Paths

Table of Contentst

Differential D5859

Kolabfiles: Implement proper authentication, fix bunch of errors
ClosedPublic
Actions

Authored by machniak on Mon, Mar 9, 12:16 PM.

Project Tags

None

Referenced Files

None

Subscribers

Chwala Developers

Details

Reviewers

Group Reviewers

Chwala Developers

Commits

rC64169cbdea28: Kolabfiles: Implement proper authentication, fix bunch of errors

Summary

Implement proper authentication
Fix bunch of errors (e.g. plain file editing)
skip shared files/folders for now
Use Smarty v5

Diff Detail

Repository

Branch

dev/kolabfiles-sharing

Lint

Lint Skipped

Unit

No Test Coverage

Build Status

Buildable 56979
Build 20076: arc lint + arc unit

Event Timeline

machniak requested review of this revision.Mon, Mar 9, 12:16 PM

machniak created this revision.

Harbormaster completed remote builds in B56979: Diff 16731.Mon, Mar 9, 12:16 PM

mollekopf subscribed.Tue, Mar 10, 10:37 AM

mollekopf added inline comments.

lib/drivers/kolabfiles/kolabfiles_file_storage.php
183	I'm not sure what this solves atm, we still store username and password in the session and the credentials are used to access the api, this now just creates a separate access token?

machniak planned changes to this revision.Tue, Mar 10, 11:19 AM

machniak added inline comments.

lib/drivers/kolabfiles/kolabfiles_file_storage.php
183	Well, while working on health checker I found out that the Chwala authentication request was always successful even with an invalid password. So, this is fixing that. Indeed, with SSO we have the token, but in other cases we have the user password. Instead of auth/login we could attempt another API end-point to validate if it works, and only call auth/login if it doesn't, I suppose.

mollekopf added inline comments.Tue, Mar 10, 11:30 AM

lib/drivers/kolabfiles/kolabfiles_file_storage.php
183	So perhaps we can detect then if we already have the token? I think it's just important to make clear what we're using in which cases, atm. it seems a bit unclear when looking at the code (looking at this diff, I wouldn't expect that api requests still work after reverting the changes here). Maybe it just requires a comment or two.

Document authentication, use fast mode

Harbormaster completed remote builds in B57048: Diff 16734.Tue, Mar 10, 2:58 PM

machniak added inline comments.Tue, Mar 10, 3:01 PM

lib/drivers/kolabfiles/kolabfiles_file_storage.php
183	Actually I was wrong. We're not using access token here, we're using the one-time password. And we can't use it as an API token, so we have to call `api/auth/login`. I added a comment, and enabled fast mode as a performance improvement.

mollekopf accepted this revision.Wed, Mar 11, 8:48 AM

This revision is now accepted and ready to land.Wed, Mar 11, 8:48 AM

Closed by commit rC64169cbdea28: Kolabfiles: Implement proper authentication, fix bunch of errors. · Explain WhyMon, Mar 16, 8:24 AM

This revision was automatically updated to reflect the committed changes.

machniak added a commit: rC64169cbdea28: Kolabfiles: Implement proper authentication, fix bunch of errors.

Revision Contents
Changeset List

Path

Size

composer.json-dist

lines

lib/

api/

lines

drivers/

kolab/

kolab_file_storage.php

lines

kolabfiles/

kolabfiles_file_storage.php

lines

lines

file_api_core.php

lines

lines

file_ui_output.php

lines

Diff 16731

composer.json-dist

Loading...

lib/api/document.php

Loading...

lib/drivers/kolab/kolab_file_storage.php

Loading...

lib/drivers/kolabfiles/kolabfiles_file_storage.php

Loading...

lib/file_api.php

Loading...

lib/file_api_core.php

Loading...

lib/file_ui.php

Loading...

lib/file_ui_output.php

Loading...