Releases: cs3org/reva
v2.7.1
Changelog for reva 2.7.1 (2022-07-15)
The following sections list the changes in reva 2.7.1 relevant to
reva users. The changes are ordered by importance.
Summary
Details
v2.7.0
Changelog for reva 2.7.0 (2022-07-15)
The following sections list the changes in reva 2.7.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #3075: Check permissions of the move operation destination
- Fix #3036: Fix revad with EOS docker image
- Fix #3037: Add uid- and gidNumber to LDAP queries
- Fix #4061: Forbid resharing with higher permissions
- Fix #3017: Removed unused gateway config "commit_share_to_storage_ref"
- Fix #3031: Return proper response code when detecting recursive copy/move operations
- Fix #3071: Make CS3 sharing drivers parse legacy resource id
- Fix #3035: Prevent cross space move
- Fix #3074: Send storage provider and space id to wopi server
- Fix #3022: Improve the sharing internals
- Fix #2977: Test valid filename on spaces tus upload
- Chg #3006: Use spaceID on the cs3api
- Enh #3043: Introduce LookupCtx for index interface
- Enh #3009: Prevent recursive copy/move operations
- Enh #2977: Skip space lookup on space propfind
Details
-
Bugfix #3075: Check permissions of the move operation destination
We now properly check the permissions on the target of move operations.
-
Bugfix #3036: Fix revad with EOS docker image
We've fixed the revad with EOS docker image. Previously the revad binary was build on Alpine and
not executable on the final RHEL based image. -
Bugfix #3037: Add uid- and gidNumber to LDAP queries
For the EOS storage to work correctly the uid- and gidNumber attributes need to be populated.
-
Bugfix #4061: Forbid resharing with higher permissions
When creating a public link from a viewer share a user was able to set editor permissions on that
link. This was because of a missing check that is added now -
Bugfix #3017: Removed unused gateway config "commit_share_to_storage_ref"
We've removed the unused gateway configuration option "commit_share_to_storage_ref".
-
Bugfix #3031: Return proper response code when detecting recursive copy/move operations
We changed the ocdav response code to "409 - Conflict" when a recursive operation was detected.
-
Bugfix #3071: Make CS3 sharing drivers parse legacy resource id
The CS3 public and user sharing drivers will now correct a resource id that is missing a spaceid
when it can split the storageid. -
Bugfix #3035: Prevent cross space move
Decomposedfs now prevents moving across space boundaries
-
Bugfix #3074: Send storage provider and space id to wopi server
We are now concatenating storage provider id and space id into the endpoint that is sent to the
wopiserver -
Bugfix #3022: Improve the sharing internals
We cleaned up the sharing code validation and comparisons.
-
Bugfix #2977: Test valid filename on spaces tus upload
Tus uploads in spaces now also test valid filenames.
-
Change #3006: Use spaceID on the cs3api
We introduced a new spaceID field on the cs3api to implement the spaces feature in a cleaner way.
-
Enhancement #3043: Introduce LookupCtx for index interface
The index interface now has a new LookupCtx that can look up multiple values so we can more
efficiently look up multiple shares by id. It also takes a context so we can pass on the trace
context to the CS3 backend -
Enhancement #3009: Prevent recursive copy/move operations
We changed the ocs API to prevent copying or moving a folder into one of its children.
-
Enhancement #2977: Skip space lookup on space propfind
We now construct the space id from the /dav/spaces URL intead of making a request to the
registry.owncloud/ocis#1277
owncloud/ocis#2144
owncloud/ocis#3073
#2977
v2.6.1
Changelog for reva 2.6.1 (2022-06-27)
The following sections list the changes in reva 2.6.1 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2998: Fix 0-byte-uploads
- Enh #3983: Add capability for alias links
- Enh #3000: Make less stat requests
- Enh #3003: Distinguish GRPC FAILED_PRECONDITION and ABORTED codes
- Enh #3005: Remove unused HomeMapping variable
Details
-
Bugfix #2998: Fix 0-byte-uploads
We fixed a problem with 0-byte uploads by using TouchFile instead of going through TUS
(decomposedfs and owncloudsql storage drivers only for now). -
Enhancement #3983: Add capability for alias links
For better UX clients need a way to discover if alias links are supported by the server. We added a
capability under "files_sharing/public/alias" -
Enhancement #3000: Make less stat requests
The /dav/spaces endpoint now constructs a reference instead of making a lookup grpc call,
reducing the number of requests. -
Enhancement #3003: Distinguish GRPC FAILED_PRECONDITION and ABORTED codes
Webdav distinguishes between 412 precondition failed for if match errors for locks or etags,
uses 405 Method Not Allowed when trying to MKCOL an already existing collection and 409
Conflict when intermediate collections are missing.The CS3 GRPC status codes are modeled after
https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto. When
trying to use the error codes to distinguish these cases on a storageprovider CreateDir call we
can map ALREADY_EXISTS to 405, FAILED_PRECONDITION to 409 and ABORTED to 412.Unfortunately, we currently use and map FAILED_PRECONDITION to 412. I assume, because the
naming is very similar to PreconditionFailed. However the GRPC docs are very clear that
ABORTED should be used, specifically mentioning etags and locks.With this PR we internally clean up the usage in the decomposedfs and mapping in the ocdav
handler. -
Enhancement #3005: Remove unused HomeMapping variable
We have removed the unused HomeMapping variable from the gateway.
v2.6.0
Changelog for reva 2.6.0 (2022-06-21)
The following sections list the changes in reva 2.6.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2985: Make stat requests route based on storage providerid
- Fix #2987: Let archiver handle all error codes
- Fix #2994: Fix errors when loading shares
- Fix #2996: Do not close share dump channels
- Fix #2993: Remove unused configuration
- Fix #2950: Fix sharing with space ref
- Fix #2991: Make sharesstorageprovider get accepted share
- Chg #2877: Enable resharing
- Chg #2984: Update CS3Apis
- Enh #3753: Add executant to the events
- Enh #2820: Instrument GRPC and HTTP requests with OTel
- Enh #2975: Leverage shares space storageid and type when listing shares
- Enh #3882: Explicitly return on ocdav move requests with body
- Enh #2932: Stat accepted shares mountpoints, configure existing share updates
- Enh #2944: Improve owncloudsql connection management
- Enh #2962: Per service TracerProvider
- Enh #2911: Allow for dumping and loading shares
- Enh #2938: Sharpen tooling
Details
-
Bugfix #2985: Make stat requests route based on storage providerid
The gateway now uses a filter mask to only fetch the root id of a space for stat requests. This
allows the spaces registry to determine the responsible storage provider without querying
the storageproviders. -
Bugfix #2987: Let archiver handle all error codes
We fixed the archiver handler to handle all error codes
-
Bugfix #2994: Fix errors when loading shares
We fixed a bug where loading shares and associated received shares ran into issues when
handling them simultaneously. -
Bugfix #2996: Do not close share dump channels
We no longer close the channels when dumping shares, it's the responsibility of the caller.
-
Bugfix #2993: Remove unused configuration
We've fixed removed unused configuration:
insecurefrom the dataprovider -timeoutfrom the dataprovider -tmp_folderfrom the
storageprovider
-
Bugfix #2950: Fix sharing with space ref
We've fixed a bug where share requests with
pathattribute present ignored thespace_ref
attribute. We now give thespace_refattribute precedence over thepathattribute. -
Bugfix #2991: Make sharesstorageprovider get accepted share
The sharesstorageprovider now gets an accepted share instead of filtering all shares.
-
Change #2877: Enable resharing
This will allow resharing of files. - All Viewers and Editors are now able to reshare files and
folders - One can still edit their own shares, even when loosing share permissions - Viewers and
Editors in a space are not affected -
Change #2984: Update CS3Apis
Updated the CS3Apis to make use of field_mask and pagination for list requests.
-
Enhancement #3753: Add executant to the events
Added the executant field to all events.
-
Enhancement #2820: Instrument GRPC and HTTP requests with OTel
We've added the enduser.id tag to the HTTP and GRPC requests. We've fixed the tracer names.
We've decorated the traces with the hostname. -
Enhancement #2975: Leverage shares space storageid and type when listing shares
The list shares call now also fills the storageid to allow the space registry to directly route
requests to the correct storageprovider. The spaces registry will now also skip
storageproviders that are not configured for a requested type, causing type 'personal'
requests to skip the sharestorageprovider. -
Enhancement #3882: Explicitly return on ocdav move requests with body
Added a check if a ocdav move request contains a body. If it does a 415 415 (Unsupported Media
Type) will be returned. -
Enhancement #2932: Stat accepted shares mountpoints, configure existing share updates
-
Enhancement #2944: Improve owncloudsql connection management
The owncloudsql storagedriver is now aware of the request context and will close db
connections when http connections are closed or time out. We also increased the max number of
open connections from 10 to 100 to prevent a corner case where all connections were used but idle
connections were not freed. -
Enhancement #2962: Per service TracerProvider
To improve tracing we create separate TracerProviders per service now. This is especially
helpful when running multiple reva services in a single process (like e.g. oCIS does). -
Enhancement #2911: Allow for dumping and loading shares
We now have interfaces for dumpable and loadable share manages which can be used to migrate
shares between share managers -
Enhancement #2938: Sharpen tooling
- We increased the linting timeout to 10min which caused some release builds to time out
v1.19.0
Changelog for reva 1.19.0 (2022-06-16)
The following sections list the changes in reva 1.19.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2693: Support editnew actions from MS Office
- Fix #2588: Dockerfile.revad-ceph to use the right base image
- Fix #2216: Make hardcoded HTTP "insecure" options configurable
- Fix #2860: Use
eos-allparent image - Fix #2499: Removed check DenyGrant in resource permission
- Fix #2712: Update Dockerfile.revad.eos to not break the image
- Fix #2789: Minor fixes in cephfs and eosfs
- Fix #2285: Accept new userid idp format
- Fix #2608: Respect the tracing_service_name config variable
- Fix #2841: Refactors logger to have ctx
- Fix #2759: Made uid, gid claims parsing more robust in OIDC auth provider
- Fix #2842: Fix download action in SDK
- Fix #2555: Fix site accounts endpoints
- Fix #2675: Updates Makefile according to latest go standards
- Fix #2572: Wait for nats server on middleware start
- Chg #2596: Remove hash from public link urls
- Chg #2559: Do not encode webDAV ids to base64
- Chg #2561: Merge oidcmapping auth manager into oidc
- Enh #2698: Make capabilities endpoint public, authenticate users is present
- Enh #2813: Support custom mimetypes in the WOPI appprovider driver
- Enh #2515: Enabling tracing by default if not explicitly disabled
- Enh #160: Implement the CS3 Lock API in the EOS storage driver
- Enh #2686: Features for favorites xattrs in EOS, cache for scope expansion
- Enh #2494: Use sys ACLs for file permissions
- Enh #2522: Introduce events
- Enh #2685: Enable federated account access
- Enh #2801: Use functional options for client gRPC connections
- Enh #2921: Use standard header for checksums
- Enh #2480: Group based capabilities
- Enh #1787: Add support for HTTP TPC
- Enh #2560: Mentix PromSD extensions
- Enh #2613: Externalize custom mime types configuration for storage providers
- Enh #2163: Nextcloud-based share manager for pkg/ocm/share
- Enh #2696: Preferences driver refactor and cbox sql implementation
- Enh #2052: New CS3API datatx methods
- Enh #2738: Site accounts site-global settings
- Enh #2672: Further Site Accounts improvements
- Enh #2549: Site accounts improvements
- Enh #2488: Cephfs support keyrings with IDs
- Enh #2514: Reuse ocs role objects in other drivers
- Enh #2752: Refactor the rest user and group provider drivers
- Enh #2946: Make user share indicators read from the share provider service
Details
-
Bugfix #2693: Support editnew actions from MS Office
This fixes the incorrect behavior when creating new xlsx and pptx files, as MS Office supports
the editnew action and it must be used for newly created files instead of the normal edit action. -
Bugfix #2588: Dockerfile.revad-ceph to use the right base image
In Aug2021 https://hub.docker.com/r/ceph/daemon-base was moved to quay.ceph.io and the
builds for this image were failing for some weeks after January. -
Bugfix #2216: Make hardcoded HTTP "insecure" options configurable
HTTP "insecure" options must be configurable and default to false.
-
Bugfix #2860: Use
eos-allparent image -
Bugfix #2499: Removed check DenyGrant in resource permission
When adding a denial permission
-
Bugfix #2712: Update Dockerfile.revad.eos to not break the image
-
Bugfix #2789: Minor fixes in cephfs and eosfs
-
Bugfix #2285: Accept new userid idp format
The format for userid idp changed and
this broke the ocmd
tutorial
This PR makes the provider authorizer interceptor accept both the old and the new string
format. -
Bugfix #2608: Respect the tracing_service_name config variable
-
Bugfix #2841: Refactors logger to have ctx
This fixes the native library loggers which are not associated with the context and thus are not
handled properly in the reva runtime. -
Bugfix #2759: Made uid, gid claims parsing more robust in OIDC auth provider
This fix makes sure the uid and gid claims are defined at init time, and that the necessary
typecasts are performed correctly when authenticating users. A comment was added that in case
the uid/gid claims are missing AND that no mapping takes place, a user entity is returned with
uid = gid = 0. -
Bugfix #2842: Fix download action in SDK
The download action was no longer working in the SDK (used by our testing probes); this PR fixes
the underlying issue. -
Bugfix #2555: Fix site accounts endpoints
This PR fixes small bugs in the site accounts endpoints.
-
Bugfix #2675: Updates Makefile according to latest go standards
Earlier, we were using go get to install packages. Now, we are using go install to install
packages -
Bugfix #2572: Wait for nats server on middleware start
Use a retry mechanism to connect to the nats server when it is not ready yet
-
Change #2596: Remove hash from public link urls
Public link urls do not contain the hash anymore, this is needed to support the ocis and web
history mode. -
Change #2559: Do not encode webDAV ids to base64
We removed the base64 encoding of the IDs and use the format ! with a
!
delimiter. As a reserved delimiter it is URL safe. The IDs will be XML and JSON encoded as
necessary. -
Change #2561: Merge oidcmapping auth manager into oidc
The oidcmapping auth manager was created as a separate package to ease testing. As it has now
been tested also as a pure OIDC auth provider without mapping, and as the code is largely
refactored, it makes sense to merge it back so to maintain a single OIDC manager. -
Enhancement #2698: Make capabilities endpoint public, authenticate users is present
-
Enhancement #2813: Support custom mimetypes in the WOPI appprovider driver
Similarly to the storage provider, also the WOPI appprovider driver now supports custom mime
types. Also fixed a small typo. -
Enhancement #2515: Enabling tracing by default if not explicitly disabled
-
Enhancement #160: Implement the CS3 Lock API in the EOS storage driver
-
Enhancement #2686: Features for favorites xattrs in EOS, cache for scope expansion
-
Enhancement #2494: Use sys ACLs for file permissions
-
Enhancement #2522: Introduce events
This will introduce events into the system. Events are a simple way to bring information from
one service to another. Readpkg/events/exampleand subfolders for more information -
Enhancement #2685: Enable federated account access
-
Enhancement #2801: Use functional options for client gRPC connections
This will add more ability to configure the client side gRPC connections.
-
Enhancement #2921: Use standard header for checksums
On HEAD requests, we currently expose checksums (when available) using the
ownCloud-specific header, which is typically consumed by the sync clients.This patch adds the standard Digest header using the standard format detailed at
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Digest. This is e.g. used
by GFAL/Rucio clients in the context of managed transfers of datasets. -
Enhancement #2480: Group based capabilities
We can now return specific capabilities for users who belong to certain configured groups.
-
Enhancement #1787: Add support for HTTP TPC
We have added support for HTTP Third Party Copy. This allows remote data transfers between
storages managed by either two different reva servers, or a reva server and a Grid
(WLCG/ESCAPE) site server.Such remote transfers are expected to be driven by
GFAL, the underlying library used by
FTS, and Rucio.In addition, the oidcmapping package has been refactored to support the standard OIDC use
cases as well when no mapping is defined. -
Enhancement #2560: Mentix PromSD extensions
The Mentix Prometheus SD scrape targets are now split into one file per service type, making
health checks configuration easier. Furthermore, the local file connector for mesh data and
the site registration endpoint have been dropped, as they aren't needed any...
v2.5.1
Changelog for reva 2.5.1 (2022-06-08)
The following sections list the changes in reva 2.5.1 relevant to
reva users. The changes are ordered by importance.
Summary
Details
v2.5.0
Changelog for reva 2.5.0 (2022-06-07)
The following sections list the changes in reva 2.5.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2909: The decomposedfs now checks the GetPath permission
- Fix #2899: Empty meta requests should return body
- Fix #2928: Fix mkcol response code
- Fix #2907: Correct share jail child aggregation
- Fix #3810: Fix unlimitted quota in spaces
- Fix #3498: Check user permissions before updating/removing public shares
- Fix #2904: Share jail now works properly when accessed as a space
- Fix #2903: User owncloudsql now uses the correct userid
- Chg #2920: Clean up the propfind code
- Chg #2913: Rename ocs parameter "space_ref"
- Enh #2919: EOS Spaces implementation
- Enh #2888: Introduce spaces field mask
- Enh #2922: Refactor webdav error handling
Details
-
Bugfix #2909: The decomposedfs now checks the GetPath permission
After fixing the meta endpoint and introducing the fieldmask the GetPath call is made directly
to the storageprovider. The decomposedfs now checks if the current user actually has the
permission to get the path. Before the two previous PRs this was covered by the list storage
spaces call which used a stat request and the stat permission. -
Bugfix #2899: Empty meta requests should return body
Meta requests with no resourceID should return a multistatus response body with a 404 part.
-
Bugfix #2928: Fix mkcol response code
We now return the correct response code when an mkcol fails.
-
Bugfix #2907: Correct share jail child aggregation
We now add up the size of all mount points when aggregating the size for a child with the same name.
Furthermore, the listing should no longer contain duplicate entries. -
Bugfix #3810: Fix unlimitted quota in spaces
Fixed the quota check when unlimitting a space, i.e. when setting the quota to "0".
-
Bugfix #3498: Check user permissions before updating/removing public shares
Added permission checks before updating or deleting public shares. These methods previously
didn't enforce the users permissions. -
Bugfix #2904: Share jail now works properly when accessed as a space
When accessing shares via the virtual share jail we now build correct relative references
before forwarding the requests to the correct storage provider. -
Bugfix #2903: User owncloudsql now uses the correct userid
-
Change #2920: Clean up the propfind code
Cleaned up the ocdav propfind code to make it more readable.
-
Change #2913: Rename ocs parameter "space_ref"
We decided to deprecate the parameter "space_ref". We decided to use "space" parameter
instead. The difference is that "space" must not contain a "path". The "path" parameter can be
used in combination with "space" to create a relative path request -
Enhancement #2919: EOS Spaces implementation
-
Enhancement #2888: Introduce spaces field mask
We now use a field mask to select which properties to retrieve when looking up storage spaces.
This allows the gateway to only ask forrootwhen trying to forward id or path based requests. -
Enhancement #2922: Refactor webdav error handling
We made more webdav handlers return a status code and error to unify error rendering
v2.4.1
Changelog for reva 2.4.1 (2022-05-24)
The following sections list the changes in reva 2.4.1 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2891: Add missing http status code
Details
v2.4.0
Changelog for reva 2.4.0 (2022-05-24)
The following sections list the changes in reva 2.4.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2854: Handle non uuid space and nodeid in decomposedfs
- Fix #2853: Filter CS3 share manager listing
- Fix #2868: Actually remove blobs when purging
- Fix #2882: Fix FileUploaded event being emitted too early
- Fix #2848: Fix storage id in the references in the ItemTrashed events
- Fix #2852: Fix rcbox dependency on reva 1.18
- Fix #3505: Fix creating a new file with wopi
- Fix #2885: Move stat out of usershareprovider
- Fix #2883: Fix role consideration when updating a share
- Fix #2864: Fix Grant Space IDs
- Fix #2870: Update quota calculation
- Fix #2876: Fix version number in status page
- Fix #2829: Don't include versions in quota
- Chg #2856: Do not allow to edit disabled spaces
- Enh #3741: Add download endpoint to ocdav versions API
- Enh #2884: Show mounted shares in virtual share jail root
- Enh #2792: Use storageproviderid for spaces routing
Details
-
Bugfix #2854: Handle non uuid space and nodeid in decomposedfs
The decomposedfs no longer panics when trying to look up spaces with a non uuid length id.
-
Bugfix #2853: Filter CS3 share manager listing
The cs3 share manager driver now correctly filters user and group queries
-
Bugfix #2868: Actually remove blobs when purging
Blobs were not being deleted properly on purge. Now if a folder gets purged all its children will
be deleted -
Bugfix #2882: Fix FileUploaded event being emitted too early
We fixed a problem where the FileUploaded event was emitted before the upload had actually
finished. -
Bugfix #2848: Fix storage id in the references in the ItemTrashed events
-
Bugfix #2852: Fix rcbox dependency on reva 1.18
The cbox package no longer depends on reva 1.18.
-
Bugfix #3505: Fix creating a new file with wopi
Fixed a bug in the appprovider which prevented creating new files.
-
Bugfix #2885: Move stat out of usershareprovider
The sharesstorageprovider now only stats the acceptet shares when necessary.
-
Bugfix #2883: Fix role consideration when updating a share
Previously when updating a share the endpoint only considered the permissions, now this also
respects a given role. -
Bugfix #2864: Fix Grant Space IDs
The opaqueID for a grant space was incorrectly overwritten with the root space id.
-
Bugfix #2870: Update quota calculation
We now render the
freeanddefinitionquota properties, taking into account the remaining
bytes reported from the storage space and calculatingrelativeonly when possible. -
Bugfix #2876: Fix version number in status page
We needed to undo the version number changes on the status page to keep compatibility for legacy
clients. We added a new fieldproductversionfor the actual version of the product. -
Bugfix #2829: Don't include versions in quota
Fixed the quota check to not count the quota of previous versions.
-
Change #2856: Do not allow to edit disabled spaces
Previously managers could still upload to disabled spaces. This is now forbidden
-
Enhancement #3741: Add download endpoint to ocdav versions API
Added missing endpoints to the ocdav versions API. This enables downloads of previous file
versions. -
Enhancement #2884: Show mounted shares in virtual share jail root
The virtual share jail now shows the mounted shares to allow the desktop client to sync that
collection. -
Enhancement #2792: Use storageproviderid for spaces routing
We made the spaces registry aware of storageprovider ids and use them to route directly to the
correct storageprovider
v2.3.1
Changelog for reva 2.3.1 (2022-05-08)
The following sections list the changes in reva 2.3.1 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #2827: Check permissions when deleting spaces
- Fix #2830: Correctly render response when accepting merged shares
- Fix #2831: Fix uploads to owncloudsql storage when no mtime is provided
- Enh #2833: Make status.php values configurable
- Enh #2832: Add version option for ocdav go-micro service
Details
-
Bugfix #2827: Check permissions when deleting spaces
Do not allow viewers and editors to delete a space (you need to be manager) Block deleting a space
via dav service (should use graph to avoid accidental deletes) -
Bugfix #2830: Correctly render response when accepting merged shares
We now only return the data for the accepted share instead of concatenating data for all
affected shares. -
Bugfix #2831: Fix uploads to owncloudsql storage when no mtime is provided
We've fixed uploads to owncloudsql storage when no mtime is provided. We now just use the
current timestamp. Previously the upload did fail. -
Enhancement #2833: Make status.php values configurable
We've added an option to set the status values for
product,productname,version,
versionstringandedition. -
Enhancement #2832: Add version option for ocdav go-micro service
We've added an option to set a version for the ocdav go-micro registry. This enables you to set a
version queriable by from the go-micro registry.