Commit Graph

1033 Commits

Author SHA1 Message Date
Dominik Schmidt
8f51a4318a test(graph): pin chi URLParam round-trip for IDs with ! sub-delim
Codacy flagged the colon-path middleware comment claiming both `$`
and `!` need percent-encoding for chi's tree match, while the
implementation only calls r.URL.RawPath = r.URL.EscapedPath() which
does not encode either character per the suggestion's reading.

In practice EscapedPath does encode `!` as `%21` (only `?` is the
hardcoded escape, `!` is escaped because Go's net/url treats it as
needing encoding outside specific contexts). It leaves `$` literal,
which chi handles fine. chi.URLParam returns the encoded segment
verbatim, and downstream OpenCloud handlers (parseIDParam,
GetDriveAndItemIDParam) already PathUnescape before parsing IDs, so
the round-trip works end-to-end. The acceptance tests on this
branch already exercise this with real `$`/`!`-containing IDs.

Add a focused unit test that mounts the middleware behind chi,
sends a colon URL, and asserts the actual contract:
  - driveID (only `$`): chi.URLParam returns it literal
  - itemID (with `!`):  PathUnescape(chi.URLParam(...)) == original

Update the misleading comment so future readers (and reviewers) see
what the encoding actually does and which downstream contract it
relies on.
2026-07-01 17:44:31 +02:00
Dominik Schmidt
6343f7e861 refactor(graph): drop MS Graph framing from colon-path middleware logs 2026-07-01 17:44:31 +02:00
Dominik Schmidt
7498e8f848 fix(graph): map UNAUTHENTICATED to 401, validate drive/item id pair
Three more Copilot review nits on the colon-syntax middleware:

- CS3 Stat returning UNAUTHENTICATED now surfaces as HTTP 401 (was 500
  via the default-case fallback). Distinct sentinel + handler branch.
- Item-anchored form (/drives/{driveID}/items/{itemID}:/...) now
  validates that driveID's storage/space prefix matches the itemID's,
  short-circuiting to 400 InvalidRequest on mismatch instead of doing
  a CS3 Stat that would only fail at the handler layer.
- ParseID failures on the anchor id now surface as 400 (was 404). In
  practice this branch is defensive — storagespace.ParseID is lenient
  and only errors on empty input, which the regex already filters out
  — but the right semantic for malformed client input is 400, not 404.

Tests: added two new cases (UNAUTHENTICATED → 401, drive/item id
mismatch → 400). The "malformed drive id" case Copilot suggested
isn't reachable in practice given ParseID's leniency, so it's not
covered.
2026-07-01 17:44:31 +02:00
Dominik Schmidt
e49959b833 fix(graph): preserve RawPath workaround + use NopLogger in tests
Two follow-up Copilot review nits on the colon-syntax middleware:

- Don't blank r.URL.RawPath after the rewrite. Graph.ServeHTTP sets
  RawPath = EscapedPath() as a workaround for chi's parameter-binding
  quirks with `$`/`!` in IDs (see go-chi/chi#641). Clearing RawPath
  for rewritten requests negates that workaround. Re-establish the
  same invariant after the rewrite.

- Tests previously used log.NewLogger(), which mutates global zerolog
  state. Switch to log.NopLogger() — order-independent, no global
  side effects.
2026-07-01 17:44:31 +02:00
Dominik Schmidt
f31e50381f fix(graph): address Copilot review feedback on path lookup middleware
- Drop double-decoding of URL path components. r.URL.Path is already
  decoded by net/http; calling url.PathUnescape again would let crafted
  inputs like "%252F" become "/", changing path semantics. Path and
  anchor-id strings now go straight to utils.MakeRelativePath /
  storagespace.ParseID.
- Distinguish operational errors from "not found". Gateway selection
  failure, RPC transport errors, and unexpected CS3 status codes now
  surface as 500 (don't mask outages); only NOT_FOUND and PERMISSION_DENIED
  collapse to 404 (no existence disclosure). Implemented via a sentinel
  errPathNotFound + a 500 fall-through.
- Refactor the two regex-handling branches in rewriteColonPath to share a
  resolution path via a small colonMatch struct + matchInto/extract helpers.
  Removes the SonarCloud duplication finding without changing behavior.
- Update the docstring on ResolveGraphPath to reflect that the rewrite
  preserves the requested API version (/{version}/...) rather than
  hard-coding /v1beta1/...
- Test cleanup: register t.Cleanup to remove the per-subtest selector
  entry from pool's global selectors map after the subtest, and update
  the "unexpected status" case to expect 500 (matches the new error
  semantics).
2026-07-01 17:44:31 +02:00
Dominik Schmidt
0b373817a8 feat(graph): add MS Graph colon-syntax path lookup middleware
Adds a chi middleware that detects MS Graph colon-syntax URLs and rewrites
them to the canonical /items/{itemID}/... form before chi performs route
matching. Existing handlers, routes, and GetDriveAndItemIDParam stay
unchanged.

Two URL shapes are recognized at both /v1.0 and /v1beta1:

  /drives/{driveID}/root:/<path>[:/<suffix>][:]
  /drives/{driveID}/items/{itemID}:/<relativePath>[:/<suffix>][:]

Path resolution runs as the request user via CS3 Stat. Both NOT_FOUND and
PERMISSION_DENIED collapse to a 404 response so existence isn't disclosed
to unauthorized callers. URLs without colon syntax fast-path through with
a single substring check. The original URL is stashed in request context
under OriginalPathContextKey for downstream tracing/logging.

The middleware is registered as a top-level mux.Use so it runs before any
route matching: chi middleware on a sub-router runs after the prefix is
matched but cannot redirect to a different leaf route. Top-level
middleware lets URL rewriting actually re-route the request.

Tests cover regex matching across versions, all rewrite variants
(root/items anchored, with/without suffix, with/without trailing colon,
deep paths), NOT_FOUND -> 404, PERMISSION_DENIED -> 404 (security: no
existence disclosure), and original-URL preservation in request context.
2026-07-01 17:44:31 +02:00
Ralf Haferkamp
99d80f30a9 fix: Status codes for Space Disable/Delete
Allow a "permission denied error" from reva to bubble up to the client.
Reva was fixed to return "permission denied" only when the space to be
delete can actually be listed by the user. Other wise it will return
"not found". See reva commit 1bf72cb76394671f373e87f15f23f978cf41ab08.

So when a user with the 'can manage' role tries to purge an already
disabled space it will now get "Forbidden" status instead of a "Not
found".

Also fixes the expected status codes in the tests.
2026-06-22 11:06:26 +02:00
Jörn Friedrich Dreyer
81fd00043e Merge pull request #2063 from opencloud-eu/nats-tls-options
add tls support for all nats connections
2026-06-16 13:21:22 +02:00
opencloudeu
89353aa7c8 [tx] updated from transifex 2026-06-12 23:16:52 +00:00
opencloudeu
600640bb35 [tx] updated from transifex 2026-06-12 12:21:04 +00:00
opencloudeu
7db40eece4 [tx] updated from transifex 2026-06-12 12:14:52 +00:00
Florian Schade
836cb980f2 Merge pull request #2928 from opencloud-eu/add-roles
feat: add more roles
2026-06-12 11:31:22 +02:00
Michael Barz
42dfc8b04f feat: add more roles 2026-06-12 10:51:10 +02:00
Ralf Haferkamp
d163c8ed29 fix(graph): translate sharing roles consitently
GetRoleDefinition/s does now handle l10n correctly. Previsouly it just
returned the non-localized string. What made things worse was that
ListPermissions() mutated global list of available roles and replaced
some strings with translated values depending on the `accept-language`
header. Which resulted in GetRoleDefinition returning results in mixed
localization depending on who/what called ListPermissions before.

Fixes: #2800
2026-06-11 14:31:44 +02:00
Jörn Friedrich Dreyer
77fd4fca69 add tls support for all nats connections
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2026-06-10 17:04:18 +02:00
opencloudeu
b19c17c879 [tx] updated from transifex 2026-06-09 09:31:40 +00:00
Christian Richter
8593a1409a incorporate requested changes
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
2026-06-03 16:28:44 +02:00
Christian Richter
d6c6340705 use ldap instead of ldaps internally
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
2026-06-03 16:28:44 +02:00
Christian Richter
1462301116 incorporate requested changes
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
2026-05-20 14:14:00 +02:00
Christian Richter
0351adfe6b change logger level
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
2026-05-20 14:14:00 +02:00
Ralf Haferkamp
f056326c4c Merge remote-tracking branch 'origin/main' into feature/guest-links 2026-05-13 14:35:54 +02:00
Jörn Friedrich Dreyer
5d7bfc9033 delete unused constants
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2026-05-13 10:54:00 +02:00
Dominik Schmidt
a75d89d1b0 feat(graph): populate driveItem.webUrl per Libre Graph spec
The Libre Graph spec declares webUrl on driveItem but
cs3ResourceToDriveItem never set it. Build the /f/<resource-id>
permalink off the configured public base URL (same source drives.go
reads for drive.webUrl) and parse it once at service construction
so callers can use it as a plain field.
2026-05-12 15:28:10 +02:00
Ralf Haferkamp
393926bd73 Merge remote-tracking branch 'origin/main' into feature/guest-links 2026-05-11 15:39:27 +02:00
Andre Duffeck
efb73c8a79 Merge pull request #2702 from aduffeck/fix-nats-ttl
Set new defaults for caches and stores
2026-05-11 11:04:10 +02:00
opencloudeu
66bdbb7b22 [tx] updated from transifex 2026-05-08 00:04:00 +00:00
opencloudeu
6dfb0e0200 [tx] updated from transifex 2026-05-06 00:02:20 +00:00
opencloudeu
3e5f3844ad [tx] updated from transifex 2026-05-02 00:03:02 +00:00
André Duffeck
544968a4de Set new defaults for caches and stores
See https://github.com/opencloud-eu/opencloud/issues/2681 for more
details.
2026-04-30 11:00:12 +02:00
Ralf Haferkamp
173485cf44 Merge remote-tracking branch 'origin/main' into feature/guest-links 2026-04-29 10:24:57 +02:00
André Duffeck
e9e195789d Adapt to changes in reva/cs3apis 2026-04-24 14:49:11 +02:00
Ralf Haferkamp
ec8733ac52 graph: use share manager for managing space permissions
This gets us rid of quite a bit of special casing for space permission.
Also provides us with "real" permission IDs instead of those faked
"u:<userid>" ones.
2026-04-23 17:07:00 +02:00
Ralf Haferkamp
fad0cc4828 Use filter to avoid including space membership in the sharedWithMe response 2026-04-23 17:07:00 +02:00
Florian Schade
288e67cc39 chore: replace interface with any 2026-04-23 09:31:11 +02:00
Ralf Haferkamp
e2f322791a fix(graph): sort drive in "natural" order
Instead of doing a lexical sort we sort the drive/space in a more
"natural" order so that e.g. "Space 2" is sorted before "Space 10".

Related: https://github.com/opencloud-eu/web/issues/2430
2026-04-23 08:44:13 +02:00
opencloudeu
907cc6d766 [tx] updated from transifex 2026-04-23 00:04:10 +00:00
opencloudeu
e698a81528 [tx] updated from transifex 2026-04-22 00:04:28 +00:00
opencloudeu
7a7a727cf3 [tx] updated from transifex 2026-04-20 00:04:46 +00:00
opencloudeu
bdf7cc7b8b [tx] updated from transifex 2026-04-19 00:04:47 +00:00
opencloudeu
bfb03b6973 [tx] updated from transifex 2026-04-17 00:04:32 +00:00
opencloudeu
2b15d557ea [tx] updated from transifex 2026-04-15 00:04:54 +00:00
opencloudeu
9e615837c6 [tx] updated from transifex 2026-04-02 00:05:58 +00:00
opencloudeu
f7215df83f [tx] updated from transifex 2026-04-01 00:06:08 +00:00
opencloudeu
3e6a1e69fc [tx] updated from transifex 2026-03-30 00:18:52 +00:00
opencloudeu
6042f26ed1 [tx] updated from transifex 2026-03-29 00:15:44 +00:00
opencloudeu
9bee89691f [tx] updated from transifex 2026-03-27 00:15:02 +00:00
opencloudeu
97a6a9818c [tx] updated from transifex 2026-03-25 00:07:12 +00:00
André Duffeck
bfba4ec671 Render the followed drive item after following it according to the spec 2026-03-13 09:38:28 +01:00
André Duffeck
58db915775 Emit events when favorites are added/removed 2026-03-13 09:38:28 +01:00
André Duffeck
3402390b69 Add endpoints for following/unfollowing drive items to the graph API 2026-03-13 09:38:28 +01:00