From 15ef053c92547efae13cbb56132dd831afe44288 Mon Sep 17 00:00:00 2001
From: Willy Kloucek <wkloucek@owncloud.com>
Date: Fri, 14 Jan 2022 15:05:52 +0100
Subject: [PATCH] fix paths and check additional scopes

---
 internal/grpc/interceptors/auth/scope.go      | 19 +++++++++++++++++--
 .../http/services/appprovider/appprovider.go  |  1 +
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/internal/grpc/interceptors/auth/scope.go b/internal/grpc/interceptors/auth/scope.go
index 6a250c46a8..da7518fec5 100644
--- a/internal/grpc/interceptors/auth/scope.go
+++ b/internal/grpc/interceptors/auth/scope.go
@@ -164,6 +164,8 @@ func expandAndVerifyScope(ctx context.Context, req interface{}, tokenScope map[s
 				}
 			}
 		}
+	} else if _, ok := listStorageSpaces(req); ok {
+		return nil
 	}
 
 	return errtypes.PermissionDenied("access to resource not allowed within the assigned scope")
@@ -245,13 +247,13 @@ func extractRef(req interface{}, hasEditorRole bool) (*provider.Reference, bool)
 	case *provider.InitiateFileDownloadRequest:
 		return v.GetRef(), true
 	case *appprovider.OpenInAppRequest:
-		return &provider.Reference{ResourceId: v.ResourceInfo.Id}, true
+		return &provider.Reference{ResourceId: v.ResourceInfo.Id, Path: "."}, true
 	case *gateway.OpenInAppRequest:
 		return v.GetRef(), true
 
 		// App provider requests
 	case *appregistry.GetAppProvidersRequest:
-		return &provider.Reference{ResourceId: v.ResourceInfo.Id}, true
+		return &provider.Reference{ResourceId: v.ResourceInfo.Id, Path: "."}, true
 	}
 
 	if !hasEditorRole {
@@ -288,3 +290,16 @@ func extractShareRef(req interface{}) (*collaboration.ShareReference, bool) {
 	}
 	return nil, false
 }
+
+func listStorageSpaces(req interface{}) (*provider.ListStorageSpacesRequest, bool) {
+	switch req.(type) {
+	case *provider.ListStorageSpacesRequest:
+		// TODO: checks
+		return nil, true
+	case *registry.ListStorageProvidersRequest:
+		// TODO: checks
+		return nil, true
+	default:
+		return nil, false
+	}
+}
diff --git a/internal/http/services/appprovider/appprovider.go b/internal/http/services/appprovider/appprovider.go
index 92b30ba271..f0527abf64 100644
--- a/internal/http/services/appprovider/appprovider.go
+++ b/internal/http/services/appprovider/appprovider.go
@@ -349,6 +349,7 @@ func (s *svc) handleOpen(w http.ResponseWriter, r *http.Request) {
 
 	fileRef := &provider.Reference{
 		ResourceId: resourceID,
+		Path:       ".",
 	}
 
 	statRes, err := client.Stat(ctx, &provider.StatRequest{Ref: fileRef})