Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ocfs: lookup user to render template properly #1033

Closed
wants to merge 3 commits into from
Closed

ocfs: lookup user to render template properly #1033

wants to merge 3 commits into from

Conversation

butonic
Copy link
Contributor

@butonic butonic commented Jul 30, 2020
edited
Loading

Currently, the username is used to construct paths, which breaks when mounting the owncloud storage driver at /oc and then expecting paths that use the username like /oc/einstein/foo to work, because they will mismatch the path that is used from propagation which uses /oc/u-u-i-d as the root, giving a internal path outside root error like this:

11:25AM ERR home/jfd/go/pkg/mod/github.com/cs3org/reva@v0.1.1-0.20200728071211-c948977dd3a0/pkg/storage/fs/owncloud/owncloud.go:1885 > could not propagate change error="internal path outside root" leafPath=/var/tmp/reva/data/4c510ada-c86b-4815-8820-42cdf82c3d51/files/TUS-upload.png pid=32062 root=/var/tmp/reva/data/einstein/files
[tusd] 2020/07/30 11:25:42 event="ResponseOutgoing" status="500" method="PATCH" path="/5137f8b9-cbad-40a2-a20b-e06a8bfd5a5a" error="internal path outside root" requestId=""
2020-07-30T11:25:42+02:00 ERR http end="30/Jul/2020:11:25:42 +0200" host=::1 method=PATCH pkg=rhttp proto=HTTP/1.1 service=reva size=27 start="30/Jul/2020:11:25:42 +0200" status=500 time_ns=912434 traceid=3c125790948fbeb2499020acafb12108 uri=/data/5137f8b9-cbad-40a2-a20b-e06a8bfd5a5a url=/data/5137f8b9-cbad-40a2-a20b-e06a8bfd5a5a
2020-07-30T11:25:42+02:00 ERR http end="30/Jul/2020:11:25:42 +0200" host=::1 method=PATCH pkg=rhttp proto=HTTP/1.1 service=reva size=0 start="30/Jul/2020:11:25:42 +0200" status=500 time_ns=1823731 traceid=3c125790948fbeb2499020acafb12108 uri=/data/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJyZXZhIiwiZXhwIjoxNTk2MTg3NTQyLCJpYXQiOjE1OTYxMDExNDIsInRhcmdldCI6Imh0dHA6Ly9sb2NhbGhvc3Q6OTE2NC9kYXRhLzUxMzdmOGI5LWNiYWQtNDBhMi1hMjBiLWUwNmE4YmZkNWE1YSJ9.cyLG5VtERyCrRdZcK6PF1sTNCF_GmHl5Ii1o8AV6jUc url=/data/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJyZXZhIiwiZXhwIjoxNTk2MTg3NTQyLCJpYXQiOjE1OTYxMDExNDIsInRhcmdldCI6Imh0dHA6Ly9sb2NhbGhvc3Q6OTE2NC9kYXRhLzUxMzdmOGI5LWNiYWQtNDBhMi1hMjBiLWUwNmE4YmZkNWE1YSJ9.cyLG5VtERyCrRdZcK6PF1sTNCF_GmHl5Ii1o8AV6jUc
2020-07-30 11:25:42.675756 I | httputil: ReverseProxy read error during body copy: unexpected EOF
2020-07-30 11:25:42.675767 I | suppressing panic for copyResponse error in test; copy error: unexpected EOF

To fix this we need to lookup the user at the user provider. using the username as the opaqueid works when the ldap filter is configured to allow lookup by both eg: (&(objectclass=posixAccount)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))

An annoying thing is that this makes the storage driver depend on the user provider... I am using the sharedconf package to make this default to the gateway.

We can save the trip to the user provider if the currently logged in user happens to match the requested user.

@labkode the eos driver should do a similar thing eg when parsing back the acls into a user. I can look into that after fixing our update branch, because it requires a lot of attenrtion right now, because we need to fix the testsuite to deal with the userid / username split.

@butonic butonic requested a review from labkode as a code owner July 30, 2020 10:26
@update-docs
Copy link

update-docs bot commented Jul 30, 2020

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@butonic butonic mentioned this pull request Jul 30, 2020
Merged
63 tasks
@butonic butonic marked this pull request as draft July 30, 2020 10:36
@butonic
ocfs: lookup user to render template properly
8bbbd78 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
@butonic butonic requested a review from refs July 30, 2020 13:08
@butonic butonic marked this pull request as ready for review July 30, 2020 13:08
@labkode
Copy link
Member

labkode commented Jul 30, 2020
edited
Loading

@butonic I think for EOS should be similar, @ishank011 was working on that. In our case, we use usernames as unique Ids in the EOS layout, so probably we are not finding this problem.

Our paths are /eos/user/p/peter and not /eos/user/u-u-i-d/

@butonic
Copy link
Contributor Author

butonic commented Jul 30, 2020

yes, you can get around a lot of problems when using the username as the userid. Unfortunately, we have too many cases where u username changed, so we need to solve this properly. The good thing is reva allows us to implment this properly! But it is some work, especially the testsuite needs to be tought a few tricks ...

@butonic
refactor, configurable addr
d4a46c5 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
@butonic butonic self-assigned this Jul 31, 2020
@butonic
Copy link
Contributor Author

butonic commented Jul 31, 2020
edited
Loading 

--- Failed scenarios: | 552s
-- | --
4089 |   | 552s
4090 | /drone/src/tmp/testrunner/tests/acceptance/features/apiAuthWebDav/webDavPROPFINDAuth.feature:47 | 552s
4091 | /drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:149 | 552s
4092 | /drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:502 | 552s
4093 |   | 552s
4094 | 475 scenarios (472 passed, 3 failed) | 552s
4095 | 3705 steps (3702 passed, 3 failed) | 552s
4096 | 6m58.14s (22.69Mb)

two of the failures are related to versioning. this PR changes some path building so it is likely related:

@skipOnStorage:ceph @files_primary_s3-issue-161 @files_sharing-app-required @skipOnOcV10 @issue-ocis-reva-376 | 416s
-- | --
2936 | Scenario: Receiver tries get file versions of shared file from the sharer                # /drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:502 | 416s
2937 | Given user "Brian" has been created with default attributes and without skeleton files # FeatureContext::userHasBeenCreatedWithDefaultAttributesAndWithoutSkeletonFiles() | 416s
2938 | And user "Alice" has uploaded file with content "textfile0" to "textfile0.txt"         # FeatureContext::userHasUploadedAFileWithContentTo() | 416s
2939 | And user "Alice" has uploaded file with content "version 1" to "textfile0.txt"         # FeatureContext::userHasUploadedAFileWithContentTo() | 417s
2940 | And user "Alice" has uploaded file with content "version 2" to "textfile0.txt"         # FeatureContext::userHasUploadedAFileWithContentTo() | 418s
2941 | And user "Alice" has uploaded file with content "version 3" to "textfile0.txt"         # FeatureContext::userHasUploadedAFileWithContentTo() | 419s
2942 | And user "Alice" has shared file "textfile0.txt" with user "Brian"                     # FeatureContext::userHasSharedFileWithUserUsingTheSharingApi() | 419s
2943 | When user "Brian" tries to get versions of file "textfile0.txt" from "Alice"           # FeatureContext::userTriesToGetFileVersions() | 419s
2944 | Then the HTTP status code should be "207"                                              # FeatureContext::thenTheHTTPStatusCodeShouldBe() | 419s
2945 | And the number of versions should be "4"                                               # FeatureContext::theNumberOfVersionsShouldBe() | 419s
2946 | Expected number of versions was '4', but got '1' | 419s
2947 | Failed asserting that 1 matches expected '4'.

@files_sharing-app-required | 400s
-- | --
2839 | Scenario: User can access meta folder of a file which is owned by somebody else but shared with that user # /drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:149 | 400s
2840 | Given user "Brian" has been created with default attributes and without skeleton files                  # FeatureContext::userHasBeenCreatedWithDefaultAttributesAndWithoutSkeletonFiles() | 400s
2841 | And user "Alice" has uploaded file with content "123" to "/davtest.txt"                                 # FeatureContext::userHasUploadedAFileWithContentTo() | 400s
2842 | And user "Alice" has uploaded file with content "456789" to "/davtest.txt"                              # FeatureContext::userHasUploadedAFileWithContentTo() | 401s
2843 | And we save it into "FILEID"                                                                            # FeatureContext::saveItInto() | 401s
2844 | When user "Alice" creates a share using the sharing API with settings                                   # FeatureContext::userCreatesAShareWithSettings() | 402s
2845 | \| path        \| /davtest.txt \| | 402s
2846 | \| shareType   \| user         \| | 402s
2847 | \| shareWith   \| Brian        \| | 402s
2848 | \| permissions \| read         \| | 402s
2849 | Then the version folder of fileId "<<FILEID>>" for user "Brian" should contain "1" element              # FilesVersionsContext::theVersionFolderOfFileIdShouldContainElements() | 402s
2850 | could not find 1 version element(s) in | 402s
2851 | <?xml version="1.0" encoding="utf-8"?> | 402s
2852 | <d:multistatus xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns" xmlns:oc="http://owncloud.org/ns"><d:response><d:href>/remote.php/dav/meta/MTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjU1NDQwMDAwOjBkZGVhNGM3LWNlZjAtNDRmNi05NTA0LThhYzQwZTVmMzNlOQ==/v/</d:href><d:propstat><d:prop><d:getetag>"aa211bcf1fb7fbbba89c41ebfad23878"</d:getetag></d:prop><d:status>HTTP/1.1 200 OK</d:status></d:propstat></d:response></d:multistatus> | 402s
2853 |   | 402s
2854 | Failed asserting that 0 matches expected '1'.

one is about accessing another users files, which might this PR might actually have fixed ... or at least improved ... or made less wrong ...

@skipOnOcV10 @issue-ocis-reva-9 @skipOnOcis-EOS-Storage @issue-ocis-reva-303 | 201s
-- | --
982 | Scenario: send PROPFIND requests to another user's webDav endpoints as normal user                          # /drone/src/tmp/testrunner/tests/acceptance/features/apiAuthWebDav/webDavPROPFINDAuth.feature:47 | 201s
983 | When user "Brian" requests these endpoints with "PROPFIND" to get property "d:getetag" about user "Alice" # OCSContext::userSendsRequestToTheseEndpointsWithProperty() | 202s
984 | \| endpoint                                           \| | 202s
985 | \| /remote.php/dav/files/%username%/textfile0.txt     \| | 202s
986 | \| /remote.php/dav/files/%username%/PARENT            \| | 202s
987 | \| /remote.php/dav/files/%username%/PARENT/parent.txt \| | 202s
988 | Then the HTTP status code of responses on all endpoints should be "207"                                   # FeatureContext::theHTTPStatusCodeOfResponsesOnAllEndpointsShouldBe() | 202s
989 | Responses did not return expected http status code | 202s
990 | Failed asserting that 404 is identical to 207.

@butonic
use correct userprovider service
e8b185b 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
@butonic butonic mentioned this pull request Jul 31, 2020
Merged
@PVince81
Copy link
Contributor

PVince81 commented Aug 4, 2020

these three tests:

/drone/src/tmp/testrunner/tests/acceptance/features/apiAuthWebDav/webDavPROPFINDAuth.feature:47
/drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:149
/drone/src/tmp/testrunner/tests/acceptance/features/apiVersions/fileVersions.feature:502

pass for me locally when run on owncloud/ocis#409 which contains this reva PR here and other fixes.

@PVince81 PVince81 mentioned this pull request Aug 4, 2020
Merged
@PVince81
Copy link
Contributor

PVince81 commented Aug 4, 2020

resent as separate PR #1052 as I'll need it to continue working

@individual-it
Copy link
Contributor

@butonic @PVince81 I think one issue is that the files versions are not working correctly
GetUser does not work correctly / at all
Looking into the debugger I get unknown service cs3.identity.user.v1beta1.UserAPI in https://github.com/butonic/reva/blob/e8b185b55f7067d64e0ef92ad773207e0b23d8be/pkg/storage/fs/owncloud/owncloud.go#L529

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

ok, I managed to setup a reva close enough to CI and the issue is reproducible locally (no OCIS involved)

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

@individual-it I could not reproduce your issue. I've logged everything I can locally in getUser() and when running the test "tests/acceptance/features/apiVersions/fileVersions.feature:149" I always get a user in there.

However what's strange is that I don't get Brian at all there, so getUser is never called with Brian.
I assume that the test should be authenticating as Brian when verifying the versions endpoint.

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

okay, seems I had troubles with Redis.

now I get something similar:

frontend.log:2:55PM WRN home/vincent/Private/Work/workspace/reva/internal/http/interceptors/auth/auth.go:164 > core access token not set pid=23486 pkg=rhttp traceid=24fedd76bb41d9adefccee523687b528
frontend.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/http/interceptors/auth/auth.go:172 > credentials obtained from credential strategy: &{Type:basic ClientID:Brian ClientSecret:1234} pid=23486 pkg=rhttp traceid=24fedd76bb41d9adefccee523687b528
frontend.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/http/interceptors/auth/auth.go:194 > AuthenticateRequest: type:"basic" client_id:"Brian" client_secret:"1234"  against localhost:19000 pid=23486 pkg=rhttp traceid=24fedd76bb41d9adefccee523687b528
frontend.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/http/interceptors/auth/auth.go:217 > core access token generated pid=23486 pkg=rhttp traceid=24fedd76bb41d9adefccee523687b528
frontend.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/http/interceptors/auth/auth.go:239 > Got user from token pid=23486 pkg=rhttp traceid=24fedd76bb41d9adefccee523687b528 u={"display_name":"Brian Murphy","id":{"idp":"http://localhost:18000","opaque_id":"Brian"},"mail":"brian@example.org","username":"Brian"}
frontend.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/http/services/owncloud/ocdav/ocdav.go:150 > http routing head=remote.php pid=23486 pkg=rhttp tail=/dav/meta/MTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjU1NDQwMDAwOjk4MmRjM2I1LWEwYWYtNDdkMi05YmI1LWQ2M2NkYjFiYTc2OQ==/v traceid=24fedd76bb41d9adefccee523687b528
frontend.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/http/interceptors/log/log.go:112 > http end="06/Aug/2020:14:55:26 +0200" host=127.0.0.1 method=PROPFIND pid=23486 pkg=rhttp proto=HTTP/1.1 size=452 start="06/Aug/2020:14:55:26 +0200" status=207 time_ns=46160807 traceid=24fedd76bb41d9adefccee523687b528 uri=/remote.php/dav/meta/MTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjU1NDQwMDAwOjk4MmRjM2I1LWEwYWYtNDdkMi05YmI1LWQ2M2NkYjFiYTc2OQ==/v url=/remote.php/dav/meta/MTIzZTQ1NjctZTg5Yi0xMmQzLWE0NTYtNDI2NjU1NDQwMDAwOjk4MmRjM2I1LWEwYWYtNDdkMi05YmI1LWQ2M2NkYjFiYTc2OQ==/v
gateway.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/auth/auth.go:85 > skipping auth method=/cs3.gateway.v1beta1.GatewayAPI/Authenticate pid=23487 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
gateway.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/auth/auth.go:85 > skipping auth method=/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProvider pid=23487 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51158 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=163569 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProvider user-agent=grpc-go/1.26.0
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51166 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=154353 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.registry.v1beta1.RegistryAPI/GetStorageProvider user-agent=grpc-go/1.26.0
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51156 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=33519844 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.gateway.v1beta1.GatewayAPI/Authenticate user-agent=grpc-go/1.26.0
gateway.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/auth/auth.go:85 > skipping auth method=/cs3.gateway.v1beta1.GatewayAPI/Stat pid=23487 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51166 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=99352 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.registry.v1beta1.RegistryAPI/GetStorageProvider user-agent=grpc-go/1.26.0
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51166 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=107797 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.registry.v1beta1.RegistryAPI/GetStorageProvider user-agent=grpc-go/1.26.0
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51156 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=6180306 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.gateway.v1beta1.GatewayAPI/Stat user-agent=grpc-go/1.26.0
gateway.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/auth/auth.go:85 > skipping auth method=/cs3.gateway.v1beta1.GatewayAPI/ListFileVersions pid=23487 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51166 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=133118 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.registry.v1beta1.RegistryAPI/GetStorageProvider user-agent=grpc-go/1.26.0
gateway.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:51156 pid=23487 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=3142717 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.gateway.v1beta1.GatewayAPI/ListFileVersions user-agent=grpc-go/1.26.0
ldap-users.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/auth/auth.go:85 > skipping auth method=/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate pid=23498 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
ldap-users.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/pkg/auth/manager/ldap/ldap.go:167 > authenticated user entry={"Attributes":[{"ByteValues":["QnJpYW4="],"Name":"cn","Values":["Brian"]},{"ByteValues":["QnJpYW4gTXVycGh5"],"Name":"displayName","Values":["Brian Murphy"]},{"ByteValues":["YnJpYW5AZXhhbXBsZS5vcmc="],"Name":"mail","Values":["brian@example.org"]},{"ByteValues":["QnJpYW4="],"Name":"uid","Values":["Brian"]}],"DN":"uid=Brian,ou=TestUsers,dc=owncloud,dc=com"} pid=23498 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528 user={"display_name":"Brian Murphy","id":{"idp":"http://localhost:18000","opaque_id":"Brian"},"mail":"brian@example.org","username":"Brian"}
ldap-users.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/services/authprovider/authprovider.go:119 > user id:<idp:"http://localhost:18000" opaque_id:"Brian" > username:"Brian" mail:"brian@example.org" display_name:"Brian Murphy"  authenticated pid=23498 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
ldap-users.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:38546 pid=23498 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=30228468 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate user-agent=grpc-go/1.26.0
storage-home.log:#### ContextGetUser id:<idp:"http://localhost:18000" opaque_id:"Brian" > username:"Brian" mail:"brian@example.org" display_name:"Brian Murphy"  opaqueid=Brian2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:42560 pid=23489 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=364503 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.provider.v1beta1.ProviderAPI/CreateHome user-agent=grpc-go/1.26.0
storage-oc.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:465 > ocfs: unwrap: internal=/Alice/files/davtest.txt external=/Alice/davtest.txt pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:465 > ocfs: unwrap: internal=/Alice/files/davtest.txt external=/Alice/davtest.txt pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM ERR home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:648 > error getting owner error="rpc error: code = Unimplemented desc = unknown service cs3.identity.user.v1beta1.UserAPI" pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:44282 pid=23490 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=2221292 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.provider.v1beta1.ProviderAPI/Stat user-agent=grpc-go/1.26.0
storage-oc.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:465 > ocfs: unwrap: internal=/Alice/files/davtest.txt external=/Alice/davtest.txt pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM DBG home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:465 > ocfs: unwrap: internal=/Alice/files/davtest.txt external=/Alice/davtest.txt pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM ERR home/vincent/Private/Work/workspace/reva/pkg/storage/fs/owncloud/owncloud.go:648 > error getting owner error="rpc error: code = Unimplemented desc = unknown service cs3.identity.user.v1beta1.UserAPI" pid=23490 pkg=rgrpc traceid=24fedd76bb41d9adefccee523687b528
storage-oc.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:44282 pid=23490 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=1384728 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.provider.v1beta1.ProviderAPI/Stat user-agent=grpc-go/1.26.0
storage-oc.log:2:55PM INF home/vincent/Private/Work/workspace/reva/internal/grpc/interceptors/log/log.go:69 > unary code=OK end="06/Aug/2020:14:55:26 +0200" from=tcp://127.0.0.1:44282 pid=23490 pkg=rgrpc start="06/Aug/2020:14:55:26 +0200" time_ns=1480487 traceid=24fedd76bb41d9adefccee523687b528 uri=/cs3.storage.provider.v1beta1.ProviderAPI/ListFileVersions user-agent=grpc-go/1.26.0

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

so even though the user provider (users service?) is running, it doesn't find its endpoint

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

it looks like the client service is being resolved, endpoint being localhost:19000 but then the returned instance fails when calling GetUser on it.

also strange is that the IDP of Brian is "localhost:18000", unless that's the higher level service

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

on the other hand I'm wondering whether having to do that user lookup is really what we want and maybe for Brian the code shouldn't reach the part that does the lookup at all.

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

no, it looks correct. We're logged in as "Brian" since we're querying the versions, but we want to getUser() on Alice, and that user is not in the context since it's a different one. So looking that user up looks legit.

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

Maybe going straight to the pool for querying that user provider isn't the correct way. Maybe we should go through the gateway instead ?

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

So this is another setting we're missing: https://github.com/owncloud/ocis-reva/pull/420/files#diff-6e8d2a450c60708713085d20c0ce273eR342

I've pushed it to my PR: #1052

@PVince81
Copy link
Contributor

PVince81 commented Aug 6, 2020

closing in favor of #1052 which contains further iterations and fixes

@PVince81 PVince81 closed this Aug 6, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@labkode labkode Awaiting requested review from labkode labkode is a code owner

@refs refs Awaiting requested review from refs

Assignees

@butonic butonic

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@butonic @labkode @PVince81 @individual-it