From a8eb26b81b98b72c3be0adfcf12b8d9d214a4b21 Mon Sep 17 00:00:00 2001 From: Theofilos Mouratidis Date: Thu, 22 Apr 2021 16:49:16 +0200 Subject: [PATCH] list perms --- pkg/storage/fs/cephfs/cephfs.go | 22 ++++++++++++--- pkg/storage/fs/cephfs/permissions.go | 41 ++++++++++++++++++++++++++++ 2 files changed, 59 insertions(+), 4 deletions(-) diff --git a/pkg/storage/fs/cephfs/cephfs.go b/pkg/storage/fs/cephfs/cephfs.go index ad1d7afaf8c..95db4a119d9 100644 --- a/pkg/storage/fs/cephfs/cephfs.go +++ b/pkg/storage/fs/cephfs/cephfs.go @@ -170,11 +170,11 @@ func (fs *cephfs) RestoreRecycleItem(ctx context.Context, key string) error { } func (fs *cephfs) PurgeRecycleItem(ctx context.Context, key string) error { - panic("implement me") + return errors.New("cephfs: Recycled items can't be purged, they are handled by snapshots, which are read-only") } func (fs *cephfs) EmptyRecycle(ctx context.Context) error { - panic("implement me") + return errors.New("cephfs: recycle is based on snapshots and can't be edited") } func (fs *cephfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (string, error) { @@ -217,8 +217,22 @@ func (fs *cephfs) UpdateGrant(ctx context.Context, ref *provider.Reference, g *p return } -func (fs *cephfs) ListGrants(ctx context.Context, ref *provider.Reference) ([]*provider.Grant, error) { - panic("implement me") +func (fs *cephfs) ListGrants(ctx context.Context, ref *provider.Reference) (glist []*provider.Grant, err error) { + var path string + u := fs.MakeUser(ctx) + if path, err = ResolveRef(ref); err != nil { return } + + err = u.exec(func(mt Mount) error { + glist = GetFullPermissionSet(mt, path) + + if glist == nil { + return errors.New("cephfs: error listing grants on " + path) + } + + return nil + }) + + return } func (fs *cephfs) GetQuota(ctx context.Context) (total uint64, used uint64, err error) { diff --git a/pkg/storage/fs/cephfs/permissions.go b/pkg/storage/fs/cephfs/permissions.go index 97242178658..da0b7721ea5 100644 --- a/pkg/storage/fs/cephfs/permissions.go +++ b/pkg/storage/fs/cephfs/permissions.go @@ -4,6 +4,8 @@ import ( "context" "errors" cephfs2 "github.com/ceph/go-ceph/cephfs" + grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1" + userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" "github.com/cs3org/reva/pkg/user" "github.com/maxymania/go-system/posix_acl" @@ -67,6 +69,45 @@ func GetPermissionSet(ctx context.Context, stat *cephfs2.CephStatx, mount Mount, return } +func GetFullPermissionSet(mount Mount, path string) (permList []*provider.Grant) { + acls := &posix_acl.Acl{} + var xattr []byte + var err error + if xattr, err = mount.GetXattr(path, aclXattr); err != nil { return } + acls.Decode(xattr) + + permMap := make(map[uint32]*provider.Grant) + for _, acl := range acls.List { + rwx := strings.Split(acl.String(), ":")[2] + switch acl.GetType() { + case posix_acl.ACL_USER: + permMap[acl.GetID()] = &provider.Grant{ + Grantee: &provider.Grantee{ + Type: provider.GranteeType_GRANTEE_TYPE_USER, + Id: &provider.Grantee_UserId{UserId: &userpb.UserId{Idp: string(acl.GetID())}}, + }, + Permissions: &provider.ResourcePermissions{}, + } + updatePerms(permMap[acl.GetID()].Permissions, rwx, false) + case posix_acl.ACL_GROUP: + permMap[acl.GetID()] = &provider.Grant{ + Grantee: &provider.Grantee{ + Type: provider.GranteeType_GRANTEE_TYPE_GROUP, + Id: &provider.Grantee_GroupId{GroupId: &grouppb.GroupId{Idp: string(acl.GetID())}}, + }, + Permissions: &provider.ResourcePermissions{}, + } + updatePerms(permMap[acl.GetID()].Permissions, rwx, false) + } + } + + for _, value := range permMap { + permList = append(permList, value) + } + + return +} + func permToInt(p *provider.ResourcePermissions) (result uint16) { item := reflect.ValueOf(p).Elem() fields := item.NumField() - 3