v1.26.0

Changelog for reva 1.26.0 (2023-09-08)

The following sections list the changes in reva 1.26.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #4165: Use default user tmp folder in config tests
• Fix #4113: Fix plugin's registration when reva is built with version 1.21
• Fix #4171: Fix accessing an OCM-shared resource containing spaces
• Fix #4172: Hardcode access methods for outgoing OCM shares from OC/NC
• Fix #4125: Enable projects for lightweight accounts
• Enh #4121: Expire cached users and groups entries
• Enh #4162: Disable sharing on a storage provider
• Enh #4163: Disable trashbin on a storage provider
• Enh #4164: Disable versions on a storage provider
• Enh #4084: Implementation of an app provider for Overleaf
• Enh #4114: List all the registered plugins
• Enh #4115: All required features and fixes for the OC/NC ScienceMesh apps

Details

• Bugfix #4165: Use default user tmp folder in config tests

  #4165

• Bugfix #4113: Fix plugin's registration when reva is built with version 1.21

  With go 1.21 the logic for package initialization has changed, and the plugins were failing in
  the registration. Now the registration of the plugins is deferred in the main.

  #4113

• Bugfix #4171: Fix accessing an OCM-shared resource containing spaces

  Fixes the access of a resource OCM-shared containing spaces, that previously was failing with
  a NotFound error.

  #4171

• Bugfix #4172: Hardcode access methods for outgoing OCM shares from OC/NC

  This is a workaround until sciencemesh/nc-sciencemesh#45 is properly implemented

  #4172

• Bugfix #4125: Enable projects for lightweight accounts

  Enable CERNBox projects to be listed by a lightweight account

  #4125

• Enhancement #4121: Expire cached users and groups entries

  Entries in the rest user and group drivers do not expire. This means that old users/groups that
  have been deleted are still in cache. Now an expiration of fetch interval + 1 hours has been
  set.

  #4121

• Enhancement #4162: Disable sharing on a storage provider

  Added a GRPC interceptor that disable sharing permissions on a storage provider.

  #4162

• Enhancement #4163: Disable trashbin on a storage provider

  Added a GRPC interceptor that disable the trashbin on a storage provider.

  #4163

• Enhancement #4164: Disable versions on a storage provider

  Added a GRPC interceptor that disable the versions on a storage provider.

  #4164

• Enhancement #4084: Implementation of an app provider for Overleaf

  This PR adds an app provider for Overleaf as a standalone http service.

  The app provider currently consists of support for the export to Overleaf feature, which when
  called returns a URL to Overleaf that prompts Overleaf to download the appropriate resource
  making use of the Archiver service, and upload the files to a user's Overleaf account.

  #4084

• Enhancement #4114: List all the registered plugins

  #4114

• Enhancement #4115: All required features and fixes for the OC/NC ScienceMesh apps

  This PR includes all necessary code in Reva to interface with the ScienceMesh apps in OC and NC

  #4115

v2.16.0

Changelog for reva 2.16.0 (2023-08-21)

The following sections list the changes in reva 2.16.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #4051: Set treesize when creating a storage space
• Fix #4093: Fix the error handling
• Fix #4111: Return already exists error when child already exists
• Fix #4086: Fix ocs status code for not enough permission response
• Fix #4101: Make the jsoncs3 share manager indexes more robust
• Fix #4099: Fix logging upload errors
• Fix #4078: Fix the default document language for OnlyOffice
• Fix #4082: Fix propfind permissions
• Fix #4100: S3ng include md5 checksum on put
• Fix #4096: Fix the user shares list
• Fix #4076: Fix WebDAV permissions for space managers
• Fix #4117: Fix jsoncs3 atomic persistence
• Fix #4081: Propagate sizeDiff
• Fix #4091: Register WebDAV HTTP methods with chi
• Fix #4107: Return lock when requested
• Fix #4075: Revert 4065 - bypass proxy on upload
• Enh #4089: Async propagation (experimental)
• Enh #4074: Allow configuring the max size of grpc messages
• Enh #4083: Allow for rolling back migrations
• Enh #4014: En-/Disable DEPTH:inifinity in PROPFIND
• Enh #4072: Allow to specify a shutdown timeout
• Enh #4103: Add .oform mimetype
• Enh #4098: Allow naming nats connections
• Enh #4085: Add registry refresh
• Enh #4097: Remove app ticker logs
• Enh #4090: Add Capability for sse
• Enh #4110: Tracing events propgation

Details

• Bugfix #4051: Set treesize when creating a storage space

We now explicitly set the treesize metadata to zero when creating a new storage space. This
prevents empty treesize values for spaces with out any data.

#4051

• Bugfix #4093: Fix the error handling

Fix the error handling and prevent the nil pointer error

owncloud/ocis#6929
#4093

• Bugfix #4111: Return already exists error when child already exists

Prevents two concurrent requests from creating the same file

#4111

• Bugfix #4086: Fix ocs status code for not enough permission response

Request to re-share a resource or update a share by a user who does not have enough permission on
the resource returned a 404 status code. This is fixed and a 403 status code is returned instead.

owncloud/ocis#6670
#4086

• Bugfix #4101: Make the jsoncs3 share manager indexes more robust

We fixed a problem where the jsoncs3 share manager indexes could get out of sync.

#4101

• Bugfix #4099: Fix logging upload errors

We fixed a problem where problems with uploading blobs to the blobstore weren't logged.

#4099

• Bugfix #4078: Fix the default document language for OnlyOffice

Fix the default document language for OnlyOffice

https://github.com/owncloud/enterprise/issues/5807
#4078

• Bugfix #4082: Fix propfind permissions

Propfinds permissions field would always contain the permissions of the requested resource,
even for its children This is fixed.

#4082

• Bugfix #4100: S3ng include md5 checksum on put

We've fixed the S3 put operation of the S3ng storage to include a md5 checksum.

This md5 checksum is needed when a bucket has a retention period configured (see
https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html).

#4100

• Bugfix #4096: Fix the user shares list

Filter out a share if ShareWith is not found because the user or group already deleted

owncloud/ocis#6730
#4096

• Bugfix #4076: Fix WebDAV permissions for space managers

Sub shares of a space were shown as incoming shares for space manager incorrectly.

#4076

• Bugfix #4117: Fix jsoncs3 atomic persistence

The jsoncs3 share manager now uses etags instead of mtimes to determine when metadata needs to
be updated. As a precondtition we had to change decomposedfs as well: to consistently
calculate the etag for the file content we now store the mtime in the metadata and use the
metadata lock for atomicity.

#4117

• Bugfix #4081: Propagate sizeDiff

When postprocessing failed the sizeDiff would not be propagated correctly. This is fixed

#4081

• Bugfix #4091: Register WebDAV HTTP methods with chi

We now correctly register the WebDAV methods with chi during init.

owncloud/ocis#6924
#4091

• Bugfix #4107: Return lock when requested

We did not explictly return the lock when it was requested. This lead to the lock only being
included when no other metadata was requested. We fixed it by explictly returning the lock when
requested.

#4107

• Bugfix #4075: Revert 4065 - bypass proxy on upload

We have reverted PR #4065 to bypass proxy on upload, because it caused issues with oCis.

#4075
#4065

• Enhancement #4089: Async propagation (experimental)

Decomposedfs can now be configured to propagate treetime/treesize changes asynchronously.

#4089
#4070

• Enhancement #4074: Allow configuring the max size of grpc messages

We added a possibility to make the max size of grpc messsages configurable. It is only
configurable via envvar OCIS_GRPC_MAX_RECEIVED_MESSAGE_SIZE . It is recommended to use
this envvar only temporarily.

#4074

• Enhancement #4083: Allow for rolling back migrations

The decomposedfs now supports rolling back migrations (starting with 0004). It also got a
Migrations() method which returns the list of migrations incl. their states.

#4083

• Enhancement #4014: En-/Disable DEPTH:inifinity in PROPFIND

We have added the ability to en-/disable DEPTH:infinitiy in PROPFIND requests for spaces

owncloud/ocis#4188
#4014

• Enhancement #4072: Allow to specify a shutdown timeout

When setting graceful_shutdown_timeout revad will try to shutdown in a graceful manner
when receiving an INT or TERM signal (similar to how it already behaves on SIGQUIT). This allows
ongoing operations to complete before exiting.

If the shutdown didn't finish before graceful_shutdown_timeout seconds the process will
exit with an error code (1).

#4072

• Enhancement #4103: Add .oform mimetype

We switched to a local list of mimetypes and added support for the .oform file extension.

#4103
#4092

• Enhancement #4098: Allow naming nats connections

Bump go-micro and use new Name option to pass a connection name

#4098

• Enhancement #4085: Add registry refresh

We have added registry auto-refresh and made it configurable

owncloud/ocis#6793
owncloud/ocis#3832
#4085
owncloud/ocis#6910

• Enhancement #4097: Remove app ticker logs

#4097
Logs
would
show
regardless
of
log
level
as
there
is
no
configuration
done
beforehand.
We
remove
the
logs
for
now.

• Enhancement #4090: Add Capability for sse

Add a capability for server sent events

#4090

• Enhancement #4110: Tracing events propgation

Tracing information will now be propagated via events

#4110

v1.25.0

Changelog for reva 1.25.0 (2023-08-14)

The following sections list the changes in reva 1.25.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #4032: Temporarily exclude ceph-iscsi when building revad-ceph image
• Fix #3883: Fix group request to Grappa
• Fix #3946: Filter OCM shares by path
• Fix #4016: Fix panic when closing notification service
• Fix #4061: Fixes on notifications
• Fix #3962: OCM-related compatibility fixes
• Fix #3972: Fix for #3971
• Fix #3882: Remove transfer on cancel should also remove transfer job
• Chg #4041: Clean up notifications error checking code, fix sql creation script
• Chg #3581: Remove meshdirectory http service
• Enh #4044: Added an /app/notify endpoint for logging/tracking apps
• Enh #3915: Storage drivers setup for datatx
• Enh #3891: Provide data transfer size with datatx share
• Enh #3905: Remove redundant config for invite_link_template
• Enh #4031: Dump reva config on SIGUSR1
• Enh #3954: Extend EOS metadata
• Enh #3958: Make /sciencemesh/find-accepted-users response
• Enh #3908: Removed support for forcelock
• Enh #4011: Improve logging of HTTP requests
• Enh #3407: Add init time logging to all services
• Enh #4030: Support multiple token strategies in auth middleware
• Enh #4015: New configuration
• Enh #3825: Notifications framework
• Enh #3969: Conditional notifications initialization
• Enh #4077: Handle target in OpenInApp response
• Enh #4073: Plugins
• Enh #3937: Manage OCM shares
• Enh #4035: Enforce/validate configuration of services

Details

• Bugfix #4032: Temporarily exclude ceph-iscsi when building revad-ceph image

  Due to Package ceph-iscsi-3.6-1.el8.noarch.rpm is not signed error when building the
  revad-ceph docker image, the package ceph-iscsi has been excluded from the dnf update. It
  will be included again once the pkg will be signed again.

  #4032

• Bugfix #3883: Fix group request to Grappa

  The url.JoinPath call was returning an url-encoded string, turning ? into %3. This
  caused the request to return 404.

  #3883

• Bugfix #3946: Filter OCM shares by path

  Fixes the bug of duplicated OCM shares returned in the share with others response.

  #3946

• Bugfix #4016: Fix panic when closing notification service

  If the connection to the nats server was not yet estabished, the service on close was panicking.
  This has been now fixed.

  #4016

• Bugfix #4061: Fixes on notifications

  This is to align the code to the latest schema for notifications

  #4061

• Bugfix #3962: OCM-related compatibility fixes

  Following analysis of OC and NC code to access a remote share, we must expose paths and not full
  URIs on the /ocm-provider endpoint. Also we fix a lookup issue with apps over OCM and update
  examples.

  #3962

• Bugfix #3972: Fix for #3971

  Fixed panic described in #3971

  #3972

• Bugfix #3882: Remove transfer on cancel should also remove transfer job

  #3881
  #3882

• Change #4041: Clean up notifications error checking code, fix sql creation script

  #4041

• Change #3581: Remove meshdirectory http service

  As of meshdirectory-web version 2.0.0, it is now implemented and deployed as a completely
  separate app, independent from Reva. We removed any deprecated meshdirectory-related code
  from Reva.

  #3581

• Enhancement #4044: Added an /app/notify endpoint for logging/tracking apps

  The new endpoint serves to probe the health state of apps such as Microsoft Office Online, and it
  is expected to be called by the frontend upon successful loading of the document by the
  underlying app

  #4044

• Enhancement #3915: Storage drivers setup for datatx

  #3914
  #3915

• Enhancement #3891: Provide data transfer size with datatx share

  #2104
  #3891

• Enhancement #3905: Remove redundant config for invite_link_template

  This is to drop invite_link_template from the OCM-related config. Now the provider_domain
  and mesh_directory_url config options are both mandatory in the sciencemesh http service,
  and the link is directly built out of the context.

  #3905

• Enhancement #4031: Dump reva config on SIGUSR1

  Add an option to the runtime to dump the configuration on a file (default to
  /tmp/reva-dump.toml and configurable) when the process receives a SIGUSR1 signal.
  Eventual errors are logged in the log.

  #4031

• Enhancement #3954: Extend EOS metadata

  This PR extend the EOS metadata with atime and ctime fields. This change is backwards
  compatible.

  #3954

• Enhancement #3958: Make /sciencemesh/find-accepted-users response

  Consistent with delete user parameters

  #3958

• Enhancement #3908: Removed support for forcelock

  This workaround is not needed any longer, see also the wopiserver.

  #3908

• Enhancement #4011: Improve logging of HTTP requests

  Added request and response headers and removed redundant URL from the "http" messages

  #4011

• Enhancement #3407: Add init time logging to all services

  #3407

• Enhancement #4030: Support multiple token strategies in auth middleware

  Different HTTP services can in general support different token strategies for validating the
  reva token. In this context, without updating every single client a mono process deployment
  will never work. Now the HTTP auth middleware accepts in its configuration a token strategy
  chain, allowing to provide the reva token in multiple places (bearer auth, header).

  #4030

• Enhancement #4015: New configuration

  Allow multiple driverts of the same service to be in the same toml config. Add a vars section to
  contain common parameters addressable using templates in the configuration of the different
  drivers. Support templating to reference values of other parameters in the configuration.
  Assign random ports to services where the address is not specified.

  #4015

• Enhancement #3825: Notifications framework

  Adds a notifications framework to Reva.

  The new notifications service communicates with the rest of reva using NATS. It provides
  helper functions to register new notifications and to send them.

  Notification templates are provided in the configuration files for each service, and they are
  registered into the notifications service on initialization.

  #3825

• Enhancement #3969: Conditional notifications initialization

  Notification helpers in services will not try to initalize if there is no specific
  configuration.

  #3969

• Enhancement #4077: Handle target in OpenInApp response

  This PR adds the OpenInApp.target and AppProviderInfo.action properties to the respective
  responses (/app/open and /app/list), to support different app integrations. In addition,
  the archiver was extended to use the name of the file/folder as opposed to "download", and to
  include a query parameter to override the archive type, as it will be used in an upcoming app.

  #4077

• Enhancement #4073: Plugins

  Adds a plugin system for allowing the creation of external plugins for different plugable
  components in reva, for example grpc drivers, http services and middlewares.

  #4073

• Enhancement #3937: Manage OCM shares

  Implements the following item regarding OCM: - update of OCM shares in both grpc and ocs layer,
  allowing an user to update permissions and expiration of the share - deletion of OCM shares in
  both grpc and ocs layer - accept/reject of received OCM shares - remove accepted remote users

  #3937

• Enhancement #4035: Enforce/validate configuration of services

  Every driver can now specify some validation rules on the configuration. If the validation
  rules are not respected, reva will bail out on startup with a clear error.

  #4035

v2.15.0

Changelog for reva 2.15.0 (2023-07-17)

The following sections list the changes in reva 2.15.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #4004: Add path to public link POST
• Fix #3993: Add token to LinkAccessedEvent
• Fix #4007: Close archive writer properly
• Fix #3982: Fixed couple of smaller space lookup issues
• Fix #3963: Treesize interger overflows
• Fix #3943: When removing metadata always use correct database and table
• Fix #4003: Don't connect ldap on startup
• Fix #3978: Decomposedfs no longer os.Stats when reading node metadata
• Fix #3959: Drop unnecessary stat
• Fix #4032: Temporarily exclude ceph-iscsi when building revad-ceph image
• Fix #4042: Fix writing 0 byte msgpack metadata
• Fix #3948: Handle the bad request status
• Fix #3970: Fix enforce-password issue
• Fix #4057: Properly handle not-found errors when getting a public share
• Fix #4048: Fix messagepack propagation
• Fix #4056: Fix destroys data destination when moving issue
• Fix #4012: Fix mtime if 0 size file uploaded
• Fix #3955: Fix panic
• Fix #3977: Prevent direct access to trash items
• Fix #3933: Concurrently invalidate mtime cache in jsoncs3 share manager
• Fix #3985: Reduce jsoncs3 lock congestion
• Fix #3960: Add trace span details
• Fix #3951: Link context in metadata client
• Fix #4010: Omit spaceroot when archiving
• Fix #3950: Use plain otel tracing in metadata client
• Fix #3975: Decomposedfs now resolves the parent without an os.Stat
• Fix #4047: Publish events synchrously
• Fix #4039: Restart Postprocessing
• Chg #3947: Bump golangci-lint to 1.51.2
• Chg #3945: Revert golangci-lint back to 1.50.1
• Enh #4060: We added a go-micro based app-provider registry
• Enh #4013: Add new WebDAV permissions
• Enh #3966: Add space metadata to ocs shares list
• Enh #3987: Cache space indexes
• Enh #3953: Client selector pool
• Enh #3973: More logging for metadata propagation
• Enh #4059: Improve space index performance
• Enh #3994: Load matching spaces concurrently
• Enh #4049: Do not invalidate filemetadata cache early
• Enh #4040: Allow to use external trace provider in micro service
• Enh #4019: Allow to use external trace provider
• Enh #4045: Log error message in grpc interceptor
• Enh #3989: Parallelization of jsoncs3 operations
• Enh #3941: Adding tracing for jsoncs3
• Enh #3965: ResumePostprocessing Event
• Enh #3809: Trace decomposedfs syscalls
• Enh #4067: Trace upload progress
• Enh #3887: Trace requests through datagateway
• Enh #3981: We have updated the UserFeatureChangedEvent to reflect value changes
• Enh #4052: Update go-ldap to v3.4.5
• Enh #4065: Upload directly to dataprovider
• Enh #4046: Use correct tracer name
• Enh #3986: Allow disabling wopi chat

Details

• Bugfix #4004: Add path to public link POST

When POSTing a public link, the response would not contain the complete path to the resource.
This is fixed now.

#4004

• Bugfix #3993: Add token to LinkAccessedEvent

We added the link token to the LinkAccessedEvent

owncloud/ocis#3753
#3993

• Bugfix #4007: Close archive writer properly

When running into max size error (or random other error) the archiver would not close the
writer. Only it success case it would. This resulted in broken archives on the client. We now
defer the writer close.

#4007

• Bugfix #3982: Fixed couple of smaller space lookup issues

#3982

• Bugfix #3963: Treesize interger overflows

Reading the treesize was parsing the string value as a signed integer while setting the
treesize used unsigned integers this could cause failures (out of range errors) when reading
very large treesizes.

#3963

• Bugfix #3943: When removing metadata always use correct database and table

#3943

• Bugfix #4003: Don't connect ldap on startup

This leads to misleading error messages. Instead connect on first request.

#4003

• Bugfix #3978: Decomposedfs no longer os.Stats when reading node metadata

#3978

• Bugfix #3959: Drop unnecessary stat

#3959

• Bugfix #4032: Temporarily exclude ceph-iscsi when building revad-ceph image

Due to Package ceph-iscsi-3.6-1.el8.noarch.rpm is not signed error when building the
revad-ceph docker image, the package ceph-iscsi has been excluded from the dnf update. It
will be included again once the pkg will be signed again.

#4032

• Bugfix #4042: Fix writing 0 byte msgpack metadata

File metadata is now written atomically to be more resilient during timeouts

#4042
#4034
#4033

• Bugfix #3948: Handle the bad request status

Handle the bad request status for the CreateStorageSpace function

#3948

• Bugfix #3970: Fix enforce-password issue

Fix updating public share without password when enforce-password is enabled

owncloud/ocis#6476
#3970

• Bugfix #4057: Properly handle not-found errors when getting a public share

We fixed a problem where not-found errors caused a hard error instead of a proper RPC error
state.

#4057

• Bugfix #4048: Fix messagepack propagation

We cannot read from the lockfile. The data is in the metadata file.

#4048

• Bugfix #4056: Fix destroys data destination when moving issue

Fix moving a file and providing the fileID of the destination destroys data

owncloud/ocis#6739
#4056

• Bugfix #4012: Fix mtime if 0 size file uploaded

Fix mtime if 0 size file uploaded

owncloud/ocis#1248
#4012

• Bugfix #3955: Fix panic

#3955

• Bugfix #3977: Prevent direct access to trash items

Decomposedfs now prevents direct access to trash items

#3977

• Bugfix #3933: Concurrently invalidate mtime cache in jsoncs3 share manager

#3933

• Bugfix #3985: Reduce jsoncs3 lock congestion

We changed the locking strategy in the jsoncs3 share manager to cause less lock congestion
increasing the performance in certain scenarios.

#3985
#3964

• Bugfix #3960: Add trace span details

#3960

• Bugfix #3951: Link context in metadata client

We now disconnect the existing outgoing grpc metadata when making calls in the metadata
client. To keep track of related spans we link the two contexts.

#3951

• Bugfix #4010: Omit spaceroot when archiving

When archiving a space there was an empty folder named . added. This was because of the
spaceroot which was wrongly interpreted. We now omit the space root when creating an archive.

#4010
#3999

• Bugfix #3950: Use plain otel tracing in metadata client

In some cases there was no tracer provider in the context. Since the otel tracing has settled we
will fix problems by moving to the recommended best practices. A good starting point is
https://lightstep.com/blog/opentelemetry-go-all-you-need-to-know

#3950

• Bugfix #3975: Decomposedfs now resolves the parent without an os.Stat

#3975

• Bugfix #4047: Publish events synchrously

Async publishing can lead to loss of events under some circumstances

#4047

• Bugfix #4039: Restart Postprocessing

Resend the BytesReady event if instructed.

#4039

• Change #3947: Bump golangci-lint to 1.51.2

The 1.50.1 release had memory issues with go1.20

#3947

• Change #3945: Revert golangci-lint back to 1.50.1

#3945

• Enhancement #4060: We added a go-micro based app-provider registry

We added a dynamic go-micro based app-provider registry with a dynamic TTL

owncloud/ocis#3832
#4060

• Enhancement #4013: Add new WebDAV permissions

We added the permission "PurgeRecycle" to the WebDAV permissions list. I is represented by the
capital letter P.

#4013

• Enhancement #3966: Add space metadata to ocs shares list

We needed to add the space ID and the space alias of the original space to the share metadata when
we are listing shares. This is needed to directly navigate to the originating space location.

#3966

• Enhancement #3987: Cache space indexes

Decomposedfs now caches the different space indexes in memory which greatly improves the
performance of ListStorageSpaces on slow storages.

#3987

• Enhancement #3953: Client selector pool

Add the ability to use iterable client pools for the grpc service communication, the
underlying grpc client and connection is fetched randomly from the available services.

https://github.com/c...

v2.14.0

Changelog for reva 2.14.0 (2023-06-05)

The following sections list the changes in reva 2.14.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3919: We added missing timestamps to events
• Fix #3911: Clean IDCache properly
• Fix #3896: Do not lose old revisions when overwriting a file during copy
• Fix #3918: Dont enumerate users
• Fix #3902: Do not try to use the cache for empty node
• Fix #3877: Empty exact list while searching for a sharee
• Fix #3906: Fix preflight requests
• Fix #3934: Fix the space editor permissions
• Fix #3899: Harden uploads
• Fix #3917: Prevent last space manager from leaving
• Fix #3866: Fix public link lookup performance
• Fix #3904: Improve performance of directory listings
• Enh #3893: Cleanup Space Delete permissions
• Enh #3894: Fix err when the user share the locked file
• Enh #3913: Introduce FullTextSearch Capability
• Enh #3898: Add Graph User capabilities
• Enh #3496: Add otlp tracing exporter
• Enh #3922: Rename permissions

Details

• Bugfix #3919: We added missing timestamps to events

We added missing timestamps to events

owncloud/ocis#3753
#3919

• Bugfix #3911: Clean IDCache properly

Decomposedfs' subpackage tree uses an idCache to avoid reading too often from disc. In case
of a move or delete this cache was properly cleaned, but when renaming a file (= move with
same parent) the cache wasn't cleaned. This lead to strange behaviour when uploading files
with the same name and renaming them

#3911
#3903

• Bugfix #3896: Do not lose old revisions when overwriting a file during copy

We no longer delete-and-upload targets of copy operations but rather add a new version with the
source content.

This makes "overwrite when copying" behave the same as "overwrite when uploading".

Overwriting when moving a file still deletes the old file (moves it into the trash) and replaces
the whole file including the revisions of the source file.

#3896

• Bugfix #3918: Dont enumerate users

Fixes a user enumeration via DELETE share endpoint

#3918
#3916

• Bugfix #3902: Do not try to use the cache for empty node

We fixed a problem where nodes that did not have an ID set were still trying to use the cache for
their metadata resulting in clashing cache keys.

#3902

• Bugfix #3877: Empty exact list while searching for a sharee

We fixed a bug in the sharing api, it always returns an empty exact list while searching for a
sharee

owncloud/ocis#4265
#3877

• Bugfix #3906: Fix preflight requests

The datagateway now correctly overwrites the preconfigured CORS related headers with the
headers returned by a dataprovider.

#3906

• Bugfix #3934: Fix the space editor permissions

We fixed the permissions of a space editor which accidentally granted the permission to purge
the trash bin.

#3934

• Bugfix #3899: Harden uploads

Uploads now check response headers for a file id and omit a subsequent stat request which might
land on a storage provider that does not yet see the new file due to latency, eg. when NFS caches
direntries.

#3899

• Bugfix #3917: Prevent last space manager from leaving

It should not be possible for the last remaining space manager to change his role or get changed
by others.

#3917

• Bugfix #3866: Fix public link lookup performance

Fix inefficient path based space lookup for public links

#3866

• Bugfix #3904: Improve performance of directory listings

We improved the performance of directory listing by rendering the propfind XML concurrently.

#3904

• Enhancement #3893: Cleanup Space Delete permissions

Space Delete and Disable permissions ("Drive.ReadWriteEnabled", "delete-all-spaces",
"delete-all-home-spaces") were overlapping and not clear differentiatable. The new logic
is as follows: - "Drive.ReadWriteEnabled" allows enabling or disabling a project space -
"delete-all-home-spaces" allows deleting personal spaces of users - "delete-all-spaces"
allows deleting a project space - Space Mangers can still disable/enable a drive

#3893

• Enhancement #3894: Fix err when the user share the locked file

Fix unexpected behavior when the user try to share the locked file

owncloud/ocis#6197
#3894

• Enhancement #3913: Introduce FullTextSearch Capability

Add a capability that shows if fulltextsearch is supported by the server

#3913

• Enhancement #3898: Add Graph User capabilities

Add capabilities to show if user can be created or deleted and if they can change their password
on self service

#3898

• Enhancement #3496: Add otlp tracing exporter

We can now use tracing_exporter=otlp to send traces using the otlp exporter.

#3496

• Enhancement #3922: Rename permissions

Rename permissions to be consistent and future proof

#3922

v2.13.3

Changelog for reva 2.13.3 (2023-05-17)

The following sections list the changes in reva 2.13.3 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3890: Bring back public link sharing of project space roots
• Fix #3888: We fixed a bug that unnecessarily fetched all members of a group
• Fix #3886: Decomposedfs no longer deadlocks when cache is disabled
• Fix #3892: Fix public links
• Fix #3876: Remove go-micro/store/redis specific workaround
• Fix #3889: Update space root mtime when changing space metadata
• Fix #3836: Fix spaceID in the decomposedFS
• Fix #3867: Restore last version after positive result
• Fix #3849: Prevent sharing space roots and personal spaces
• Enh #3865: Remove unneccessary code from gateway
• Enh #3895: Add missing expiry date to shares

Details

• Bugfix #3890: Bring back public link sharing of project space roots

We reenabled sharing of project space roots

#3890

• Bugfix #3888: We fixed a bug that unnecessarily fetched all members of a group

Adding or removing groups to spaces is now done without retrieving all group members

#3888

• Bugfix #3886: Decomposedfs no longer deadlocks when cache is disabled

We now pass a Reader for the locked file to lower level functions so metadata can be read without
aquiring a new file lock.

#3886

• Bugfix #3892: Fix public links

Public links would not work when not send on the root level. Reason was wrong path matching. Also
fixes a critical bug that was unfound before

#3892

• Bugfix #3876: Remove go-micro/store/redis specific workaround

We submitted an upstream fix for an issue in the go-micro/store redis plugin. Which allowed us
to remove a redis specific workaround from the reva storage cache implementation.

#3876

• Bugfix #3889: Update space root mtime when changing space metadata

We fixed a problem where space mtimes were not updated when their metadata changed, resulting
in changes not being picked up by other services like search.

owncloud/ocis#6289
#3889

• Bugfix #3836: Fix spaceID in the decomposedFS

We returned the wrong spaceID within storageSpaceFromNode. This was fixed and the
storageprovider ID handling refactored.

#3836

• Bugfix #3867: Restore last version after positive result

We fixed a bug in the copy routine that prevented restoring of a previous version after
post-processing (e.g. virus scanning)

https://github.com/owncloud/enterprise/issues/5709
#3867

• Bugfix #3849: Prevent sharing space roots and personal spaces

We fixed a problem where sharing space roots or adding members to a personal space was possible.

#3849

• Enhancement #3865: Remove unneccessary code from gateway

Delete unused removeReference code from gateway

#3865

• Enhancement #3895: Add missing expiry date to shares

We have added expiry dates to the shares

owncloud/ocis#5442
#3895

v1.24.0

Changelog for reva 1.24.0 (2023-05-11)

The following sections list the changes in reva 1.24.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3805: Apps: fixed viewMode resolution
• Fix #3771: Fix files sharing capabilities
• Fix #3749: Fix persisting updates of received shares in json driver
• Fix #3723: Fix revad docker images by enabling CGO
• Fix #3765: Fix create version folder in EOS driver
• Fix #3786: Fix listing directory for a read-only shares for EOS storage driver
• Fix #3787: Fix application flag for EOS binary
• Fix #3780: Fix Makefile error on Ubuntu
• Fix #3873: Fix parsing of grappa response
• Fix #3794: Fix unshare for EOS storage driver
• Fix #3838: Fix upload in a single file share for lightweight accounts
• Fix #3878: Fix creator/initiator in public and user shares
• Fix #3813: Fix propfind URL for OCM shares
• Fix #3770: Fixed default protocol on ocm-share-create
• Fix #3852: Pass remote share id and shared secret in OCM call
• Fix #3859: Fix inconsistency between data transfer protocol naming
• Enh #3847: Update data transfers for current OCM shares implementation
• Enh #3869: Datatx tutorial
• Enh #3762: Denial and Resharing Default capabilities
• Enh #3717: Disable sharing on low level paths
• Enh #3766: Download file revisions
• Enh #3733: Add support for static linking
• Enh #3778: Add support to tag eos traffic
• Enh #3868: Implement historical way of constructing OCM WebDAV URL
• Enh #3719: Skip computing groups when fetching all groups from grappa
• Enh #3783: Updated OCM tutorial
• Enh #3750: New metadata flags
• Enh #3839: Support multiple issuer in OIDC auth driver
• Enh #3772: New OCM discovery endpoint
• Enh #3619: Tests for invitation manager SQL driver
• Enh #3757: Support OCM v1.0 schema
• Enh #3695: Create OCM share from sciencemesh service
• Enh #3722: List only valid OCM tokens
• Enh #3821: Revamp user/group drivers and fix user type
• Enh #3724: Send invitation link from mesh directory
• Enh #3824: Serverless Services

Details

• Bugfix #3805: Apps: fixed viewMode resolution

  Currently, the viewMode passed on /app/open is taken without validating the actual user's
  permissions. This PR fixes this.

  #3805

• Bugfix #3771: Fix files sharing capabilities

  A bug was preventing setting some capabilities (ResharingDefault and DenyAccess) for files
  sharing from the configuration file

  #3771

• Bugfix #3749: Fix persisting updates of received shares in json driver

  #3749

• Bugfix #3723: Fix revad docker images by enabling CGO

  #3723

• Bugfix #3765: Fix create version folder in EOS driver

  In a read only share, a stat could fail, beacause the EOS storage driver was not able to create the
  version folder for a file in case this did not exist. This fixes this bug impersonating the owner
  of the file when creating the version folder.

  #3765

• Bugfix #3786: Fix listing directory for a read-only shares for EOS storage driver

  In a read-only share, while listing a folder, for resources not having a version folder, the
  returned resource id was wrongly the one of the original file, instead of the version folder.
  This behavior has been fixed, where the version folder is always created on behalf of the
  resource owner.

  #3786

• Bugfix #3787: Fix application flag for EOS binary

  #3787

• Bugfix #3780: Fix Makefile error on Ubuntu

  I've fixed Makefile using sh which is defaulted to dash in ubuntu, dash doesn't support [[ ... ]] syntax and Makefile would throw /bin/sh: 1: [[: not found errors.

  #3773
  #3780

• Bugfix #3873: Fix parsing of grappa response

  #3873

• Bugfix #3794: Fix unshare for EOS storage driver

  In the EOS storage driver, the remove acl operation was a no-op. After removing a share, the
  recipient of the share was still able to operate on the shared resource. Now this has been fixed,
  removing correctly the ACL from the shared resource.

  #3794

• Bugfix #3838: Fix upload in a single file share for lightweight accounts

  #3838

• Bugfix #3878: Fix creator/initiator in public and user shares

  #3878

• Bugfix #3813: Fix propfind URL for OCM shares

  #3810
  #3813

• Bugfix #3770: Fixed default protocol on ocm-share-create

  #3770

• Bugfix #3852: Pass remote share id and shared secret in OCM call

  #3852

• Bugfix #3859: Fix inconsistency between data transfer protocol naming

  #3858
  #3859

• Enhancement #3847: Update data transfers for current OCM shares implementation

  #3846
  #3847

• Enhancement #3869: Datatx tutorial

  #3864
  #3869

• Enhancement #3762: Denial and Resharing Default capabilities

  #3762

• Enhancement #3717: Disable sharing on low level paths

  Sharing can be disable in the user share provider for some paths, but the storage provider was
  still sending the sharing permissions for those paths. This adds a config option in the storage
  provider, minimum_allowed_path_level_for_share, to disable sharing permissions for
  resources up to a defined path level.

  #3717

• Enhancement #3766: Download file revisions

  Currently it is only possible to restore a file version, replacing the actual file with the
  selected version. This allows an user to download a version file, without touching/replacing
  the last version of the file

  #3766

• Enhancement #3733: Add support for static linking

  We've added support for compiling reva with static linking enabled. It's possible to do so with
  the STATIC flag: make revad STATIC=true

  #3733

• Enhancement #3778: Add support to tag eos traffic

  We've added support to tag eos traffic

  #3778

• Enhancement #3868: Implement historical way of constructing OCM WebDAV URL

  Expose the expected WebDAV endpoint for OCM by OC10 and Nextcloud as described in
  cs3org/OCM-API#70 (comment) to allow reva
  providers to participate to mesh.

  #3855
  #3868

• Enhancement #3719: Skip computing groups when fetching all groups from grappa

  #3719

• Enhancement #3783: Updated OCM tutorial

  The OCM tutorial in the doc was missing the example on how to access the received resources. Now
  the tutorial contains all the steps to access a received resource using the WebDAV protocol.

  #3783

• Enhancement #3750: New metadata flags

  Several new flags, like site infrastructure and service status, are now gathered and exposed
  by Mentix.

  #3750

• Enhancement #3839: Support multiple issuer in OIDC auth driver

  The OIDC auth driver supports now multiple issuers. Users of external providers are then
  mapped to a local user by a mapping files. Only the main issuer (defined in the config with
  issuer) and the ones defined in the mapping are allowed for the verification of the OIDC
  token.

  #3839

• Enhancement #3772: New OCM discovery endpoint

  This PR implements the new OCM v1.1 specifications for the /ocm-provider endpoint.

  #3772

• Enhancement #3619: Tests for invitation manager SQL driver

  #3619

• Enhancement #3757: Support OCM v1.0 schema

  Following cs3org/cs3apis#206, we add the fields to ensure backwards compatibility with OCM
  v1.0. However, if the protocol.options undocumented object is not empty, we bail out for
  now. Supporting interoperability with OCM v1.0 implementations (notably Nextcloud 25) may
  come in the future if the undocumented options are fully reverse engineered. This is reflected
  in the unit tests as well.

  Also, added viewMode to webapp protocol options (cs3org/cs3apis#207) and adapted all SQL
  code and unit tests.

  #3757

• Enhancement #3695: Create OCM share from sciencemesh service

  pondersource/sciencemesh-php#166
  #3695

• Enhancement #3722: List only valid OCM tokens

  #3722

• Enhancement #3821: Revamp user/group drivers and fix user type

  For lightweight accounts

  • Fix the user type for lightweight accounts, using the source field to differentiate between a
    primary and lw account * Remove all the code with manual parsing of the json returned by the CERN
    provider * Introduce pagination for GetMembers method in the group driver * Reduced network
    transfer size by requesting only needed fields for GetMembers method

  #3821

• Enhancement #3724: Send invitation link from mesh directory

  When generating and listing OCM tokens

  To enhance user expirience, instead of on...

v2.13.2

Changelog for reva 2.13.2 (2023-05-08)

The following sections list the changes in reva 2.13.2 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3845: Fix propagation
• Fix #3856: Fix response code
• Fix #3857: Fix trashbin purge

Details

• Bugfix #3845: Fix propagation

Fix propagation in concurrency scenarios

#3845

• Bugfix #3856: Fix response code

The DeleteStorageSpace method response code has been changed

#3856

• Bugfix #3857: Fix trashbin purge

We have fixed a nil-pointer-exception, when purging files from the trashbin that do not have a
parent (any more)

owncloud/ocis#6245
#3857

v2.13.1

Changelog for reva 2.13.1 (2023-05-03)

The following sections list the changes in reva 2.13.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3843: Allow scope check to impersonate space owners

Details

• Bugfix #3843: Allow scope check to impersonate space owners

The publicshare scope check now fakes a user to mint an access token when impersonating a user of
type SPACE_OWNER which is used for project spaces. This fixes downloading archives from
public link shares in project spaces.

owncloud/ocis#5229
#3843

v2.13.0

Changelog for reva 2.13.0 (2023-05-02)

The following sections list the changes in reva 2.13.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3570: Return 425 on HEAD
• Fix #3830: Be more robust when logging errors
• Fix #3815: Bump micro redis store
• Fix #3596: Cache CreateHome calls
• Fix #3823: Deny correctlty in decomposedfs
• Fix #3826: Add by group index to decomposedfs
• Fix #3618: Drain body on failed put
• Fix #3420: EOS grpc fixes
• Fix #3685: Send fileid on copy
• Fix #3688: Return 425 on GET
• Fix #3755: Fix app provider language validation
• Fix #3800: Fix building for freebsd
• Fix #3700: Fix caching
• Fix #3535: Fix ceph driver storage fs implementation
• Fix #3764: Fix missing CORS config in ocdav service
• Fix #3710: Fix error when try to delete space without permission
• Fix #3822: Fix deleting spaces
• Fix #3718: Fix revad-eos docker image which was failing to build
• Fix #3559: Fix build on freebsd
• Fix #3696: Fix ldap filters when checking for enabled users
• Fix #3767: Decode binary UUID when looking up a users group memberships
• Fix #3741: Fix listing shares to multiple groups
• Fix #3834: Return correct error during MKCOL
• Fix #3841: Fix nil pointer and improve logging
• Fix #3831: Ignore 'null' mtime on tus upload
• Fix #3758: Fix public links with enforced password
• Fix #3814: Fix stat cache access
• Fix #3650: FreeBSD xattr support
• Fix #3827: Initialize user cache for decomposedfs
• Fix #3818: Invalidate cache when deleting space
• Fix #3812: Filemetadata Cache now deletes keys without listing them first
• Fix #3817: Pipeline cache deletes
• Fix #3711: Replace ini metadata backend by messagepack backend
• Fix #3828: Send quota when listing spaces in decomposedfs
• Fix #3681: Fix etag of "empty" shares jail
• Fix #3748: Prevent service from panicking
• Fix #3816: Write Metadata once
• Chg #3641: Hide file versions for share receivers
• Chg #3820: Streamline stores
• Enh #3732: Make method for detecting the metadata backend public
• Enh #3789: Add capabilities indicating if user attributes are read-only
• Enh #3792: Add a prometheus gauge to keep track of active uploads and downloads
• Enh #3637: Add an ID to each events
• Enh #3704: Add more information to events
• Enh #3744: Add LDAP user type attribute
• Enh #3806: Decomposedfs now supports filtering spaces by owner
• Enh #3730: Antivirus
• Enh #3531: Async Postprocessing
• Enh #3571: Async Upload Improvements
• Enh #3801: Cache node ids
• Enh #3690: Check set project space quota permission
• Enh #3686: User disabling functionality
• Enh #160: Implement the CS3 Lock API in the EOS storage driver
• Enh #3575: Fix skip group grant index cleanup
• Enh #3564: Fix tag pkg
• Enh #3756: Prepare for GDPR export
• Enh #3612: Group feature changed event added
• Enh #3729: Improve decomposedfs performance, esp. with network fs/cache
• Enh #3697: Improve the ini file metadata backend
• Enh #3819: Allow creating internal links without permission
• Enh #3740: Limit concurrency in decomposedfs
• Enh #3569: Always list shares jail when listing spaces
• Enh #3788: Make resharing configurable
• Enh #3674: Introduce ini file based metadata backend
• Enh #3728: Automatically migrate file metadata from xattrs to messagepack
• Enh #3807: Name Validation
• Enh #3574: Opaque space group
• Enh #3598: Pass estream to Storage Providers
• Enh #3763: Add a capability for personal data export
• Enh #3577: Prepare for SSE
• Enh #3731: Add config option to enforce passwords on public links
• Enh #3693: Enforce the PublicLink.Write permission
• Enh #3497: Introduce owncloud 10 publiclink manager
• Enh #3714: Add global max quota option and quota for CreateHome
• Enh #3759: Set correct share type when listing shares
• Enh #3594: Add expiration to user and group shares
• Enh #3580: Share expired event
• Enh #3620: Allow a new ShareType SpaceMembershipGroup
• Enh #3609: Space Management Permissions
• Enh #3655: Add expiration date to space memberships
• Enh #3697: Add support for redis sentinel caches
• Enh #3552: Suppress tusd logs
• Enh #3555: Tags
• Enh #3785: Increase unit test coverage in the ocdav service
• Enh #3739: Try to rename uploaded files to their final position
• Enh #3610: Walk and log chi routes

Details

• Bugfix #3570: Return 425 on HEAD

For files in postprocessing return 425 also on HEAD requests

#3570

• Bugfix #3830: Be more robust when logging errors

We fixed a problem where logging errors resulted in a panic.

#3830

• Bugfix #3815: Bump micro redis store

We updated the micro store implementation for redis to use SCAN instead of KEYS

#3815
#3809

• Bugfix #3596: Cache CreateHome calls

We restored the caching of CreateHome calls getting rid of a lot of internal calls.

#3596

• Bugfix #3823: Deny correctlty in decomposedfs

Decomposedfs had problems denying resources for groups. This is now fixed

#3823

• Bugfix #3826: Add by group index to decomposedfs

#3826

• Bugfix #3618: Drain body on failed put

When a put request fails the server would not drain the body. This will lead to connection closed errors on clients when using http 1

#3618

• Bugfix #3420: EOS grpc fixes

The shares and the applications were not working with the EOS grpc storage driver. This fixes
both.

#3420

• Bugfix #3685: Send fileid on copy

When copying a folder oc-fileid header would not be added (unlinke when copying files) this is
fixed now.

#3685

• Bugfix #3688: Return 425 on GET

On ocdav GET endpoint the server will now return 425 instead 500 when the file is being
processed

#3688

• Bugfix #3755: Fix app provider language validation

This changes the validation to only look at the first part (tag) of the language code and ignore
the second part (sub-tag).

#3755

• Bugfix #3800: Fix building for freebsd

We fixed a problem preventing freebsd builds.

#3800

• Bugfix #3700: Fix caching

Do not cache files that are in processing.

#3700

• Bugfix #3535: Fix ceph driver storage fs implementation

We adapted the Ceph driver for the edge branch.

#3535

• Bugfix #3764: Fix missing CORS config in ocdav service

The ocdav service is started with a go micro wrapper. We needed to add the cors config.

#3764

• Bugfix #3710: Fix error when try to delete space without permission

When a user without the correct permission tries to delete a storage space, return a
PermissionDenied error instead of an Internal Error.

#3710

• Bugfix #3822: Fix deleting spaces

We fixed a problem when trying to delete spaces.

#3822

• Bugfix #3718: Fix revad-eos docker image which was failing to build

#3718

• Bugfix #3559: Fix build on freebsd

Building reva on freebsd was broken due to some deviations in return value types from the
filesystem.

#3559

• Bugfix #3696: Fix ldap filters when checking for enabled users

This fixes the ldap filters for checking enabled/disabled users.

#3696

• Bugfix #3767: Decode binary UUID when looking up a users group memberships

The LDAP backend for the users service didn't correctly decode binary UUIDs when looking up a
user's group memberships.

#3767

• Bugfix #3741: Fix listing shares to multiple groups

Users can now see the shares to all groups they are a member of.

#3741

• Bugfix #3834: Return correct error during MKCOL

We need to return a "PreconditionFailed" error if one of the parent folders during a MKCOL does
not exist.

#3834

• Bugfix #3841: Fix nil pointer and improve logging

We fixed a nil pointer error due to a wrong log statement and improved the logging in the json
public share manager.

#3841

• Bugfix #3831: Ignore 'null' mtime on tus upload

Decomposedfs now ignores 'null' as an mtime

#3831

• Bugfix #3758: Fix public links with enforced password

Fix the public link update operation in the case that a password is enforced.

#3758

• Bugfix #3814: Fix stat cache access

We fixed a problem where wrong data was written to and expected from the stat cache.

#3814

• Bugfix #3650: FreeBSD xattr support

We now properly handle FreeBSD xattr namespaces by leaving out the user. prefix. FreeBSD
adds that automatically.

#3650

• Bugfix #3827: Initialize user cache for decomposedfs

#3827

• Bugfix #3818: Invalidate cache when deleting space

Decomposedfs now invalidates the cache when deleting a space.

#3818

• Bugfix #3812: Filemetadata Cache now deletes keys without listing them first

https://github.com/cs3org/re...