Skip to content

Commit

Permalink
Merge pull request #4336 from rhafer/file-editor-role-resharing
Browse files Browse the repository at this point in the history 
bugfix: Role "file-editor" does not have resharing permissions
  • Loading branch information
@micbar
micbar authored Nov 14, 2023
2 parents 66e1faf + 8cc3b38 commit f25c231
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 266 deletions.
6 changes: 6 additions & 0 deletions changelog/unreleased/fix-editor-role-resharing.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
Bugfix: Fix definition of "file-editor" role

The "file-editor" role was missing the AddGrant resource permission, which
caused a broken mapping from ResourcePermissions to roles in certain cases.

https://github.com/cs3org/reva/pull/4336
2 changes: 1 addition & 1 deletion pkg/cbox/utils/conversions.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,7 +150,7 @@ func IntTosharePerm(p int, itemType string) *provider.ResourcePermissions {
if itemType == "folder" {
return conversions.NewEditorRole(false).CS3ResourcePermissions()
}
return conversions.NewFileEditorRole().CS3ResourcePermissions()
return conversions.NewFileEditorRole(false).CS3ResourcePermissions()
case 4:
return conversions.NewUploaderRole().CS3ResourcePermissions()
default:
Expand Down
11 changes: 8 additions & 3 deletions pkg/conversions/role.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,7 +154,7 @@ func RoleFromName(name string, sharing bool) *Role {
case RoleSpaceEditor:
return NewSpaceEditorRole()
case RoleFileEditor:
return NewFileEditorRole()
return NewFileEditorRole(sharing)
case RoleUploader:
return NewUploaderRole()
case RoleManager:
Expand Down Expand Up @@ -271,10 +271,15 @@ func NewSpaceEditorRole() *Role {
}

// NewFileEditorRole creates a file-editor role
func NewFileEditorRole() *Role {
func NewFileEditorRole(sharing bool) *Role {
p := PermissionRead | PermissionWrite
if sharing {
p |= PermissionShare
}
return &Role{
Name: RoleEditor,
cS3ResourcePermissions: &provider.ResourcePermissions{
AddGrant: sharing,
GetPath: true,
GetQuota: true,
InitiateFileDownload: true,
Expand All @@ -285,7 +290,7 @@ func NewFileEditorRole() *Role {
InitiateFileUpload: true,
RestoreRecycleItem: true,
},
ocsPermissions: PermissionRead | PermissionWrite,
ocsPermissions: p,
}
}

Expand Down
262 changes: 0 additions & 262 deletions pkg/conversions/unifiedrole.go
View file

This file was deleted.

0 comments on commit f25c231

Please sign in to comment.