File Store Page Fails New Users

[mwfarb]

The filestore page seems to work for admin account but no others on firefox on arenaxr.org.

Console:

Cookie “auth” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite

[hi-liang]

This doesn't appear to be an error with firefox (though we should set the samesite cookie param in a separate issue).

When I logged into an account that had previously created, this wasn't an issue. Logging into a NEW account as Tianshu had done with his new arena account, there appears to be some account bootstrapping that didn't properly complete. I think the issue is the user's directory isn't properly created or something.

What fixed it somehow for me was using the new account, creating a random folder. Thereafter, I could refresh and have the filestore page load properly

[mwfarb]

@hi-liang You got right. Looking at arena-account we are using the fs api rest endpoints to manually create a new user, without also manually creating that root user directory. Whereas in the “normal” page login, the global settings are used for new users which include a flag for this.

The right fix is then, to lookup the user directory at login and create it if missing.

[nampereira]

Filestore has this setting

So, it should create, I think. Either a bug with this fs version, or something changed, maybe permissions ?

[nampereira]

I see @mwfarb, you think the fs endpoint to create a new user does not implement the home dir creation. But didn't this work before ?

[mwfarb]

Good point, but I'm not sure. I'll have to simulate when I get a chance.

[mwfarb]

Tried local dev and it has the same behavior, new user inserted, no user dir.

Think I fixed it. The POST users handler creates the dir only when "scope" is set: https://github.com/arenaxr/arena-account/commit/577b8e111114ff210dbd5a43a197ead5c55cfece

[mwfarb]

Might need to also run two requests for staff, POST for new user, with user scope to create user dir, and also a follow up PUT to update user scope to root.