@@ -1310,6 +1310,65 @@ func (fs *eosfs) convertToFileReference(ctx context.Context, eosFileInfo *eoscli
 	return info, nil
 }
 
+// permissionSet returns the permission set for the current user
+func (fs *eosfs) permissionSet(ctx context.Context, owner *userpb.UserId) *provider.ResourcePermissions {
+	u, ok := user.ContextGetUser(ctx)
+	if !ok {
+		return &provider.ResourcePermissions{
+			// no permissions
+		}
+	}
+	if u.Id == nil {
+		return &provider.ResourcePermissions{
+			// no permissions
+		}
+	}
+	if u.Id.OpaqueId == owner.OpaqueId && u.Id.Idp == owner.Idp {
+		return &provider.ResourcePermissions{
+			// owner has all permissions
+			AddGrant:             true,
+			CreateContainer:      true,
+			Delete:               true,
+			GetPath:              true,
+			GetQuota:             true,
+			InitiateFileDownload: true,
+			InitiateFileUpload:   true,
+			ListContainer:        true,
+			ListFileVersions:     true,
+			ListGrants:           true,
+			ListRecycle:          true,
+			Move:                 true,
+			PurgeRecycle:         true,
+			RemoveGrant:          true,
+			RestoreFileVersion:   true,
+			RestoreRecycleItem:   true,
+			Stat:                 true,
+			UpdateGrant:          true,
+		}
+	}
+	// TODO fix permissions for share recipients by traversing reading acls up to the root? cache acls for the parent node and reuse it
+	return &provider.ResourcePermissions{
+		AddGrant:             true,
+		CreateContainer:      true,
+		Delete:               true,
+		GetPath:              true,
+		GetQuota:             true,
+		InitiateFileDownload: true,
+		InitiateFileUpload:   true,
+		ListContainer:        true,
+		ListFileVersions:     true,
+		ListGrants:           true,
+		ListRecycle:          true,
+		Move:                 true,
+		PurgeRecycle:         true,
+		RemoveGrant:          true,
+		RestoreFileVersion:   true,
+		RestoreRecycleItem:   true,
+		Stat:                 true,
+		UpdateGrant:          true,
+	}
+}
+
 func (fs *eosfs) convert(ctx context.Context, eosFileInfo *eosclient.FileInfo) (*provider.ResourceInfo, error) {
 	path, err := fs.unwrap(ctx, eosFileInfo.File)
 	if err != nil {
@@ -1321,28 +1380,28 @@ func (fs *eosfs) convert(ctx context.Context, eosFileInfo *eosclient.FileInfo) (
 		size = eosFileInfo.TreeSize
 	}
 
-	username, err := fs.getUserIDGateway(ctx, strconv.FormatUint(eosFileInfo.UID, 10))
+	owner, err := fs.getUserIDGateway(ctx, strconv.FormatUint(eosFileInfo.UID, 10))
 	if err != nil {
 		log := appctx.GetLogger(ctx)
 		log.Warn().Uint64("uid", eosFileInfo.UID).Msg("could not lookup userid, leaving empty")
-		username = &userpb.UserId{}
+		owner = &userpb.UserId{}
 	}
 
 	info := &provider.ResourceInfo{
 		Id:            &provider.ResourceId{OpaqueId: fmt.Sprintf("%d", eosFileInfo.Inode)},
 		Path:          path,
-		Owner:         username,
+		Owner:         owner,
 		Etag:          fmt.Sprintf("\"%s\"", strings.Trim(eosFileInfo.ETag, "\"")),
 		MimeType:      mime.Detect(eosFileInfo.IsDir, path),
 		Size:          size,
-		PermissionSet: &provider.ResourcePermissions{ListContainer: true, CreateContainer: true},
+		PermissionSet: fs.permissionSet(ctx, owner),
 		Mtime: &types.Timestamp{
 			Seconds: eosFileInfo.MTimeSec,
 			Nanos:   eosFileInfo.MTimeNanos,
 		},
 		Opaque: &types.Opaque{
 			Map: map[string]*types.OpaqueEntry{
-				"eos": &types.OpaqueEntry{
+				"eos": {
 					Decoder: "json",
 					Value:   fs.getEosMetadata(eosFileInfo),
 				},

@@ -252,6 +252,65 @@ func (fs *localfs) isShareFolderChild(ctx context.Context, p string) bool {
 	return len(vals) > 1 && vals[1] != ""
 }
 
+// permissionSet returns the permission set for the current user
+func (fs *localfs) permissionSet(ctx context.Context, owner *userpb.UserId) *provider.ResourcePermissions {
+	u, ok := user.ContextGetUser(ctx)
+	if !ok {
+		return &provider.ResourcePermissions{
+			// no permissions
+		}
+	}
+	if u.Id == nil {
+		return &provider.ResourcePermissions{
+			// no permissions
+		}
+	}
+	if u.Id.OpaqueId == owner.OpaqueId && u.Id.Idp == owner.Idp {
+		return &provider.ResourcePermissions{
+			// owner has all permissions
+			AddGrant:             true,
+			CreateContainer:      true,
+			Delete:               true,
+			GetPath:              true,
+			GetQuota:             true,
+			InitiateFileDownload: true,
+			InitiateFileUpload:   true,
+			ListContainer:        true,
+			ListFileVersions:     true,
+			ListGrants:           true,
+			ListRecycle:          true,
+			Move:                 true,
+			PurgeRecycle:         true,
+			RemoveGrant:          true,
+			RestoreFileVersion:   true,
+			RestoreRecycleItem:   true,
+			Stat:                 true,
+			UpdateGrant:          true,
+		}
+	}
+	// TODO fix permissions for share recipients by traversing reading acls up to the root? cache acls for the parent node and reuse it
+	return &provider.ResourcePermissions{
+		AddGrant:             true,
+		CreateContainer:      true,
+		Delete:               true,
+		GetPath:              true,
+		GetQuota:             true,
+		InitiateFileDownload: true,
+		InitiateFileUpload:   true,
+		ListContainer:        true,
+		ListFileVersions:     true,
+		ListGrants:           true,
+		ListRecycle:          true,
+		Move:                 true,
+		PurgeRecycle:         true,
+		RemoveGrant:          true,
+		RestoreFileVersion:   true,
+		RestoreRecycleItem:   true,
+		Stat:                 true,
+		UpdateGrant:          true,
+	}
+}
+
 func (fs *localfs) normalize(ctx context.Context, fi os.FileInfo, fn string, mdKeys []string) (*provider.ResourceInfo, error) {
 	fp := fs.unwrap(ctx, path.Join("/", fn))
 	owner, err := getUser(ctx)
@@ -279,7 +338,7 @@ func (fs *localfs) normalize(ctx context.Context, fi os.FileInfo, fn string, mdK
 		Etag:          calcEtag(ctx, fi),
 		MimeType:      mime.Detect(fi.IsDir(), fp),
 		Size:          uint64(fi.Size()),
-		PermissionSet: &provider.ResourcePermissions{ListContainer: true, CreateContainer: true},
+		PermissionSet: fs.permissionSet(ctx, owner.Id),
 		Mtime: &types.Timestamp{
 			Seconds: uint64(fi.ModTime().Unix()),
 		},

@@ -781,14 +781,6 @@ apiWebdavProperties2/getFileProperties.feature:402
 apiWebdavProperties2/getFileProperties.feature:403
 #
 # https://github.com/owncloud/ocis-reva/issues/217 Some failing tests with Webdav custom properties
-apiWebdavProperties2/getFileProperties.feature:415
-apiWebdavProperties2/getFileProperties.feature:416
-#
-# https://github.com/owncloud/ocis-reva/issues/217 Some failing tests with Webdav custom properties
-apiWebdavProperties2/getFileProperties.feature:428
-apiWebdavProperties2/getFileProperties.feature:429
-#
-# https://github.com/owncloud/ocis-reva/issues/217 Some failing tests with Webdav custom properties
 apiWebdavProperties2/getFileProperties.feature:441
 apiWebdavProperties2/getFileProperties.feature:442
 #

@@ -355,13 +355,6 @@ apiShareOperationsToShares/gettingSharesSharedFilteredEmpty.feature:61
 apiShareOperationsToShares/gettingSharesSharedFilteredEmpty.feature:79
 apiShareOperationsToShares/gettingSharesSharedFilteredEmpty.feature:80
 #
-# https://github.com/owncloud/ocis-reva/issues/47 cannot get ocs:share-permissions via WebDAV
-#
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:23
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:24
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:142
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:143
-#
 # https://github.com/owncloud/ocis-reva/issues/282 Split old public API webdav tests from new public webdav tests
 # https://github.com/owncloud/ocis-reva/issues/292 Public link enforce permissions
 # https://github.com/owncloud/ocis/issues/187 Previews via webDAV API tests fail on OCIS
@@ -393,9 +386,7 @@ apiSharePublicLink1/changingPublicLinkShare.feature:244
 # https://github.com/owncloud/ocis/issues/723 upload-only public link does not refer to files-drop page, nor are the permissions enforced
 #
 apiSharePublicLink1/changingPublicLinkShare.feature:267
-apiSharePublicLink1/changingPublicLinkShare.feature:278
 apiSharePublicLink1/changingPublicLinkShare.feature:289
-apiSharePublicLink1/changingPublicLinkShare.feature:300
 apiSharePublicLink1/createPublicLinkShare.feature:34
 apiSharePublicLink1/createPublicLinkShare.feature:35
 apiSharePublicLink1/createPublicLinkShare.feature:183
@@ -409,12 +400,8 @@ apiSharePublicLink1/createPublicLinkShare.feature:371
 #
 # https://github.com/owncloud/ocis-reva/issues/12 Range Header is not obeyed when downloading a file
 #
-apiSharePublicLink1/createPublicLinkShare.feature:63
-apiSharePublicLink1/createPublicLinkShare.feature:64
 apiSharePublicLink1/createPublicLinkShare.feature:95
 apiSharePublicLink1/createPublicLinkShare.feature:96
-apiSharePublicLink1/createPublicLinkShare.feature:245
-apiSharePublicLink1/createPublicLinkShare.feature:246
 apiSharePublicLink1/createPublicLinkShare.feature:276
 apiSharePublicLink1/createPublicLinkShare.feature:277
 #
@@ -427,8 +414,6 @@ apiSharePublicLink1/createPublicLinkShare.feature:156
 #
 # https://github.com/owncloud/ocis-reva/issues/41 various sharing settings cannot be set
 #
-apiSharePublicLink1/createPublicLinkShare.feature:389
-apiSharePublicLink1/createPublicLinkShare.feature:390
 apiSharePublicLink1/createPublicLinkShare.feature:410
 apiSharePublicLink1/createPublicLinkShare.feature:411
 apiSharePublicLink1/createPublicLinkShare.feature:431
@@ -505,11 +490,6 @@ apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:158
 apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:179
 apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:180
 #
-# https://github.com/owncloud/ocis-reva/issues/292 Public link enforce permissions
-#
-apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:97
-apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:98
-#
 # https://github.com/owncloud/product/issues/272 [OCIS] old public webdav api doesnt works
 #
 apiSharePublicLink2/reShareAsPublicLinkToSharesOldDav.feature:30
@@ -545,12 +525,9 @@ apiSharePublicLink2/updatePublicLinkShare.feature:440
 #
 # https://github.com/owncloud/ocis-reva/issues/292 Public link enforce permissions
 #
-apiSharePublicLink2/updatePublicLinkShare.feature:461
-apiSharePublicLink2/updatePublicLinkShare.feature:462
 apiSharePublicLink2/updatePublicLinkShare.feature:486
 apiSharePublicLink2/updatePublicLinkShare.feature:487
 apiSharePublicLink2/uploadToPublicLinkShare.feature:9
-apiSharePublicLink2/uploadToPublicLinkShare.feature:74
 apiSharePublicLink2/uploadToPublicLinkShare.feature:83
 apiSharePublicLink2/uploadToPublicLinkShare.feature:103
 apiSharePublicLink2/uploadToPublicLinkShare.feature:121
@@ -568,8 +545,6 @@ apiSharePublicLink2/uploadToPublicLinkShare.feature:273
 #
 # https://github.com/owncloud/ocis-reva/issues/290 Accessing non-existing public link should return 404, not 500
 #
-apiSharePublicLink2/uploadToPublicLinkShare.feature:62
-apiSharePublicLink2/uploadToPublicLinkShare.feature:63
 apiSharePublicLink2/uploadToPublicLinkShare.feature:66
 #
 # https://github.com/owncloud/ocis-reva/issues/195 Set quota over settings
@@ -1219,10 +1194,6 @@ apiWebdavProperties2/getFileProperties.feature:327
 apiWebdavProperties2/getFileProperties.feature:328
 apiWebdavProperties2/getFileProperties.feature:376
 apiWebdavProperties2/getFileProperties.feature:377
-apiWebdavProperties2/getFileProperties.feature:415
-apiWebdavProperties2/getFileProperties.feature:416
-apiWebdavProperties2/getFileProperties.feature:428
-apiWebdavProperties2/getFileProperties.feature:429
 apiWebdavProperties2/getFileProperties.feature:441
 apiWebdavProperties2/getFileProperties.feature:442
 apiWebdavProperties2/getFileProperties.feature:454
@@ -1351,11 +1322,6 @@ apiShareOperationsToShares/gettingShares.feature:168
 #
 apiSharePublicLink2/multilinkSharing.feature:181
 #
-# https://github.com/owncloud/ocis/issues/762 path and other information are not shown if a share does not have "read" permission
-#
-apiShareOperationsToShares/uploadToShare.feature:64
-apiShareOperationsToShares/uploadToShare.feature:65
-#
 # https://github.com/owncloud/product/issues/293 sharing with group not available
 #
 apiShareOperationsToShares/uploadToShare.feature:39
@@ -1786,8 +1752,6 @@ apiShareManagementToShares/moveReceivedShare.feature:70
 apiShareManagementToShares/moveReceivedShare.feature:71
 apiShareManagementToShares/moveReceivedShare.feature:73
 apiShareManagementToShares/moveReceivedShare.feature:88
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:38
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:39
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:59
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:60
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:73
@@ -1798,8 +1762,6 @@ apiShareOperationsToShares/getWebDAVSharePermissions.feature:108
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:109
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:129
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:130
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:157
-apiShareOperationsToShares/getWebDAVSharePermissions.feature:158
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:177
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:178
 apiShareOperationsToShares/getWebDAVSharePermissions.feature:191
@@ -2234,13 +2196,6 @@ apiWebdavUploadTUS/uploadFile.feature:156
 apiShareManagementBasicToShares/createShareToSharesFolder.feature:632
 apiShareManagementBasicToShares/createShareToSharesFolder.feature:633
 
-# https://github.com/owncloud/ocis/issues/1126 share owner cannot delete other user's files
-apiShareUpdateToShares/updateShare.feature:384
-apiShareUpdateToShares/updateShare.feature:385
-
 # https://github.com/owncloud/ocis/issues/541 Deletion time in trash bin shows a wrong date
 apiTrashbin/trashbinFilesFolders.feature:284
-apiTrashbin/trashbinFilesFolders.feature:285
-
-# https://github.com/owncloud/ocis/issues/763 reading a file that a collaborator uploaded is impossible
-apiShareOperationsToShares/uploadToShare.feature:280
+apiTrashbin/trashbinFilesFolders.feature:285
@@ -47,7 +47,7 @@ chunk_folder = "/var/tmp/reva/chunks"
 # for eos we need to rewrite the path
 # TODO strip the username from the path so the CS3 namespace can be mounted
 # at the files/<username> endpoint? what about migration? separate reva instance
-files_namespace = "/oc"
+files_namespace = "/users"
 
 # similar to the dav/files endpoint we can configure a prefix for the old webdav endpoint
 # we use the old webdav endpoint to present the cs3 namespace

@@ -58,7 +58,7 @@ home_provider = "/home"
 "/home" = "localhost:12000"
 
 # mount a storage provider without a path wrapper for direct access to users.
-"/oc" = "localhost:11000"
+"/users" = "localhost:11000"
 "123e4567-e89b-12d3-a456-426655440000" = "localhost:11000"
 # another mount point might be "/projects/"
 

@@ -22,29 +22,32 @@ address = "0.0.0.0:12000"
 # this is where clients can find it
 # the context path wrapper reads tho username from the context and prefixes the relative storage path with it
 [grpc.services.storageprovider]
-driver = "owncloud"
+driver = "ocis"
 mount_path = "/home"
 mount_id = "123e4567-e89b-12d3-a456-426655440000"
 expose_data_server = true
-data_server_url = "http://revad-services:12001/data"
+data_server_url = "http://localhost:12001/data"
 enable_home_creation = true
 
-[grpc.services.storageprovider.drivers.owncloud]
-datadirectory = "/var/tmp/reva/data"
+[grpc.services.storageprovider.drivers.ocis]
+root = "/var/tmp/reva/data"
 enable_home = true
-redis = "localhost:6379"
-userprovidersvc = "localhost:18000"
+treetime_accounting = true
+treesize_accounting = true
+#user_layout = 
+# do we need owner for users?
+#owner = 95cb8724-03b2-11eb-a0a6-c33ef8ef53ad 
 
 
 [http]
 address = "0.0.0.0:12001"
 
 [http.services.dataprovider]
-driver = "owncloud"
+driver = "ocis"
 temp_folder = "/var/tmp/reva/tmp"
 
-[http.services.dataprovider.drivers.owncloud]
-datadirectory = "/var/tmp/reva/data"
+[http.services.dataprovider.drivers.ocis]
+root = "/var/tmp/reva/data"
 enable_home = true
-redis = "localhost:6379"
-userprovidersvc = "localhost:18000"
+treetime_accounting = true
+treesize_accounting = true
@@ -14,25 +14,27 @@ address = "0.0.0.0:11000"
 # This is a storage provider that grants direct access to the wrapped storage
 # we have a locally running dataprovider
 [grpc.services.storageprovider]
-driver = "owncloud"
-mount_path = "/oc"
+driver = "ocis"
+mount_path = "/users"
 mount_id = "123e4567-e89b-12d3-a456-426655440000"
 expose_data_server = true
-data_server_url = "http://revad-services:11001/data"
+data_server_url = "http://localhost:11001/data"
 
-[grpc.services.storageprovider.drivers.owncloud]
-datadirectory = "/var/tmp/reva/data"
-redis = "localhost:6379"
-userprovidersvc = "localhost:18000"
+[grpc.services.storageprovider.drivers.ocis]
+root = "/var/tmp/reva/data"
+enable_home = false
+treetime_accounting = true
+treesize_accounting = true
 
 [http]
 address = "0.0.0.0:11001"
 
 [http.services.dataprovider]
-driver = "owncloud"
+driver = "ocis"
 temp_folder = "/var/tmp/reva/tmp"
 
-[http.services.dataprovider.drivers.owncloud]
-datadirectory = "/var/tmp/reva/data"
-redis = "localhost:6379"
-userprovidersvc = "localhost:18000"
+[http.services.dataprovider.drivers.ocis]
+root = "/var/tmp/reva/data"
+enable_home = false
+treetime_accounting = true
+treesize_accounting = true