Releases: cs3org/reva
v2.25.0
Changelog for reva 2.25.0 (2024-09-30)
The following sections list the changes in reva 2.25.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4854: Added ShareUpdate activity
- Fix #4865: Better response codes for app new endpoint
- Fix #4858: Better response codes for app new endpoint
- Fix #4867: Fix remaining space calculation for S3 blobstore
- Fix #4852: Populate public link user correctly
- Fix #4859: Fixed the collaboration service registration
- Fix #4835: Fix sharejail stat id
- Fix #4856: Fix time conversion
- Fix #4851: Use gateway selector in sciencemesh
- Fix #4850: Write upload session info atomically
- Enh #4866: Unit test the json ocm invite manager
- Enh #4847: Add IsVersion to UploadReadyEvent
- Enh #4868: Improve metadata client errors
- Enh #4848: Add trashbin support to posixfs alongside other improvements
Details
- Bugfix #4854: Added ShareUpdate activity
Added the ShareUpdate activity in the space context.
- Bugfix #4865: Better response codes for app new endpoint
We fixed the response codes for the app new endpoint. Permission denied is now backing the
request.
- Bugfix #4858: Better response codes for app new endpoint
We fixed the response codes for the app new endpoint.
- Bugfix #4867: Fix remaining space calculation for S3 blobstore
The calculation of the remaining space in the S3 blobstore was incorrectly using the remaining
space of the local disk instead.
- Bugfix #4852: Populate public link user correctly
When authenticating via public link, always add the public user instead of the link owner
- Bugfix #4859: Fixed the collaboration service registration
Fixed an issue when the collaboration service registers apps also for binary and unknown mime
types.
- Bugfix #4835: Fix sharejail stat id
Stating a share jail mountpoint now returns the same resourceid as in the directory listing of
the share jail root.
- Bugfix #4856: Fix time conversion
We fixed a nil pointer in a time conversion
- Bugfix #4851: Use gateway selector in sciencemesh
We now use a selector to get fresh ip addresses when running ocis in a kubernetes clustern.
- Bugfix #4850: Write upload session info atomically
We now use a lock and atomic write on upload session metadata to prevent empty reads. A virus scan
event might cause the file to be truncated and then a finished event might try to read the file,
just getting an empty string.
- Enhancement #4866: Unit test the json ocm invite manager
We added unit tests for the json ocm invite manager
- Enhancement #4847: Add IsVersion to UploadReadyEvent
Adds an IsVersion flag indicating that this upload is a version of an existing file
- Enhancement #4868: Improve metadata client errors
We now return a more descripive error message when the metadata client cannot create a space
because it already exists.
- Enhancement #4848: Add trashbin support to posixfs alongside other improvements
We added support for trashbins to posixfs. Posixfs also saw a number of other improvement,
bugfixes and optimizations.
v2.19.9
Changelog for reva 2.19.9 (2024-09-23)
The following sections list the changes in reva 2.19.9 relevant to
reva users. The changes are ordered by importance.
Summary
Details
- Bugfix #4842: Fix micro ocdav service init and registration
We no longer call Init to configure default options because it was replacing the existing
options.
- Bugfix #4862: Fix nats encoding
Encode nats-js-kv keys. This got lost by a dependency bump.
v2.19.8
Changelog for reva 2.19.8 (2024-09-23)
The following sections list the changes in reva 2.19.8 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4761: Quotes in dav Content-Disposition header
- Fix #4853: Write upload session info atomically
- Enh #4701: Extend service account permissions
Details
- Bugfix #4761: Quotes in dav Content-Disposition header
We've fixed the the quotes in the dav Content-Disposition header. They caused an issue where
certain browsers would decode the quotes and falsely prepend them to the filename.
owncloud/web#11031
owncloud/web#11169
#4761
- Bugfix #4853: Write upload session info atomically
We now use a lock and atomic write on upload session metadata to prevent empty reads. A virus scan
event might cause the file to be truncated and then a finished event might try to read the file,
just getting an empty string.
Backport of #4850
- Enhancement #4701: Extend service account permissions
Adds AddGrant permisson
v2.24.1
Changelog for reva 2.24.1 (2024-09-11)
The following sections list the changes in reva 2.24.1 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4843: Allow update of ocm shares
Details
- Bugfix #4843: Allow update of ocm shares
We fixed a bug that prevented ocm shares to be updated or removed.
v2.24.0
Changelog for reva 2.24.0 (2024-09-09)
The following sections list the changes in reva 2.24.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4820: Fix response code when upload a file over locked
- Fix #4837: Fix OCM userid encoding
- Fix #4823: Return etag for ocm shares
- Fix #4822: Allow listing directory trash items by key
- Enh #4816: Ignore resharing requests
- Enh #4817: Added a new role space editor without versions
- Enh #4829: Added a new roles viewer/editor with ListGrants
- Enh #4828: New event: UserSignedIn
- Enh #4836: Publish an event when an OCM invite is generated
Details
- Bugfix #4820: Fix response code when upload a file over locked
We fixed a bug where the response code was incorrect when uploading a file over a locked file.
- Bugfix #4837: Fix OCM userid encoding
We now base64 encode the remote userid and provider as the local federated user id. This allows
us to always differentiate them from local users and unpack the encoded user id and provider
when making requests to the remote ocm provider.
owncloud/ocis#9927
#4837
#4833
- Bugfix #4823: Return etag for ocm shares
The ocm remote storage now passes on the etag returned in the PROPFIND response.
- Bugfix #4822: Allow listing directory trash items by key
The storageprovider now passes on the key without inventing a / as the relative path when it
was not present at the end of the key. This allows differentiating requests that want to get the
trash item of a folder itself (where the relative path is empty) or listing the children of a
folder in the trash (where the relative path at least starts with a /).
We also fixed the /dav/spaces endpoint to not invent a / at the end of URLs to allow clients to
actually make these different requests.
As a byproduct we now return the size of trashed items.
- Enhancement #4816: Ignore resharing requests
We now ignore resharing permissions. Instead of returning BadRequest we just reduce the
permissions.
- Enhancement #4817: Added a new role space editor without versions
We add a new role space editor without list and restore version permissions.
- Enhancement #4829: Added a new roles viewer/editor with ListGrants
We add a new roles space viewer/editor with ListGrants permissions.
- Enhancement #4828: New event: UserSignedIn
There is a new Event that cam be triggered when a user signs in
- Enhancement #4836: Publish an event when an OCM invite is generated
The ocm generate-invite endpoint now publishes an event whenever an invitation is requested
and generated. This event can be subscribed to by other services to react to the generated
invitation.
v2.23.0
Changelog for reva 2.23.0 (2024-08-19)
The following sections list the changes in reva 2.23.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4802: Block overwriting mountpoints
- Fix #4782: Fixed the response code when copying from a share to a personal space
- Fix #4805: Fix creating spaces
- Fix #4651: Fix deleting space shares
- Fix #4808: Fixed bugs in the owncloudsql storage driver
- Enh #4772: Allow configuring grpc max connection age
- Enh #4784: Bump tusd to v2
- Enh #4478: Hellofs
- Enh #4744: Respect service transport
- Enh #4812: Concurrent stat requests when listing shares
- Enh #4798: Update go-ldap to v3.4.8
Details
- Bugfix #4802: Block overwriting mountpoints
This blocks overwriting mountpoints through the webdav COPY api. It is now returning a bad
request when attempting to overwrite a mountpoint.
- Bugfix #4782: Fixed the response code when copying from a share to a personal space
We fixed the response code when copying a file from a share to a personal space with a secure view
role.
- Bugfix #4805: Fix creating spaces
We fixed a problem where it wasn't possible to create new spaces when running on a non-writable
working directory.
- Bugfix #4651: Fix deleting space shares
We no longer check if a share is an ocm sharee if listng ocm shares has been disabled anyway. This
allows unsharing space shares.
- Bugfix #4808: Fixed bugs in the owncloudsql storage driver
- Enhancement #4772: Allow configuring grpc max connection age
We added a GRPC_MAX_CONNECTION_AGE env var that allows limiting the lifespan of connections.
A closed connection triggers grpc clients to do a new DNS lookup to pick up new IPs.
- Enhancement #4784: Bump tusd to v2
Bump tusd pkg to v2.4.0
- Enhancement #4478: Hellofs
We added a minimal hello world filesystem as an example for a read only storage driver.
- Enhancement #4744: Respect service transport
The service registry now takes into account the service transport when creating grpc clients.
This allows using dns, unix and kubernetes as the protocol in addition to tcp. dns
will turn the gRPC client into a Thick
Client that can look up
multiple endpoints via DNS. kubernetes will use
github.com/sercand/kuberesolver to
connect to the kubernetes API and pick up service changes. Furthermore, we enabled round robin
load balancing for the default transparent retry configuration of
gRPC.
- Enhancement #4812: Concurrent stat requests when listing shares
The sharesstorageprovider now concurrently stats the accepted shares when listing the share
jail. The default number of 5 workers can be changed by setting the max_concurrency value in
the config map.
- Enhancement #4798: Update go-ldap to v3.4.8
Update go-ldap/ldap/v3 to the latest upstream release to include the latest bugfixes and
enhancements.
v2.22.0
Changelog for reva 2.22.0 (2024-07-29)
The following sections list the changes in reva 2.22.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4741: Always find unique providers
- Fix #4762: Blanks in dav Content-Disposition header
- Fix #4775: Fixed the response code when copying the shared from to personal
- Fix #4633: Allow all users to create internal links
- Fix #4771: Deleting resources via their id
- Fix #4768: Fixed the file name validation if nodeid is used
- Fix #4758: Fix moving locked files, enable handling locked files via ocdav
- Fix #4774: Fix micro ocdav service init and registration
- Fix #4776: Fix response code for DEL file that in postprocessing
- Fix #4746: Uploading the same file multiple times leads to orphaned blobs
- Fix #4778: Zero byte uploads
- Chg #4759: Updated to the latest version of the go-cs3apis
- Chg #4773: Ocis bumped
- Enh #4766: Set archiver output format via query parameter
- Enh #4763: Improve posixfs storage driver
Details
- Bugfix #4741: Always find unique providers
The gateway will now always try to find a single unique provider. It has stopped aggregating
multiple ListContainer responses when we removed any business logic from it.
- Bugfix #4762: Blanks in dav Content-Disposition header
We've fixed the encoding of blanks in the dav Content-Disposition header.
- Bugfix #4775: Fixed the response code when copying the shared from to personal
We fixed the response code when copying the file from shares to personal space with a secure view
role.
- Bugfix #4633: Allow all users to create internal links
Due to a bug, not all space members were allowed to create internal links. This has been fixed.
- Bugfix #4771: Deleting resources via their id
We fixed a bug where deleting resources by using their id via the /dav/spaces/ endpoint would
not work.
- Bugfix #4768: Fixed the file name validation if nodeid is used
We have fixed the file name validation if nodeid is used
- Bugfix #4758: Fix moving locked files, enable handling locked files via ocdav
We fixed a problem when trying to move locked files. We also enabled the ocdav service to handle
locked files.
- Bugfix #4774: Fix micro ocdav service init and registration
We no longer call Init to configure default options because it was replacing the existing
options.
- Bugfix #4776: Fix response code for DEL file that in postprocessing
We fixed the response code when DELETE and MOVE requests to the file that is still in
post-processing.
- Bugfix #4746: Uploading the same file multiple times leads to orphaned blobs
Fixed a bug where multiple uploads of the same file would lead to orphaned blobs in the
blobstore. These orphaned blobs will now be deleted.
- Bugfix #4778: Zero byte uploads
Zero byte uploads would trigger postprocessing which lead to breaking pipelines.
- Change #4759: Updated to the latest version of the go-cs3apis
The go-cs3apis dependency was updated to the latest version
- Change #4773: Ocis bumped
Ocis bumped. The expected failures removed.
- Enhancement #4766: Set archiver output format via query parameter
Sets the archive output format e.G "tar" via the url query parameter "output-format",
possible params are "zip" and "tar", falls back to "zip".
owncloud/ocis#9399
owncloud/web#11080
#4766
- Enhancement #4763: Improve posixfs storage driver
Improve the posixfs storage driver by fixing several issues and corner cases.
v2.21.0
Changelog for reva 2.21.0 (2024-07-08)
The following sections list the changes in reva 2.21.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4740: Disallow reserved filenames
- Fix #4748: Quotes in dav Content-Disposition header
- Fix #4750: Validate a space path
- Enh #4737: Add the backchannel logout event
- Enh #4749: DAV error codes
- Enh #4742: Expose disable-versioning configuration option
- Enh #4739: Improve posixfs storage driver
- Enh #4738: Add GetServiceUserToken() method to utils pkg
Details
- Bugfix #4740: Disallow reserved filenames
We now disallow the reserved .. and . filenames. They are only allowed as destinations of
move or copy operations.
- Bugfix #4748: Quotes in dav Content-Disposition header
We've fixed the the quotes in the dav Content-Disposition header. They caused an issue where
certain browsers would decode the quotes and falsely prepend them to the filename.
- Bugfix #4750: Validate a space path
We've fixed the issue when validating a space path
- Enhancement #4737: Add the backchannel logout event
We've added the backchannel logout event
- Enhancement #4749: DAV error codes
DAV error responses now include an error code for clients to use if they need to check for a
specific error type.
- Enhancement #4742: Expose disable-versioning configuration option
This PR exposes the disable-versioning configuration option to the user. This option allows
the user to disable versioning for the storage-providers.
- Enhancement #4739: Improve posixfs storage driver
Improve the posixfs storage driver by fixing several issues and adding missing features.
- Enhancement #4738: Add GetServiceUserToken() method to utils pkg
Added GetServiceUserToken() function to the utils pkg to easily get a reva token for a service
account.
v2.20.0
Changelog for reva 2.20.0 (2024-06-19)
The following sections list the changes in reva 2.20.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4623: Consistently use spaceid and nodeid in logs
- Fix #4584: Prevent copying a file to a parent folder
- Fix #4700: Clean empty trash node path on delete
- Fix #4567: Fix error message in authprovider if user is not found
- Fix #4615: Write blob based on session id
- Fix #4557: Fix ceph build
- Fix #4711: Duplicate headers in DAV responses
- Fix #4568: Fix sharing invite on virtual drive
- Fix #4559: Fix graph drive invite
- Fix #4593: Make initiatorIDs also work on uploads
- Fix #4608: Use gateway selector in jsoncs3
- Fix #4546: Fix the mount points naming
- Fix #4678: Fix nats encoding
- Fix #4630: Fix ocm-share-id
- Fix #4518: Fix an error when lock/unlock a file
- Fix #4622: Fix public share update
- Fix #4566: Fix public link previews
- Fix #4589: Fix uploading via a public link
- Fix #4660: Fix creating documents in nested folders of public shares
- Fix #4635: Fix nil pointer when removing groups from space
- Fix #4709: Fix share update
- Fix #4661: Fix space share update for ocs
- Fix #4656: Fix space share update
- Fix #4561: Fix Stat() by Path on re-created resource
- Fix #4710: Tolerate missing user space index
- Fix #4632: Fix access to files withing a public link targeting a space root
- Fix #4603: Mask user email in output
- Chg #4542: Drop unused service spanning stat cache
- Enh #4712: Add the error translation to the utils
- Enh #4696: Add List method to ocis and s3ng blobstore
- Enh #4693: Add mimetype for sb3 files
- Enh #4699: Add a Path method to blobstore
- Enh #4695: Add photo and image props
- Enh #4706: Add secureview flag when listing apps via http
- Enh #4585: Move more consistency checks to the usershare API
- Enh #4702: Added theme capability
- Enh #4672: Add virus filter to list uploads sessions
- Enh #4614: Bump mockery to v2.40.2
- Enh #4621: Use a memory cache for the personal space creation cache
- Enh #4556: Allow tracing requests by giving util functions a context
- Enh #4694: Expose SecureView in WebDAV permissions
- Enh #4652: Better error codes when removing a space member
- Enh #4725: Unique share mountpoint name
- Enh #4689: Extend service account permissions
- Enh #4545: Extend service account permissions
- Enh #4581: Make decomposedfs more extensible
- Enh #4564: Send file locked/unlocked events
- Enh #4730: Improve posixfs storage driver
- Enh #4587: Allow passing a initiator id
- Enh #4645: Add ItemID to LinkRemoved
- Enh #4686: Mint view only token for open in app requests
- Enh #4606: Remove resharing
- Enh #4643: Secure viewer share role
- Enh #4631: Add space-share-updated event
- Enh #4685: Support t and x in ACEs
- Enh #4625: Test async processing cornercases
- Enh #4653: Allow to resolve public shares without the ocs tokeninfo endpoint
- Enh #4657: Add ScanData to Uploadsession
Details
- Bugfix #4623: Consistently use spaceid and nodeid in logs
Sometimes we tried to log a node which led to a JSON recursion error because it contains a
reference to the space root, which references itself. We now always log spaceid and
nodeid.
- Bugfix #4584: Prevent copying a file to a parent folder
When copying a file to its parent folder, the file would be copied onto the parent folder, moving
the original folder to the trash-bin.
owncloud/ocis#1230
#4584
#4582
#4571
- Bugfix #4700: Clean empty trash node path on delete
We now delete empty directories in the trash when an item is purged or restored. This prevents
old empty directories from slowing down the globbing of trash items.
- Bugfix #4567: Fix error message in authprovider if user is not found
- Bugfix #4615: Write blob based on session id
Decomposedfs now uses the session id and size when moving an uplode to the blobstore. This fixes
a cornercase that prevents an upload session from correctly being finished when another
upload session to the file was started and already finished.
- Bugfix #4557: Fix ceph build
- Bugfix #4711: Duplicate headers in DAV responses
We fixed an issue where the DAV response headers were duplicated. This was caused by the WebDav
handler which copied over all headers from the datagateways response. Now, only the relevant
headers are copied over to the DAV response to prevent duplication.
- Bugfix #4568: Fix sharing invite on virtual drive
We fixed the issue when sharing of virtual drive with other users was allowed
- Bugfix #4559: Fix graph drive invite
We fixed the issue when sharing of personal drive is allowed via graph
- Bugfix #4593: Make initiatorIDs also work on uploads
One needs to pass them on initateupload already.
- Bugfix #4608: Use gateway selector in jsoncs3
The jsoncs3 user share manager now uses the gateway selector to get a fresh client before making
requests and uses the configured logger from the context.
- Bugfix #4546: Fix the mount points naming
We fixed a bug that caused inconsistent naming when multiple users share the resource with same
name to another user.
- Bugfix #4678: Fix nats encoding
Encode nats-js-kv keys. This got lost by a dependency bump.
- Bugfix #4630: Fix ocm-share-id
We now use the share id to correctly identify ocm shares.
- Bugfix #4518: Fix an error when lock/unlock a file
We fixed a bug when anonymous user with viewer role in public link of a folder can lock/unlock a
file inside it
- Bugfix #4622: Fix public share update
We fixed the permission check for updating public shares. When updating the permissions of a
public share while not providing a password, the check must be against the new permissions to
take into account that users can opt out only for view permissions.
- Bugfix #4566: Fix public link previews
Fixes previews for public links
- Bugfix #4589: Fix uploading via a public link
Fix http error when uploading via a public link
- Bugfix #4660: Fix creating documents in nested folders of public shares
We fixed a bug that prevented creating new documented in a nested folder of a public share.
- Bugfix #4635: Fix nil pointer when removing groups from space
We fixed the nil pointer when removing groups from space via graph
- Bugfix #4709: Fix share update
We fixed the response code when the role/permission is empty on the share update
- Bugfix #4661: Fix space share update for ocs
We fixed the space share update for ocs.
- Bugfix #4656: Fix space share update
We fixed the permission check for updating the space shares when update an expirationDateTime
only.
- Bugfix #4561: Fix Stat() by Path on re-created resource
We fixed bug that caused Stat Requests using a Path reference to a mount point in the sharejail to
not resolve correctly, when a share using the same mount point to an already deleted resource
was still existing.
- Bugfix #4710: Tolerate missing user space index
We fixed a bug where the spaces for a user were not listed if the user had no space index by user.
This happens when a user has the role "User Light" and has been invited to a project space via a
group.
- Bugfix #4632: Fix access to files withing a public link targeting a space root
We fixed an issue that prevented users from opening documents within a public share that
targets a space root.
- Bugfix #4603: Mask user email in output
We have fixed a bug where the user email was not masked in the output and the user emails could be
enumerated through the sharee search.
- Change #4542: Drop unused service spanning stat cache
We removed the stat cache shared between gateway and storage providers. It is constantly
invalidated and needs a different approach.
v2.19.7
Changelog for reva 2.19.7 (2024-05-13)
The following sections list the changes in reva 2.19.7 relevant to
reva users. The changes are ordered by importance.
Summary
- Enh #4673: Add virus filter to list uploads sessions
Details
- Enhancement #4673: Add virus filter to list uploads sessions
Adds a filter for filtering for infected uploads