Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Anonymous user trying lock a file shared to them through a public link gives 405 #7790

Open
SwikritiT opened this issue Nov 23, 2023 · 0 comments
Open

Anonymous user trying lock a file shared to them through a public link gives 405 #7790

SwikritiT opened this issue Nov 23, 2023 · 0 comments
Labels
Type:Bug

Comments

@SwikritiT
Copy link
Contributor

SwikritiT commented Nov 23, 2023
edited
Loading

Describe the bug

When an anonymous user gets a file share through a public link with edit permission and they try to lock it, the server returns with 405

Steps to reproduce

  1. As user Einstein create a file test.txt
  2. Create a public link share of file test.txt with permission all
  3. As anonymous user try to lock the file
curl -upublic:#Passw0rd -XLOCK "https://localhost:9200/remote.php/dav/public-files/<public-link-token>/test.txt" -H "Content-Type: application/json" -d"<?xml version='1.0' encoding='UTF-8'?><d:lockinfo xmlns:d='DAV:'><d:lockscope><d:exclusive/></d:lockscope></d:lockinfo>" -vk

Expected behavior

The user should be able to lock the file as they have permission to do so.

Note: Locking a file inside a folder i.e Parent/test.txt works, if the link if folder parent is shared with all permission and anonymous user tries to lock test.txt the request is successful.

Actual behavior

The request return with 405

Setup

Please describe how you started the server and provide a list of relevant environment variables or configuration files.

OCIS_INSECURE=true
OCIS_ASYNC_UPLOADS=true
IDM_CREATE_DEMO_USERS=true
OCIS_LOG_LEVEL=debug
PROXY_ENABLE_BASIC_AUTH=true

Additional context

ocis commit id: 6ac5ac5

Server logs

{"level":"debug","service":"proxy","policy":"ocis","method":"LOCK","prefix":"/remote.php/","path":"/remote.php/dav/public-files/NZojVwhOznNqlvf/test.txt","routeType":"prefix","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/services/proxy/pkg/router/router.go:224","message":"rewrite hook found"}
{"level":"debug","service":"ocdav","name":"com.owncloud.web.ocdav","traceid":"00000000000000000000000000000000","request-id":"swikriti-OptiPlex-3070/j245Tt9pFN-000266","head":"remote.php","tail":"/dav/public-files/NZojVwhOznNqlvf/test.txt","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/ocdav.go:183","message":"http routing"}
{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:42222","uri":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":31285,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"storage-publiclink","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"gateway","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.gateway.v1beta1.GatewayAPI/GetPublicShareByToken","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"info","service":"gateway","pkg":"rgrpc","traceid":"00000000000000000000000000000000","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/services/gateway/publicshareprovider.go:72","message":"get public share by token"}
{"level":"debug","service":"sharing","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.sharing.link.v1beta1.LinkAPI/GetPublicShareByToken","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"sharing","pkg":"rgrpc","traceid":"00000000000000000000000000000000","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/services/publicshareprovider/publicshareprovider.go:196","message":"getting public share by token"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59468","uri":"/cs3.auth.registry.v1beta1.RegistryAPI/GetAuthProviders","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":25559,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.gateway.v1beta1.GatewayAPI/GetUserByClaim","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","method":"/cs3.identity.user.v1beta1.UserAPI/GetUserByClaim","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/auth/auth.go:122","message":"skipping auth"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59482","uri":"/cs3.identity.user.v1beta1.UserAPI/GetUserByClaim","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":24318,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59464","uri":"/cs3.gateway.v1beta1.GatewayAPI/GetUserByClaim","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":256188,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"info","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/services/authprovider/authprovider.go:141","message":"user idp:\"internal\" opaque_id:\"837bb2f0-d5b3-4139-ab66-1eb3c5a020c7\" type:USER_TYPE_PRIMARY  authenticated"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59472","uri":"/cs3.auth.provider.v1beta1.ProviderAPI/Authenticate","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":584326,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59464","uri":"/cs3.gateway.v1beta1.GatewayAPI/Authenticate","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":1121395,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"b669d946-2ae9-4226-a527-c34f81706150","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:990","message":"user is owner, returning owner permissions"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"jsoncs3-public-share-manager-metadata","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:990","message":"user is owner, returning owner permissions"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"b669d946-2ae9-4226-a527-c34f81706150","ri":{"opaque":{"map":{"adler32":{"decoder":"plain","value":"MmNjNTRhOGY="},"md5":{"decoder":"plain","value":"N2YzYjZhOTdiMDg3ZGI2YjJjZjQwZGQ3ZWMyZTViNDM="}}},"type":1,"id":{"opaque_id":"b669d946-2ae9-4226-a527-c34f81706150","space_id":"jsoncs3-public-share-manager-metadata"},"checksum":{"type":4,"sum":"685becad8b5a248e5af643cdf8eec647b7db1853"},"etag":"\"51b6afc1ab8a6db4c8ec58fe10a851bc\"","mime_type":"application/json","mtime":{"seconds":1700723555,"nanos":675279802},"path":"publicshares.json","permission_set":{"add_grant":true,"create_container":true,"delete":true,"get_path":true,"get_quota":true,"initiate_file_download":true,"initiate_file_upload":true,"list_grants":true,"list_container":true,"list_file_versions":true,"list_recycle":true,"move":true,"remove_grant":true,"purge_recycle":true,"restore_file_version":true,"restore_recycle_item":true,"stat":true,"update_grant":true,"deny_grant":true},"size":50589,"owner":{"idp":"internal","opaque_id":"837bb2f0-d5b3-4139-ab66-1eb3c5a020c7"},"arbitrary_metadata":{"metadata":{"http://owncloud.org/ns/favorite":""}},"parent_id":{"opaque_id":"jsoncs3-public-share-manager-metadata","space_id":"jsoncs3-public-share-manager-metadata"},"name":"publicshares.json"},"time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:806","message":"AsResourceInfo"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"b669d946-2ae9-4226-a527-c34f81706150","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:990","message":"user is owner, returning owner permissions"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"jsoncs3-public-share-manager-metadata","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:990","message":"user is owner, returning owner permissions"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","error":"node.Xattr /home/swikriti/.ocis/storage/metadata/spaces/js/oncs3-public-share-manager-metadata/nodes/js/on/cs/3-/public-share-manager-metadata user.ocis.quota: no data available","nodepath":"/home/swikriti/.ocis/storage/metadata/spaces/js/oncs3-public-share-manager-metadata/nodes/js/on/cs/3-/public-share-manager-metadata","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:870","message":"quota not set"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","node":"jsoncs3-public-share-manager-metadata","ri":{"opaque":{"map":{"share-types":{"decoder":"plain","value":"MQ=="}}},"type":2,"id":{"opaque_id":"jsoncs3-public-share-manager-metadata","space_id":"jsoncs3-public-share-manager-metadata"},"etag":"\"9820928858ecba776acd3f2acb23d475\"","mime_type":"httpd/unix-directory","mtime":{"seconds":1700712758,"nanos":691146574},"path":".","permission_set":{"add_grant":true,"create_container":true,"delete":true,"get_path":true,"get_quota":true,"initiate_file_download":true,"initiate_file_upload":true,"list_grants":true,"list_container":true,"list_file_versions":true,"list_recycle":true,"move":true,"remove_grant":true,"purge_recycle":true,"restore_file_version":true,"restore_recycle_item":true,"stat":true,"update_grant":true,"deny_grant":true},"owner":{"idp":"internal","opaque_id":"837bb2f0-d5b3-4139-ab66-1eb3c5a020c7"},"arbitrary_metadata":{},"parent_id":{"space_id":"jsoncs3-public-share-manager-metadata"},"name":"Metadata"},"time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/pkg/storage/utils/decomposedfs/node/node.go:806","message":"AsResourceInfo"}
{"level":"debug","service":"storage-system","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:59462","uri":"/cs3.storage.provider.v1beta1.ProviderAPI/Stat","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":442493,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
{"level":"debug","service":"sharing","pkg":"rgrpc","traceid":"00000000000000000000000000000000","user-agent":"grpc-go/1.59.0","from":"tcp://127.0.0.1:37986","uri":"/cs3.sharing.link.v1beta1.LinkAPI/GetPublicShareByToken","start":"23/Nov/2023:13:15:00 +0545","end":"23/Nov/2023:13:15:00 +0545","time_ns":117032422,"code":"OK","time":"2023-11-23T13:15:00+05:45","line":"/home/swikriti/www/ocis/vendor/github.com/cs3org/reva/v2/internal/grpc/interceptors/log/log.go:69","message":"unary"}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type:Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SwikritiT