[tests-only][full-ci] Merge master into experimental (#4541)

* Add support for the jsoncs3 share manager * WIP: point to the wip-reva with the jsoncs3 share manager * migration fixes Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * update reva Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * use common config for jsoncs3 defaults Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * lint Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * add home space deletion on user delete Signed-off-by: Christian Richter <[email protected]> * update reva Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * add delete home space permission to admin role Signed-off-by: Christian Richter <[email protected]> * Bump github.com/tus/tusd from 1.9.0 to 1.9.1 Bumps [github.com/tus/tusd](https://github.com/tus/tusd) from 1.9.0 to 1.9.1. - [Release notes](https://github.com/tus/tusd/releases) - [Commits](tus/tusd@v1.9.0...v1.9.1) --- updated-dependencies: - dependency-name: github.com/tus/tusd dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/onsi/gomega from 1.20.0 to 1.20.1 Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.0 to 1.20.1. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.20.0...v1.20.1) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * part1 * update reva Signed-off-by: Jörn Friedrich Dreyer <[email protected]> * [test-only] apiTest. change own password (#4480) * apiTest. change own password * fix * Bump github.com/gookit/config/v2 from 2.1.2 to 2.1.4 Bumps [github.com/gookit/config/v2](https://github.com/gookit/config) from 2.1.2 to 2.1.4. - [Release notes](https://github.com/gookit/config/releases) - [Commits](gookit/config@v2.1.2...v2.1.4) --- updated-dependencies: - dependency-name: github.com/gookit/config/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * move graph api methods from Space context to GraphHelper * fix after rebase * Bump github.com/rs/zerolog from 1.27.0 to 1.28.0 Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.27.0 to 1.28.0. - [Release notes](https://github.com/rs/zerolog/releases) - [Commits](rs/zerolog@v1.27.0...v1.28.0) --- updated-dependencies: - dependency-name: github.com/rs/zerolog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/onsi/ginkgo/v2 from 2.1.4 to 2.1.6 Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.1.4 to 2.1.6. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.1.4...v2.1.6) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/coreos/go-oidc/v3 from 3.2.0 to 3.3.0 Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](coreos/go-oidc@v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Added /Shares related tests for lock properties on ocis * Update expected to failure for local api for copy * Bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.11.2 to 2.11.3 Bumps [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) from 2.11.2 to 2.11.3. - [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases) - [Changelog](https://github.com/grpc-ecosystem/grpc-gateway/blob/master/.goreleaser.yml) - [Commits](grpc-ecosystem/grpc-gateway@v2.11.2...v2.11.3) --- updated-dependencies: - dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * refactor proxy code I refactored the proxy so that we execute the routing before the authentication middleware. This is necessary so that we can determine which routes are considered unprotected i.e. which routes don't need authentication. * add unprotected flag to the proxy routes I added an unprotected flag to the proxy routes which is evaluated by the authentication middleware. This way we won't have to maintain a hardcoded list of unprotected paths and path prefixes and we will hopefully reduce the times we encounter the basic auth prompt by web browsers. * add missing unprotected flag and fix proxy test * fix linting issues * fix default policy and add changelog * update tests * Automated changelog update [skip ci] * Bump google.golang.org/grpc from 1.48.0 to 1.49.0 Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.48.0 to 1.49.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.48.0...v1.49.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/onsi/gomega from 1.20.1 to 1.20.2 Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.20.1 to 1.20.2. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](onsi/gomega@v1.20.1...v1.20.2) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/urfave/cli/v2 from 2.11.2 to 2.14.0 Bumps [github.com/urfave/cli/v2](https://github.com/urfave/cli) from 2.11.2 to 2.14.0. - [Release notes](https://github.com/urfave/cli/releases) - [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md) - [Commits](urfave/cli@v2.11.2...v2.14.0) --- updated-dependencies: - dependency-name: github.com/urfave/cli/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Bump github.com/owncloud/libre-graph-api-go from 0.16.0 to 0.17.0 Bumps [github.com/owncloud/libre-graph-api-go](https://github.com/owncloud/libre-graph-api-go) from 0.16.0 to 0.17.0. - [Release notes](https://github.com/owncloud/libre-graph-api-go/releases) - [Commits](owncloud/libre-graph-api-go@v0.16.0...v0.17.0) --- updated-dependencies: - dependency-name: github.com/owncloud/libre-graph-api-go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Evaluate routing rules ordered by path-length This is a quickfix for #4497. Before evaluating, we now sort the rules of a specific type by the length of the endpoints and start evaluation with the most specific endpoint first. There's obviously quite a bit room for optimization here and this will only fix the issue for routes of type `PrefixRoute`. But it should solve the immediate issue. * Bump commit id for tests * Improve login screen design * Move background-size after the background css prop * add returns after rendering errors and simplify loop condition * Hardcode header in GraphHelper::deleteSpace * Add 'Inter' font, change placeholder color to grey * Use cv11 as font feature setting * Automated changelog update [skip ci] * adjust REPORT to PROPFIND endpoint Signed-off-by: jkoberg <[email protected]> * regenerate protogen Signed-off-by: jkoberg <[email protected]> * adjust expected failures Signed-off-by: jkoberg <[email protected]> * Automated changelog update [skip ci] * Fix translations on login page * Automated changelog update [skip ci] * removed search test from expected failures * Reuse code of code from core at most * Add commit and branch related to this PR to work * Reuse locking method from core * fix search test * Add api tests for tus upload when quota is set * Add tests removed by core pr-40276 * graph: Fix Status code when updating the password Up to now the /me/changePassword endpoint return a 500 Status when issue a password change with the old password set to the wrong password. This changes the code to return 400 (Bad Request) with an additional message that the old password is wrong. This does not seem to weaken the security of /me/changePassword (i.e. for allowing easier brute-force attacks) as the endpoint is only available to already authenticated users (and only for changing their own passwords) See #4480 * Bump github.com/gookit/config/v2 from 2.1.4 to 2.1.5 Bumps [github.com/gookit/config/v2](https://github.com/gookit/config) from 2.1.4 to 2.1.5. - [Release notes](https://github.com/gookit/config/releases) - [Commits](gookit/config@v2.1.4...v2.1.5) --- updated-dependencies: - dependency-name: github.com/gookit/config/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> * auto orientate pictures for thumbnails * Automated changelog update [skip ci] * update buf lock * graph: purge home space when deleting a user previously the homespace was just marked as trashed Fixes: #4195 * proxy: Initialize logger for router * proxy: Fix archiver for public links Allows /archiver to be used the "public-token" auth middleware. The archiver is a bit of a special case, because it can be uses in several ways: using 'normal' authentication (basic, oidc), using signed-urls or using sharetokens. As only the "sharetoken" part is handled by the "PublicShareAuth" middleware, we needed to special-case it a bit. * proxy: Clarify comment * proxy: Avoid sorting endpoints for every single request The endpoints are no longer hashed by path name in the directors map since that made iterating over the endpoints unstable. They are now stored in a slice in the order in which the are defined in the configuration. Closes: #4497 * Automated changelog update [skip ci] * update reva to latest edge * remove personal spaces as admin in the graph test suite * use id to delete project spaces * Add context in behat.yml * Fix home space deletion when deleting user by name DELETE requess on /graph/v1.0/users also work when specifing a user by name. For deleting the home space in that case we need to get the User's id from the backend first. Fixes: #4195 * Add new "delete-all-spaces" permission This is assigned to the Admin role by default and allows to cleanup orphaned spaces (e.g. where the owner as been deleted) Fixes: #4196 * Automated changelog update [skip ci] * Automated changelog update [skip ci] * update reva to latest edge * Automated changelog update [skip ci] * delete users with their personal spaces * update reva to latest edge * delete method * Remove tests from unrelated issue and add actual one * REPORT: add permissions to personal space Signed-off-by: jkoberg <[email protected]> * changelog and bump reva Signed-off-by: jkoberg <[email protected]> * Automated changelog update [skip ci] * update reva and jsoncs3 share manager config * use experimental reva Signed-off-by: jkoberg <[email protected]> * fix search service after merge Signed-off-by: jkoberg <[email protected]> * praise the linting god Signed-off-by: jkoberg <[email protected]> * use cs3 share manager Signed-off-by: jkoberg <[email protected]> Signed-off-by: Jörn Friedrich Dreyer <[email protected]> Signed-off-by: Christian Richter <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: jkoberg <[email protected]> Co-authored-by: André Duffeck <[email protected]> Co-authored-by: Jörn Friedrich Dreyer <[email protected]> Co-authored-by: Christian Richter <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Viktor Scharf <[email protected]> Co-authored-by: David Christofas <[email protected]> Co-authored-by: [email protected] <[email protected]> Co-authored-by: Ralf Haferkamp <[email protected]> Co-authored-by: Swikriti Tripathi <[email protected]> Co-authored-by: Jannik Stehle <[email protected]> Co-authored-by: Phil Davis <[email protected]> Co-authored-by: Swikriti Tripathi <[email protected]> Co-authored-by: Jannik Stehle <[email protected]> Co-authored-by: Sagar Gurung <[email protected]> Co-authored-by: Amrita <[email protected]> Co-authored-by: Michael Barz <[email protected]> Co-authored-by: amrita <[email protected]>
owncloud · Sep 8, 2022 · 21c55ed · 21c55ed
1 parent 0b3c94d
commit 21c55ed
Show file tree

Hide file tree

Showing 65 changed files with 2,203 additions and 1,020 deletions.
diff --git a/.drone.env b/.drone.env
@@ -1,5 +1,5 @@
 # The test runner source for API tests
-CORE_COMMITID=f16ee06034a041433e53fb3d86145d29155ea3d9
+CORE_COMMITID=dc32078d4c9a158f7c412c780035bc90906a8ab8
 CORE_BRANCH=master
 
 # The test runner source for UI tests

diff --git a/.drone.star b/.drone.star
@@ -2909,7 +2909,7 @@ def restoreWebE2EYarnCache():
             "mc cp -r -a s3/$CACHE_BUCKET/ocis/web-test-runner/$WEB_COMMITID/e2e.tar.gz %s" % dirs["zip"],
         ],
     }, {
-        # we need to install again becase the node_modules are not cached
+        # we need to install again because the node_modules are not cached
         "name": "unzip-and-install-yarn-e2e",
         "image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
         "commands": [
@@ -2931,7 +2931,7 @@ def restoreWebAcceptanceYarnCache():
             "mc cp -r -a s3/$CACHE_BUCKET/ocis/web-test-runner/$WEB_COMMITID/acceptance.tar.gz %s" % dirs["zip"],
         ],
     }, {
-        # we need to install again becase the node_modules are not cached
+        # we need to install again because the node_modules are not cached
         "name": "unzip-and-install-yarn-acceptance",
         "image": OC_CI_NODEJS % DEFAULT_NODEJS_VERSION,
         "commands": [

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,7 +7,15 @@ The following sections list the changes for unreleased.
 ## Summary
 
 * Bugfix - Disable default expiration for public links: [#4445](https://github.com/owncloud/ocis/issues/4445)
+* Bugfix - Translations on login page: [#7550](https://github.com/owncloud/web/issues/7550)
+* Bugfix - Fix permissions in REPORT: [#4520](https://github.com/owncloud/ocis/pull/4520)
+* Bugfix - Fix search report: [#7557](https://github.com/owncloud/web/issues/7557)
+* Enhancement - Introduce "delete-all-spaces" permission: [#4196](https://github.com/owncloud/ocis/issues/4196)
 * Enhancement - Add previewFileMimeTypes to web default config: [#4414](https://github.com/owncloud/ocis/pull/4414)
+* Enhancement - Improve login screen design: [#4500](https://github.com/owncloud/ocis/pull/4500)
+* Enhancement - Automatically orientate photos when generating thumbnails: [#4477](https://github.com/owncloud/ocis/issues/4477)
+* Enhancement - Refactor the proxy service: [#4401](https://github.com/owncloud/ocis/issues/4401)
+* Enhancement - Update Reva: [#4522](https://github.com/owncloud/ocis/pull/4522)
 
 ## Details
 
@@ -22,12 +30,80 @@ The following sections list the changes for unreleased.
    https://github.com/owncloud/ocis/issues/4445
    https://github.com/owncloud/ocis/pull/4475
 
+* Bugfix - Translations on login page: [#7550](https://github.com/owncloud/web/issues/7550)
+
+   We've fixed several translations on the login page. Also, the browser language is now being
+   used properly to determine the language.
+
+   https://github.com/owncloud/web/issues/7550
+   https://github.com/owncloud/ocis/pull/4504
+
+* Bugfix - Fix permissions in REPORT: [#4520](https://github.com/owncloud/ocis/pull/4520)
+
+   The REPORT endpoint wouldn't return any permissions on personal spaces Now it does. Also bumps
+   reva
+
+   https://github.com/owncloud/ocis/pull/4520
+
+* Bugfix - Fix search report: [#7557](https://github.com/owncloud/web/issues/7557)
+
+   There were multiple issues with REPORT search responses from webdav. Also we want it to be
+   consistent with PROPFIND responses. * the `remote.php` prefix was missing from the href
+   (added even though not neccessary) * the ids were formatted wrong, they should look different
+   for shares and spaces. * the name of the resource was missing * the shareid was missing (for
+   shares) * the prop `shareroot` (containing the name of the share root) was missing * the
+   permissions prop was empty
+
+   https://github.com/owncloud/web/issues/7557
+   https://github.com/owncloud/ocis/pull/4484
+
+* Enhancement - Introduce "delete-all-spaces" permission: [#4196](https://github.com/owncloud/ocis/issues/4196)
+
+   This is assigned to the Admin role by default and allows to cleanup orphaned spaces (e.g. where
+   the owner as been deleted)
+
+   https://github.com/owncloud/ocis/issues/4196
+
 * Enhancement - Add previewFileMimeTypes to web default config: [#4414](https://github.com/owncloud/ocis/pull/4414)
 
    We've added previewFileMimeTypes to the web default config, so web can determine which
    preview types are supported by the backend.
 
    https://github.com/owncloud/ocis/pull/4414
+
+* Enhancement - Improve login screen design: [#4500](https://github.com/owncloud/ocis/pull/4500)
+
+   We've improved the design of the login screen to match with the general design used in Web.
+
+   https://github.com/owncloud/web/issues/7552
+   https://github.com/owncloud/ocis/pull/4500
+
+* Enhancement - Automatically orientate photos when generating thumbnails: [#4477](https://github.com/owncloud/ocis/issues/4477)
+
+   The thumbnailer now makes use of the exif orientation information to automatically orientate
+   pictures before generating thumbnails.
+
+   https://github.com/owncloud/ocis/issues/4477
+   https://github.com/owncloud/ocis/pull/4513
+
+* Enhancement - Refactor the proxy service: [#4401](https://github.com/owncloud/ocis/issues/4401)
+
+   The routes of the proxy service now have a "unprotected" flag. This is used by the
+   authentication middleware to determine if the request needs to be blocked when missing
+   authentication or not.
+
+   https://github.com/owncloud/ocis/issues/4401
+   https://github.com/owncloud/ocis/issues/4497
+   https://github.com/owncloud/ocis/pull/4461
+   https://github.com/owncloud/ocis/pull/4498
+   https://github.com/owncloud/ocis/pull/4514
+
+* Enhancement - Update Reva: [#4522](https://github.com/owncloud/ocis/pull/4522)
+
+   Update reva to latest edge.
+
+   https://github.com/owncloud/ocis/pull/4522
+   https://github.com/owncloud/ocis/pull/4534
 # Changelog for [2.0.0-beta.7] (2022-08-26)
 
 The following sections list the changes for 2.0.0-beta.7.

diff --git a/changelog/unreleased/bugfix-i18n-login-page.md b/changelog/unreleased/bugfix-i18n-login-page.md
@@ -0,0 +1,6 @@
+Bugfix: Translations on login page
+
+We've fixed several translations on the login page. Also, the browser language is now being used properly to determine the language.
+
+https://github.com/owncloud/web/issues/7550
+https://github.com/owncloud/ocis/pull/4504
diff --git a/changelog/unreleased/delete-orphaned-spaces.md b/changelog/unreleased/delete-orphaned-spaces.md
@@ -0,0 +1,6 @@
+Enhancement: Introduce "delete-all-spaces" permission
+
+This is assigned to the Admin role by default and allows to cleanup orphaned
+spaces (e.g. where the owner as been deleted)
+
+https://github.com/owncloud/ocis/issues/4196
diff --git a/changelog/unreleased/enhancement-login-screen-design.md b/changelog/unreleased/enhancement-login-screen-design.md
@@ -0,0 +1,6 @@
+Enhancement: Improve login screen design
+
+We've improved the design of the login screen to match with the general design used in Web.
+
+https://github.com/owncloud/ocis/pull/4500
+https://github.com/owncloud/web/issues/7552
diff --git a/changelog/unreleased/fix-permissions-for-report.md b/changelog/unreleased/fix-permissions-for-report.md
@@ -0,0 +1,6 @@
+Bugfix: Fix permissions in REPORT
+
+The REPORT endpoint wouldn't return any permissions on personal spaces
+Now it does. Also bumps reva
+
+https://github.com/owncloud/ocis/pull/4520
diff --git a/changelog/unreleased/fix-search-report.md b/changelog/unreleased/fix-search-report.md
@@ -0,0 +1,12 @@
+Bugfix: Fix search report
+
+There were multiple issues with REPORT search responses from webdav. Also we want it to be consistent with PROPFIND responses.
+*   the `remote.php` prefix was missing from the href (added even though not neccessary)
+*   the ids were formatted wrong, they should look different for shares and spaces.
+*   the name of the resource was missing
+*   the shareid was missing (for shares)
+*   the prop `shareroot` (containing the name of the share root) was missing
+*   the permissions prop was empty
+
+https://github.com/owncloud/web/issues/7557
+https://github.com/owncloud/ocis/pull/4484
diff --git a/changelog/unreleased/get-received-share.md b/changelog/unreleased/get-received-share.md
@@ -0,0 +1,6 @@
+Enhancement: OCS get share now also handle received shares
+
+Requesting a specific share can now also correctly map the path to the mountpoint if the requested share is a received share.
+
+https://github.com/owncloud/ocis/issues/4322
+https://github.com/owncloud/ocis/pull/4539
diff --git a/changelog/unreleased/orientate-thumbnails.md b/changelog/unreleased/orientate-thumbnails.md
@@ -0,0 +1,6 @@
+Enhancement: Automatically orientate photos when generating thumbnails
+
+The thumbnailer now makes use of the exif orientation information to automatically orientate pictures before generating thumbnails.
+
+https://github.com/owncloud/ocis/issues/4477
+https://github.com/owncloud/ocis/pull/4513
diff --git a/changelog/unreleased/refactor-proxy.md b/changelog/unreleased/refactor-proxy.md
@@ -0,0 +1,9 @@
+Enhancement: Refactor the proxy service
+
+The routes of the proxy service now have a "unprotected" flag. This is used by the authentication middleware to determine if the request needs to be blocked when missing authentication or not. 
+
+https://github.com/owncloud/ocis/issues/4401
+https://github.com/owncloud/ocis/issues/4497
+https://github.com/owncloud/ocis/pull/4461
+https://github.com/owncloud/ocis/pull/4498
+https://github.com/owncloud/ocis/pull/4514
diff --git a/changelog/unreleased/update-reva-beta8.md b/changelog/unreleased/update-reva-beta8.md
@@ -0,0 +1,6 @@
+Enhancement: Update Reva
+
+Update reva to latest edge.
+
+https://github.com/owncloud/ocis/pull/4522
+https://github.com/owncloud/ocis/pull/4534
diff --git a/go.mod b/go.mod
@@ -9,10 +9,9 @@ require (
 	github.com/ReneKroon/ttlcache/v2 v2.11.0
 	github.com/bbalet/stopwords v1.0.0
 	github.com/blevesearch/bleve/v2 v2.3.4
-	github.com/blevesearch/bleve_index_api v1.0.3
-	github.com/coreos/go-oidc/v3 v3.2.0
+	github.com/coreos/go-oidc/v3 v3.3.0
 	github.com/cs3org/go-cs3apis v0.0.0-20220818202316-e92afdddac6d
-	github.com/cs3org/reva/v2 v2.8.1-0.20220831084750-0be72e4642ec
+	github.com/cs3org/reva/v2 v2.8.1-0.20220908103049-a4e24666b1db
 	github.com/disintegration/imaging v1.6.2
 	github.com/ggwhite/go-masker v1.0.9
 	github.com/go-chi/chi/v5 v5.0.7
@@ -40,7 +39,7 @@ require (
 	github.com/google/go-tika v0.2.0
 	github.com/gookit/config/v2 v2.1.2
 	github.com/gorilla/mux v1.8.0
-	github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.2
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3
 	github.com/justinas/alice v1.2.0
 	github.com/libregraph/idm v0.3.1-0.20220808071235-17bb032176de
 	github.com/libregraph/lico v0.54.1-0.20220325072321-31efc3995d63
@@ -50,20 +49,20 @@ require (
 	github.com/oklog/run v1.1.0
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/onsi/ginkgo v1.16.5
-	github.com/onsi/ginkgo/v2 v2.1.4
-	github.com/onsi/gomega v1.20.0
+	github.com/onsi/ginkgo/v2 v2.1.6
+	github.com/onsi/gomega v1.20.2
 	github.com/orcaman/concurrent-map v1.0.0
-	github.com/owncloud/libre-graph-api-go v0.16.0
+	github.com/owncloud/libre-graph-api-go v0.17.0
 	github.com/pkg/errors v0.9.1
 	github.com/prometheus/client_golang v1.13.0
-	github.com/rs/zerolog v1.27.0
+	github.com/rs/zerolog v1.28.0
 	github.com/sirupsen/logrus v1.9.0
 	github.com/spf13/cobra v1.5.0
 	github.com/stretchr/testify v1.8.0
 	github.com/test-go/testify v1.1.4
 	github.com/thejerf/suture/v4 v4.0.2
-	github.com/tus/tusd v1.9.0
-	github.com/urfave/cli/v2 v2.11.2
+	github.com/tus/tusd v1.9.1
+	github.com/urfave/cli/v2 v2.14.0
 	github.com/xhit/go-simple-mail/v2 v2.11.0
 	go-micro.dev/v4 v4.8.1
 	go.etcd.io/bbolt v1.3.6
@@ -73,15 +72,15 @@ require (
 	go.opentelemetry.io/otel/exporters/jaeger v1.9.0
 	go.opentelemetry.io/otel/sdk v1.9.0
 	go.opentelemetry.io/otel/trace v1.9.0
-	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa
+	golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90
 	golang.org/x/exp v0.0.0-20220518171630-0b5c67f07fdf
 	golang.org/x/image v0.0.0-20220321031419-a8550c1d254a
-	golang.org/x/net v0.0.0-20220624214902-1bab6f366d9e
-	golang.org/x/oauth2 v0.0.0-20220722155238-128564f6959c
+	golang.org/x/net v0.0.0-20220826154423-83b083e8dc8b
+	golang.org/x/oauth2 v0.0.0-20220822191816-0ebed06d0094
 	golang.org/x/term v0.0.0-20220722155259-a9ba230a4035
 	golang.org/x/text v0.3.7
-	google.golang.org/genproto v0.0.0-20220805133916-01dd62135a58
-	google.golang.org/grpc v1.48.0
+	google.golang.org/genproto v0.0.0-20220822174746-9e6da59bd2fc
+	google.golang.org/grpc v1.49.0
 	google.golang.org/protobuf v1.28.1
 	gopkg.in/yaml.v2 v2.4.0
 	gotest.tools/v3 v3.3.0
@@ -110,6 +109,7 @@ require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/bitly/go-simplejson v0.5.0 // indirect
 	github.com/bits-and-blooms/bitset v1.2.1 // indirect
+	github.com/blevesearch/bleve_index_api v1.0.3 // indirect
 	github.com/blevesearch/geo v0.1.13 // indirect
 	github.com/blevesearch/go-porterstemmer v1.0.3 // indirect
 	github.com/blevesearch/gtreap v0.1.1 // indirect
@@ -179,7 +179,7 @@ require (
 	github.com/google/go-cmp v0.5.8 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/uuid v1.3.0 // indirect
-	github.com/gookit/goutil v0.5.2 // indirect
+	github.com/gookit/goutil v0.5.11 // indirect
 	github.com/gorilla/handlers v1.5.1 // indirect
 	github.com/gorilla/schema v1.2.0 // indirect
 	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect
@@ -208,7 +208,7 @@ require (
 	github.com/longsleep/go-metrics v1.0.0 // indirect
 	github.com/mattermost/xml-roundtrip-validator v0.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.12 // indirect
-	github.com/mattn/go-isatty v0.0.14 // indirect
+	github.com/mattn/go-isatty v0.0.16 // indirect
 	github.com/mattn/go-runewidth v0.0.13 // indirect
 	github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
@@ -245,7 +245,7 @@ require (
 	github.com/prometheus/statsd_exporter v0.22.4 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/rs/cors v1.8.2 // indirect
-	github.com/rs/xid v1.3.0 // indirect
+	github.com/rs/xid v1.4.0 // indirect
 	github.com/russellhaering/goxmldsig v1.1.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/sciencemesh/meshdirectory-web v1.0.4 // indirect
@@ -268,12 +268,11 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.7.0 // indirect
 	go.uber.org/zap v1.19.1 // indirect
-	golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3 // indirect
+	golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 // indirect
 	golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4 // indirect
-	golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f // indirect
+	golang.org/x/sys v0.0.0-20220829200755-d48e67d00261 // indirect
 	golang.org/x/time v0.0.0-20220224211638-0e9765cccd65 // indirect
-	golang.org/x/tools v0.1.10 // indirect
-	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	golang.org/x/tools v0.1.12 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	gopkg.in/ini.v1 v1.66.2 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect