Skip to content
This repository was archived by the owner on Jan 31, 2024. It is now read-only.

Commit c296b33

Browse files
sudo-sturbiaishank011
sudo-sturbia
authored and
ishank011
committed
Use UidNumber and GidNumber fields in User objects (cs3org#1516)
1 parent 2ff83d8 commit c296b33

File tree

12 files changed

+94
-169
lines changed

12 files changed

+94
-169
lines changed

changelog/unreleased/use-uid-gid-fields.md

+6
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
Enhancement: use UidNumber and GidNumber fields in User objects
2+
3+
Update instances where CS3API's `User` objects are created and used to use `GidNumber`,
4+
and `UidNumber` fields instead of storing them in `Opaque` map.
5+
6+
https://github.com/cs3org/reva/issues/1516

pkg/auth/manager/json/json.go

+4
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,8 @@ type Credentials struct {
4747
DisplayName string `mapstructure:"display_name" json:"display_name"`
4848
Secret string `mapstructure:"secret" json:"secret"`
4949
Groups []string `mapstructure:"groups" json:"groups"`
50+
UIDNumber int64 `mapstructure:"uid_number" json:"uid_number"`
51+
GIDNumber int64 `mapstructure:"gid_number" json:"gid_number"`
5052
Opaque *typespb.Opaque `mapstructure:"opaque" json:"opaque"`
5153
}
5254

@@ -118,6 +120,8 @@ func (m *manager) Authenticate(ctx context.Context, username string, secret stri
118120
MailVerified: c.MailVerified,
119121
DisplayName: c.DisplayName,
120122
Groups: c.Groups,
123+
UidNumber: c.UIDNumber,
124+
GidNumber: c.GIDNumber,
121125
Opaque: c.Opaque,
122126
// TODO add arbitrary keys as opaque data
123127
}, scope, nil

pkg/auth/manager/ldap/ldap.go

+11-14
Original file line numberDiff line numberDiff line change
@@ -22,12 +22,12 @@ import (
2222
"context"
2323
"crypto/tls"
2424
"fmt"
25+
"strconv"
2526
"strings"
2627

2728
authpb "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1"
2829
user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
2930
rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
30-
types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
3131
"github.com/cs3org/reva/pkg/appctx"
3232
"github.com/cs3org/reva/pkg/auth"
3333
"github.com/cs3org/reva/pkg/auth/manager/registry"
@@ -184,7 +184,14 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
184184
if getGroupsResp.Status.Code != rpc.Code_CODE_OK {
185185
return nil, nil, errors.Wrap(err, "ldap: grpc getting user groups failed")
186186
}
187-
187+
gidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.GIDNumber), 10, 64)
188+
if err != nil {
189+
return nil, nil, err
190+
}
191+
uidNumber, err := strconv.ParseInt(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.UIDNumber), 10, 64)
192+
if err != nil {
193+
return nil, nil, err
194+
}
188195
u := &user.User{
189196
Id: userID,
190197
// TODO add more claims from the StandardClaims, eg EmailVerified
@@ -193,18 +200,8 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
193200
Groups: getGroupsResp.Groups,
194201
Mail: sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.Mail),
195202
DisplayName: sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.DisplayName),
196-
Opaque: &types.Opaque{
197-
Map: map[string]*types.OpaqueEntry{
198-
"uid": {
199-
Decoder: "plain",
200-
Value: []byte(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.UIDNumber)),
201-
},
202-
"gid": {
203-
Decoder: "plain",
204-
Value: []byte(sr.Entries[0].GetEqualFoldAttributeValue(am.c.Schema.GIDNumber)),
205-
},
206-
},
207-
},
203+
UidNumber: uidNumber,
204+
GidNumber: gidNumber,
208205
}
209206

210207
scope, err := scope.GetOwnerScope()

pkg/auth/manager/oidc/oidc.go

+5-19
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,6 @@ import (
2929
authpb "github.com/cs3org/go-cs3apis/cs3/auth/provider/v1beta1"
3030
user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
3131
rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
32-
types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
3332
"github.com/cs3org/reva/pkg/auth"
3433
"github.com/cs3org/reva/pkg/auth/manager/registry"
3534
"github.com/cs3org/reva/pkg/auth/scope"
@@ -131,26 +130,12 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
131130
return nil, nil, fmt.Errorf("no \"preferred_username\" or \"name\" attribute found in userinfo: maybe the client did not request the oidc \"profile\"-scope")
132131
}
133132

134-
opaqueObj := &types.Opaque{
135-
Map: map[string]*types.OpaqueEntry{},
136-
}
133+
var uid, gid float64
137134
if am.c.UIDClaim != "" {
138-
uid, ok := claims[am.c.UIDClaim]
139-
if ok {
140-
opaqueObj.Map["uid"] = &types.OpaqueEntry{
141-
Decoder: "plain",
142-
Value: []byte(fmt.Sprintf("%0.f", uid)),
143-
}
144-
}
135+
uid, _ = claims[am.c.UIDClaim].(float64)
145136
}
146137
if am.c.GIDClaim != "" {
147-
gid, ok := claims[am.c.GIDClaim]
148-
if ok {
149-
opaqueObj.Map["gid"] = &types.OpaqueEntry{
150-
Decoder: "plain",
151-
Value: []byte(fmt.Sprintf("%0.f", gid)),
152-
}
153-
}
138+
gid, _ = claims[am.c.GIDClaim].(float64)
154139
}
155140

156141
userID := &user.UserId{
@@ -182,7 +167,8 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, clientSecret string)
182167
Mail: claims["email"].(string),
183168
MailVerified: claims["email_verified"].(bool),
184169
DisplayName: claims["name"].(string),
185-
Opaque: opaqueObj,
170+
UidNumber: int64(uid),
171+
GidNumber: int64(gid),
186172
}
187173

188174
scope, err := scope.GetOwnerScope()

pkg/cbox/user/rest/rest.go

+12-32
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ import (
2424
"fmt"
2525
"net/url"
2626
"regexp"
27+
"strconv"
2728
"strings"
2829

2930
userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
30-
types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
3131
"github.com/cs3org/reva/pkg/appctx"
3232
utils "github.com/cs3org/reva/pkg/cbox/utils"
3333
"github.com/cs3org/reva/pkg/user"
@@ -169,6 +169,8 @@ func (m *manager) parseAndCacheUser(ctx context.Context, userData map[string]int
169169
upn, _ := userData["upn"].(string)
170170
mail, _ := userData["primaryAccountEmail"].(string)
171171
name, _ := userData["displayName"].(string)
172+
uidNumber, _ := userData["uid"].(float64)
173+
gidNumber, _ := userData["gid"].(float64)
172174

173175
userID := &userpb.UserId{
174176
OpaqueId: upn,
@@ -179,18 +181,8 @@ func (m *manager) parseAndCacheUser(ctx context.Context, userData map[string]int
179181
Username: upn,
180182
Mail: mail,
181183
DisplayName: name,
182-
Opaque: &types.Opaque{
183-
Map: map[string]*types.OpaqueEntry{
184-
"uid": &types.OpaqueEntry{
185-
Decoder: "plain",
186-
Value: []byte(fmt.Sprintf("%0.f", userData["uid"])),
187-
},
188-
"gid": &types.OpaqueEntry{
189-
Decoder: "plain",
190-
Value: []byte(fmt.Sprintf("%0.f", userData["gid"])),
191-
},
192-
},
193-
},
184+
UidNumber: int64(uidNumber),
185+
GidNumber: int64(gidNumber),
194186
}
195187

196188
if err := m.cacheUserDetails(u); err != nil {
@@ -273,6 +265,8 @@ func (m *manager) findUsersByFilter(ctx context.Context, url string, users map[s
273265
upn, _ := usrInfo["upn"].(string)
274266
mail, _ := usrInfo["primaryAccountEmail"].(string)
275267
name, _ := usrInfo["displayName"].(string)
268+
uidNumber, _ := usrInfo["uid"].(float64)
269+
gidNumber, _ := usrInfo["gid"].(float64)
276270

277271
uid := &userpb.UserId{
278272
OpaqueId: upn,
@@ -283,18 +277,8 @@ func (m *manager) findUsersByFilter(ctx context.Context, url string, users map[s
283277
Username: upn,
284278
Mail: mail,
285279
DisplayName: name,
286-
Opaque: &types.Opaque{
287-
Map: map[string]*types.OpaqueEntry{
288-
"uid": &types.OpaqueEntry{
289-
Decoder: "plain",
290-
Value: []byte(fmt.Sprintf("%0.f", usrInfo["uid"])),
291-
},
292-
"gid": &types.OpaqueEntry{
293-
Decoder: "plain",
294-
Value: []byte(fmt.Sprintf("%0.f", usrInfo["gid"])),
295-
},
296-
},
297-
},
280+
UidNumber: int64(uidNumber),
281+
GidNumber: int64(gidNumber),
298282
}
299283
}
300284

@@ -385,12 +369,8 @@ func (m *manager) IsInGroup(ctx context.Context, uid *userpb.UserId, group strin
385369
}
386370

387371
func extractUID(u *userpb.User) (string, error) {
388-
if u.Opaque != nil && u.Opaque.Map != nil {
389-
if uidObj, ok := u.Opaque.Map["uid"]; ok {
390-
if uidObj.Decoder == "plain" {
391-
return string(uidObj.Value), nil
392-
}
393-
}
372+
if u.UidNumber == 0 {
373+
return "", errors.New("rest: could not retrieve UID from user")
394374
}
395-
return "", errors.New("rest: could not retrieve UID from user")
375+
return strconv.FormatInt(u.UidNumber, 10), nil
396376
}

pkg/storage/utils/eosfs/eosfs.go

+11-15
Original file line numberDiff line numberDiff line change
@@ -226,6 +226,12 @@ func getUser(ctx context.Context) (*userpb.User, error) {
226226
err := errors.Wrap(errtypes.UserRequired(""), "eos: error getting user from ctx")
227227
return nil, err
228228
}
229+
if u.UidNumber == 0 {
230+
return nil, errors.New("eos: invalid user id")
231+
}
232+
if u.GidNumber == 0 {
233+
return nil, errors.New("eos: invalid group id")
234+
}
229235
return u, nil
230236
}
231237

@@ -1476,23 +1482,13 @@ func getResourceType(isDir bool) provider.ResourceType {
14761482
}
14771483

14781484
func (fs *eosfs) extractUIDAndGID(u *userpb.User) (string, string, error) {
1479-
var uid, gid string
1480-
if u.Opaque != nil && u.Opaque.Map != nil {
1481-
if uidObj, ok := u.Opaque.Map["uid"]; ok {
1482-
if uidObj.Decoder == "plain" {
1483-
uid = string(uidObj.Value)
1484-
}
1485-
}
1486-
if gidObj, ok := u.Opaque.Map["gid"]; ok {
1487-
if gidObj.Decoder == "plain" {
1488-
gid = string(gidObj.Value)
1489-
}
1490-
}
1485+
if u.UidNumber == 0 {
1486+
return "", "", errors.New("eos: uid missing for user")
14911487
}
1492-
if uid == "" || gid == "" {
1493-
return "", "", errors.New("eos: uid or gid missing for user")
1488+
if u.GidNumber == 0 {
1489+
return "", "", errors.New("eos: gid missing for user")
14941490
}
1495-
return uid, gid, nil
1491+
return strconv.FormatInt(u.UidNumber, 10), strconv.FormatInt(u.GidNumber, 10), nil
14961492
}
14971493

14981494
func (fs *eosfs) getUIDGateway(ctx context.Context, u *userpb.UserId) (string, string, error) {

pkg/user/manager/demo/demo.go

+7-31
Original file line numberDiff line numberDiff line change
@@ -21,10 +21,10 @@ package demo
2121
import (
2222
"context"
2323
"errors"
24+
"strconv"
2425
"strings"
2526

2627
userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
27-
types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
2828
"github.com/cs3org/reva/pkg/errtypes"
2929
"github.com/cs3org/reva/pkg/user"
3030
"github.com/cs3org/reva/pkg/user/manager/registry"
@@ -69,12 +69,8 @@ func extractClaim(u *userpb.User, claim string) (string, error) {
6969
case "username":
7070
return u.Username, nil
7171
case "uid":
72-
if u.Opaque != nil && u.Opaque.Map != nil {
73-
if uidObj, ok := u.Opaque.Map["uid"]; ok {
74-
if uidObj.Decoder == "plain" {
75-
return string(uidObj.Value), nil
76-
}
77-
}
72+
if u.UidNumber != 0 {
73+
return strconv.FormatInt(u.UidNumber, 10), nil
7874
}
7975
}
8076
return "", errors.New("demo: invalid field")
@@ -114,18 +110,8 @@ func getUsers() map[string]*userpb.User {
114110
Groups: []string{"sailing-lovers", "violin-haters", "physics-lovers"},
115111
Mail: "[email protected]",
116112
DisplayName: "Albert Einstein",
117-
Opaque: &types.Opaque{
118-
Map: map[string]*types.OpaqueEntry{
119-
"uid": &types.OpaqueEntry{
120-
Decoder: "plain",
121-
Value: []byte("123"),
122-
},
123-
"gid": &types.OpaqueEntry{
124-
Decoder: "plain",
125-
Value: []byte("987"),
126-
},
127-
},
128-
},
113+
UidNumber: 123,
114+
GidNumber: 987,
129115
},
130116
"f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c": &userpb.User{
131117
Id: &userpb.UserId{
@@ -136,18 +122,8 @@ func getUsers() map[string]*userpb.User {
136122
Groups: []string{"radium-lovers", "polonium-lovers", "physics-lovers"},
137123
Mail: "[email protected]",
138124
DisplayName: "Marie Curie",
139-
Opaque: &types.Opaque{
140-
Map: map[string]*types.OpaqueEntry{
141-
"uid": &types.OpaqueEntry{
142-
Decoder: "plain",
143-
Value: []byte("456"),
144-
},
145-
"gid": &types.OpaqueEntry{
146-
Decoder: "plain",
147-
Value: []byte("987"),
148-
},
149-
},
150-
},
125+
UidNumber: 456,
126+
GidNumber: 987,
151127
},
152128
"932b4540-8d16-481e-8ef4-588e4b6b151c": &userpb.User{
153129
Id: &userpb.UserId{

pkg/user/manager/demo/demo_test.go

+2-7
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,6 @@ import (
2424
"testing"
2525

2626
userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
27-
types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
2827
"github.com/cs3org/reva/pkg/errtypes"
2928
)
3029

@@ -42,12 +41,8 @@ func TestUserManager(t *testing.T) {
4241
Groups: []string{"sailing-lovers", "violin-haters", "physics-lovers"},
4342
Mail: "[email protected]",
4443
DisplayName: "Albert Einstein",
45-
Opaque: &types.Opaque{
46-
Map: map[string]*types.OpaqueEntry{
47-
"uid": &types.OpaqueEntry{Decoder: "plain", Value: []byte("123")},
48-
"gid": &types.OpaqueEntry{Decoder: "plain", Value: []byte("987")},
49-
},
50-
},
44+
UidNumber: 123,
45+
GidNumber: 987,
5146
}
5247
uidFake := &userpb.UserId{Idp: "nonesense", OpaqueId: "fakeUser"}
5348
groupsEinstein := []string{"sailing-lovers", "violin-haters", "physics-lovers"}

pkg/user/manager/json/json.go

+3-6
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,7 @@ import (
2222
"context"
2323
"encoding/json"
2424
"io/ioutil"
25+
"strconv"
2526
"strings"
2627

2728
"github.com/cs3org/reva/pkg/user"
@@ -111,12 +112,8 @@ func extractClaim(u *userpb.User, claim string) (string, error) {
111112
case "username":
112113
return u.Username, nil
113114
case "uid":
114-
if u.Opaque != nil && u.Opaque.Map != nil {
115-
if uidObj, ok := u.Opaque.Map["uid"]; ok {
116-
if uidObj.Decoder == "plain" {
117-
return string(uidObj.Value), nil
118-
}
119-
}
115+
if u.UidNumber != 0 {
116+
return strconv.FormatInt(u.UidNumber, 10), nil
120117
}
121118
}
122119
return "", errors.New("json: invalid field")

0 commit comments

Comments
 (0)