Skip to content

Commit

Permalink
list perms
Browse files Browse the repository at this point in the history
  • Loading branch information
thmour committed Apr 22, 2021
1 parent e876db7 commit ccc5f85
Show file tree
Hide file tree
Showing 2 changed files with 59 additions and 4 deletions.
22 changes: 18 additions & 4 deletions pkg/storage/fs/cephfs/cephfs.go
Original file line number Diff line number Diff line change
Expand Up @@ -170,11 +170,11 @@ func (fs *cephfs) RestoreRecycleItem(ctx context.Context, key string) error {
}

func (fs *cephfs) PurgeRecycleItem(ctx context.Context, key string) error {
panic("implement me")
return errors.New("cephfs: Recycled items can't be purged, they are handled by snapshots, which are read-only")
}

func (fs *cephfs) EmptyRecycle(ctx context.Context) error {
panic("implement me")
return errors.New("cephfs: recycle is based on snapshots and can't be edited")
}

func (fs *cephfs) GetPathByID(ctx context.Context, id *provider.ResourceId) (string, error) {
Expand Down Expand Up @@ -217,8 +217,22 @@ func (fs *cephfs) UpdateGrant(ctx context.Context, ref *provider.Reference, g *p
return
}

func (fs *cephfs) ListGrants(ctx context.Context, ref *provider.Reference) ([]*provider.Grant, error) {
panic("implement me")
func (fs *cephfs) ListGrants(ctx context.Context, ref *provider.Reference) (glist []*provider.Grant, err error) {
var path string
u := fs.MakeUser(ctx)
if path, err = ResolveRef(ref); err != nil { return }

err = u.exec(func(mt Mount) error {
glist = GetFullPermissionSet(mt, path)

if glist == nil {
return errors.New("cephfs: error listing grants on " + path)
}

return nil
})

return
}

func (fs *cephfs) GetQuota(ctx context.Context) (total uint64, used uint64, err error) {
Expand Down
41 changes: 41 additions & 0 deletions pkg/storage/fs/cephfs/permissions.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ import (
"context"
"errors"
cephfs2 "github.com/ceph/go-ceph/cephfs"
grouppb "github.com/cs3org/go-cs3apis/cs3/identity/group/v1beta1"
userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
"github.com/cs3org/reva/pkg/user"
"github.com/maxymania/go-system/posix_acl"
Expand Down Expand Up @@ -67,6 +69,45 @@ func GetPermissionSet(ctx context.Context, stat *cephfs2.CephStatx, mount Mount,
return
}

func GetFullPermissionSet(mount Mount, path string) (permList []*provider.Grant) {
acls := &posix_acl.Acl{}
var xattr []byte
var err error
if xattr, err = mount.GetXattr(path, aclXattr); err != nil { return }
acls.Decode(xattr)

permMap := make(map[uint32]*provider.Grant)
for _, acl := range acls.List {
rwx := strings.Split(acl.String(), ":")[2]
switch acl.GetType() {
case posix_acl.ACL_USER:
permMap[acl.GetID()] = &provider.Grant{
Grantee: &provider.Grantee{
Type: provider.GranteeType_GRANTEE_TYPE_USER,
Id: &provider.Grantee_UserId{UserId: &userpb.UserId{Idp: string(acl.GetID())}},
},
Permissions: &provider.ResourcePermissions{},
}
updatePerms(permMap[acl.GetID()].Permissions, rwx, false)
case posix_acl.ACL_GROUP:
permMap[acl.GetID()] = &provider.Grant{
Grantee: &provider.Grantee{
Type: provider.GranteeType_GRANTEE_TYPE_GROUP,
Id: &provider.Grantee_GroupId{GroupId: &grouppb.GroupId{Idp: string(acl.GetID())}},
},
Permissions: &provider.ResourcePermissions{},
}
updatePerms(permMap[acl.GetID()].Permissions, rwx, false)
}
}

for _, value := range permMap {
permList = append(permList, value)
}

return
}

func permToInt(p *provider.ResourcePermissions) (result uint16) {
item := reflect.ValueOf(p).Elem()
fields := item.NumField() - 3
Expand Down

0 comments on commit ccc5f85

Please sign in to comment.