Releases: cs3org/reva
v1.23.0
Changelog for reva 1.23.0 (2023-03-09)
The following sections list the changes in reva 1.23.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3621: Use 2700 as permission when creating EOS home folder
- Fix #3551: Fixes implementation omission of #3526
- Fix #3706: Fix revad-eos docker image which was failing to build
- Fix #3626: Fix open in app for lightweight accounts
- Fix #3613: Use subject from oidc userinfo when quering the user provider
- Fix #3633: Fix litmus and acceptance tests in GitHub Actions
- Fix #3694: Updated public links URLs and users' display names in WOPI apps
- Chg #3553: Rename PullTransfer to CreateTransfer
- Enh #3584: Bump the Copyright date to 2023
- Enh #3640: Migrate acceptance tests from Drone to GitHub Actions
- Enh #3629: Use cs3org/behat:latest docker image for tests
- Enh #3608: Add Golang test coverage report for Codacy
- Enh #3599: Add latest tag to revad Docker image with GitHub Actions
- Enh #3713: Streamline EOS SSS and UNIX modes
- Enh #3566: Migrate the litmusOcisSpacesDav test from Drone to GitHub Actions
- Enh #3712: Improve Docker build speed and Docker Compose test speed
- Enh #3630: Migrate the virtualViews test from Drone to GitHub Actions
- Enh #3675: Cleanup unused configs in OCM HTTP service
- Enh #3692: Create and list OCM shares in OCS layer
- Enh #3666: Search OCM accepted users
- Enh #3665: List valid OCM invite tokens
- Enh #3617: SQL driver for OCM invitation manager
- Enh #3667: List OCM providers
- Enh #3668: Expose OCM received shares as a local mount
- Enh #3683: Remote open in app in OCM
- Enh #3654: SQL driver for OCM shares
- Enh #3646: Update OCM shares to last version of CS3APIs
- Enh #3687: Specify recipient as a query param when sending OCM token by email
- Enh #3691: Add OCM scope and webdav endpoint
- Enh #3611: Revamp OCM invitation workflow
- Enh #3703: Bump reva(d) base image to alpine 3.17
Details
-
Bugfix #3621: Use 2700 as permission when creating EOS home folder
-
Bugfix #3551: Fixes implementation omission of #3526
In #3526 a new value format of the owner parameter of the ocm share request was introduced. This
change was not implemented in the json driver. This change fixes that. -
Bugfix #3706: Fix revad-eos docker image which was failing to build
-
Bugfix #3626: Fix open in app for lightweight accounts
-
Bugfix #3613: Use subject from oidc userinfo when quering the user provider
-
Bugfix #3633: Fix litmus and acceptance tests in GitHub Actions
-
Bugfix #3694: Updated public links URLs and users' display names in WOPI apps
Public links have changed in the frontend and are reflected in folderurl query parameter.
Additionally, OCM shares are supported for the folderurl and OCM users are decorated with
their ID provider. -
Change #3553: Rename PullTransfer to CreateTransfer
This change implements a CS3APIs name change in the datatx module (PullTransfer to
CreateTransfer) -
Enhancement #3584: Bump the Copyright date to 2023
-
Enhancement #3640: Migrate acceptance tests from Drone to GitHub Actions
Migrate ocisIntegrationTests and s3ngIntegrationTests to GitHub Actions
-
Enhancement #3629: Use cs3org/behat:latest docker image for tests
-
Enhancement #3608: Add Golang test coverage report for Codacy
-
Enhancement #3599: Add latest tag to revad Docker image with GitHub Actions
-
Enhancement #3713: Streamline EOS SSS and UNIX modes
-
Enhancement #3566: Migrate the litmusOcisSpacesDav test from Drone to GitHub Actions
-
Enhancement #3712: Improve Docker build speed and Docker Compose test speed
-
Enhancement #3630: Migrate the virtualViews test from Drone to GitHub Actions
-
Enhancement #3675: Cleanup unused configs in OCM HTTP service
-
Enhancement #3692: Create and list OCM shares in OCS layer
-
Enhancement #3666: Search OCM accepted users
Adds the prefix
sm:to the FindUser endpoint, to filter only the OCM accepted users. -
Enhancement #3665: List valid OCM invite tokens
Adds the endpoint
/list-invitein the sciencemesh service, to get the list of valid OCM
invite tokens. -
Enhancement #3617: SQL driver for OCM invitation manager
-
Enhancement #3667: List OCM providers
Adds the endpoint
/list-providersin the sciencemesh service, to get a filtered list of the
OCM providers. The filter can be specified with thesearchquery parameters, and filters by
domain and full name of the provider. -
Enhancement #3668: Expose OCM received shares as a local mount
-
Enhancement #3683: Remote open in app in OCM
-
Enhancement #3654: SQL driver for OCM shares
-
Enhancement #3646: Update OCM shares to last version of CS3APIs
-
Enhancement #3687: Specify recipient as a query param when sending OCM token by email
Before the email recipient when sending the OCM token was specified as a form parameter. Now as a
query parameter, as some clients does not allow in a GET request to set form values. It also add
the possibility to specify a template for the subject and the body for the token email. -
Enhancement #3691: Add OCM scope and webdav endpoint
Adds the OCM scope and the ocmshares authentication, to authenticate the federated user to use
the OCM shared resources. It also adds the (unprotected) webdav endpoint used to interact with
the shared resources. -
Enhancement #3611: Revamp OCM invitation workflow
-
Enhancement #3703: Bump reva(d) base image to alpine 3.17
Prevents several vulnerabilities from the base image itself:
https://artifacthub.io/packages/helm/cs3org/revad?modal=security-report
v1.21.0
Changelog for reva 1.21.0 (2022-12-07)
The following sections list the changes in reva 1.21.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3492: Fixes the DefaultQuotaBytes in EOS
- Fix #3420: EOS grpc fixes
- Fix #3501: Fix errors of public share provider according to cs3apis
- Fix #3504: Fix RefreshLock method for cephfs storage driver
- Enh #3502: Appproviders: pass other query parameters as Opaque
- Enh #3028: Access directly auth registry rules map when getting provider
- Enh #3197: Bring back multi-stage build to save on image size
- Enh #3506: Migrate the buildAndPublishDocker job from Drone to GitHub Actions
- Enh #3500: Migrate the BuildOnly job from Drone to GitHub Actions
- Enh #3513: Migrate the testIntegration job from Drone to GitHub Actions
- Enh #3494: Implemented folderurl for WOPI apps
- Enh #3507: Get user preferred language
- Enh #3530: Improve error logging in ocmd flow
- Enh #3491: Implement rclone third-party copy push option
- Enh #3508: Allow an user to set a preferred language
Details
-
Bugfix #3492: Fixes the DefaultQuotaBytes in EOS
We were setting the default logical quota to 1T, resulting on only 500GB available to the user.
-
Bugfix #3420: EOS grpc fixes
The shares and the applications were not working with the EOS grpc storage driver. This fixes
both. -
Bugfix #3501: Fix errors of public share provider according to cs3apis
All the errors returned by the public share provider where internal errors. Now this has been
fixed and the returned errors are the one defined in the cs3apis. -
Bugfix #3504: Fix RefreshLock method for cephfs storage driver
-
Enhancement #3502: Appproviders: pass other query parameters as Opaque
This allows to send any other HTTP query parameter passed to /app/open to the underlying
appprovider drivers via GRPC -
Enhancement #3028: Access directly auth registry rules map when getting provider
-
Enhancement #3197: Bring back multi-stage build to save on image size
- Use EOS 4.8.91 as base image - Bring back multi-stage build - Build revad on the eos 4.8.91 image
due to missing dependency (ld-musl-x86_64.so.1, typical of alpine) - Copy the resulting
revad from the builder container
Resulting image size (unpacked on disk) is 2.59GB - eos-all:4.8.91 is 2.47GB - existing
revad:latest-eos is 6.18GB - Use EOS 4.8.91 as base image - Bring back multi-stage build - Build revad on the eos 4.8.91 image
-
Enhancement #3506: Migrate the buildAndPublishDocker job from Drone to GitHub Actions
We've migrated the buildAndPublishDocker job from Drone to GitHub Actions workflow. We've
updated the Golang version used to build the Docker images to go1.19. We've fixed the Cephfs
storage module. We've improved the Makefile. We've refactored the build-docker workflow. -
Enhancement #3500: Migrate the BuildOnly job from Drone to GitHub Actions
We've migrated the BuildOnly job from Drone to GitHub Actions workflow. The Workflow builds
and Tests Reva, builds a Revad Docker Image and checks the license headers. The license header
tools was removed since the goheader linter provides the same functionality. -
Enhancement #3513: Migrate the testIntegration job from Drone to GitHub Actions
-
Enhancement #3494: Implemented folderurl for WOPI apps
The folderurl is now populated for WOPI apps, such that for owners and named shares it points to
the containing folder, and for public links it points to the appropriate public link URL.On the way, functions to manipulate the user's scope and extract the eventual public link
token(s) have been added, coauthored with @gmgigi96. -
Enhancement #3507: Get user preferred language
The only way for an OCIS web user to change language was to set it into the browser settings. In the
ocs user info response, a fieldlanguageis added, to change their language in the UI,
regardless of the browser settings. -
Enhancement #3530: Improve error logging in ocmd flow
-
Enhancement #3491: Implement rclone third-party copy push option
This enhancement gives the option to use third-party copy push with rclone between two
different user accounts. -
Enhancement #3508: Allow an user to set a preferred language
Contributors
Assets 14
v2.12.0
Changelog for reva 2.12.0 (2022-11-25)
The following sections list the changes in reva 2.12.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3436: Allow updating to internal link
- Fix #3473: Decomposedfs fix revision download
- Fix #3482: Decomposedfs propagate sizediff
- Fix #3449: Don't leak space information on update drive
- Fix #3470: Add missing events for managing spaces
- Fix #3472: Fix an oCDAV error message
- Fix #3452: Fix access to spaces shared via public link
- Fix #3440: Set proper names and paths for space roots
- Fix #3437: Refactor delete error handling
- Fix #3432: Remove share jail fix
- Fix #3458: Set the Oc-Fileid header when copying items
- Enh #3441: Cover ocdav with more unit tests
- Enh #3493: Configurable filelock duration factor in decomposedfs
- Enh #3397: Reduce lock contention issues
Details
- Bugfix #3436: Allow updating to internal link
We now allow updating any link to an internal link when the user has UpdateGrant permissions
- Bugfix #3473: Decomposedfs fix revision download
We rewrote the finish upload code to use a write lock when creating and updating node metadata.
This prevents some cornercases, allows us to calculate the size diff atomically and fixes
downloading revisions.
owncloud/ocis#765
owncloud/ocis#3868
#3473
- Bugfix #3482: Decomposedfs propagate sizediff
We now propagate the size diff instead of calculating the treesize. This fixes the slower
upload speeds in large folders.
- Bugfix #3449: Don't leak space information on update drive
There were some problems with the UpdateDrive func in decomposedfs when it is called without
permission - When calling with empty request it would leak the complete drive info - When
calling with non-empty request it would leak the drive name
- Bugfix #3470: Add missing events for managing spaces
We added more events to cover different aspects of managing spaces
- Bugfix #3472: Fix an oCDAV error message
We've fixed an error message in the oCDAV service, that said "error doing GET request to data
service" even if it did a PATCH request to the data gateway. This error message is now fixed.
- Bugfix #3452: Fix access to spaces shared via public link
We fixed a problem where downloading archives from spaces which were shared via public links
was not possible.
- Bugfix #3440: Set proper names and paths for space roots
We fixed a problem where the names and paths were not set correctly for space roots.
- Bugfix #3437: Refactor delete error handling
We refactored the ocdav delete handler to return the HTTP status code and an error message to
simplify error handling.
- Bugfix #3432: Remove share jail fix
We have removed the share jail check.
- Bugfix #3458: Set the Oc-Fileid header when copying items
We added the Oc-Fileid header in the COPY response for compatibility reasons.
- Enhancement #3441: Cover ocdav with more unit tests
We added unit tests to cover more ocdav handlers: - delete - mkcol - fixes
owncloud/ocis#4332
#3441
#3443
#3445
#3447
#3454
#3461
- Enhancement #3493: Configurable filelock duration factor in decomposedfs
The lock cycle duration factor in decomposedfs can now be changed by setting
lock_cycle_duration_factor.
- Enhancement #3397: Reduce lock contention issues
We reduced lock contention during high load by caching the extended attributes of a file for the
duration of a request.
v1.20.0
Changelog for reva 1.20.0 (2022-11-24)
The following sections list the changes in reva 1.20.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Sec #3316: Mitigate XSS
- Fix #3455: Fixes panic in case of empty configuration
- Fix #3311: Remove FIXME
- Fix #3396: Fix the Ceph Docker image repository URL
- Fix #3055: Fix quota for LW accounts
- Fix #3361: Use custom reva logger in ocs
- Fix #3344: Fix quota percentage
- Fix #2979: Removed unused datatx code
- Fix #2973: Fix datatxtarget uri when prefix is used
- Fix #3319: Fix oidc provider crash when custom claims are provided
- Fix #3481: OIDC: resolve users with no uid/gid by username
- Fix #3055: Get user from user provider in oidc driver
- Fix #3053: Temporary read user acl instead of sys acl
- Enh #3401: Make WOPI bridged apps (CodiMD) configuration non hard-coded
- Enh #3402: Block users
- Enh #3098: App provider http endpoint uses Form instead of Query
- Enh #3116: Implementation of cback storage driver for REVA
- Enh #3422: Migrate Codacy from Drone to Codacy/GitHub integration
- Enh #3412: Migrate Fossa from Drone to Github Integration
- Enh #3367: Update go version
- Enh #3467: Enable gocritic linter in golangci-lint and solve issues
- Enh #3463: Enable gofmt linter in golangci-lint and apply gofmt
- Enh #3471: Enable goimports and usestdlibvars in golangci-lint
- Enh #3466: Migrate golangci-lint from Drone to GitHub Actions
- Enh #3465: Enable revive linter in golangci-lint and solve issues
- Enh #3487: Enable staticcheck linter in golangci-lint and solve issues
- Enh #3475: Enable the style linters
- Enh #3070: Allow http service to expose prefixes containing /
- Enh #2986: Better display name in apps for all user types
- Enh #3303: Added support for configuring language locales in apps
- Enh #3348: Revamp lightweigth accounts
- Enh #3304: Add http service to send email for shares
- Enh #3072: Mesh meta data operators
- Enh #3313: Fix content-type for OCM sharing
- Enh #3234: Add post create home hook for eos storage driver
- Enh #3347: Implemented PROPFIND with 0 depth
- Enh #3056: Add public share auth provider
- Enh #3305: Add description to public link
- Enh #3163: Add support for quicklinks for public shares
- Enh #3289: Make Refresh Lock operation WOPI compliant
- Enh #3315: Accept reva token as a bearer authentication
- Enh #3438: Sanitize non-utf8 characters in xattr values in EOS
- Enh #3221: Site Accounts improvements
- Enh #3404: Site accounts & Mentix updates
- Enh #3424: Expire tokens on sunday
- Enh #2986: Use email as display name for external users opening WOPI apps
Details
-
Security #3316: Mitigate XSS
We've mitigated an XSS vulnerability resulting from unescaped HTTP responses containing
user-provided values in pkg/siteacc/siteacc.go and
internal/http/services/ocmd/invites.go. This patch uses html.EscapeString to escape the
user-provided values in the HTTP responses of pkg/siteacc/siteacc.go and
internal/http/services/ocmd/invites.go. -
Bugfix #3455: Fixes panic in case of empty configuration
Makes sure the config map is allocated prior to setting it
-
Bugfix #3311: Remove FIXME
Issue #2402 is closed.
-
Bugfix #3396: Fix the Ceph Docker image repository URL
-
Bugfix #3055: Fix quota for LW accounts
LW accounts do not have quota assigned.
-
Bugfix #3361: Use custom reva logger in ocs
-
Bugfix #3344: Fix quota percentage
-
Bugfix #2979: Removed unused datatx code
An OCM reference is not created for a data transfer type share.
-
Bugfix #2973: Fix datatxtarget uri when prefix is used
When a webdav prefix is used it appears in both host and name parameter of the target uri for data
transfer. This PR fixes that. -
Bugfix #3319: Fix oidc provider crash when custom claims are provided
-
Bugfix #3481: OIDC: resolve users with no uid/gid by username
Previously we resolved such users (so called "lightweight" or "external" accounts in the CERN
realm) by email, but it turns out that the same email may have multiple accounts associated to
it.Therefore we now resolve them by username, that is the upn, which is unique.
-
Bugfix #3055: Get user from user provider in oidc driver
For oidc providers that only respond with standard claims, use the user provider to get the
user. -
Bugfix #3053: Temporary read user acl instead of sys acl
We read the user acl in EOS until the migration of all user acls to sys acls are done
-
Enhancement #3401: Make WOPI bridged apps (CodiMD) configuration non hard-coded
The configuration of the custom mimetypes has been moved to the AppProvider, and the given
mimetypes are used to configure bridged apps by sharing the corresponding config item to the
drivers. -
Enhancement #3402: Block users
Allows an operator to set a list of users that are banned for every operation in reva.
-
Enhancement #3098: App provider http endpoint uses Form instead of Query
We've improved the http endpoint now uses the Form instead of Query to also support
application/x-www-form-urlencodedparameters on the app provider http endpoint. -
Enhancement #3116: Implementation of cback storage driver for REVA
This is a read only fs interface.
-
Enhancement #3422: Migrate Codacy from Drone to Codacy/GitHub integration
-
Enhancement #3412: Migrate Fossa from Drone to Github Integration
-
Enhancement #3367: Update go version
Update go version to 1.19 in go.mod
-
Enhancement #3467: Enable gocritic linter in golangci-lint and solve issues
-
Enhancement #3463: Enable gofmt linter in golangci-lint and apply gofmt
-
Enhancement #3471: Enable goimports and usestdlibvars in golangci-lint
We've enabled the goimports and usestdlibvars linters in golangci-lint and solved the
related issues. -
Enhancement #3466: Migrate golangci-lint from Drone to GitHub Actions
-
Enhancement #3465: Enable revive linter in golangci-lint and solve issues
-
Enhancement #3487: Enable staticcheck linter in golangci-lint and solve issues
-
Enhancement #3475: Enable the style linters
We've enabled the stylecheck, whitespace, dupword, godot and dogsled linters in
golangci-lint and solved the related issues. -
Enhancement #3070: Allow http service to expose prefixes containing /
-
Enhancement #2986: Better display name in apps for all user types
This includes a
FirstName FamilyName (domain)format for non-primary accounts, and a
sanitization of the email address claim for such non-primary accounts. -
Enhancement #3303: Added support for configuring language locales in apps
This is a partial backport from edge: we introduce a language option in the appprovider, which
if set is passed as appropriate parameter to the external apps in order to force a given
localization. In particular, for Microsoft Office 365 the DC_LLCC option is set as well. The
default behavior is unset, where apps try and resolve the localization from the browser
headers. -
Enhancement #3348: Revamp lightweigth accounts
Re-implements the lighweight account scope check, making it more efficient. Also, the ACLs
for the EOS storage driver for the lw accounts are set atomically. -
Enhancement #3304: Add http service to send email for shares
-
Enhancement #3072: Mesh meta data operators
To better support sites that run multiple instances, the meta data have been extended to
include a new hierarchy layer called 'operators'. This PR brings all necessary changes in the
Mentix and site accounts services. -
Enhancement #3313: Fix content-type for OCM sharing
This fix change the content type to just "application/json"
-
Enhancement #3234: Add post create home hook for eos storage driver
-
Enhancement #3347: Implemented PROPFIND with 0 depth
-
Enhancement #3056: Add public share auth provider
Add a public share auth middleware
-
Enhancement #3305: Add description to public link
-
Enhancement #3163: Add support for quicklinks for public shares
v2.11.0
Changelog for reva 2.11.0 (2022-11-03)
The following sections list the changes in reva 2.11.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3282: Use Displayname in wopi apps
- Fix #3430: Add missing error check in decomposedfs
- Fix #3298: Make date only expiry dates valid for the whole day
- Fix #3394: Avoid AppProvider panic
- Fix #3267: Reduced default cache sizes for smaller memory footprint
- Fix #3338: Fix malformed uid string in cache
- Fix #3255: Properly escape oc:name in propfind response
- Fix #3324: Correct base URL for download URL and href when listing file public links
- Fix #3278: Fix public share view mode during app open
- Fix #3377: Fix possible race conditions
- Fix #3274: Fix "uploader" role permissions
- Fix #3241: Fix uploading empty files into shares
- Fix #3251: Make listing xattrs more robust
- Fix #3287: Return OCS forbidden error when a share already exists
- Fix #3218: Improve performance when listing received shares
- Fix #3251: Lock source on move
- Fix #3238: Return relative used quota amount as a percent value
- Fix #3279: Polish OCS error responses
- Fix #3307: Refresh lock in decomposedFS needs to overwrite
- Fix #3368: Return 404 when no permission to space
- Fix #3341: Validate s3ng downloads
- Fix #3284: Prevent nil pointer when requesting user
- Fix #3257: Fix wopi access to publicly shared files
- Chg #3267: Decomposedfs no longer stores the idp
- Chg #3381: Changed Name of the Shares Jail
- Enh #3381: Add capability for sharing by role
- Enh #3320: Add the parentID to the ocs and dav responses
- Enh #3239: Add privatelink to PROPFIND response
- Enh #3340: Add SpaceOwner to some event
- Enh #4564: Add SpaceShared event
- Enh #3297: Update dependencies
- Enh #4959: Make max lock cycles configurable
- Enh #1949: Add support for denying access in OCS layer
- Enh #3224: Make the jsoncs3 share manager cache ttl configurable
- Enh #3290: Harden file system accesses
- Enh #3332: Allow to enable TLS for grpc service
- Enh #3223: Improve CreateShare grpc error reporting
- Enh #3376: Improve logging
- Enh #3250: Allow sharing the gateway caches
- Enh #3240: We now only encode &, < and > in PROPFIND PCDATA
- Enh #3334: Secure the nats connectin with TLS
- Enh #3300: Do not leak existence of resources
- Enh #3233: Allow to override default broker for go-micro base ocdav service
- Enh #3258: Allow ocdav to share the registry instance with other services
- Enh #3225: Render file parent id for ocs shares
- Enh #3222: Support Prefer: return=minimal in PROPFIND
- Enh #3395: Reduce lock contention issues
- Enh #3286: Make Refresh Lock operation WOPI compliant
- Enh #3229: Request counting middleware
- Enh #3312: Implemented new share filters
- Enh #3308: Update the ttlcache library
- Enh #3291: The wopi app driver supports more options
Details
- Bugfix #3282: Use Displayname in wopi apps
We now use the users display name in wopi apps.
- Bugfix #3430: Add missing error check in decomposedfs
During space creation the decomposedfs now checks for errors when trying to read the root node.
This prevents a panic by no longer calling InternalPath on the node.
- Bugfix #3298: Make date only expiry dates valid for the whole day
When an expiry date like 2022-09-30 is parsed, we now make it valid for the whole day,
effectively becoming 2022-09-30 23:59:59
- Bugfix #3394: Avoid AppProvider panic
#3394
avoid
panic
in
app
provider
- Bugfix #3267: Reduced default cache sizes for smaller memory footprint
We reduced the default cachesizes of the auth interceptors and the share cache. The default of 1
Million cache entries was way too high and caused a high memory usage upon startup. Config
options to set custom cache size where added.
owncloud/ocis#3267
owncloud/ocis#4628
- Bugfix #3338: Fix malformed uid string in cache
The rediscache returns a uid in the format of <tablename>uid:<someuid> in the getter this
results in issues when trying to delete the key from the cache store, because the Delete
function will prepend the table name to the string which will not be resolvable in redis (e.g.
<tablename><tablename>uid:<somuid>)
- Bugfix #3255: Properly escape oc:name in propfind response
The oc:name property in the ocdav propfind response might contain XML special characters. We
now apply the proper escaping on that property.
- Bugfix #3324: Correct base URL for download URL and href when listing file public links
We now build the correct base URL when listing file public links.
- Bugfix #3278: Fix public share view mode during app open
We now set the correct view mode during an app open action when the user is accessing a public
share.
- Bugfix #3377: Fix possible race conditions
We fixed two potential race condition when initializing the shared config structure and when
setting up caches for the http authentication interceptors.
- Bugfix #3274: Fix "uploader" role permissions
We fixed a permission problem on "public upload shares", which allowed to view the content of
the shared upload folder.
- Bugfix #3241: Fix uploading empty files into shares
We fixed a problem which prevented empty files from being uploaded into shares.
- Bugfix #3251: Make listing xattrs more robust
We fixed a potential race condition when listing xattrs of nodes in concurrency situations
- Bugfix #3287: Return OCS forbidden error when a share already exists
We now return OCS 104 / HTTP 403 errors when a user tries to reshare a file with a recipient that
already has access to a resource.
- Bugfix #3218: Improve performance when listing received shares
We improved the performance when listing received shares by getting rid of superfluous
GetPath calls and sending stat request directly to the storage provider instead of the
SharesStorageProvider.
- Bugfix #3251: Lock source on move
When moving files until now only the lock of the targeted node would be checked. This could lead
to strange behaviour when using web editors like only office. With checking the source nodes
lock too, it is now forbidden to rename a file while it is locked
- Bugfix #3238: Return relative used quota amount as a percent value
The ocs/ocs/v1.php/cloud/users/ endpoint was fixed to return the relative amount of used
quota as a percentage value.
- Bugfix #3279: Polish OCS error responses
We aligned more OCS error responses with oc10
- Bugfix #3307: Refresh lock in decomposedFS needs to overwrite
We fixed a bug in the refresh lock operation in the DecomposedFS. The new lock was appended but
needs to overwrite the existing one.
- Bugfix #3368: Return 404 when no permission to space
WebDAV expects a 409 response when trying to upload into a non existing folder. We fixed the
implementation to return 404 when a user has no access to a space and still return a 409 when a
parent folder does not exist (and he has access to the space).
owncloud/ocis#3561
#3368
#3300
- Bugfix #3341: Validate s3ng downloads
The s3ng download func now returns an error in cases where the requested node blob is unknown or
the blob size does not match the node meta blob size.
- Bugfix #3284: Prevent nil pointer when requesting user
We added additional nil pointer checks in the user and groups providers.
- Bugfix #3257: Fix wopi access to publicly shared files
Wopi requests to single file public shares weren't properly authenticated. I added a new check
to allow wopi to access files which were publicly shared.
- Change #3267: Decomposedfs no longer stores the idp
We no longer persist the IDP of a user id in decomposedfs grants. As a consequence listing or
reading Grants no longer returns the IDP for the Creator. It never did for the Grantee. Whatever
credentials are used to authenticate a user we internally have to create a UUID anyway. Either
by lookung it up in an external service (eg. LDAP or SIEM) or we autoprovision it.
- Change #3381: Changed Name of the Shares Jail
We changed the space ...
v2.10.0
Changelog for reva 2.10.0 (2022-09-09)
The following sections list the changes in reva 2.10.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3210: Jsoncs3 mtime fix
- Enh #3213: Allow for dumping the public shares from the cs3 publicshare manager
- Enh #3199: Add support for cs3 storage backends to the json publicshare manager
Details
- Bugfix #3210: Jsoncs3 mtime fix
We now correctly update the mtime to only sync when the file changed on the storage.
- Enhancement #3213: Allow for dumping the public shares from the cs3 publicshare manager
We enhanced the cs3 publicshare manager to support dumping its content during a publicshare
manager migration.
- Enhancement #3199: Add support for cs3 storage backends to the json publicshare manager
We enhanced the json publicshare manager to support a cs3 storage backend alongside the file
and memory backends.
v2.9.0
Changelog for reva 2.9.0 (2022-09-08)
The following sections list the changes in reva 2.9.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3206: Add spaceid when listing share jail mount points
- Fix #3194: Adds the rootinfo to storage spaces
- Fix #3201: Fix shareid on PROPFIND
- Fix #3176: Forbid duplicate shares
- Fix #3208: Prevent panic in time conversion
- Fix #3207: Align ocs status code for permission error on publiclink update
- Enh #3193: Add shareid to PROPFIND
- Enh #3180: Add canDeleteAllHomeSpaces permission
- Enh #3203: Added "delete-all-spaces" permission
- Enh #3200: OCS get share now also handle received shares
- Enh #3185: Improve ldap authprovider's error reporting
- Enh #3179: Improve tokeninfo endpoint
- Enh #3171: Cs3 to jsoncs3 share manager migration
- Enh #3204: Make the function flockFile private
- Enh #3192: Enable space members to update shares
Details
- Bugfix #3206: Add spaceid when listing share jail mount points
- Bugfix #3194: Adds the rootinfo to storage spaces
The sympton of the bug were search results not containing permissions
- Bugfix #3201: Fix shareid on PROPFIND
Shareid was still not working properly. We need to parse it from the path
- Bugfix #3176: Forbid duplicate shares
When sending a CreateShare request twice two shares would be created, one being not
accessible. This was blocked by web so the issue wasn't obvious. Now it's forbidden to create
share for a user who already has a share on that same resource
- Bugfix #3208: Prevent panic in time conversion
- Bugfix #3881: Align ocs status code for permission error on publiclink update
The ocs status code returned for permission errors on updates of publiclink permissions is now
aligned with the documentation of the OCS share API and the behaviour of ownCloud 10
- Enhancement #3193: Add shareid to PROPFIND
Adds the shareid to the PROPFIND response (in case of shares only)
- Enhancement #3180: Add canDeleteAllHomeSpaces permission
We added a permission to the admin role in ocis that allows deleting homespaces on user delete.
#3180
#3202
https://github.com/owncloud/ocis/pull/4447/files
- Enhancement #3203: Added "delete-all-spaces" permission
We introduced a new permission "delete-all-spaces", users holding this permission are
allowed to delete any space of any type.
- Enhancement #4322: OCS get share now also handle received shares
Requesting a specific share can now also correctly map the path to the mountpoint if the
requested share is a received share.
- Enhancement #3185: Improve ldap authprovider's error reporting
The errorcode returned by the ldap authprovider driver is a bit more explicit now. (i.e. we
return a proper Invalid Credentials error now, when the LDAP Bind operation fails with that)
- Enhancement #3179: Improve tokeninfo endpoint
We added more information to the tokeninfo endpoint. aliaslink is a bool value indicating if
the permissions are 0. id is the full id of the file. Both are available to all users having the
link token. spaceType (indicating the space type) is only available if the user has native
access
- Enhancement #3171: Cs3 to jsoncs3 share manager migration
We added a Load() to the jsoncs3 and Dump() to the sc3 share manager. The shareid might need to be
prefixed with a storageid and space id.
- Enhancement #3204: Make the function flockFile private
Having that function exported is tempting people to use the func to get the name for calling the
lock functions. That is wrong, as this function is just a helper to generate the lock file name
from a given file to lock.
- Enhancement #3192: Enable space members to update shares
Enabled space members to update shares which they have not created themselves.
v2.8.0
Changelog for reva 2.8.0 (2022-08-23)
The following sections list the changes in reva 2.8.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3158: Add name to the propfind response
- Fix #3157: Fix locking response codes
- Fix #3152: Disable caching of not found stat responses
- Fix #4251: Disable caching
- Chg #3154: Dataproviders now return file metadata
- Enh #3143: Add /app/open-with-web endpoint
- Enh #3156: Added language option to the app provider
- Enh #3148: Add new jsoncs3 share manager
Details
- Bugfix #3158: Add name to the propfind response
Previously the file- or foldername had to be extracted from the href. This is not nice and
doesn't work for alias links.
- Bugfix #3157: Fix locking response codes
We've fixed the status codes for locking a file that is already locked.
owncloud/ocis#4366
#3157
#3003
- Bugfix #3152: Disable caching of not found stat responses
We no longer cache not found responses to prevent concurrent requests interfering with put
requests.
- Bugfix #4251: Disable caching
We disabled the cache, because there are race condtions that cause tests to fail.
- Change #3154: Dataproviders now return file metadata
Dataprovider drivers can now return file metadata. When the resource info contains a file id,
the mtime or an etag, these will be included in the response as the corresponding http headers.
- Enhancement #3143: Add /app/open-with-web endpoint
We've added an /app/open-with-web endpoint to the app provider, so that clients that are no
browser or have only limited browser access can also open apps with the help of a Web URL.
- Enhancement #3156: Added language option to the app provider
We've added an language option to the app provider which will in the end be passed to the app a user
opens so that the web ui is displayed in the users language.
owncloud/ocis#4367
#3156
owncloud/ocis#4399
- Enhancement #3148: Add new jsoncs3 share manager
We've added a new jsoncs3 share manager which splits the json file per storage space and caches
data locally.
v2.7.4
Changelog for reva 2.7.4 (2022-08-10)
The following sections list the changes in reva 2.7.4 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3141: Check ListGrants permission when listing shares
Details
- Bugfix #3141: Check ListGrants permission when listing shares
We now check the ListGrants permission when listing outgoing shares. If this permission is
set, users can list all shares in all spaces.
v2.7.3
Changelog for reva 2.7.3 (2022-08-09)
The following sections list the changes in reva 2.7.3 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3109: Fix missing check in MustCheckNodePermissions
- Fix #3086: Fix crash in ldap authprovider
- Fix #3094: Allow removing password from public links
- Fix #3096: Fix user filter
- Fix #3091: Project spaces need no real owner
- Fix #3088: Use correct sublogger
- Enh #3123: Allow stating links that have no permissions
- Enh #3087: Allow to set LDAP substring filter type
- Enh #3098: App provider http endpoint uses Form instead of Query
- Enh #3133: Admins can set quota on all spaces
- Enh #3117: Update go-ldap to v3.4.4
- Enh #3095: Upload expiration and cleanup
Details
-
Bugfix #3109: Fix missing check in MustCheckNodePermissions
We added a missing check to the MustCheckNodePermissions function, so space managers can see
disabled spaces. -
Bugfix #3086: Fix crash in ldap authprovider
We fixed possible crash in the LDAP authprovider caused by a null pointer derefence, when the
IDP settings of the userprovider are different from the authprovider. -
Bugfix #3094: Allow removing password from public links
When using cs3 public link share manager passwords would never be removed. We now remove the
password when getting an update request with empty password field -
Bugfix #3096: Fix user filter
We fixed the user filter to display the users drives properly and allow admins to list other
users drives. -
Bugfix #3091: Project spaces need no real owner
Make it possible to use a non existing user as a space owner.
-
Bugfix #3088: Use correct sublogger
We no longer log cache updated messages when log level is less verbose than debug.
-
Enhancement #3123: Allow stating links that have no permissions
We need a way to resolve the id when we have a token. This also needs to work for links that have no
permissions assigned -
Enhancement #3087: Allow to set LDAP substring filter type
We introduced new settings for the user- and groupproviders to allow configuring the LDAP
filter type for substring search. Possible values are: "initial", "final" and "any" to do
either prefix, suffix or full substring searches. -
Enhancement #3098: App provider http endpoint uses Form instead of Query
We've improved the http endpoint now uses the Form instead of Query to also support
application/x-www-form-urlencodedparameters on the app provider http endpoint. -
Enhancement #3133: Admins can set quota on all spaces
Admins which have the correct permissions should be able to set quota on all spaces. This is
implemented via the existing permissions client. -
Enhancement #3117: Update go-ldap to v3.4.4
Updated go-ldap/ldap/v3 to the latest upstream release to include the latest bugfixes.
-
Enhancement #3095: Upload expiration and cleanup
We made storage providers aware of upload expiration and added an interface for FS which
support listing and purging expired uploads.We also implemented said interface for decomposedfs.