enhancement: make use of unifiedrole from the graph invitation endpoi…

…nt, applying multiple roles works and result in a merged cs3 permission set (#7751)
owncloud · Nov 23, 2023 · 9da5b4b · 9da5b4b
1 parent 75a8c81
commit 9da5b4b
Show file tree

Hide file tree

Showing 85 changed files with 108 additions and 108 deletions.
diff --git a/apis/grpc_apis/ocis/messages/eventhistory/v0/grpc.md b/apis/grpc_apis/ocis/messages/eventhistory/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.eventhistory.v0"
 url: /apis/grpc_apis/ocis_messages_eventhistory_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/messages/policies/v0/grpc.md b/apis/grpc_apis/ocis/messages/policies/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.policies.v0"
 url: /apis/grpc_apis/ocis_messages_policies_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/messages/search/v0/grpc.md b/apis/grpc_apis/ocis/messages/search/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.search.v0"
 url: /apis/grpc_apis/ocis_messages_search_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/messages/settings/v0/grpc.md b/apis/grpc_apis/ocis/messages/settings/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.settings.v0"
 url: /apis/grpc_apis/ocis_messages_settings_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/messages/store/v0/grpc.md b/apis/grpc_apis/ocis/messages/store/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.store.v0"
 url: /apis/grpc_apis/ocis_messages_store_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/messages/thumbnails/v0/grpc.md b/apis/grpc_apis/ocis/messages/thumbnails/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.thumbnails.v0"
 url: /apis/grpc_apis/ocis_messages_thumbnails_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/eventhistory/v0/grpc.md b/apis/grpc_apis/ocis/services/eventhistory/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.eventhistory.v0"
 url: /apis/grpc_apis/ocis_services_eventhistory_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/policies/v0/grpc.md b/apis/grpc_apis/ocis/services/policies/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.policies.v0"
 url: /apis/grpc_apis/ocis_services_policies_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/search/v0/grpc.md b/apis/grpc_apis/ocis/services/search/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.search.v0"
 url: /apis/grpc_apis/ocis_services_search_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/settings/v0/grpc.md b/apis/grpc_apis/ocis/services/settings/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.settings.v0"
 url: /apis/grpc_apis/ocis_services_settings_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/store/v0/grpc.md b/apis/grpc_apis/ocis/services/store/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.store.v0"
 url: /apis/grpc_apis/ocis_services_store_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/apis/grpc_apis/ocis/services/thumbnails/v0/grpc.md b/apis/grpc_apis/ocis/services/thumbnails/v0/grpc.md
@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.thumbnails.v0"
 url: /apis/grpc_apis/ocis_services_thumbnails_v0
-date: 2023-11-23T09:38:00Z
+date: 2023-11-23T13:20:03Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

diff --git a/services/_includes/adoc/antivirus_configvars.adoc b/services/_includes/adoc/antivirus_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the antivirus service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/app-provider_configvars.adoc b/services/_includes/adoc/app-provider_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the app-provider service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/app-registry_configvars.adoc b/services/_includes/adoc/app-registry_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the app-registry service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/audit_configvars.adoc b/services/_includes/adoc/audit_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the audit service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/auth-basic_configvars.adoc b/services/_includes/adoc/auth-basic_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the auth-basic service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -263,7 +263,7 @@ LDAP DN to use for simple bind authentication with the target LDAP server.
 a|`OCIS_LDAP_BIND_PASSWORD` +
 `LDAP_BIND_PASSWORD` +
 `AUTH_BASIC_LDAP_BIND_PASSWORD` +
-xref:deprecation-note-2023-11-23-09-38-17[Deprecation Note]
+xref:deprecation-note-2023-11-23-13-20-30[Deprecation Note]
 a| [subs=-attributes]
 ++string ++
 a| [subs=-attributes]

diff --git a/services/_includes/adoc/auth-bearer_configvars.adoc b/services/_includes/adoc/auth-bearer_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the auth-bearer service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/auth-machine_configvars.adoc b/services/_includes/adoc/auth-machine_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the auth-machine service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/auth-service_configvars.adoc b/services/_includes/adoc/auth-service_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the auth-service service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/clientlog_configvars.adoc b/services/_includes/adoc/clientlog_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the clientlog service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/eventhistory_configvars.adoc b/services/_includes/adoc/eventhistory_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the eventhistory service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/frontend_configvars.adoc b/services/_includes/adoc/frontend_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the frontend service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/gateway_configvars.adoc b/services/_includes/adoc/gateway_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the gateway service
 [width="100%",cols="~,~,~,~",options="header"]

diff --git a/services/_includes/adoc/global_configvars.adoc b/services/_includes/adoc/global_configvars.adoc
@@ -129,7 +129,7 @@ a| [subs=-attributes]
 ++0 ++
 
 a| [subs=-attributes]
-The maximum quantity of items in the cache. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default.
+The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default.
 
 a| `OCIS_CACHE_STORE`
 
@@ -198,10 +198,10 @@ a| [subs=-attributes]
 ++Duration ++
 
 a| [subs=-attributes]
-++10m0s ++
+++336h0m0s ++
 
 a| [subs=-attributes]
-Default time to live for entries in the cache. Only applied when access tokens has no expiration. See the Environment Variable Types description for more details.
+Time to live for cache records in the graph. Defaults to '336h' (2 weeks). See the Environment Variable Types description for more details.
 
 a| `OCIS_CORS_ALLOW_CREDENTIALS`
 
@@ -248,7 +248,7 @@ a| [subs=-attributes]
 ++[]string ++
 
 a| [subs=-attributes]
-++[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id] ++
+++[Authorization Origin Content-Type Accept X-Requested-With X-Request-Id Purge Restore] ++
 
 a| [subs=-attributes]
 A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at \https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details.
@@ -362,7 +362,7 @@ a| [subs=-attributes]
 ++false ++
 
 a| [subs=-attributes]
-Set this option to 'true' to disable rendering of thumbnails triggered via webdav access. Note that when disabled, all access to preview related webdav paths will return a 404.
+Set this option to 'true' to disable previews in all the different web file listing views. This can speed up file listings in folders with many files. The only list view that is not affected by this setting is the trash bin, as it does not allow previewing at all.
 
 a| `OCIS_EDITION`
 
@@ -419,7 +419,7 @@ a| [subs=-attributes]
 ++ocis-cluster ++
 
 a| [subs=-attributes]
-The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.
+The clusterID of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Mandatory when using NATS as event system.
 
 a| `OCIS_EVENTS_ENABLE_TLS`
 
@@ -447,7 +447,7 @@ a| [subs=-attributes]
 ++false ++
 
 a| [subs=-attributes]
-Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services..
+Enable TLS for the connection to the events broker. The events broker is the ocis service which receives and delivers events between the services.
 
 a| `OCIS_EVENTS_ENDPOINT`
 
@@ -474,7 +474,7 @@ a| [subs=-attributes]
 ++127.0.0.1:9233 ++
 
 a| [subs=-attributes]
-The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture. Set to a empty string to disable emitting events.
+The address of the event system. The event system is the message queuing service. It is used as message broker for the microservice architecture.
 
 a| `OCIS_EVENTS_TLS_ROOT_CA_CERTIFICATE`
 
@@ -500,7 +500,7 @@ a| [subs=-attributes]
 ++ ++
 
 a| [subs=-attributes]
-The root CA certificate used to validate the server's TLS certificate. If provided GRAPH_EVENTS_TLS_INSECURE will be seen as false.
+The root CA certificate used to validate the server's TLS certificate. If provided ANTIVIRUS_EVENTS_TLS_INSECURE will be seen as false.
 
 a| `OCIS_GRPC_CLIENT_TLS_CACERT`
 
@@ -1533,7 +1533,7 @@ a| [subs=-attributes]
 ++ ++
 
 a| [subs=-attributes]
-Machine auth API key used to validate internal requests necessary to access resources from other services.
+The machine auth API key used to validate internal requests necessary to access resources from other services.
 
 a| `OCIS_OIDC_ISSUER`
 
@@ -1554,7 +1554,7 @@ a| [subs=-attributes]
 ++https://localhost:9200 ++
 
 a| [subs=-attributes]
-URL of the OIDC issuer. It defaults to URL of the builtin IDP.
+The identity provider value to set in the group IDs of the CS3 group objects for groups returned by this group provider.
 
 a| `OCIS_PERSISTENT_STORE`
 
@@ -1602,7 +1602,7 @@ a| [subs=-attributes]
 ++0 ++
 
 a| [subs=-attributes]
-The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived and used from the ocmem package though no explicit default was set.
+The maximum quantity of items in the store. Only applies when store type 'ocmem' is configured. Defaults to 512 which is derived from the ocmem package though not exclicitely set as default.
 
 a| `OCIS_PERSISTENT_STORE_TTL`
 
@@ -1678,10 +1678,10 @@ a| [subs=-attributes]
 ++string ++
 
 a| [subs=-attributes]
-++service-user-id ++
+++ ++
 
 a| [subs=-attributes]
-The ID of the service account having the admin role. See the 'auth-service' service description for more details.
+The ID of the service account the service should use. See the 'auth-service' service description for more details.
 
 a| `OCIS_SERVICE_ACCOUNT_SECRET`
 
@@ -1718,7 +1718,7 @@ a| [subs=-attributes]
 ++false ++
 
 a| [subs=-attributes]
-Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares. If not using the global OCIS_SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD, you must define the FRONTEND_OCS_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD in the frontend service.
+Set this to true if you want to enforce passwords on Uploader, Editor or Contributor shares.
 
 a| `OCIS_SPACES_MAX_QUOTA`
 
@@ -2016,7 +2016,7 @@ a| [subs=-attributes]
 ++ ++
 
 a| [subs=-attributes]
-Transfer secret for signing file up- and download requests.
+The storage transfer secret.
 
 a| `OCIS_TRANSLATION_PATH`
 

diff --git a/services/_includes/adoc/graph_configvars.adoc b/services/_includes/adoc/graph_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the graph service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -488,7 +488,7 @@ LDAP DN to use for simple bind authentication with the target LDAP server.
 a|`OCIS_LDAP_BIND_PASSWORD` +
 `LDAP_BIND_PASSWORD` +
 `GRAPH_LDAP_BIND_PASSWORD` +
-xref:deprecation-note-2023-11-23-09-38-17[Deprecation Note]
+xref:deprecation-note-2023-11-23-13-20-30[Deprecation Note]
 a| [subs=-attributes]
 ++string ++
 a| [subs=-attributes]

diff --git a/services/_includes/adoc/groups_configvars.adoc b/services/_includes/adoc/groups_configvars.adoc
@@ -4,7 +4,7 @@
 
 ifeval::[{show-deprecation} == true]
 
-[#deprecation-note-2023-11-23-09-38-17]
+[#deprecation-note-2023-11-23-13-20-30]
 [caption=]
 .Deprecation notes for the groups service
 [width="100%",cols="~,~,~,~",options="header"]
@@ -263,7 +263,7 @@ LDAP DN to use for simple bind authentication with the target LDAP server.
 a|`OCIS_LDAP_BIND_PASSWORD` +
 `LDAP_BIND_PASSWORD` +
 `GROUPS_LDAP_BIND_PASSWORD` +
-xref:deprecation-note-2023-11-23-09-38-17[Deprecation Note]
+xref:deprecation-note-2023-11-23-13-20-30[Deprecation Note]
 a| [subs=-attributes]
 ++string ++
 a| [subs=-attributes]