[full-ci] Ocm access

changelog/unreleased/improve-ocm-support.md

@@ -0,0 +1,5 @@
+Bugfix: Improve OCM support
+
+We improved functionality of the OCM support.
+
+https://github.com/owncloud/ocis/pull/7973

go.mod

@@ -13,7 +13,7 @@ require (
 	github.com/coreos/go-oidc v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.9.0
 	github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781
-	github.com/cs3org/reva/v2 v2.17.0
+	github.com/cs3org/reva/v2 v2.17.1-0.20231214082636-a8467337208a
 	github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
 	github.com/disintegration/imaging v1.6.2
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
@@ -350,3 +350,5 @@ require (
 replace github.com/go-micro/plugins/v4/store/nats-js => github.com/kobergj/plugins/v4/store/nats-js v1.2.1-0.20231020092801-9463c820c19a
 
 replace github.com/go-micro/plugins/v4/store/nats-js-kv => github.com/kobergj/plugins/v4/store/nats-js-kv v0.0.0-20231207143248-4d424e3ae348
+
+replace github.com/studio-b12/gowebdav => github.com/aduffeck/gowebdav v0.0.0-20231123085457-ff658b6ea159

go.sum

@@ -827,6 +827,8 @@ github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWX
 github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
 github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
+github.com/aduffeck/gowebdav v0.0.0-20231123085457-ff658b6ea159 h1:m63hhLqbqmLGGPtyTtjTdxae61d9tMbRdKvMaDHWcDs=
+github.com/aduffeck/gowebdav v0.0.0-20231123085457-ff658b6ea159/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE=
 github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8=
 github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
 github.com/ajg/form v1.5.1 h1:t9c7v8JUKu/XxOGBU0yjNpaMloxGEJhUkqFRq0ibGeU=
@@ -1019,8 +1021,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
-github.com/cs3org/reva/v2 v2.17.0 h1:cp7WXY+mZGLie4CKvIe3K+D/wG3sKVYrZJfs9Qnzioo=
-github.com/cs3org/reva/v2 v2.17.0/go.mod h1:9hmBNVK+RSMSupWci9MQLmmj1NsJ8Bv49tqKbxMdxJY=
+github.com/cs3org/reva/v2 v2.17.1-0.20231214082636-a8467337208a h1:ri98OWOuAY5tF3jpeKSItna3O4I0SedxzVgPQJPZXoM=
+github.com/cs3org/reva/v2 v2.17.1-0.20231214082636-a8467337208a/go.mod h1:oX1YtLKGr7jatGk0CpPM4GKbSEIdHhmsQuSAYElnN1U=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
@@ -2000,8 +2002,6 @@ github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o
 github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/studio-b12/gowebdav v0.0.0-20221015232716-17255f2e7423 h1:Wd8WDEEusB5+En4PiRWJp1cP59QLNsQun+mOTW8+s6s=
-github.com/studio-b12/gowebdav v0.0.0-20221015232716-17255f2e7423/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE=
 github.com/stvp/go-udp-testing v0.0.0-20201019212854-469649b16807/go.mod h1:7jxmlfBCDBXRzr0eAQJ48XC1hBu1np4CS5+cHEYfwpc=
 github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
 github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes=

services/frontend/pkg/config/config.go

@@ -142,6 +142,7 @@ type OCS struct {
 	ListOCMShares                        bool               `yaml:"list_ocm_shares" env:"FRONTEND_OCS_LIST_OCM_SHARES" desc:"Include OCM shares when listing shares. See the OCM service documentation for more details."`
 	PublicShareMustHavePassword          bool               `yaml:"public_sharing_share_must_have_password" env:"OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on all public shares."`
 	WriteablePublicShareMustHavePassword bool               `yaml:"public_sharing_writeableshare_must_have_password" env:"OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD;FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD" desc:"Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares."`
+	IncludeOCMSharees                    bool               `yaml:"include_ocm_sharees" env:"FRONTEND_OCS_INCLUDE_OCM_SHAREES" desc:"Include OCM sharees when listing sharees."`
 }
 
 type CacheWarmupDrivers struct {

services/frontend/pkg/config/defaults/defaultconfig.go

@@ -116,6 +116,7 @@ func DefaultConfig() *config.Config {
 			StatCacheTTL:                300 * time.Second,
 			ListOCMShares:               true,
 			PublicShareMustHavePassword: true,
+			IncludeOCMSharees:           false,
 		},
 		Middleware: config.Middleware{
 			Auth: config.Auth{

services/frontend/pkg/revaconfig/config.go

@@ -347,6 +347,7 @@ func FrontendConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string
 							"productversion": version.GetString(),
 						},
 					},
+					"include_ocm_sharees": cfg.OCS.IncludeOCMSharees,
 				},
 			},
 		},

services/gateway/pkg/revaconfig/config.go

@@ -185,6 +185,18 @@ func spacesProviders(cfg *config.Config, logger log.Logger) map[string]map[strin
 				},
 			},
 		},
+		cfg.OCMEndpoint: {
+			"providerid": utils.OCMStorageProviderID,
+			"spaces": map[string]interface{}{
+				"grant": map[string]interface{}{
+					"mount_point": ".",
+				},
+				"mountpoint": map[string]interface{}{
+					"mount_point":   "/ocm",
+					"path_template": "/ocm/{{.Space.Root.OpaqueId}}",
+				},
+			},
+		},
 		// medatada storage not part of the global namespace
 	}
 }

services/ocm/pkg/config/config.go

@@ -31,6 +31,7 @@ type Config struct {
 	OCMProviderAuthorizerDrivers OCMProviderAuthorizerDrivers `yaml:"ocm_provider_authorizer_drivers"`
 	OCMShareProvider             OCMShareProvider             `yaml:"ocm_share_provider"`
 	OCMCore                      OCMCore                      `yaml:"ocm_core"`
+	OCMStorageProvider           OCMStorageProvider           `yaml:"ocm_storage_provider"`
 
 	Supervised bool            `yaml:"-"`
 	Context    context.Context `yaml:"-"`
@@ -72,7 +73,8 @@ type GRPCConfig struct {
 }
 
 type ScienceMesh struct {
-	Prefix string `yaml:"prefix" env:"OCM_SCIENCEMESH_PREFIX" desc:"URL path prefix for the ScienceMesh service. Note that the string must not start with '/'."`
+	Prefix           string `yaml:"prefix" env:"OCM_SCIENCEMESH_PREFIX" desc:"URL path prefix for the ScienceMesh service. Note that the string must not start with '/'."`
+	MeshDirectoryURL string `yaml:"science_mesh_directory_url" env:"OCM_MESH_DIRECTORY_URL" desc:"URL of the mesh directory service."`
 }
 
 type OCMD struct {
@@ -107,6 +109,10 @@ type OCMCore struct {
 	Driver  string         `yaml:"driver" env:"OCM_OCM_CORE_DRIVER" desc:"Driver to be used for the OCM core. Supported value is only 'json'."`
 	Drivers OCMCoreDrivers `yaml:"drivers"`
 }
+type OCMStorageProvider struct {
+	Insecure    bool   `yaml:"insecure" env:"OCM_OCM_STORAGE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	StorageRoot string `yaml:"storage_root" env:"OCM_OCM_STORAGE_PROVIDER_STORAGE_ROOT" desc:"Directory where the ocm storage provider persists its data like tus upload info files."`
+}
 
 type OCMCoreDrivers struct {
 	JSON OCMCoreJSONDriver `yaml:"json"`
@@ -117,9 +123,10 @@ type OCMCoreJSONDriver struct {
 }
 
 type OCMShareProvider struct {
-	Driver   string                  `yaml:"driver" env:"OCM_OCM_SHARE_PROVIDER_DRIVER" desc:"Driver to be used for the OCM share provider. Supported value is only 'json'."`
-	Drivers  OCMShareProviderDrivers `yaml:"drivers"`
-	Insecure bool                    `yaml:"insecure" env:"OCM_OCM_SHARE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	Driver         string                  `yaml:"driver" env:"OCM_OCM_SHARE_PROVIDER_DRIVER" desc:"Driver to be used for the OCM share provider. Supported value is only 'json'."`
+	Drivers        OCMShareProviderDrivers `yaml:"drivers"`
+	Insecure       bool                    `yaml:"insecure" env:"OCM_OCM_SHARE_PROVIDER_INSECURE" desc:"Disable TLS certificate validation for the OCM connections. Do not set this in production environments."`
+	WebappTemplate string                  `yaml:"webapp_template" env:"OCM_WEBAPP_TEMPLATE" desc:"Template for the webapp url."`
 }
 
 type OCMShareProviderDrivers struct {

services/ocm/pkg/config/defaults/defaultconfig.go

@@ -94,22 +94,22 @@ func DefaultConfig() *config.Config {
 			Driver: "json",
 			Drivers: config.OCMInviteManagerDrivers{
 				JSON: config.OCMInviteManagerJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocminvites.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocminvites.json"),
 				},
 			},
 			Insecure: false,
 		},
 		OCMProviderAuthorizerDriver: "json",
 		OCMProviderAuthorizerDrivers: config.OCMProviderAuthorizerDrivers{
 			JSON: config.OCMProviderAuthorizerJSONDriver{
-				Providers: filepath.Join(defaults.BaseDataPath(), "storage", "ocmproviders.json"),
+				Providers: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmproviders.json"),
 			},
 		},
 		OCMShareProvider: config.OCMShareProvider{
 			Driver: "json",
 			Drivers: config.OCMShareProviderDrivers{
 				JSON: config.OCMShareProviderJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocmshares.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmshares.json"),
 				},
 			},
 			Insecure: false,
@@ -118,10 +118,14 @@ func DefaultConfig() *config.Config {
 			Driver: "json",
 			Drivers: config.OCMCoreDrivers{
 				JSON: config.OCMCoreJSONDriver{
-					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocmshares.json"),
+					File: filepath.Join(defaults.BaseDataPath(), "storage", "ocm", "ocmshares.json"),
 				},
 			},
 		},
+		OCMStorageProvider: config.OCMStorageProvider{
+			Insecure:    false,
+			StorageRoot: filepath.Join(defaults.BaseDataPath(), "storage", "ocm"),
+		},
 	}
 }
 

services/ocm/pkg/revaconfig/config.go

@@ -43,14 +43,40 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"prefix":             cfg.ScienceMesh.Prefix,
 					"smtp_credentials":   map[string]string{},
 					"gatewaysvc":         cfg.Reva.Address,
-					"mesh_directory_url": cfg.Commons.OcisURL,
+					"mesh_directory_url": cfg.ScienceMesh.MeshDirectoryURL,
 					"provider_domain":    cfg.Commons.OcisURL,
 				},
 				"ocmd": map[string]interface{}{
 					"prefix":                        cfg.OCMD.Prefix,
 					"gatewaysvc":                    cfg.Reva.Address,
 					"expose_recipient_display_name": cfg.OCMD.ExposeRecipientDisplayName,
 				},
+				"dataprovider": map[string]interface{}{
+					"prefix": "data",
+					"driver": "ocmreceived",
+					"drivers": map[string]interface{}{
+						"ocmreceived": map[string]interface{}{
+							"insecure": cfg.OCMStorageProvider.Insecure,
+						},
+					},
+					"data_txs": map[string]interface{}{
+						"simple": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"spaces": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"tus": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+					},
+				},
 			},
 		},
 		"grpc": map[string]interface{}{
@@ -91,6 +117,7 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 					"gatewaysvc":      cfg.Reva.Address,
 					"provider_domain": cfg.Commons.OcisURL,
 					"webdav_endpoint": cfg.Commons.OcisURL,
+					"webapp_template": cfg.OCMShareProvider.WebappTemplate,
 					"client_insecure": cfg.OCMShareProvider.Insecure,
 				},
 				"ocmcore": map[string]interface{}{
@@ -101,6 +128,16 @@ func OCMConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]inter
 						},
 					},
 				},
+				"storageprovider": map[string]interface{}{
+					"driver": "ocmreceived",
+					"drivers": map[string]interface{}{
+						"ocmreceived": map[string]interface{}{
+							"insecure":     cfg.OCMStorageProvider.Insecure,
+							"storage_root": cfg.OCMStorageProvider.StorageRoot,
+						},
+					},
+					"data_server_url": "http://" + cfg.HTTP.Addr + "/data",
+				},
 				"authprovider": map[string]interface{}{
 					"auth_manager": "ocmshares",
 					"auth_managers": map[string]interface{}{

services/proxy/pkg/middleware/authentication.go

@@ -25,6 +25,7 @@ var (
 
 	_publicPaths = [...]string{
 		"/dav/public-files/",
+		"/remote.php/dav/ocm/",
 		"/dav/ocm/",
 		"/ocm/",
 		"/remote.php/dav/public-files/",