Skip to content

Commit

Permalink
Add separate option to configure tls mode for permissions client
Browse files Browse the repository at this point in the history 
This is a (temporary) workaround for allowing to separately configure the
tls mode for the permissions client used by the decomposedfs storage. This
is needed for being able to use the ocis settings service as the permission
service untils ocis' go-micro based services are adapted for providing TLS
as well.
  • Loading branch information
@rhafer
rhafer committed Oct 19, 2022
1 parent 047bb31 commit df0a189
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 2 deletions.
2 changes: 1 addition & 1 deletion pkg/storage/utils/decomposedfs/decomposedfs.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,7 +115,7 @@ func NewDefault(m map[string]interface{}, bs tree.Blobstore) (storage.FS, error)

tp := tree.New(o.Root, o.TreeTimeAccounting, o.TreeSizeAccounting, lu, bs)

permissionsClient, err := pool.GetPermissionsClient(o.PermissionsSVC)
permissionsClient, err := pool.GetPermissionsClient(o.PermissionsSVC, pool.WithTLSMode(o.PermTLSMode))
if err != nil {
return nil, err
}
Expand Down
21 changes: 20 additions & 1 deletion pkg/storage/utils/decomposedfs/options/options.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@ import (
"path/filepath"
"strings"

"github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool"
"github.com/cs3org/reva/v2/pkg/sharedconf"
"github.com/mitchellh/mapstructure"
"github.com/pkg/errors"
)
Expand All @@ -47,7 +49,9 @@ type Options struct {
TreeSizeAccounting bool `mapstructure:"treesize_accounting"`

// permissions service to use when checking permissions
PermissionsSVC string `mapstructure:"permissionssvc"`
PermissionsSVC string `mapstructure:"permissionssvc"`
PermissionsClientTLSMode string `mapstructure:"permissionssvc_tls_mode"`
PermTLSMode pool.TLSMode

PersonalSpaceAliasTemplate string `mapstructure:"personalspacealias_template"`
GeneralSpaceAliasTemplate string `mapstructure:"generalspacealias_template"`
Expand Down Expand Up @@ -84,5 +88,20 @@ func New(m map[string]interface{}) (*Options, error) {
o.GeneralSpaceAliasTemplate = "{{.SpaceType}}/{{.SpaceName | replace \" \" \"-\" | lower}}"
}

if o.PermissionsClientTLSMode != "" {
var err error
o.PermTLSMode, err = pool.StringToTLSMode(o.PermissionsClientTLSMode)
if err != nil {
return nil, err
}
} else {
sharedOpt := sharedconf.GRPCClientOptions()
var err error

if o.PermTLSMode, err = pool.StringToTLSMode(sharedOpt.TLSMode); err != nil {
return nil, err
}
}

return o, nil
}

0 comments on commit df0a189

Please sign in to comment.