Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

drive: permission invites get re-sent on occasion #497

Closed
bobheadxi opened this issue Sep 25, 2020 · 7 comments · Fixed by #563 or #540
Closed

drive: permission invites get re-sent on occasion #497

bobheadxi opened this issue Sep 25, 2020 · 7 comments · Fixed by #563 or #540
Assignees
@bobheadxi
Labels
priority:high For issues with high priority, because of deadlines, security reasons, or sometimes both. theme:bug Something isn't working

Comments

@bobheadxi
Copy link
Member

bobheadxi commented Sep 25, 2020
edited
Loading

I can't seem to fetch permissionDetails to determine if a permission is inherited - something about the difference between personal drives and team drives? https://developers.google.com/drive/api/v3/reference/permissions#resource

One solution might be to not delete permissions at all => #497 (comment)
@bobheadxi bobheadxi self-assigned this Sep 25, 2020
@bobheadxi bobheadxi added the theme:bug Something isn't working label Sep 25, 2020
This was referenced Sep 26, 2020
Closed
Merged
@bobheadxi
Copy link
Member Author

#504 has a hack for this: 35e1209

@bobheadxi bobheadxi mentioned this issue Sep 29, 2020
Closed
@bobheadxi
Copy link
Member Author

35e1209 did not fix this, because we do not recreate shares that cascade.

@bobheadxi bobheadxi added the priority:high For issues with high priority, because of deadlines, security reasons, or sometimes both. label Oct 4, 2020
@bobheadxi bobheadxi mentioned this issue Oct 5, 2020
Merged
@bobheadxi
Copy link
Member Author

Reverting 35e1209 actually caused me to start seeing the issue described in #510 - I periodically receive invites for the projects folder now as well. I do not receive invites for folders like Exec and the main Launch Pad folder, however

@bobheadxi bobheadxi pinned this issue Oct 9, 2020
@bobheadxi bobheadxi changed the title drive sharing deletes inherited permissions drive: permission invites get re-sent on occasion Oct 9, 2020
@bobheadxi
Copy link
Member Author

bobheadxi commented Oct 9, 2020
edited
Loading

#540 disabled share deletion, so I've updated the issue to indicate cascading permissions deletion might not be the issue here.

Thought: it could be that we need to page through results, given that this only happens for the Projects folder which is our largest.

@bobheadxi
Copy link
Member Author

Some more findings: we do not have shared drives, that is limited to a pricing tier above what we have, so the permissions inheritance approach (#499) is a no-go

@bobheadxi bobheadxi mentioned this issue Oct 16, 2020
Merged
bobheadxi added a commit that referenced this issue Oct 17, 2020
@bobheadxi
gcp: respect permissions inherited from parent drives (#563)
bc9a6d8 
Drive shares frequently get recreated because we fail to page through all results (we likely have over 100 shares for large folders), and when deletion was enabled (#540) we would also erroneously delete inherited permissions. Both of these issues result in many users receiving duplicate invites whenever Rocket performs a sync (#510, #497). To amend this, we make the following changes:

* Permissions listing is now paginated
* Permissions listing now happens for direct parents of target folders - permissions discovered in parents are treated as "inherited", and for these permissions we skip both recreation and deletion

Co-authored-by: Cheuk Yin Ng <[email protected]>
@bobheadxi
Copy link
Member Author

bobheadxi commented Oct 17, 2020
edited
Loading

As of bc9a6d8 (#563):

�2020-10-17T01:41:51.026112486Z {Time: 2020-10-17 01:41:51, Level: [INFO], function: gcp.ensure_drive_permissions():144, message: Found 42 permissions for all that do not require updating}
�2020-10-17T01:43:01.543056021Z {Time: 2020-10-17 01:43:01, Level: [INFO], function: gcp.ensure_drive_permissions():168, message: Created 50 permissions for all}

There still seems to be a lot of creations that are not getting seen, and still getting reports of duplicated invites

This was linked to pull requests Oct 17, 2020
gcp: respect permissions inherited from parent drives #563
Merged
temporary fix: disable deletion of existing permissions #540
Merged
@bobheadxi
Copy link
Member Author

I think we're finally clean through a series of direct-to-master pushes oops 55b48e5...ffc67b3

tl;dr Rocket was failing to identify who has already received shares because:

  • emails are case-insensitive - but google magically turns emails into upper-cased things (presumably based on what they have on their end), so anyone who cased their emails in Rocket differently from how Google things they have it cased would have their permissions constantly deleted and created
  • dots don't matter in emails (!!!!!) so anyone who uses dots in their emails might have their emails magically changed by google to ones without dots (or vice versa)

(╯°□°)╯︵ ┻━┻

If you accept the most recent drive invite, you should be good to go now! Sorry about the spam 😅

@bobheadxi bobheadxi unpinned this issue Oct 18, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bobheadxi bobheadxi

Labels
priority:high For issues with high priority, because of deadlines, security reasons, or sometimes both. theme:bug Something isn't working
Projects
None yet
Milestone
No milestone
1 participant
@bobheadxi