mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-05-06 23:23:18 -04:00
Code Issues Packages Projects Releases Wiki Activity

generate metadata user id

Browse Source 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
This commit is contained in:
Jörn Friedrich Dreyer
2022-05-02 12:36:30 +00:00
parent df8fd7626d
commit f88c000bac
12 changed files with 55 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
extensions/settings/pkg/config/defaults/defaultconfig.go
View File

@@ -52,7 +52,6 @@ func DefaultConfig() *config.Config {
Metadata: config.Metadata{
GatewayAddress: "127.0.0.1:9215", // metadata storage
StorageAddress: "127.0.0.1:9215",
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "internal",
},
}
@@ -93,6 +92,10 @@ func EnsureDefaults(cfg *config.Config) {
if cfg.Metadata.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" {
cfg.Metadata.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
}
if cfg.Metadata.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" {
cfg.Metadata.ServiceUserID = cfg.Commons.MetadataUserID
}
}
func Sanitize(cfg *config.Config) {

10
extensions/sharing/pkg/config/defaults/defaultconfig.go
View File

@@ -49,7 +49,6 @@ func DefaultConfig() *config.Config {
},
CS3: config.UserSharingCS3Driver{
ProviderAddr: "127.0.0.1:9215", // metadata storage
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "internal",
},
},
@@ -70,7 +69,6 @@ func DefaultConfig() *config.Config {
},
CS3: config.PublicSharingCS3Driver{
ProviderAddr: "127.0.0.1:9215", // metadata storage
ServiceUserID: "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad",
ServiceUserIDP: "internal",
},
},
@@ -125,9 +123,17 @@ func EnsureDefaults(cfg *config.Config) {
cfg.UserSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
}
if cfg.UserSharingDrivers.CS3.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" {
cfg.UserSharingDrivers.CS3.ServiceUserID = cfg.Commons.MetadataUserID
}
if cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" {
cfg.PublicSharingDrivers.CS3.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
}
if cfg.PublicSharingDrivers.CS3.ServiceUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" {
cfg.PublicSharingDrivers.CS3.ServiceUserID = cfg.Commons.MetadataUserID
}
}
func Sanitize(cfg *config.Config) {

8
extensions/sharing/pkg/config/parser/parse.go
View File

@@ -42,9 +42,17 @@ func Validate(cfg *config.Config) error {
return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
}
if cfg.PublicSharingDriver == "cs3" && cfg.PublicSharingDrivers.CS3.ServiceUserID == "" {
return shared.MissingMetadataUserID(cfg.Service.Name)
}
if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.MachineAuthAPIKey == "" {
return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
}
if cfg.UserSharingDriver == "cs3" && cfg.UserSharingDrivers.CS3.ServiceUserID == "" {
return shared.MissingMetadataUserID(cfg.Service.Name)
}
return nil
}

2
extensions/storage-metadata/pkg/command/command.go
View File

@@ -160,7 +160,7 @@ func storageMetadataFromStruct(c *cli.Context, cfg *config.Config) map[string]in
"users": map[string]interface{}{
"serviceuser": map[string]interface{}{
"id": map[string]interface{}{
"opaqueId": "95cb8724-03b2-11eb-a0a6-c33ef8ef53ad", // FIXME generate service user id
"opaqueId": cfg.MetadataUserID,
"idp": "internal",
"type": userpb.UserType_USER_TYPE_PRIMARY,
},

3
extensions/storage-metadata/pkg/config/config.go
View File

@@ -21,7 +21,8 @@ type Config struct {
TokenManager *TokenManager `yaml:"token_manager"`
Reva *Reva `yaml:"reva"`
MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;STORAGE_METADATA_MACHINE_AUTH_API_KEY"`
MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"STORAGE_METADATA_MACHINE_AUTH_API_KEY"`
MetadataUserID string `yaml:"metadata_user_id"`
SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token"`
Driver string `yaml:"driver" env:"STORAGE_METADATA_DRIVER" desc:"The driver which should be used by the service"`

5
extensions/storage-metadata/pkg/config/defaults/defaultconfig.go
View File

@@ -125,6 +125,11 @@ func EnsureDefaults(cfg *config.Config) {
if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" {
cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
}
if cfg.MetadataUserID == "" && cfg.Commons != nil && cfg.Commons.MetadataUserID != "" {
cfg.MetadataUserID = cfg.Commons.MetadataUserID
}
}
func Sanitize(cfg *config.Config) {

4
extensions/storage-metadata/pkg/config/parser/parse.go
View File

@@ -41,5 +41,9 @@ func Validate(cfg *config.Config) error {
if cfg.MachineAuthAPIKey == "" {
return shared.MissingMachineAuthApiKeyError(cfg.Service.Name)
}
if cfg.MetadataUserID == "" {
return shared.MissingMetadataUserID(cfg.Service.Name)
}
return nil
}

1
ocis-pkg/config/config.go
View File

@@ -67,6 +67,7 @@ type Config struct {
TokenManager *shared.TokenManager `yaml:"token_manager"`
MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"`
TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"`
MetadataUserID string `yaml:"metadata_user_id"`
Runtime Runtime `yaml:"runtime"`
Audit *audit.Config `yaml:"audit"`

8
ocis-pkg/config/parser/parse.go
View File

@@ -94,6 +94,10 @@ func EnsureCommons(cfg *config.Config) {
cfg.Commons.TransferSecret = cfg.TransferSecret
}
// copy metadata user id to the commons part if set
if cfg.MetadataUserID != "" {
cfg.Commons.MetadataUserID = cfg.MetadataUserID
}
}
func Validate(cfg *config.Config) error {
@@ -109,5 +113,9 @@ func Validate(cfg *config.Config) error {
return shared.MissingMachineAuthApiKeyError("ocis")
}
if cfg.MetadataUserID == "" {
return shared.MissingMetadataUserID("ocis")
}
return nil
}

8
ocis-pkg/shared/errors.go
View File

@@ -45,3 +45,11 @@ func MissingServiceUserPassword(service, serviceUser string) error {
"the config/corresponding environment variable).",
serviceUser, service, defaults.BaseConfigPath())
}
func MissingMetadataUserID(service string) error {
return fmt.Errorf("The metadata user ID has not been configured for %s. "+
"Make sure your %s config contains the proper values "+
"(e.g. by running ocis init or setting it manually in "+
"the config/corresponding environment variable).",
service, defaults.BaseConfigPath())
}

1
ocis-pkg/shared/shared_types.go
View File

@@ -44,4 +44,5 @@ type Commons struct {
Reva *Reva `yaml:"reva"`
MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"`
TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"`
MetadataUserID string `yaml:"metadata_user_id" env:"METADATA_USER_ID"`
}

5
ocis/pkg/init/init.go
View File

@@ -9,6 +9,7 @@ import (
"path"
"time"
"github.com/gofrs/uuid"
"github.com/owncloud/ocis/ocis-pkg/generators"
"gopkg.in/yaml.v2"
)
@@ -99,6 +100,7 @@ type OcisConfig struct {
TokenManager TokenManager `yaml:"token_manager"`
MachineAuthApiKey string `yaml:"machine_auth_api_key"`
TransferSecret string `yaml:"transfer_secret"`
MetadataUserID string `yaml:"metadata_user_id"`
Graph GraphExtension
Idp LdapBasedExtension
Idm IdmExtension
@@ -160,6 +162,8 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin
return err
}
metadataUserID := uuid.Must(uuid.NewV4()).String()
idmServicePassword, err := generators.GenerateRandomPassword(passwordLength)
if err != nil {
return fmt.Errorf("could not generate random password for idm: %s", err)
@@ -199,6 +203,7 @@ func CreateConfig(insecure, forceOverwrite bool, configPath, adminPassword strin
},
MachineAuthApiKey: machineAuthApiKey,
TransferSecret: revaTransferSecret,
MetadataUserID: metadataUserID,
Idm: IdmExtension{
ServiceUserPasswords: ServiceUserPasswordsSettings{
AdminPassword: ocisAdminServicePassword,