b/services/settings/pkg/util/resource_helper_test.go index cba3ac68c3..ebffdad049 100644 --- a/services/settings/pkg/util/resource_helper_test.go +++ b/services/settings/pkg/util/resource_helper_test.go @@ -38,11 +38,11 @@ func TestIsResourceMatched(t *testing.T) { "same resource types with different ids don't match", &settingsmsg.Resource{ Type: settingsmsg.Resource_TYPE_USER, - Id: "einstein", + Id: "alan", }, &settingsmsg.Resource{ Type: settingsmsg.Resource_TYPE_USER, - Id: "marie", + Id: "mary", }, false, }, @@ -50,11 +50,11 @@ func TestIsResourceMatched(t *testing.T) { "same resource types with same ids match", &settingsmsg.Resource{ Type: settingsmsg.Resource_TYPE_USER, - Id: "einstein", + Id: "alan", }, &settingsmsg.Resource{ Type: settingsmsg.Resource_TYPE_USER, - Id: "einstein", + Id: "alan", }, true, }, @@ -77,7 +77,7 @@ func TestIsResourceMatched(t *testing.T) { }, &settingsmsg.Resource{ Type: settingsmsg.Resource_TYPE_USER, - Id: "einstein", + Id: "alan", }, true, }, diff --git a/services/webfinger/README.md b/services/webfinger/README.md index 777e79fce7..4fb0a6cde5 100644 --- a/services/webfinger/README.md +++ b/services/webfinger/README.md @@ -31,7 +31,7 @@ The default configuration will simply return the `OC_URL` and direct clients to ```json { - "subject": "acct:einstein@drive.opencloud.test", + "subject": "acct:alan@drive.opencloud.test", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", @@ -56,18 +56,18 @@ A more complex example for configuring different instances could look like this: webfinger: instances: - claim: email - regex: einstein@example\.org + regex: alan@example\.org href: "https://{{.preferred_username}}.cloud.opencloud.test" title: - "en": "OpenCloud Instance for Einstein" - "de": "OpenCloud Instanz für Einstein" + "en": "OpenCloud Instance for Alan" + "de": "OpenCloud Instanz für Alan" break: true - claim: "email" - regex: marie@example\.org + regex: mary@example\.org href: "https://{{.preferred_username}}.cloud.opencloud.test" title: - "en": "OpenCloud Instance for Marie" - "de": "OpenCloud Instanz für Marie" + "en": "OpenCloud Instance for Mary" + "de": "OpenCloud Instanz für Mary" break: false - claim: "email" regex: .+@example\.org @@ -92,11 +92,11 @@ webfinger: break: true ``` -Now, an authenticated webfinger request for `acct:me@example.org` (when logged in as marie) would return two instances, based on her `email` claim, the regex matches and break flags: +Now, an authenticated webfinger request for `acct:me@example.org` (when logged in as mary) would return two instances, based on her `email` claim, the regex matches and break flags: ```json { - "subject": "acct:marie@example.org", + "subject": "acct:mary@example.org", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", @@ -104,10 +104,10 @@ Now, an authenticated webfinger request for `acct:me@example.org` (when logged i }, { "rel": "http://webfinger.opencloud/rel/server-instance", - "href": "https://marie.cloud.opencloud.test", + "href": "https://mary.cloud.opencloud.test", "titles": { - "en": "OpenCloud Instance for Marie", - "de": "OpenCloud Instanz für Marie" + "en": "OpenCloud Instance for Mary", + "de": "OpenCloud Instanz für Mary" } }, { diff --git a/services/webfinger/TODO.md b/services/webfinger/TODO.md index 86f9e45090..e626146e6b 100644 --- a/services/webfinger/TODO.md +++ b/services/webfinger/TODO.md @@ -4,9 +4,9 @@ Currently, clients need to make subsequent calls to: * /config.json to get the available apps for OpenCloud web to determine which routes require authentication * /themes/opencloud/theme.json for theming info * /.well-known/openid-configuration, auth2 token and oidc userinfo endpoints to authenticate the user -* /ocs/v1.php/cloud/user to get the username, eg. einstein ... again? it contains the oc10 user id (marie, not the uuid) +* /ocs/v1.php/cloud/user to get the username, eg. alan ... again? it contains the oc10 user id (mary, not the uuid) * /ocs/v1.php/cloud/capabilities to fetch instance capabilites -* /ocs/v1.php/cloud/users/einstein to fetch the quota which could come from graph and actually is now tied to the spaces, not to users +* /ocs/v1.php/cloud/users/alan to fetch the quota which could come from graph and actually is now tied to the spaces, not to users * /graph/v1.0/me?%24expand=memberOf to fetch the user id and the groups the user is a member of We need a way to pass oidc claims from the proxy, which does the authentication to the webfinger service, preferably by minting them into the internal reva token. @@ -45,7 +45,7 @@ The /.well-known/webfinger enpdoint allows us to not only get rid of some of the It also allows us to move some services out of a sharded deployment. We could e.g. introduce a relation for a common OpenCloud web endpoint to not exponse the different instances in the browser bar: ```json { - "subject": "acct:einstein@drive.opencloud.test", + "subject": "acct:alan@drive.opencloud.test", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", @@ -78,7 +78,7 @@ It also allows us to move some services out of a sharded deployment. We could e. We could also omit the `http://webfinger.opencloud/rel/server-instance` relation and go straight for a graph service with e.g. `rel=http://libregraph.org/rel/graph`: ```json { - "subject": "acct:einstein@drive.opencloud.test", + "subject": "acct:alan@drive.opencloud.test", "links": [ { "rel": "http://openid.net/specs/connect/1.0/issuer", @@ -106,12 +106,12 @@ In theory the graph endpoint would allow discovering drives on any domain. But t We could also embed subject metadata, however since apps like OpenCloud web also need the groups a user is member of a dedicated call to the libregraph api is probably better. In any case, we could return properties for the subject: ```json { - "subject": "acct:einstein@drive.opencloud.test", + "subject": "acct:alan@drive.opencloud.test", "properties": { - "http://libregraph.org/prop/user/id": "4c510ada-c86b-4815-8820-42cdf82c3d51", - "http://libregraph.org/prop/user/onPremisesSamAccountName": "einstein", - "http://libregraph.org/prop/user/mail": "einstein@example.org", - "http://libregraph.org/prop/user/displayName": "Albert Einstein", + "http://libregraph.org/prop/user/id": "b1f74ec4-dd7e-11ef-a543-03775734d0f7", + "http://libregraph.org/prop/user/onPremisesSamAccountName": "alan", + "http://libregraph.org/prop/user/mail": "alan@example.org", + "http://libregraph.org/prop/user/displayName": "Alan Turing", }, "links": [ { diff --git a/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature b/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature index 87c5c1f156..e66900a616 100644 --- a/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature +++ b/tests/acceptance/features/apiGraphUserGroup/addUserToGroup.feature @@ -408,7 +408,7 @@ Feature: add users to group Examples: | invalid-uuidv4 | comment | | �ϰ�Ϧ-@$@^-¶Ëøœ-ɧɸɱʨΌϖЁϿ | UTF characters | - | 4c510ada-c86b-4815-8820-42cdf82c3d511 | adding an extra character at end of valid UUID pattern | + | b1f74ec4-dd7e-11ef-a543-03775734d0f71 | adding an extra character at end of valid UUID pattern | | 4c510adac8-6b-4815-882042cdf-82c3d51 | invalid UUID pattern | @@ -423,7 +423,7 @@ Feature: add users to group Examples: | invalid-uuidv4 | comment | | �ϰ�Ϧ-@$@^-¶Ëøœ-ɧɸɱʨΌϖЁϿ | UTF characters | - | 4c510ada-c86b-4815-8820-42cdf82c3d511 | adding an extra character at end of valid UUID pattern | + | b1f74ec4-dd7e-11ef-a543-03775734d0f71 | adding an extra character at end of valid UUID pattern | | 4c510adac8-6b-4815-882042cdf-82c3d51 | invalid UUID pattern | @issue-5855 diff --git a/tests/acceptance/features/apiSearchContent/contentSearch.feature b/tests/acceptance/features/apiSearchContent/contentSearch.feature index bb6360f8b7..70e34352b1 100644 --- a/tests/acceptance/features/apiSearchContent/contentSearch.feature +++ b/tests/acceptance/features/apiSearchContent/contentSearch.feature @@ -31,7 +31,7 @@ Feature: content search Given using DAV path And user "Alice" has uploaded file with content "Using k6, you can test the reliability and performance of your systems" to "wordWithNumber.md" And user "Alice" has uploaded file with content "see our web site https://opencloud.eu/en/contact-us" to "findByWebSite.txt" - And user "Alice" has uploaded file with content "einstein@example.org want to say hello" to "findByEmail.docs" + And user "Alice" has uploaded file with content "alan@example.org want to say hello" to "findByEmail.docs" When user "Alice" searches for "Content:k6" using the WebDAV API Then the HTTP status code should be "207" And the search result of user "Alice" should contain only these files: @@ -40,7 +40,7 @@ Feature: content search Then the HTTP status code should be "207" And the search result of user "Alice" should contain only these files: | findByWebSite.txt | - When user "Alice" searches for "Content:einstein@" using the WebDAV API + When user "Alice" searches for "Content:alan@" using the WebDAV API Then the HTTP status code should be "207" And the search result of user "Alice" should contain only these files: | findByEmail.docs | diff --git a/tests/config/drone/setup-for-litmus.sh b/tests/config/drone/setup-for-litmus.sh index 92e0831bc7..90e759762f 100644 --- a/tests/config/drone/setup-for-litmus.sh +++ b/tests/config/drone/setup-for-litmus.sh @@ -9,9 +9,9 @@ SPACE_ID=$(curl -ks -uadmin:admin "${TEST_SERVER_URL}/graph/v1.0/me/drives" | jq ENV+=${SPACE_ID} # create a folder -curl -ks -ueinstein:relativity -X MKCOL "${TEST_SERVER_URL}/remote.php/webdav/new_folder" +curl -ks -ualan:demo -X MKCOL "${TEST_SERVER_URL}/remote.php/webdav/new_folder" -SHARE_ID=$(curl -ks -ueinstein:relativity "${TEST_SERVER_URL}/${SHARE_ENDPOINT}" -d "path=/new_folder&shareType=0&permissions=15&name=new_folder&shareWith=admin" | grep -oP "(?<=).*(?=)") +SHARE_ID=$(curl -ks -ualan:demo "${TEST_SERVER_URL}/${SHARE_ENDPOINT}" -d "path=/new_folder&shareType=0&permissions=15&name=new_folder&shareWith=admin" | grep -oP "(?<=).*(?=)") # accept share if [ ! -z "${SHARE_ID}" ]; then @@ -19,7 +19,7 @@ then fi # create public share -PUBLIC_TOKEN=$(curl -ks -ueinstein:relativity "${TEST_SERVER_URL}/${SHARE_ENDPOINT}" -d "path=/new_folder&shareType=3&permissions=15&name=new_folder" | grep -oP "(?<=).*(?=)") +PUBLIC_TOKEN=$(curl -ks -ualan:demo "${TEST_SERVER_URL}/${SHARE_ENDPOINT}" -d "path=/new_folder&shareType=3&permissions=15&name=new_folder" | grep -oP "(?<=).*(?=)") ENV+="\nPUBLIC_TOKEN=" ENV+=${PUBLIC_TOKEN}