v2.6.1

Changelog for reva 2.6.1 (2022-06-27)

The following sections list the changes in reva 2.6.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2998: Fix 0-byte-uploads
• Enh #3983: Add capability for alias links
• Enh #3000: Make less stat requests
• Enh #3003: Distinguish GRPC FAILED_PRECONDITION and ABORTED codes
• Enh #3005: Remove unused HomeMapping variable

Details

• Bugfix #2998: Fix 0-byte-uploads

  We fixed a problem with 0-byte uploads by using TouchFile instead of going through TUS
  (decomposedfs and owncloudsql storage drivers only for now).

  #2998

• Enhancement #3983: Add capability for alias links

  For better UX clients need a way to discover if alias links are supported by the server. We added a
  capability under "files_sharing/public/alias"

  owncloud/ocis#3983
  #2991

• Enhancement #3000: Make less stat requests

  The /dav/spaces endpoint now constructs a reference instead of making a lookup grpc call,
  reducing the number of requests.

  #3000

• Enhancement #3003: Distinguish GRPC FAILED_PRECONDITION and ABORTED codes

  Webdav distinguishes between 412 precondition failed for if match errors for locks or etags,
  uses 405 Method Not Allowed when trying to MKCOL an already existing collection and 409
  Conflict when intermediate collections are missing.

  The CS3 GRPC status codes are modeled after
  https://github.com/googleapis/googleapis/blob/master/google/rpc/code.proto. When
  trying to use the error codes to distinguish these cases on a storageprovider CreateDir call we
  can map ALREADY_EXISTS to 405, FAILED_PRECONDITION to 409 and ABORTED to 412.

  Unfortunately, we currently use and map FAILED_PRECONDITION to 412. I assume, because the
  naming is very similar to PreconditionFailed. However the GRPC docs are very clear that
  ABORTED should be used, specifically mentioning etags and locks.

  With this PR we internally clean up the usage in the decomposedfs and mapping in the ocdav
  handler.

  #3003
  #3010

• Enhancement #3005: Remove unused HomeMapping variable

  We have removed the unused HomeMapping variable from the gateway.

  #3005

v2.6.0

Changelog for reva 2.6.0 (2022-06-21)

The following sections list the changes in reva 2.6.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2985: Make stat requests route based on storage providerid
• Fix #2987: Let archiver handle all error codes
• Fix #2994: Fix errors when loading shares
• Fix #2996: Do not close share dump channels
• Fix #2993: Remove unused configuration
• Fix #2950: Fix sharing with space ref
• Fix #2991: Make sharesstorageprovider get accepted share
• Chg #2877: Enable resharing
• Chg #2984: Update CS3Apis
• Enh #3753: Add executant to the events
• Enh #2820: Instrument GRPC and HTTP requests with OTel
• Enh #2975: Leverage shares space storageid and type when listing shares
• Enh #3882: Explicitly return on ocdav move requests with body
• Enh #2932: Stat accepted shares mountpoints, configure existing share updates
• Enh #2944: Improve owncloudsql connection management
• Enh #2962: Per service TracerProvider
• Enh #2911: Allow for dumping and loading shares
• Enh #2938: Sharpen tooling

Details

• Bugfix #2985: Make stat requests route based on storage providerid

  The gateway now uses a filter mask to only fetch the root id of a space for stat requests. This
  allows the spaces registry to determine the responsible storage provider without querying
  the storageproviders.

  #2985

• Bugfix #2987: Let archiver handle all error codes

  We fixed the archiver handler to handle all error codes

  #2987

• Bugfix #2994: Fix errors when loading shares

  We fixed a bug where loading shares and associated received shares ran into issues when
  handling them simultaneously.

  #2994

• Bugfix #2996: Do not close share dump channels

  We no longer close the channels when dumping shares, it's the responsibility of the caller.

  #2996

• Bugfix #2993: Remove unused configuration

  We've fixed removed unused configuration:

  • insecure from the dataprovider - timeout from the dataprovider - tmp_folder from the
    storageprovider

  #2993

• Bugfix #2950: Fix sharing with space ref

  We've fixed a bug where share requests with path attribute present ignored the space_ref
  attribute. We now give the space_ref attribute precedence over the path attribute.

  #2950

• Bugfix #2991: Make sharesstorageprovider get accepted share

  The sharesstorageprovider now gets an accepted share instead of filtering all shares.

  #2991

• Change #2877: Enable resharing

  This will allow resharing of files. - All Viewers and Editors are now able to reshare files and
  folders - One can still edit their own shares, even when loosing share permissions - Viewers and
  Editors in a space are not affected

  #2877

• Change #2984: Update CS3Apis

  Updated the CS3Apis to make use of field_mask and pagination for list requests.

  #2984

• Enhancement #3753: Add executant to the events

  Added the executant field to all events.

  owncloud/ocis#3753
  #2945

• Enhancement #2820: Instrument GRPC and HTTP requests with OTel

  We've added the enduser.id tag to the HTTP and GRPC requests. We've fixed the tracer names.
  We've decorated the traces with the hostname.

  #2820

• Enhancement #2975: Leverage shares space storageid and type when listing shares

  The list shares call now also fills the storageid to allow the space registry to directly route
  requests to the correct storageprovider. The spaces registry will now also skip
  storageproviders that are not configured for a requested type, causing type 'personal'
  requests to skip the sharestorageprovider.

  #2975
  #2980

• Enhancement #3882: Explicitly return on ocdav move requests with body

  Added a check if a ocdav move request contains a body. If it does a 415 415 (Unsupported Media
  Type) will be returned.

  owncloud/ocis#3882
  #2974

• Enhancement #2932: Stat accepted shares mountpoints, configure existing share updates

  #2932

• Enhancement #2944: Improve owncloudsql connection management

  The owncloudsql storagedriver is now aware of the request context and will close db
  connections when http connections are closed or time out. We also increased the max number of
  open connections from 10 to 100 to prevent a corner case where all connections were used but idle
  connections were not freed.

  #2944

• Enhancement #2962: Per service TracerProvider

  To improve tracing we create separate TracerProviders per service now. This is especially
  helpful when running multiple reva services in a single process (like e.g. oCIS does).

  #2962
  #2978

• Enhancement #2911: Allow for dumping and loading shares

  We now have interfaces for dumpable and loadable share manages which can be used to migrate
  shares between share managers

  #2911

• Enhancement #2938: Sharpen tooling

  • We increased the linting timeout to 10min which caused some release builds to time out

  #2938

v1.19.0

Changelog for reva 1.19.0 (2022-06-16)

The following sections list the changes in reva 1.19.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2693: Support editnew actions from MS Office
• Fix #2588: Dockerfile.revad-ceph to use the right base image
• Fix #2216: Make hardcoded HTTP "insecure" options configurable
• Fix #2860: Use eos-all parent image
• Fix #2499: Removed check DenyGrant in resource permission
• Fix #2712: Update Dockerfile.revad.eos to not break the image
• Fix #2789: Minor fixes in cephfs and eosfs
• Fix #2285: Accept new userid idp format
• Fix #2608: Respect the tracing_service_name config variable
• Fix #2841: Refactors logger to have ctx
• Fix #2759: Made uid, gid claims parsing more robust in OIDC auth provider
• Fix #2842: Fix download action in SDK
• Fix #2555: Fix site accounts endpoints
• Fix #2675: Updates Makefile according to latest go standards
• Fix #2572: Wait for nats server on middleware start
• Chg #2596: Remove hash from public link urls
• Chg #2559: Do not encode webDAV ids to base64
• Chg #2561: Merge oidcmapping auth manager into oidc
• Enh #2698: Make capabilities endpoint public, authenticate users is present
• Enh #2813: Support custom mimetypes in the WOPI appprovider driver
• Enh #2515: Enabling tracing by default if not explicitly disabled
• Enh #160: Implement the CS3 Lock API in the EOS storage driver
• Enh #2686: Features for favorites xattrs in EOS, cache for scope expansion
• Enh #2494: Use sys ACLs for file permissions
• Enh #2522: Introduce events
• Enh #2685: Enable federated account access
• Enh #2801: Use functional options for client gRPC connections
• Enh #2921: Use standard header for checksums
• Enh #2480: Group based capabilities
• Enh #1787: Add support for HTTP TPC
• Enh #2560: Mentix PromSD extensions
• Enh #2613: Externalize custom mime types configuration for storage providers
• Enh #2163: Nextcloud-based share manager for pkg/ocm/share
• Enh #2696: Preferences driver refactor and cbox sql implementation
• Enh #2052: New CS3API datatx methods
• Enh #2738: Site accounts site-global settings
• Enh #2672: Further Site Accounts improvements
• Enh #2549: Site accounts improvements
• Enh #2488: Cephfs support keyrings with IDs
• Enh #2514: Reuse ocs role objects in other drivers
• Enh #2752: Refactor the rest user and group provider drivers
• Enh #2946: Make user share indicators read from the share provider service

Details

• Bugfix #2693: Support editnew actions from MS Office

  This fixes the incorrect behavior when creating new xlsx and pptx files, as MS Office supports
  the editnew action and it must be used for newly created files instead of the normal edit action.

  #2693

• Bugfix #2588: Dockerfile.revad-ceph to use the right base image

  In Aug2021 https://hub.docker.com/r/ceph/daemon-base was moved to quay.ceph.io and the
  builds for this image were failing for some weeks after January.

  #2588

• Bugfix #2216: Make hardcoded HTTP "insecure" options configurable

  HTTP "insecure" options must be configurable and default to false.

  #2216

• Bugfix #2860: Use eos-all parent image

  #2860

• Bugfix #2499: Removed check DenyGrant in resource permission

  When adding a denial permission

  #2499

• Bugfix #2712: Update Dockerfile.revad.eos to not break the image

  #2712

• Bugfix #2789: Minor fixes in cephfs and eosfs

  #2789

• Bugfix #2285: Accept new userid idp format

  The format for userid idp changed and
  this broke the ocmd
  tutorial
  This PR makes the provider authorizer interceptor accept both the old and the new string
  format.

  #2285
  #2285
  See
  and

• Bugfix #2608: Respect the tracing_service_name config variable

  #2608

• Bugfix #2841: Refactors logger to have ctx

  This fixes the native library loggers which are not associated with the context and thus are not
  handled properly in the reva runtime.

  #2841

• Bugfix #2759: Made uid, gid claims parsing more robust in OIDC auth provider

  This fix makes sure the uid and gid claims are defined at init time, and that the necessary
  typecasts are performed correctly when authenticating users. A comment was added that in case
  the uid/gid claims are missing AND that no mapping takes place, a user entity is returned with
  uid = gid = 0.

  #2759

• Bugfix #2842: Fix download action in SDK

  The download action was no longer working in the SDK (used by our testing probes); this PR fixes
  the underlying issue.

  #2842

• Bugfix #2555: Fix site accounts endpoints

  This PR fixes small bugs in the site accounts endpoints.

  #2555

• Bugfix #2675: Updates Makefile according to latest go standards

  Earlier, we were using go get to install packages. Now, we are using go install to install
  packages

  #2675
  #2747

• Bugfix #2572: Wait for nats server on middleware start

  Use a retry mechanism to connect to the nats server when it is not ready yet

  #2572

• Change #2596: Remove hash from public link urls

  Public link urls do not contain the hash anymore, this is needed to support the ocis and web
  history mode.

  #2596
  owncloud/ocis#3109
  owncloud/web#6363

• Change #2559: Do not encode webDAV ids to base64

  We removed the base64 encoding of the IDs and use the format ! with a !
  delimiter. As a reserved delimiter it is URL safe. The IDs will be XML and JSON encoded as
  necessary.

  #2559

• Change #2561: Merge oidcmapping auth manager into oidc

  The oidcmapping auth manager was created as a separate package to ease testing. As it has now
  been tested also as a pure OIDC auth provider without mapping, and as the code is largely
  refactored, it makes sense to merge it back so to maintain a single OIDC manager.

  #2561

• Enhancement #2698: Make capabilities endpoint public, authenticate users is present

  #2698

• Enhancement #2813: Support custom mimetypes in the WOPI appprovider driver

  Similarly to the storage provider, also the WOPI appprovider driver now supports custom mime
  types. Also fixed a small typo.

  #2813

• Enhancement #2515: Enabling tracing by default if not explicitly disabled

  #2515

• Enhancement #160: Implement the CS3 Lock API in the EOS storage driver

  cs3org/cs3apis#160
  #2444

• Enhancement #2686: Features for favorites xattrs in EOS, cache for scope expansion

  #2686

• Enhancement #2494: Use sys ACLs for file permissions

  #2494

• Enhancement #2522: Introduce events

  This will introduce events into the system. Events are a simple way to bring information from
  one service to another. Read pkg/events/example and subfolders for more information

  #2522

• Enhancement #2685: Enable federated account access

  #2685

• Enhancement #2801: Use functional options for client gRPC connections

  This will add more ability to configure the client side gRPC connections.

  #2801

• Enhancement #2921: Use standard header for checksums

  On HEAD requests, we currently expose checksums (when available) using the
  ownCloud-specific header, which is typically consumed by the sync clients.

  This patch adds the standard Digest header using the standard format detailed at
  https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Digest. This is e.g. used
  by GFAL/Rucio clients in the context of managed transfers of datasets.

  #2921

• Enhancement #2480: Group based capabilities

  We can now return specific capabilities for users who belong to certain configured groups.

  #2480

• Enhancement #1787: Add support for HTTP TPC

  We have added support for HTTP Third Party Copy. This allows remote data transfers between
  storages managed by either two different reva servers, or a reva server and a Grid
  (WLCG/ESCAPE) site server.

  Such remote transfers are expected to be driven by
  GFAL, the underlying library used by
  FTS, and Rucio.

  In addition, the oidcmapping package has been refactored to support the standard OIDC use
  cases as well when no mapping is defined.

  #1787
  #2007

• Enhancement #2560: Mentix PromSD extensions

  The Mentix Prometheus SD scrape targets are now split into one file per service type, making
  health checks configuration easier. Furthermore, the local file connector for mesh data and
  the site registration endpoint have been dropped, as they aren't needed any...

v2.5.1

Changelog for reva 2.5.1 (2022-06-08)

The following sections list the changes in reva 2.5.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2931: Allow listing share jail space
• Fix #3704: Fix propfinds with depth 0

Details

• Bugfix #2931: Allow listing share jail space

  Clients can now list the share jail content via PROPFIND /dav/spaces/{sharejailid}

  #2931

• Bugfix #3704: Fix propfinds with depth 0

  Fixed the response for propfinds with depth 0. The response now doesn't contain the shares jail
  anymore.

  owncloud/ocis#3704
  #2918

v2.5.0

Changelog for reva 2.5.0 (2022-06-07)

The following sections list the changes in reva 2.5.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2909: The decomposedfs now checks the GetPath permission
• Fix #2899: Empty meta requests should return body
• Fix #2928: Fix mkcol response code
• Fix #2907: Correct share jail child aggregation
• Fix #3810: Fix unlimitted quota in spaces
• Fix #3498: Check user permissions before updating/removing public shares
• Fix #2904: Share jail now works properly when accessed as a space
• Fix #2903: User owncloudsql now uses the correct userid
• Chg #2920: Clean up the propfind code
• Chg #2913: Rename ocs parameter "space_ref"
• Enh #2919: EOS Spaces implementation
• Enh #2888: Introduce spaces field mask
• Enh #2922: Refactor webdav error handling

Details

• Bugfix #2909: The decomposedfs now checks the GetPath permission

  After fixing the meta endpoint and introducing the fieldmask the GetPath call is made directly
  to the storageprovider. The decomposedfs now checks if the current user actually has the
  permission to get the path. Before the two previous PRs this was covered by the list storage
  spaces call which used a stat request and the stat permission.

  #2909

• Bugfix #2899: Empty meta requests should return body

  Meta requests with no resourceID should return a multistatus response body with a 404 part.

  #2899

• Bugfix #2928: Fix mkcol response code

  We now return the correct response code when an mkcol fails.

  #2928

• Bugfix #2907: Correct share jail child aggregation

  We now add up the size of all mount points when aggregating the size for a child with the same name.
  Furthermore, the listing should no longer contain duplicate entries.

  #2907

• Bugfix #3810: Fix unlimitted quota in spaces

  Fixed the quota check when unlimitting a space, i.e. when setting the quota to "0".

  owncloud/ocis#3810
  #2895

• Bugfix #3498: Check user permissions before updating/removing public shares

  Added permission checks before updating or deleting public shares. These methods previously
  didn't enforce the users permissions.

  owncloud/ocis#3498
  #3900

• Bugfix #2904: Share jail now works properly when accessed as a space

  When accessing shares via the virtual share jail we now build correct relative references
  before forwarding the requests to the correct storage provider.

  #2904

• Bugfix #2903: User owncloudsql now uses the correct userid

  #2903

• Change #2920: Clean up the propfind code

  Cleaned up the ocdav propfind code to make it more readable.

  #2920

• Change #2913: Rename ocs parameter "space_ref"

  We decided to deprecate the parameter "space_ref". We decided to use "space" parameter
  instead. The difference is that "space" must not contain a "path". The "path" parameter can be
  used in combination with "space" to create a relative path request

  #2913

• Enhancement #2919: EOS Spaces implementation

  #2919

• Enhancement #2888: Introduce spaces field mask

  We now use a field mask to select which properties to retrieve when looking up storage spaces.
  This allows the gateway to only ask for root when trying to forward id or path based requests.

  #2888

• Enhancement #2922: Refactor webdav error handling

  We made more webdav handlers return a status code and error to unify error rendering

  #2922

v2.4.1

Changelog for reva 2.4.1 (2022-05-24)

The following sections list the changes in reva 2.4.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2891: Add missing http status code

Details

• Bugfix #2891: Add missing http status code

  This Fix adds a missing status code to the InsufficientStorage error in reva, to allow tus to
  pass it through.

  #2891

v2.4.0

Changelog for reva 2.4.0 (2022-05-24)

The following sections list the changes in reva 2.4.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2854: Handle non uuid space and nodeid in decomposedfs
• Fix #2853: Filter CS3 share manager listing
• Fix #2868: Actually remove blobs when purging
• Fix #2882: Fix FileUploaded event being emitted too early
• Fix #2848: Fix storage id in the references in the ItemTrashed events
• Fix #2852: Fix rcbox dependency on reva 1.18
• Fix #3505: Fix creating a new file with wopi
• Fix #2885: Move stat out of usershareprovider
• Fix #2883: Fix role consideration when updating a share
• Fix #2864: Fix Grant Space IDs
• Fix #2870: Update quota calculation
• Fix #2876: Fix version number in status page
• Fix #2829: Don't include versions in quota
• Chg #2856: Do not allow to edit disabled spaces
• Enh #3741: Add download endpoint to ocdav versions API
• Enh #2884: Show mounted shares in virtual share jail root
• Enh #2792: Use storageproviderid for spaces routing

Details

• Bugfix #2854: Handle non uuid space and nodeid in decomposedfs

  The decomposedfs no longer panics when trying to look up spaces with a non uuid length id.

  #2854

• Bugfix #2853: Filter CS3 share manager listing

  The cs3 share manager driver now correctly filters user and group queries

  #2853

• Bugfix #2868: Actually remove blobs when purging

  Blobs were not being deleted properly on purge. Now if a folder gets purged all its children will
  be deleted

  #2868

• Bugfix #2882: Fix FileUploaded event being emitted too early

  We fixed a problem where the FileUploaded event was emitted before the upload had actually
  finished.

  #2882

• Bugfix #2848: Fix storage id in the references in the ItemTrashed events

  #2848

• Bugfix #2852: Fix rcbox dependency on reva 1.18

  The cbox package no longer depends on reva 1.18.

  #2852

• Bugfix #3505: Fix creating a new file with wopi

  Fixed a bug in the appprovider which prevented creating new files.

  owncloud/ocis#3505
  #2869

• Bugfix #2885: Move stat out of usershareprovider

  The sharesstorageprovider now only stats the acceptet shares when necessary.

  #2885

• Bugfix #2883: Fix role consideration when updating a share

  Previously when updating a share the endpoint only considered the permissions, now this also
  respects a given role.

  #2883

• Bugfix #2864: Fix Grant Space IDs

  The opaqueID for a grant space was incorrectly overwritten with the root space id.

  #2864

• Bugfix #2870: Update quota calculation

  We now render the free and definition quota properties, taking into account the remaining
  bytes reported from the storage space and calculating relative only when possible.

  #2870

• Bugfix #2876: Fix version number in status page

  We needed to undo the version number changes on the status page to keep compatibility for legacy
  clients. We added a new field productversion for the actual version of the product.

  #2876
  #2889

• Bugfix #2829: Don't include versions in quota

  Fixed the quota check to not count the quota of previous versions.

  owncloud/ocis#2829
  #2863

• Change #2856: Do not allow to edit disabled spaces

  Previously managers could still upload to disabled spaces. This is now forbidden

  #2856

• Enhancement #3741: Add download endpoint to ocdav versions API

  Added missing endpoints to the ocdav versions API. This enables downloads of previous file
  versions.

  owncloud/ocis#3741
  #2855

• Enhancement #2884: Show mounted shares in virtual share jail root

  The virtual share jail now shows the mounted shares to allow the desktop client to sync that
  collection.

  owncloud/ocis#3719
  #2884

• Enhancement #2792: Use storageproviderid for spaces routing

  We made the spaces registry aware of storageprovider ids and use them to route directly to the
  correct storageprovider

  #2792

v2.3.1

Changelog for reva 2.3.1 (2022-05-08)

The following sections list the changes in reva 2.3.1 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2827: Check permissions when deleting spaces
• Fix #2830: Correctly render response when accepting merged shares
• Fix #2831: Fix uploads to owncloudsql storage when no mtime is provided
• Enh #2833: Make status.php values configurable
• Enh #2832: Add version option for ocdav go-micro service

Details

• Bugfix #2827: Check permissions when deleting spaces

  Do not allow viewers and editors to delete a space (you need to be manager) Block deleting a space
  via dav service (should use graph to avoid accidental deletes)

  #2827

• Bugfix #2830: Correctly render response when accepting merged shares

  We now only return the data for the accepted share instead of concatenating data for all
  affected shares.

  #2830

• Bugfix #2831: Fix uploads to owncloudsql storage when no mtime is provided

  We've fixed uploads to owncloudsql storage when no mtime is provided. We now just use the
  current timestamp. Previously the upload did fail.

  #2831

• Enhancement #2833: Make status.php values configurable

  We've added an option to set the status values for product, productname, version,
  versionstring and edition.

  #2833

• Enhancement #2832: Add version option for ocdav go-micro service

  We've added an option to set a version for the ocdav go-micro registry. This enables you to set a
  version queriable by from the go-micro registry.

  #2832

v2.3.0

Changelog for reva 2.3.0 (2022-05-02)

The following sections list the changes in reva 2.3.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #2693: Support editnew actions from MS Office
• Fix #2588: Dockerfile.revad-ceph to use the right base image
• Fix #2499: Removed check DenyGrant in resource permission
• Fix #2285: Accept new userid idp format
• Fix #2802: Fix the resource id handling for space shares
• Fix #2800: Fix spaceid parsing in spaces trashbin API
• Fix #2608: Respect the tracing_service_name config variable
• Fix #2742: Use exact match in login filter
• Fix #2759: Made uid, gid claims parsing more robust in OIDC auth provider
• Fix #2788: Return the correct file IDs on public link resources
• Fix #2322: Use RFC3339 for parsing dates
• Fix #2784: Disable storageprovider cache for the share jail
• Fix #2555: Fix site accounts endpoints
• Fix #2675: Updates Makefile according to latest go standards
• Fix #2572: Wait for nats server on middleware start
• Chg #2735: Avoid user enumeration
• Chg #2737: Bump go-cs3api
• Chg #2763: Change the oCIS and S3NG storage driver blob store layout
• Chg #2596: Remove hash from public link urls
• Chg #2785: Implement workaround for chi.RegisterMethod
• Chg #2559: Do not encode webDAV ids to base64
• Chg #2740: Rename oc10 share manager driver
• Chg #2561: Merge oidcmapping auth manager into oidc
• Enh #2698: Make capabilities endpoint public, authenticate users is present
• Enh #2515: Enabling tracing by default if not explicitly disabled
• Enh #2686: Features for favorites xattrs in EOS, cache for scope expansion
• Enh #2494: Use sys ACLs for file permissions
• Enh #2522: Introduce events
• Enh #2811: Add event for created directories
• Enh #2798: Add additional fields to events to enable search
• Enh #2790: Fake providerids so API stays stable after beta
• Enh #2685: Enable federated account access
• Enh #1787: Add support for HTTP TPC
• Enh #2799: Add flag to enable unrestriced listing of spaces
• Enh #2560: Mentix PromSD extensions
• Enh #2741: Meta path for user
• Enh #2613: Externalize custom mime types configuration for storage providers
• Enh #2163: Nextcloud-based share manager for pkg/ocm/share
• Enh #2696: Preferences driver refactor and cbox sql implementation
• Enh #2052: New CS3API datatx methods
• Enh #2743: Add capability for public link single file edit
• Enh #2738: Site accounts site-global settings
• Enh #2672: Further Site Accounts improvements
• Enh #2549: Site accounts improvements
• Enh #2795: Add feature flags "projects" and "share_jail" to spaces capability
• Enh #2514: Reuse ocs role objects in other drivers
• Enh #2781: In memory user provider
• Enh #2752: Refactor the rest user and group provider drivers

Details

• Bugfix #2693: Support editnew actions from MS Office

  This fixes the incorrect behavior when creating new xlsx and pptx files, as MS Office supports
  the editnew action and it must be used for newly created files instead of the normal edit action.

  #2693

• Bugfix #2588: Dockerfile.revad-ceph to use the right base image

  In Aug2021 https://hub.docker.com/r/ceph/daemon-base was moved to quay.ceph.io and the
  builds for this image were failing for some weeks after January.

  #2588

• Bugfix #2499: Removed check DenyGrant in resource permission

  When adding a denial permission

  #2499

• Bugfix #2285: Accept new userid idp format

  The format for userid idp changed and
  this broke the ocmd
  tutorial
  This PR makes the provider authorizer interceptor accept both the old and the new string
  format.

  #2285
  #2285
  See
  and

• Bugfix #2802: Fix the resource id handling for space shares

  Adapt the space shares to the new id format.

  #2802

• Bugfix #2800: Fix spaceid parsing in spaces trashbin API

  Added proper space id parsing to the spaces trashbin API endpoint.

  #2800

• Bugfix #2608: Respect the tracing_service_name config variable

  #2608

• Bugfix #2742: Use exact match in login filter

  After the recent config changes the auth-provider was accidently using a substring match for
  the login filter. It's no fixed to use an exact match.

  #2742

• Bugfix #2759: Made uid, gid claims parsing more robust in OIDC auth provider

  This fix makes sure the uid and gid claims are defined at init time, and that the necessary
  typecasts are performed correctly when authenticating users. A comment was added that in case
  the uid/gid claims are missing AND that no mapping takes place, a user entity is returned with
  uid = gid = 0.

  #2759

• Bugfix #2788: Return the correct file IDs on public link resources

  Resources in public shares should return the real resourceids from the storage of the owner.

  #2788

• Bugfix #2322: Use RFC3339 for parsing dates

  We have used the RFC3339 format for parsing dates to be consistent with oC Web.

  #2322
  #2744

• Bugfix #2784: Disable storageprovider cache for the share jail

  The share jail should not be cached in the provider cache because it is a virtual collection of
  resources from different storage providers.

  #2784

• Bugfix #2555: Fix site accounts endpoints

  This PR fixes small bugs in the site accounts endpoints.

  #2555

• Bugfix #2675: Updates Makefile according to latest go standards

  Earlier, we were using go get to install packages. Now, we are using go install to install
  packages

  #2675
  #2747

• Bugfix #2572: Wait for nats server on middleware start

  Use a retry mechanism to connect to the nats server when it is not ready yet

  #2572

• Change #2735: Avoid user enumeration

  Sending PROPFIND requests to ../files/admin did return a different response than sending
  the same request to ../files/notexists. This allowed enumerating users. This response was
  changed to be the same always

  #2735

• Change #2737: Bump go-cs3api

  Bumped version of the go-cs3api

  #2737

• Change #2763: Change the oCIS and S3NG storage driver blob store layout

  We've optimized the oCIS and S3NG storage driver blob store layout.

  For the oCIS storage driver, blobs will now be stored inside the folder of a space, next to the
  nodes. This allows admins to easily archive, backup and restore spaces as a whole with UNIX
  tooling. We also moved from a single folder for blobs to multiple folders for blobs, to make the
  filesystem interactions more performant for large numbers of files.

  The previous layout on disk looked like this:

  partitioned space id | |-- nodes | |-- .. | |-- xx | |-- xx | |-- xx | |-- xx | |--
  -xxxx-xxxx-xxxx-xxxxxxxxxxxx <- partitioned node id |-- blobs |-- .. |--
  xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx <- blob id ```
  
  Now it looks like this:
  
  ```markdown |-- spaces | |-- .. | | |-- .. |-- xx |-- xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx <-
  partitioned space id |-- nodes | |-- .. | |-- xx | |-- xx | |-- xx | |-- xx | |--
  -xxxx-xxxx-xxxx-xxxxxxxxxxxx <- partitioned node id |-- blobs |-- .. |-- xx |-- xx |-- xx |-- xx
  |-- -xxxx-xxxx-xxxx-xxxxxxxxxxxx <- partitioned blob id ```
  
  For the S3NG storage driver, blobs will now be prefixed with the space id and also a part of the
  blob id will be used as prefix. This creates a better prefix partitioning and mitigates S3 api
  performance drops for large buckets
  (https://aws.amazon.com/de/premiumsupport/knowledge-center/s3-prefix-nested-folders-difference/).
  
  The previous S3 bucket (blobs only looked like this):
  
  ```markdown |-- .. |-- xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx <- blob id ```
  
  Now it looks like this:
  
  ```markdown |-- .. |-- xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx <- space id |-- .. |-- xx |-- xx
  |-- xx |-- xx |-- -xxxx-xxxx-xxxx-xxxxxxxxxxxx <- partitioned blob id ```
  
  https://github.com/owncloud/ocis/issues/3557
  https://github.com/cs3org/reva/pull/2763
  

• Change #2596: Remove hash from public link urls

  Public link urls do not contain the hash anymore, this is needed to support the ocis and web
  history mode.

  #2596
  owncloud/ocis#3109
  owncloud/web#6363

• Change #2785: Implement workaround for chi.RegisterMethod

  Implemented a workaround for chi.RegisterMethod because of a concurrent map read write
  issue. This needs to be fixed upstream in go-chi.

  #2785

• Change #2559: Do not encode webDAV ids to base64

  We removed the base64 encoding of the IDs and use the format ! with a !
  delimiter. As a reserved delimiter it is URL safe. The IDs will be XML and JSON encoded as
  necessary.

  #2559

• Change #2740: Rename oc10 share manager driver

  We aligned the oc10 SQL share manager driver name with all other owncloud spacific SQL drivers
  by renaming the package pkg/share/manager/sql to `pkg/...

v2.2.0

Changelog for reva 2.2.0 (2022-04-12)

The following sections list the changes in reva 2.2.0 relevant to
reva users. The changes are ordered by importance.

Summary

• Fix #3373: Fix the permissions attribute in propfind responses
• Fix #2721: Fix locking and public link scope checker to make the WOPI server work
• Fix #2668: Minor cleanup
• Fix #2692: Ensure that the host in the ocs config endpoint has no protocol
• Fix #2709: Decomposed FS: return precondition failed if already locked
• Chg #2687: Allow link with no or edit permission
• Chg #2658: Small clean up of the ocdav code
• Enh #2691: Decomposed FS: return a reference to the parent
• Enh #2708: Rework LDAP configuration of user and group providers
• Enh #2665: Add embeddable ocdav go micro service
• Enh #2715: Introduced quicklinks
• Enh #3370: Enable all spaces members to list public shares
• Enh #3370: Enable space members to list shares inside the space
• Enh #2717: Add definitions for user and group events

Details

• Bugfix #3373: Fix the permissions attribute in propfind responses

  Fixed the permissions that are returned when doing a propfind on a project space.

  owncloud/ocis#3373
  #2713

• Bugfix #2721: Fix locking and public link scope checker to make the WOPI server work

  We've fixed the locking implementation to use the CS3api instead of the temporary opaque
  values. We've fixed the scope checker on public links to allow the OpenInApp actions.

  These fixes have been done to use the cs3org/wopiserver with REVA edge.

  #2721

• Bugfix #2668: Minor cleanup

  • The chunk_folder config option is unused - Prevent a panic when looking up spaces

  #2668

• Bugfix #2692: Ensure that the host in the ocs config endpoint has no protocol

  We've fixed the host info in the ocs config endpoint so that it has no protocol, as ownCloud 10
  doesn't have it.

  #2692
  owncloud/ocis#3113

• Bugfix #2709: Decomposed FS: return precondition failed if already locked

  We've fixed the return code from permission denied to precondition failed if a user tries to
  lock an already locked file.

  #2709

• Change #2687: Allow link with no or edit permission

  Allow the creation of links with no permissions. These can be used to navigate to a file that a
  user has access to. Allow setting edit permission on single file links (create and delete are
  still blocked) Introduce endpoint to get information about a given token

  #2687

• Change #2658: Small clean up of the ocdav code

  Cleaned up the ocdav code to make it more readable and in one case a bit faster.

  #2658

• Enhancement #2691: Decomposed FS: return a reference to the parent

  We've implemented the changes from cs3org/cs3apis#167 in the DecomposedFS, so that a stat on a
  resource always includes a reference to the parent of the resource.

  #2691

• Enhancement #2708: Rework LDAP configuration of user and group providers

  We reworked to LDAP configuration of the LDAP user and group provider to share a common
  configuration scheme. Additionally the LDAP configuration no longer relies on templating
  LDAP filters in the configuration which is error prone and can be confusing. Additionally the
  providers are now somewhat more flexible about the group membership schema. Instead of only
  supporting RFC2307 (posixGroup) style groups. It's now possible to also use standard LDAP
  groups (groupOfName/groupOfUniqueNames) which track group membership by DN instead of
  username (the behaviour is switched automatically depending on the group_objectclass
  setting).

  The new LDAP configuration basically looks this:

  insecure=true user_base_dn="ou=testusers,dc=owncloud,dc=com"
  group_base_dn="ou=testgroups,dc=owncloud,dc=com" user_filter=""
  user_objectclass="posixAccount" group_filter="" group_objectclass="posixGroup"
  bind_username="cn=admin,dc=owncloud,dc=com" bind_password="admin"
  idp="http://localhost:20080"
  
  [grpc.services.userprovider.drivers.ldap.user_schema] id="entryuuid"
  displayName="displayName" userName="cn"
  
  [grpc.services.userprovider.drivers.ldap.group_schema] id="entryuuid"
  displayName="cn" groupName="cn" member="memberUID" ```
  
  `uri` defines the LDAP URI of the destination Server
  
  `insecure` allows to disable TLS Certifictate Validation (for development setups)
  
  `user_base_dn`/`group_base_dn` define the search bases for users and groups
  
  `user_filter`/`group_filter` allow to define additional LDAP filter of users and groups.
  This could be e.g. `(objectclass=owncloud)` to match for an additional objectclass.
  
  `user_objectclass`/`group_objectclass` define the main objectclass of Users and Groups.
  These are used to construct the LDAP filters
  
  `bind_username`/`bind_password` contain the authentication information for the LDAP
  connections
  
  The `user_schema` and `group_schema` sections define the mapping from CS3 user/group
  attributes to LDAP Attributes
  
  https://github.com/cs3org/reva/issues/2122
  https://github.com/cs3org/reva/issues/2124
  https://github.com/cs3org/reva/pull/2708
  

• Enhancement #2665: Add embeddable ocdav go micro service

  The new pkg/micro/ocdav package implements a go micro compatible version of the ocdav
  service.

  #2665

• Enhancement #2715: Introduced quicklinks

  We now support Quicklinks. When creating a link with flag "quicklink=true", no new link will be
  created when a link already exists.

  #2715

• Enhancement #3370: Enable all spaces members to list public shares

  Enhanced the json and cs3 public share manager so that it lists shares in spaces for all members.

  owncloud/ocis#3370
  #2697

• Enhancement #3370: Enable space members to list shares inside the space

  If there are shared resources in a space then all members are allowed to see those shares. The
  json share manager was enhanced to check if the user is allowed to see a share by checking the
  grants on a resource.

  owncloud/ocis#3370
  #2674
  #2710

• Enhancement #2717: Add definitions for user and group events

  Enhance the events package with definitions for user and group events.

  #2717
  #2724