web OCM. user cannot delete accepted user

precondition:

run two ocis instances ocis-server and federation-ocis-server see here https://owncloud.dev/ocis/development/testing/#running-test-suite-with-federated-sharing-ocm

Steps: And "Alice" has generated invitation And using server "REMOTE" And "Brian" has accepted invitation And using server "LOCAL" When "Alice" deletes accepted user "Brian" Then the HTTP status code should be "204"

Actual:

https://github.com/owncloud/web/assets/84779829/ff0217c3-30c3-42bc-a46f-e08e59a9408c

Expected: I guess web uses wrong DELETE sciencemesh/delete-accepted-user request. should be like DELETE sciencemesh/delete-accepted-user/user-uuid but it doesn't work-> I get 404 error with log:

2024-07-08T11:30:09+02:00 WRN http end="08/Jul/2024:11:30:09 +0200" host=127.0.0.1 line=/Users/scharfviktor/Work/ocis/vendor/github.com/cs3org/reva/v2/internal/http/interceptors/log/log.go:112 method=DELETE pkg=rhttp proto=HTTP/1.1 service=ocm size=19 start="08/Jul/2024:11:30:09 +0200" status=404 time_ns=83250 traceid=6a3800c9de492e66fbb41c96775d3761 uri=/sciencemesh/delete-accepted-user/7effd1e3-7446-4d23-9311-1eb8e8f5c96a url=/delete-accepted-user/7effd1e3-7446-4d23-9311-1eb8e8f5c96a
2024-07-08T11:30:09+02:00 INF access-log bytes=19 duration=63.588667 line=/Users/scharfviktor/Work/ocis/services/proxy/pkg/middleware/accesslog.go:34 method=DELETE path=/sciencemesh/delete-accepted-user/7effd1e3-7446-4d23-9311-1eb8e8f5c96a proto=HTTP/1.1 remote-addr=127.0.0.1:58187 request-id=vscharf/QqQOxX23Rk-002517 service=proxy status=404 traceid=6fe6932c5aa6029b7fbda0b13bdc685b
2024/07/08 11:30:14 http: TLS handshake error from 127.0.0.1:60588: remote error: tls: unknown certificate
2024-07-08T11:30:14+02:00 ERR IdentifierIdentityManager: fetch failed to get user from userID error="ldap identifier backend get user error: user does not exist or too many entries returned" line=/Users/scharfviktor/Work/ocis/ocis-pkg/log/logrus_wrapper.go:50 service=idp

Jul 08 '24 09:07 ScharfViktor

@kulmann is that an issue of the sciencemesh app?

Jul 09 '24 05:07 micbar

The web ui does not send any payload, so the server cannot identify which user to delete.

curl 'https://cloud.owncloud.test/sciencemesh/delete-accepted-user' -X DELETE -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0' -H 'Accept: application/json, text/plain, */*' -H 'Accept-Language: en' -H 'Accept-Encoding: gzip, deflate, br, zstd' -H 'Referer: https://cloud.owncloud.test/open-cloud-mesh/invitations' -H 'Authorization: Bearer token' -H 'X-Requested-With: XMLHttpRequest' -H 'X-Request-ID: 806d5b2e-ae8c-4b67-9d9f-c6e2629e5d02' -H 'Initiator-ID: 02757962-3275-4ab4-8c90-371beeae17b7' -H 'Origin: https://cloud.owncloud.test' -H 'Connection: keep-alive' -H 'Sec-Fetch-Dest: empty' -H 'Sec-Fetch-Mode: cors' -H 'Sec-Fetch-Site: same-origin' -H 'Priority: u=0' -H 'Pragma: no-cache' -H 'Cache-Control: no-cache' -H 'TE: trailers'

no payload

Aug 29 '24 14:08 butonic

no payload

could you provide some example how should look request? then I can add api test for that

Sep 09 '24 14:09 ScharfViktor

@rhafer and me tried to use it curl -X DELETE "https://federation-ocis-server:10200/sciencemesh/delete-accepted-user?idp=ocis-server:9200&user_id=f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c" -uadmin:admin -vk

but it doen't work. we got 200 but federated connection still exist

Sep 24 '24 14:09 ScharfViktor

curl -X DELETE "https://federation-ocis-server:10200/sciencemesh/delete-accepted-user?idp=ocis-server:9200&user_id=f7fbf8c8-139b-4376-b307-cf0a8c2d0d9c" -uadmin:admin -vk

This one just didn't work because we were using the wrong userid. The federated users userids look slightlyg diffferent since https://github.com/cs3org/reva/commit/3e6ce6954609265e549e5821f7f136df8dc0fc04. Using the correct ids (those returned by sciencemesh/find-accepted-users) the delete requests works just fine.

So the remaining issue is basically a bug in web. It is sending a DELETE request with an empty body.

To delete a federated user you can either use a json BODY like this:

curl -X DELETE "https://ocis-federation.owncloud.test/sciencemesh/delete-accepted-user" \
   -uadmin:admin -vk -H "Content-Type: application/json" \ 
   --data '{"idp":"ocis.owncloud.test", "user_id":"MWRhZTRkMTctMzU5Yy00NmNhLWE2ZTUtMGIxOTQ4YmY1ZGJkQG9jaXMub3duY2xvdWQudGVzdA=="}'

Or form-urlencoded parameters as in @ScharfViktor example above.

I am transferring this issue to web, since the ocis side seems to work AFAICS.

Sep 30 '24 16:09 rhafer

curl -X DELETE "https://ocis-federation.owncloud.test/sciencemesh/delete-accepted-user" \
   -uadmin:admin -vk -H "Content-Type: application/json" \ 
   --data '{"idp":"ocis.owncloud.test", "user_id":"MWRhZTRkMTctMzU5Yy00NmNhLWE2ZTUtMGIxOTQ4YmY1ZGJkQG9jaXMub3duY2xvdWQudGVzdA=="}'

can confirm that it works

one more question: Should the federated connection be dropped when one of the users delete conection?

Case:

marie_server_1 generate invitation and marie_server_2 accepts invitation - result both users have federated conection and can share between
marie_server_1 deletes federated connection with marie_server_2

Actual: marie_server_1 cannot longer find and share to marie_server_2 - correct but marie_server_2 find and share to marie_server_1

if marie_server_1 has share before deleting connection -> she gets server crash after deleting connection like in https://github.com/owncloud/ocis/issues/10213

Oct 02 '24 08:10 ScharfViktor