Resource user mention notifications

.gitignore

@@ -65,4 +65,10 @@ go.work.sum
 .DS_Store
 
 # example deployments
-**/opencloud-sandbox-*
+**/opencloud-sandbox-*
+
+# web apps
+!./services/web/assets/
+!./services/web/assets/apps/
+!./services/web/assets/apps/collaboration-settings
+!./services/web/assets/apps/collaboration-settings/**

pkg/events/events.go

@@ -0,0 +1,22 @@
+package events
+
+import (
+	"encoding/json"
+	"time"
+
+	user "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
+)
+
+type ResourceMention struct {
+	Executant *user.UserId
+	UserIDs   []*user.UserId
+	Ref       *provider.Reference
+	Timestamp time.Time
+}
+
+func (ResourceMention) Unmarshal(v []byte) (interface{}, error) {
+	e := ResourceMention{}
+	err := json.Unmarshal(v, &e)
+	return e, err
+}

services/collaboration/pkg/collaboration/collaboration.go

@@ -0,0 +1,40 @@
+package collaboration
+
+import (
+	"context"
+	"fmt"
+
+	gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
+	userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
+	permissionsapi "github.com/cs3org/go-cs3apis/cs3/permissions/v1beta1"
+	rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
+	revactx "github.com/opencloud-eu/reva/v2/pkg/ctx"
+)
+
+type Permission string
+
+const (
+	PermissionCollaborationManageFonts         Permission = "Collaboration.Fonts.Manage"
+	PermissionCollaborationPublishNotification Permission = "Collaboration.Notification.Publish"
+)
+
+func CheckPermissions(gatewayClient gateway.GatewayAPIClient, ctx context.Context, permission Permission) (*userpb.User, bool, error) {
+	user, ok := revactx.ContextGetUser(ctx)
+	if !ok {
+		return nil, false, fmt.Errorf("could not get user from context")
+	}
+
+	rsp, err := gatewayClient.CheckPermission(ctx, &permissionsapi.CheckPermissionRequest{
+		Permission: string(permission),
+		SubjectRef: &permissionsapi.SubjectReference{
+			Spec: &permissionsapi.SubjectReference_UserId{
+				UserId: user.GetId(),
+			},
+		},
+	})
+	if err != nil {
+		return user, false, fmt.Errorf("could not check permissions: %w", err)
+	}
+
+	return user, rsp.GetStatus().GetCode() == rpc.Code_CODE_OK, nil
+}

services/collaboration/pkg/command/server.go

@@ -4,27 +4,35 @@ import (
 	"context"
 	"fmt"
 	"net"
+	"net/url"
 	"os/signal"
 	"time"
 
+	"github.com/opencloud-eu/reva/v2/pkg/events/stream"
+	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
+	"github.com/opencloud-eu/reva/v2/pkg/store"
+	"github.com/spf13/afero"
+
+	"github.com/spf13/cobra"
+	"go-micro.dev/v4/selector"
+	microstore "go-micro.dev/v4/store"
+
 	"github.com/opencloud-eu/opencloud/pkg/config/configlog"
+	"github.com/opencloud-eu/opencloud/pkg/generators"
 	"github.com/opencloud-eu/opencloud/pkg/log"
 	"github.com/opencloud-eu/opencloud/pkg/registry"
 	"github.com/opencloud-eu/opencloud/pkg/runner"
 	"github.com/opencloud-eu/opencloud/pkg/tracing"
+	"github.com/opencloud-eu/opencloud/pkg/x/io/fsx"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/config"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/config/parser"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/connector"
+	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/font"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/helpers"
+	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/notification"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/server/debug"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/server/grpc"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/server/http"
-	"github.com/opencloud-eu/reva/v2/pkg/rgrpc/todo/pool"
-	"github.com/opencloud-eu/reva/v2/pkg/store"
-
-	"github.com/spf13/cobra"
-	"go-micro.dev/v4/selector"
-	microstore "go-micro.dev/v4/store"
 )
 
 // Server is the entrypoint for the server command.
@@ -137,6 +145,53 @@ func Server(cfg *config.Config) *cobra.Command {
 			}
 			gr.Add(runner.NewGolangHttpServerRunner(cfg.Service.Name+".debug", debugServer))
 
+			var fontService font.Service
+			{
+				fontFS := afero.NewBasePathFs(fsx.NewOsFs(), cfg.Font.AssetPath)
+				if err := fontFS.MkdirAll("/", 0o755); err != nil {
+					logger.Error().Err(err).Msg("Failed to initialize the fonts directory")
+					return err
+				}
+
+				fontServiceRootURI, err := url.JoinPath(cfg.Commons.OpenCloudURL, "/collaboration/fonts")
+				if err := fontFS.MkdirAll("/", 0o755); err != nil {
+					logger.Error().Err(err).Msg("Failed to build font service root uri")
+					return err
+				}
+
+				service, err := font.NewService(
+					font.ServiceOptions{}.
+						WithFontFS(fontFS).
+						WithRootURI(fontServiceRootURI).
+						WithGatewaySelector(gatewaySelector).
+						WithLogger(logger).
+						WithPreviewText(cfg.Font.PreviewText),
+				)
+				if err != nil {
+					return err
+				}
+
+				fontService = service
+			}
+
+			var notificationService notification.Service
+			{
+				connName := generators.GenerateConnectionName(cfg.Service.Name, generators.NTypeBus)
+				natsStream, err := stream.NatsFromConfig(connName, true, stream.NatsConfig(cfg.Events))
+				if err != nil {
+					return err
+				}
+				service, err := notification.NewService(
+					notification.ServiceOptions{}.
+						WithLogger(logger).
+						WithGatewaySelector(gatewaySelector).
+						WithEventPublisher(natsStream).
+						WithMachineAuthAPIKey(cfg.MachineAuthAPIKey),
+				)
+
+				notificationService = service
+			}
+
 			// start HTTP server
 			httpServer, err := http.Server(
 				http.Adapter(connector.NewHttpAdapter(gatewaySelector, cfg, st, selector.NewSelector(selector.Registry(registry.GetRegistry())))),
@@ -145,6 +200,8 @@ func Server(cfg *config.Config) *cobra.Command {
 				http.Context(ctx),
 				http.TracerProvider(traceProvider),
 				http.Store(st),
+				http.FontService(fontService),
+				http.NotificationService(notificationService),
 			)
 			if err != nil {
 				logger.Info().Err(err).Str("transport", "http").Msg("Failed to initialize server")

services/collaboration/pkg/config/config.go

@@ -12,7 +12,9 @@ type Config struct {
 
 	Service Service `yaml:"-"`
 	App     App     `yaml:"app"`
+	Font    Font    `yaml:"font"`
 	Store   Store   `yaml:"store"`
+	Events  Events  `yaml:"events"`
 
 	TokenManager *TokenManager `yaml:"token_manager"`
 
@@ -26,4 +28,6 @@ type Config struct {
 	Debug    Debug  `yaml:"debug"`
 
 	Context context.Context `yaml:"-"`
+
+	MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OC_MACHINE_AUTH_API_KEY;COLLABORATION_MACHINE_AUTH_API_KEY" desc:"The machine auth API key used to validate internal requests necessary to access resources from other services." introductionVersion:"%%NEXT%%"`
 }

services/collaboration/pkg/config/defaults/defaultconfig.go

@@ -1,8 +1,10 @@
 package defaults
 
 import (
+	"path/filepath"
 	"time"
 
+	"github.com/opencloud-eu/opencloud/pkg/config/defaults"
 	"github.com/opencloud-eu/opencloud/pkg/shared"
 	"github.com/opencloud-eu/opencloud/pkg/structs"
 	"github.com/opencloud-eu/opencloud/services/collaboration/pkg/config"
@@ -33,6 +35,14 @@ func DefaultConfig() *config.Config {
 				Duration: "12h",
 			},
 		},
+		Font: config.Font{
+			AssetPath:   filepath.Join(defaults.BaseDataPath(), "collaboration/fonts"),
+			PreviewText: "OpenCloud",
+		},
+		Events: config.Events{
+			Endpoint: "127.0.0.1:9233",
+			Cluster:  "opencloud-cluster",
+		},
 		Store: config.Store{
 			Store:    "nats-js-kv",
 			Nodes:    []string{"127.0.0.1:9233"},
@@ -86,6 +96,10 @@ func EnsureDefaults(cfg *config.Config) {
 	if cfg.CS3Api.GRPCClientTLS == nil && cfg.Commons != nil {
 		cfg.CS3Api.GRPCClientTLS = structs.CopyOrZeroValue(cfg.Commons.GRPCClientTLS)
 	}
+
+	if cfg.MachineAuthAPIKey == "" && cfg.Commons != nil && cfg.Commons.MachineAuthAPIKey != "" {
+		cfg.MachineAuthAPIKey = cfg.Commons.MachineAuthAPIKey
+	}
 }
 
 // Sanitize sanitized the configuration

services/collaboration/pkg/config/event.go

@@ -0,0 +1,12 @@
+package config
+
+// Events combines the configuration options for the event bus.
+type Events struct {
+	Endpoint             string `yaml:"endpoint" env:"OC_EVENTS_ENDPOINT;COLLABORATION_EVENTS_ENDPOINT" desc:"The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture." introductionVersion:"%%NEXT%%"`
+	Cluster              string `yaml:"cluster" env:"OC_EVENTS_CLUSTER;COLLABORATION_EVENTS_CLUSTER" desc:"The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system." introductionVersion:"%%NEXT%%"`
+	TLSInsecure          bool   `yaml:"tls_insecure" env:"OC_INSECURE;OC_EVENTS_TLS_INSECURE;COLLABORATION_EVENTS_TLS_INSECURE" desc:"Whether to verify the server TLS certificates." introductionVersion:"%%NEXT%%"`
+	TLSRootCACertificate string `yaml:"tls_root_ca_certificate" env:"OC_EVENTS_TLS_ROOT_CA_CERTIFICATE;COLLABORATION_EVENTS_TLS_ROOT_CA_CERTIFICATE" desc:"The root CA certificate used to validate the server's TLS certificate. If provided COLLABORATION_EVENTS_TLS_INSECURE will be seen as false." introductionVersion:"%%NEXT%%"`
+	EnableTLS            bool   `yaml:"enable_tls" env:"OC_EVENTS_ENABLE_TLS;COLLABORATION_EVENTS_ENABLE_TLS" desc:"Enable TLS for the connection to the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"%%NEXT%%"`
+	AuthUsername         string `yaml:"username" env:"OC_EVENTS_AUTH_USERNAME;COLLABORATION_EVENTS_AUTH_USERNAME" desc:"The username to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"%%NEXT%%"`
+	AuthPassword         string `yaml:"password" env:"OC_EVENTS_AUTH_PASSWORD;COLLABORATION_EVENTS_AUTH_PASSWORD" desc:"The password to authenticate with the events broker. The events broker is the OpenCloud service which receives and delivers events between the services." introductionVersion:"%%NEXT%%"`
+}

services/collaboration/pkg/config/font.go

@@ -0,0 +1,6 @@
+package config
+
+type Font struct {
+	AssetPath   string `yaml:"asset_path" env:"COLLABORATION_FONT_ASSET_PATH" desc:"Serve fonts from a path on the filesystem instead of the builtin assets. If not defined, the root directory derives from $OC_BASE_DATA_PATH/web/assets/fonts" introductionVersion:"%%NEXT%%"`
+	PreviewText string `yaml:"preview_text" env:"COLLABORATION_ASSET_APPS_PATH" desc:"The text that will be displayed in the font preview." introductionVersion:"%%NEXT%%"`
+}