From 805bd4305e79ff517addecb6861c6290e36ade9a Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Tue, 7 Oct 2025 14:19:22 +0200 Subject: [PATCH] bump reva to lastest main for https://github.com/opencloud-eu/reva/pull/372 --- go.mod | 6 +- go.sum | 8 +-- .../go-playground/validator/v10/README.md | 7 ++- .../go-playground/validator/v10/baked_in.go | 39 ++++++++++++ .../go-playground/validator/v10/doc.go | 13 ++++ .../go-playground/validator/v10/regexes.go | 2 + .../validator/v10/validator_instance.go | 60 ++++++++++++++++++- .../storageprovider/storageprovider.go | 14 +++++ .../reva/v2/pkg/group/manager/ldap/ldap.go | 4 +- .../v2/pkg/storage/pkg/decomposedfs/grants.go | 15 +++++ .../metadata/prefixes/prefixes.go | 1 + .../v2/pkg/storage/pkg/decomposedfs/spaces.go | 9 ++- .../reva/v2/pkg/user/manager/ldap/ldap.go | 4 +- .../reva/v2/pkg/utils/ldap/identity.go | 21 ++++--- vendor/modules.txt | 7 ++- 15 files changed, 182 insertions(+), 28 deletions(-) diff --git a/go.mod b/go.mod index 02f5a75f29..ab0239e38f 100644 --- a/go.mod +++ b/go.mod @@ -33,7 +33,8 @@ require ( github.com/go-micro/plugins/v4/store/nats-js-kv v0.0.0-20240726082623-6831adfdcdc4 github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.2.0 github.com/go-micro/plugins/v4/wrapper/trace/opentelemetry v1.2.0 - github.com/go-playground/validator/v10 v10.27.0 + github.com/go-playground/validator/v10 v10.28.0 + github.com/go-resty/resty/v2 v2.7.0 github.com/gofrs/uuid v4.4.0+incompatible github.com/golang-jwt/jwt/v5 v5.3.0 github.com/golang/protobuf v1.5.4 @@ -217,7 +218,6 @@ require ( github.com/go-playground/locales v0.14.1 // indirect github.com/go-playground/universal-translator v0.18.1 // indirect github.com/go-redis/redis/v8 v8.11.5 // indirect - github.com/go-resty/resty/v2 v2.7.0 // indirect github.com/go-sql-driver/mysql v1.9.3 // indirect github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect @@ -398,3 +398,5 @@ replace go-micro.dev/v4 => github.com/butonic/go-micro/v4 v4.11.1-0.202411151126 exclude github.com/mattn/go-sqlite3 v2.0.3+incompatible replace github.com/go-micro/plugins/v4/store/nats-js-kv => github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a + +replace github.com/opencloud-eu/reva/v2 => github.com/rhafer/reva/v2 v2.0.0-20251009103825-4190eaf0d908 diff --git a/go.sum b/go.sum index c4d1f20e95..ed235e90c6 100644 --- a/go.sum +++ b/go.sum @@ -447,8 +447,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.27.0 h1:w8+XrWVMhGkxOaaowyKH35gFydVHOvC0/uWoy2Fzwn4= -github.com/go-playground/validator/v10 v10.27.0/go.mod h1:I5QpIEbmr8On7W0TktmJAumgzX4CA1XNl4ZmDuVHKKo= +github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688= +github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU= github.com/go-redis/redis/v8 v8.11.5 h1:AcZZR7igkdvfVmQTPnu9WE37LRrO/YrBH5zWyjDC0oI= github.com/go-redis/redis/v8 v8.11.5/go.mod h1:gREzHqY1hg6oD9ngVRbLStwAWKhA0FEgq8Jd4h5lpwo= github.com/go-resty/resty/v2 v2.1.1-0.20191201195748-d7b97669fe48/go.mod h1:dZGr0i9PLlaaTD4H/hoZIDjQ+r6xq8mgbRzHZf7f2J8= @@ -946,8 +946,6 @@ github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89 h1:W1ms+l github.com/opencloud-eu/icap-client v0.0.0-20250930132611-28a2afe62d89/go.mod h1:vigJkNss1N2QEceCuNw/ullDehncuJNFB6mEnzfq9UI= github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 h1:vD/EdfDUrv4omSFjrinT8Mvf+8D7f9g4vgQ2oiDrVUI= github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76/go.mod h1:pzatilMEHZFT3qV7C/X3MqOa3NlRQuYhlRhZTL+hN6Q= -github.com/opencloud-eu/reva/v2 v2.38.1-0.20251002093930-dcce351c08d6 h1:b/agGaz/lQtZ8rikiqf4onpdpdllcUez/NO2pDWhEuU= -github.com/opencloud-eu/reva/v2 v2.38.1-0.20251002093930-dcce351c08d6/go.mod h1:kv+7Jfn0uqAg4Wy5rX4XuT5aX7DKvbtGp9hVcsES2+M= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040= @@ -1059,6 +1057,8 @@ github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKc github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9 h1:bsUq1dX0N8AOIL7EB/X911+m4EHsnWEHeJ0c+3TTBrg= github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= +github.com/rhafer/reva/v2 v2.0.0-20251009103825-4190eaf0d908 h1:ZBjWKCN3HQ7g9w0KrRLVs16FopcVOfs9fRelWqLpEKk= +github.com/rhafer/reva/v2 v2.0.0-20251009103825-4190eaf0d908/go.mod h1:rWCkqbdtVGVcZLZ2uw2kLGGjGnK8NTXfy9y0+rMyL8M= github.com/riandyrn/otelchi v0.12.2 h1:6QhGv0LVw/dwjtPd12mnNrl0oEQF4ZAlmHcnlTYbeAg= github.com/riandyrn/otelchi v0.12.2/go.mod h1:weZZeUJURvtCcbWsdb7Y6F8KFZGedJlSrgUjq9VirV8= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= diff --git a/vendor/github.com/go-playground/validator/v10/README.md b/vendor/github.com/go-playground/validator/v10/README.md index 28f7e159df..cb5d419459 100644 --- a/vendor/github.com/go-playground/validator/v10/README.md +++ b/vendor/github.com/go-playground/validator/v10/README.md @@ -106,8 +106,9 @@ validate := validator.New(validator.WithRequiredStructEnabled()) | datauri | Data URL | | fqdn | Full Qualified Domain Name (FQDN) | | hostname | Hostname RFC 952 | -| hostname_port | HostPort | | hostname_rfc1123 | Hostname RFC 1123 | +| hostname_port | HostPort | +| port | Port number | | ip | Internet Protocol Address IP | | ip4_addr | Internet Protocol Address IPv4 | | ip6_addr | Internet Protocol Address IPv6 | @@ -124,7 +125,8 @@ validate := validator.New(validator.WithRequiredStructEnabled()) | unix_addr | Unix domain socket end point Address | | uri | URI String | | url | URL String | -| http_url | HTTP URL String | +| http_url | HTTP(s) URL String | +| https_url | HTTPS-only URL String | | url_encoded | URL Encoded | | urn_rfc2141 | Urn RFC 2141 String | @@ -133,6 +135,7 @@ validate := validator.New(validator.WithRequiredStructEnabled()) | Tag | Description | | - | - | | alpha | Alpha Only | +| alphaspace | Alpha Space | | alphanum | Alphanumeric | | alphanumunicode | Alphanumeric Unicode | | alphaunicode | Alpha Unicode | diff --git a/vendor/github.com/go-playground/validator/v10/baked_in.go b/vendor/github.com/go-playground/validator/v10/baked_in.go index c968ad4ad3..8fd55e77ec 100644 --- a/vendor/github.com/go-playground/validator/v10/baked_in.go +++ b/vendor/github.com/go-playground/validator/v10/baked_in.go @@ -118,6 +118,7 @@ var ( "fieldcontains": fieldContains, "fieldexcludes": fieldExcludes, "alpha": isAlpha, + "alphaspace": isAlphaSpace, "alphanum": isAlphanum, "alphaunicode": isAlphaUnicode, "alphanumunicode": isAlphanumUnicode, @@ -134,6 +135,7 @@ var ( "email": isEmail, "url": isURL, "http_url": isHttpURL, + "https_url": isHttpsURL, "uri": isURI, "urn_rfc2141": isUrnRFC2141, // RFC 2141 "file": isFile, @@ -1513,6 +1515,29 @@ func isHttpURL(fl FieldLevel) bool { panic(fmt.Sprintf("Bad field type %s", field.Type())) } +// isHttpsURL is the validation function for validating if the current field's value is a valid HTTPS-only URL. +func isHttpsURL(fl FieldLevel) bool { + if !isURL(fl) { + return false + } + + field := fl.Field() + switch field.Kind() { + case reflect.String: + + s := strings.ToLower(field.String()) + + url, err := url.Parse(s) + if err != nil || url.Host == "" { + return false + } + + return url.Scheme == "https" + } + + panic(fmt.Sprintf("Bad field type %s", field.Type())) +} + // isUrnRFC2141 is the validation function for validating if the current field's value is a valid URN as per RFC 2141. func isUrnRFC2141(fl FieldLevel) bool { field := fl.Field() @@ -1743,6 +1768,11 @@ func isAlphanumUnicode(fl FieldLevel) bool { return alphaUnicodeNumericRegex().MatchString(fl.Field().String()) } +// isAlphaSpace is the validation function for validating if the current field's value is a valid alpha value with spaces. +func isAlphaSpace(fl FieldLevel) bool { + return alphaSpaceRegex().MatchString(fl.Field().String()) +} + // isAlphaUnicode is the validation function for validating if the current field's value is a valid alpha unicode value. func isAlphaUnicode(fl FieldLevel) bool { return alphaUnicodeRegex().MatchString(fl.Field().String()) @@ -1872,6 +1902,15 @@ func requiredIf(fl FieldLevel) bool { if len(params)%2 != 0 { panic(fmt.Sprintf("Bad param number for required_if %s", fl.FieldName())) } + + seen := make(map[string]struct{}) + for i := 0; i < len(params); i += 2 { + if _, ok := seen[params[i]]; ok { + panic(fmt.Sprintf("Duplicate param %s for required_if %s", params[i], fl.FieldName())) + } + seen[params[i]] = struct{}{} + } + for i := 0; i < len(params); i += 2 { if !requireCheckFieldValue(fl, params[i], params[i+1], false) { return true diff --git a/vendor/github.com/go-playground/validator/v10/doc.go b/vendor/github.com/go-playground/validator/v10/doc.go index 23cce99164..52918e4093 100644 --- a/vendor/github.com/go-playground/validator/v10/doc.go +++ b/vendor/github.com/go-playground/validator/v10/doc.go @@ -264,6 +264,7 @@ The field under validation must be present and not empty only if all the other specified fields are equal to the value following the specified field. For strings ensures value is not "". For slices, maps, pointers, interfaces, channels and functions ensures the value is not nil. For structs ensures value is not the zero value. +Using the same field name multiple times in the parameters will result in a panic at runtime. Usage: required_if @@ -776,6 +777,12 @@ This validates that a string value contains ASCII alpha characters only Usage: alpha +# Alpha Space + +This validates that a string value contains ASCII alpha characters and spaces only + + Usage: alphaspace + # Alphanumeric This validates that a string value contains ASCII alphanumeric characters only @@ -1330,6 +1337,12 @@ can be used to validate fields typically passed to sockets and connections. Usage: hostname_port +# Port + +This validates that the value falls within the valid port number range of 1 to 65,535. + + Usage: port + # Datetime This validates that a string value is a valid datetime based on the supplied datetime format. diff --git a/vendor/github.com/go-playground/validator/v10/regexes.go b/vendor/github.com/go-playground/validator/v10/regexes.go index 93909b2e50..0b3615f5e4 100644 --- a/vendor/github.com/go-playground/validator/v10/regexes.go +++ b/vendor/github.com/go-playground/validator/v10/regexes.go @@ -7,6 +7,7 @@ import ( const ( alphaRegexString = "^[a-zA-Z]+$" + alphaSpaceRegexString = "^[a-zA-Z ]+$" alphaNumericRegexString = "^[a-zA-Z0-9]+$" alphaUnicodeRegexString = "^[\\p{L}]+$" alphaUnicodeNumericRegexString = "^[\\p{L}\\p{N}]+$" @@ -93,6 +94,7 @@ func lazyRegexCompile(str string) func() *regexp.Regexp { var ( alphaRegex = lazyRegexCompile(alphaRegexString) + alphaSpaceRegex = lazyRegexCompile(alphaSpaceRegexString) alphaNumericRegex = lazyRegexCompile(alphaNumericRegexString) alphaUnicodeRegex = lazyRegexCompile(alphaUnicodeRegexString) alphaUnicodeNumericRegex = lazyRegexCompile(alphaUnicodeNumericRegexString) diff --git a/vendor/github.com/go-playground/validator/v10/validator_instance.go b/vendor/github.com/go-playground/validator/v10/validator_instance.go index 9362cd731a..5ba64e5ba5 100644 --- a/vendor/github.com/go-playground/validator/v10/validator_instance.go +++ b/vendor/github.com/go-playground/validator/v10/validator_instance.go @@ -181,7 +181,7 @@ func (v Validate) ValidateMapCtx(ctx context.Context, data map[string]interface{ errs[field] = errors.New("The field: '" + field + "' is not a map to dive") } } else if ruleStr, ok := rule.(string); ok { - err := v.VarCtx(ctx, data[field], ruleStr) + err := v.VarWithKeyCtx(ctx, field, data[field], ruleStr) if err != nil { errs[field] = err } @@ -681,6 +681,64 @@ func (v *Validate) VarWithValueCtx(ctx context.Context, field interface{}, other return } +// VarWithKey validates a single variable with a key to be included in the returned error using tag style validation +// eg. +// var s string +// validate.VarWithKey("email_address", s, "required,email") +// +// WARNING: a struct can be passed for validation eg. time.Time is a struct or +// if you have a custom type and have registered a custom type handler, so must +// allow it; however unforeseen validations will occur if trying to validate a +// struct that is meant to be passed to 'validate.Struct' +// +// It returns InvalidValidationError for bad values passed in and nil or ValidationErrors as error otherwise. +// You will need to assert the error if it's not nil eg. err.(validator.ValidationErrors) to access the array of errors. +// validate Array, Slice and maps fields which may contain more than one error +func (v *Validate) VarWithKey(key string, field interface{}, tag string) error { + return v.VarWithKeyCtx(context.Background(), key, field, tag) +} + +// VarWithKeyCtx validates a single variable with a key to be included in the returned error using tag style validation +// and allows passing of contextual validation information via context.Context. +// eg. +// var s string +// validate.VarWithKeyCtx("email_address", s, "required,email") +// +// WARNING: a struct can be passed for validation eg. time.Time is a struct or +// if you have a custom type and have registered a custom type handler, so must +// allow it; however unforeseen validations will occur if trying to validate a +// struct that is meant to be passed to 'validate.Struct' +// +// It returns InvalidValidationError for bad values passed in and nil or ValidationErrors as error otherwise. +// You will need to assert the error if it's not nil eg. err.(validator.ValidationErrors) to access the array of errors. +// validate Array, Slice and maps fields which may contain more than one error +func (v *Validate) VarWithKeyCtx(ctx context.Context, key string, field interface{}, tag string) (err error) { + if len(tag) == 0 || tag == skipValidationTag { + return nil + } + + ctag := v.fetchCacheTag(tag) + + cField := &cField{ + name: key, + altName: key, + namesEqual: true, + } + + val := reflect.ValueOf(field) + vd := v.pool.Get().(*validate) + vd.top = val + vd.isPartial = false + vd.traverseField(ctx, val, val, vd.ns[0:0], vd.actualNs[0:0], cField, ctag) + + if len(vd.errs) > 0 { + err = vd.errs + vd.errs = nil + } + v.pool.Put(vd) + return +} + func (v *Validate) registerValidation(tag string, fn FuncCtx, bakedIn bool, nilCheckable bool) error { if len(tag) == 0 { return errors.New("function Key cannot be empty") diff --git a/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/storageprovider/storageprovider.go b/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/storageprovider/storageprovider.go index 5798613e0a..7ce04fd678 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/storageprovider/storageprovider.go +++ b/vendor/github.com/opencloud-eu/reva/v2/internal/grpc/services/storageprovider/storageprovider.go @@ -1115,6 +1115,13 @@ func (s *Service) AddGrant(ctx context.Context, req *provider.AddGrantRequest) ( ctx = WithSpaceType(ctx, utils.ReadPlainFromOpaque(req.Opaque, "spacetype")) } + // error out if no permissions are set + if req.GetGrant().GetPermissions() == nil { + return &provider.AddGrantResponse{ + Status: status.NewInvalid(ctx, "permissions are invalid"), + }, nil + } + // check grantee type is valid if req.Grant.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_INVALID { return &provider.AddGrantResponse{ @@ -1122,6 +1129,13 @@ func (s *Service) AddGrant(ctx context.Context, req *provider.AddGrantRequest) ( }, nil } + // check if grantee has an id + if req.GetGrant().GetGrantee().GetId() == nil { + return &provider.AddGrantResponse{ + Status: status.NewInvalid(ctx, "grantee id is invalid"), + }, nil + } + err := s.Storage.AddGrant(ctx, req.Ref, req.Grant) return &provider.AddGrantResponse{ diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go index f4b32f069a..e4e025866c 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/group/manager/ldap/ldap.go @@ -35,7 +35,6 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/sharedconf" "github.com/opencloud-eu/reva/v2/pkg/utils" ldapIdentity "github.com/opencloud-eu/reva/v2/pkg/utils/ldap" - "github.com/pkg/errors" "go.opentelemetry.io/otel/attribute" ) @@ -63,8 +62,7 @@ func parseConfig(m map[string]interface{}) (*config, error) { LDAPIdentity: ldapIdentity.New(), } if err := mapstructure.Decode(m, &c); err != nil { - err = errors.Wrap(err, "error decoding conf") - return nil, err + return nil, fmt.Errorf("error decoding conf: %w", err) } return &c, nil diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/grants.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/grants.go index dfcb1b921f..2adb45f4cc 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/grants.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/grants.go @@ -28,6 +28,7 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/appctx" ctxpkg "github.com/opencloud-eu/reva/v2/pkg/ctx" "github.com/opencloud-eu/reva/v2/pkg/errtypes" + "github.com/opencloud-eu/reva/v2/pkg/sharedconf" "github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata" "github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata/prefixes" "github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/node" @@ -118,6 +119,20 @@ func (fs *Decomposedfs) AddGrant(ctx context.Context, ref *provider.Reference, g } } + if sharedconf.MultiTenantEnabled() { + spaceTenant, err := grantNode.SpaceRoot.XattrString(ctx, prefixes.SpaceTenantIDAttr) + if err != nil { + log.Error().Err(err).Msg("failed to read tenant id of space") + return errtypes.InternalError("error validating tenantID") + } + if g.Grantee.Type == provider.GranteeType_GRANTEE_TYPE_USER { + if g.Grantee.GetUserId().GetTenantId() != spaceTenant { + log.Error().Str("spaceTenant", spaceTenant).Str("granteeTenant", g.Grantee.GetUserId().GetTenantId()).Msg("cannot add grant for user from different tenant") + return errtypes.PermissionDenied("cannot add grant for user from different tenant") + } + } + } + return fs.storeGrant(ctx, grantNode, g) } diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata/prefixes/prefixes.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata/prefixes/prefixes.go index a0f39e955b..a830ba7d1c 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata/prefixes/prefixes.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/metadata/prefixes/prefixes.go @@ -97,6 +97,7 @@ const ( SpaceReadmeAttr string = OcPrefix + "space.readme" SpaceImageAttr string = OcPrefix + "space.image" SpaceAliasAttr string = OcPrefix + "space.alias" + SpaceTenantIDAttr string = OcPrefix + "space.tenantid" UserAcePrefix string = "u:" GroupAcePrefix string = "g:" diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/spaces.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/spaces.go index 4dfd7136ec..c0c7f817a9 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/spaces.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/storage/pkg/decomposedfs/spaces.go @@ -147,7 +147,11 @@ func (fs *Decomposedfs) CreateStorageSpace(ctx context.Context, req *provider.Cr if req.GetOwner() != nil && req.GetOwner().GetId() != nil { root.SetOwner(req.GetOwner().GetId()) } else { - root.SetOwner(&userv1beta1.UserId{OpaqueId: spaceID, Type: userv1beta1.UserType_USER_TYPE_SPACE_OWNER}) + root.SetOwner(&userv1beta1.UserId{ + OpaqueId: spaceID, + TenantId: u.GetId().GetTenantId(), + Type: userv1beta1.UserType_USER_TYPE_SPACE_OWNER, + }) } metadata := node.Attributes{} @@ -157,6 +161,9 @@ func (fs *Decomposedfs) CreateStorageSpace(ctx context.Context, req *provider.Cr metadata.SetString(prefixes.OwnerIDPAttr, root.Owner().GetIdp()) metadata.SetString(prefixes.OwnerTypeAttr, utils.UserTypeToString(root.Owner().GetType())) + if root.Owner().GetTenantId() != "" { + metadata.SetString(prefixes.SpaceTenantIDAttr, root.Owner().GetTenantId()) + } // always mark the space root node as the end of propagation metadata.SetString(prefixes.PropagationAttr, "1") metadata.SetString(prefixes.NameAttr, req.Name) diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go index fe978dab16..a0ad3a617f 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/user/manager/ldap/ldap.go @@ -33,7 +33,6 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/user/manager/registry" "github.com/opencloud-eu/reva/v2/pkg/utils" ldapIdentity "github.com/opencloud-eu/reva/v2/pkg/utils/ldap" - "github.com/pkg/errors" "go.opentelemetry.io/otel/attribute" ) @@ -61,8 +60,7 @@ func parseConfig(m map[string]interface{}) (*config, error) { LDAPIdentity: ldapIdentity.New(), } if err := mapstructure.Decode(m, &c); err != nil { - err = errors.Wrap(err, "error decoding conf") - return nil, err + return nil, fmt.Errorf("error decoding conf: %w", err) } return &c, nil diff --git a/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go b/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go index e0cf46d91a..b6e9572894 100644 --- a/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go +++ b/vendor/github.com/opencloud-eu/reva/v2/pkg/utils/ldap/identity.go @@ -20,6 +20,7 @@ package ldap import ( "context" + "errors" "fmt" "strings" @@ -29,7 +30,6 @@ import ( "github.com/opencloud-eu/reva/v2/pkg/appctx" "github.com/opencloud-eu/reva/v2/pkg/errtypes" "github.com/opencloud-eu/reva/v2/pkg/sharedconf" - "github.com/pkg/errors" "github.com/rs/zerolog/log" "go.opentelemetry.io/otel/attribute" "go.opentelemetry.io/otel/codes" @@ -385,6 +385,13 @@ func (i *Identity) GetLDAPUserGroups(ctx context.Context, lc ldap.Client, userEn sr, err := lc.Search(searchRequest) if err != nil { log.Debug().Str("backend", "ldap").Err(err).Str("filter", filter).Msg("Error looking up group memberships") + var lerr *ldap.Error + if errors.As(err, &lerr) && lerr.ResultCode == ldap.LDAPResultNoSuchObject { + // Don't error out if the search base doesn't exist. We are probably just + // not having any groups in LDAP + return []string{}, nil + } + span.SetAttributes(attribute.String("ldap.error", err.Error())) span.SetStatus(codes.Error, "") return []string{}, err @@ -547,8 +554,7 @@ func (i *Identity) getUserFilter(uid *identityUser.UserId) (string, error) { if i.User.Schema.IDIsOctetString { id, err := uuid.Parse(uid.GetOpaqueId()) if err != nil { - err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", uid)) - return "", err + return "", fmt.Errorf("error parsing OpaqueID '%s' as UUID: %w", uid, err) } escapedUUID = filterEscapeBinaryUUID(id) } else { @@ -583,8 +589,7 @@ func (i *Identity) getUserAttributeFilter(attribute, value, tenantID string) (st if attribute == i.User.Schema.ID && i.User.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { - err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) - return "", err + return "", fmt.Errorf("error parsing OpaqueID '%s' as UUID: %w", value, err) } value = filterEscapeBinaryUUID(id) } else { @@ -718,8 +723,7 @@ func (i *Identity) getGroupFilter(id string) (string, error) { if i.Group.Schema.IDIsOctetString { id, err := uuid.Parse(id) if err != nil { - err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", id)) - return "", err + return "", fmt.Errorf("error parsing OpaqueID '%s' as UUID: %w", id, err) } escapedUUID = filterEscapeBinaryUUID(id) } else { @@ -752,8 +756,7 @@ func (i *Identity) getGroupAttributeFilter(attribute, value string) (string, err if attribute == i.Group.Schema.ID && i.Group.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { - err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) - return "", err + return "", fmt.Errorf("error parsing OpaqueID '%s' as UUID: %w", value, err) } value = filterEscapeBinaryUUID(id) } else { diff --git a/vendor/modules.txt b/vendor/modules.txt index a8f53ffe92..fccb1bf3a2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -613,8 +613,8 @@ github.com/go-playground/locales/en # github.com/go-playground/universal-translator v0.18.1 ## explicit; go 1.18 github.com/go-playground/universal-translator -# github.com/go-playground/validator/v10 v10.27.0 -## explicit; go 1.20 +# github.com/go-playground/validator/v10 v10.28.0 +## explicit; go 1.24.0 github.com/go-playground/validator/v10 github.com/go-playground/validator/v10/translations/en # github.com/go-redis/redis/v8 v8.11.5 @@ -1329,7 +1329,7 @@ github.com/opencloud-eu/icap-client # github.com/opencloud-eu/libre-graph-api-go v1.0.8-0.20250724122329-41ba6b191e76 ## explicit; go 1.18 github.com/opencloud-eu/libre-graph-api-go -# github.com/opencloud-eu/reva/v2 v2.38.1-0.20251002093930-dcce351c08d6 +# github.com/opencloud-eu/reva/v2 v2.38.1-0.20251002093930-dcce351c08d6 => github.com/rhafer/reva/v2 v2.0.0-20251009103825-4190eaf0d908 ## explicit; go 1.24.1 github.com/opencloud-eu/reva/v2/cmd/revad/internal/grace github.com/opencloud-eu/reva/v2/cmd/revad/runtime @@ -2662,3 +2662,4 @@ stash.kopano.io/kgol/rndm # github.com/unrolled/secure => github.com/DeepDiver1975/secure v0.0.0-20240611112133-abc838fb797c # go-micro.dev/v4 => github.com/butonic/go-micro/v4 v4.11.1-0.20241115112658-b5d4de5ed9b3 # github.com/go-micro/plugins/v4/store/nats-js-kv => github.com/opencloud-eu/go-micro-plugins/v4/store/nats-js-kv v0.0.0-20250512152754-23325793059a +# github.com/opencloud-eu/reva/v2 => github.com/rhafer/reva/v2 v2.0.0-20251009103825-4190eaf0d908