mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-18 11:28:48 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into search

Browse Source
This commit is contained in:
Jörn Friedrich Dreyer
2022-04-22 09:45:06 +00:00
parent 1e5a9e90ff 1fa61006a1
commit 190ee68c95
89 changed files with 3319 additions and 486 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.codacy.yml
View File

@@ -15,5 +15,6 @@ exclude_paths:
- 'deployments/**'
- 'tests/acceptance/expected-failures-*.md'
- 'tests/acceptance/features/bootstrap/**'
- 'tests/TestHelpers/**'
...

1
.dockerignore
View File

@@ -1,7 +1,6 @@
.bingo
!.bingo/*.mod
!.bingo/Variables.mk
**/.git
**/bin
docs
**/node_modules

2
.drone.env
View File

@@ -1,5 +1,5 @@
# The test runner source for API tests
CORE_COMMITID=8d336099571f9218e09ba5ddf0eb30b19cab7d4f
CORE_COMMITID=f5e36e21b45c96ba90ff6e47787effebad96d0eb
CORE_BRANCH=master
# The test runner source for UI tests

135
.drone.star
View File

@@ -18,7 +18,7 @@ OC_CI_NODEJS = "owncloudci/nodejs:%s"
OC_CI_PHP = "owncloudci/php:%s"
OC_CI_WAIT_FOR = "owncloudci/wait-for:latest"
OC_CS3_API_VALIDATOR = "owncloud/cs3api-validator:latest"
OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.4.0"
OC_OC_TEST_MIDDLEWARE = "owncloud/owncloud-test-middleware:1.4.1"
OC_SERVER = "owncloud/server:10"
OC_UBUNTU = "owncloud/ubuntu:18.04"
OSIXIA_OPEN_LDAP = "osixia/openldap:latest"
@@ -106,6 +106,12 @@ config = {
"cron": "nightly",
},
},
"graphApiTests": {
"skip": False,
"earlyFali": False,
"numberOfParts": 10,
"skipExceptParts": [],
},
"rocketchat": {
"channel": "ocis-internal",
"from_secret": "private_rocketchat",
@@ -291,6 +297,9 @@ def testPipelines(ctx):
if "skip" not in config["parallelApiTests"] or not config["parallelApiTests"]["skip"]:
pipelines += parallelDeployAcceptancePipeline(ctx)
if "skip" not in config["graphApiTests"] or not config["graphApiTests"]["skip"]:
pipelines += graphApiAcceptancePipeline(ctx)
return pipelines
def testOcisModule(ctx, module):
@@ -1609,6 +1618,62 @@ def notify(ctx):
},
}
def ocisServerWithIdp():
environment = {
"GRAPH_IDENTITY_BACKEND": "ldap",
"GRAPH_LDAP_SERVER_WRITE_ENABLED": "true",
"LDAP_URI": "ldaps://0.0.0.0:9235",
"LDAP_INSECURE": "true",
"LDAP_BIND_DN": "uid=libregraph,ou=sysusers,o=libregraph-idm",
"LDAP_BIND_PASSWORD": "idm",
"LDAP_USER_BASE_DN": "ou=users,o=libregraph-idm",
"LDAP_USER_SCHEMA_ID": "ownclouduuid",
"LDAP_USER_SCHEMA_MAIL": "mail",
"LDAP_USER_SCHEMA_USERNAME": "uid",
"LDAP_USER_OBJECTCLASS": "inetOrgPerson",
"LDAP_GROUP_BASE_DN": "ou=groups,o=libregraph-idm",
"LDAP_GROUP_SCHEMA_ID": "ownclouduuid",
"LDAP_GROUP_SCHEMA_MAIL": "mail",
"LDAP_GROUP_SCHEMA_GROUPNAME": "cn",
"LDAP_GROUP_SCHEMA_MEMBER": "member",
"LDAP_GROUP_OBJECTCLASS": "groupOfNames",
"IDP_INSECURE": "true",
"IDP_LDAP_BIND_DN": "uid=idp,ou=sysusers,o=libregraph-idm",
"IDP_LDAP_BIND_PASSWORD": "idp",
"IDP_LDAP_BASE_DN": "ou=users,o=libregraph-idm",
"IDP_LDAP_LOGIN_ATTRIBUTE": "uid",
"PROXY_ACCOUNT_BACKEND_TYPE": "cs3",
"PROXY_ENABLE_BASIC_AUTH": "true",
"STORAGE_LDAP_BIND_DN": "uid=reva,ou=sysusers,o=libregraph-idm",
"STORAGE_LDAP_BIND_PASSWORD": "reva",
"OCS_ACCOUNT_BACKEND_TYPE": "cs3",
"OCIS_RUN_EXTENSIONS": "settings,storage-metadata,graph,graph-explorer,ocs,store,thumbnails,web,webdav,storage-frontend,storage-gateway,storage-userprovider,storage-groupprovider,storage-authbasic,storage-authbearer,storage-authmachine,storage-users,storage-shares,storage-public-link,storage-appprovider,storage-sharing,proxy,idp,nats,idm,ocdav",
"OCIS_LOG_LEVEL": "error",
"OCIS_INSECURE": "true",
"OCIS_URL": "https://ocis-server:9200",
}
return [
{
"name": "ocis-server",
"image": OC_CI_ALPINE,
"detach": True,
"environment": environment,
"commands": [
"ocis/bin/ocis server",
],
"volumes": [stepVolumeOC10Tests],
"depends_on": [],
},
{
"name": "wait-for-ocis-server",
"image": OC_CI_WAIT_FOR,
"commands": [
"wait-for -it ocis-server:9200 -t 300",
],
"depends_on": [],
},
]
def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = [], testing_parallel_deploy = False):
if not testing_parallel_deploy:
user = "0:0"
@@ -2415,6 +2480,74 @@ def parallelDeploymentOC10Server():
},
]
def graphApiAcceptancePipeline(ctx):
pipelines = []
debugParts = config["graphApiTests"]["skipExceptParts"]
debugPartsEnabled = (len(debugParts) != 0)
for runPart in range(1, config["graphApiTests"]["numberOfParts"] + 1):
if (not debugPartsEnabled or (debugPartsEnabled and runPart in debugParts)):
pipelines.append(
graphApiTests(ctx, runPart, config["graphApiTests"]["numberOfParts"]),
)
return pipelines
def graphApiTests(ctx, part_number = 1, number_of_parts = 1):
storage = "ocis"
early_fail = config["graphApiTests"]["earlyFail"] if "earlyFail" in config["graphApiTests"] else False
filterTags = "~@skipOnGraph&&~@skipOnOcis&&~@notToImplementOnOCIS&&~@toImplementOnOCIS&&~comments-app-required&&~@federation-app-required&&~@notifications-app-required&&~systemtags-app-required&&~@local_storage&&~@skipOnOcis-OCIS-Storage&&~@issue-ocis-3023"
expectedFailuresFile = "/drone/src/tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md"
return {
"kind": "pipeline",
"type": "docker",
"name": "Graph-Core-API-Tests-%s-storage-%s" % (storage, part_number),
"platform": {
"os": "linux",
"arch": "amd64",
},
"steps": skipIfUnchanged(ctx, "acceptance-tests") +
restoreBuildArtifactCache(ctx, "ocis-binary-amd64", "ocis/bin/ocis") +
ocisServerWithIdp() +
cloneCoreRepos() + [
{
"name": "Graph-oC10ApiTests-%s-storage-%s" % (storage, part_number),
"image": OC_CI_PHP % DEFAULT_PHP_VERSION,
"environment": {
"TEST_WITH_GRAPH_API": "true",
"PATH_TO_OCIS": "/drone/src",
"PATH_TO_CORE": "/srv/app/testrunner",
"TEST_SERVER_URL": "https://ocis-server:9200",
"SKELETON_DIR": "/srv/app/tmp/testing/data/apiSkeleton",
"OCIS_SKELETON_STRATEGY": "upload",
"TEST_OCIS": "true",
"SEND_SCENARIO_LINE_REFERENCES": "true",
"STORAGE_DRIVER": storage,
"BEHAT_FILTER_TAGS": filterTags,
"DIVIDE_INTO_NUM_PARTS": number_of_parts,
"RUN_PART": part_number,
"UPLOAD_DELETE_WAIT_TIME": 0,
"EXPECTED_FAILURES_FILE": expectedFailuresFile,
},
"commands": [
"cd /srv/app/testrunner",
"make test-acceptance-api",
],
"volumes": [stepVolumeOC10Tests],
},
] + failEarly(ctx, early_fail),
"depends_on": getPipelineNames([buildOcisBinaryForTesting(ctx)]),
"trigger": {
"ref": [
"refs/heads/master",
"refs/tags/v*",
"refs/pull/**",
],
},
"volumes": [pipelineVolumeOC10Tests],
}
def ldapService():
return [{
"name": "openldap",

46
CHANGELOG.md
View File

@@ -6,10 +6,18 @@ The following sections list the changes for unreleased.
## Summary
* Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483)
* Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787)
## Details
* Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483)
The ocs API was just exiting with a fatal error on any update request, when configured for the cs3
backend. Now it returns a proper error.
https://github.com/owncloud/ocis/issues/3483
* Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787)
It is now possible to share a single file by link with edit permissions. Therefore we need a
@@ -22,7 +30,7 @@ The following sections list the changes for unreleased.
The following sections list the changes for 1.20.0.
[1.20.0]: https://github.com/owncloud/ocis/compare/v1.19.0...v1.20.0
[1.20.0]: https://github.com/owncloud/ocis/compare/v1.19.1...v1.20.0
## Summary
@@ -190,11 +198,28 @@ The following sections list the changes for 1.20.0.
Group member remove
https://github.com/owncloud/ocis/pull/3467
# Changelog for [1.19.1] (2022-03-29)
The following sections list the changes for 1.19.1.
[1.19.1]: https://github.com/owncloud/ocis/compare/v1.19.0...v1.19.1
## Summary
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
## Details
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
URLs for Special items (space image, readme) were broken.
https://github.com/owncloud/ocis/pull/3419
# Changelog for [1.19.0] (2022-03-29)
The following sections list the changes for 1.19.0.
[1.19.0]: https://github.com/owncloud/ocis/compare/v1.19.1...v1.19.0
[1.19.0]: https://github.com/owncloud/ocis/compare/v1.18.0...v1.19.0
## Summary
@@ -363,23 +388,6 @@ The following sections list the changes for 1.19.0.
https://github.com/owncloud/ocis/pull/3291
https://github.com/owncloud/ocis/pull/3375
https://github.com/owncloud/web/releases/tag/v5.3.0
# Changelog for [1.19.1] (2022-03-29)
The following sections list the changes for 1.19.1.
[1.19.1]: https://github.com/owncloud/ocis/compare/v1.18.0...v1.19.1
## Summary
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
## Details
* Bugfix - Return correct special item urls: [#3419](https://github.com/owncloud/ocis/pull/3419)
URLs for Special items (space image, readme) were broken.
https://github.com/owncloud/ocis/pull/3419
# Changelog for [1.18.0] (2022-03-03)
The following sections list the changes for 1.18.0.

6
changelog/unreleased/ocs-cs3-fatal.md Normal file
View File

@@ -0,0 +1,6 @@
Bugfix: return proper errors when ocs/cloud/users is using the cs3 backend
The ocs API was just exiting with a fatal error on any update request,
when configured for the cs3 backend. Now it returns a proper error.
https://github.com/owncloud/ocis/issues/3483

5
composer.json
View File

@@ -4,7 +4,10 @@
"platform": {
"php": "7.2"
},
"vendor-dir": "./vendor-php"
"vendor-dir": "./vendor-php",
"allow-plugins": {
"bamarni/composer-bin-plugin": true
}
},
"require": {
},

4
deployments/examples/oc10_ocis_parallel/.env
View File

@@ -8,7 +8,7 @@ DEMO_USERS=false
### Traefik settings ###
TRAEFIK_LOG_LEVEL=
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -48,7 +48,7 @@ LDAP_ADMIN_PASSWORD=
LDAP_MANAGER_DOMAIN=
### Keycloak ###
# Domain of Keycloak, where you can find the managment and authentication frontend. Defaults to "keycloak.owncloud.test"
# Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test"
KEYCLOAK_DOMAIN=
# Realm which to be used with oCIS. Defaults to "oCIS"
KEYCLOAK_REALM=

2
deployments/examples/oc10_ocis_parallel/config/ldap/ldif/10_owncloud_schema.ldif
View File

@@ -6,5 +6,5 @@ objectClass: olcSchemaConfig
cn: owncloud
olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.1 NAME 'ownCloudQuota' DESC 'User Quota (e.g. 2 GB)' EQUALITY caseExactMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.2 NAME 'ownCloudUUID' DESC 'A non-reassignable and persistent account ID)' EQUALITY uuidMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.1.16.1 SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.3 NAME 'ownCloudSelector' DESC 'A selector attribute for a route in the ownCloud Infinte Scale proxy)' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcAttributeTypes: ( 1.3.6.1.4.1.39430.1.1.3 NAME 'ownCloudSelector' DESC 'A selector attribute for a route in the ownCloud Infinite Scale proxy)' EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE )
olcObjectClasses: ( 1.3.6.1.4.1.39430.1.2.1 NAME 'ownCloud' DESC 'ownCloud LDAP Schema' AUXILIARY MAY ( ownCloudQuota $ ownCloudUUID $ ownCloudSelector ) )

2
deployments/examples/oc10_ocis_parallel/config/oc10/10-custom-config.sh
View File

@@ -6,7 +6,7 @@ gomplate \
-f /etc/templates/oidc.config.php \
-o ${OWNCLOUD_VOLUME_CONFIG}/oidc.config.php
# we need at least version 2.1.0 of the oenidconnect app
# we need at least version 2.1.0 of the openidconnect app
occ market:upgrade --major openidconnect
occ app:enable openidconnect

2
deployments/examples/ocis_hello/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_individual_services/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_keycloak/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=false
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_ldap/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_s3/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_traefik/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

2
deployments/examples/ocis_wopi/.env
View File

@@ -7,7 +7,7 @@ INSECURE=true
DEMO_USERS=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=

38
docs/architecture/efficient-stat-polling.md
View File

@@ -16,7 +16,7 @@ What does ETag propagation mean? Whenever a file changes its content or metadata
{{<mermaid class="text-center">}}
graph TD
linkStyle default interpolate basis
subgraph final ETag propagation
ert3(( etag:N )) --- el3(( etag:O )) & er3(( etag:N ))
er3 --- erl3(( etag:O )) & err3(( etag:N ))
@@ -27,7 +27,7 @@ graph TD
er2 --- erl2(( etag:O )) & err2(( etag:N ))
end
subgraph initial file change
subgraph initial file change
ert(( etag:O )) --- el(( etag:O )) & er(( etag:O ))
er --- erl(( etag:O )) & err(( etag:N ))
end
@@ -48,9 +48,9 @@ graph TD
ec( client ) -->|"stat()"|ert
subgraph
subgraph
ert(( )) --- el(( )) & er(( ))
er --- erl(( )) & err(( ))
er --- erl(( )) & err(( ))
end
{{</mermaid>}}
@@ -65,21 +65,21 @@ graph TD
ec( client ) -->|"stat()"|ert
subgraph
subgraph
ert(( )) --- el(( )) & er(( ))
er --- erl(( )) & err(( ))
end
mc( client ) -->|"stat()"|mrt
subgraph
subgraph
mrt(( )) --- ml(( )) & mr(( ))
mr --- mrl(( )) & mrr(( ))
end
fc( client ) -->|"stat()"|frt
subgraph
subgraph
frt(( )) --- fl(( )) & fr(( ))
fr --- frl(( )) & frr(( ))
end
@@ -88,14 +88,14 @@ graph TD
## Sharing
*Storage providers* are responsible for persisting shares as close to the storage as possible.
One implementation may persist shares using ACLs, another might use custom extended attributes. The chosen implementation is storage specific and always a tradeoff between various requirements. Yet, the goal is to treat the storage provider as the single source of truth for all metadata.
One implementation may persist shares using ACLs, another might use custom extended attributes. The chosen implementation is storage specific and always a tradeoff between various requirements. Yet, the goal is to treat the storage provider as the single source of truth for all metadata.
If users can bypass the storage provider using eg. `ssh` additional mechanisms needs to make sure no inconsistencies arise:
If users can bypass the storage provider using e.g. `ssh` additional mechanisms needs to make sure no inconsistencies arise:
- the ETag must still be propagated in a tree, eg using inotify, a policy engine or workflows triggered by other means
- deleted files should land in the trash (eg. `rm` could be wrapped to move files to trash)
- deleted files should land in the trash (e.g. `rm` could be wrapped to move files to trash)
- overwriting files should create a new version ... other than a fuse fs I see no way of providing this for normal posix filesystems. Other storage backends that use the s3 protocol might provide versions natively.
The storage provider is also responsible for keeps track of references eg. using a shadow tree that users normally cannot see or representing them as symbolic links in the filesystem (Beware of symbolic link cycles. The clients are currently unaware of them and would flood the filesystem).
The storage provider is also responsible for keeps track of references e.g. using a shadow tree that users normally cannot see or representing them as symbolic links in the filesystem (Beware of symbolic link cycles. The clients are currently unaware of them and would flood the filesystem).
To prevent write amplification ETags must not propagate across references. When a file that was shared by einstein changes the ETag must not be propagated into any share recipients tree.
@@ -106,7 +106,7 @@ graph TD
ec( einsteins client ) -->|"stat()"|ert
subgraph
subgraph
ml --- mlr(( ))
mrt(( )) --- ml(( )) & mr(( ))
mr --- mrl(( )) & mrr(( ))
@@ -114,11 +114,11 @@ graph TD
mlr -. reference .-> er
subgraph
subgraph
ert(( )) --- el(( )) & er(( ))
er --- erl(( )) & err(( ))
end
mc( maries client ) -->|"stat()"|mrt
{{</mermaid>}}
@@ -151,14 +151,14 @@ graph TD
mvr --- mrt
fvr --- frt
subgraph
subgraph
ert(( )) --- el(( )) & er(( ))
er --- erl(( )) & err(( ))
end
mc( client ) -->|"stat()"|mvr
subgraph
subgraph
mrt(( )) --- ml(( )) & mr(( ))
ml --- mlm(( ))
mr --- mrl(( )) & mrr(( ))
@@ -169,7 +169,7 @@ graph TD
fc( client ) -->|"stat()"|fvr
subgraph
subgraph
frt(( )) --- fl(( )) & fr(( ))
fr --- frl(( )) & frr(( ))
end

4
docs/clients/rclone/webdav-sync-oidc.md
View File

@@ -15,7 +15,7 @@ Rclone itself is not able to open and maintain an OpenID Connect session. But it
### Setting up the OIDC-agent
You need to install the [OIDC-agent](https://github.com/indigo-dc/oidc-agent) from your OS' package repository (eg. [Debian](https://github.com/indigo-dc/oidc-agent#debian-packages) or [MacOS](https://github.com/indigo-dc/oidc-agent#debian-packages)).
You need to install the [OIDC-agent](https://github.com/indigo-dc/oidc-agent) from your OS' package repository (e.g. [Debian](https://github.com/indigo-dc/oidc-agent#debian-packages) or [MacOS](https://github.com/indigo-dc/oidc-agent#debian-packages)).
### Configuring the the OIDC-agent
@@ -63,4 +63,4 @@ We now can use Rclone to sync the local folder `/tmp/test` to `/test` in your oC
rclone sync :local:/tmp :webdav:/test
```
If your oCIS doesn't use valid SSL certificates, you may need to use `rclone --no-check-certificate sync ...`.
If your oCIS doesn't use valid SSL certificates, you may need to use `rclone --no-check-certificate sync ...`.

2
docs/extensions/glauth/configuration-hints.md
View File

@@ -13,4 +13,4 @@ geekdocFilePath: configuration-hints.md
The default setup does not use a fallback backend. It can be enabled by setting the `GLAUTH_FALLBACK_DATASTORE` environment variable.
When using `owncloud` make sure to use the full URL to the [ownCloud 10 graph api app](https://github.com/owncloud/graphapi) endpoint, eg.: `GLAUTH_FALLBACK_SERVERS="https://demo.owncloud.com/apps/graphapi/v1.0"`
When using `owncloud` make sure to use the full URL to the [ownCloud 10 graph api app](https://github.com/owncloud/graphapi) endpoint, e.g.: `GLAUTH_FALLBACK_SERVERS="https://demo.owncloud.com/apps/graphapi/v1.0"`

6
docs/extensions/storage/apps.md
View File

@@ -11,7 +11,7 @@ oCIS is all about files. But most of the time you want to do something with file
## App provider capability
The capabilities endpoint (eg. `https://localhost:9200/ocs/v1.php/cloud/capabilities?format=json`) gives you following capabilities which are relevant for the app provider:
The capabilities endpoint (e.g. `https://localhost:9200/ocs/v1.php/cloud/capabilities?format=json`) gives you following capabilities which are relevant for the app provider:
```json
{
@@ -399,7 +399,7 @@ You will receive a file id of the freshly created file, which you can use to ope
}
```
- `filename` is invalid (eg. includes a path segment)
- `filename` is invalid (e.g. includes a path segment)
HTTP status code: 400
@@ -428,7 +428,7 @@ App drivers represent apps, if the app is not able to register itself. Currently
### CS3org WOPI server app driver
The CS3org WOPI server app driver is included in oCIS by default. It needs at least one WOPI compliant app (eg. Collabora, OnlyOffice or Microsoft Online Online Server) or a CS3org WOPI bridge supported app (CodiMD or Etherpad) and the CS3org WOPI server.
The CS3org WOPI server app driver is included in oCIS by default. It needs at least one WOPI compliant app (e.g. Collabora, OnlyOffice or Microsoft Online Online Server) or a CS3org WOPI bridge supported app (CodiMD or Etherpad) and the CS3org WOPI server.
Here is a closer look at the configuration of the actual app provider in a docker-compose example (see also [full example](https://github.com/owncloud/ocis/blob/master/deployments/examples/ocis_wopi/docker-compose.yml)):

18
docs/extensions/storage/proposedchanges.md
View File

@@ -19,7 +19,7 @@ Currently, when a user accepts a share, a cs3 reference is created in the users
Furthermore, the *gateway* treats `/home/shares` different than any other path: it will stat all children and calculate an etag to allow clients to discover changes in accepted shares. This requires the storage provider to cooperate and provide this special `/shares` folder in the root of a users home when it is accessed as a home storage. That is the origin of the `enable_home` config flag that needs to be implemented for every storage driver.
In order to have a single source of truth we need to make the *share manager* aware of the mount point. We can then move all the logic that aggregates the etag in the share folder to a dedicated *shares storage provider* that is using the *share manager* for persistence. The *shares storage provider* would provide a `/shares` namespace outside of `/home` that lists all accepted shares for the current user. As a result the storage drivers no longer need to have a `enable_home` flag that jails users into their home. The `/home/shares` folder would move outside of the `/home`. In fact `/home` will no longer be needed, because the home folder concept can be implemented as a space: `CreateHome` would create a `personal` space on the.
In order to have a single source of truth we need to make the *share manager* aware of the mount point. We can then move all the logic that aggregates the etag in the share folder to a dedicated *shares storage provider* that is using the *share manager* for persistence. The *shares storage provider* would provide a `/shares` namespace outside of `/home` that lists all accepted shares for the current user. As a result the storage drivers no longer need to have a `enable_home` flag that jails users into their home. The `/home/shares` folder would move outside of the `/home`. In fact `/home` will no longer be needed, because the home folder concept can be implemented as a space: `CreateHome` would create a `personal` space on the.
Work on this is done in https://github.com/cs3org/reva/pull/2023
@@ -39,9 +39,9 @@ Work is done in https://github.com/cs3org/reva/pull/1866
## URL escaped string representation of a CS3 reference
For the spaces concept we introduced the `/dav/spaces/` endpoint. It encodes a cs3 *reference* in a URL compatible way.
For the spaces concept we introduced the `/dav/spaces/` endpoint. It encodes a cs3 *reference* in a URL compatible way.
1. We can separate the path using a `/`: `/dav/spaces/<spaceid>/<path>`
2. The `spaceid` currently is a cs3 resourceid, consisting of `<storageid>` and `<opaqueid>`. Since the opaqueid might contain `/` eg. for the local driver we have to urlencode the spaceid.
2. The `spaceid` currently is a cs3 resourceid, consisting of `<storageid>` and `<opaqueid>`. Since the opaqueid might contain `/` e.g. for the local driver we have to urlencode the spaceid.
To access resources by id we need to make the `/dav/meta/<resourceid>` able to list directories... Otherwise id based navigation first has to look up the path. Or we use the libregraph api for id based navigation.
@@ -52,8 +52,8 @@ A *reference* is a logical concept. It identifies a [*resource*]({{< ref "#resou
While all components are optional, only three cases are used:
| format | example | description |
|-|-|-|
| `!:<absolute_path>` | `!:/absolute/path/to/file.ext` | absolute path |
| `<storage_space>!:<relative_path>` | `ee1687e5-ac7f-426d-a6c0-03fed91d5f62!:path/to/file.ext` | path relative to the root of the storage space |
| `!:<absolute_path>` | `!:/absolute/path/to/file.ext` | absolute path |
| `<storage_space>!:<relative_path>` | `ee1687e5-ac7f-426d-a6c0-03fed91d5f62!:path/to/file.ext` | path relative to the root of the storage space |
| `<storage_space>!<root>:<relative_path>` | `ee1687e5-ac7f-426d-a6c0-03fed91d5f62!c3cf23bb-8f47-4719-a150-1d25a1f6fb56:to/file.ext` | path relative to the specified node in the storage space, used to reference resources without disclosing parent paths |
`<storage_space>` should be a UUID to prevent references from breaking when a *user* or [*storage space*]({{< ref "#storage-spaces" >}}) gets renamed. But it can also be derived from a migration of an oc10 instance by concatenating an instance identifier and the numeric storage id from oc10, e.g. `oc10-instance-a$1234`.
@@ -81,8 +81,8 @@ The `:`, `!` and `$` are chosen from the set of [RFC3986 sub delimiters](https:/
| `ee1687e5-ac7f-426d-a6c0-03fed91d5f62!56f7ceca-e7f8-4530-9a7a-fe4b7ec8089a:` | node id in the given storage space, `:` must be present |
| `ee1687e5-ac7f-426d-a6c0-03fed91d5f62` | root of the storage space, all delimiters omitted, can be distinguished by the `/` |
## space providers
When looking up an id based resource the reference must use a logical space id, not a CS3 resource id. Otherwise id based requests, which only have a resourceid consisting of a storage id and a node id cannot be routed to the correct storage provider if the storage has moved from one storage provider to another.
## space providers
When looking up an id based resource the reference must use a logical space id, not a CS3 resource id. Otherwise id based requests, which only have a resourceid consisting of a storage id and a node id cannot be routed to the correct storage provider if the storage has moved from one storage provider to another.
if the registry routes based on the storageid AND the nodeid it has to keep a cache of all nodeids in order to route all requests for a storage space (which consists of storage it + nodeid) to the correct storage provider. the correct resourceid for a node in a storage space would be `<storageid>$<rootnodeid>!<nodeid>`. The `<storageid>$<rootnodeid>` part allow the storage registry to route all id based requests to the correct storage provider. This becomes relevant when the storage space was moved from one storage provider to another. The storage space id remains the same, but the internal address and port change.
@@ -107,11 +107,11 @@ The TUS upload can take metadata, for PUT we might need a header.
### Space id vs resource id vs storage id
We have `/dav/meta/<fileid>` where the `fileid` is a string that was returned by a PROPFIND or by the `/graph/v1.0/me/drives/` endpoint? That returns a space id and the root drive item which has an `id`
We have `/dav/meta/<fileid>` where the `fileid` is a string that was returned by a PROPFIND or by the `/graph/v1.0/me/drives/` endpoint? That returns a space id and the root drive item which has an `id`
Does that `id` have a specific format? We currently concatenate as `<storageid>!<nodeid>`.
A request against `/dav/meta/fileid` will use the reva storage registry to look up a path.
A request against `/dav/meta/fileid` will use the reva storage registry to look up a path.
What if the storage space is moved to another storage provider. This happens during a migration:

4
docs/extensions/storage/users.md
View File

@@ -7,14 +7,14 @@ geekdocEditPath: edit/master/docs/extensions/storage
geekdocFilePath: users.md
---
TODO add this to the storage overview? or is this a different part? That should be started as a separate service ? And documented elsewhere, eg. in the accounts?
TODO add this to the storage overview? or is this a different part? That should be started as a separate service ? And documented elsewhere, e.g. in the accounts?
### User and Group provisioning
In oc10 users are identified by a username, which cannot change, because it is used as a foreign key in several tables. For oCIS we are internally identifying users by a UUID, while using the username in the WebDAV and OCS APIs for backwards compatability. To distinguish this in the URLs we are using `<username>` instead of `<userid>`. You may have encountered `<user_layout>`, which refers to a template that can be configured to build several path segments by filling in user properties, e.g. the first character of the username (`{{substr 0 1 .Username}}/{{.Username}}`), the identity provider (`{{.Id.Idp}}/{{.Username}}`) or the email (`{{.Mail}}`)
{{< hint warning >}}
Make no mistake, the [OCS Provisioning API](https://doc.owncloud.com/server/developer_manual/core/apis/provisioning-api.html) uses `userid` while it actually is the username, because it is what you use to login.
Make no mistake, the [OCS Provisioning API](https://doc.owncloud.com/server/developer_manual/core/apis/provisioning-api.html) uses `userid` while it actually is the username, because it is what you use to login.
{{< /hint >}}
We are currently working on adding [user management through the CS3 API](https://github.com/owncloud/ocis/pull/1930) to handle user and group provisioning (and deprovisioning).

14
docs/ocis/_index.md
View File

@@ -13,9 +13,9 @@ geekdocFilePath: _index.md
Welcome to oCIS, the modern file-sync and share platform, which is based on our knowledge and experience with the PHP based [ownCloud server](https://owncloud.com/#server).
### The idea of federated storage
To creata a truly federated storage architecture oCIS breaks down the old ownCloud 10 user specific namespace, which is assembled on the server side, and makes the individual parts accessible to clients as storage spaces and storage space registries.
To create a truly federated storage architecture oCIS breaks down the old ownCloud 10 user specific namespace, which is assembled on the server side, and makes the individual parts accessible to clients as storage spaces and storage space registries.
The below diagram shows the core conceps that are the foundation for the new architecture:
The below diagram shows the core concepts that are the foundation for the new architecture:
- End user devices can fetch the list of *storage spaces* a user has access to, by querying one or multiple *storage space registries*. The list contains a unique endpoint for every *storage space*.
- [*Storage space registries*]({{< ref "../extensions/storage/terminology#storage-space-registries" >}}) manage the list of storage spaces a user has access to. They may subscribe to *storage spaces* in order to receive notifications about changes on behalf of an end users mobile or desktop client.
- [*Storage spaces*]({{< ref "../extensions/storage/terminology#storage-spaces" >}}) represent a collection of files and folders. A users personal files are contained in a *storage space*, a group or project drive is a *storage space*, and even incoming shares are treated and implemented as *storage spaces*. Each with properties like owners, permissions, quota and type.
@@ -29,9 +29,9 @@ To share something with Marie, Einstein would open `https://cloud.zurich.test`.
After locating a folder that he wants to share with Marie he enters her email `marie@paris.test` in the sharing dialog to grant her the editor role. This, in effect, creates a new *storage space* that is registered with the *storage space registry* at `https://cloud.zurich.test`.
Einstein copies the URL in the browser (or an email with the same URL is sent automatically, or the storage registries use a backchannel mechanism). It contains the most specific `storage space id` and a path relative to it: `https://cloud.zurich.test/#/spaces/716199a6-00c0-4fec-93d2-7e00150b1c84/a/rel/path`.
Einstein copies the URL in the browser (or an email with the same URL is sent automatically, or the storage registries use a back-channel mechanism). It contains the most specific `storage space id` and a path relative to it: `https://cloud.zurich.test/#/spaces/716199a6-00c0-4fec-93d2-7e00150b1c84/a/rel/path`.
When Marie enters that URL she will be presented with a login form on the `https://cloud.zurich.test` instance, because the share was created on that domain. If `https://cloud.zurich.test` trusts her OpenID Connect identity provider `https://idp.paris.test` she can log in. This time, the *storage space registry* discovery will come up with `https://cloud.paris.test` though. Since that registry is different than the registry tied to `https://cloud.zurich.test` oCIS web can look up the *storage space* `716199a6-00c0-4fec-93d2-7e00150b1c84` and register the WebDAV URL `https://cloud.zurich.test/dav/spaces/716199a6-00c0-4fec-93d2-7e00150b1c84/a/rel/path` in Maries *storage space registry* at `https://cloud.paris.test`. When she accepts that share her clients will be able to sync the new *storage space* at `https://cloud.zurich.test`.
When Marie enters that URL she will be presented with a login form on the `https://cloud.zurich.test` instance, because the share was created on that domain. If `https://cloud.zurich.test` trusts her OpenID Connect identity provider `https://idp.paris.test` she can log in. This time, the *storage space registry* discovery will come up with `https://cloud.paris.test` though. Since that registry is different than the registry tied to `https://cloud.zurich.test` oCIS web can look up the *storage space* `716199a6-00c0-4fec-93d2-7e00150b1c84` and register the WebDAV URL `https://cloud.zurich.test/dav/spaces/716199a6-00c0-4fec-93d2-7e00150b1c84/a/rel/path` in Marie's *storage space registry* at `https://cloud.paris.test`. When she accepts that share her clients will be able to sync the new *storage space* at `https://cloud.zurich.test`.
### oCIS microservice runtime
@@ -48,13 +48,13 @@ oCIS runtime to the individual extensions.
While the [go-micro](https://go-micro.dev/) framework provides abstractions as well as implementations for the different components in a microservice architecture, it uses a more developer focused runtime philosophy: It is used to download services from a repo, compile them on the fly and start them as individual processes. For oCIS we decided to use a more admin friendly runtime: You can download a single binary and start the contained oCIS extensions with a single `bin/ocis server`. This also makes packaging easier.
We use [ocis-pkg](https://github.com/owncloud/ocis/tree/master/ocis-pkg) to configure the default implementations for the go-micro [grpc server](https://github.com/asim/go-micro/tree/v3.5.0/plugins/server/grpc), [client](https://github.com/asim/go-micro/tree/v3.5.0/plugins/client/grpc) and [mdns registry](https://github.com/asim/go-micro/blob/v3.5.0/registry/mdns_registry.go), swapping them out as needed, eg. to use the [kubernetes registry plugin](https://github.com/asim/go-micro/tree/v3.5.0/plugins/registry/kubernetes).
We use [ocis-pkg](https://github.com/owncloud/ocis/tree/master/ocis-pkg) to configure the default implementations for the go-micro [grpc server](https://github.com/asim/go-micro/tree/v3.5.0/plugins/server/grpc), [client](https://github.com/asim/go-micro/tree/v3.5.0/plugins/client/grpc) and [mdns registry](https://github.com/asim/go-micro/blob/v3.5.0/registry/mdns_registry.go), swapping them out as needed, e.g. to use the [kubernetes registry plugin](https://github.com/asim/go-micro/tree/v3.5.0/plugins/registry/kubernetes).
### REVA
A lot of embedded services in oCIS are built upon the [REVA](https://reva.link/) runtime. We decided to bundle some of the [CS3 services](https://github.com/cs3org/cs3apis) to logically group them. A [home storage provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L93-L108), which is dealing with [metadata](https://cs3org.github.io/cs3apis/#cs3.storage.provider.v1beta1.ProviderAPI), and the corresponding [data provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L109-L123), which is dealing with [up and download](https://cs3org.github.io/cs3apis/#cs3.gateway.v1beta1.FileUploadProtocol), are one example. The [frontend](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go) with the [oc flavoured webdav](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L132-L138), [ocs handlers](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L139-L148) and a [datagateway](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L126-L131) are another.
A lot of embedded services in oCIS are built upon the [REVA](https://reva.link/) runtime. We decided to bundle some of the [CS3 services](https://github.com/cs3org/cs3apis) to logically group them. A [home storage provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L93-L108), which is dealing with [metadata](https://cs3org.github.io/cs3apis/#cs3.storage.provider.v1beta1.ProviderAPI), and the corresponding [data provider](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/storagehome.go#L109-L123), which is dealing with [up and download](https://cs3org.github.io/cs3apis/#cs3.gateway.v1beta1.FileUploadProtocol), are one example. The [frontend](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go) with the [oc flavoured webdav](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L132-L138), [ocs handlers](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L139-L148) and a [data-gateway](https://github.com/owncloud/ocis/blob/v1.2.0/storage/pkg/command/frontend.go#L126-L131) are another.
### Protocol driven development
Interacting with oCIS involves a multitude af APIs. The server and all clients rely on [OpenID Connect](https://openid.net/connect/) for authentication. The [embedded LibreGraph Connect](https://github.com/owncloud/ocis/tree/master/idp) can be replaced with any other OpenID Connect Identity Provider. Clients use the [WebDAV](http://webdav.org/) based [oc sync protocol](https://github.com/cernbox/smashbox/blob/master/protocol/protocol.md) to manage files and folders, [ocs to manage shares](https://doc.owncloud.com/server/developer_manual/core/apis/ocs-share-api.html) and [TUS](https://tus.io/protocols/resumable-upload.html) to upload files in a resumable way. On the server side [REVA](https://reva.link/) is the reference implementation of the [CS3 apis](https://github.com/cs3org/cs3apis) which is defined using [protobuf](https://developers.google.com/protocol-buffers/). By embedding [glauth](https://github.com/glauth/glauth/), oCIS provides a read-only [LDAP](https://tools.ietf.org/html/rfc2849) interface to make accounts, including guests available to firewalls and other systems. In the future, we are looking into [the Microsoft Graph API](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0), which is based on [odata](http://docs.oasis-open.org/odata/odata/v4.0/odata-v4.0-part1-protocol.html), as a well defined REST/JSON dialect for the existing endpoints.
Interacting with oCIS involves a multitude af APIs. The server and all clients rely on [OpenID Connect](https://openid.net/connect/) for authentication. The [embedded LibreGraph Connect](https://github.com/owncloud/ocis/tree/master/idp) can be replaced with any other OpenID Connect Identity Provider. Clients use the [WebDAV](http://webdav.org/) based [oc sync protocol](https://github.com/cernbox/smashbox/blob/master/protocol/protocol.md) to manage files and folders, [ocs to manage shares](https://doc.owncloud.com/server/developer_manual/core/apis/ocs-share-api.html) and [TUS](https://tus.io/protocols/resumable-upload.html) to upload files in a resumable way. On the server side [REVA](https://reva.link/) is the reference implementation of the [CS3 apis](https://github.com/cs3org/cs3apis) which is defined using [protobuf](https://developers.google.com/protocol-buffers/). By embedding [glauth](https://github.com/glauth/glauth/), oCIS provides a read-only [LDAP](https://tools.ietf.org/html/rfc2849) interface to make accounts, including guests available to firewalls and other systems. In the future, we are looking into [the Microsoft Graph API](https://docs.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0), which is based on [odata](http://docs.oasis-open.org/odata/odata/v4.0/odata-v4.0-part1-protocol.html), as a well-defined REST/JSON dialect for the existing endpoints.
### Acceptance test suite
We run a huge [test suite](https://github.com/owncloud/core/tree/master/tests), which originated in ownCloud 10 and continues to grow. A detailed description can be found in the developer docs for [testing]({{< ref "development/testing" >}}).

2
docs/ocis/adr/0001-introduce-accounts-service.md
View File

@@ -36,7 +36,7 @@ Chosen option: "GLAuth wraps accounts service", because we need write access to
### Positive Consequences
* We can build a self contained user management in the accounts service and can adjust it to our requirements.
* We can build a self-contained user management in the accounts service and can adjust it to our requirements.
* We do not rely on an LDAP server which would only be possible by implementing write support in the LDAP libraries used by GLAuth (hard to estimate effort, when will that be merged upstream).
### Negative Consequences

10
docs/ocis/adr/0004-support-hot-migration.md
View File

@@ -19,7 +19,7 @@ Migration is one of the most important topics of the oCIS story. We need to prov
## Decision Drivers
- Do not lose file blob or meta data.
- Do not lose file blob or metadata.
- To prevent a sync surge from clients the etag for files should be migrated.
- To prevent internal links from breaking or pointing to wrong files the file id of existing files needs to be migrated.
- To prevent data loss trash and version blobs should be migrated.
@@ -27,7 +27,7 @@ Migration is one of the most important topics of the oCIS story. We need to prov
- To prevent internal shares the share type, permissions and expiry needs to be migrated.
- To prevent public links from breaking the url token, permissions, expiry and password needs to be migrated.
- *What about federated shares?*
- *What about additional share permissions, eg. comment on office files?*
- *What about additional share permissions, e.g. comment on office files?*
- Legacy clients need to keep working
- To keep existing clients working the `remote.php/webdav` and `dav/files/<username>` webdav endpoints as well as the ocs API need to be available.
- *What about [app passwords/tokens](https://doc.owncloud.com/server/user_manual/personal_settings/security.html#app-passwords-tokens)?*
@@ -55,7 +55,7 @@ Chosen option: "\[option 1\]", because \[justification. e.g., only option, which
### Cold Migration
The migration happens while the service is offline. File metadata, blobs and share data is exported from ownCloud 10 and imported in oCIS. This can happen user by user, where every user export would contain the file blobs, their metadata, trash, versions, shares and all metadata that belongs to the users storage. To prevent group shares from breaking, users in the same groups must be migrated in batch. Depending on the actual group shares in an instance this may effectively require a complete migration in a single batch.
The migration happens while the service is offline. File metadata, blobs and share data is exported from ownCloud 10 and imported in oCIS. This can happen user by user, where every user export would contain the file blobs, their metadata, trash, versions, shares and all metadata that belongs to the users storage. To prevent group shares from breaking, users in the same groups must be migrated in batch. Depending on the actual group shares in an instance this may effectively require a complete migration in a single batch.
- Good, because oCIS can be tested in a staging system without writing to the production system.
- Good, because file layout on disk can be changed to support new storage driver capabilities.
@@ -76,5 +76,5 @@ The migration happens in subsequent stages while the service is online.
## Links
- [Clarify responsibilities of share providers and storage providers · Issue #1377 · cs3org/reva (github.com)](https://github.com/cs3org/reva/issues/1377) because the share manager for oCIS should store share information on the storage system. And [storageprovider should persist share creator · Issue #93 · cs3org/cs3apis (github.com)](https://github.com/cs3org/cs3apis/issues/93) finally: [eos: store share id in inherited xattr · Issue #543 · cs3org/reva (github.com)](https://github.com/cs3org/reva/issues/543)
- [Clarify responsibilities of share providers and storage providers · Issue #1377 · cs3org/reva (github.com)](https://github.com/cs3org/reva/issues/1377) because the share manager for oCIS should store share information on the storage system. And [storage provider should persist share creator · Issue #93 · cs3org/cs3apis (github.com)](https://github.com/cs3org/cs3apis/issues/93) finally: [eos: store share id in inherited xattr · Issue #543 · cs3org/reva (github.com)](https://github.com/cs3org/reva/issues/543)

2
docs/ocis/adr/0005-cs3-api-account-management.md
View File

@@ -155,7 +155,7 @@ Creating an account using the first option looks currently is implemented in ven
└──────────────────────────────────────────────────┘
```
As explained before, during this flow no Reva middlewares are ran. Creating an account will only use the embedded accounts js file alongside a minted jwt token (by the oCIS proxy) to communicate with the accounts service.
As explained before, during this flow no Reva middlewares are run. Creating an account will only use the embedded accounts js file alongside a minted jwt token (by the oCIS proxy) to communicate with the accounts service.
### Add account management to the CS3 API

2
docs/ocis/adr/0007-api-for-spaces.md
View File

@@ -151,6 +151,6 @@ Meaningful fields of the root element in the context of the Open Graph API:
### Open Topics
- What are the WebDAV pathes for Trashbin, Versions
- What are the WebDAV paths for Trashbin, Versions
+ option: additional entries in the reply struct
- The identitySet object used for "owner" and "coowner" require to implement the [https://docs.microsoft.com/de-de/graph/api/resources/identityset?view=graph-rest-1.0](IdentitySet) JSON object, which contains information that seems to be of limited benefit for oCIS. An alternative would be to implement a simpler identity object for oCIS and use that.

2
docs/ocis/adr/0009-extension-template.md
View File

@@ -66,6 +66,6 @@ Create a git repository with an extension containing the boilerplate code.
We have the ocis-hello repository which acts as an example extension containing a grpc and http service and a web UI. It also demonstrates the usage of the settings service.
* Good, because it contains a bit more code than just the plain boilerplate
* Good, because the integration into oCIS is already tested for the Hello extension (eg. with Proxy and Settings). This will ensure, that the example extension is up to date.
* Good, because the integration into oCIS is already tested for the Hello extension (e.g. with Proxy and Settings). This will ensure, that the example extension is up-to-date.
* Bad, because if you don't require all features you have to delete stuff

4
docs/ocis/adr/0010-policy-enforcement.md
View File

@@ -49,7 +49,7 @@ Chosen option: option 2; Use third party libraries such as Open Policy Agent (a
## Chosen option approach
Make use of [overloading Open Policy Agent's input](https://www.openpolicyagent.org/docs/latest/external-data/#option-2-overload-input) along with an external storage source (instead of an OPA service) in conjunction with go-micro's gRPC client wrappers (a.k.a middlewares) to leverage policy rules evaluation.
Make use of [overloading Open Policy Agent's input](https://www.openpolicyagent.org/docs/latest/external-data/#option-2-overload-input) along with an external storage source (instead of an OPA service) in conjunction with go-micro's gRPC client wrappers (a.k.a. middlewares) to leverage policy rules evaluation.
### Terminology
@@ -68,7 +68,7 @@ New terms are defined to refer to new mental models:
However, for this to be usable it needs state. The Rego engine works with input and data, where data is essentially a database the input is tried against, in order to expand this poc to include functionality such as counters (i.e: give access to the thumbnails only to 50 users) we need an external storage, and consequentially, Rego needs to have an option to load data from an external storage. There is an entire chapter in the documentation regarding external data: https://www.openpolicyagent.org/docs/latest/external-data/. The most "natural" option (option 5) states:
> OPA includes functionality for reaching out to external servers during evaluation. This functionality handles those cases where there is too much data to synchronize into OPA, JWTs are ineffective, or policy requires information that must be as up to date as possible.
> OPA includes functionality for reaching out to external servers during evaluation. This functionality handles those cases where there is too much data to synchronize into OPA, JWTs are ineffective, or policy requires information that must be as up-to-date as possible.
This is a natural option because it requires service-to-service communication, and by definition using microservices it should come "natural to us". Another approach is using JWT (which we already use) to encode the necessary data into the JWT and handing it over to rego as "data". The issue with this approach is that depending on the features of the licenses the JWT might grow and be filled with noise and redundancy (this is, unless a new token is issued for licensing purposes).

24
docs/ocis/adr/0011-global-url-format.md
View File

@@ -26,7 +26,7 @@ When the URL contains a `fileid` parameter the server will look up the correspon
GET https://demo.owncloud.com/apps/files/?dir=/path/to/resource
```
The `dir` parameter is then used to make a WebDAV request against the `/dav/files` endpoint of the currently logged in user:
The `dir` parameter is then used to make a WebDAV request against the `/dav/files` endpoint of the currently logged-in user:
```
PROPFIND https://demo.owncloud.com/remote.php/dav/files/demo/path/to/resource
@@ -42,7 +42,7 @@ https://demo.owncloud.com/#/files/list/all/path/to/resource
Currently, there is no `fileid` like parameter in the browser URL, making bookmarks of it fragile (they break when a bookmarked folder is renamed).
The oCIS web UI just takes the path and uses the `/webdav` endpoint of the currently logged in user:
The oCIS web UI just takes the path and uses the `/webdav` endpoint of the currently logged-in user:
```
PROPFIND https://demo.owncloud.com/remote.php/webdav/path/to/resource
@@ -78,7 +78,7 @@ This ADR is limited to the scope of "how will a web client deal with the browser
{{< hint >}}
@jfd: The graph api returns a `path` in the `parentReference`, which is part of the `root` in a `drive` resource. But it contains a value in the namespace of the `graph` endpoint, eg.: `/drive/root:/Bilder` for the `/Bilder` folder in the root of the currently logged in users personal drive/space. Which is again relative to the drive. To give the clients a way to determine the mount point we need to add a new `mountpath/point/alias` property.
@jfd: The graph api returns a `path` in the `parentReference`, which is part of the `root` in a `drive` resource. But it contains a value in the namespace of the `graph` endpoint, e.g.: `/drive/root:/Bilder` for the `/Bilder` folder in the root of the currently logged-in users personal drive/space. Which is again relative to the drive. To give the clients a way to determine the mount point we need to add a new `mountpath/point/alias` property.
{{< /hint >}}
## Decision Drivers
@@ -130,7 +130,7 @@ It contains a path and a `fileid` (which takes precedence).
* Bad, because URLs still contain a long prefix `(/index.php)/apps/files`
* Bad, because the `fileid` needs to be accompanied by a `storageid` to allow efficient routing in ocis
* Bad, because if not configured properly an additional `/index.php` prefixes the route
* Bad, because powerusers cannot navigate by updating only the path in the URL, as the `fileid` takes precedence. They have to delete the `fileid` to navigate
* Bad, because power users cannot navigate by updating only the path in the URL, as the `fileid` takes precedence. They have to delete the `fileid` to navigate
### ID based URLs
@@ -160,7 +160,7 @@ There is a customized ownCloud instance that uses path only based URLs:
| `https://demo.owncloud.com/apps/files/?dir=/path/to/resource&` | sub folder `/path/to/resource` |
* Good, because the URLs reveal the full path context to users
* Good, because powerusers can navigate by updating the path in the url
* Good, because power users can navigate by updating the path in the url
* Bad, because the web UI needs to look up the space id in a registry to build an API request for the `/dav/space` endpoint
* Bad, because the bookmarks break when someone renames a folder in the path
* Bad, because there is no id that can be used as a fallback lookup mechanism
@@ -185,7 +185,7 @@ There is a customized ownCloud instance that uses path only based URLs:
* Good, because the web UI does not need to look up the space id in a registry to build an API request for the `/dav/space` endpoint
* Good, because the URLs reveal a relevant path context to users
* Good, because everything after the `#` is not sent to the server, building the webdav request to list the folder is offloaded to the clients
* Good, because powerusers can navigate by updating the path in the url
* Good, because power users can navigate by updating the path in the url
* Bad, because the current ids are uuid based, leading to very long URLs where the path component nearly vanishes between two very long strings
* Bad, because the `#` in the URL is just a technical requirement
* Bad, because ocis web requires a `/#/files/s` at the root of the route to distinguish the files app from other apps
@@ -266,14 +266,14 @@ In order to be able to copy and paste URLs all resources must be uniquely identi
* An url shortener can create urls like `/s/<token>` which could be used as a stable link to a resource.
* Links for anonymous users will resolve to `/public/<token>`
The alias namespace hierarchy and depth can be pre determined by the admin. Even if aliases change the `id` parameter prevents bookmarks from breaking. A user can decide to build a different hierarchy by using his own registry.
The alias namespace hierarchy and depth can be pre-determined by the admin. Even if aliases change the `id` parameter prevents bookmarks from breaking. A user can decide to build a different hierarchy by using his own registry.
What about shares? Similar to `/home` it must reflect the user: `/shares/einstein` would list all shares *by* einstein for the currently logged in user. The ui needs to apply the same URL rewriting as for space based URLs: when navigating into a share the URL has to switch from `/personal/einstein/relative/path/to/shared/resource` to `/shares/einstein/<unique and potentially namespaced alias for shared resource>`. When more than one `resource` was shared a name collision would occur. To prevent this we can use ids `/shares/einstein/id/<resource_id` or namespaced aliases `/shares/einstein/files/alias`. Similar to the `/trash` prefix we could treat `/shares` as a filter for the shared resources a user has access to, but that would disclose unshared path segments in personal spaces. We could make that a feature and let users create an alias for a shared resource, similar as for public links. Then they can decide if they want to disclose the full path in their personal space (or another workspace) or if they want to use an alias which is then accessed at `/shares/einstein/<alias>`. As a default we could take the alias at creation time from the filename. That way two shares to a resource with the same name, eg.: `/personal/einstein/project AAA/foo` and `/personal/einstein/project BBB/foo` would lead to `/shares/einstein/foo` (a CS3 internal reference to `/personal/einstein/project AAA/foo`) and `/shares/einstein/foo (2)` (a CS3 internal reference to `/personal/einstein/project BBB/foo`). `foo (2)` would keep its name even when `foo` is deleted or renamed. Well an id as the alias might be better then, because users might rename these aliases, which would break URLs if they have been bookmarked. In any case this would make end user more aware of what they share AND it would allow them to choose an arbitrary context for the links they want to send out: personal internal share URLs.
What about shares? Similar to `/home` it must reflect the user: `/shares/einstein` would list all shares *by* einstein for the currently logged-in user. The ui needs to apply the same URL rewriting as for space based URLs: when navigating into a share the URL has to switch from `/personal/einstein/relative/path/to/shared/resource` to `/shares/einstein/<unique and potentially namespaced alias for shared resource>`. When more than one `resource` was shared a name collision would occur. To prevent this we can use ids `/shares/einstein/id/<resource_id` or namespaced aliases `/shares/einstein/files/alias`. Similar to the `/trash` prefix we could treat `/shares` as a filter for the shared resources a user has access to, but that would disclose unshared path segments in personal spaces. We could make that a feature and let users create an alias for a shared resource, similar as for public links. Then they can decide if they want to disclose the full path in their personal space (or another workspace) or if they want to use an alias which is then accessed at `/shares/einstein/<alias>`. As a default we could take the alias at creation time from the filename. That way two shares to a resource with the same name, e.g.: `/personal/einstein/project AAA/foo` and `/personal/einstein/project BBB/foo` would lead to `/shares/einstein/foo` (a CS3 internal reference to `/personal/einstein/project AAA/foo`) and `/shares/einstein/foo (2)` (a CS3 internal reference to `/personal/einstein/project BBB/foo`). `foo (2)` would keep its name even when `foo` is deleted or renamed. Well an id as the alias might be better then, because users might rename these aliases, which would break URLs if they have been bookmarked. In any case this would make end user more aware of what they share AND it would allow them to choose an arbitrary context for the links they want to send out: personal internal share URLs.
With these different namespaces the `/files` part in the URL becomes obsolete, because the files application can be registered for multiple namespaces: `/personal`, `/workspaces`, `/shares`, `/trash` ...
* Good, because it contains a global path
* Good, because spaces with namespaced aliases can by bookmarked and copied into mails or chat without disclosing unshared path segments, as the space is supposed to be shared
* Good, because spaces with namespaced aliases can be bookmarked and copied into mails or chat without disclosing unshared path segments, as the space is supposed to be shared
* Good, because the UI can detect broken paths and notify the user to update his bookmark if the resource could be found by `id`
* Good, because the `/files` part might only be required for `id` only based lookup to let the web ui know which app is responsible for the route
* Good, because it turns shares into deliberately named spaces in `/shares/<owner>/<alias>`
@@ -297,7 +297,7 @@ When a file is selected the filename also becomes part of the URL so individual
If navigation is id based we need to look up the path for the id so we can make a webdav request, or we need to implement the graph drives and driveItem resources.
The URL `https://<host>/files?id=<resource_id>̀` is sent to the server. It has to look up the correct path and redirect the request, including the the path. But that would make all bookmarks contain tha path again, even if paths were configured to not be part of the URL.
The URL `https://<host>/files?id=<resource_id>̀` is sent to the server. It has to look up the correct path and redirect the request, including the path. But that would make all bookmarks contain tha path again, even if paths were configured to not be part of the URL.
The `/meta/<fileid>` webdav endpoint can be used to look up the path with property `meta-path-for-user`.
@@ -307,7 +307,7 @@ For now, we would use path based navigation with URLs like this:
https://<host>/files</namespaced/alias></relative/path/to/resource>?id=<resource_id>
```
This means that only the _resource path_ is part of the URL path. Any other parameter, eg. file `id`, `page` or sort order must be given as URL parameters.
This means that only the _resource path_ is part of the URL path. Any other parameter, e.g. file `id`, `page` or sort order must be given as URL parameters.
- [ ] To make lookup by id possible we need to implement the `/meta/<fileid>` endpoint so the sdk can use it to look up the path. We should not implement a redirect on the ocis server side because the same redirect logic would need to be added to oc10. Having it in ocis web is the right place.
@@ -316,5 +316,5 @@ This means that only the _resource path_ is part of the URL path. Any other para
Public links would have the same format: `https://<host>/files?id=<resource_id>` The web UI has to detect if the user is logged in or not and adjust the ui accordingly.
{{< hint warning >}}
Since there is no difference between public and private files a logged in user cannot see the public version of a link unless he logs out.
Since there is no difference between public and private files a logged-in user cannot see the public version of a link unless he logs out.
{{< /hint >}}

2
docs/ocis/adr/0012-tracing.md
View File

@@ -46,4 +46,4 @@ Chosen option: option 3; Migrate to OpenTelemetry. OpenCensus is deprecated, and
- The unit that ultimately does the work will change the state of the span to error if any occurred.
With this premises, this is by no means a fixed document and the more we learn about the usage of an instance the more context we can add to the traces.
With these premises, this is by no means a fixed document and the more we learn about the usage of an instance the more context we can add to the traces.

12
docs/ocis/adr/0013-locking.md
View File

@@ -44,15 +44,15 @@ The CS3org WOPI server creates a `.sys.wopilock.<filename>.` and `.~lock.<filena
**File based locking is bad**, because:
- lock files should be checked by all partys manipulating files (eg. the WebDAV api)
- lock files should be checked by all parties manipulating files (e.g. the WebDAV api)
- lock files can be deleted by everyone
- you can not lock files in a file-only share (you need a folder share to create a lock file besides the original file)
If we have file based locks, we can also sync them with eg. the Desktop Client.
If we have file based locks, we can also sync them with e.g. the Desktop Client.
**Syncing lock files is good**: because
- native office applications can notice lock files by the WOPI server and vice versa (Libre Office also creates `.lock.<filename>#` files)
- native office applications can notice lock files by the WOPI server and vice versa (LibreOffice also creates `.lock.<filename>#` files)
**Syncing lock files is bad**, because:
@@ -70,7 +70,7 @@ We remove or disable the file based locking of the CS3org WOPI server.
**No locking is bad**, because:
- merging changes from different versions is a pain, since there is no way to calculate differences for most of the files (eg. docx or xlsx files)
- merging changes from different versions is a pain, since there is no way to calculate differences for most of the files (e.g. docx or xlsx files)
- no locking breaks the WOPI specs, as the CS3 WOPI server won't be capable to honor the WOPI Lock related operations
### CS3 API locking
@@ -78,7 +78,7 @@ We remove or disable the file based locking of the CS3org WOPI server.
- Add CS3 API for resource (files, directories) locking, unlocking and checking locks
- locking always with timeout
- lock creation is a "create-if-not-exists" operation
- locks need to have arbitrary metadata (eg. the CS3 WOPI server is stateless by storing information on / in the locks)
- locks need to have arbitrary metadata (e.g. the CS3 WOPI server is stateless by storing information on / in the locks)
- Implement WebDAV locking using the CS3 API
- Implement Locking in storage drivers
- Change CS3 WOPI server to use CS3 API locking mechanism
@@ -89,7 +89,7 @@ We remove or disable the file based locking of the CS3org WOPI server.
- you can lock files on the actual storage (if the storage supports that -> storage driver dependent)
- you can lock files in ownCloud 10 when using the ownCloudSQL storage driver in the migration deployment (but oC10 Collabora / OnlyOffice also need to implement locking, to fully leverage that)
- clients can get the lock information via the api without ignoring / hiding lock file changes
- clients can use the lock information to lock the file in their context (eg. via some file explorer integration)
- clients can use the lock information to lock the file in their context (e.g. via some file explorer integration)
**CS3 API locking is bad**, because:

10
docs/ocis/adr/0015-events.md
View File

@@ -19,7 +19,7 @@ To be able to implement simple, flexible and independent inter service communica
### Example: Email Notification
A simple example is the notification feature for oCIS: Users should receive an email when another user shares a file with them. The information, that the file was shared should go out as an event from a storage provider or share manager, carrying the information which file was shared to which receiver. A potential notification service that sends out the email listens to these kind of events and sends the email out once on every received event of that specific type.
A simple example is the notification feature for oCIS: Users should receive an email when another user shares a file with them. The information, that the file was shared should go out as an event from a storage provider or share manager, carrying the information which file was shared to which receiver. A potential notification service that sends out the email listens to these kinds of events and sends the email out once on every received event of that specific type.
## Decision Drivers
@@ -40,17 +40,17 @@ A simple example is the notification feature for oCIS: Users should receive an e
Reva will get a messaging service that is available to all services within oCIS and Reva. It is considered as one of the mandatory services of the oCIS system. If the messaging backend is not running, neither Reva nor oCIS can be considered healthy and should shut down.
All oCIS- and Reva-services can connect to the messaging bus and send so called events. The sender gets an immediate return if handing the event to the message bus was succesful or not.
All oCIS- and Reva-services can connect to the messaging bus and send so-called events. The sender gets an immediate return if handing the event to the message bus was successful or not.
The sender can not make any assumptions when the message is delivered to any receiving service. Depending on the QoS model (as proposed as alternatives in this ADR) it might even be not guaranteed that the event is delivered at all. Also, the sender can not know if zero, one or many services are listening to that event.
#### Event Data
Events are identified by their namespace and their respective name. The namespace is delimited by dots and starts with either "reva" or "ocis" or an future extension name. It is followed by the name of the sending service and an unique name of the event.
Events are identified by their namespace and their respective name. The namespace is delimited by dots and starts with either "reva" or "ocis" or a future extension name. It is followed by the name of the sending service and an unique name of the event.
Example: `ocis.ocdav.delete` - an event with that name sent out if an WebDAV DELETE request arrived in the oCDav service.
An event can carry a payload which is encoded as json object. (See for example [NATS](https://docs.nats.io/using-nats/developer/sending/structure) ). There are no pre defined members in that object, it is fully up to the sender which data will be included in the payload. Receivers must be robust to deal with changes.
An event can carry a payload which is encoded as json object. (See for example [NATS](https://docs.nats.io/using-nats/developer/sending/structure) ). There are no pre-defined members in that object, it is fully up to the sender which data will be included in the payload. Receivers must be robust to deal with changes.
#### Quality of Service
@@ -82,7 +82,7 @@ Exactly as described above, but with a higher service level quality.
#### Quality of Service
Events are sent with "At least once" quality of service. That means the events will remain in the queue until they are received by all receivers. This puts more responsability on the event bus and adds state to the events. Given that the event queue can be considered the backbone of the system, it is required to be running.
Events are sent with "At least once" quality of service. That means the events will remain in the queue until they are received by all receivers. This puts more responsibility on the event bus and adds state to the events. Given that the event queue can be considered the backbone of the system, it is required to be running.
#### Pros

18
docs/ocis/adr/0017-allow-read-only-external-user-management.md
View File

@@ -16,7 +16,7 @@ geekdocFilePath: 0017-allow-read-only-external-user-management.md
oCIS needs to be integrated with various external Authentication and Identity Management Systems.
Usually oCIS will have no administrative access to such a system and we will not be allowed to
reconfigure it to suit our needs (e.g. we will not be able to enhance the schema of an already existing
LDAP Directory). In most of the cases our access will be read-only.
LDAP Directory). In most of the cases our access will be read-only.
Sidenote: There is a difference between users, identities and accounts: A user may have multiple
identities which he can authenticate with, e.g. his facebook, twitter, microsoft or google
@@ -27,8 +27,8 @@ provider to another.
There are different cases where oCIS requires access to users:
1. While we settled on using OpenID Connect (OIDC) as the authentication protocol for oCIS, we
we need to build a user object during authentication with at least an account UUID (to identify
the account) and the email or a name (for display purposes).
need to build a user object during authentication with at least an account UUID (to identify
the account) and the email or a name (for display purposes).
2. When searching for share recipients we need to be able to query existing users in the external
identity management system
3. When listing files we need to be able to look up a users display properties (username, email,
@@ -49,7 +49,7 @@ of stable identifier for users:
* oCIS should be a single binary that can run out of the box without external dependencies like an
LDAP server.
* Time: we want to build a release candidate asap.
* oCIS should be easy to integrate with standard external identity mangement systems
* oCIS should be easy to integrate with standard external identity management systems
## Considered Options
@@ -73,7 +73,7 @@ to support both scenarios.
## Pros and Cons of the Options <!-- optional -->
### External identity management system is read only and provides an interface to query users (e.g. Coporate Active Directy)
### External identity management system is read only and provides an interface to query users (e.g. Corporate Active Directory)
IdP sends sub & iss and mail or username claims, Identity Management System provides APIs (e.g.
LDAP, SCIM, REST ...) to lookup additional user information. All oCIS services use the CS3 API to
@@ -82,20 +82,20 @@ the APIs provided by the IdM.
* Good, because we can rely on the external identity management
* Good, because ocis services only need to know about the CS3 user provider API, which acts as an
abstraction layer for different identitiy management systems
abstraction layer for different identity management systems
* Good, because there is only a single source of truth (the external IdM) and we don't need to
implement a synchronization mechanism to maintain an internal user database (we will likely need
some form of caching though, see below)
* Bad, because the identity managment needs to provide a stable, persistent, non-reassignable user
* Bad, because the identity management needs to provide a stable, persistent, non-reassignable user
identifier for an account, e.g. `owncloudUUID` or `ms-DS-ConsistencyGuid`
* Bad, because we need to implment tools that can change the account id when it did change anyway
* Bad, because we need to implement tools that can change the account id when it did change anyway
* Bad, because without caching we will hammer the identity management system with lookup requests
### External identity management system is read only and does NOT provide an API to query users
Idp sends sub & iss and mail or username claims. We need to provision an internal account mapping,
creating a unique ID, upon the first login of a user to be able to look up user properties by account
id.
id.
* Good, because this has very little external requirements
* Good, because we have accounts fully under our control

2
docs/ocis/adr/0019-file-search-index.md
View File

@@ -29,7 +29,7 @@ Sharing adds more complexity because the index also needs to react to create, de
* Be able to construct intelligent searches based on metadata
* Allow the user to filter the search queries based on metadata
* Basic File Search needs to be implemented out of the box without external dependencies
* The Search Indexing Service should be replacable with more sophisticated technologies like Elasticsearch
* The Search Indexing Service should be replaceable with more sophisticated technologies like Elasticsearch
* Make use of the spaces architecture to shard search indexes by space
* The Search Indexing Service needs to deal with multiple users accessing the same resources due to shares
* The Search Service should be compatible with different search indexing technologies

16
docs/ocis/adr/0020-file-search-query-language.md
View File

@@ -13,18 +13,18 @@ geekdocFilePath: 0018-file-search-query-language.md
## Context and Problem Statement
From the users perspective, the interface to search is just a single form field where the user enters one or more search terms. The minimum expectation is that the search returns file names and links to files that
From the users perspective, the interface to search is just a single form field where the user enters one or more search terms. The minimum expectation is that the search returns file names and links to files that:
* have a file name that contains at least one of the search terms
* contain at least one of the search terms in the file contents
* have meta data that is equal or contains one of the search terms
* have metadata that is equal or contains one of the search terms
## Decision Drivers
* The standard user should not be bothered by a query syntax
* The power user should also be able to narrow his search with an efficient and flexible syntax
* We need to consider different backend technologies which we need to access through an abstraction layer
* Using different indexing systems should lead to a slightly different feature set whitout changing the syntax completely
* Using different indexing systems should lead to a slightly different feature set without changing the syntax completely
## Considered Options
@@ -65,16 +65,16 @@ The Lucene Query Parser syntax supports advanced queries like term, phrase, wild
* Good, because it is a well documented and powerful syntax
* Good, because it is very close to the Elasticsearch and the Solr syntax which enhances compatibility
* Bad, because there is no powerful and well tested query parser for golang available
* Bad, because it adds complexity and fulfilling all the different query usecases can be an "uphill battle"
* Bad, because it adds complexity and fulfilling all the different query use-cases can be an "uphill battle"
### Solr Query Language
Solr is highly reliable, scalable and fault tolerant, providing distributed indexing, replication and load-balanced querying, automated failover and recovery, centralized configuration and more. Solr powers the search and navigation features of many of the world's largest internet sites.
Solr is highly reliable, scalable and fault-tolerant, providing distributed indexing, replication and load-balanced querying, automated failover and recovery, centralized configuration and more. Solr powers the search and navigation features of many of the world's largest internet sites.
* Good, because it is a well documented and powerful syntax
* Good, because it is very close to the Elasticsearch and the Lucene syntax which enhances compatibility
* Good, because it has a strong community with large resources and knowledge
* Bad, because it adds complexity and fulfilling all the different query usecases can be an "uphill battle"
* Bad, because it adds complexity and fulfilling all the different query use-cases can be an "uphill battle"
### Elasticsearch Query Language
@@ -83,8 +83,8 @@ Elasticsearch provides a full Query DSL (Domain Specific Language) based on JSON
* Good, because it is a well documented and powerful syntax
* Good, because it is very close to the Elasticsearch and the Solr syntax which enhances compatibility
* Good, because there is a stable and well tested go client which brings a query builder
* Good, because it could be used as the query language which supports different search backends by just implementing what is needed for our usecase
* Bad, because it adds complexity and fulfilling all the different query usecases can be an "uphill battle"
* Good, because it could be used as the query language which supports different search backends by just implementing what is needed for our use-case
* Bad, because it adds complexity and fulfilling all the different query use-cases can be an "uphill battle"
## Links

2
docs/ocis/deployment/_index.md
View File

@@ -34,7 +34,7 @@ oCIS uses two system users which are needed for being operational:
Both have simple default passwords which need to be changed. Currently, changing a password is only possible on the command line. You need to run `ocis accounts update --password <new-password> <id>` for both users.
The new password for the Reva Inter Operability Platform user must be made available to oCIS by using the environment variable `STORAGE_LDAP_BIND_PASSWORD`. The same applies to the new Kopano IDP user password, which needs do be made available to oCIS in `IDP_LDAP_BIND_PASSWORD`.
The new password for the Reva Inter Operability Platform user must be made available to oCIS by using the environment variable `STORAGE_LDAP_BIND_PASSWORD`. The same applies to the new Kopano IDP user password, which needs to be made available to oCIS in `IDP_LDAP_BIND_PASSWORD`.
Furthermore, oCIS uses a shared secret to sign JWT tokens for inter service authorization, which also needs to be changed by the user.
You can change it by setting the `OCIS_JWT_SECRET` environment variable for oCIS to a random string.

4
docs/ocis/deployment/basic-remote-setup.md
View File

@@ -11,7 +11,7 @@ geekdocFilePath: basic-remote-setup.md
The default configuration of the oCIS binary and the `owncloud/ocis` docker image assume, that you access oCIS on `localhost`. This enables you to do quick testing and development without any configuration.
If you need to access oCIS running in a docker container, on a VM or a remote machine via an other hostname than `localhost`, you need to configure this hostname in oCIS. The same applies if you are not using hostnames but instead an IP (eg. `192.168.178.25`).
If you need to access oCIS running in a docker container, on a VM or a remote machine via another hostname than `localhost`, you need to configure this hostname in oCIS. The same applies if you are not using hostnames but instead an IP (e.g. `192.168.178.25`).
## Start the oCIS fullstack server from binary
@@ -31,7 +31,7 @@ For the following examples you need to have the oCIS binary in your current work
### Using automatically generated certificates
In order to run oCIS with automatically generated and self signed certificates please execute following command. You need to replace `your-host` with an IP or hostname. Since you have only self signed certificates you need to have `OCIS_INSECURE` set to `true`.
In order to run oCIS with automatically generated and self-signed certificates please execute following command. You need to replace `your-host` with an IP or hostname. Since you have only self-signed certificates you need to have `OCIS_INSECURE` set to `true`.
```bash
OCIS_INSECURE=true \

12
docs/ocis/deployment/bridge.md
View File

@@ -9,7 +9,7 @@ geekdocFilePath: bridge.md
{{< toc >}}
We are planning to build a bridge from ownCloud 10 to ocis. The idea is to have a reverse proxy infront of ownCloud 10 that will forward requests to ownCloud 10 or ocis-reva, depending on the migration status of the logged in user.
We are planning to build a bridge from ownCloud 10 to ocis. The idea is to have a reverse proxy in front of ownCloud 10 that will forward requests to ownCloud 10 or ocis-reva, depending on the migration status of the logged-in user.
This document is a work in progress of the current setup.
@@ -80,7 +80,7 @@ We are going to use the built binary and ownCloud 10 graphapi app to turn ownClo
#### configure it
While ocis can be configured using environment variables, eg. for a docker compose setup we are going to use a more traditional config file here.
While ocis can be configured using environment variables, e.g. for a docker compose setup we are going to use a more traditional config file here.
Create a config file for ocis in either `/etc/ocis`, `$HOME/.ocis` or `./.config`. You can use `.json`, `.yaml` or `.toml`. I will use toml here, because ... reasons.
```toml
@@ -191,7 +191,7 @@ ERROR:
#### Set environment variables
The built in [libregraph/lico](https://github.com/libregraph/lico) needs environment variables to configure the LDAP server:
The built-in [libregraph/lico](https://github.com/libregraph/lico) needs environment variables to configure the LDAP server:
```console
export OCIS_URL=https://ocis.ocis.test
export IDP_LDAP_URI=ldap://127.0.0.1:9125
@@ -226,7 +226,7 @@ $ ocis/bin/ocis idp server --iss http://127.0.0.1:9130 --signing-kid gen1-2020-0
{{< hint warning >}}
* TODO: the port in the `--iss` needs to be changed when hiding the idp behind the proxy
* TODO: the signing keys and encryption keys should be precerated so they are reused between restarts. Otherwise all client sessions will become invalid when restarting the IdP.
* TODO: the signing keys and encryption keys should be precreated so they are reused between restarts. Otherwise all client sessions will become invalid when restarting the IdP.
{{< /hint >}}
@@ -275,7 +275,7 @@ $ bin/web server --web-config-server https://cloud.example.com --oidc-authority
`ocis-web` needs to know
- `--web-config-server https://cloud.example.com` is ownCloud url with webdav and ocs endpoints (oc10 or ocis)
- `--oidc-authority https://192.168.1.100:9130` the openid connect issuing authority, in our case `oidc-idp`, running on port 9130
- `--oidc-metadata-url https://192.168.1.100:9130/.well-known/openid-configuration` the openid connect configuration endpoint, typically the issuer host with `.well-known/openid-configuration`, but there are cases when another endpoint is used, eg. ping identity provides multiple endpoints to separate domains
- `--oidc-metadata-url https://192.168.1.100:9130/.well-known/openid-configuration` the openid connect configuration endpoint, typically the issuer host with `.well-known/openid-configuration`, but there are cases when another endpoint is used, e.g. ping identity provides multiple endpoints to separate domains
- `--oidc-client-id ocis` the client id we will register later with `ocis-idp` in the `identifier-registration.yaml`
### Patch owncloud
@@ -304,7 +304,7 @@ $CONFIG = [
'client-id' => 'ocis',
'loginButtonName' => 'OpenId Connect @ Konnectd',
],
'debug' => true, // if using self signed certificates
'debug' => true, // if using self-signed certificates
// allow the different domains access to the ocs and webdav endpoints:
'cors.allowed-domains' => [
'https://cloud.example.com',

2
docs/ocis/deployment/kubernetes.md
View File

@@ -17,7 +17,7 @@ Formally described as:
_[source](https://kubernetes.io/docs/concepts/overview/what-is-kubernetes/)_
Without getting too deep in definitions, and for the purpose of compactness, Kubernetes can be summarized as a way of managing containers that run applications to ensure that there is no downtime and a optimal usage of resources. It provides with a framework in which to run distributed systems.
Without getting too deep in definitions, and for the purpose of compactness, Kubernetes can be summarized as a way of managing containers that run applications to ensure that there is no downtime and an optimal usage of resources. It provides with a framework in which to run distributed systems.
Kubernetes provides you with:
- **Service discovery and load balancing**: Kubernetes can expose a container using the DNS name or using their own IP address. If traffic to a container is high, Kubernetes is able to load balance and distribute the network traffic so that the deployment is stable.

4
docs/ocis/deployment/monitoring-tracing.md
View File

@@ -13,7 +13,7 @@ Monitoring and tracing gives developers and admin insights into a complex system
If you are a developer and want to trace during developing you should have a look at [example server setup]({{< ref "../development/tracing" >}}).
This documentation describes how to set up a long running monitoring & tracing infrastructure for one or multiple oCIS servers or deployments. After reading this guide, you also should know everything needed to integrate oCIS into your existing monitoring and tracing infrastructure.
This documentation describes how to set up a long-running monitoring & tracing infrastructure for one or multiple oCIS servers or deployments. After reading this guide, you also should know everything needed to integrate oCIS into your existing monitoring and tracing infrastructure.
# Overview about the proposed solution
@@ -25,7 +25,7 @@ We assume that you already have oCIS deployed on one or multiple servers by usin
Telegraf will collect host metrics (CPU, RAM, network, processes, ...) and docker metrics (per container CPU, RAM, network, ...). Telegraf is also configured to scrape metrics from Prometheus metric endpoints which oCIS exposes, this is done by the Prometheus input plugin . The metrics from oCIS and all other metrics gathered will be exposed with the Prometheus output plugin and can therefore be scraped by our monitoring & tracing server.
Jaeger agent is is being configured as target for traces in oCIS. It then will receive traces from all oCIS extensions, add some process tags to them and forward them to our Jaeger collector on our monitoring & tracing server.
Jaeger agent is being configured as target for traces in oCIS. It then will receive traces from all oCIS extensions, add some process tags to them and forward them to our Jaeger collector on our monitoring & tracing server.
For more information and how to deploy it, see [monitoring & tracing client](https://github.com/owncloud-devops/monitoring-tracing-client).

24
docs/ocis/deployment/oc10_ocis_parallel.md
View File

@@ -12,7 +12,7 @@ geekdocFilePath: oc10_ocis_parallel.md
## Overview
- This setup reflects [stage 6 of the oC10 to oCIS migration plan]({{< ref "migration#stage-6-parallel-deployment" >}})
- Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
- Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
- OpenLDAP server with demo users
- LDAP admin interface to edit users
- Keycloak as OpenID Connect provider in federation with the LDAP server
@@ -35,7 +35,7 @@ geekdocFilePath: oc10_ocis_parallel.md
- four domains set up and pointing to your server
- cloud.\* for serving oCIS
- keycloak.\* for serving Keycloak
- ldap .\* for serving the LDAP managment UI
- ldap .\* for serving the LDAP management UI
- traefik.\* for serving the Traefik dashboard
See also [example server setup]({{< ref "preparing_server" >}})
@@ -60,7 +60,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
### Traefik settings ###
TRAEFIK_LOG_LEVEL=
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -100,7 +100,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
LDAP_MANAGER_DOMAIN=
### Keycloak ###
# Domain of Keycloak, where you can find the managment and authentication frontend. Defaults to "keycloak.owncloud.test"
# Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test"
KEYCLOAK_DOMAIN=
# Realm which to be used with oC10 and oCIS. Defaults to "owncloud"
KEYCLOAK_REALM=
@@ -112,17 +112,17 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, eg. `CLOUD_DOMAIN=cloud.owncloud.test`.
Set your domain for the oC10 and oCIS frontend in `CLOUD_DOMAIN=`, e.g. `CLOUD_DOMAIN=cloud.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
By default ownCloud 10 will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OC10_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
@@ -130,11 +130,11 @@ See also [example server setup]({{< ref "preparing_server" >}})
In oder to change the default link open action which defaults to the classic UI (`OWNCLOUD_WEB_REWRITE_LINKS=false`) you can set it to `OWNCLOUD_WEB_REWRITE_LINKS=true`. This will lead to links being opened in ownCloud Web.
The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep theses examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`.
The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`.
Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, eg. `ldap.owncloud.test`.
Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`.
Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` eg. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`.
Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`.
Changing the used Keycloak realm can be done by setting `KEYCLOAK_REALM=`. This defaults to the ownCloud realm `KEYCLOAK_REALM=owncloud`. The ownCloud realm will be automatically imported on startup and includes our demo users.
@@ -152,7 +152,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:

16
docs/ocis/deployment/ocis_hello.md
View File

@@ -13,7 +13,7 @@ geekdocFilePath: ocis_hello.md
- oCIS running behind Traefik as reverse proxy
- oCIS Hello extension runs beside the main oCIS stack and providing the Hello functionality
- Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
- Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_hello)
@@ -21,7 +21,7 @@ The docker stack consists of 3 containers. One of them is Traefik, a proxy which
The next container is oCIS itself in a configuration like the [oCIS with Traefik example]({{< ref "ocis_traefik" >}}), except that for this example a custom proxy and web UI configuration is used to enable the oCIS Hello extension.
The oCIS Hello extension is running in another container and enables you to use its' functionality from within ownCloud Web.
The oCIS Hello extension is running in another container and enables you to use its functionality from within ownCloud Web.
## Server Deployment
@@ -53,7 +53,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -85,17 +85,17 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
By default the oCIS Hello extension will be started in the `latest` version. If you want to start a specific version of oCIS Hello set the version to `OCIS_HELLO_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis-hello/tags?page=1&ordering=last_updated).
@@ -111,7 +111,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:

16
docs/ocis/deployment/ocis_individual_services.md
View File

@@ -12,8 +12,8 @@ geekdocFilePath: ocis_individual_services.md
## Overview
* oCIS running behind Traefik as reverse proxy
* Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
* oCIS running as individual services (each extension in it's own containers)
* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
* oCIS running as individual services (each extension in its own containers)
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_individual_services)
@@ -51,7 +51,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -81,17 +81,17 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default ocis will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also can run more than one instance of the service by setting `OCIS_SCALE` to number greater than one.
@@ -106,7 +106,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
## Local setup
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
```

16
docs/ocis/deployment/ocis_keycloak.md
View File

@@ -13,7 +13,7 @@ geekdocFilePath: ocis_keycloak.md
* oCIS and Keycloak running behind Traefik as reverse proxy
* Keycloak acting as the IDP for oCIS
* Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_keycloak)
@@ -55,7 +55,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -96,21 +96,21 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
If you want to change the OIDC client id of th ownCloud Web frontend, you can do this by setting the name to `OCIS_OIDC_CLIENT_ID=`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` eg. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`.
Set your domain for the Keycloak administration panel and authentication endpoints to `KEYCLOAK_DOMAIN=` e.g. `KEYCLOAK_DOMAIN=keycloak.owncloud.test`.
Changing the used Keycloak realm can be done by setting `KEYCLOAK_REALM=`. This defaults to the oCIS realm `KEYCLOAK_REALM=oCIS`. The oCIS realm will be automatically imported on startup and includes our demo users.
@@ -127,7 +127,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
## Local setup
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
```

20
docs/ocis/deployment/ocis_ldap.md
View File

@@ -12,7 +12,7 @@ geekdocFilePath: ocis_ldap.md
## Overview
- Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
- Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
- OpenLDAP server with demo users
- LDAP admin interface to edit users
- oCIS running behind Traefik as reverse proxy
@@ -27,7 +27,7 @@ geekdocFilePath: ocis_ldap.md
- Linux server with docker and docker-compose installed
- four domains set up and pointing to your server
- ocis.\* for serving oCIS
- ldap .\* for serving the LDAP managment UI
- ldap .\* for serving the LDAP management UI
- traefik.\* for serving the Traefik dashboard
See also [example server setup]({{< ref "preparing_server" >}})
@@ -51,7 +51,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -83,21 +83,21 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=cloud.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=cloud.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep theses examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`.
The OpenLDAP server in this example deployment has an admin users, which is also used as bind user in order to keep these examples simple. You can change the default password "admin" to a different one by setting it to `LDAP_ADMIN_PASSWORD=...`.
Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, eg. `ldap.owncloud.test`.
Set your domain for the LDAP manager UI in `LDAP_MANAGER_DOMAIN=`, e.g. `ldap.owncloud.test`.
Now you have configured everything and can save the file.
@@ -111,7 +111,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:

20
docs/ocis/deployment/ocis_s3.md
View File

@@ -14,7 +14,7 @@ geekdocFilePath: ocis_s3.md
* oCIS running behind Traefik as reverse proxy
* MinIO as S3 compatible storage provider
* oCIS is configured to use S3 as user storage provider
* Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_s3)
@@ -22,7 +22,7 @@ The docker stack consists 3 containers. One of them is Traefik, a proxy which is
The next container is oCIS itself in a configuration like the [oCIS with Traefik example]({{< ref "ocis_traefik" >}}), except that it will use S3 as user storage.
The last container is MinIO, providing a S3 compatible API, where oCIS will store its' data.
The last container is MinIO, providing a S3 compatible API, where oCIS will store its data.
## Server Deployment
@@ -55,7 +55,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -94,23 +94,23 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
Set your domain for the MinIO frontend in `MINIO_DOMAIN=`, eg. `MINIO_DOMAIN=minio.owncloud.test`. If you are using other S3-compatible providers you need to configure the respective endpoint here.
Set your domain for the MinIO frontend in `MINIO_DOMAIN=`, e.g. `MINIO_DOMAIN=minio.owncloud.test`. If you are using other S3-compatible providers you need to configure the respective endpoint here.
If you like you can change the default name of the S3 bucket by setting `MINIO_BUCKET=` to a different value.
You also must override the S3 bucket credentials in `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY` in order to secure your MinIO instance. Choose some random strings eg. from the output of `openssl rand -base64 32`.
You also must override the S3 bucket credentials in `MINIO_ACCESS_KEY` and `MINIO_SECRET_KEY` in order to secure your MinIO instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`.
Now you have configured everything and can save the file.
@@ -123,7 +123,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
## Local setup
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
```

14
docs/ocis/deployment/ocis_traefik.md
View File

@@ -12,7 +12,7 @@ geekdocFilePath: ocis_traefik.md
## Overview
* oCIS running behind Traefik as reverse proxy
* Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_traefik)
@@ -50,7 +50,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -78,17 +78,17 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default ocis will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
Now you have configured everything and can save the file.
@@ -101,7 +101,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
## Local setup
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` on Windows to `C:\Windows\System32\Drivers\etc\hosts` file like this:
```

16
docs/ocis/deployment/ocis_wopi.md
View File

@@ -18,7 +18,7 @@ OnlyOffice and CodiMD are not yet fully integrated and there are known issues. F
* oCIS, Wopi server, Collabora, OnlyOffice and CodiMD running behind Traefik as reverse proxy
* Collabora, OnlyOffice and CodiMD enable you to edit documents in your browser
* Wopi server acts as a bridge to make the oCIS storage accessible to Collabora, OnlyOffice and CodiMD
* Traefik generating self signed certificates for local setup or obtaining valid SSL certificates for a server setup
* Traefik generating self-signed certificates for local setup or obtaining valid SSL certificates for a server setup
[Find this example on GitHub](https://github.com/owncloud/ocis/tree/master/deployments/examples/ocis_wopi)
@@ -64,7 +64,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
INSECURE=true
### Traefik settings ###
# Serve Treafik dashboard. Defaults to "false".
# Serve Traefik dashboard. Defaults to "false".
TRAEFIK_DASHBOARD=
# Domain of Traefik, where you can find the dashboard. Defaults to "traefik.owncloud.test"
TRAEFIK_DOMAIN=
@@ -120,17 +120,17 @@ See also [example server setup]({{< ref "preparing_server" >}})
You are installing oCIS on a server and Traefik will obtain valid certificates for you so please remove `INSECURE=true` or set it to `false`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` eg. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
If you want to use the Traefik dashboard, set TRAEFIK_DASHBOARD to `true` (default is `false` and therefore not active). If you activate it, you must set a domain for the Traefik dashboard in `TRAEFIK_DOMAIN=` e.g. `TRAEFIK_DOMAIN=traefik.owncloud.test`.
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (eg. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
The Traefik dashboard is secured by basic auth. Default credentials are the user `admin` with the password `admin`. To set your own credentials, generate a htpasswd (e.g. by using [an online tool](https://htpasswdgenerator.de/) or a cli tool).
Traefik will issue certificates with LetsEncrypt and therefore you must set an email address in `TRAEFIK_ACME_MAIL=`.
By default oCIS will be started in the `latest` version. If you want to start a specific version of oCIS set the version to `OCIS_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/owncloud/ocis/tags?page=1&ordering=last_updated).
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, eg. `OCIS_DOMAIN=ocis.owncloud.test`.
Set your domain for the oCIS frontend in `OCIS_DOMAIN=`, e.g. `OCIS_DOMAIN=ocis.owncloud.test`.
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings eg. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
You also must override the default secrets in `IDP_LDAP_BIND_PASSWORD`, `STORAGE_LDAP_BIND_PASSWORD`, `OCIS_JWT_SECRET`, `STORAGE_TRANSFER_SECRET` and `OCIS_MACHINE_AUTH_API_KEY` in order to secure your oCIS instance. Choose some random strings e.g. from the output of `openssl rand -base64 32`. For more information see [secure an oCIS instance]({{< ref "./#secure-an-ocis-instance" >}}).
By default the CS3Org WOPI server will also be started in the `latest` version. If you want to start a specific version of it, you can set the version to `WOPISERVER_DOCKER_TAG=`. Available versions can be found on [Docker Hub](https://hub.docker.com/r/cs3org/wopiserver/tags?page=1&ordering=last_updated).
@@ -140,7 +140,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
Now it's time to set up Collabora and you need to configure the domain of Collabora in `COLLABORA_DOMAIN=`.
If you want to use the Collabora admin panel you need to set user name and passwort for in `COLLABORA_ADMIN_USER=` and `COLLABORA_ADMIN_PASSWORD=`.
If you want to use the Collabora admin panel you need to set user name and password for in `COLLABORA_ADMIN_USER=` and `COLLABORA_ADMIN_PASSWORD=`.
Next up is OnlyOffice, which also needs a domain in `ONLYOFFICE_DOMAIN=`.
@@ -157,7 +157,7 @@ See also [example server setup]({{< ref "preparing_server" >}})
## Local setup
For a more simple local ocis setup see [Getting started]({{< ref "../getting-started" >}})
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
This docker stack can also be run locally. One downside is that Traefik can not obtain valid SSL certificates and therefore will create self-signed ones. This means that your browser will show scary warnings. Another downside is that you can not point DNS entries to your localhost. So you have to add static host entries to your computer.
On Linux and macOS you can add them to your `/etc/hosts` files like this:
```

4
docs/ocis/deployment/systemd.md
View File

@@ -40,7 +40,7 @@ For reasons of simplicity we are using the root user and group to run oCIS which
In the service definition we referenced `/etc/ocis/ocis.env` as our file containing environment variables for the oCIS process.
In order to create the file we need first to create the folder `/etc/ocis/` and than we can add the actual `/etc/ocis/ocis.env` with following content:
In order to create the file we need first to create the folder `/etc/ocis/` and then we can add the actual `/etc/ocis/ocis.env` with following content:
```
OCIS_URL=https://some-hostname-or-ip:9200
@@ -57,7 +57,7 @@ PROXY_TRANSPORT_TLS_CERT=/etc/ocis/proxy/server.crt
PROXY_TRANSPORT_TLS_KEY=/etc/ocis/proxy/server.key
```
Please change your `OCIS_URL` in order to reflect your actual deployment. If you are using self signed certificates you need to set `OCIS_INSECURE=true` in `/etc/ocis/ocis.env`.
Please change your `OCIS_URL` in order to reflect your actual deployment. If you are using self-signed certificates you need to set `OCIS_INSECURE=true` in `/etc/ocis/ocis.env`.
## Starting the oCIS service

10
docs/ocis/development/debugging.md
View File

@@ -13,7 +13,7 @@ geekdocFilePath: debugging.md
As a single binary for easy deployment running `ocis server` just forks itself to start all the services, which makes debugging those processes a little harder.
Ultimately, we want to be able to stop a single service using eg. `ocis kill web` so that you can start the service you want to debug in debug mode. We need to [change the way we fork processes](https://github.com/owncloud/ocis/issues/77) though, otherwise the runtime will automatically restart a service if killed.
Ultimately, we want to be able to stop a single service using e.g. `ocis kill web` so that you can start the service you want to debug in debug mode. We need to [change the way we fork processes](https://github.com/owncloud/ocis/issues/77) though, otherwise the runtime will automatically restart a service if killed.
### Start ocis
@@ -135,7 +135,7 @@ bin/ocis --log-level=$LOG_LEVEL proxy &
# kill 17628
```
4. Start the service you are interested in in debug mode. When using make to build the binary there is already a `bin/ocis-debug` binary for you. When running an IDE tell it which service to start by providing the corresponding sub command, eg. `bin\ocis-debug reva-frontend`.
4. Start the service you are interested in debug mode. When using make to build the binary there is already a `bin/ocis-debug` binary for you. When running an IDE tell it which service to start by providing the corresponding sub command, e.g. `bin\ocis-debug reva-frontend`.
### Gather error messages
@@ -160,7 +160,7 @@ This popped up when I tried to add `marie` as a collaborator in ownCloud Web. Th
```
{{< hint info >}}
The username and password only work when basic auth is available. Otherwise you have to obtain a bearer token, eg. by grabbing it from the browser.
The username and password only work when basic auth is available. Otherwise you have to obtain a bearer token, e.g. by grabbing it from the browser.
{{< /hint >}}
{{< hint danger >}}
TODO add ocis cli tool to obtain a bearer token.
@@ -190,7 +190,7 @@ The last line gives us a hint where the log message originated: `.../github.com/
95: }
```
Ok, so this seems to be a convenience method that is called from multiple places an also handles errors. Unfortunately, this hides the actual source of the error. We could set a breakpoint in line 94 and reproduce the problem, which can be a lot harder than just clicking the share button or sending a curl request again. So let us see what else the log tells us.
Ok, so this seems to be a convenience method that is called from multiple places and also handles errors. Unfortunately, this hides the actual source of the error. We could set a breakpoint in line 94 and reproduce the problem, which can be a lot harder than just clicking the share button or sending a curl request again. So let us see what else the log tells us.
The previous line tells us that a Stat request failed: `uri=/cs3.gateway.v1beta1.GatewayAPI/Stat`. This time the line is written by the grpc log interceptor. What else is there?
@@ -214,7 +214,7 @@ replace github.com/cs3org/reva => ../reva
```
{{< hint info >}}
The username and password only work when basic auth is available. Otherwise you have to obtain a bearer token, eg. by grabbing it from the browser.
The username and password only work when basic auth is available. Otherwise you have to obtain a bearer token, e.g. by grabbing it from the browser.
{{< /hint >}}
Rebuild ocis to make sure the dependency is used. It should be sufficient to just restart the service you want to debug.

4
docs/ocis/development/extensions.md
View File

@@ -42,7 +42,7 @@ ownCloud Web allows you to write an extension for itself and therefore offers a
To make ownCloud Web pick up your extension, you need to activate it in the configuration like seen in the [Hello extension](https://owncloud.dev/extensions/ocis_hello/running/#configure-and-start-ocis).
For a consistent look and feel, ownCloud Web uses a external design library, the [ownCloud design system](https://github.com/owncloud/owncloud-design-system). Since its classes and components are available through the wrapping `web runtime`, we highly recommend you to leverage it in your extension as well.
For a consistent look and feel, ownCloud Web uses an external design library, the [ownCloud design system](https://github.com/owncloud/owncloud-design-system). Since its classes and components are available through the wrapping `web runtime`, we highly recommend you to leverage it in your extension as well.
### Settings
@@ -52,7 +52,7 @@ An extension likely has some behaviour which the user can configure. Fundamental
The Proxy is an API gateway and acts as the single connection point where all external request from users and devices need to pass through.
To make sure that requests can reach your extension's API, you need to register one or multiple endpoints at the proxy. The registration is a easy task and can be seen best on the [oCIS Hello example](https://owncloud.dev/extensions/ocis_hello/running/#configure-and-start-ocis).
To make sure that requests can reach your extension's API, you need to register one or multiple endpoints at the proxy. The registration is an easy task and can be seen best on the [oCIS Hello example](https://owncloud.dev/extensions/ocis_hello/running/#configure-and-start-ocis).
As files in ownCloud must always stay private (unless you share them with your friends or coworkers), requests to oCIS have an authenticated user context. This user context is also available to your extension and can be used to interact with the user's files. How to get the user context and authentication can be seen on the [oCIS Hello example](https://owncloud.dev/extensions/ocis_hello/settings/#account-uuid).

4
docs/ocis/development/getting-started.md
View File

@@ -25,9 +25,9 @@ If you find tools needed besides the mentioned above, please feel free to open a
## Repository structure
oCIS consists of multiple micro services, also called extensions. We started by having standalone repositories for each of them, but quickly noticed that this adds a time consuming overhead for developers. So we ended up with a monorepo housing all the extensions in one repository.
oCIS consists of multiple microservices, also called extensions. We started by having standalone repositories for each of them, but quickly noticed that this adds a time-consuming overhead for developers. So we ended up with a monorepo housing all the extensions in one repository.
Each extension lives in a subfolder (eg. `accounts` or `settings`) within this repository as an independent Go module, following the [golang-standard project-layout](https://github.com/golang-standards/project-layout). They have common Makefile targets and can be used to change, build and run individual extensions. This allows us to version and release each extension independently.
Each extension lives in a subfolder (e.g. `accounts` or `settings`) within this repository as an independent Go module, following the [golang-standard project-layout](https://github.com/golang-standards/project-layout). They have common Makefile targets and can be used to change, build and run individual extensions. This allows us to version and release each extension independently.
The `ocis` folder contains our [go-micro](https://github.com/asim/go-micro/) and [suture](https://github.com/thejerf/suture) based runtime. It is used to import all extensions and implements commands to manage them, similar to a small orchestrator. With the resulting oCIS binary you can start single extensions or even all extensions at the same time.

2
docs/ocis/development/testing.md
View File

@@ -55,7 +55,7 @@ This must be pointing to a valid feature definition.
### oCIS image to be tested (or: skip build and take existing image)
By default, the tests will be run against the docker image built from your current working state of the oCIS repository. For some purposes it might also be handy to use a oCIS image from Docker Hub. Therefore you can provide the optional flag `OCIS_IMAGE_TAG=...` which must contain an available docker tag of the [owncloud/ocis registry on Docker Hub](https://hub.docker.com/r/owncloud/ocis) (eg. 'latest').
By default, the tests will be run against the docker image built from your current working state of the oCIS repository. For some purposes it might also be handy to use a oCIS image from Docker Hub. Therefore you can provide the optional flag `OCIS_IMAGE_TAG=...` which must contain an available docker tag of the [owncloud/ocis registry on Docker Hub](https://hub.docker.com/r/owncloud/ocis) (e.g. 'latest').
```
make -C tests/acceptance/docker localApiTests-apiAccountsHashDifficulty-ocis OCIS_IMAGE_TAG=latest

6
docs/ocis/getting-started/_index.md
View File

@@ -33,11 +33,11 @@ You can find the latest official release of oCIS at [our download mirror](https:
The latest build from the master branch can be found at [our download mirrors daily section](https://download.owncloud.com/ocis/ocis/daily/). Pre-Releases are available at [our download mirrors testing section](https://download.owncloud.com/ocis/ocis/testing/).
To run oCIS as binary you need to download it first and then run the following commands.
For this example, assuming version 1.19.1 of oCIS running on a Linux AMD64 host:
For this example, assuming version 1.20.0 of oCIS running on a Linux AMD64 host:
```console
# download
curl https://download.owncloud.com/ocis/ocis/stable/1.19.1/ocis-1.19.1-linux-amd64 --output ocis
curl https://download.owncloud.com/ocis/ocis/stable/1.20.0/ocis-1.20.0-linux-amd64 --output ocis
# make binary executable
chmod +x ocis
@@ -72,7 +72,7 @@ When you're using oCIS with self-signed certificates, you need to set the enviro
{{< /hint >}}
{{< hint warming >}}
When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `ACCOUNTS_DEMO_USERS_AND_GROUPS=true`, you need to be sure that this instance is not used in prodution because the passwords are public.
When you're creating the [demo users]({{< ref "./demo-users" >}}) by setting `ACCOUNTS_DEMO_USERS_AND_GROUPS=true`, you need to be sure that this instance is not used in production because the passwords are public.
{{< /hint >}}
{{< hint warning >}}

2
docs/ocis/getting-started/demo-users.md
View File

@@ -10,7 +10,7 @@ geekdocFilePath: demo-users.md
oCIS has the option to create demo users during the first startup. These enable you to do quick testing and developing.
{{< hint info >}}
To create the demo users, run the inital setup step with an additional environment variable.
To create the demo users, run the initial setup step with an additional environment variable.
`ACCOUNTS_DEMO_USERS_AND_GROUPS=true ./bin/ocis server` will generate the demo users listed in the table below. By default, it only generates the admin and one user for IDP and Reva respectively.
{{< /hint >}}

6
docs/ocis/migration.md
View File

@@ -269,7 +269,7 @@ _Feel free to add your question as a PR to this document using the link at the t
<div style="break-after: page"></div>
### Stage-5: introduce user aware proxy
In the previous stages oCIS was only accessible for administrators with access to the network. To expose only a single service to the internet, oCIS comes with a user aware proxy that can be used to route requests to the existing ownCloud 10 installation or oCIS, based on the authenticated user. The proxy uses OIDC to identify the logged in user and route them to the configured backend.
In the previous stages oCIS was only accessible for administrators with access to the network. To expose only a single service to the internet, oCIS comes with a user aware proxy that can be used to route requests to the existing ownCloud 10 installation or oCIS, based on the authenticated user. The proxy uses OIDC to identify the logged-in user and route them to the configured backend.
#### User impact
The IP address of the ownCloud host changes. There is no change for the file sync and share functionality when requests are handled by the oCIS codebase as it uses the same database and storage system as owncloud 10.
@@ -537,7 +537,7 @@ data
│ ├── thumbnails
│ │ └── 123
│ │ │ ├── 2048-1536-max.png
│ │ │ └── 32-32.png // the file id, eg. of /Photos/Portugal.jpg
│ │ │ └── 32-32.png // the file id, e.g. of /Photos/Portugal.jpg
│ └── uploads
├── marie
│ ├── cache
@@ -553,7 +553,7 @@ data
The *data directory* may also contain subfolders for ownCloud 10 applications like `avatars`, `gallery`, `files_external` and `cache`.
When an object storage is used as the primary storage all file blobs are stored by their file id and a prefix, eg.: `urn:oid:<fileid>`.
When an object storage is used as the primary storage all file blobs are stored by their file id and a prefix, e.g.: `urn:oid:<fileid>`.
The three types of blobs we need to migrate are stored in
- `files` for file blobs, the current file content,

6
docs/ocis/release_notes.md
View File

@@ -20,7 +20,7 @@ The most prominent changes in ownCloud Infinite Scale 1.20.0 and ownCloud Web 5.
* All sharing options (users & links) are now united in one panel in ownCloud Web. [web#6701](https://github.com/owncloud/web/pull/6701)
* The "Media Viewer" in ownCloud Web has been renamed to "Preview". [web#6514](https://github.com/owncloud/web/pull/6514)
* ownCloud Web now has support for audio playback in "Preview" (e.g., MP3, WAV, FLAC, OGG). [web#6514](https://github.com/owncloud/web/pull/6514)
* The feedback link in ownCloud Web is now customizable. See https://owncloud.dev/clients/web/getting-started/#options for more information. [web#6702](https://github.com/owncloud/web/issues/6702)
* The feedback link in ownCloud Web is now customizable. See https://owncloud.dev/clients/web/getting-started/#options for more information. [web#6702](https://github.com/owncloud/web/issues/6702)
* ownCloud Web now supports full screen mode for external apps like web office. [web#6688](https://github.com/owncloud/web/pull/6688)
* ownCloud Web introduces an integrated PDF viewer that user native browser capabilities. [web#6654](https://github.com/owncloud/web/pull/6654)
* The Text Editor in ownCloud Web has received a couple of improvements. [web#6667](https://github.com/owncloud/web/pull/6667)
@@ -150,7 +150,7 @@ We are currently in a Tech Preview state and breaking changes may occur at any t
## ownCloud Infinite Scale 1.17.0 Technology Preview
Version 1.17.0 brings major changes, new features and improvements. The Infinite Scale backend introduces an event system as an important platform component and adds support for file locking. ownCloud Web 5.0.0 comes with a full rework of the design and user experience and introduces initial support for the 'Spaces' feauture. Additionally ownCloud Web now supports Collabora Online with the ownCloud 10 backend.
Version 1.17.0 brings major changes, new features and improvements. The Infinite Scale backend introduces an event system as an important platform component and adds support for file locking. ownCloud Web 5.0.0 comes with a full rework of the design and user experience and introduces initial support for the 'Spaces' feature. Additionally ownCloud Web now supports Collabora Online with the ownCloud 10 backend.
The most prominent changes in ownCloud Infinite Scale 1.17.0 and ownCloud Web 5.0.0 comprise:
@@ -529,7 +529,7 @@ You have to follow these steps to be able to access your data again in oCIS:
1. stop oCIS
1. navigate to `/var/tmp/ocis/storage/users/nodes/root/`
1. in this directory you will find directories with UUID as names. These are the home folders of the oCIS users. Find the ones with content your oCIS users uploaded to oCIS.
1. create an temporary directory eg. `/tmp/dereferenced-ocis-storage`
1. create an temporary directory e.g. `/tmp/dereferenced-ocis-storage`
1. copy the data from oCIS to the temporary directory while dereferencing symlinks. On Linux you can do this by running `cp --recursive --dereference /var/tmp/ocis/storage/users/nodes/root/ /tmp/dereferenced-ocis-storage`
1. you now have a backup of all users data in `/tmp/dereferenced-ocis-storage` and can follow our recommended update strategy above

4
docs/ocis/release_roadmap.md
View File

@@ -7,7 +7,7 @@ geekdocEditPath: edit/master/docs/ocis
geekdocFilePath: release_roadmap.md
---
You may have asked yourself why there are major version 1 tags in our GitHub repository but the Readme still states `ownCloud Infinite Scale is currently in a technical preview state. It will be subject to a lot of changes and is not yet ready for general production deployments.`. How can that be if its a major version 1?
You may have asked yourself why there are major version 1 tags in our GitHub repository but the Readme still states `ownCloud Infinite Scale is currently in a technical preview state. It will be subject to a lot of changes and is not yet ready for general production deployments.`. How can that be if it's a major version 1?
Our initial and also our current plan is to stick to SemVer as versioning scheme. But sometimes there are other factors which cross your plans. Therefore we started releasing oCIS with version `1.0.0 Tech Preview`.
@@ -19,7 +19,7 @@ We will be fixing bugs if you report them and truly appreciate every report and
We are going to stick to major version 1 until we feel confident about running oCIS in production environments. As a consequence of this we cannot raise the major version, like SemVer requires it, even if we need to introduce breaking changes. We will do our best to avoid breaking changes. If there is no way to circumvent this, we will add an automatic migration or at least point out manual migration steps, since we as oCIS developers are already using oCIS on a personal basis. The best place to see if a breaking change happens is our changelog which is available for every release. If things are not working out for you please contact us immediately. We want to know about this and solve it for you.
It isn't our intention to scare you with our addendum "Tech Preview". We want you to have a clear picture of what you can expect from oCIS. You could take it as a disclaimer or even compare it to running an Linux kernel in alpha stage. It can be very pleasing to be on the latest codebase but you could also find yourself with a lot of problems arising because of that.
It isn't our intention to scare you with our addendum "Tech Preview". We want you to have a clear picture of what you can expect from oCIS. You could take it as a disclaimer or even compare it to running a Linux kernel in alpha stage. It can be very pleasing to be on the latest codebase but you could also find yourself with a lot of problems arising because of that.
You clearly can expect a totally new experience of file-sync and share with oCIS and we want you to use it now - but with understanding and caution.

12
docs/ocis/storage-backends/cephfs.md
View File

@@ -13,14 +13,14 @@ oCIS intends to make the aspects of existing storage systems available as transp
## Development
The cephfs development happens in a [Reva branch](https://github.com/cs3org/reva/pull/1209) and is currently driven by CERN.
The cephfs development happens in a [Reva branch](https://github.com/cs3org/reva/pull/1209) and is currently driven by CERN.
## Architecture
In the original approach the driver was based on the [localfs](https://github.com/cs3org/reva/blob/a8c61401b662d8e09175416c0556da8ef3ba8ed6/pkg/storage/utils/localfs/localfs.go) driver, relying on a locally mounted cephfs. It would interface with it using the POSIX apis. This has been changed to directly call the Ceph API using https://github.com/ceph/go-ceph. It allows using the ceph admin APIs to create subvolumes for user homes and maintain a file id to path mapping using symlinks.
## Implemented Aspects
The recursive change time built ino cephfs is used to implement the etag propagation expected by the ownCloud clients. This allows oCIS to pick up changes that have been made by external tools, bypassing any oCIS APIs.
The recursive change time built ino cephfs is used to implement the etag propagation expected by the ownCloud clients. This allows oCIS to pick up changes that have been made by external tools, bypassing any oCIS APIs.
Like other filesystems cephfs uses inodes and like most other filesystems inodes are reused. To get stable file identifiers the current cephfs driver assigns every node a file id and maintains a custom fileid to path mapping in a system directory:
```
@@ -42,7 +42,7 @@ Versions are not file but snapshot based, a [native feature of cephfs](https://d
Trash is not implemented, as cephfs has no native recycle bin and instead relies on the snapshot functionality that can be triggered by end users. It should be possible to automatically create a snapshot before deleting a file. This needs to be explored.
Shares [are be mapped to ACLs](https://github.com/cs3org/reva/pull/1209/files#diff-5e532e61f99bffb5754263bc6ce75f84a30c6f507a58ba506b0b487a50eda1d9R168-R224) supported by cephfs. The share manager is used to persist the intent of a share and can be used to periodically verify or reset the ACLs on cephfs.
Shares [are mapped to ACLs](https://github.com/cs3org/reva/pull/1209/files#diff-5e532e61f99bffb5754263bc6ce75f84a30c6f507a58ba506b0b487a50eda1d9R168-R224) supported by cephfs. The share manager is used to persist the intent of a share and can be used to periodically verify or reset the ACLs on cephfs.
## Future work
- The spaces concept matches cephfs subvolumes. We can implement the CreateStorageSpace call with that, keep track of the list of storage spaces using symlinks, like for the id based lookup.
@@ -51,8 +51,8 @@ Shares [are be mapped to ACLs](https://github.com/cs3org/reva/pull/1209/files#di
- As it basically provides two lists, *shared with me* and *shared with others*, we could persist them directly on cephfs!
- If needed for redundancy, the share manager can be run multiple times, backed by the same cephfs
- To save disk io the data can be cached in memory, and invalidated using stat requests.
- A good tradeoff would be a folder for each user with a json file for each list. That way, we only have to open and read a single file when the user want's to list the shares.
- To allow deprovisioning a user the data should by sharded by userid. That way all share information belonging to a user can easily be removed from the system. If necessary it can also be restored easily by copying the user specific folder back in place.
- A good tradeoff would be a folder for each user with a json file for each list. That way, we only have to open and read a single file when the user want's to list the shares.
- To allow deprovisioning a user the data should be sharded by userid. That way all share information belonging to a user can easily be removed from the system. If necessary it can also be restored easily by copying the user specific folder back in place.
- For consistency over metadata any file blob data, backups can be done using snapshots.
- An example where einstein has shared a file with marie would look like this on disk:
```
@@ -74,4 +74,4 @@ Shares [are be mapped to ACLs](https://github.com/cs3org/reva/pull/1209/files#di
└── marie
└── sharedWithMe.json
```
- The fileids should [not be based on the path](https://github.com/cs3org/reva/pull/1209/files#diff-eba5c8b77ccdd1ac570c54ed86dfa7643b6b30e5625af191f789727874850172R125-R127) and instead use a uuid that is also persisted in the extended attributes to allow rebuilding the index from scratch if necessary.
- The fileids should [not be based on the path](https://github.com/cs3org/reva/pull/1209/files#diff-eba5c8b77ccdd1ac570c54ed86dfa7643b6b30e5625af191f789727874850172R125-R127) and instead use a uuid that is also persisted in the extended attributes to allow rebuilding the index from scratch if necessary.

4
docs/ocis/storage-backends/eos.md
View File

@@ -115,7 +115,7 @@ If the problem persists, please check the [troubleshooting section about uploads
## Further exploration
EOS has a built in shell that you can enter using
EOS has a built-in shell that you can enter using
```
$ docker-compose exec mgm-master eos
# ---------------------------------------------------------------------------
@@ -223,7 +223,7 @@ The ocis logs can be accessed using `docker-compose logs ocis`. Add `-f` for fol
1. `docker-compose exec ocis make clean build` to update the binary
2. `docker-compose exec ocis ./bin/ocis kill <service>` to kill the service
3. `docker-compose exec ocis ./bin/ocis run <service>` to start the service. Do not forget to set any env vars, eg.
3. `docker-compose exec ocis ./bin/ocis run <service>` to start the service. Do not forget to set any env vars, e.g.
`docker-compose exec -e STORAGE_HOME_DRIVER=eoshome -e STORAGE_DRIVER_EOS_LAYOUT="{{substr 0 1 .Id.OpaqueId}}/{{.Id.OpaqueId}}" ocis ./bin/ocis run storage-home`
### Creation and upload of files does not work

2
extensions/accounts/pkg/command/add_account.go
View File

@@ -6,7 +6,7 @@ import (
accountsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/accounts/v0"
accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/owncloud/ocis/extensions/accounts/pkg/flagset"
"github.com/urfave/cli/v2"

2
extensions/accounts/pkg/command/inspect_account.go
View File

@@ -10,7 +10,7 @@ import (
"github.com/owncloud/ocis/extensions/accounts/pkg/flagset"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
tw "github.com/olekukonko/tablewriter"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/urfave/cli/v2"

2
extensions/accounts/pkg/command/list_accounts.go
View File

@@ -10,7 +10,7 @@ import (
"github.com/owncloud/ocis/extensions/accounts/pkg/flagset"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
tw "github.com/olekukonko/tablewriter"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/urfave/cli/v2"

2
extensions/accounts/pkg/command/rebuild_index.go
View File

@@ -6,7 +6,7 @@ import (
accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/urfave/cli/v2"
merrors "go-micro.dev/v4/errors"

2
extensions/accounts/pkg/command/remove_account.go
View File

@@ -8,7 +8,7 @@ import (
"github.com/owncloud/ocis/extensions/accounts/pkg/flagset"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/urfave/cli/v2"
)

2
extensions/accounts/pkg/command/update_account.go
View File

@@ -9,7 +9,7 @@ import (
"github.com/owncloud/ocis/extensions/accounts/pkg/flagset"
"github.com/asim/go-micro/plugins/client/grpc/v4"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/owncloud/ocis/extensions/accounts/pkg/config"
"github.com/urfave/cli/v2"
"google.golang.org/genproto/protobuf/field_mask"

2
extensions/audit/pkg/command/server.go
View File

@@ -4,9 +4,9 @@ import (
"context"
"fmt"
"github.com/asim/go-micro/plugins/events/natsjs/v4"
"github.com/cs3org/reva/v2/pkg/events"
"github.com/cs3org/reva/v2/pkg/events/server"
"github.com/go-micro/plugins/v4/events/natsjs"
"github.com/owncloud/ocis/extensions/audit/pkg/config"
"github.com/owncloud/ocis/extensions/audit/pkg/config/parser"
"github.com/owncloud/ocis/extensions/audit/pkg/logging"

2
extensions/graph/pkg/server/http/server.go
View File

@@ -1,9 +1,9 @@
package http
import (
"github.com/asim/go-micro/plugins/events/natsjs/v4"
"github.com/cs3org/reva/v2/pkg/events/server"
chimiddleware "github.com/go-chi/chi/v5/middleware"
"github.com/go-micro/plugins/v4/events/natsjs"
graphMiddleware "github.com/owncloud/ocis/extensions/graph/pkg/middleware"
svc "github.com/owncloud/ocis/extensions/graph/pkg/service/v0"
"github.com/owncloud/ocis/ocis-pkg/account"

2
extensions/notifications/pkg/command/server.go
View File

@@ -3,9 +3,9 @@ package command
import (
"fmt"
"github.com/asim/go-micro/plugins/events/natsjs/v4"
"github.com/cs3org/reva/v2/pkg/events"
"github.com/cs3org/reva/v2/pkg/events/server"
"github.com/go-micro/plugins/v4/events/natsjs"
"github.com/owncloud/ocis/extensions/notifications/pkg/channels"
"github.com/owncloud/ocis/extensions/notifications/pkg/config"
"github.com/owncloud/ocis/extensions/notifications/pkg/config/parser"

26
extensions/ocs/pkg/service/v0/users.go
View File

@@ -16,7 +16,6 @@ import (
storemsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/store/v0"
storesvc "github.com/owncloud/ocis/protogen/gen/ocis/services/store/v0"
"github.com/asim/go-micro/plugins/client/grpc/v4"
revauser "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1"
rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
@@ -26,6 +25,7 @@ import (
"github.com/cs3org/reva/v2/pkg/rgrpc/todo/pool"
"github.com/cs3org/reva/v2/pkg/token/manager/jwt"
"github.com/go-chi/chi/v5"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/google/uuid"
"github.com/owncloud/ocis/extensions/ocs/pkg/service/v0/data"
"github.com/owncloud/ocis/extensions/ocs/pkg/service/v0/response"
@@ -230,7 +230,8 @@ func (o Ocs) AddUser(w http.ResponseWriter, r *http.Request) {
Account: newAccount,
})
case "cs3":
o.logger.Fatal().Msg("cs3 backend doesn't support adding users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -293,7 +294,8 @@ func (o Ocs) EditUser(w http.ResponseWriter, r *http.Request) {
case "accounts":
account, err = o.fetchAccountByUsername(r.Context(), userid)
case "cs3":
o.logger.Fatal().Msg("cs3 backend doesn't support editing users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -374,7 +376,8 @@ func (o Ocs) DeleteUser(w http.ResponseWriter, r *http.Request) {
case "accounts":
account, err = o.fetchAccountByUsername(r.Context(), userid)
case "cs3":
o.logger.Fatal().Msg("cs3 backend doesn't support deleting users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -546,7 +549,8 @@ func (o Ocs) EnableUser(w http.ResponseWriter, r *http.Request) {
case "accounts":
account, err = o.fetchAccountByUsername(r.Context(), userid)
case "cs3":
o.logger.Fatal().Msg("cs3 backend doesn't support enabling users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -600,7 +604,8 @@ func (o Ocs) DisableUser(w http.ResponseWriter, r *http.Request) {
case "accounts":
account, err = o.fetchAccountByUsername(r.Context(), userid)
case "cs3":
o.logger.Fatal().Msg("cs3 backend doesn't support disabling users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -730,7 +735,8 @@ func (o Ocs) ListUsers(w http.ResponseWriter, r *http.Request) {
})
case "cs3":
// TODO
o.logger.Fatal().Msg("cs3 backend doesn't support listing users")
o.cs3WriteNotSupported(w, r)
return
default:
o.logger.Fatal().Msgf("Invalid accounts backend type '%s'", o.config.AccountBackend)
}
@@ -782,3 +788,9 @@ func (o Ocs) fetchAccountFromCS3Backend(ctx context.Context, name string) (*acco
GidNumber: u.GidNumber,
}, nil
}
func (o Ocs) cs3WriteNotSupported(w http.ResponseWriter, r *http.Request) {
o.logger.Warn().Msg("the CS3 backend does not support adding or updating users")
o.NotImplementedStub(w, r)
return
}

2
extensions/proxy/pkg/proxy/policy/selector.go
View File

@@ -8,8 +8,8 @@ import (
accountssvc "github.com/owncloud/ocis/protogen/gen/ocis/services/accounts/v0"
"github.com/asim/go-micro/plugins/client/grpc/v4"
revactx "github.com/cs3org/reva/v2/pkg/ctx"
"github.com/go-micro/plugins/v4/client/grpc"
"github.com/owncloud/ocis/extensions/proxy/pkg/config"
"github.com/owncloud/ocis/ocis-pkg/oidc"
)

44
go.mod
View File

@@ -6,32 +6,32 @@ require (
github.com/CiscoM31/godata v1.0.5
github.com/GeertJohan/yubigo v0.0.0-20190917122436-175bc097e60e
github.com/ReneKroon/ttlcache/v2 v2.11.0
github.com/asim/go-micro/plugins/client/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/events/natsjs/v4 v4.0.0-20220311080335-e5a35d38f931
github.com/asim/go-micro/plugins/logger/zerolog/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/registry/consul/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/registry/etcd/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/registry/kubernetes/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/registry/mdns/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/registry/nats/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/server/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/server/http/v4 v4.0.0-20220317022205-c6d352c83291
github.com/asim/go-micro/plugins/wrapper/breaker/gobreaker/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/wrapper/monitoring/prometheus/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/asim/go-micro/plugins/wrapper/trace/opencensus/v4 v4.0.0-20220118152736-9e0be6c85d75
github.com/blevesearch/bleve/v2 v2.3.2
github.com/blevesearch/bleve_index_api v1.0.1
github.com/coreos/go-oidc/v3 v3.1.0
github.com/cs3org/go-cs3apis v0.0.0-20220412090512-93c5918b4bde
github.com/cs3org/reva/v2 v2.0.0-20220414151507-d46af8cacea0
github.com/cs3org/reva/v2 v2.0.0-20220419100641-50aa8636af59
github.com/disintegration/imaging v1.6.2
github.com/glauth/glauth/v2 v2.0.0-20211021011345-ef3151c28733
github.com/go-chi/chi/v5 v5.0.7
github.com/go-chi/cors v1.2.0
github.com/go-chi/cors v1.2.1
github.com/go-chi/render v1.0.1
github.com/go-ldap/ldap/v3 v3.4.3
github.com/go-ldap/ldif v0.0.0-20200320164324-fd88d9b715b3
github.com/go-logr/logr v1.2.3
github.com/go-micro/plugins/v4/client/grpc v1.0.0
github.com/go-micro/plugins/v4/events/natsjs v1.0.1
github.com/go-micro/plugins/v4/logger/zerolog v1.0.0
github.com/go-micro/plugins/v4/registry/consul v1.0.0
github.com/go-micro/plugins/v4/registry/etcd v1.0.0
github.com/go-micro/plugins/v4/registry/kubernetes v1.0.0
github.com/go-micro/plugins/v4/registry/mdns v1.0.0
github.com/go-micro/plugins/v4/registry/nats v1.0.0
github.com/go-micro/plugins/v4/server/grpc v1.0.1
github.com/go-micro/plugins/v4/server/http v1.0.0
github.com/go-micro/plugins/v4/wrapper/breaker/gobreaker v1.0.0
github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.0.0
github.com/go-micro/plugins/v4/wrapper/trace/opencensus v1.0.0
github.com/go-ozzo/ozzo-validation/v4 v4.3.0
github.com/gofrs/uuid v4.2.0+incompatible
github.com/golang-jwt/jwt/v4 v4.4.1
@@ -45,9 +45,9 @@ require (
github.com/libregraph/idm v0.3.1-0.20220315094434-e9a5cff3dd05
github.com/libregraph/lico v0.54.1-0.20220325072321-31efc3995d63
github.com/mennanov/fieldmask-utils v0.5.0
github.com/mitchellh/mapstructure v1.4.3
github.com/mitchellh/mapstructure v1.5.0
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826
github.com/nats-io/nats-server/v2 v2.8.0
github.com/nats-io/nats-server/v2 v2.8.1
github.com/nmcclain/asn1-ber v0.0.0-20170104154839-2661553a0484
github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba
github.com/oklog/run v1.1.0
@@ -64,7 +64,7 @@ require (
github.com/stretchr/testify v1.7.1
github.com/test-go/testify v1.1.4
github.com/thejerf/suture/v4 v4.0.2
github.com/urfave/cli/v2 v2.4.0
github.com/urfave/cli/v2 v2.4.4
go-micro.dev/v4 v4.6.0
go.opencensus.io v0.23.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.31.0
@@ -150,8 +150,6 @@ require (
github.com/go-kit/log v0.2.0 // indirect
github.com/go-logfmt/logfmt v0.5.1 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-micro/plugins/v4/events/natsjs v1.0.0 // indirect
github.com/go-micro/plugins/v4/server/http v1.0.0 // indirect
github.com/go-sql-driver/mysql v1.6.0 // indirect
github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 // indirect
github.com/gofrs/flock v0.8.1 // indirect
@@ -249,9 +247,9 @@ require (
github.com/xanzy/ssh-agent v0.3.1 // indirect
github.com/yaegashi/msgraph.go v0.1.4 // indirect
go.etcd.io/bbolt v1.3.6 // indirect
go.etcd.io/etcd/api/v3 v3.5.1 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.1 // indirect
go.etcd.io/etcd/client/v3 v3.5.1 // indirect
go.etcd.io/etcd/api/v3 v3.5.2 // indirect
go.etcd.io/etcd/client/pkg/v3 v3.5.2 // indirect
go.etcd.io/etcd/client/v3 v3.5.2 // indirect
go.uber.org/atomic v1.9.0 // indirect
go.uber.org/multierr v1.7.0 // indirect
go.uber.org/zap v1.19.1 // indirect

100
go.sum
View File

@@ -162,36 +162,6 @@ github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:o
github.com/asaskevich/govalidator v0.0.0-20200907205600-7a23bdc65eef/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ=
github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
github.com/asim/go-micro/plugins/client/grpc/v4 v4.0.0-20211019191242-9edc569e68bb/go.mod h1:UgGMsB3H99fpbJA9KtNIfrDsUwXibRoebz7/5yhbH3M=
github.com/asim/go-micro/plugins/client/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:Itm7PIQGKSsdgdxapVYICDLv3OSg89NTzqtC4P0Zvpo=
github.com/asim/go-micro/plugins/client/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:P/Jjf1gCQqBAgpVerr3opyTU594ns1t0JZXsDAYh86c=
github.com/asim/go-micro/plugins/events/natsjs/v4 v4.0.0-20220311080335-e5a35d38f931 h1:kNoNolWlG44eDbk/pH6CdYqhivcrSnGwASc38DvD/ik=
github.com/asim/go-micro/plugins/events/natsjs/v4 v4.0.0-20220311080335-e5a35d38f931/go.mod h1:QLCZPlk5wiDpP9BjY2PIogVIoIldUwFsM+5ktw0n4h4=
github.com/asim/go-micro/plugins/logger/zerolog/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:xcCheUvtF9vb2DBuq4VUABnDGlwSKUOmutnXc1qiZ/I=
github.com/asim/go-micro/plugins/logger/zerolog/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:K1WMlVyOCAte1WcMZoltdSXdTzOQkUgcqvQES6idRg8=
github.com/asim/go-micro/plugins/registry/consul/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:56CkyiUTmBhuY4vsjvjCgF9jk9W02ReRKRp7yzBn2kY=
github.com/asim/go-micro/plugins/registry/consul/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:cCagHmMVGVea+8gzr0AC+yXtwtCIB6iXh20ipF9coOA=
github.com/asim/go-micro/plugins/registry/etcd/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:FgKD2I7EwZ2JY7rF047XPxbmunD3/Bb9jt9DWZ6/TqQ=
github.com/asim/go-micro/plugins/registry/etcd/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:maR33ztnKc7VeMioGfl1vq3Jm7fzztbNoRWTncu96sc=
github.com/asim/go-micro/plugins/registry/kubernetes/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:JWl1gmST39ioLi0FptF6JEXDr4C8f5qWQxKXJuDXIUg=
github.com/asim/go-micro/plugins/registry/kubernetes/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:oSNX75DUoUh/Fn3LABL5Ukf2OwjSBTrTm8pFsHeFfw8=
github.com/asim/go-micro/plugins/registry/mdns/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:dkevo03u9rK5YSCLg3wpCftF0kkW2xaecVxuZevicNQ=
github.com/asim/go-micro/plugins/registry/mdns/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:uRYZSzdj4CGDkYLNqd1UUVt+hKNE05qapjBmJgCp5BI=
github.com/asim/go-micro/plugins/registry/memory/v4 v4.0.0-20211013123123-62801c3d6883/go.mod h1:cSvG1suZrBwXQZm1H+v4ZHSrDxmGqJO4RV5O1gpmllM=
github.com/asim/go-micro/plugins/registry/nats/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:/v/YYurrJKnBTZTQSY9Ax/nFT+2oswOvTgqp2chTJYY=
github.com/asim/go-micro/plugins/registry/nats/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:n4K0361IySJ/hmIfaIg8q2NDNAVDL9DUC6Bh7gS4ihg=
github.com/asim/go-micro/plugins/server/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:miPpSGbTA6L2hsHccRNxNSXpIYo6YtlTkoi+fvEHJbw=
github.com/asim/go-micro/plugins/server/grpc/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:uQACKU+/RcWKEMdX6/Ewd+TxCPLIsLPt9ym6++B1X68=
github.com/asim/go-micro/plugins/server/http/v4 v4.0.0-20220317022205-c6d352c83291 h1:l1l3pUleHu66DNRmaPwfgyXfVXT7UmyzNXD0uQp9SQE=
github.com/asim/go-micro/plugins/server/http/v4 v4.0.0-20220317022205-c6d352c83291/go.mod h1:LEsuhy4ZF3UGT9VSOoj/ZP0MZt4brlgwJVG7/LAac+I=
github.com/asim/go-micro/plugins/transport/grpc/v4 v4.0.0-20211019191242-9edc569e68bb h1:rCIGzR4YRddwaWM4pZkbxHIkhFbbuGZOqivnxyKNQz8=
github.com/asim/go-micro/plugins/transport/grpc/v4 v4.0.0-20211019191242-9edc569e68bb/go.mod h1:dzSEAsAqQ4mRaYPJ07KcAt6rIjYUJ9w55UXvnyGx4VE=
github.com/asim/go-micro/plugins/wrapper/breaker/gobreaker/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:8wLNrBKfdRl6uryUFW6qlBZWNeIbPUYKYkwLG9bI58k=
github.com/asim/go-micro/plugins/wrapper/breaker/gobreaker/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:+2tISs/3G0JYpfjc8L3UQMLpVYcqDud0VbNtL+gXIR0=
github.com/asim/go-micro/plugins/wrapper/monitoring/prometheus/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:OGQqF4wc8X6e773i77noh9FeOhgOo3aaBYPJr+kUIZc=
github.com/asim/go-micro/plugins/wrapper/monitoring/prometheus/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:S211qFMwJE4NQVq/lQGy61GRIL+pfKRACk4/1JZRUag=
github.com/asim/go-micro/plugins/wrapper/trace/opencensus/v4 v4.0.0-20220118152736-9e0be6c85d75 h1:+7EjXoDbWPsWXFrNb/4gGLAMct9ciIxw9Rnf5hZwv60=
github.com/asim/go-micro/plugins/wrapper/trace/opencensus/v4 v4.0.0-20220118152736-9e0be6c85d75/go.mod h1:PyS1JrBR0nd5tRwEUuFJFQEevYUkmyjxnSH9039c8+Q=
github.com/aws/aws-sdk-go v1.20.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.34.28/go.mod h1:H7NKnBqNVzoTJpGfLrQkkD+ytBA93eiDYi/+8rV9s48=
github.com/aws/aws-sdk-go v1.35.24/go.mod h1:tlPOdRjfxPBpNIwqDj61rmsnA85v9jc0Ps9+muhnW+k=
@@ -429,8 +399,8 @@ github.com/go-chi/chi v4.0.2+incompatible h1:maB6vn6FqCxrpz4FqWdh4+lwpyZIQS7YEAU
github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
github.com/go-chi/chi/v5 v5.0.7 h1:rDTPXLDHGATaeHvVlLcR4Qe0zftYethFucbjVQ1PxU8=
github.com/go-chi/chi/v5 v5.0.7/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
github.com/go-chi/cors v1.2.0 h1:tV1g1XENQ8ku4Bq3K9ub2AtgG+p16SmzeMSGTwrOKdE=
github.com/go-chi/cors v1.2.0/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
github.com/go-chi/render v1.0.1 h1:4/5tis2cKaNdnv9zFLfXzcquC9HbeZgCnxGnKrltBS8=
github.com/go-chi/render v1.0.1/go.mod h1:pq4Rr7HbnsdaeHagklXub+p6Wd16Af5l9koip1OvJns=
github.com/go-cmd/cmd v1.0.5/go.mod h1:y8q8qlK5wQibcw63djSl/ntiHUHXHGdCkPk0j4QeW4s=
@@ -473,10 +443,35 @@ github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbV
github.com/go-logr/stdr v1.2.0/go.mod h1:YkVgnZu1ZjjL7xTxrfm/LLZBfkhTqSR1ydtm6jTKKwI=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-micro/plugins/v4/events/natsjs v1.0.0 h1:vp2BNA1i6a1mj/jY1GZ+l/JnLWi6lsGPnYi0CtccQvU=
github.com/go-micro/plugins/v4/client/grpc v1.0.0 h1:OAQBt3gT8JBhJ3u8TFJwMP9XcvLFGy4bJU+fAUYTLIc=
github.com/go-micro/plugins/v4/client/grpc v1.0.0/go.mod h1:LmO2jnrlbHkfI3/E7fo8bgE6mDk0L0LVQyKR7crOkX8=
github.com/go-micro/plugins/v4/events/natsjs v1.0.0/go.mod h1:pb7sf8Ych7t7eCuw7jj6ac6rhUrga8SEA55YEFiwmrY=
github.com/go-micro/plugins/v4/events/natsjs v1.0.1 h1:ukC/FjLU0sfKUTCox6cJOP70jn3YQArMPKFIkO03EdY=
github.com/go-micro/plugins/v4/events/natsjs v1.0.1/go.mod h1:pb7sf8Ych7t7eCuw7jj6ac6rhUrga8SEA55YEFiwmrY=
github.com/go-micro/plugins/v4/logger/zerolog v1.0.0 h1:2F5R4AV5NstG0NHDmrzeZnKQlbWATI1iQYePw4Bpqiw=
github.com/go-micro/plugins/v4/logger/zerolog v1.0.0/go.mod h1:+j9fjNYsYdBIqp6ZMB4PLn+K2cPvQofawAq//dZRgaM=
github.com/go-micro/plugins/v4/registry/consul v1.0.0 h1:LHW9vfKxa6+LoHi2LwtoTZj7l17gtcD7dRiIm5UTME0=
github.com/go-micro/plugins/v4/registry/consul v1.0.0/go.mod h1:7dTm1ciJZVVUT9PFZVPTrvyvZNh4TPZnuXGyINnEioE=
github.com/go-micro/plugins/v4/registry/etcd v1.0.0 h1:JAb7M4Vxvanh7dxnbgPJbcHeDiV08YFAdsN2NVGCdaU=
github.com/go-micro/plugins/v4/registry/etcd v1.0.0/go.mod h1:QbgJQQImYfQJgfdrnP+ZRls2GWZ+ncfSn7Vp3UVlntg=
github.com/go-micro/plugins/v4/registry/kubernetes v1.0.0 h1:C/6cWtwXw2eMVupDU0kY6zo60ZGemWdGBZtOc6LOEKQ=
github.com/go-micro/plugins/v4/registry/kubernetes v1.0.0/go.mod h1:zRn2eRRSu/Jql5pPesOjTUnedYSlml9rMVpCzw8Zvng=
github.com/go-micro/plugins/v4/registry/mdns v1.0.0 h1:xIa1OMKSyw0sxMd9I2w7EnlzaGIk6AV6cnW+G9zItrw=
github.com/go-micro/plugins/v4/registry/mdns v1.0.0/go.mod h1:+nbeIqowlweP2+05oadGhgjp6+mXlHZ4BXnE4zuLFmc=
github.com/go-micro/plugins/v4/registry/nats v1.0.0 h1:8X5gitlE546kY+k7hdNoY4mciebHXsAipZEYftnZ1qY=
github.com/go-micro/plugins/v4/registry/nats v1.0.0/go.mod h1:Sq9N8ETykCmWVhj2/Hrc9268rl6TTsEIoSXaqsFvgk0=
github.com/go-micro/plugins/v4/server/grpc v1.0.1 h1:lVaVm1HE6PqoQlFvPpHJshJKOWgTCm9yUTQaAMlvLkw=
github.com/go-micro/plugins/v4/server/grpc v1.0.1/go.mod h1:+eiInCaAvLiDSY4QGwIr+Z44gLZAsQSXIN42BJViR90=
github.com/go-micro/plugins/v4/server/http v1.0.0 h1:cuSp4F8uS7sWjvmsJ8M4k18rZF3AxA2qdLA6kFxPktM=
github.com/go-micro/plugins/v4/server/http v1.0.0/go.mod h1:E8eoUONK91jcMpvkcFUsqbgDyKyri3x7ty2GuM5SsI0=
github.com/go-micro/plugins/v4/transport/grpc v1.0.0 h1:QbwEGFo9tiDwqJWZ37FJ8gK5xnApy47EnKcmQWRRSJs=
github.com/go-micro/plugins/v4/transport/grpc v1.0.0/go.mod h1:yW7+92O0bHZLusf3dboKymHWucRTUtingtQEeIaVhMg=
github.com/go-micro/plugins/v4/wrapper/breaker/gobreaker v1.0.0 h1:0+UUCB9b6yIB+7rm4gde6L7itnpTbIpLPGF28l5rjc4=
github.com/go-micro/plugins/v4/wrapper/breaker/gobreaker v1.0.0/go.mod h1:2knc5FNrVz7k1ZJWNJPrN68RPis6i0gyjCgIKi++R2s=
github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.0.0 h1:8zCLSM8tFNX52XkmM0w7btkRjxPLxWqq12J89c98R1g=
github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus v1.0.0/go.mod h1:8EWunnOvebvVWRPSl7INCuBNSV/tQIWRLQzUltYUp4M=
github.com/go-micro/plugins/v4/wrapper/trace/opencensus v1.0.0 h1:/ubDTdttVIko2NW6ndOqwyVGCege0VAeMQWnUUA7fuM=
github.com/go-micro/plugins/v4/wrapper/trace/opencensus v1.0.0/go.mod h1:0ubKdbBQBSsjiIEGUYtaQSEDfcJCUbCaTH4JGmrPU7k=
github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI=
github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik=
@@ -744,7 +739,6 @@ github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
github.com/gorilla/schema v1.2.0 h1:YufUaxZYCKGFuAq3c96BOhjgd5nmXiOY9NGzF247Tsc=
github.com/gorilla/schema v1.2.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU=
github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
github.com/grpc-ecosystem/go-grpc-middleware v1.1.0/go.mod h1:f5nM7jw/oeRSadq3xCzHAvxcr8HZnzsqU6ILg/0NiiE=
@@ -886,9 +880,7 @@ github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQL
github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
github.com/klauspost/compress v1.9.5/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/compress v1.14.3/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/compress v1.14.4 h1:eijASRJcobkVtSt81Olfh7JX43osYLwy5krOJo6YEu4=
github.com/klauspost/compress v1.14.4/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
github.com/klauspost/cpuid v1.2.3/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
@@ -934,7 +926,6 @@ github.com/liquidweb/liquidweb-go v1.6.3/go.mod h1:SuXXp+thr28LnjEw18AYtWwIbWMHS
github.com/longsleep/go-metrics v0.0.0-20170706183227-c1943bcf9047/go.mod h1:Eq9KjddJTZCHG0ja+SEJNp739Um4URrcBuccq3Ih/NI=
github.com/longsleep/go-metrics v1.0.0 h1:o2A6Dbu4MhLpZuL444WFoZzM7X7igewrj2MouwTlmVM=
github.com/longsleep/go-metrics v1.0.0/go.mod h1:w6QO1LBkVla70FZrrF6XcB0YN+jTEYugjkn3+6RYTSM=
github.com/m3o/m3o-go/client v0.0.0-20210421144725-8bfd7992ada3/go.mod h1:vmeaYrKYpgVNhny/l7iH8mXS88S7ijUiYni3gZUrCq0=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/magiconair/properties v1.8.4/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
@@ -1000,7 +991,6 @@ github.com/miekg/dns v1.1.46 h1:uzwpxRtSVxtcIZmz/4Uz6/Rn7G11DvsaslXoy5LxQio=
github.com/miekg/dns v1.1.46/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
github.com/mileusna/useragent v1.0.2 h1:DgVKtiPnjxlb73z9bCwgdUvU2nQNQ97uhgfO8l9uz/w=
github.com/mileusna/useragent v1.0.2/go.mod h1:3d8TOmwL/5I8pJjyVDteHtgDGcefrFUX4ccGOMKNYYc=
github.com/minio/highwayhash v1.0.1/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY=
github.com/minio/highwayhash v1.0.2 h1:Aak5U0nElisjDCfPSG79Tgzkn2gl66NxOMspRrKnA/g=
github.com/minio/highwayhash v1.0.2/go.mod h1:BQskDq+xkJ12lmlUUi7U0M5Swg3EWR+dLTk+kldvVxY=
github.com/minio/md5-simd v1.1.0/go.mod h1:XpBqgZULrMYD3R+M28PcmP0CkI7PEMzB3U77ZrKZ0Gw=
@@ -1036,8 +1026,9 @@ github.com/mitchellh/mapstructure v1.3.2/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR
github.com/mitchellh/mapstructure v1.3.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.4.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.4.3 h1:OVowDSCllw/YjdLkam3/sm7wEtOy59d8ndGgCcyj8cs=
github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
github.com/moby/sys/mount v0.2.0/go.mod h1:aAivFE2LB3W4bACsUXChRHQ0qKWsetY4Y9V7sxOougM=
@@ -1062,17 +1053,14 @@ github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04/go.mod h1:5sN+Lt1CaY
github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
github.com/nats-io/jwt v1.1.0 h1:+vOlgtM0ZsF46GbmUoadq0/2rChNS45gtxHEa3H1gqM=
github.com/nats-io/jwt v1.1.0/go.mod h1:n3cvmLfBfnpV4JJRN7lRYCyZnw48ksGsbThGXEk4w9M=
github.com/nats-io/jwt/v2 v2.1.0/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k=
github.com/nats-io/jwt/v2 v2.2.1-0.20220113022732-58e87895b296/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k=
github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a h1:lem6QCvxR0Y28gth9P+wV2K/zYUUAkJ+55U8cpS0p5I=
github.com/nats-io/jwt/v2 v2.2.1-0.20220330180145-442af02fd36a/go.mod h1:0tqz9Hlu6bCBFLWAASKhE5vUA4c24L9KPUUgvwumE/k=
github.com/nats-io/nats-server/v2 v2.1.9/go.mod h1:9qVyoewoYXzG1ME9ox0HwkkzyYvnlBDugfR4Gg/8uHU=
github.com/nats-io/nats-server/v2 v2.6.2/go.mod h1:CNi6dJQ5H+vWqaoWKjCGtqBt7ai/xOTLiocUqhK6ews=
github.com/nats-io/nats-server/v2 v2.7.4/go.mod h1:1vZ2Nijh8tcyNe8BDVyTviCd9NYzRbubQYiEHsvOQWc=
github.com/nats-io/nats-server/v2 v2.8.0 h1:9cX87APzxnmVhr+Oiv1t41eGrDaRDG2ffuu/e+gGwaQ=
github.com/nats-io/nats-server/v2 v2.8.0/go.mod h1:5vic7C58BFEVltiZhs7Kq81q2WcEPhJPsmNv1FOrdv0=
github.com/nats-io/nats-server/v2 v2.8.1 h1:WZ9m/d8rklkWo6opo3X927vXnuaE00VEEl5zXcpL6qw=
github.com/nats-io/nats-server/v2 v2.8.1/go.mod h1:vIdpKz3OG+DCg4q/xVPdXHoztEyKDWRtykQ4N7hd7C4=
github.com/nats-io/nats.go v1.10.0/go.mod h1:AjGArbfyR50+afOUotNX2Xs5SYHf+CoOa5HH1eEl2HE=
github.com/nats-io/nats.go v1.13.0/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w=
github.com/nats-io/nats.go v1.13.1-0.20220308171302-2f2f6968e98d/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w=
github.com/nats-io/nats.go v1.14.0 h1:/QLCss4vQ6wvDpbqXucsVRDi13tFIR6kTdau+nXzKJw=
github.com/nats-io/nats.go v1.14.0/go.mod h1:BPko4oXsySz4aSWeFgOHLZs3G4Jq4ZAyE6/zMCxRT6w=
@@ -1358,8 +1346,8 @@ github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtX
github.com/urfave/cli v1.22.4 h1:u7tSpNPPswAFymm8IehJhy4uJMlUuU/GmqSkvJ1InXA=
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
github.com/urfave/cli/v2 v2.4.0 h1:m2pxjjDFgDxSPtO8WSdbndj17Wu2y8vOT86wE/tjr+I=
github.com/urfave/cli/v2 v2.4.0/go.mod h1:NX9W0zmTvedE5oDoOMs2RTC8RvdK98NTYZE5LbaEYPg=
github.com/urfave/cli/v2 v2.4.4 h1:IvwT3XfI6RytTmIzC35UAu9oyK+bHgUPXDDZNqribkI=
github.com/urfave/cli/v2 v2.4.4/go.mod h1:oDzoM7pVwz6wHn5ogWgFUU1s4VJayeQS+aEZDqXIEJs=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
github.com/valyala/fasttemplate v1.1.0/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
@@ -1406,8 +1394,6 @@ github.com/zclconf/go-cty v1.2.0/go.mod h1:hOPWgoHbaTUnI5k4D2ld+GRpFJSCe6bCM7m1q
github.com/zclconf/go-cty v1.8.0/go.mod h1:vVKLxnk3puL4qRAv72AO+W99LUD4da90g3uUAzyuvAk=
github.com/zclconf/go-cty-debug v0.0.0-20191215020915-b22d67c1ba0b/go.mod h1:ZRKQfBXbGkpdV6QMzT3rU1kSTAnfu1dO8dPKjYprgj8=
github.com/zenazn/goji v1.0.1/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
go-micro.dev/v4 v4.1.0/go.mod h1:XTEJj5ILOBW+2ndGDG56r8fBXZ8hmsVaIaS1K5zwj+s=
go-micro.dev/v4 v4.2.1/go.mod h1:XTEJj5ILOBW+2ndGDG56r8fBXZ8hmsVaIaS1K5zwj+s=
go-micro.dev/v4 v4.3.0/go.mod h1:tw47Xfg2YywfPUnglZgXQsSf7p0ST6mQL3v0JooGmSY=
go-micro.dev/v4 v4.4.0/go.mod h1:hSBUne6gtYTfYmnNxGQmaNmRQ6z8LqGrAVNmL/ae0lY=
go-micro.dev/v4 v4.6.0 h1:sY1Ps3Vgq8tFzcUGps9WnJhy1AKspXK+4wWIwugiRss=
@@ -1416,15 +1402,12 @@ go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
go.etcd.io/bbolt v1.3.6 h1:/ecaJf0sk1l4l6V4awd65v2C3ILy7MSj+s/x1ADCIMU=
go.etcd.io/bbolt v1.3.6/go.mod h1:qXsaaIqmgQH0T+OPdb99Bf+PKfBBQVAdyD6TY9G8XM4=
go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
go.etcd.io/etcd/api/v3 v3.5.1 h1:v28cktvBq+7vGyJXF8G+rWJmj+1XUmMtqcLnH8hDocM=
go.etcd.io/etcd/api/v3 v3.5.1/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
go.etcd.io/etcd/client/pkg/v3 v3.5.1 h1:XIQcHCFSG53bJETYeRJtIxdLv2EWRGxcfzR8lSnTH4E=
go.etcd.io/etcd/client/pkg/v3 v3.5.1/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
go.etcd.io/etcd/client/v3 v3.5.0/go.mod h1:AIKXXVX/DQXtfTEqBryiLTUXwON+GuvO6Z7lLS/oTh0=
go.etcd.io/etcd/client/v3 v3.5.1 h1:oImGuV5LGKjCqXdjkMHCyWa5OO1gYKCnC/1sgdfj1Uk=
go.etcd.io/etcd/client/v3 v3.5.1/go.mod h1:OnjH4M8OnAotwaB2l9bVgZzRFKru7/ZMoS46OtKyd3Q=
go.etcd.io/etcd/api/v3 v3.5.2 h1:tXok5yLlKyuQ/SXSjtqHc4uzNaMqZi2XsoSPr/LlJXI=
go.etcd.io/etcd/api/v3 v3.5.2/go.mod h1:5GB2vv4A4AOn3yk7MftYGHkUfGtDHnEraIjym4dYz5A=
go.etcd.io/etcd/client/pkg/v3 v3.5.2 h1:4hzqQ6hIb3blLyQ8usCU4h3NghkqcsohEQ3o3VetYxE=
go.etcd.io/etcd/client/pkg/v3 v3.5.2/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
go.etcd.io/etcd/client/v3 v3.5.2 h1:WdnejrUtQC4nCxK0/dLTMqKOB+U5TP/2Ya0BJL+1otA=
go.etcd.io/etcd/client/v3 v3.5.2/go.mod h1:kOOaWFFgHygyT0WlSmL8TJiXmMysO/nNUlEsSsN6W4o=
go.m3o.com v0.1.0/go.mod h1:p8FdLqZH3R9a0y04qiMNT+clw69d3SxyQPFzCNbDRtk=
go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM=
@@ -1521,6 +1504,7 @@ golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0
golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220321153916-2c7772ba3064/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29 h1:tkVvjkPTB7pnW3jnid7kNyAMPVWllTNOf/qKDze4p9o=
golang.org/x/crypto v0.0.0-20220331220935-ae2d96664a29/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
@@ -1806,7 +1790,6 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20210220033141-f8bda1e9f3ba/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -2047,7 +2030,6 @@ google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ5
google.golang.org/grpc v1.45.0 h1:NEpgUqV3Z+ZjkqMsxMg11IaDrXY4RY6CQukSGK0uI1M=
google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/grpc/examples v0.0.0-20210902184326-c93e472777b9/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e h1:m7aQHHqd0q89mRwhwS9Bx2rjyl/hsFAeta+uGrHsQaU=
google.golang.org/grpc/examples v0.0.0-20211102180624-670c133e568e/go.mod h1:gID3PKrg7pWKntu9Ss6zTLJ0ttC0X9IHgREOCZwbCVU=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=

10
ocis-pkg/registry/registry.go
View File

@@ -4,11 +4,11 @@ import (
"os"
"strings"
consulr "github.com/asim/go-micro/plugins/registry/consul/v4"
etcdr "github.com/asim/go-micro/plugins/registry/etcd/v4"
kubernetesr "github.com/asim/go-micro/plugins/registry/kubernetes/v4"
mdnsr "github.com/asim/go-micro/plugins/registry/mdns/v4"
natsr "github.com/asim/go-micro/plugins/registry/nats/v4"
consulr "github.com/go-micro/plugins/v4/registry/consul"
etcdr "github.com/go-micro/plugins/v4/registry/etcd"
kubernetesr "github.com/go-micro/plugins/v4/registry/kubernetes"
mdnsr "github.com/go-micro/plugins/v4/registry/mdns"
natsr "github.com/go-micro/plugins/v4/registry/nats"
"go-micro.dev/v4/registry"
)

10
ocis-pkg/service/grpc/service.go
View File

@@ -4,11 +4,11 @@ import (
"strings"
"time"
mgrpcc "github.com/asim/go-micro/plugins/client/grpc/v4"
mgrpcs "github.com/asim/go-micro/plugins/server/grpc/v4"
mbreaker "github.com/asim/go-micro/plugins/wrapper/breaker/gobreaker/v4"
"github.com/asim/go-micro/plugins/wrapper/monitoring/prometheus/v4"
"github.com/asim/go-micro/plugins/wrapper/trace/opencensus/v4"
mgrpcc "github.com/go-micro/plugins/v4/client/grpc"
mgrpcs "github.com/go-micro/plugins/v4/server/grpc"
mbreaker "github.com/go-micro/plugins/v4/wrapper/breaker/gobreaker"
"github.com/go-micro/plugins/v4/wrapper/monitoring/prometheus"
"github.com/go-micro/plugins/v4/wrapper/trace/opencensus"
"github.com/owncloud/ocis/ocis-pkg/registry"
"go-micro.dev/v4"
"go-micro.dev/v4/client"

2
ocis-pkg/service/http/service.go
View File

@@ -6,7 +6,7 @@ import (
"github.com/owncloud/ocis/ocis-pkg/registry"
mhttps "github.com/asim/go-micro/plugins/server/http/v4"
mhttps "github.com/go-micro/plugins/v4/server/http"
"go-micro.dev/v4"
"go-micro.dev/v4/server"
)

2
ocis/pkg/runtime/service/service.go
View File

@@ -15,7 +15,7 @@ import (
"github.com/owncloud/ocis/ocis-pkg/shared"
mzlog "github.com/asim/go-micro/plugins/logger/zerolog/v4"
mzlog "github.com/go-micro/plugins/v4/logger/zerolog"
"github.com/mohae/deepcopy"
"github.com/olekukonko/tablewriter"

526
tests/TestHelpers/GraphHelper.php Normal file
View File

@@ -0,0 +1,526 @@
<?php declare(strict_types=1);
/**
* ownCloud
*
* @author Kiran Parajuli <kiran@jankaritech.com>
* @copyright Copyright (c) 2022 Kiran Parajuli kiran@jankaritech.com
*/
namespace TestHelpers;
use TestHelpers\HttpRequestHelper;
use GuzzleHttp\Exception\GuzzleException;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\ResponseInterface;
/**
* A helper class for managing users and groups using the Graph API
*/
class GraphHelper {
/**
* @return string[]
*/
private static function getRequestHeaders(): array {
return [
'Content-Type' => 'application/json',
];
}
/**
* @param string $baseUrl
* @param string $path
*
* @return string
*/
private static function getFullUrl(string $baseUrl, string $path): string {
$fullUrl = $baseUrl;
if (\substr($fullUrl, -1) !== '/') {
$fullUrl .= '/';
}
$fullUrl .= 'graph/v1.0/' . $path;
return $fullUrl;
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $method
* @param string $path
* @param string|null $body
* @param array|null $headers
*
* @return RequestInterface
* @throws GuzzleException
*/
public static function createRequest(
string $baseUrl,
string $xRequestId,
string $method,
string $path,
?string $body = null,
?array $headers = []
): RequestInterface {
$fullUrl = self::getFullUrl($baseUrl, $path);
return HttpRequestHelper::createRequest(
$fullUrl,
$xRequestId,
$method,
$headers,
$body
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userName
* @param string $password
* @param string|null $email
* @param string|null $displayName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function createUser(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userName,
string $password,
?string $email = null,
?string $displayName = null
): ResponseInterface {
$payload = self::prepareCreateUserPayload(
$userName,
$password,
$email,
$displayName
);
$url = self::getFullUrl($baseUrl, 'users');
return HttpRequestHelper::post(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders(),
$payload
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userId
* @param string|null $userName
* @param string|null $password
* @param string|null $email
* @param string|null $displayName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function editUser(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userId,
?string $userName = null,
?string $password = null,
?string $email = null,
?string $displayName = null
): ResponseInterface {
$payload = self::preparePatchUserPayload(
$userName,
$password,
$email,
$displayName
);
$url = self::getFullUrl($baseUrl, 'users/' . $userId);
return HttpRequestHelper::sendRequest(
$url,
$xRequestId,
"PATCH",
$adminUser,
$adminPassword,
self::getRequestHeaders(),
$payload
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getUser(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userName
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'users/' . $userName);
return HttpRequestHelper::get(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders()
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function deleteUser(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userName
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'users/' . $userName);
return HttpRequestHelper::delete(
$url,
$xRequestId,
$adminUser,
$adminPassword,
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $groupName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function createGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $groupName
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups');
$payload['displayName'] = $groupName;
return HttpRequestHelper::sendRequest(
$url,
$xRequestId,
"POST",
$adminUser,
$adminPassword,
self::getRequestHeaders(),
\json_encode($payload)
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $groupId
* @param string $displayName
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function updateGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $groupId,
string $displayName
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId);
$payload['displayName'] = $displayName;
return HttpRequestHelper::sendRequest(
$url,
$xRequestId,
"PATCH",
$adminUser,
$adminPassword,
self::getRequestHeaders(),
\json_encode($payload)
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getUsers(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'users');
return HttpRequestHelper::get(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders(),
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getGroups(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups');
return HttpRequestHelper::get(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders(),
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $groupId
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function deleteGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $groupId
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId);
return HttpRequestHelper::delete(
$url,
$xRequestId,
$adminUser,
$adminPassword,
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $groupId
* @param array $users expects users array with user ids
* [ [ 'id' => 'some_id' ], ]
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function addUsersToGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $groupId,
array $users
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId . '/users');
$payload = [
"members@odata.bind" => []
];
foreach ($users as $user) {
$payload[0][] = self::getFullUrl($baseUrl, 'users/' . $user["id"]);
}
return HttpRequestHelper::post(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders(),
\json_encode($payload)
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userId
* @param string $groupId
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function addUserToGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userId,
string $groupId
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId . '/members/$ref');
$body = [
"@odata.id" => self::getFullUrl($baseUrl, 'users/' . $userId)
];
return HttpRequestHelper::post(
$url,
$xRequestId,
$adminUser,
$adminPassword,
self::getRequestHeaders(),
\json_encode($body)
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $userId
* @param string $groupId
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function removeUserFromGroup(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $userId,
string $groupId
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId . '/members/' . $userId . '/$ref');
return HttpRequestHelper::delete(
$url,
$xRequestId,
$adminUser,
$adminPassword,
);
}
/**
* @param string $baseUrl
* @param string $xRequestId
* @param string $adminUser
* @param string $adminPassword
* @param string $groupId
*
* @return ResponseInterface
* @throws GuzzleException
*/
public static function getMembersList(
string $baseUrl,
string $xRequestId,
string $adminUser,
string $adminPassword,
string $groupId
): ResponseInterface {
$url = self::getFullUrl($baseUrl, 'groups/' . $groupId . '/members');
return HttpRequestHelper::get(
$url,
$xRequestId,
$adminUser,
$adminPassword
);
}
/**
* returns json encoded payload for user creating request
*
* @param string|null $userName
* @param string|null $password
* @param string|null $email
* @param string|null $displayName
*
* @return string
*/
public static function prepareCreateUserPayload(
string $userName,
string $password,
?string $email,
?string $displayName
): string {
$payload['onPremisesSamAccountName'] = $userName;
$payload['passwordProfile'] = ['password' => $password];
$payload['displayName'] = $displayName ?? $userName;
$payload['mail'] = $email ?? $userName . '@example.com';
return \json_encode($payload);
}
/**
* returns encoded json payload for user patching requests
*
* @param string|null $userName
* @param string|null $password
* @param string|null $email
* @param string|null $displayName
*
* @return string
*/
public static function preparePatchUserPayload(
?string $userName,
?string $password,
?string $email,
?string $displayName
): string {
$payload = [];
if ($userName) {
$payload['onPremisesSamAccountName'] = $userName;
}
if ($password) {
$payload['passwordProfile'] = ['password' => $password];
}
if ($displayName) {
$payload['displayName'] = $displayName;
}
if ($email) {
$payload['mail'] = $email;
}
return \json_encode($payload);
}
}

6
tests/acceptance/config/behat.yml
View File

@@ -16,7 +16,7 @@ default:
- RevaContext:
- OccContext:
- FeatureContext: &common_feature_context_params
baseUrl: http://localhost:8080
baseUrl: http://localhost:8080
adminUsername: admin
adminPassword: admin
regularUserPassword: 123456
@@ -57,8 +57,4 @@ default:
- PublicWebDavContext:
extensions:
jarnaiz\JUnitFormatter\JUnitFormatterExtension:
filename: report.xml
outputDir: '%paths.base%/../output/'
Cjm\Behat\StepThroughExtension: ~

229
tests/acceptance/expected-failures-API-on-OCIS-storage.md
View File

@@ -35,21 +35,21 @@ _ocdav: double check the webdav property parsing when custom namespaces are used
#### [downloading an old version of a file returns 501](https://github.com/owncloud/ocis/issues/2261)
- [apiVersions/fileVersions.feature:426](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersions.feature#L426)
- [apiVersions/fileVersions.feature:444](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersions.feature#L444)
- [apiVersions/fileVersionsSharingToShares.feature:305](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L305)
- [apiVersions/fileVersions.feature:462](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersions.feature#L462)
- [apiVersions/fileVersionsSharingToShares.feature:306](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L306)
#### [file versions do not report the version author](https://github.com/owncloud/ocis/issues/2914)
- [apiVersions/fileVersionAuthor.feature:14](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L14)
- [apiVersions/fileVersionAuthor.feature:36](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L36)
- [apiVersions/fileVersionAuthor.feature:56](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L56)
- [apiVersions/fileVersionAuthor.feature:75](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L75)
- [apiVersions/fileVersionAuthor.feature:101](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L101)
- [apiVersions/fileVersionAuthor.feature:128](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L128)
- [apiVersions/fileVersionAuthor.feature:155](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L155)
- [apiVersions/fileVersionAuthor.feature:37](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L37)
- [apiVersions/fileVersionAuthor.feature:58](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L58)
- [apiVersions/fileVersionAuthor.feature:78](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L78)
- [apiVersions/fileVersionAuthor.feature:104](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L104)
- [apiVersions/fileVersionAuthor.feature:129](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L129)
- [apiVersions/fileVersionAuthor.feature:154](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L154)
- [apiVersions/fileVersionAuthor.feature:180](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L180)
- [apiVersions/fileVersionAuthor.feature:220](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L220)
- [apiVersions/fileVersionAuthor.feature:223](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionAuthor.feature#L223)
### Sync
@@ -523,20 +523,20 @@ cannot share a folder with create permission
#### [various sharing settings cannot be set](https://github.com/owncloud/ocis/issues/1328)
- [apiSharePublicLink1/createPublicLinkShare.feature:375](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L375)
- [apiSharePublicLink1/createPublicLinkShare.feature:376](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L376)
- [apiSharePublicLink1/createPublicLinkShare.feature:566](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L566)
- [apiSharePublicLink1/createPublicLinkShare.feature:567](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L567)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:212](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L212)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:213](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L213)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:214](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L214)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:215](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L215)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:44](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L44)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:45](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L45)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:74](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L74)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:75](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L75)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:104](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L104)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:105](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L105)
- [apiSharePublicLink1/createPublicLinkShare.feature:375](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L375)
- [apiSharePublicLink1/createPublicLinkShare.feature:376](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L376)
- [apiSharePublicLink1/createPublicLinkShare.feature:566](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L566)
- [apiSharePublicLink1/createPublicLinkShare.feature:567](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink1/createPublicLinkShare.feature#L567)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:212](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L212)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:213](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L213)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:214](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L214)
- [apiShareManagementBasicToShares/deleteShareFromShares.feature:215](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/deleteShareFromShares.feature#L215)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:44](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L44)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:45](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L45)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:74](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L74)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:75](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L75)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:104](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L104)
- [apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature:105](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareManagementBasicToShares/excludeGroupFromReceivingSharesToSharesFolder.feature#L105)
#### [copying a folder within a public link folder to folder with same name as an already existing file overwrites the parent file](https://github.com/owncloud/ocis/issues/1232)
@@ -741,35 +741,47 @@ Scenario Outline: Moving a file into a shared folder as the sharee and as the sh
#### [not possible to move file into a received folder](https://github.com/owncloud/ocis/issues/764)
- [apiVersions/fileVersionsSharingToShares.feature:219](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L219)
- [apiVersions/fileVersionsSharingToShares.feature:220](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L220)
- [apiVersions/fileVersionsSharingToShares.feature:221](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L221)
#### [Expiration date for shares is not implemented](https://github.com/owncloud/ocis/issues/1250)
#### Expiration date of user shares
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:58](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L58)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:59](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L59)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:86](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L86)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:87](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L87)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:113](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L113)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:114](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L114)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:140](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L140)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:141](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L141)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:303](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L303)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:304](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L304)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:325](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L325)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:326](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L326)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:52](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L52)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:53](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L53)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:76](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L76)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:77](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L77)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:102](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L102)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:103](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L103)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:128](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L128)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:129](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L129)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:279](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L279)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:280](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L280)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:301](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L301)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:302](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L302)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:323](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L323)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:324](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L324)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:346](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L346)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:347](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L347)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:348](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L348)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:370](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L370)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:371](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L371)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:388](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L388)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:389](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L389)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:406](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L406)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:407](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L407)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:606](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L606)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:607](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L607)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:363](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L363)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:364](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L364)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:380](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L380)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:381](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L381)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:576](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L576)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:577](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L577)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:599](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L599)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:600](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L600)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:601](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L601)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:602](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L602)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:603](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L603)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:624](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L624)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:625](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L625)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:626](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L626)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:627](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L627)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:628](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L628)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:629](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L629)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:630](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L630)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:631](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L631)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:632](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L632)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:633](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L633)
@@ -781,30 +793,18 @@ Scenario Outline: Moving a file into a shared folder as the sharee and as the sh
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:659](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L659)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:660](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L660)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:661](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L661)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:662](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L662)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:663](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L663)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:664](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L664)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:665](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L665)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:666](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L666)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:667](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L667)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:688](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L688)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:689](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L689)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:690](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L690)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:691](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L691)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:692](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L692)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:693](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L693)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:714](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L714)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:715](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L715)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:716](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L716)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:717](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L717)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:718](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L718)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:719](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L719)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:740](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L740)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:741](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L741)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:762](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L762)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:763](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L763)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:784](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L784)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:785](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L785)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:682](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L682)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:683](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L683)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:684](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L684)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:685](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L685)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:686](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L686)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:687](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L687)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:708](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L708)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:709](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L709)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:732](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L732)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:733](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L733)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:756](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L756)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:757](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L757)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:36](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L36)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:37](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L37)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:92](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L92)
@@ -836,26 +836,26 @@ Scenario Outline: Moving a file into a shared folder as the sharee and as the sh
#### Expiration date of group shares
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:193](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L193)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:194](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L194)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:223](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L223)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:224](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L224)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:252](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L252)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:253](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L253)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:282](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L282)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:283](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L283)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:429](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L429)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:430](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L430)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:453](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L453)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:454](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L454)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:175](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L175)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:176](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L176)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:201](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L201)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:202](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L202)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:229](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L229)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:230](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L230)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:258](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L258)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:259](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L259)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:403](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L403)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:404](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L404)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:427](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L427)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:428](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L428)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:451](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L451)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:452](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L452)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:476](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L476)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:477](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L477)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:478](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L478)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:502](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L502)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:503](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L503)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:524](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L524)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:525](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L525)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:546](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L546)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:547](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L547)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:497](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L497)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:498](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L498)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:518](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L518)
- [apiShareCreateSpecialToShares1/createShareExpirationDate.feature:519](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareExpirationDate.feature#L519)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:64](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L64)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:65](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L65)
- [apiShareReshareToShares3/reShareWithExpiryDate.feature:124](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareReshareToShares3/reShareWithExpiryDate.feature#L124)
@@ -880,22 +880,23 @@ _ocs: api compatibility, return correct status code_
#### [Share permissions can be updated to any value](https://github.com/owncloud/ocis/issues/2173)
- [apiShareUpdateToShares/updateShare.feature:130](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L130)
- [apiShareUpdateToShares/updateShare.feature:131](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L131)
- [apiShareUpdateToShares/updateShare.feature:132](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L132)
- [apiShareUpdateToShares/updateShare.feature:133](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L133)
- [apiShareUpdateToShares/updateShare.feature:134](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L134)
- [apiShareUpdateToShares/updateShare.feature:135](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L135)
- [apiShareUpdateToShares/updateShare.feature:154](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L154)
- [apiShareUpdateToShares/updateShare.feature:136](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L136)
- [apiShareUpdateToShares/updateShare.feature:155](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L155)
- [apiShareUpdateToShares/updateShare.feature:156](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L156)
- [apiShareUpdateToShares/updateShare.feature:157](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L157)
- [apiShareUpdateToShares/updateShare.feature:158](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L158)
- [apiShareUpdateToShares/updateShare.feature:159](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L159)
- [apiShareUpdateToShares/updateShare.feature:160](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L160)
#### [Cannot move folder/file from one received share to another](https://github.com/owncloud/ocis/issues/2442)
- [apiShareUpdateToShares/updateShare.feature:241](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L241)
- [apiShareUpdateToShares/updateShare.feature:242](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L242)
- [apiShareUpdateToShares/updateShare.feature:196](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L196)
#### [Sharing folder and sub-folder with same user but different permission,the permission of sub-folder is not obeyed ](https://github.com/owncloud/ocis/issues/2440)
@@ -926,25 +927,25 @@ _ocs: api compatibility, return correct status code_
#### [various sharing settings cannot be set](https://github.com/owncloud/ocis/issues/1328)
- [apiShareUpdateToShares/updateShare.feature:324](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L324)
- [apiShareUpdateToShares/updateShare.feature:325](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L325)
- [apiShareUpdateToShares/updateShare.feature:326](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L326)
- [apiShareUpdateToShares/updateShare.feature:350](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L350)
- [apiShareUpdateToShares/updateShare.feature:351](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L351)
- [apiShareUpdateToShares/updateShare.feature:367](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L367)
- [apiShareUpdateToShares/updateShare.feature:368](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L368)
- [apiShareUpdateToShares/updateShare.feature:369](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L369)
- [apiShareUpdateToShares/updateShare.feature:370](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L370)
- [apiShareUpdateToShares/updateShare.feature:396](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L396)
- [apiShareUpdateToShares/updateShare.feature:397](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L397)
- [apiShareUpdateToShares/updateShare.feature:426](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L426)
- [apiShareUpdateToShares/updateShare.feature:427](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L427)
- [apiShareUpdateToShares/updateShare.feature:428](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L428)
#### [Edit user share response has an "name" field](https://github.com/owncloud/ocis/issues/1225)
- [apiShareUpdateToShares/updateShare.feature:287](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L287)
- [apiShareUpdateToShares/updateShare.feature:288](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L288)
- [apiShareUpdateToShares/updateShare.feature:289](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L289)
#### [user can access version metadata of a received share before accepting it](https://github.com/owncloud/ocis/issues/760)
- [apiVersions/fileVersionsSharingToShares.feature:282](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L282)
- [apiVersions/fileVersionsSharingToShares.feature:283](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiVersions/fileVersionsSharingToShares.feature#L283)
#### [Share lists deleted user as 'user'](https://github.com/owncloud/ocis/issues/903)
@@ -1278,22 +1279,22 @@ And other missing implementation of favorites
- [apiFavorites/favoritesSharingToShares.feature:83](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiFavorites/favoritesSharingToShares.feature#L83)
- [apiFavorites/favoritesSharingToShares.feature:108](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiFavorites/favoritesSharingToShares.feature#L108)
- [apiMain/checksums.feature:211](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiMain/checksums.feature#L211)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:49](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L49)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:75](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L75)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:94](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L94)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:120](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L120)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:139](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L139)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:165](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L165)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:203](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L203)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:228](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L228)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:247](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L247)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:273](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L273)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:292](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L292)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:318](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L318)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:337](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L337)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:363](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L363)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:382](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L382)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:408](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L408)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:51](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L51)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:78](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L78)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:98](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L98)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:125](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L125)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:145](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L145)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:172](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L172)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:212](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L212)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:238](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L238)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:258](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L258)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:285](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L285)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:305](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L305)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:332](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L332)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:352](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L352)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:379](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L379)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:399](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L399)
- [apiShareOperationsToShares2/getWebDAVSharePermissions.feature:426](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/getWebDAVSharePermissions.feature#L426)
- [apiShareOperationsToShares2/uploadToShare.feature:47](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/uploadToShare.feature#L47)
- [apiShareOperationsToShares2/uploadToShare.feature:78](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/uploadToShare.feature#L78)
- [apiShareOperationsToShares2/uploadToShare.feature:111](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareOperationsToShares2/uploadToShare.feature#L111)
@@ -1854,8 +1855,8 @@ Not everything needs to be implemented for ocis. While the oc10 testsuite covers
#### public links without permission are allowed now
- [apiShareUpdateToShares/updateShare.feature:112](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L112)
- [apiShareUpdateToShares/updateShare.feature:113](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L113)
- [apiShareUpdateToShares/updateShare.feature:114](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareUpdateToShares/updateShare.feature#L114)
- [apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature:26](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature#L26)
- [apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature:27](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature#L27)
- [apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature:28](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares2/createShareWithInvalidPermissions.feature#L28)

1662
tests/acceptance/expected-failures-graphAPI-on-OCIS-storage.md Normal file
View File

File diff suppressed because it is too large Load Diff

3
tests/acceptance/expected-failures-webUI-on-OCIS-storage.md
View File

@@ -349,9 +349,6 @@ Other free text and markdown formatting can be used elsewhere in the document if
- [webUITags/createTags.feature:61](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITags/createTags.feature#L61)
- [webUITags/createTags.feature:79](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITags/createTags.feature#L79)
### [When a user shares folder to a group, the sharer is shown as group in group member's sharing-sidebar](https://github.com/owncloud/web/issues/5216)
- [webUISharingInternalGroupsEdgeCases/shareWithGroupsEdgeCases.feature:42](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalGroupsEdgeCases/shareWithGroupsEdgeCases.feature#L42)
### [impossible to navigate into a folder in the trashbin](https://github.com/owncloud/web/issues/1725)
- [webUITrashbinDelete/trashbinDelete.feature:29](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITrashbinDelete/trashbinDelete.feature#L29)

511
tests/acceptance/features/bootstrap/GraphContext.php Normal file
View File

@@ -0,0 +1,511 @@
<?php declare(strict_types=1);
/**
* ownCloud
*
* @author Kiran Parajuli <kiran@jankaritech.com>
* @copyright Copyright (c) 2021 Kiran Parajuli kiran@jankaritech.com
*/
use Behat\Behat\Context\Context;
use Behat\Behat\Hook\Scope\BeforeScenarioScope;
use Behat\Gherkin\Node\TableNode;
use GuzzleHttp\Exception\GuzzleException;
use Psr\Http\Message\ResponseInterface;
use TestHelpers\GraphHelper;
use PHPUnit\Framework\Assert;
require_once 'bootstrap.php';
/**
* Context for the provisioning specific steps using the Graph API
*/
class GraphContext implements Context {
/**
* @var FeatureContext
*/
private FeatureContext $featureContext;
/**
* This will run before EVERY scenario.
* It will set the properties for this object.
*
* @BeforeScenario
*
* @param BeforeScenarioScope $scope
*
* @return void
*/
public function before(BeforeScenarioScope $scope): void {
// Get the environment
$environment = $scope->getEnvironment();
// Get all the contexts you need in this context from here
$this->featureContext = $environment->getContext('FeatureContext');
}
/**
* @param string $user
* @param string|null $userName
* @param string|null $password
* @param string|null $email
* @param string|null $displayName
* @param string|null $requester
* @param string|null $requesterPassword
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function userHasBeenEditedUsingTheGraphApi(
string $user,
?string $userName = null,
?string $password = null,
?string $email = null,
?string $displayName = null,
?string $requester = null,
?string $requesterPassword = null
): void {
if (!$requester) {
$requester = $this->featureContext->getAdminUsername();
$requesterPassword = $this->featureContext->getAdminPassword();
}
$userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id');
$response = GraphHelper::editUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$requester,
$requesterPassword,
$userId,
$userName,
$password,
$email,
$displayName
);
$this->featureContext->setResponse($response);
$this->featureContext->theHttpStatusCodeShouldBe(200);
}
/**
* @param string $user
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function adminHasRetrievedUserUsingTheGraphApi(string $user): void {
$user = $this->featureContext->getActualUsername($user);
try {
$userId = $this->featureContext->getAttributeOfCreatedUser($user, "id");
} catch (Exception $e) {
$userId = $user;
}
$result = GraphHelper::getUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$userId
);
$this->featureContext->setResponse($result);
$this->featureContext->thenTheHTTPStatusCodeShouldBe(200);
}
/**
* @param $requestingUser
* @param $targetUser
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function userHasRetrievedUserUsingTheGraphApi(
$requestingUser,
$targetUser
): void {
$requester = $this->featureContext->getActualUsername($requestingUser);
$requesterPassword = $this->featureContext->getPasswordForUser($requestingUser);
$user = $this->featureContext->getActualUsername($targetUser);
$userId = $this->featureContext->getAttributeOfCreatedUser($user, "id");
$response = GraphHelper::getUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$requester,
$requesterPassword,
$userId
);
$this->featureContext->setResponse($response);
$this->featureContext->thenTheHTTPStatusCodeShouldBe(200);
}
/**
* @param string $groupId
* @param bool $checkResult
*
* @return void
* @throws GuzzleException
*/
public function adminDeletesGroupWithGroupId(
string $groupId,
bool $checkResult = false
): void {
$this->featureContext->setResponse(
GraphHelper::deleteGroup(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$groupId
)
);
if ($checkResult) {
$this->featureContext->thenTheHTTPStatusCodeShouldBe(204);
}
}
/**
* @param string $group
*
* @return void
* @throws Exception
* @throws GuzzleException
*/
public function adminDeletesGroupUsingTheGraphApi(
string $group
): void {
$groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id");
if ($groupId) {
$this->adminDeletesGroupWithGroupId($groupId);
} else {
throw new Exception(
"Group id does not exist for '$group' in the created list."
. " Cannot delete group without id when using the Graph API."
);
}
}
/**
* @param string $group
*
* @return void
* @throws Exception
* @throws GuzzleException
*/
public function adminHasDeletedGroupUsingTheGraphApi(string $group): void {
$this->adminDeletesGroupUsingTheGraphApi($group);
$this->featureContext->thenTheHTTPStatusCodeShouldBe(204);
}
/**
* sends a request to delete a user using the Graph API
*
* @param string $user username is used as the id
*
* @return void
* @throws GuzzleException
*/
public function adminDeletesUserUsingTheGraphApi(string $user): void {
$this->featureContext->setResponse(
GraphHelper::deleteUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$user
)
);
}
/**
* @param string $user
* @param string $group
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function adminHasRemovedUserFromGroupUsingTheGraphApi(string $user, string $group): void {
$user = $this->featureContext->getActualUsername($user);
$userId = $this->featureContext->getAttributeOfCreatedUser($user, "id");
$groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id");
$response = GraphHelper::removeUserFromGroup(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$userId,
$groupId,
);
$this->featureContext->setResponse($response);
$this->featureContext->thenTheHTTPStatusCodeShouldBe(204);
}
/**
* check if the provided user is present as a member in the provided group
*
* @param string $user
* @param string $group
*
* @return bool
* @throws JsonException
* @throws Exception
* @throws GuzzleException
*/
public function getUserPresenceInGroupUsingTheGraphApi(string $user, string $group): bool {
$user = $this->featureContext->getActualUsername($user);
$userId = $this->featureContext->getAttributeOfCreatedUser($user, "id");
$members = $this->theAdminHasRetrievedMembersListOfGroupUsingTheGraphApi($group);
$found = false;
foreach ($members as $member) {
if ($member["id"] === $userId) {
$found = true;
break;
}
}
return $found;
}
/**
* @param string $user
* @param string $group
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function userShouldNotBeMemberInGroupUsingTheGraphApi(string $user, string $group): void {
$found = $this->getUserPresenceInGroupUsingTheGraphApi($user, $group);
Assert::assertFalse($found, __METHOD__ . " User $user is member of group $group");
}
/**
* @param string $user
* @param string $group
*
* @return void
* @throws JsonException
* @throws GuzzleException
*/
public function userShouldBeMemberInGroupUsingTheGraphApi(string $user, string $group): void {
$found = $this->getUserPresenceInGroupUsingTheGraphApi($user, $group);
Assert::assertTrue($found, __METHOD__ . "User $user is not member of group $group");
}
/**
* @param string $user
* @param string $password
*
* @return void
* @throws JsonException
*/
public function adminChangesPasswordOfUserToUsingTheGraphApi(
string $user,
string $password
): void {
$user = $this->featureContext->getActualUsername($user);
$userId = $this->featureContext->getAttributeOfCreatedUser($user, 'id');
$response = GraphHelper::editUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$userId,
null,
$password
);
$this->featureContext->setResponse($response);
}
/**
* returns list of all groups
*
* @return array
* @throws Exception
* @throws GuzzleException
*/
public function adminHasRetrievedGroupListUsingTheGraphApi(): array {
$response = GraphHelper::getGroups(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword()
);
if ($response->getStatusCode() === 200) {
$jsonResponseBody = $this->featureContext->getJsonDecodedResponse($response);
return $jsonResponseBody["value"];
} else {
$this->throwHttpException($response, "Could not retrieve groups list.");
}
}
/**
* returns a list of members in group
*
* @param string $group
*
* @return array
* @throws Exception
* @throws GuzzleException
*/
public function theAdminHasRetrievedMembersListOfGroupUsingTheGraphApi(string $group): array {
$response = GraphHelper::getMembersList(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$this->featureContext->getAttributeOfCreatedGroup($group, 'id')
);
if ($response->getStatusCode() === 200) {
return $this->featureContext->getJsonDecodedResponse($response);
} else {
$this->throwHttpException($response, "Could not retrieve members list for group $group.");
}
}
/**
* creates a user with provided data
* actor: the administrator
*
* @param string $user
* @param string $password
* @param string $email
* @param string $displayName
*
* @return void
* @throws Exception
*/
public function theAdminHasCreatedUser(
string $user,
string $password,
string $email,
string $displayName
): void {
$response = GraphHelper::createUser(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$user,
$password,
$email,
$displayName
);
if ($response->getStatusCode() !== 200) {
$this->throwHttpException($response, "Could not create user $user");
} else {
$this->featureContext->setResponse($response);
}
}
/**
* adds a user to a group
*
* @param string $user
* @param string $group
* @param bool $checkResult
*
* @return void
* @throws Exception
* @throws GuzzleException
*/
public function adminHasAddedUserToGroupUsingTheGraphApi(
string $user,
string $group,
bool $checkResult = true
): void {
$groupId = $this->featureContext->getAttributeOfCreatedGroup($group, "id");
$userId = $this->featureContext->getAttributeOfCreatedUser($user, "id");
$result = GraphHelper::addUserToGroup(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$userId,
$groupId
);
if ($checkResult && ($result->getStatusCode() !== 204)) {
$this->throwHttpException($result, "Could not add user '$user' to group '$group'.");
}
}
/**
* create group with provided data
*
* @param string $group
*
* @return array
* @throws Exception
* @throws GuzzleException
*/
public function adminHasCreatedGroupUsingTheGraphApi(string $group): array {
$result = GraphHelper::createGroup(
$this->featureContext->getBaseUrl(),
$this->featureContext->getStepLineRef(),
$this->featureContext->getAdminUsername(),
$this->featureContext->getAdminPassword(),
$group,
);
if ($result->getStatusCode() === 200) {
return $this->featureContext->getJsonDecodedResponse($result);
} else {
$this->throwHttpException($result, "Could not create group '$group'.");
}
}
/**
* @param ResponseInterface $response
* @param string $errorMsg
*
* @return void
* @throws Exception
*/
private function throwHttpException(ResponseInterface $response, string $errorMsg): void {
try {
$jsonBody = $this->featureContext->getJsonDecodedResponse($response);
throw new Exception(
__METHOD__
. "\n$errorMsg"
. "\nHTTP status code: " . $response->getStatusCode()
. "\nError code: " . $jsonBody["error"]["code"]
. "\nMessage: " . $jsonBody["error"]["message"]
);
} catch (TypeError $e) {
throw new Exception(
__METHOD__
. "\n$errorMsg"
. "\nHTTP status code: " . $response->getStatusCode()
. "\nResponse body: " . $response->getBody()
);
}
}
/**
* @param string $shouldOrNot (not|)
* @param TableNode $table
*
* @throws GuzzleException
* @throws Exception
*/
public function theseGroupsShouldNotExist(string $shouldOrNot, TableNode $table): void {
$should = ($shouldOrNot !== "not");
$this->featureContext->verifyTableNodeColumns($table, ['groupname']);
$actualGroupsList = $this->adminHasRetrievedGroupListUsingTheGraphApi();
$expectedGroups = $table->getColumnsHash();
// check if every expected group is(not) in the actual groups list
foreach ($expectedGroups as $expectedGroup) {
$groupName = $expectedGroup['groupname'];
$groupExists = false;
foreach ($actualGroupsList as $actualGroup) {
if ($actualGroup['displayName'] === $groupName) {
$groupExists = true;
break;
}
}
if ($groupExists !== $should) {
throw new Exception(
__METHOD__
. "\nGroup '$groupName' is expected " . ($should ? "" : "not ")
. "to exist, but it does" . ($should ? " not" : "") . " exist."
);
}
}
}
}

8
tests/acceptance/features/bootstrap/SpacesContext.php
View File

@@ -1997,8 +1997,8 @@ class SpacesContext implements Context {
}
/**
* User get all objects in the trash of project space
*
* User get all objects in the trash of project space
*
* method "getTrashbinContentFromResponseXml" borrowed from core repository
* and return array like:
* [1] => Array
@@ -2056,7 +2056,9 @@ class SpacesContext implements Context {
};
if ($shouldOrNot === "not") {
Assert::assertEmpty($expectedObject, "$object is found in the trash, but should not be there");
} else Assert::assertNotEmpty($expectedObject, "$object is not found in the trash");
} else {
Assert::assertNotEmpty($expectedObject, "$object is not found in the trash");
}
}
/**

1
tests/acceptance/features/bootstrap/bootstrap.php
View File

@@ -33,5 +33,6 @@ $classLoader->addPsr4(
$pathToCore . "/tests/acceptance/features/bootstrap",
true
);
$classLoader->addPsr4("TestHelpers\\", __DIR__ . "/../../../TestHelpers", true);
$classLoader->register();

4
tests/parallelDeployAcceptance/config/behat.yml
View File

@@ -31,10 +31,6 @@ default:
- FeatureContext: *common_feature_context_params
extensions:
jarnaiz\JUnitFormatter\JUnitFormatterExtension:
filename: report.xml
outputDir: "%paths.base%/../output/"
rdx\behatvars\BehatVariablesExtension: ~
Cjm\Behat\StepThroughExtension: ~

1
vendor-bin/behat/composer.json
View File

@@ -9,7 +9,6 @@
"behat/mink": "1.7.1",
"friends-of-behat/mink-extension": "^2.5",
"ciaranmcnulty/behat-stepthroughextension" : "dev-master",
"jarnaiz/behat-junit-formatter": "^1.3",
"rdx/behat-variables": "^1.2",
"sensiolabs/behat-page-object-extension": "^2.3",
"symfony/translation": "^4.4",