diff --git a/CHANGELOG.md b/CHANGELOG.md index 7d83b02f35..1979a2add3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,480 @@ +Changelog for reva 2.11.0 (2022-11-03) +======================================= + +The following sections list the changes in reva 2.11.0 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + +* Fix #3282: Use Displayname in wopi apps +* Fix #3430: Add missing error check in decomposedfs +* Fix #3298: Make date only expiry dates valid for the whole day +* Fix #3394: Avoid AppProvider panic +* Fix #3267: Reduced default cache sizes for smaller memory footprint +* Fix #3338: Fix malformed uid string in cache +* Fix #3255: Properly escape oc:name in propfind response +* Fix #3324: Correct base URL for download URL and href when listing file public links +* Fix #3278: Fix public share view mode during app open +* Fix #3377: Fix possible race conditions +* Fix #3274: Fix "uploader" role permissions +* Fix #3241: Fix uploading empty files into shares +* Fix #3251: Make listing xattrs more robust +* Fix #3287: Return OCS forbidden error when a share already exists +* Fix #3218: Improve performance when listing received shares +* Fix #3251: Lock source on move +* Fix #3238: Return relative used quota amount as a percent value +* Fix #3279: Polish OCS error responses +* Fix #3307: Refresh lock in decomposedFS needs to overwrite +* Fix #3368: Return 404 when no permission to space +* Fix #3341: Validate s3ng downloads +* Fix #3284: Prevent nil pointer when requesting user +* Fix #3257: Fix wopi access to publicly shared files +* Chg #3267: Decomposedfs no longer stores the idp +* Chg #3381: Changed Name of the Shares Jail +* Enh #3381: Add capability for sharing by role +* Enh #3320: Add the parentID to the ocs and dav responses +* Enh #3239: Add privatelink to PROPFIND response +* Enh #3340: Add SpaceOwner to some event +* Enh #3252: Add SpaceShared event +* Enh #3297: Update dependencies +* Enh #3429: Make max lock cycles configurable +* Enh #3011: Expose capability to deny access in OCS API +* Enh #3224: Make the jsoncs3 share manager cache ttl configurable +* Enh #3290: Harden file system accesses +* Enh #3332: Allow to enable TLS for grpc service +* Enh #3223: Improve CreateShare grpc error reporting +* Enh #3376: Improve logging +* Enh #3250: Allow sharing the gateway caches +* Enh #3240: We now only encode &, < and > in PROPFIND PCDATA +* Enh #3334: Secure the nats connectin with TLS +* Enh #3300: Do not leak existence of resources +* Enh #3233: Allow to override default broker for go-micro base ocdav service +* Enh #3258: Allow ocdav to share the registry instance with other services +* Enh #3225: Render file parent id for ocs shares +* Enh #3222: Support Prefer: return=minimal in PROPFIND +* Enh #3395: Reduce lock contention issues +* Enh #3286: Make Refresh Lock operation WOPI compliant +* Enh #3229: Request counting middleware +* Enh #3312: Implemented new share filters +* Enh #3308: Update the ttlcache library +* Enh #3291: The wopi app driver supports more options + +Details +------- + +* Bugfix #3282: Use Displayname in wopi apps + + We now use the users display name in wopi apps. + + https://github.com/cs3org/reva/pull/3282 + +* Bugfix #3430: Add missing error check in decomposedfs + + During space creation the decomposedfs now checks for errors when trying to read the root node. + This prevents a panic by no longer calling InternalPath on the node. + + https://github.com/owncloud/ocis/issues/4961 + https://github.com/cs3org/reva/pull/3430 + +* Bugfix #3298: Make date only expiry dates valid for the whole day + + When an expiry date like `2022-09-30` is parsed, we now make it valid for the whole day, + effectively becoming `2022-09-30 23:59:59` + + https://github.com/cs3org/reva/pull/3298 + +* Bugfix #3394: Avoid AppProvider panic + + https://github.com/cs3org/reva/pull/3394 + avoid + panic + in + app + provider + +* Bugfix #3267: Reduced default cache sizes for smaller memory footprint + + We reduced the default cachesizes of the auth interceptors and the share cache. The default of 1 + Million cache entries was way too high and caused a high memory usage upon startup. Config + options to set custom cache size where added. + + https://github.com/owncloud/ocis/issues/3267 + https://github.com/owncloud/ocis/issues/4628 + +* Bugfix #3338: Fix malformed uid string in cache + + The rediscache returns a uid in the format of `uid:` in the getter this + results in issues when trying to delete the key from the cache store, because the Delete + function will prepend the table name to the string which will not be resolvable in redis (e.g. + `uid:`) + + https://github.com/owncloud/ocis/issues/4772 + https://github.com/cs3org/reva/pull/3338 + +* Bugfix #3255: Properly escape oc:name in propfind response + + The oc:name property in the ocdav propfind response might contain XML special characters. We + now apply the proper escaping on that property. + + https://github.com/owncloud/ocis/issues/4474 + https://github.com/cs3org/reva/pull/3255 + +* Bugfix #3324: Correct base URL for download URL and href when listing file public links + + We now build the correct base URL when listing file public links. + + https://github.com/owncloud/ocis/issues/4758 + https://github.com/cs3org/reva/pull/3324 + +* Bugfix #3278: Fix public share view mode during app open + + We now set the correct view mode during an app open action when the user is accessing a public + share. + + https://github.com/cs3org/reva/pull/3278 + +* Bugfix #3377: Fix possible race conditions + + We fixed two potential race condition when initializing the shared config structure and when + setting up caches for the http authentication interceptors. + + https://github.com/cs3org/reva/pull/3377 + +* Bugfix #3274: Fix "uploader" role permissions + + We fixed a permission problem on "public upload shares", which allowed to view the content of + the shared upload folder. + + https://github.com/owncloud/ocis/issues/4657 + https://github.com/cs3org/reva/pull/3274 + +* Bugfix #3241: Fix uploading empty files into shares + + We fixed a problem which prevented empty files from being uploaded into shares. + + https://github.com/owncloud/ocis/issues/4383 + https://github.com/cs3org/reva/pull/3241 + +* Bugfix #3251: Make listing xattrs more robust + + We fixed a potential race condition when listing xattrs of nodes in concurrency situations + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3287: Return OCS forbidden error when a share already exists + + We now return OCS 104 / HTTP 403 errors when a user tries to reshare a file with a recipient that + already has access to a resource. + + https://github.com/owncloud/ocis/issues/4630 + https://github.com/cs3org/reva/pull/3287 + +* Bugfix #3218: Improve performance when listing received shares + + We improved the performance when listing received shares by getting rid of superfluous + GetPath calls and sending stat request directly to the storage provider instead of the + SharesStorageProvider. + + https://github.com/cs3org/reva/pull/3218 + +* Bugfix #3251: Lock source on move + + When moving files until now only the lock of the targeted node would be checked. This could lead + to strange behaviour when using web editors like only office. With checking the source nodes + lock too, it is now forbidden to rename a file while it is locked + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3238: Return relative used quota amount as a percent value + + The ocs/ocs/v1.php/cloud/users/ endpoint was fixed to return the relative amount of used + quota as a percentage value. + + https://github.com/owncloud/ocis/issues/4357 + https://github.com/cs3org/reva/pull/3238 + +* Bugfix #3279: Polish OCS error responses + + We aligned more OCS error responses with oc10 + + https://github.com/owncloud/ocis/issues/1799 + https://github.com/cs3org/reva/pull/3279 + +* Bugfix #3307: Refresh lock in decomposedFS needs to overwrite + + We fixed a bug in the refresh lock operation in the DecomposedFS. The new lock was appended but + needs to overwrite the existing one. + + https://github.com/cs3org/reva/pull/3307 + +* Bugfix #3368: Return 404 when no permission to space + + WebDAV expects a 409 response when trying to upload into a non existing folder. We fixed the + implementation to return 404 when a user has no access to a space and still return a 409 when a + parent folder does not exist (and he has access to the space). + + https://github.com/owncloud/ocis/issues/3561 + https://github.com/cs3org/reva/pull/3368 + https://github.com/cs3org/reva/pull/3300 + +* Bugfix #3341: Validate s3ng downloads + + The s3ng download func now returns an error in cases where the requested node blob is unknown or + the blob size does not match the node meta blob size. + + https://github.com/cs3org/reva/pull/3341 + +* Bugfix #3284: Prevent nil pointer when requesting user + + We added additional nil pointer checks in the user and groups providers. + + https://github.com/owncloud/ocis/issues/4703 + https://github.com/cs3org/reva/pull/3284 + +* Bugfix #3257: Fix wopi access to publicly shared files + + Wopi requests to single file public shares weren't properly authenticated. I added a new check + to allow wopi to access files which were publicly shared. + + https://github.com/owncloud/ocis/issues/4382 + https://github.com/cs3org/reva/pull/3257 + +* Change #3267: Decomposedfs no longer stores the idp + + We no longer persist the IDP of a user id in decomposedfs grants. As a consequence listing or + reading Grants no longer returns the IDP for the Creator. It never did for the Grantee. Whatever + credentials are used to authenticate a user we internally have to create a UUID anyway. Either + by lookung it up in an external service (eg. LDAP or SIEM) or we autoprovision it. + + https://github.com/cs3org/reva/pull/3267 + +* Change #3381: Changed Name of the Shares Jail + + We changed the space name of the shares jail to `Shares`. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3381: Add capability for sharing by role + + We added the capability to indicate that the ocs share api supports sharing by role. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3320: Add the parentID to the ocs and dav responses + + We added the parent resourceID to the OCS and WebDav responses to enable navigation by ID in the + web client. + + https://github.com/cs3org/reva/pull/3320 + +* Enhancement #3239: Add privatelink to PROPFIND response + + We made it possible to request a privatelink WebDAV property. + + https://github.com/cs3org/reva/pull/3239 + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3340: Add SpaceOwner to some event + + We added a SpaceOwner field to some of the events which can be used by consumers to gain access to + the affected space. + + https://github.com/cs3org/reva/pull/3340 + https://github.com/cs3org/reva/pull/3350 + +* Enhancement #3252: Add SpaceShared event + + We added an event that is emmitted when somebody shares a space. + + https://github.com/owncloud/ocis/issues/4303 + https://github.com/cs3org/reva/pull/3252 + https://github.com/owncloud/ocis/pull/4564 + +* Enhancement #3297: Update dependencies + + * github.com/mileusna/useragent v1.2.0 + + https://github.com/cs3org/reva/pull/3297 + +* Enhancement #3429: Make max lock cycles configurable + + When a file is locked the flock library will retry a given amount of times (with a increasing + sleep time inbetween each round) Until now the max amount of such rounds was hardcoded to `10`. + Now it is configurable, falling back to a default of `25` + + https://github.com/cs3org/reva/pull/3429 + https://github.com/owncloud/ocis/pull/4959 + +* Enhancement #3011: Expose capability to deny access in OCS API + + http://github.com/cs3org/reva/pull/3011 + +* Enhancement #3224: Make the jsoncs3 share manager cache ttl configurable + + We added a new setting to the jsoncs3 share manager which allows to set the cache ttl. + + https://github.com/cs3org/reva/pull/3224 + +* Enhancement #3290: Harden file system accesses + + We have reviewed and hardened file system accesses to prevent any vulnerabilities like + directory traversal. + + https://github.com/cs3org/reva/pull/3290 + +* Enhancement #3332: Allow to enable TLS for grpc service + + We added new configuration settings for the grpc based services allowing to enable transport + security for the services. By setting: + + ```toml [grpc.tls_settings] enabled = true certificate = "" key = + "" ``` + + TLS transportsecurity is enabled using the supplied certificate. When `enabled` is set to + `true`, but no certificate and key files are supplied reva will generate temporary + self-signed certificates at startup (this requires to also configure the clients to disable + certificate verification, see below). + + The client side can be configured via the shared section. Set this to configure the CA for + verifying server certificates: + + ```toml [shared.grpc_client_options] tls_mode = "on" tls_cacert = + "" ``` + + To disable server certificate verification (e.g. when using the autogenerated self-signed + certificates) set: + + ```toml [shared.grpc_client_options] tls_mode = "insecure" ``` + + To switch off TLS for the clients (which is also the default): + + ```toml [shared.grpc_client_options] tls_mode = "off" ``` + + https://github.com/cs3org/reva/pull/3332 + +* Enhancement #3223: Improve CreateShare grpc error reporting + + The errorcode returned by the share provider when creating a share where the sharee is already + the owner of the shared target is a bit more explicit now. Also debug logging was added for this. + + https://github.com/cs3org/reva/pull/3223 + +* Enhancement #3376: Improve logging + + We improved the logging by adding the request id to ocdav, ocs and several other http services. + + https://github.com/cs3org/reva/pull/3376 + +* Enhancement #3250: Allow sharing the gateway caches + + We replaced the in memory implementation of the gateway with go-micro stores. The gateways + `cache_store` defaults to `noop` and can be set to `memory`, `redis` or `etcd`. When setting it + also set any dataproviders `datatxs.*.cache_store` new config option to the same values so + they can invalidate the cache when a file has been uploadad. + + Cache instances will be shared between handlers when they use the same configuration in the + same process to allow the dataprovider to access the same cache as the gateway. + + The `nats-js` implementation requires a limited set of characters in the key and is currently + known to be broken. + + The `etag_cache_ttl` was removed as it was not used anyway. + + https://github.com/cs3org/reva/pull/3250 + +* Enhancement #3240: We now only encode &, < and > in PROPFIND PCDATA + + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3334: Secure the nats connectin with TLS + + Encyrpted the connection to the event broker using TLS. Per default TLS is not used. + + https://github.com/cs3org/reva/pull/3334 + https://github.com/cs3org/reva/pull/3382 + +* Enhancement #3300: Do not leak existence of resources + + We are now returning a not found error for more requests to not leak existence of spaces for users + that do not have access to resources. + + https://github.com/cs3org/reva/pull/3300 + +* Enhancement #3233: Allow to override default broker for go-micro base ocdav service + + An option for setting an alternative go-micro Broker was introduced. This can be used to avoid + ocdav from spawing the (unneeded) default http Broker. + + https://github.com/cs3org/reva/pull/3233 + +* Enhancement #3258: Allow ocdav to share the registry instance with other services + + This allows to use the in-memory registry when running all services in a single process. + + https://github.com/owncloud/ocis/issues/3134 + https://github.com/cs3org/reva/pull/3258 + +* Enhancement #3225: Render file parent id for ocs shares + + We brought back the `file_parent` property for ocs shares. The spaces concept makes + navigating by path suboptimal. Having a parent id allows navigating without having to look up + the full path. + + https://github.com/cs3org/reva/pull/3225 + +* Enhancement #3222: Support Prefer: return=minimal in PROPFIND + + To reduce HTTP body size when listing folders we implemented + https://datatracker.ietf.org/doc/html/rfc8144#section-2.1 to omit the 404 propstat + part when a `Prefer: return=minimal` header is present. + + https://github.com/cs3org/reva/pull/3222 + +* Enhancement #3395: Reduce lock contention issues + + We reduced lock contention during high load by optimistically non-locking when listing the + extended attributes of a file. Only in case of issues the list is read again while holding a lock. + + https://github.com/cs3org/reva/pull/3395 + +* Enhancement #3286: Make Refresh Lock operation WOPI compliant + + We now support the WOPI compliant `UnlockAndRelock` operation. This has been implemented in + the DecomposedFS. To make use of it, we need a compatible WOPI server. + + https://github.com/cs3org/reva/pull/3286 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/rest/files/unlockandrelock + +* Enhancement #3229: Request counting middleware + + We added a request counting `prometheus` HTTP middleware and GRPC interceptor that can be + configured with a `namespace` and `subsystem` to count the number of requests. + + https://github.com/cs3org/reva/pull/3229 + +* Enhancement #3312: Implemented new share filters + + Added share filters for space ID and share state. + + https://github.com/owncloud/ocis/issues/3843 + https://github.com/cs3org/reva/pull/3312 + +* Enhancement #3308: Update the ttlcache library + + Updated the ttlcache library version and module path. + + https://github.com/cs3org/reva/pull/3308 + +* Enhancement #3291: The wopi app driver supports more options + + We now generate a folderurl that is used in the wopi protocol. It provides an endpoint to go back + from the app to the containing folder in the file list. In addition to that, we now include the + UI_LLCC parameter in the app-open URL. + + https://github.com/cs3org/reva/pull/3291 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/online/discovery#ui_llcc + Changelog for reva 2.10.0 (2022-09-09) ======================================= @@ -417,34 +894,6 @@ Details https://github.com/cs3org/reva/pull/3083 -Changelog for reva 2.7.1 (2022-07-15) -======================================= - -The following sections list the changes in reva 2.7.1 relevant to -reva users. The changes are ordered by importance. - -Summary -------- - -* Fix #3080: Make dataproviders return more headers -* Enh #3046: Add user filter - -Details -------- - -* Bugfix #3080: Make dataproviders return more headers - - Instead of ocdav doing an additional Stat request we now rely on the dataprovider to return the - necessary metadata information as headers. - - https://github.com/owncloud/reva/issues/3080 - -* Enhancement #3046: Add user filter - - This PR adds the ability to filter spaces by user-id - - https://github.com/cs3org/reva/pull/3046 - Changelog for reva 2.7.0 (2022-07-15) ======================================= @@ -577,6 +1026,34 @@ Details https://github.com/owncloud/ocis/issues/3073 https://github.com/cs3org/reva/pull/2977 +Changelog for reva 2.7.1 (2022-07-15) +======================================= + +The following sections list the changes in reva 2.7.1 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + +* Fix #3080: Make dataproviders return more headers +* Enh #3046: Add user filter + +Details +------- + +* Bugfix #3080: Make dataproviders return more headers + + Instead of ocdav doing an additional Stat request we now rely on the dataprovider to return the + necessary metadata information as headers. + + https://github.com/owncloud/reva/issues/3080 + +* Enhancement #3046: Add user filter + + This PR adds the ability to filter spaces by user-id + + https://github.com/cs3org/reva/pull/3046 + Changelog for reva 2.6.1 (2022-06-27) ======================================= @@ -944,6 +1421,27 @@ Details https://github.com/cs3org/reva/pull/2922 +Changelog for reva 2.4.1 (2022-05-24) +======================================= + +The following sections list the changes in reva 2.4.1 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + +* Fix #2891: Add missing http status code + +Details +------- + +* Bugfix #2891: Add missing http status code + + This Fix adds a missing status code to the InsufficientStorage error in reva, to allow tus to + pass it through. + + https://github.com/cs3org/reva/pull/2891 + Changelog for reva 2.4.0 (2022-05-24) ======================================= @@ -1087,27 +1585,6 @@ Details https://github.com/cs3org/reva/pull/2792 -Changelog for reva 2.4.1 (2022-05-24) -======================================= - -The following sections list the changes in reva 2.4.1 relevant to -reva users. The changes are ordered by importance. - -Summary -------- - -* Fix #2891: Add missing http status code - -Details -------- - -* Bugfix #2891: Add missing http status code - - This Fix adds a missing status code to the InsufficientStorage error in reva, to allow tus to - pass it through. - - https://github.com/cs3org/reva/pull/2891 - Changelog for reva 2.3.1 (2022-05-08) ======================================= diff --git a/Dockerfile.revad-ceph b/Dockerfile.revad-ceph index a547940fe2..ef01318777 100644 --- a/Dockerfile.revad-ceph +++ b/Dockerfile.revad-ceph @@ -26,12 +26,12 @@ RUN dnf update -y && dnf install -y \ librbd-devel \ librados-devel -ADD https://golang.org/dl/go1.16.4.linux-amd64.tar.gz \ - go1.16.4.linux-amd64.tar.gz +ADD https://golang.org/dl/go1.19.3.linux-amd64.tar.gz \ + go1.19.3.linux-amd64.tar.gz RUN rm -rf /usr/local/go && \ - tar -C /usr/local -xzf go1.16.4.linux-amd64.tar.gz && \ - rm go1.16.4.linux-amd64.tar.gz + tar -C /usr/local -xzf go1.19.3.linux-amd64.tar.gz && \ + rm go1.19.3.linux-amd64.tar.gz ENV PATH /go/bin:/usr/local/go/bin:$PATH ENV GOPATH /go diff --git a/Dockerfile.revad-eos b/Dockerfile.revad-eos index 3b3535025a..0eb16e3299 100644 --- a/Dockerfile.revad-eos +++ b/Dockerfile.revad-eos @@ -21,10 +21,17 @@ FROM gitlab-registry.cern.ch/dss/eos/eos-all:4.8.66 as builder RUN yum -y update && yum clean all RUN yum -y install https://packages.endpointdev.com/rhel/7/os/x86_64/endpoint-repo.x86_64.rpm -RUN yum install -y make git gcc libc-dev bash epel-release golang && \ +RUN yum install -y make git gcc libc-dev bash epel-release && \ yum clean all && \ rm -rf /var/cache/yum +ADD https://golang.org/dl/go1.19.3.linux-amd64.tar.gz \ + go1.19.3.linux-amd64.tar.gz + +RUN rm -rf /usr/local/go && \ + tar -C /usr/local -xzf go1.19.3.linux-amd64.tar.gz && \ + rm go1.19.3.linux-amd64.tar.gz + ENV PATH /go/bin:/usr/local/go/bin:$PATH ENV GOPATH /go diff --git a/RELEASE_DATE b/RELEASE_DATE index 66eb77d6dc..7e38e0c32b 100644 --- a/RELEASE_DATE +++ b/RELEASE_DATE @@ -1 +1 @@ -2022-09-09 \ No newline at end of file +2022-11-03 \ No newline at end of file diff --git a/VERSION b/VERSION index f161b5d809..ed0edc885b 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.10.0 \ No newline at end of file +2.11.0 \ No newline at end of file diff --git a/changelog/unreleased/add-caps.md b/changelog/2.11.0_2022-11-03/add-caps.md similarity index 100% rename from changelog/unreleased/add-caps.md rename to changelog/2.11.0_2022-11-03/add-caps.md diff --git a/changelog/unreleased/add-parent-id-dav-ocs.md b/changelog/2.11.0_2022-11-03/add-parent-id-dav-ocs.md similarity index 100% rename from changelog/unreleased/add-parent-id-dav-ocs.md rename to changelog/2.11.0_2022-11-03/add-parent-id-dav-ocs.md diff --git a/changelog/unreleased/add-privatelink-dav.md b/changelog/2.11.0_2022-11-03/add-privatelink-dav.md similarity index 100% rename from changelog/unreleased/add-privatelink-dav.md rename to changelog/2.11.0_2022-11-03/add-privatelink-dav.md diff --git a/changelog/unreleased/add-spaceowner-to-events.md b/changelog/2.11.0_2022-11-03/add-spaceowner-to-events.md similarity index 100% rename from changelog/unreleased/add-spaceowner-to-events.md rename to changelog/2.11.0_2022-11-03/add-spaceowner-to-events.md diff --git a/changelog/unreleased/add-spaceshared-event.md b/changelog/2.11.0_2022-11-03/add-spaceshared-event.md similarity index 82% rename from changelog/unreleased/add-spaceshared-event.md rename to changelog/2.11.0_2022-11-03/add-spaceshared-event.md index 76c98ea5ef..59fe6ec3a4 100644 --- a/changelog/unreleased/add-spaceshared-event.md +++ b/changelog/2.11.0_2022-11-03/add-spaceshared-event.md @@ -2,6 +2,6 @@ Enhancement: Add SpaceShared event We added an event that is emmitted when somebody shares a space. +https://github.com/cs3org/reva/pull/3252 https://github.com/owncloud/ocis/pull/4564 https://github.com/owncloud/ocis/issues/4303 -https://github.com/cs3org/reva/pull/3252 \ No newline at end of file diff --git a/changelog/unreleased/better-usernames.md b/changelog/2.11.0_2022-11-03/better-usernames.md similarity index 100% rename from changelog/unreleased/better-usernames.md rename to changelog/2.11.0_2022-11-03/better-usernames.md diff --git a/changelog/unreleased/bump-mileusna-useragent.md b/changelog/2.11.0_2022-11-03/bump-mileusna-useragent.md similarity index 100% rename from changelog/unreleased/bump-mileusna-useragent.md rename to changelog/2.11.0_2022-11-03/bump-mileusna-useragent.md diff --git a/changelog/unreleased/configurable-max-lock-cycles.md b/changelog/2.11.0_2022-11-03/configurable-max-lock-cycles.md similarity index 89% rename from changelog/unreleased/configurable-max-lock-cycles.md rename to changelog/2.11.0_2022-11-03/configurable-max-lock-cycles.md index 719d32327e..83f2b35122 100644 --- a/changelog/unreleased/configurable-max-lock-cycles.md +++ b/changelog/2.11.0_2022-11-03/configurable-max-lock-cycles.md @@ -3,4 +3,5 @@ Enhancement: Make max lock cycles configurable When a file is locked the flock library will retry a given amount of times (with a increasing sleep time inbetween each round) Until now the max amount of such rounds was hardcoded to `10`. Now it is configurable, falling back to a default of `25` +https://github.com/cs3org/reva/pull/3429 https://github.com/owncloud/ocis/pull/4959 diff --git a/changelog/unreleased/decomposedfs-check-error.md b/changelog/2.11.0_2022-11-03/decomposedfs-check-error.md similarity index 100% rename from changelog/unreleased/decomposedfs-check-error.md rename to changelog/2.11.0_2022-11-03/decomposedfs-check-error.md diff --git a/changelog/unreleased/decomposedfs-drop-idp.md b/changelog/2.11.0_2022-11-03/decomposedfs-drop-idp.md similarity index 100% rename from changelog/unreleased/decomposedfs-drop-idp.md rename to changelog/2.11.0_2022-11-03/decomposedfs-drop-idp.md diff --git a/changelog/2.11.0_2022-11-03/deny-access-to-resources.md b/changelog/2.11.0_2022-11-03/deny-access-to-resources.md new file mode 100644 index 0000000000..61075c67f8 --- /dev/null +++ b/changelog/2.11.0_2022-11-03/deny-access-to-resources.md @@ -0,0 +1,3 @@ +Enhancement: Expose capability to deny access in OCS API + +http://github.com/cs3org/reva/pull/3011 diff --git a/changelog/unreleased/expiry-parsing-date-only-fix.md b/changelog/2.11.0_2022-11-03/expiry-parsing-date-only-fix.md similarity index 100% rename from changelog/unreleased/expiry-parsing-date-only-fix.md rename to changelog/2.11.0_2022-11-03/expiry-parsing-date-only-fix.md diff --git a/changelog/unreleased/expose-cache-ttl-config.md b/changelog/2.11.0_2022-11-03/expose-cache-ttl-config.md similarity index 100% rename from changelog/unreleased/expose-cache-ttl-config.md rename to changelog/2.11.0_2022-11-03/expose-cache-ttl-config.md diff --git a/changelog/unreleased/fix-appprovider-panic.md b/changelog/2.11.0_2022-11-03/fix-appprovider-panic.md similarity index 100% rename from changelog/unreleased/fix-appprovider-panic.md rename to changelog/2.11.0_2022-11-03/fix-appprovider-panic.md diff --git a/changelog/unreleased/fix-default-cachesizes.md b/changelog/2.11.0_2022-11-03/fix-default-cachesizes.md similarity index 100% rename from changelog/unreleased/fix-default-cachesizes.md rename to changelog/2.11.0_2022-11-03/fix-default-cachesizes.md diff --git a/changelog/unreleased/fix-malformed-uid-string.md b/changelog/2.11.0_2022-11-03/fix-malformed-uid-string.md similarity index 100% rename from changelog/unreleased/fix-malformed-uid-string.md rename to changelog/2.11.0_2022-11-03/fix-malformed-uid-string.md diff --git a/changelog/unreleased/fix-propfind-escape-name.md b/changelog/2.11.0_2022-11-03/fix-propfind-escape-name.md similarity index 100% rename from changelog/unreleased/fix-propfind-escape-name.md rename to changelog/2.11.0_2022-11-03/fix-propfind-escape-name.md diff --git a/changelog/unreleased/fix-public-link-baseurl.md b/changelog/2.11.0_2022-11-03/fix-public-link-baseurl.md similarity index 100% rename from changelog/unreleased/fix-public-link-baseurl.md rename to changelog/2.11.0_2022-11-03/fix-public-link-baseurl.md diff --git a/changelog/unreleased/fix-publicshare-app-view-mode.md b/changelog/2.11.0_2022-11-03/fix-publicshare-app-view-mode.md similarity index 100% rename from changelog/unreleased/fix-publicshare-app-view-mode.md rename to changelog/2.11.0_2022-11-03/fix-publicshare-app-view-mode.md diff --git a/changelog/unreleased/fix-racecond.md b/changelog/2.11.0_2022-11-03/fix-racecond.md similarity index 100% rename from changelog/unreleased/fix-racecond.md rename to changelog/2.11.0_2022-11-03/fix-racecond.md diff --git a/changelog/unreleased/fix-uploader-permissions.md b/changelog/2.11.0_2022-11-03/fix-uploader-permissions.md similarity index 100% rename from changelog/unreleased/fix-uploader-permissions.md rename to changelog/2.11.0_2022-11-03/fix-uploader-permissions.md diff --git a/changelog/unreleased/fix-uploading-empty-files.md b/changelog/2.11.0_2022-11-03/fix-uploading-empty-files.md similarity index 100% rename from changelog/unreleased/fix-uploading-empty-files.md rename to changelog/2.11.0_2022-11-03/fix-uploading-empty-files.md diff --git a/changelog/unreleased/fix-xattrs-race-condition2.md b/changelog/2.11.0_2022-11-03/fix-xattrs-race-condition2.md similarity index 100% rename from changelog/unreleased/fix-xattrs-race-condition2.md rename to changelog/2.11.0_2022-11-03/fix-xattrs-race-condition2.md diff --git a/changelog/unreleased/forbidden-on-reshare.md b/changelog/2.11.0_2022-11-03/forbidden-on-reshare.md similarity index 100% rename from changelog/unreleased/forbidden-on-reshare.md rename to changelog/2.11.0_2022-11-03/forbidden-on-reshare.md diff --git a/changelog/unreleased/fs-access.md b/changelog/2.11.0_2022-11-03/fs-access.md similarity index 100% rename from changelog/unreleased/fs-access.md rename to changelog/2.11.0_2022-11-03/fs-access.md diff --git a/changelog/unreleased/grpc-tls-settings.md b/changelog/2.11.0_2022-11-03/grpc-tls-settings.md similarity index 100% rename from changelog/unreleased/grpc-tls-settings.md rename to changelog/2.11.0_2022-11-03/grpc-tls-settings.md diff --git a/changelog/unreleased/improve-create-share-err.md b/changelog/2.11.0_2022-11-03/improve-create-share-err.md similarity index 100% rename from changelog/unreleased/improve-create-share-err.md rename to changelog/2.11.0_2022-11-03/improve-create-share-err.md diff --git a/changelog/unreleased/improve-listing-received-shares.md b/changelog/2.11.0_2022-11-03/improve-listing-received-shares.md similarity index 100% rename from changelog/unreleased/improve-listing-received-shares.md rename to changelog/2.11.0_2022-11-03/improve-listing-received-shares.md diff --git a/changelog/unreleased/lock-source-on-move.md b/changelog/2.11.0_2022-11-03/lock-source-on-move.md similarity index 100% rename from changelog/unreleased/lock-source-on-move.md rename to changelog/2.11.0_2022-11-03/lock-source-on-move.md diff --git a/changelog/unreleased/logging-improvements.md b/changelog/2.11.0_2022-11-03/logging-improvements.md similarity index 100% rename from changelog/unreleased/logging-improvements.md rename to changelog/2.11.0_2022-11-03/logging-improvements.md diff --git a/changelog/unreleased/micro-cache-store.md b/changelog/2.11.0_2022-11-03/micro-cache-store.md similarity index 100% rename from changelog/unreleased/micro-cache-store.md rename to changelog/2.11.0_2022-11-03/micro-cache-store.md diff --git a/changelog/unreleased/more-efficient-etag-pcdata.md b/changelog/2.11.0_2022-11-03/more-efficient-etag-pcdata.md similarity index 100% rename from changelog/unreleased/more-efficient-etag-pcdata.md rename to changelog/2.11.0_2022-11-03/more-efficient-etag-pcdata.md diff --git a/changelog/unreleased/nats-tls.md b/changelog/2.11.0_2022-11-03/nats-tls.md similarity index 100% rename from changelog/unreleased/nats-tls.md rename to changelog/2.11.0_2022-11-03/nats-tls.md diff --git a/changelog/unreleased/not-found-for-permission-denied.md b/changelog/2.11.0_2022-11-03/not-found-for-permission-denied.md similarity index 100% rename from changelog/unreleased/not-found-for-permission-denied.md rename to changelog/2.11.0_2022-11-03/not-found-for-permission-denied.md diff --git a/changelog/unreleased/ocdav-broker-conf.md b/changelog/2.11.0_2022-11-03/ocdav-broker-conf.md similarity index 100% rename from changelog/unreleased/ocdav-broker-conf.md rename to changelog/2.11.0_2022-11-03/ocdav-broker-conf.md diff --git a/changelog/unreleased/ocdav-micro-registry.md b/changelog/2.11.0_2022-11-03/ocdav-micro-registry.md similarity index 100% rename from changelog/unreleased/ocdav-micro-registry.md rename to changelog/2.11.0_2022-11-03/ocdav-micro-registry.md diff --git a/changelog/unreleased/ocs-relquota-value.md b/changelog/2.11.0_2022-11-03/ocs-relquota-value.md similarity index 100% rename from changelog/unreleased/ocs-relquota-value.md rename to changelog/2.11.0_2022-11-03/ocs-relquota-value.md diff --git a/changelog/unreleased/ocs-share-parent-id.md b/changelog/2.11.0_2022-11-03/ocs-share-parent-id.md similarity index 100% rename from changelog/unreleased/ocs-share-parent-id.md rename to changelog/2.11.0_2022-11-03/ocs-share-parent-id.md diff --git a/changelog/unreleased/polish-ocs-errors.md b/changelog/2.11.0_2022-11-03/polish-ocs-errors.md similarity index 100% rename from changelog/unreleased/polish-ocs-errors.md rename to changelog/2.11.0_2022-11-03/polish-ocs-errors.md diff --git a/changelog/unreleased/prefer-return-minimal.md b/changelog/2.11.0_2022-11-03/prefer-return-minimal.md similarity index 100% rename from changelog/unreleased/prefer-return-minimal.md rename to changelog/2.11.0_2022-11-03/prefer-return-minimal.md diff --git a/changelog/unreleased/reduce-lock-contention.md b/changelog/2.11.0_2022-11-03/reduce-lock-contention.md similarity index 100% rename from changelog/unreleased/reduce-lock-contention.md rename to changelog/2.11.0_2022-11-03/reduce-lock-contention.md diff --git a/changelog/unreleased/refresh-lock-fix.md b/changelog/2.11.0_2022-11-03/refresh-lock-fix.md similarity index 100% rename from changelog/unreleased/refresh-lock-fix.md rename to changelog/2.11.0_2022-11-03/refresh-lock-fix.md diff --git a/changelog/unreleased/refresh-lock-improvements.md b/changelog/2.11.0_2022-11-03/refresh-lock-improvements.md similarity index 100% rename from changelog/unreleased/refresh-lock-improvements.md rename to changelog/2.11.0_2022-11-03/refresh-lock-improvements.md diff --git a/changelog/unreleased/request-counting-middleware.md b/changelog/2.11.0_2022-11-03/request-counting-middleware.md similarity index 100% rename from changelog/unreleased/request-counting-middleware.md rename to changelog/2.11.0_2022-11-03/request-counting-middleware.md diff --git a/changelog/unreleased/return-conflict-vs-notfound.md b/changelog/2.11.0_2022-11-03/return-conflict-vs-notfound.md similarity index 100% rename from changelog/unreleased/return-conflict-vs-notfound.md rename to changelog/2.11.0_2022-11-03/return-conflict-vs-notfound.md diff --git a/changelog/unreleased/s3ng-download-validation.md b/changelog/2.11.0_2022-11-03/s3ng-download-validation.md similarity index 100% rename from changelog/unreleased/s3ng-download-validation.md rename to changelog/2.11.0_2022-11-03/s3ng-download-validation.md diff --git a/changelog/unreleased/share-filters.md b/changelog/2.11.0_2022-11-03/share-filters.md similarity index 100% rename from changelog/unreleased/share-filters.md rename to changelog/2.11.0_2022-11-03/share-filters.md diff --git a/changelog/unreleased/share-space-name.md b/changelog/2.11.0_2022-11-03/share-space-name.md similarity index 100% rename from changelog/unreleased/share-space-name.md rename to changelog/2.11.0_2022-11-03/share-space-name.md diff --git a/changelog/unreleased/update-ttlcache.md b/changelog/2.11.0_2022-11-03/update-ttlcache.md similarity index 100% rename from changelog/unreleased/update-ttlcache.md rename to changelog/2.11.0_2022-11-03/update-ttlcache.md diff --git a/changelog/unreleased/users-prevent-nil-pointer.md b/changelog/2.11.0_2022-11-03/users-prevent-nil-pointer.md similarity index 100% rename from changelog/unreleased/users-prevent-nil-pointer.md rename to changelog/2.11.0_2022-11-03/users-prevent-nil-pointer.md diff --git a/changelog/unreleased/wopi-driver-improvements.md b/changelog/2.11.0_2022-11-03/wopi-driver-improvements.md similarity index 100% rename from changelog/unreleased/wopi-driver-improvements.md rename to changelog/2.11.0_2022-11-03/wopi-driver-improvements.md diff --git a/changelog/unreleased/wopi-single-file-public-share.md b/changelog/2.11.0_2022-11-03/wopi-single-file-public-share.md similarity index 100% rename from changelog/unreleased/wopi-single-file-public-share.md rename to changelog/2.11.0_2022-11-03/wopi-single-file-public-share.md diff --git a/changelog/NOTE.md b/changelog/NOTE.md index 43329af184..c500daeee5 100644 --- a/changelog/NOTE.md +++ b/changelog/NOTE.md @@ -1,35 +1,476 @@ -Changelog for reva 2.10.0 (2022-09-09) +Changelog for reva 2.11.0 (2022-11-03) ======================================= -The following sections list the changes in reva 2.10.0 relevant to +The following sections list the changes in reva 2.11.0 relevant to reva users. The changes are ordered by importance. Summary ------- -* Fix #3210: Jsoncs3 mtime fix -* Enh #3213: Allow for dumping the public shares from the cs3 publicshare manager -* Enh #3199: Add support for cs3 storage backends to the json publicshare manager +* Fix #3282: Use Displayname in wopi apps +* Fix #3430: Add missing error check in decomposedfs +* Fix #3298: Make date only expiry dates valid for the whole day +* Fix #3394: Avoid AppProvider panic +* Fix #3267: Reduced default cache sizes for smaller memory footprint +* Fix #3338: Fix malformed uid string in cache +* Fix #3255: Properly escape oc:name in propfind response +* Fix #3324: Correct base URL for download URL and href when listing file public links +* Fix #3278: Fix public share view mode during app open +* Fix #3377: Fix possible race conditions +* Fix #3274: Fix "uploader" role permissions +* Fix #3241: Fix uploading empty files into shares +* Fix #3251: Make listing xattrs more robust +* Fix #3287: Return OCS forbidden error when a share already exists +* Fix #3218: Improve performance when listing received shares +* Fix #3251: Lock source on move +* Fix #3238: Return relative used quota amount as a percent value +* Fix #3279: Polish OCS error responses +* Fix #3307: Refresh lock in decomposedFS needs to overwrite +* Fix #3368: Return 404 when no permission to space +* Fix #3341: Validate s3ng downloads +* Fix #3284: Prevent nil pointer when requesting user +* Fix #3257: Fix wopi access to publicly shared files +* Chg #3267: Decomposedfs no longer stores the idp +* Chg #3381: Changed Name of the Shares Jail +* Enh #3381: Add capability for sharing by role +* Enh #3320: Add the parentID to the ocs and dav responses +* Enh #3239: Add privatelink to PROPFIND response +* Enh #3340: Add SpaceOwner to some event +* Enh #4564: Add SpaceShared event +* Enh #3297: Update dependencies +* Enh #4959: Make max lock cycles configurable +* Enh #1949: Add support for denying access in OCS layer +* Enh #3224: Make the jsoncs3 share manager cache ttl configurable +* Enh #3290: Harden file system accesses +* Enh #3332: Allow to enable TLS for grpc service +* Enh #3223: Improve CreateShare grpc error reporting +* Enh #3376: Improve logging +* Enh #3250: Allow sharing the gateway caches +* Enh #3240: We now only encode &, < and > in PROPFIND PCDATA +* Enh #3334: Secure the nats connectin with TLS +* Enh #3300: Do not leak existence of resources +* Enh #3233: Allow to override default broker for go-micro base ocdav service +* Enh #3258: Allow ocdav to share the registry instance with other services +* Enh #3225: Render file parent id for ocs shares +* Enh #3222: Support Prefer: return=minimal in PROPFIND +* Enh #3395: Reduce lock contention issues +* Enh #3286: Make Refresh Lock operation WOPI compliant +* Enh #3229: Request counting middleware +* Enh #3312: Implemented new share filters +* Enh #3308: Update the ttlcache library +* Enh #3291: The wopi app driver supports more options Details ------- -* Bugfix #3210: Jsoncs3 mtime fix +* Bugfix #3282: Use Displayname in wopi apps - We now correctly update the mtime to only sync when the file changed on the storage. + We now use the users display name in wopi apps. - https://github.com/cs3org/reva/pull/3210 + https://github.com/cs3org/reva/pull/3282 -* Enhancement #3213: Allow for dumping the public shares from the cs3 publicshare manager +* Bugfix #3430: Add missing error check in decomposedfs - We enhanced the cs3 publicshare manager to support dumping its content during a publicshare - manager migration. + During space creation the decomposedfs now checks for errors when trying to read the root node. + This prevents a panic by no longer calling InternalPath on the node. - https://github.com/cs3org/reva/pull/3213 + https://github.com/owncloud/ocis/issues/4961 + https://github.com/cs3org/reva/pull/3430 -* Enhancement #3199: Add support for cs3 storage backends to the json publicshare manager +* Bugfix #3298: Make date only expiry dates valid for the whole day - We enhanced the json publicshare manager to support a cs3 storage backend alongside the file - and memory backends. + When an expiry date like `2022-09-30` is parsed, we now make it valid for the whole day, + effectively becoming `2022-09-30 23:59:59` + + https://github.com/cs3org/reva/pull/3298 + +* Bugfix #3394: Avoid AppProvider panic + + https://github.com/cs3org/reva/pull/3394 + avoid + panic + in + app + provider + +* Bugfix #3267: Reduced default cache sizes for smaller memory footprint + + We reduced the default cachesizes of the auth interceptors and the share cache. The default of 1 + Million cache entries was way too high and caused a high memory usage upon startup. Config + options to set custom cache size where added. + + https://github.com/owncloud/ocis/issues/3267 + https://github.com/owncloud/ocis/issues/4628 + +* Bugfix #3338: Fix malformed uid string in cache + + The rediscache returns a uid in the format of `uid:` in the getter this + results in issues when trying to delete the key from the cache store, because the Delete + function will prepend the table name to the string which will not be resolvable in redis (e.g. + `uid:`) + + https://github.com/owncloud/ocis/issues/4772 + https://github.com/cs3org/reva/pull/3338 + +* Bugfix #3255: Properly escape oc:name in propfind response + + The oc:name property in the ocdav propfind response might contain XML special characters. We + now apply the proper escaping on that property. + + https://github.com/owncloud/ocis/issues/4474 + https://github.com/cs3org/reva/pull/3255 + +* Bugfix #3324: Correct base URL for download URL and href when listing file public links + + We now build the correct base URL when listing file public links. + + https://github.com/owncloud/ocis/issues/4758 + https://github.com/cs3org/reva/pull/3324 + +* Bugfix #3278: Fix public share view mode during app open + + We now set the correct view mode during an app open action when the user is accessing a public + share. + + https://github.com/cs3org/reva/pull/3278 + +* Bugfix #3377: Fix possible race conditions + + We fixed two potential race condition when initializing the shared config structure and when + setting up caches for the http authentication interceptors. + + https://github.com/cs3org/reva/pull/3377 + +* Bugfix #3274: Fix "uploader" role permissions + + We fixed a permission problem on "public upload shares", which allowed to view the content of + the shared upload folder. + + https://github.com/owncloud/ocis/issues/4657 + https://github.com/cs3org/reva/pull/3274 + +* Bugfix #3241: Fix uploading empty files into shares + + We fixed a problem which prevented empty files from being uploaded into shares. + + https://github.com/owncloud/ocis/issues/4383 + https://github.com/cs3org/reva/pull/3241 + +* Bugfix #3251: Make listing xattrs more robust + + We fixed a potential race condition when listing xattrs of nodes in concurrency situations + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3287: Return OCS forbidden error when a share already exists + + We now return OCS 104 / HTTP 403 errors when a user tries to reshare a file with a recipient that + already has access to a resource. + + https://github.com/owncloud/ocis/issues/4630 + https://github.com/cs3org/reva/pull/3287 + +* Bugfix #3218: Improve performance when listing received shares + + We improved the performance when listing received shares by getting rid of superfluous + GetPath calls and sending stat request directly to the storage provider instead of the + SharesStorageProvider. + + https://github.com/cs3org/reva/pull/3218 + +* Bugfix #3251: Lock source on move + + When moving files until now only the lock of the targeted node would be checked. This could lead + to strange behaviour when using web editors like only office. With checking the source nodes + lock too, it is now forbidden to rename a file while it is locked + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3238: Return relative used quota amount as a percent value + + The ocs/ocs/v1.php/cloud/users/ endpoint was fixed to return the relative amount of used + quota as a percentage value. + + https://github.com/owncloud/ocis/issues/4357 + https://github.com/cs3org/reva/pull/3238 + +* Bugfix #3279: Polish OCS error responses + + We aligned more OCS error responses with oc10 + + https://github.com/owncloud/ocis/issues/1799 + https://github.com/cs3org/reva/pull/3279 + +* Bugfix #3307: Refresh lock in decomposedFS needs to overwrite + + We fixed a bug in the refresh lock operation in the DecomposedFS. The new lock was appended but + needs to overwrite the existing one. + + https://github.com/cs3org/reva/pull/3307 + +* Bugfix #3368: Return 404 when no permission to space + + WebDAV expects a 409 response when trying to upload into a non existing folder. We fixed the + implementation to return 404 when a user has no access to a space and still return a 409 when a + parent folder does not exist (and he has access to the space). + + https://github.com/owncloud/ocis/issues/3561 + https://github.com/cs3org/reva/pull/3368 + https://github.com/cs3org/reva/pull/3300 + +* Bugfix #3341: Validate s3ng downloads + + The s3ng download func now returns an error in cases where the requested node blob is unknown or + the blob size does not match the node meta blob size. + + https://github.com/cs3org/reva/pull/3341 + +* Bugfix #3284: Prevent nil pointer when requesting user + + We added additional nil pointer checks in the user and groups providers. + + https://github.com/owncloud/ocis/issues/4703 + https://github.com/cs3org/reva/pull/3284 + +* Bugfix #3257: Fix wopi access to publicly shared files + + Wopi requests to single file public shares weren't properly authenticated. I added a new check + to allow wopi to access files which were publicly shared. + + https://github.com/owncloud/ocis/issues/4382 + https://github.com/cs3org/reva/pull/3257 + +* Change #3267: Decomposedfs no longer stores the idp + + We no longer persist the IDP of a user id in decomposedfs grants. As a consequence listing or + reading Grants no longer returns the IDP for the Creator. It never did for the Grantee. Whatever + credentials are used to authenticate a user we internally have to create a UUID anyway. Either + by lookung it up in an external service (eg. LDAP or SIEM) or we autoprovision it. + + https://github.com/cs3org/reva/pull/3267 + +* Change #3381: Changed Name of the Shares Jail + + We changed the space name of the shares jail to `Shares`. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3381: Add capability for sharing by role + + We added the capability to indicate that the ocs share api supports sharing by role. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3320: Add the parentID to the ocs and dav responses + + We added the parent resourceID to the OCS and WebDav responses to enable navigation by ID in the + web client. + + https://github.com/cs3org/reva/pull/3320 + +* Enhancement #3239: Add privatelink to PROPFIND response + + We made it possible to request a privatelink WebDAV property. + + https://github.com/cs3org/reva/pull/3239 + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3340: Add SpaceOwner to some event + + We added a SpaceOwner field to some of the events which can be used by consumers to gain access to + the affected space. + + https://github.com/cs3org/reva/pull/3340 + https://github.com/cs3org/reva/pull/3350 + +* Enhancement #4564: Add SpaceShared event + + We added an event that is emmitted when somebody shares a space. + + https://github.com/owncloud/ocis/issues/4303 + https://github.com/owncloud/ocis/pull/4564 + https://github.com/cs3org/reva/pull/3252 + +* Enhancement #3297: Update dependencies + + github.com/mileusna/useragent v1.2.0 + + https://github.com/cs3org/reva/pull/3297 + +* Enhancement #4959: Make max lock cycles configurable + + When a file is locked the flock library will retry a given amount of times (with a increasing + sleep time inbetween each round) Until now the max amount of such rounds was hardcoded to `10`. + Now it is configurable, falling back to a default of `25` + + https://github.com/owncloud/ocis/pull/4959 + +* Enhancement #1949: Add support for denying access in OCS layer + + http://github.com/cs3org/reva/pull/1949 + +* Enhancement #3224: Make the jsoncs3 share manager cache ttl configurable + + We added a new setting to the jsoncs3 share manager which allows to set the cache ttl. + + https://github.com/cs3org/reva/pull/3224 + +* Enhancement #3290: Harden file system accesses + + We have reviewed and hardened file system accesses to prevent any vulnerabilities like + directory traversal. + + https://github.com/cs3org/reva/pull/3290 + +* Enhancement #3332: Allow to enable TLS for grpc service + + We added new configuration settings for the grpc based services allowing to enable transport + security for the services. By setting: + + ```toml [grpc.tls_settings] enabled = true certificate = "" key = + "" ``` + + TLS transportsecurity is enabled using the supplied certificate. When `enabled` is set to + `true`, but no certificate and key files are supplied reva will generate temporary + self-signed certificates at startup (this requires to also configure the clients to disable + certificate verification, see below). + + The client side can be configured via the shared section. Set this to configure the CA for + verifying server certificates: + + ```toml [shared.grpc_client_options] tls_mode = "on" tls_cacert = + "" ``` + + To disable server certificate verification (e.g. when using the autogenerated self-signed + certificates) set: + + ```toml [shared.grpc_client_options] tls_mode = "insecure" ``` + + To switch off TLS for the clients (which is also the default): + + ```toml [shared.grpc_client_options] tls_mode = "off" ``` + + https://github.com/cs3org/reva/pull/3332 + +* Enhancement #3223: Improve CreateShare grpc error reporting + + The errorcode returned by the share provider when creating a share where the sharee is already + the owner of the shared target is a bit more explicit now. Also debug logging was added for this. + + https://github.com/cs3org/reva/pull/3223 + +* Enhancement #3376: Improve logging + + We improved the logging by adding the request id to ocdav, ocs and several other http services. + + https://github.com/cs3org/reva/pull/3376 + +* Enhancement #3250: Allow sharing the gateway caches + + We replaced the in memory implementation of the gateway with go-micro stores. The gateways + `cache_store` defaults to `noop` and can be set to `memory`, `redis` or `etcd`. When setting it + also set any dataproviders `datatxs.*.cache_store` new config option to the same values so + they can invalidate the cache when a file has been uploadad. + + Cache instances will be shared between handlers when they use the same configuration in the + same process to allow the dataprovider to access the same cache as the gateway. + + The `nats-js` implementation requires a limited set of characters in the key and is currently + known to be broken. + + The `etag_cache_ttl` was removed as it was not used anyway. + + https://github.com/cs3org/reva/pull/3250 + +* Enhancement #3240: We now only encode &, < and > in PROPFIND PCDATA + + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3334: Secure the nats connectin with TLS + + Encyrpted the connection to the event broker using TLS. Per default TLS is not used. + + https://github.com/cs3org/reva/pull/3334 + https://github.com/cs3org/reva/pull/3382 + +* Enhancement #3300: Do not leak existence of resources + + We are now returning a not found error for more requests to not leak existence of spaces for users + that do not have access to resources. + + https://github.com/cs3org/reva/pull/3300 + +* Enhancement #3233: Allow to override default broker for go-micro base ocdav service + + An option for setting an alternative go-micro Broker was introduced. This can be used to avoid + ocdav from spawing the (unneeded) default http Broker. + + https://github.com/cs3org/reva/pull/3233 + +* Enhancement #3258: Allow ocdav to share the registry instance with other services + + This allows to use the in-memory registry when running all services in a single process. + + https://github.com/owncloud/ocis/issues/3134 + https://github.com/cs3org/reva/pull/3258 + +* Enhancement #3225: Render file parent id for ocs shares + + We brought back the `file_parent` property for ocs shares. The spaces concept makes + navigating by path suboptimal. Having a parent id allows navigating without having to look up + the full path. + + https://github.com/cs3org/reva/pull/3225 + +* Enhancement #3222: Support Prefer: return=minimal in PROPFIND + + To reduce HTTP body size when listing folders we implemented + https://datatracker.ietf.org/doc/html/rfc8144#section-2.1 to omit the 404 propstat + part when a `Prefer: return=minimal` header is present. + + https://github.com/cs3org/reva/pull/3222 + +* Enhancement #3395: Reduce lock contention issues + + We reduced lock contention during high load by optimistically non-locking when listing the + extended attributes of a file. Only in case of issues the list is read again while holding a lock. + + https://github.com/cs3org/reva/pull/3395 + +* Enhancement #3286: Make Refresh Lock operation WOPI compliant + + We now support the WOPI compliant `UnlockAndRelock` operation. This has been implemented in + the DecomposedFS. To make use of it, we need a compatible WOPI server. + + https://github.com/cs3org/reva/pull/3286 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/rest/files/unlockandrelock + +* Enhancement #3229: Request counting middleware + + We added a request counting `prometheus` HTTP middleware and GRPC interceptor that can be + configured with a `namespace` and `subsystem` to count the number of requests. + + https://github.com/cs3org/reva/pull/3229 + +* Enhancement #3312: Implemented new share filters + + Added share filters for space ID and share state. + + https://github.com/owncloud/ocis/issues/3843 + https://github.com/cs3org/reva/pull/3312 + +* Enhancement #3308: Update the ttlcache library + + Updated the ttlcache library version and module path. + + https://github.com/cs3org/reva/pull/3308 + +* Enhancement #3291: The wopi app driver supports more options + + We now generate a folderurl that is used in the wopi protocol. It provides an endpoint to go back + from the app to the containing folder in the file list. In addition to that, we now include the + UI_LLCC parameter in the app-open URL. + + https://github.com/cs3org/reva/pull/3291 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/online/discovery#ui_llcc - https://github.com/cs3org/reva/pull/3199 diff --git a/changelog/unreleased/deny-access-to-resources.md b/changelog/unreleased/deny-access-to-resources.md deleted file mode 100644 index c050c55da2..0000000000 --- a/changelog/unreleased/deny-access-to-resources.md +++ /dev/null @@ -1,3 +0,0 @@ -Enhancement: add support for denying access in OCS layer - -http://github.com/cs3org/reva/pull/1949 diff --git a/docs/content/en/docs/changelog/2.11.0/_index.md b/docs/content/en/docs/changelog/2.11.0/_index.md new file mode 100644 index 0000000000..e3efddb30c --- /dev/null +++ b/docs/content/en/docs/changelog/2.11.0/_index.md @@ -0,0 +1,485 @@ + +--- +title: "v2.11.0" +linkTitle: "v2.11.0" +weight: 40 +description: > + Changelog for Reva v2.11.0 (2022-11-03) +--- + +Changelog for reva 2.11.0 (2022-11-03) +======================================= + +The following sections list the changes in reva 2.11.0 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + +* Fix #3282: Use Displayname in wopi apps +* Fix #3430: Add missing error check in decomposedfs +* Fix #3298: Make date only expiry dates valid for the whole day +* Fix #3394: Avoid AppProvider panic +* Fix #3267: Reduced default cache sizes for smaller memory footprint +* Fix #3338: Fix malformed uid string in cache +* Fix #3255: Properly escape oc:name in propfind response +* Fix #3324: Correct base URL for download URL and href when listing file public links +* Fix #3278: Fix public share view mode during app open +* Fix #3377: Fix possible race conditions +* Fix #3274: Fix "uploader" role permissions +* Fix #3241: Fix uploading empty files into shares +* Fix #3251: Make listing xattrs more robust +* Fix #3287: Return OCS forbidden error when a share already exists +* Fix #3218: Improve performance when listing received shares +* Fix #3251: Lock source on move +* Fix #3238: Return relative used quota amount as a percent value +* Fix #3279: Polish OCS error responses +* Fix #3307: Refresh lock in decomposedFS needs to overwrite +* Fix #3368: Return 404 when no permission to space +* Fix #3341: Validate s3ng downloads +* Fix #3284: Prevent nil pointer when requesting user +* Fix #3257: Fix wopi access to publicly shared files +* Chg #3267: Decomposedfs no longer stores the idp +* Chg #3381: Changed Name of the Shares Jail +* Enh #3381: Add capability for sharing by role +* Enh #3320: Add the parentID to the ocs and dav responses +* Enh #3239: Add privatelink to PROPFIND response +* Enh #3340: Add SpaceOwner to some event +* Enh #4564: Add SpaceShared event +* Enh #3297: Update dependencies +* Enh #4959: Make max lock cycles configurable +* Enh #1949: Add support for denying access in OCS layer +* Enh #3224: Make the jsoncs3 share manager cache ttl configurable +* Enh #3290: Harden file system accesses +* Enh #3332: Allow to enable TLS for grpc service +* Enh #3223: Improve CreateShare grpc error reporting +* Enh #3376: Improve logging +* Enh #3250: Allow sharing the gateway caches +* Enh #3240: We now only encode &, < and > in PROPFIND PCDATA +* Enh #3334: Secure the nats connectin with TLS +* Enh #3300: Do not leak existence of resources +* Enh #3233: Allow to override default broker for go-micro base ocdav service +* Enh #3258: Allow ocdav to share the registry instance with other services +* Enh #3225: Render file parent id for ocs shares +* Enh #3222: Support Prefer: return=minimal in PROPFIND +* Enh #3395: Reduce lock contention issues +* Enh #3286: Make Refresh Lock operation WOPI compliant +* Enh #3229: Request counting middleware +* Enh #3312: Implemented new share filters +* Enh #3308: Update the ttlcache library +* Enh #3291: The wopi app driver supports more options + +Details +------- + +* Bugfix #3282: Use Displayname in wopi apps + + We now use the users display name in wopi apps. + + https://github.com/cs3org/reva/pull/3282 + +* Bugfix #3430: Add missing error check in decomposedfs + + During space creation the decomposedfs now checks for errors when trying to read the root node. + This prevents a panic by no longer calling InternalPath on the node. + + https://github.com/owncloud/ocis/issues/4961 + https://github.com/cs3org/reva/pull/3430 + +* Bugfix #3298: Make date only expiry dates valid for the whole day + + When an expiry date like `2022-09-30` is parsed, we now make it valid for the whole day, + effectively becoming `2022-09-30 23:59:59` + + https://github.com/cs3org/reva/pull/3298 + +* Bugfix #3394: Avoid AppProvider panic + + https://github.com/cs3org/reva/pull/3394 + avoid + panic + in + app + provider + +* Bugfix #3267: Reduced default cache sizes for smaller memory footprint + + We reduced the default cachesizes of the auth interceptors and the share cache. The default of 1 + Million cache entries was way too high and caused a high memory usage upon startup. Config + options to set custom cache size where added. + + https://github.com/owncloud/ocis/issues/3267 + https://github.com/owncloud/ocis/issues/4628 + +* Bugfix #3338: Fix malformed uid string in cache + + The rediscache returns a uid in the format of `uid:` in the getter this + results in issues when trying to delete the key from the cache store, because the Delete + function will prepend the table name to the string which will not be resolvable in redis (e.g. + `uid:`) + + https://github.com/owncloud/ocis/issues/4772 + https://github.com/cs3org/reva/pull/3338 + +* Bugfix #3255: Properly escape oc:name in propfind response + + The oc:name property in the ocdav propfind response might contain XML special characters. We + now apply the proper escaping on that property. + + https://github.com/owncloud/ocis/issues/4474 + https://github.com/cs3org/reva/pull/3255 + +* Bugfix #3324: Correct base URL for download URL and href when listing file public links + + We now build the correct base URL when listing file public links. + + https://github.com/owncloud/ocis/issues/4758 + https://github.com/cs3org/reva/pull/3324 + +* Bugfix #3278: Fix public share view mode during app open + + We now set the correct view mode during an app open action when the user is accessing a public + share. + + https://github.com/cs3org/reva/pull/3278 + +* Bugfix #3377: Fix possible race conditions + + We fixed two potential race condition when initializing the shared config structure and when + setting up caches for the http authentication interceptors. + + https://github.com/cs3org/reva/pull/3377 + +* Bugfix #3274: Fix "uploader" role permissions + + We fixed a permission problem on "public upload shares", which allowed to view the content of + the shared upload folder. + + https://github.com/owncloud/ocis/issues/4657 + https://github.com/cs3org/reva/pull/3274 + +* Bugfix #3241: Fix uploading empty files into shares + + We fixed a problem which prevented empty files from being uploaded into shares. + + https://github.com/owncloud/ocis/issues/4383 + https://github.com/cs3org/reva/pull/3241 + +* Bugfix #3251: Make listing xattrs more robust + + We fixed a potential race condition when listing xattrs of nodes in concurrency situations + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3287: Return OCS forbidden error when a share already exists + + We now return OCS 104 / HTTP 403 errors when a user tries to reshare a file with a recipient that + already has access to a resource. + + https://github.com/owncloud/ocis/issues/4630 + https://github.com/cs3org/reva/pull/3287 + +* Bugfix #3218: Improve performance when listing received shares + + We improved the performance when listing received shares by getting rid of superfluous + GetPath calls and sending stat request directly to the storage provider instead of the + SharesStorageProvider. + + https://github.com/cs3org/reva/pull/3218 + +* Bugfix #3251: Lock source on move + + When moving files until now only the lock of the targeted node would be checked. This could lead + to strange behaviour when using web editors like only office. With checking the source nodes + lock too, it is now forbidden to rename a file while it is locked + + https://github.com/cs3org/reva/pull/3251 + +* Bugfix #3238: Return relative used quota amount as a percent value + + The ocs/ocs/v1.php/cloud/users/ endpoint was fixed to return the relative amount of used + quota as a percentage value. + + https://github.com/owncloud/ocis/issues/4357 + https://github.com/cs3org/reva/pull/3238 + +* Bugfix #3279: Polish OCS error responses + + We aligned more OCS error responses with oc10 + + https://github.com/owncloud/ocis/issues/1799 + https://github.com/cs3org/reva/pull/3279 + +* Bugfix #3307: Refresh lock in decomposedFS needs to overwrite + + We fixed a bug in the refresh lock operation in the DecomposedFS. The new lock was appended but + needs to overwrite the existing one. + + https://github.com/cs3org/reva/pull/3307 + +* Bugfix #3368: Return 404 when no permission to space + + WebDAV expects a 409 response when trying to upload into a non existing folder. We fixed the + implementation to return 404 when a user has no access to a space and still return a 409 when a + parent folder does not exist (and he has access to the space). + + https://github.com/owncloud/ocis/issues/3561 + https://github.com/cs3org/reva/pull/3368 + https://github.com/cs3org/reva/pull/3300 + +* Bugfix #3341: Validate s3ng downloads + + The s3ng download func now returns an error in cases where the requested node blob is unknown or + the blob size does not match the node meta blob size. + + https://github.com/cs3org/reva/pull/3341 + +* Bugfix #3284: Prevent nil pointer when requesting user + + We added additional nil pointer checks in the user and groups providers. + + https://github.com/owncloud/ocis/issues/4703 + https://github.com/cs3org/reva/pull/3284 + +* Bugfix #3257: Fix wopi access to publicly shared files + + Wopi requests to single file public shares weren't properly authenticated. I added a new check + to allow wopi to access files which were publicly shared. + + https://github.com/owncloud/ocis/issues/4382 + https://github.com/cs3org/reva/pull/3257 + +* Change #3267: Decomposedfs no longer stores the idp + + We no longer persist the IDP of a user id in decomposedfs grants. As a consequence listing or + reading Grants no longer returns the IDP for the Creator. It never did for the Grantee. Whatever + credentials are used to authenticate a user we internally have to create a UUID anyway. Either + by lookung it up in an external service (eg. LDAP or SIEM) or we autoprovision it. + + https://github.com/cs3org/reva/pull/3267 + +* Change #3381: Changed Name of the Shares Jail + + We changed the space name of the shares jail to `Shares`. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3381: Add capability for sharing by role + + We added the capability to indicate that the ocs share api supports sharing by role. + + https://github.com/cs3org/reva/pull/3381 + +* Enhancement #3320: Add the parentID to the ocs and dav responses + + We added the parent resourceID to the OCS and WebDav responses to enable navigation by ID in the + web client. + + https://github.com/cs3org/reva/pull/3320 + +* Enhancement #3239: Add privatelink to PROPFIND response + + We made it possible to request a privatelink WebDAV property. + + https://github.com/cs3org/reva/pull/3239 + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3340: Add SpaceOwner to some event + + We added a SpaceOwner field to some of the events which can be used by consumers to gain access to + the affected space. + + https://github.com/cs3org/reva/pull/3340 + https://github.com/cs3org/reva/pull/3350 + +* Enhancement #4564: Add SpaceShared event + + We added an event that is emmitted when somebody shares a space. + + https://github.com/owncloud/ocis/issues/4303 + https://github.com/owncloud/ocis/pull/4564 + https://github.com/cs3org/reva/pull/3252 + +* Enhancement #3297: Update dependencies + + * github.com/mileusna/useragent v1.2.0 + + https://github.com/cs3org/reva/pull/3297 + +* Enhancement #4959: Make max lock cycles configurable + + When a file is locked the flock library will retry a given amount of times (with a increasing + sleep time inbetween each round) Until now the max amount of such rounds was hardcoded to `10`. + Now it is configurable, falling back to a default of `25` + + https://github.com/owncloud/ocis/pull/4959 + +* Enhancement #1949: Add support for denying access in OCS layer + + http://github.com/cs3org/reva/pull/1949 + +* Enhancement #3224: Make the jsoncs3 share manager cache ttl configurable + + We added a new setting to the jsoncs3 share manager which allows to set the cache ttl. + + https://github.com/cs3org/reva/pull/3224 + +* Enhancement #3290: Harden file system accesses + + We have reviewed and hardened file system accesses to prevent any vulnerabilities like + directory traversal. + + https://github.com/cs3org/reva/pull/3290 + +* Enhancement #3332: Allow to enable TLS for grpc service + + We added new configuration settings for the grpc based services allowing to enable transport + security for the services. By setting: + + ```toml [grpc.tls_settings] enabled = true certificate = "" key = + "" ``` + + TLS transportsecurity is enabled using the supplied certificate. When `enabled` is set to + `true`, but no certificate and key files are supplied reva will generate temporary + self-signed certificates at startup (this requires to also configure the clients to disable + certificate verification, see below). + + The client side can be configured via the shared section. Set this to configure the CA for + verifying server certificates: + + ```toml [shared.grpc_client_options] tls_mode = "on" tls_cacert = + "" ``` + + To disable server certificate verification (e.g. when using the autogenerated self-signed + certificates) set: + + ```toml [shared.grpc_client_options] tls_mode = "insecure" ``` + + To switch off TLS for the clients (which is also the default): + + ```toml [shared.grpc_client_options] tls_mode = "off" ``` + + https://github.com/cs3org/reva/pull/3332 + +* Enhancement #3223: Improve CreateShare grpc error reporting + + The errorcode returned by the share provider when creating a share where the sharee is already + the owner of the shared target is a bit more explicit now. Also debug logging was added for this. + + https://github.com/cs3org/reva/pull/3223 + +* Enhancement #3376: Improve logging + + We improved the logging by adding the request id to ocdav, ocs and several other http services. + + https://github.com/cs3org/reva/pull/3376 + +* Enhancement #3250: Allow sharing the gateway caches + + We replaced the in memory implementation of the gateway with go-micro stores. The gateways + `cache_store` defaults to `noop` and can be set to `memory`, `redis` or `etcd`. When setting it + also set any dataproviders `datatxs.*.cache_store` new config option to the same values so + they can invalidate the cache when a file has been uploadad. + + Cache instances will be shared between handlers when they use the same configuration in the + same process to allow the dataprovider to access the same cache as the gateway. + + The `nats-js` implementation requires a limited set of characters in the key and is currently + known to be broken. + + The `etag_cache_ttl` was removed as it was not used anyway. + + https://github.com/cs3org/reva/pull/3250 + +* Enhancement #3240: We now only encode &, < and > in PROPFIND PCDATA + + https://github.com/cs3org/reva/pull/3240 + +* Enhancement #3334: Secure the nats connectin with TLS + + Encyrpted the connection to the event broker using TLS. Per default TLS is not used. + + https://github.com/cs3org/reva/pull/3334 + https://github.com/cs3org/reva/pull/3382 + +* Enhancement #3300: Do not leak existence of resources + + We are now returning a not found error for more requests to not leak existence of spaces for users + that do not have access to resources. + + https://github.com/cs3org/reva/pull/3300 + +* Enhancement #3233: Allow to override default broker for go-micro base ocdav service + + An option for setting an alternative go-micro Broker was introduced. This can be used to avoid + ocdav from spawing the (unneeded) default http Broker. + + https://github.com/cs3org/reva/pull/3233 + +* Enhancement #3258: Allow ocdav to share the registry instance with other services + + This allows to use the in-memory registry when running all services in a single process. + + https://github.com/owncloud/ocis/issues/3134 + https://github.com/cs3org/reva/pull/3258 + +* Enhancement #3225: Render file parent id for ocs shares + + We brought back the `file_parent` property for ocs shares. The spaces concept makes + navigating by path suboptimal. Having a parent id allows navigating without having to look up + the full path. + + https://github.com/cs3org/reva/pull/3225 + +* Enhancement #3222: Support Prefer: return=minimal in PROPFIND + + To reduce HTTP body size when listing folders we implemented + https://datatracker.ietf.org/doc/html/rfc8144#section-2.1 to omit the 404 propstat + part when a `Prefer: return=minimal` header is present. + + https://github.com/cs3org/reva/pull/3222 + +* Enhancement #3395: Reduce lock contention issues + + We reduced lock contention during high load by optimistically non-locking when listing the + extended attributes of a file. Only in case of issues the list is read again while holding a lock. + + https://github.com/cs3org/reva/pull/3395 + +* Enhancement #3286: Make Refresh Lock operation WOPI compliant + + We now support the WOPI compliant `UnlockAndRelock` operation. This has been implemented in + the DecomposedFS. To make use of it, we need a compatible WOPI server. + + https://github.com/cs3org/reva/pull/3286 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/rest/files/unlockandrelock + +* Enhancement #3229: Request counting middleware + + We added a request counting `prometheus` HTTP middleware and GRPC interceptor that can be + configured with a `namespace` and `subsystem` to count the number of requests. + + https://github.com/cs3org/reva/pull/3229 + +* Enhancement #3312: Implemented new share filters + + Added share filters for space ID and share state. + + https://github.com/owncloud/ocis/issues/3843 + https://github.com/cs3org/reva/pull/3312 + +* Enhancement #3308: Update the ttlcache library + + Updated the ttlcache library version and module path. + + https://github.com/cs3org/reva/pull/3308 + +* Enhancement #3291: The wopi app driver supports more options + + We now generate a folderurl that is used in the wopi protocol. It provides an endpoint to go back + from the app to the containing folder in the file list. In addition to that, we now include the + UI_LLCC parameter in the app-open URL. + + https://github.com/cs3org/reva/pull/3291 + https://learn.microsoft.com/en-us/microsoft-365/cloud-storage-partner-program/online/discovery#ui_llcc + diff --git a/docs/content/en/docs/config/grpc/services/storageprovider/_index.md b/docs/content/en/docs/config/grpc/services/storageprovider/_index.md index 2ff053624f..e1ae9c00ac 100644 --- a/docs/content/en/docs/config/grpc/services/storageprovider/_index.md +++ b/docs/content/en/docs/config/grpc/services/storageprovider/_index.md @@ -9,7 +9,7 @@ description: > # _struct: config_ {{% dir name="driver" type="string" default="localhome" %}} -The storage driver to be used. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L62) +The storage driver to be used. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L61) {{< highlight toml >}} [grpc.services.storageprovider] driver = "localhome" @@ -17,7 +17,7 @@ driver = "localhome" {{% /dir %}} {{% dir name="drivers" type="map[string]map[string]interface{}" default="localhome" %}} - [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L63) + [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L62) {{< highlight toml >}} [grpc.services.storageprovider.drivers.localhome] root = "/var/tmp/reva/" @@ -28,7 +28,7 @@ user_layout = "{{.Username}}" {{% /dir %}} {{% dir name="data_server_url" type="string" default="http://localhost/data" %}} -The URL for the data server. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L64) +The URL for the data server. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L63) {{< highlight toml >}} [grpc.services.storageprovider] data_server_url = "http://localhost/data" @@ -36,7 +36,7 @@ data_server_url = "http://localhost/data" {{% /dir %}} {{% dir name="expose_data_server" type="bool" default=false %}} -Whether to expose data server. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L65) +Whether to expose data server. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L64) {{< highlight toml >}} [grpc.services.storageprovider] expose_data_server = false @@ -44,7 +44,7 @@ expose_data_server = false {{% /dir %}} {{% dir name="available_checksums" type="map[string]uint32" default=nil %}} -List of available checksums. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L66) +List of available checksums. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L65) {{< highlight toml >}} [grpc.services.storageprovider] available_checksums = nil @@ -52,7 +52,7 @@ available_checksums = nil {{% /dir %}} {{% dir name="custom_mimetypes_json" type="string" default="nil" %}} -An optional mapping file with the list of supported custom file extensions and corresponding mime types. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L67) +An optional mapping file with the list of supported custom file extensions and corresponding mime types. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L66) {{< highlight toml >}} [grpc.services.storageprovider] custom_mimetypes_json = "nil" @@ -60,7 +60,7 @@ custom_mimetypes_json = "nil" {{% /dir %}} {{% dir name="upload_expiration" type="int64" default=0 %}} -Duration for how long uploads will be valid. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L69) +Duration for how long uploads will be valid. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/storageprovider/storageprovider.go#L68) {{< highlight toml >}} [grpc.services.storageprovider] upload_expiration = 0 diff --git a/docs/content/en/docs/config/http/services/dataprovider/_index.md b/docs/content/en/docs/config/http/services/dataprovider/_index.md index b2e6d04279..fff9a051ce 100644 --- a/docs/content/en/docs/config/http/services/dataprovider/_index.md +++ b/docs/content/en/docs/config/http/services/dataprovider/_index.md @@ -9,7 +9,7 @@ description: > # _struct: config_ {{% dir name="prefix" type="string" default="data" %}} -The prefix to be used for this HTTP service [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L43) +The prefix to be used for this HTTP service [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L48) {{< highlight toml >}} [http.services.dataprovider] prefix = "data" @@ -17,7 +17,7 @@ prefix = "data" {{% /dir %}} {{% dir name="driver" type="string" default="localhome" %}} -The storage driver to be used. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L44) +The storage driver to be used. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L49) {{< highlight toml >}} [http.services.dataprovider] driver = "localhome" @@ -25,7 +25,7 @@ driver = "localhome" {{% /dir %}} {{% dir name="drivers" type="map[string]map[string]interface{}" default="localhome" %}} -The configuration for the storage driver [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L45) +The configuration for the storage driver [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L50) {{< highlight toml >}} [http.services.dataprovider.drivers.localhome] root = "/var/tmp/reva/" @@ -36,7 +36,7 @@ user_layout = "{{.Username}}" {{% /dir %}} {{% dir name="data_txs" type="map[string]map[string]interface{}" default="simple" %}} -The configuration for the data tx protocols [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L46) +The configuration for the data tx protocols [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/dataprovider/dataprovider.go#L51) {{< highlight toml >}} [http.services.dataprovider.data_txs.simple] diff --git a/docs/content/en/docs/config/packages/app/provider/wopi/_index.md b/docs/content/en/docs/config/packages/app/provider/wopi/_index.md index fe396cd7bc..9b430cf0ff 100644 --- a/docs/content/en/docs/config/packages/app/provider/wopi/_index.md +++ b/docs/content/en/docs/config/packages/app/provider/wopi/_index.md @@ -24,8 +24,24 @@ wopi_url = "" {{< /highlight >}} {{% /dir %}} +{{% dir name="wopi_folder_url_base_url" type="string" default="" %}} +The base URL to generate links to navigate back to the containing folder. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L62) +{{< highlight toml >}} +[app.provider.wopi] +wopi_folder_url_base_url = "" +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="wopi_folder_url_path_template" type="string" default="" %}} +The template to generate the folderurl path segments. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L63) +{{< highlight toml >}} +[app.provider.wopi] +wopi_folder_url_path_template = "" +{{< /highlight >}} +{{% /dir %}} + {{% dir name="app_name" type="string" default="" %}} -The App user-friendly name. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L62) +The App user-friendly name. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L64) {{< highlight toml >}} [app.provider.wopi] app_name = "" @@ -33,7 +49,7 @@ app_name = "" {{% /dir %}} {{% dir name="app_icon_uri" type="string" default="" %}} -A URI to a static asset which represents the app icon. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L63) +A URI to a static asset which represents the app icon. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L65) {{< highlight toml >}} [app.provider.wopi] app_icon_uri = "" @@ -41,7 +57,7 @@ app_icon_uri = "" {{% /dir %}} {{% dir name="app_url" type="string" default="" %}} -The App URL. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L64) +The App URL. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L66) {{< highlight toml >}} [app.provider.wopi] app_url = "" @@ -49,7 +65,7 @@ app_url = "" {{% /dir %}} {{% dir name="app_int_url" type="string" default="" %}} -The internal app URL in case of dockerized deployments. Defaults to AppURL [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L65) +The internal app URL in case of dockerized deployments. Defaults to AppURL [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L67) {{< highlight toml >}} [app.provider.wopi] app_int_url = "" @@ -57,7 +73,7 @@ app_int_url = "" {{% /dir %}} {{% dir name="app_api_key" type="string" default="" %}} -The API key used by the app, if applicable. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L66) +The API key used by the app, if applicable. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L68) {{< highlight toml >}} [app.provider.wopi] app_api_key = "" @@ -65,7 +81,7 @@ app_api_key = "" {{% /dir %}} {{% dir name="jwt_secret" type="string" default="" %}} -The JWT secret to be used to retrieve the token TTL. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L67) +The JWT secret to be used to retrieve the token TTL. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L69) {{< highlight toml >}} [app.provider.wopi] jwt_secret = "" @@ -73,7 +89,7 @@ jwt_secret = "" {{% /dir %}} {{% dir name="app_desktop_only" type="bool" default=false %}} -Specifies if the app can be opened only on desktop. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L68) +Specifies if the app can be opened only on desktop. [[Ref]](https://github.com/cs3org/reva/tree/master/pkg/app/provider/wopi/wopi.go#L70) {{< highlight toml >}} [app.provider.wopi] app_desktop_only = false diff --git a/go.mod b/go.mod index 72b2979903..dfe6e5cc54 100644 --- a/go.mod +++ b/go.mod @@ -64,6 +64,7 @@ require ( github.com/sethvargo/go-password v0.2.0 github.com/stretchr/testify v1.8.1 github.com/studio-b12/gowebdav v0.0.0-20221015232716-17255f2e7423 + github.com/test-go/testify v1.1.4 github.com/thanhpk/randstr v1.0.4 github.com/tus/tusd v1.10.0 github.com/wk8/go-ordered-map v1.0.0 @@ -79,6 +80,7 @@ require ( golang.org/x/sync v0.1.0 golang.org/x/sys v0.1.0 golang.org/x/term v0.1.0 + golang.org/x/text v0.4.0 google.golang.org/genproto v0.0.0-20221024183307-1bc688fe9f3e google.golang.org/grpc v1.50.1 google.golang.org/protobuf v1.28.1 @@ -196,7 +198,6 @@ require ( go.uber.org/zap v1.23.0 // indirect golang.org/x/mod v0.6.0 // indirect golang.org/x/net v0.1.0 // indirect - golang.org/x/text v0.4.0 // indirect golang.org/x/time v0.1.0 // indirect golang.org/x/tools v0.2.0 // indirect google.golang.org/appengine v1.6.7 // indirect diff --git a/go.sum b/go.sum index be158fb4f9..3eca282db0 100644 --- a/go.sum +++ b/go.sum @@ -885,6 +885,8 @@ github.com/studio-b12/gowebdav v0.0.0-20221015232716-17255f2e7423 h1:Wd8WDEEusB5 github.com/studio-b12/gowebdav v0.0.0-20221015232716-17255f2e7423/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE= github.com/stvp/go-udp-testing v0.0.0-20201019212854-469649b16807/go.mod h1:7jxmlfBCDBXRzr0eAQJ48XC1hBu1np4CS5+cHEYfwpc= github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= +github.com/test-go/testify v1.1.4 h1:Tf9lntrKUMHiXQ07qBScBTSA0dhYQlu83hswqelv1iE= +github.com/test-go/testify v1.1.4/go.mod h1:rH7cfJo/47vWGdi4GPj16x3/t1xGOj2YxzmNQzk2ghU= github.com/thanhpk/randstr v1.0.4 h1:IN78qu/bR+My+gHCvMEXhR/i5oriVHcTB/BJJIRTsNo= github.com/thanhpk/randstr v1.0.4/go.mod h1:M/H2P1eNLZzlDwAzpkkkUvoyNNMbzRGhESZuEQk3r0U= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= diff --git a/pkg/storage/utils/filelocks/filelocks_test.go b/pkg/storage/utils/filelocks/filelocks_test.go index 57271a6463..a51fb1223b 100644 --- a/pkg/storage/utils/filelocks/filelocks_test.go +++ b/pkg/storage/utils/filelocks/filelocks_test.go @@ -81,6 +81,7 @@ func TestReleaseLock(t *testing.T) { l1, err := filelocks.AcquireWriteLock(file) assert.Equal(t, true, l1.Locked()) + assert.Nil(t, err) err = filelocks.ReleaseLock(l1) assert.Nil(t, err)