Skip to content

v1.29.0
Compare
Choose a tag to compare
@github-actions github-actions released this 07 Jan 10:00
· 16 commits to master since this release
v1.29.0
74e4d1e

Changelog for reva 1.29.0 (2025-01-07)

The following sections list the changes in reva 1.29.0 relevant to
reva users. The changes are ordered by importance.

Summary

  • Fix #4898: Make ACL operations work over gRPC
  • Fix #4667: Fixed permission mapping to EOS ACLs
  • Fix #4520: Do not use version folders for xattrs in EOS
  • Fix #4599: Auth: increase verbosity of oidc parsing errors
  • Fix #5006: Blocking reva on listSharedWithMe
  • Fix #4557: Fix ceph build
  • Fix #5017: No empty favs attr
  • Fix #4620: Fix ulimits for EOS container deployment
  • Fix #5015: Fixed error reporting in the EOS gRPC client
  • Fix #4931: Fixed tree metadata following fix in EOS
  • Fix #4930: Make removal of favourites work
  • Fix #4574: Fix notifications
  • Fix #4790: Ocm: fixed domain not having a protocol scheme
  • Fix #4849: Drop assumptions about user types when dealing with shares
  • Fix #4894: No certs in EOS HTTP client
  • Fix #4810: Simplified error handling
  • Fix #4973: Handle parsing of favs over gRPC
  • Fix #4901: Broken PROPFIND perms on gRPC
  • Fix #4907: Public links: return error when owner could not be resolved
  • Fix #4591: Eos: fixed error reporting for too large recycle bin listing
  • Fix #4896: Fix nilpointer error in RollbackToVersion
  • Fix #4905: PurgeDate in ListDeletedEntries was ignored
  • Fix #4939: Revert 'make home layout configurable'
  • Enh #5028: Handle empty EOS traces
  • Enh #4911: Cephfs refactoring + make home layout configurable
  • Enh #4937: @labkode steps down as project owner
  • Enh #4579: Remove domain-specific code to other repos
  • Enh #4824: Refactor Ceph code
  • Enh #4797: Refactor CI jobs and bump to latest deps
  • Enh #4934: Access to EOS via tokens over gRPC
  • Enh #4870: Only load X509 on https
  • Enh #5014: Log app when creating EOS gRPC requests
  • Enh #4892: Do not read eos user ACLs any longer
  • Enh #4720: Differentiate quota for user types in EOS
  • Enh #4863: Favourites for eos/grpc
  • Enh #5013: Updated dependencies + moved to go 1.22
  • Enh #4514: Pass lock holder metadata on uploads
  • Enh #4970: Improved logging on createHome
  • Enh #4984: Drop shadow namespaces
  • Enh #4670: Ocm: support bearer token access
  • Enh #4977: Do not use root on EOS

Details

  • Bugfix #4898: Make ACL operations work over gRPC

    This change solves two issues: * AddACL would fail, because the current implementation of
    AddACL in the EOS gRPC client always sets msg.Recursive = true. This causes issues on the EOS
    side, because it will try running a recursive find on a file, which fails. * RemoveACL would
    fail, because it tried matching ACL rules with a uid to ACL rules with a username. This PR changes
    this approach to use an approach similar to what is used in the binary client: just set the rule
    that you want to have deleted with no permissions.

    #4898

  • Bugfix #4667: Fixed permission mapping to EOS ACLs

    This is to remove "m" and "q" flags in EOS ACLs for regular write shares (no re-sharing).

    #4667

  • Bugfix #4520: Do not use version folders for xattrs in EOS

    This was a workaround needed some time ago. We revert now to the standard behavior, xattrs are
    stored on the files.

    #4520

  • Bugfix #4599: Auth: increase verbosity of oidc parsing errors

    This is to help further debugging of auth issues. An unrelated error reporting was also fixed.

    #4599

  • Bugfix #5006: Blocking reva on listSharedWithMe

    listSharesWithMe blocked a reva thread in the case that one of the shares was not resolvable.
    This has now been fixed

    #5006

  • Bugfix #4557: Fix ceph build

    #4557

  • Bugfix #5017: No empty favs attr

    See issue #5016: we now unset the favs attr if no more favs are set

    #5017

  • Bugfix #4620: Fix ulimits for EOS container deployment

    #4620

  • Bugfix #5015: Fixed error reporting in the EOS gRPC client

    This in particular fixes the lock-related errors

    #5015

  • Bugfix #4931: Fixed tree metadata following fix in EOS

    The treecount is now populated from the EOS response.

    #4931

  • Bugfix #4930: Make removal of favourites work

    Currently, removing a folder from your favourites is broken, because the handleFavAttr
    method is only called in SetAttr, not in UnsetAttr. This change fixes this.

    #4930

  • Bugfix #4574: Fix notifications

    #4574

  • Bugfix #4790: Ocm: fixed domain not having a protocol scheme

    This PR fixes a bug in the OCM open driver that causes it to be unable to probe OCM services at the
    remote server due to the domain having an unsupported protocol scheme. in this case domain
    doesn't have a scheme and the changes in this PR add a scheme to the domain before doing the probe.

    #4790

  • Bugfix #4849: Drop assumptions about user types when dealing with shares

    We may have external accounts with regular usernames (and with null uid), therefore the
    current logic to heuristically infer the user type from a grantee's username is broken. This PR
    removes those heuristics and requires the upper level to resolve the user type.

    #4849

  • Bugfix #4894: No certs in EOS HTTP client

    Omit HTTPS cert in EOS HTTP Client, as this causes authentication issues on EOS < 5.2.28. When
    EOS receives a certificate, it will look for this cert in the gridmap file. If it is not found
    there, the whole authn flow is aborted and the user is mapped to nobody.

    #4894

  • Bugfix #4810: Simplified error handling

    Minor rewording and simplification, following cs3org/OCM-API#90 and cs3org/OCM-API#91

    #4810

  • Bugfix #4973: Handle parsing of favs over gRPC

    To store user favorites, the key user.http://owncloud.org/ns/favorite maps to a list of
    users, in the format u:username=1. Right now, extracting the "correct" user doesn't happen
    in gRPC, while it is implemented in the EOS binary client. This feature has now been moved to the
    higher-level call in eosfs.

    #4973

  • Bugfix #4901: Broken PROPFIND perms on gRPC

    When using the EOS gRPC stack, the permissions returned by PROPFIND on a folder in a project were
    erroneous because ACL permissions were being ignored. This stems from a bug in
    grpcMDResponseToFileInfo, where the SysACL attribute of the FileInfo struct was not being
    populated.

    #4901
    see:

  • Bugfix #4907: Public links: return error when owner could not be resolved

    #4907

  • Bugfix #4591: Eos: fixed error reporting for too large recycle bin listing

    EOS returns E2BIG, which internally gets converted to PermissionDenied and has to be properly
    handled in this case.

    #4591

  • Bugfix #4896: Fix nilpointer error in RollbackToVersion

    #4896

  • Bugfix #4905: PurgeDate in ListDeletedEntries was ignored

    The date range that can be passed to ListDeletedEntries was not taken into account due to a bug in
    reva: the Purgedate argument was set, which only works for PURGE requests, and not for LIST
    requests. Instead, the Listflag argument must be used. Additionally, there was a bug in the
    loop that is used to iterate over all days in the date range.

    #4905

  • Bugfix #4939: Revert 'make home layout configurable'

    Partial revert of #4911, to be re-added after more testing and configuration validation. The
    eoshome vs eos storage drivers are to be adapted.

    #4939

  • Enhancement #5028: Handle empty EOS traces

    #5028

  • Enhancement #4911: Cephfs refactoring + make home layout configurable

    #4911

  • Enhancement #4937: @labkode steps down as project owner

    Hugo (@labkode) steps down as project owner of Reva.

    #4937

  • Enhancement #4579: Remove domain-specific code to other repos

    #4579

  • Enhancement #4824: Refactor Ceph code

    #4824

  • Enhancement #4797: Refactor CI jobs and bump to latest deps

    #4797

  • Enhancement #4934: Access to EOS via tokens over gRPC

    As a guest account, accessing a file shared with you relies on a token that is generated on behalf
    of the resource owner. This method, GenerateToken, has now been implemented in the EOS gRPC
    client. Additionally, the HTTP client now takes tokens into account.

    #4934

  • Enhancement #4870: Only load X509 on https

    Currently, the EOS HTTP Client always tries to read an X509 key pair from the file system (by
    default, from /etc/grid-security/host{key,cert}.pem). This makes it harder to write unit
    tests, as these fail when this key pair is not on the file system (which is the case for the test
    pipeline as well).

    This PR introduces a fix for this problem, by only loading the X509 key pair if the scheme of the
    EOS endpoint is https. Unit tests can then create a mock HTTP endpoint, which will not trigger
    the loading of the key pair.

    #4870

  • Enhancement #5014: Log app when creating EOS gRPC requests

    #5014

  • Enhancement #4892: Do not read eos user ACLs any longer

    This PR drops the compatibility code to read eos user ACLs in the eos binary client, and aligns it
    to the GRPC client.

    #4892

  • Enhancement #4720: Differentiate quota for user types in EOS

    We now assign a different initial quota to users depending on their type, whether PRIMARY or
    not.

    #4720

  • Enhancement #4863: Favourites for eos/grpc

    #4863

  • Enhancement #5013: Updated dependencies + moved to go 1.22

    #5013

  • Enhancement #4514: Pass lock holder metadata on uploads

    We now pass relevant metadata (lock id and lock holder) downstream on uploads, and handle the
    case of conflicts due to lock mismatch.

    #4514

  • Enhancement #4970: Improved logging on createHome

    #4970

  • Enhancement #4984: Drop shadow namespaces

    This comes as part of the effort to operate EOS without being root, see
    #4977

    In this PR the post-home creation hook (and corresponding flag) is replaced by a
    create_home_hook, and the following configuration parameters are suppressed:

    Shadow_namespace share_folder default_quota_bytes default_secondary_quota_bytes
    default_quota_files uploads_namespace (unused)

    #4984

  • Enhancement #4670: Ocm: support bearer token access

    This PR adds support for accessing remote OCM 1.1 shares via bearer token, as opposed to having
    the shared secret in the URL only. In addition, the OCM client package is now part of the OCMD
    server package, and the Discover methods have been all consolidated in one place.

    #4670

  • Enhancement #4977: Do not use root on EOS

    Currently, the EOS drivers use root authentication for many different operations. This has
    now been changed to use one of the following: * cbox, which is a sudo'er * daemon, for read-only
    operations * the user himselft

    Note that home creation is excluded here as this will be tackled in a different PR.

    #4977

Contributors

labkode
Assets 14
Loading