Fixes for /ocs/cloud/users when using the CS3 user backend #3096
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Up to now when using the CS3 backend (e.g. to use an external LDAP
server) queries to /users/{userid}/groups just errored out. This add a
simple stub to just return and empty group list for now.
This allows using and external LDAP server without having to fiddle with
the proxy configuration to redirect to the reva ocs implementation.
(Which also is just returning an empty group list currently)
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
C0rby
approved these changes
Feb 2, 2022
ocis-pkg/roles/manager.go
Outdated
| return nil, err | ||
| } | ||
|
|
||
| roleIDs := make([]string, 0) |
There was a problem hiding this comment.
Suggested change
| roleIDs := make([]string, 0) | |
| roleIDs := make([]string, len(assignmentResponse.Assignments)) |
There was a problem hiding this comment.
I guess you meant make([]string,0, len(assignmentResponse.Assignments)) ? Without setting the initial length to zero the append will do funky things 😄.
This we use reva to mint tokes for users when using the CS3 backend (owncloud#2528) the user's roles are no longer part of the token. This adds a workaround to the RequireSelfOrAdmin middleware to Request the user's role id on demand from the settings service. Partial Fix for owncloud#2646
|
Kudos, SonarCloud Quality Gate passed! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR includes two workaround to get the CS3 backend for the ocs API to a somewhat working state. With this we'd no longer need to switch to the reva implemenation of ocs, e.g. when using an external LDAP server.
Related Issue
Motivation and Context
When using an external LDAP server we currently have to adjust the proxy configuration to point to the reva implemation of the ocs API. With this fix this should no longer be needed. I aware that these are mainly workarounds, but as we (at least to my understanding) agreed on removing the /ocs/cloud/users and ./groups services in the (not so long) run, I think they should be good enough. (btw, the /users/userid/groups implementation in reva also just returns an empty list, so we're not loosing anything here)
How Has This Been Tested?
manually using the WebUI / curl
Types of changes