Hi Marcus, Sorry if this has already been discussed offline.
I had come across this problem when I was doing the POC with NextCloud. One workaround would be to completely disable file sharing from the NextCloud so that users are restricted to share the files through Airavata. The file sharing can be disabled as shown here https://docs.nextcloud.com/server/14/admin_manual/configuration_files/file_sharing_configuration.html. It would be great if we can implement a way to communicate NextCloud file sharing to Airavata in the future. However, this workaround can be followed till then. On Fri, Aug 3, 2018 at 1:44 PM Christie, Marcus Aaron <[email protected]> wrote: > Hi Dimuthu, > > This looks really good. One question, what does NextCloud use groups for? > Is it just a way to share things with a group of users? One thought I had > is if a user shares a file with another user in NextCloud, we’ll want that > to be communicated to Airavata too, I think, otherwise only NextCloud knows > about the sharing. > > Thanks, > > Marcus > > On Jul 22, 2018, at 2:02 PM, DImuthu Upeksha <[email protected]> > wrote: > > Hi All, > > Through this mail I'm planning to provide an update about the work we have > done so far in Airavata NextCloud integration > > We have been considering to provide the facility to integrate NextCloud as > a user storage mechanism for Airavata and there is an on going GSoC project > (Karan is the student assigned to it) which is directly assigned for that. > Even though NextCloud's WebDAV API was fairly straight forward to integrate > with Airavata for file transfer operations, user authentication and > authorization was bit tricky. > > Airavata has a user base backed by Keycloak and Nextcloud has it's own > database backed user base. So the challenge was how to integrate Airavata > users and authorization model into NextCloud without changing NextCloud > code. > > The rescue was NextCloud's app interface [1]. We can write third-party > apps into NextCloud and deploy them directly into it. Airavata NextCloud > app [2] utilizes backend user APIs of NextCloud and registers Airavata user > stores as an alternative user store into NextCloud. Once the App is > installed into NextCloud, authentication request are directed to our user > backend implementation [3] enabling us to talk to Keycloak and verify the > authenticity of the user. For the authorization, there is a Group backend > implementation [4] and it is supposed to handle groups for each user but we > might have to wait until current group based auth changes are deployed in > Develop environment. For the instance, I added mock groups to compete the > features of the app. > > @Karan > I believe now you have an idea of how to proceed with the rest of your > project. It would be great if you can implement the rest of the methods in > group backend [4] by looking at the group-based-auth branch of Airavata. > Please let me know if you come up with any issue > > [1] > https://docs.nextcloud.com/server/12/developer_manual/app/startapp.html > [2] https://github.com/DImuthuUpe/airavata-nextcloud-app > [3] > https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/UserBackend.php > [4] > https://github.com/DImuthuUpe/airavata-nextcloud-app/blob/master/lib/Backends/GroupBackend.php > > Thanks > Dimuthu > > > -- *Regards,Sachin Kariyattin*
