From e160df9cb5424b26faa6d42a006cafeb3ca50038 Mon Sep 17 00:00:00 2001
From: jkoberg <jkoberg@owncloud.com>
Date: Mon, 13 Nov 2023 14:53:35 +0100
Subject: [PATCH] use permission pkg to store the strings

Signed-off-by: jkoberg <jkoberg@owncloud.com>
---
 internal/http/services/owncloud/ocdav/proppatch.go         | 5 +++--
 internal/http/services/owncloud/ocdav/report.go            | 3 ++-
 .../owncloud/ocs/handlers/apps/sharing/shares/public.go    | 7 ++++---
 .../owncloud/ocs/handlers/apps/sharing/shares/shares.go    | 5 +++--
 .../owncloud/ocs/handlers/apps/sharing/shares/user.go      | 3 ++-
 pkg/permission/permission.go                               | 2 ++
 6 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/internal/http/services/owncloud/ocdav/proppatch.go b/internal/http/services/owncloud/ocdav/proppatch.go
index d36aebd518..9c920c170b 100644
--- a/internal/http/services/owncloud/ocdav/proppatch.go
+++ b/internal/http/services/owncloud/ocdav/proppatch.go
@@ -38,6 +38,7 @@ import (
 	"github.com/cs3org/reva/v2/pkg/appctx"
 	ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"
 	"github.com/cs3org/reva/v2/pkg/errtypes"
+	"github.com/cs3org/reva/v2/pkg/permission"
 	rstatus "github.com/cs3org/reva/v2/pkg/rgrpc/status"
 	"github.com/cs3org/reva/v2/pkg/utils"
 	"github.com/rs/zerolog"
@@ -218,7 +219,7 @@ func (s *svc) handleProppatch(ctx context.Context, w http.ResponseWriter, r *htt
 						return nil, nil, false
 					}
 					currentUser := ctxpkg.ContextMustGetUser(ctx)
-					ok, err := utils.CheckPermission(ctx, "Favorites.Write", client)
+					ok, err := utils.CheckPermission(ctx, permission.WriteFavorites, client)
 					if err != nil {
 						log.Error().Err(err).Msg("error checking permission")
 						w.WriteHeader(http.StatusInternalServerError)
@@ -287,7 +288,7 @@ func (s *svc) handleProppatch(ctx context.Context, w http.ResponseWriter, r *htt
 						return nil, nil, false
 					}
 					currentUser := ctxpkg.ContextMustGetUser(ctx)
-					ok, err := utils.CheckPermission(ctx, "Favorites.Write", client)
+					ok, err := utils.CheckPermission(ctx, permission.WriteFavorites, client)
 					if err != nil {
 						log.Error().Err(err).Msg("error checking permission")
 						w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocdav/report.go b/internal/http/services/owncloud/ocdav/report.go
index aaeaef7f07..1eeaa20661 100644
--- a/internal/http/services/owncloud/ocdav/report.go
+++ b/internal/http/services/owncloud/ocdav/report.go
@@ -30,6 +30,7 @@ import (
 	"github.com/cs3org/reva/v2/internal/http/services/owncloud/ocdav/propfind"
 	"github.com/cs3org/reva/v2/pkg/appctx"
 	ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"
+	"github.com/cs3org/reva/v2/pkg/permission"
 	"github.com/cs3org/reva/v2/pkg/utils"
 )
 
@@ -81,7 +82,7 @@ func (s *svc) doFilterFiles(w http.ResponseWriter, r *http.Request, ff *reportFi
 			return
 		}
 		currentUser := ctxpkg.ContextMustGetUser(ctx)
-		ok, err := utils.CheckPermission(ctx, "Favorites.List", client)
+		ok, err := utils.CheckPermission(ctx, permission.ListFavorites, client)
 		if err != nil {
 			log.Error().Err(err).Msg("error checking permission")
 			w.WriteHeader(http.StatusInternalServerError)
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go
index cc0a9f6476..051783b541 100644
--- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go
+++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/public.go
@@ -31,6 +31,7 @@ import (
 	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
 	types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
 	"github.com/cs3org/reva/v2/pkg/conversions"
+	"github.com/cs3org/reva/v2/pkg/permission"
 	"github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool"
 	"github.com/cs3org/reva/v2/pkg/utils"
 	"github.com/huandu/xstrings"
@@ -69,7 +70,7 @@ func (h *Handler) createPublicLinkShare(w http.ResponseWriter, r *http.Request,
 
 	// NOTE: one is allowed to create an internal link without the `Publink.Write` permission
 	if permKey != nil && *permKey != 0 {
-		ok, err := utils.CheckPermission(ctx, "PublicLink.Write", c)
+		ok, err := utils.CheckPermission(ctx, permission.WritePublicLink, c)
 		if err != nil {
 			return nil, &ocsError{
 				Code:    response.MetaServerError.StatusCode,
@@ -326,7 +327,7 @@ func (h *Handler) updatePublicShare(w http.ResponseWriter, r *http.Request, shar
 
 	// NOTE: you are allowed to update a link TO a public link without the `PublicLink.Write` permission if you created it yourself
 	if (permKey != nil && *permKey != 0) || !createdByUser {
-		ok, err := utils.CheckPermission(ctx, "PublicLink.Write", gwC)
+		ok, err := utils.CheckPermission(ctx, permission.WritePublicLink, gwC)
 		if err != nil {
 			response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "failed to check user permission", err)
 			return
@@ -693,7 +694,7 @@ func (h *Handler) checkPasswordEnforcement(ctx context.Context, user *userv1beta
 		response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "could not check permission", err)
 		return errors.New("could not check permission")
 	}
-	ok, err := utils.CheckPermission(ctx, "ReadOnlyPublicLinkPassword.Delete", gwC)
+	ok, err := utils.CheckPermission(ctx, permission.DeleteReadOnlyPassword, gwC)
 	if err != nil {
 		response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "failed to check user permission", err)
 		return errors.New("failed to check user permission")
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
index b03ab761c0..1ec428fce0 100644
--- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
+++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/shares.go
@@ -42,6 +42,7 @@ import (
 	types "github.com/cs3org/go-cs3apis/cs3/types/v1beta1"
 	"github.com/cs3org/reva/v2/pkg/conversions"
 	"github.com/cs3org/reva/v2/pkg/password"
+	"github.com/cs3org/reva/v2/pkg/permission"
 	"github.com/go-chi/chi/v5"
 	"github.com/rs/zerolog"
 	"google.golang.org/grpc/metadata"
@@ -233,7 +234,7 @@ func (h *Handler) CreateShare(w http.ResponseWriter, r *http.Request) {
 	}
 	sublog := appctx.GetLogger(ctx).With().Interface("ref", ref).Logger()
 
-	ok, err := utils.CheckPermission(ctx, "Shares.Write", client)
+	ok, err := utils.CheckPermission(ctx, permission.WriteShare, client)
 	if err != nil {
 		sublog.Error().Err(err).Msg("error checking user permissions")
 		response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "error checking user permissions", err)
@@ -737,7 +738,7 @@ func (h *Handler) updateShare(w http.ResponseWriter, r *http.Request, share *col
 		return
 	}
 
-	ok, err := utils.CheckPermission(ctx, "Shares.Write", client)
+	ok, err := utils.CheckPermission(ctx, permission.WriteShare, client)
 	if err != nil {
 		sublog.Error().Err(err).Msg("error checking user permissions")
 		response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "error checking user permissions", err)
diff --git a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go
index 16b834e531..d67d0f2d2e 100644
--- a/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go
+++ b/internal/http/services/owncloud/ocs/handlers/apps/sharing/shares/user.go
@@ -32,6 +32,7 @@ import (
 	"github.com/cs3org/reva/v2/pkg/appctx"
 	"github.com/cs3org/reva/v2/pkg/conversions"
 	ctxpkg "github.com/cs3org/reva/v2/pkg/ctx"
+	"github.com/cs3org/reva/v2/pkg/permission"
 	"github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool"
 	"github.com/cs3org/reva/v2/pkg/utils"
 )
@@ -164,7 +165,7 @@ func (h *Handler) removeUserShare(w http.ResponseWriter, r *http.Request, share
 	}
 
 	// TODO: should we use Share.Delete here?
-	ok, err := utils.CheckPermission(ctx, "Shares.Write", uClient)
+	ok, err := utils.CheckPermission(ctx, permission.WriteShare, uClient)
 	if err != nil {
 		response.WriteOCSError(w, r, response.MetaServerError.StatusCode, "error checking user permissions", err)
 		return
diff --git a/pkg/permission/permission.go b/pkg/permission/permission.go
index 6248032809..fb82add443 100644
--- a/pkg/permission/permission.go
+++ b/pkg/permission/permission.go
@@ -35,6 +35,8 @@ const (
 	ListFavorites string = "Favorites.List"
 	// WriteFavorites is the hardcoded name for the Favorites.Write permission
 	WriteFavorites string = "Favorites.Write"
+	// DeleteReadOnlyPassword is the hardcoded name for the ReadOnlyPublicLinkPassword.Delete permission
+	DeleteReadOnlyPassword string = "ReadOnlyPublicLinkPassword.Delete"
 )
 
 // Manager defines the interface for the permission service driver