mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2025-12-30 17:00:57 -06:00
Code Issues Packages Projects Releases Wiki Activity

spelling

Browse Source 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
This commit is contained in:
Josh Soref
2021-09-17 05:21:38 -04:00
committed by Phil Davis
parent 806d224ed7
commit 55667a3ab3
87 changed files with 192 additions and 192 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
CHANGELOG.md
View File

@@ -179,7 +179,7 @@ The following sections list the changes for 1.12.0.
* Enhancement - Update go-chi/chi to version 5.0.3: [#2429](https://github.com/owncloud/ocis/pull/2429)
Updated go-chi/chi to the lastest release
Updated go-chi/chi to the latest release
https://github.com/owncloud/ocis/pull/2429
@@ -379,7 +379,7 @@ The following sections list the changes for 1.10.0.
* Enhancement - Refactor graph API: [#2277](https://github.com/owncloud/ocis/pull/2277)
We refactored the `/graph/v1.0/` endpoint which now relies on the internal acces token fer
We refactored the `/graph/v1.0/` endpoint which now relies on the internal access token for
authentication, getting rid of any LDAP or OIDC code to authenticate requests. This allows
using the graph api when using basic auth or any other auth mechanism provided by the CS3 auth
providers / reva gateway / ocis proxy.
@@ -529,7 +529,7 @@ The following sections list the changes for 1.9.0.
* Fix cs3org/reva#1808: Use empty array in OCS Notifications endpoints
* Fix cs3org/reva#1825: Raise max grpc message size
* Fix cs3org/reva#1828: Send a proper XML header with error messages
* Chg cs3org/reva#1828: Remove the oidc provider in order to upgrad mattn/go-sqlite3 to v1.14.7
* Chg cs3org/reva#1828: Remove the oidc provider in order to upgrade mattn/go-sqlite3 to v1.14.7
* Enh cs3org/reva#1834: Add API key to Mentix GOCDB connector
* Enh cs3org/reva#1855: Minor optimization in parsing EOS ACLs
* Enh cs3org/reva#1873: Update the EOS image tag to be for revad-eos image
@@ -645,7 +645,7 @@ The following sections list the changes for 1.7.0.
* Bugfix - Change the groups index to be case sensitive: [#2109](https://github.com/owncloud/ocis/pull/2109)
Groups are considered to be case sensitive. The index must handle them case sensitive too
otherwise we will have undeterministic behavior while editing or deleting groups.
otherwise we will have nondeterministic behavior while editing or deleting groups.
https://github.com/owncloud/ocis/pull/2109
@@ -661,7 +661,7 @@ The following sections list the changes for 1.7.0.
* Enhancement - Enable the s3ng storage driver: [#1886](https://github.com/owncloud/ocis/pull/1886)
We made it possible to use the new s3ng storage driver by adding according commandline flags and
We made it possible to use the new s3ng storage driver by adding according command-line flags and
environment variables.
https://github.com/owncloud/ocis/pull/1886
@@ -856,7 +856,7 @@ The following sections list the changes for 1.5.0.
* Enhancement - Parse config on supervised mode with run subcommand: [#1931](https://github.com/owncloud/ocis/pull/1931)
Currenntly it is not possible to parse a single config file from an extension when running on
Currently it is not possible to parse a single config file from an extension when running on
supervised mode.
https://github.com/owncloud/ocis/pull/1931
@@ -888,7 +888,7 @@ The following sections list the changes for 1.5.0.
* Enhancement - Update reva to v1.6.1-0.20210414111318-a4b5148cbfb2: [#1872](https://github.com/owncloud/ocis/pull/1872)
* enforce quota (https://github.com/cs3org/reva/pull/1557)
* Make additional info attribute configureable (https://github.com/cs3org/reva/pull/1588)
* Make additional info attribute configurable (https://github.com/cs3org/reva/pull/1588)
* check ENOTDIR for readlink (https://github.com/cs3org/reva/pull/1597)
* Add wrappers for EOS and EOS Home storage drivers (https://github.com/cs3org/reva/pull/1624)
* eos: fixes for enabling file sharing (https://github.com/cs3org/reva/pull/1619)
@@ -958,7 +958,7 @@ The following sections list the changes for 1.4.0.
* Enhancement - Clarify expected failures: [#1790](https://github.com/owncloud/ocis/pull/1790)
Some features, while covered by the ownCloud 10 acceptance tests, will not be implmented for
Some features, while covered by the ownCloud 10 acceptance tests, will not be implemented for
now: - blacklisted / ignored files, because ocis does not need to blacklist `.htaccess` files -
`OC-LazyOps` support was [removed from the
clients](https://github.com/owncloud/client/pull/8398). We are thinking about [a state
@@ -1057,7 +1057,7 @@ The following sections list the changes for 1.3.0.
* Bugfix - Add missing gateway config: [#1716](https://github.com/owncloud/ocis/pull/1716)
The auth provider `ldap` and `oidc` drivers now need to be able talk to the reva gateway. We added
the `gatewayscv` to the config that is passed to reva.
the `gatewaysvc` to the config that is passed to reva.
https://github.com/owncloud/ocis/pull/1716
@@ -1070,12 +1070,12 @@ The following sections list the changes for 1.3.0.
We inverted this dependency and moved the default initialization data (i.e: creating roles,
permissions, settings bundles) and instead of notifying the settings service that the
account has to provide with such options, the settings is instead initialized with the options
the accounts rely on. Essentially saving bandwith as there is no longer a gRPC call to the
the accounts rely on. Essentially saving bandwidth as there is no longer a gRPC call to the
settings service.
For the `storage-metadata` a retry mechanism was added that retries by default 20 times to
fetch the `com.owncloud.storage.metadata` from the service registry every `500`
miliseconds. If this retry expires the accounts panics, as its dependency on the
milliseconds. If this retry expires the accounts panics, as its dependency on the
`storage-metadata` service cannot be resolved.
We also introduced a client wrapper that acts as middleware between a client and a server. For
@@ -1251,7 +1251,7 @@ The following sections list the changes for 1.2.0.
* Enhancement - Introduce ADR: [#1042](https://github.com/owncloud/ocis/pull/1042)
We will keep track of [Architectual Decision Records using
We will keep track of [Architectural Decision Records using
Markdown](https://adr.github.io/madr/) in `/docs/adr`.
https://github.com/owncloud/ocis/pull/1042
@@ -1657,7 +1657,7 @@ The following sections list the changes for 1.0.0.
Tags: docker
Without setting `REVA_FRONTEND_URL` and `REVA_DATAGATEWAY_URL` uploads would default to
locahost and fail if `OCIS_DOMAIN` was used to run ocis on a remote host.
localhost and fail if `OCIS_DOMAIN` was used to run ocis on a remote host.
https://github.com/owncloud/ocis/pull/392
@@ -1699,7 +1699,7 @@ The following sections list the changes for 1.0.0.
Tags: accounts
With the phoenix update to v0.17.0 a new ODS version was released which has a breaking change for
buttons regarding their layouting. We adjusted the button layout in the accounts UI
buttons regarding their layout. We adjusted the button layout in the accounts UI
accordingly.
https://github.com/owncloud/ocis/pull/625
@@ -2432,7 +2432,7 @@ The following sections list the changes for 1.0.0.
* Change - Roles manager: [#60](https://github.com/owncloud/ocis-pkg/pull/60)
* Change - Use go-micro's metadata context for account id: [#56](https://github.com/owncloud/ocis-pkg/pull/56)
* Bugfix - Remove redigo 2.0.0+incompatible dependency: [#33](https://github.com/owncloud/ocis-graph/pull/33)
* Change - Add middleware for x-access-token distmantling: [#46](https://github.com/owncloud/ocis-pkg/pull/46)
* Change - Add middleware for x-access-token dismantling: [#46](https://github.com/owncloud/ocis-pkg/pull/46)
* Enhancement - Add `ocis.id` and numeric id claims: [#50](https://github.com/owncloud/ocis-pkg/pull/50)
* Bugfix - Pass flags to micro service: [#44](https://github.com/owncloud/ocis-pkg/pull/44)
* Change - Add header to cors handler: [#41](https://github.com/owncloud/ocis-pkg/issues/41)
@@ -2461,7 +2461,7 @@ The following sections list the changes for 1.0.0.
* Bugfix - Use opaque ID of a user for signing keys: [#436](https://github.com/owncloud/ocis/issues/436)
* Enhancement - Add option to create user with uidnumber and gidnumber: [#34](https://github.com/owncloud/ocis-ocs/pull/34)
* Bugfix - Fix file descriptor leak: [#79](https://github.com/owncloud/ocis-accounts/issues/79)
* Enhancement - Add Group management for OCS Povisioning API: [#25](https://github.com/owncloud/ocis-ocs/pull/25)
* Enhancement - Add Group management for OCS Provisioning API: [#25](https://github.com/owncloud/ocis-ocs/pull/25)
* Enhancement - Basic Support for the User Provisioning API: [#23](https://github.com/owncloud/ocis-ocs/pull/23)
* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#20](https://github.com/owncloud/ocis-ocs/pull/20)
* Change - Initial release of basic version: [#1](https://github.com/owncloud/ocis-ocs/issues/1)
@@ -3135,7 +3135,7 @@ The following sections list the changes for 1.0.0.
Currently, cross storage etag propagation is not yet implemented, which prevents the desktop
client from detecting changes via the PROPFIND to /. / is managed by the root storage provider
which is independend of the home and oc storage providers. If a file changes in /home/foo, the
which is independent of the home and oc storage providers. If a file changes in /home/foo, the
etag change will only be propagated to the root of the home storage provider.
This change jails users into the `/home` namespace, and allows configuring the namespace to
@@ -3206,7 +3206,7 @@ The following sections list the changes for 1.0.0.
* Enhancement - Update reva to v0.0.2-0.20200212114015-0dbce24f7e8b: [#91](https://github.com/owncloud/ocis-reva/pull/91)
Reva has seen a lot of changes that allow us to - reduce the configuration overhead - use the
autocreato home folder option - use the home folder path layout option - no longer start the root
autocreate home folder option - use the home folder path layout option - no longer start the root
storage
Https://github.com/owncloud/ocis-reva/pull/91 related:
@@ -3427,7 +3427,7 @@ The following sections list the changes for 1.0.0.
- Generate random endsession state for external authority - Update dependencies in
Dockerfile - Set prompt=None to avoid loops with external authority - Update Jenkins
reporting plugin from checkstyle to recordIssues - Remove extra kty key from JWKS top level
document - Fix regression which encodes URL fragments twice - Avoid generating fragmet/query
document - Fix regression which encodes URL fragments twice - Avoid generating fragment/query
URLs with wrong order - Return state for oidc endsession response redirects - Use server
provided username to avoid case mismatch - Use signed-out-uri if set as fallback for goodbye
redirect on saml slo - Add checks to ensure post_logout_redirect_uri is not empty - Fix SAML2

2
CONTRIBUTING.md
View File

@@ -44,7 +44,7 @@ We also have a [Rocket Chat Server](https://talk.owncloud.com/channel/ocis) to a
### ownCloud is hosted on Github
To effectivly contribute to ownCloud Infinite Scale, you need a Github account. You can get that for free at [Github](https://github.com/join). You can find howtos on the internet, for example [here](https://www.wikihow.com/Create-an-Account-on-GitHub).
To effectively contribute to ownCloud Infinite Scale, you need a Github account. You can get that for free at [Github](https://github.com/join). You can find howtos on the internet, for example [here](https://www.wikihow.com/Create-an-Account-on-GitHub).
For other ways of contributing, for example with translations, other systems require you to have an account as well, for example [Transifex](https://www.transifex.com).

2
Makefile
View File

@@ -32,7 +32,7 @@ OCIS_MODULES = \
web \
webdav
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include .bingo/Variables.mk
endif

2
accounts/Makefile
View File

@@ -7,7 +7,7 @@ test-acceptance-webui:
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
accounts/pkg/proto/v0/accounts.mock.go
View File

@@ -9,7 +9,7 @@ import (
// MockAccountsService can be used to write tests
/*
To creata a mock overwrite the functions of an instance like this:
To create a mock overwrite the functions of an instance like this:
```go
func mockAccSvc(retErr bool) proto.AccountsService {

2
accounts/pkg/proto/v0/accounts.pb.go
View File

@@ -457,7 +457,7 @@ func (x *DeleteAccountRequest) GetId() string {
return ""
}
// Account follows the properties of the ms graph api user resuorce.
// Account follows the properties of the ms graph api user resource.
// See https://docs.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#properties
type Account struct {
state protoimpl.MessageState

2
accounts/pkg/proto/v0/accounts.pb.micro_test.go
View File

@@ -617,7 +617,7 @@ func TestUpdateNonUpdatableFieldsInAccount(t *testing.T) {
errMsg := fmt.Sprintf("can not update field %s, either unknown or readonly", tt.updateMask[0])
assert.Equal(t, errMsg, e.Detail)
} else {
t.Fatal("Expected merror errors but found something else.")
t.Fatal("Expected merrors errors but found something else.")
}
})
}

4
accounts/pkg/proto/v0/accounts.proto
View File

@@ -247,7 +247,7 @@ message DeleteAccountRequest {
string id = 1;
}
// Account follows the properties of the ms graph api user resuorce.
// Account follows the properties of the ms graph api user resource.
// See https://docs.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#properties
message Account {
@@ -383,7 +383,7 @@ message Account {
repeated OnPremisesProvisioningError on_premises_provisioning_errors = 29;
// TODO do we need to sync uidnumber and gidnumber from the external ldap? we may assign different numbers so eos has a non colliding namespace.
// we can sync them to the (uid|gid)_number fileds but what if they changed in the external ldap and now collide?
// we can sync them to the (uid|gid)_number fields but what if they changed in the external ldap and now collide?
// move those properties to a posixaccount message so we can exchange that part with an external (readonly or writeable) ldap server?
// For an external user invited to the tenant using the invitation API, this property represents the invited user's invitation status.

2
accounts/pkg/proto/v0/accounts.swagger.json
View File

@@ -689,7 +689,7 @@
"description": "Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get\nan error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph).\nIf this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint.\nRead-only. Use revokeSignInSessions to reset."
}
},
"title": "Account follows the properties of the ms graph api user resuorce.\nSee https://docs.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#properties"
"title": "Account follows the properties of the ms graph api user resource.\nSee https://docs.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0#properties"
},
"v0AddMemberRequest": {
"type": "object",

4
accounts/pkg/service/v0/accounts.go
View File

@@ -625,7 +625,7 @@ func (s Service) UpdateAccount(ctx context.Context, in *proto.UpdateAccountReque
return
}
// whitelist of all paths/fields which can be updated by users themself
// whitelist of all paths/fields which can be updated by users themselves
var selfUpdatableAccountPaths = map[string]struct{}{
"DisplayName": {},
"Description": {},
@@ -741,7 +741,7 @@ func validateAccountEmail(serviceID string, a *proto.Account) error {
return nil
}
// We want to allow email addresses as usernames so they show up when using them in ACLs on storages that allow intergration with our glauth LDAP service
// We want to allow email addresses as usernames so they show up when using them in ACLs on storages that allow integration with our glauth LDAP service
// so we are adding a few restrictions from https://stackoverflow.com/questions/6949667/what-are-the-real-rules-for-linux-usernames-on-centos-6-and-rhel-6
// names should not start with numbers
var usernameRegex = regexp.MustCompile("^[a-zA-Z_][a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]*(@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*)*$")

2
accounts/pkg/service/v0/groups.go
View File

@@ -270,7 +270,7 @@ func (s Service) AddMember(c context.Context, in *proto.AddMemberRequest, out *p
break
}
}
// only store the reference to prevent recurision when marshaling json
// only store the reference to prevent recursion when marshaling json
gref := &proto.Group{
Id: g.Id,
}

4
accounts/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
accounts/ui/helpers/utils.js
View File

@@ -1,5 +1,5 @@
/**
* Asserts wheter the given object is empty
* Asserts whether the given object is empty
* @param {Object} obj Object to be checked
* @returns {Boolean}
*/

2
changelog/1.12.0_2021-09-14/update-chi-v5.md
View File

@@ -1,5 +1,5 @@
Enhancement: Update go-chi/chi to version 5.0.3
Updated go-chi/chi to the lastest release
Updated go-chi/chi to the latest release
https://github.com/owncloud/ocis/pull/2429

2
deployments/examples/cs3_users_ocis/docker-compose.yml
View File

@@ -14,7 +14,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
deployments/examples/ocis_hello/docker-compose.yml
View File

@@ -14,7 +14,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
deployments/examples/ocis_keycloak/.env
View File

@@ -29,7 +29,7 @@ OCIS_JWT_SECRET=
OCIS_TRANSFER_SECRET=
### Keycloak ###
# Domain of Keycloak, where you can find the managment and authentication frontend. Defaults to "keycloak.owncloud.test"
# Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test"
KEYCLOAK_DOMAIN=
# Realm which to be used with oCIS. Defaults to "oCIS"
KEYCLOAK_REALM=

94
deployments/examples/ocis_keycloak/config/keycloak/ocis-realm.dist.json
View File

@@ -1451,13 +1451,13 @@
"requirement" : "ALTERNATIVE",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "ALTERNATIVE",
"priority" : 20,
"flowAlias" : "Verify Existing Account by Re-authentication",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "ad3efe78-b66b-4f53-afc1-082022a83ea5",
@@ -1471,19 +1471,19 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "basic-auth-otp",
"requirement" : "DISABLED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "auth-spnego",
"requirement" : "DISABLED",
"priority" : 30,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "4efb4624-94a8-4eb6-b9cd-9eae0e355bc5",
@@ -1497,13 +1497,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "auth-otp-form",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "af0d79b5-adc0-4ef7-a8c2-c149f4cea9ec",
@@ -1517,13 +1517,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "direct-grant-validate-otp",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "e0b5c8fb-cc71-4653-9e01-92e4731bf11c",
@@ -1537,13 +1537,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "auth-otp-form",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "e3705c4a-d92f-4f22-9693-a5232fe31f69",
@@ -1557,13 +1557,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "REQUIRED",
"priority" : 20,
"flowAlias" : "Account verification options",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "794618ff-52f6-4fad-a5c6-4e8fab00dd17",
@@ -1577,13 +1577,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "reset-otp",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "5ff78050-25cd-4895-8fef-7ec3631239c9",
@@ -1598,13 +1598,13 @@
"requirement" : "ALTERNATIVE",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "ALTERNATIVE",
"priority" : 20,
"flowAlias" : "Handle Existing Account",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "5ddaf74c-25b8-4cc1-98fd-325219811525",
@@ -1618,13 +1618,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "CONDITIONAL",
"priority" : 20,
"flowAlias" : "First broker login - Conditional OTP",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "6b77b935-9cb8-4ae8-b23e-4fe8f4c1f93b",
@@ -1638,25 +1638,25 @@
"requirement" : "ALTERNATIVE",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "auth-spnego",
"requirement" : "DISABLED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "identity-provider-redirector",
"requirement" : "ALTERNATIVE",
"priority" : 25,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "ALTERNATIVE",
"priority" : 30,
"flowAlias" : "forms",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "9dfc0dc9-da89-48f1-95ae-dd3dc5dcb60b",
@@ -1670,25 +1670,25 @@
"requirement" : "ALTERNATIVE",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "client-jwt",
"requirement" : "ALTERNATIVE",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "client-secret-jwt",
"requirement" : "ALTERNATIVE",
"priority" : 30,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "client-x509",
"requirement" : "ALTERNATIVE",
"priority" : 40,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "4f5c0c90-6a28-46bc-a4c2-b216b1a387ca",
@@ -1702,19 +1702,19 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "direct-grant-validate-password",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "CONDITIONAL",
"priority" : 30,
"flowAlias" : "Direct Grant - Conditional OTP",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "11bf67b6-6fa8-4b04-abc0-1fffe293e9fe",
@@ -1728,7 +1728,7 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "06fe5c40-d285-432d-ba8f-16e64d5c192b",
@@ -1743,13 +1743,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "REQUIRED",
"priority" : 20,
"flowAlias" : "User creation or linking",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "38963f42-3cf9-467b-be8f-a23af94783fe",
@@ -1763,13 +1763,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "CONDITIONAL",
"priority" : 20,
"flowAlias" : "Browser - Conditional OTP",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "1ba1842f-5b89-41cd-a54e-9262f5fdb9be",
@@ -1783,13 +1783,13 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "REQUIRED",
"priority" : 20,
"flowAlias" : "Authentication Options",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "532769a0-01a2-472d-8a19-54ad730eb5cf",
@@ -1804,7 +1804,7 @@
"priority" : 10,
"flowAlias" : "registration form",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "1fedf0a2-d9a9-4060-8907-17ea2338d6f8",
@@ -1818,25 +1818,25 @@
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "registration-profile-action",
"requirement" : "REQUIRED",
"priority" : 40,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "registration-password-action",
"requirement" : "REQUIRED",
"priority" : 50,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "registration-recaptcha-action",
"requirement" : "DISABLED",
"priority" : 60,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
}, {
"id" : "86180e38-fb76-45ce-8778-3559cdf7d5c7",
@@ -1850,25 +1850,25 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "reset-credential-email",
"requirement" : "REQUIRED",
"priority" : 20,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"authenticator" : "reset-password",
"requirement" : "REQUIRED",
"priority" : 30,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
}, {
"requirement" : "CONDITIONAL",
"priority" : 40,
"flowAlias" : "Reset - Conditional OTP",
"userSetupAllowed" : false,
"autheticatorFlow" : true
"authenticatorFlow" : true
} ]
}, {
"id" : "b2f6fc89-6970-464c-8854-e9d0c4187294",
@@ -1882,7 +1882,7 @@
"requirement" : "REQUIRED",
"priority" : 10,
"userSetupAllowed" : false,
"autheticatorFlow" : false
"authenticatorFlow" : false
} ]
} ],
"authenticatorConfig" : [ {

2
deployments/examples/ocis_keycloak/docker-compose.yml
View File

@@ -15,7 +15,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
deployments/examples/ocis_s3/docker-compose.yml
View File

@@ -14,7 +14,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
deployments/examples/ocis_traefik/docker-compose.yml
View File

@@ -14,7 +14,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
deployments/examples/ocis_wopi/docker-compose.yml
View File

@@ -16,7 +16,7 @@ services:
- "--certificatesResolvers.http.acme.email=${TRAEFIK_ACME_MAIL:-example@example.org}"
- "--certificatesResolvers.http.acme.storage=/certs/acme.json"
- "--certificatesResolvers.http.acme.httpChallenge.entryPoint=http"
# enable dasbhoard
# enable dashboard
- "--api.dashboard=true"
# define entrypoints
- "--entryPoints.http.address=:80"

2
docs/extensions/storage/_index.md
View File

@@ -26,7 +26,7 @@ The dashed lines in the diagram indicate requests that are made to authenticate
2. The gateway will verify the JWT signature of the `x-access-token` or try to authenticate the request itself, e.g. using a public link token.
{{< hint warning >}}
The bottom part is lighter because we will deprecate it in favor of using only the CS3 user and group providers after moving some account functionality into reva and glauth. The metadata storage is not registered in the reva gateway to seperate metadata necessary for running the service from data that is being served directly.
The bottom part is lighter because we will deprecate it in favor of using only the CS3 user and group providers after moving some account functionality into reva and glauth. The metadata storage is not registered in the reva gateway to separate metadata necessary for running the service from data that is being served directly.
{{< /hint >}}
## Endpoints and references

2
docs/extensions/storage/architecture.md
View File

@@ -89,7 +89,7 @@ The OCS service makes a stat request to the storage provider to get a [ResourceI
{{< hint >}}
The user and public share provider implementations identify the file using the [`ResourceId`](https://cs3org.github.io/cs3apis/#cs3.storage.provider.v1beta1.ResourceId). The [`ResourceInfo`](https://cs3org.github.io/cs3apis/#cs3.storage.provider.v1beta1.ResourceInfo) is passed so the share provider can also store who the owner of the resource is. The *path* is not part of the other API calls, e.g. when listing shares.
The OCM API takes an id based reference on the CS3 api, even if the OCM HTTP endpoint takes a path argument. *@jfd: Why? Does it not need the owner? It only stores the owner of the share, which is always the currently looged in user, when creating a share. Afterwards only the owner can update a share ... so collaborative management of shares is not possible. At least for OCM shares.*
The OCM API takes an id based reference on the CS3 api, even if the OCM HTTP endpoint takes a path argument. *@jfd: Why? Does it not need the owner? It only stores the owner of the share, which is always the currently logged in user, when creating a share. Afterwards only the owner can update a share ... so collaborative management of shares is not possible. At least for OCM shares.*
{{< /hint >}}
### User and Group provisioning

8
docs/extensions/storage/terminology.md
View File

@@ -79,13 +79,13 @@ It maps the *path* and *id* based CS3 *references* to an appropriate [*storage s
{{< hint warning >}}
**Proposed Change**
iOS clients can only queue single requests to be executed in the background. The queue an upload and need to be able to identify the uploaded file after it has been uploaded to the server. The disconnected nature of the connection might cause worksflows or manual user interaction with the file on the server to move the file to a different place or changing the content while the device is offline. However, on the device users might have marked the file as favorite or added it to other iOS specific collections. To be able to reliably identify the file the client can generate a `uuid` and attach it to the file metadata during the upload. While it is not necessary to look up files by this `uuid` having a second file id that serves exactly the same purpose as the `file id` is redundant.
iOS clients can only queue single requests to be executed in the background. The queue an upload and need to be able to identify the uploaded file after it has been uploaded to the server. The disconnected nature of the connection might cause workflows or manual user interaction with the file on the server to move the file to a different place or changing the content while the device is offline. However, on the device users might have marked the file as favorite or added it to other iOS specific collections. To be able to reliably identify the file the client can generate a `uuid` and attach it to the file metadata during the upload. While it is not necessary to look up files by this `uuid` having a second file id that serves exactly the same purpose as the `file id` is redundant.
Another aspect for the `file id` / `uuid` is that it must be a logical identifier that can be set, at least by internal systems. Without a writeable fileid we cannot restore backups or migrate storage spaces from one storage provider to another storage provider.
Technically, this means that every storage driler needs to have a map of a `uuid` to in internal resource identifier. This internal resource identifier can be
Technically, this means that every storage driver needs to have a map of a `uuid` to in internal resource identifier. This internal resource identifier can be
- an eos fileid, because eos can look up files by id
- an inode if the filesystem and the storage driver support lookung up by inode
- an inode if the filesystem and the storage driver support looking up by inode
- a path if the storage driver has no way of looking up files by id.
- In this case other mechanisms like inotify, kernel audit or a fuse overlay might be used to keep the paths up to date.
- to prevent excessive writes when deep folders are renamed a reverse map might be used: it will map the `uuid` to `<parentuuid>:<childname>`, allowing to trade writes for reads
@@ -142,7 +142,7 @@ Examples would be every user's home storage space, project storage spaces or gro
Finally, a logical `storage space id` is not tied to a specific [*storage provider*]({{< ref "#storage-providers" >}}). If the [*storage driver*]({{< ref "#storage-drivers" >}}) supports it, we can import existing files including their `file id`, which makes it possible to move [*storage spaces*]({{< ref "#storage-spaces" >}}) between [*storage providers*]({{< ref "#storage-providers" >}}) to implement storage classes, e.g. with or without archival, workflows, on SSDs or HDDs.
## Shares
*To be clarified: we are aware that [*storage spaces*]({{< ref "#storage-spaces" >}}) may be too 'heavywheight' for ad hoc sharing with groups. That being said, there is no technical reason why group shares should not be treated like [*storage spaces*]({{< ref "#storage-spaces" >}}) that users can provision themselves. They would share the quota with the users home [*storage space*]({{< ref "#storage-spaces" >}}) and the share initiator would be the sole owner. Technically, the mechanism of treating a share like a new [*storage space*]({{< ref "#storage-spaces" >}}) would be the same. This obviously also extends to user shares and even file indvidual shares that would be wrapped in a virtual collection. It would also become possible to share collections of arbitrary files in a single storage space, e.g. the ten best pictures from a large album.*
*To be clarified: we are aware that [*storage spaces*]({{< ref "#storage-spaces" >}}) may be too 'heavyweight' for ad hoc sharing with groups. That being said, there is no technical reason why group shares should not be treated like [*storage spaces*]({{< ref "#storage-spaces" >}}) that users can provision themselves. They would share the quota with the users home [*storage space*]({{< ref "#storage-spaces" >}}) and the share initiator would be the sole owner. Technically, the mechanism of treating a share like a new [*storage space*]({{< ref "#storage-spaces" >}}) would be the same. This obviously also extends to user shares and even file individual shares that would be wrapped in a virtual collection. It would also become possible to share collections of arbitrary files in a single storage space, e.g. the ten best pictures from a large album.*
## Storage Systems

6
docs/ocis/_index.md
View File

@@ -15,11 +15,11 @@ Welcome to oCIS, the modern file-sync and share platform, which is based on our
### The idea of federated storage
To creata a truly federated storage architecture oCIS breaks down the old ownCloud 10 user specific namespace, which is assembled on the server side, and makes the individual parts accessible to clients as storage spaces and storage space registries.
To create a truly federated storage architecture oCIS breaks down the old ownCloud 10 user specific namespace, which is assembled on the server side, and makes the individual parts accessible to clients as storage spaces and storage space registries.
The below diagram shows the core conceps that are the foundation for the new architecture:
The below diagram shows the core concepts that are the foundation for the new architecture:
- End user devices can fetch the list of *storage spaces* a user has access to, by querying one or multiple *storage space registries*. The list contains a unique endpoint for every *storage space*.
- [*Storage space registries*]({{< ref "../extensions/storage/terminology#storage-space-registries" >}}) manage the list of storage spaces a user has access to. They may subscrible to *storage spaces* in order to receive notifications about changes on behalf of an end users mobile or desktop client.
- [*Storage space registries*]({{< ref "../extensions/storage/terminology#storage-space-registries" >}}) manage the list of storage spaces a user has access to. They may subscribe to *storage spaces* in order to receive notifications about changes on behalf of an end users mobile or desktop client.
- [*Storage spaces*]({{< ref "../extensions/storage/terminology#storage-spaces" >}}) represent a collection of files and folders. A users personal files are a *storage space*, a group or project drive is a *storage space*, and even incoming shares are treated and implemented as *storage spaces*. Each with properties like owners, permissions, quota and type.
- [*Storage providers*]({{< ref "../extensions/storage/terminology#storage-providers" >}}) can hold multiple *storage spaces*. At an oCIS instance, there might be a dedicated *storage provider* responsible for users personal storage spaces. There might be multiple, sharing the load or there might be just one, hosting all types of *storage spaces*.

2
docs/ocis/adr/0003-external-user-management.md
View File

@@ -69,7 +69,7 @@ Chosen option: "Move accounts functionality to GLAuth and name it accounts", by
### Negative Consequences
* If users want to store users in their IDM and at the same time guests in a seperate user management we need to implement GLAuth backends that support more than one LDAP server.
* If users want to store users in their IDM and at the same time guests in a separate user management we need to implement GLAuth backends that support more than one LDAP server.
## Pros and Cons of the Options

2
docs/ocis/adr/0004-support-hot-migration.md
View File

@@ -60,7 +60,7 @@ The migration happens while the service is offline. File metadata, blobs and sha
- Good, because oCIS can be tested in a staging system without writing to the production system.
- Good, because file layout on disk can be changed to support new storage driver capabilities.
- Bad, because the export and import might require significant amounts of storage.
- Bad, because a rollback to the state before the migration might cause data loss of the changes that happend in between.
- Bad, because a rollback to the state before the migration might cause data loss of the changes that happened in between.
- Bad, because the cold migration can mean significant downtime.
### Hot Migration

2
docs/ocis/adr/0006-service-discovery.md
View File

@@ -37,7 +37,7 @@ Chosen option: "Dynamic service registration". There were some drawbacks regardi
* Having dynamic service registration delegates the entire lifecycle of finding a process to the service registry.
* Removing a-priori knowledge of hostname + port for services.
* Marrying go-micro's registry and a newly defined registry abstraction on Reva.
* We will embrace go-micro interfaces by defining a third merger interface in order to marry go-micro registry and rega revistry.
* We will embrace go-micro interfaces by defining a third merger interface in order to marry go-micro registry and reva registry.
* The ability to fetch a service node relying only on its name (i.e: com.owncloud.proxy) and not on a tuple hostname + port that we rely on being preconfigured during runtime.
* Conceptually speaking, a better framework to tie all the services together. Referring to services by names is less overall confusing than having to add a service name + where it is running. A registry is agnostic to "where is it running" because it, by definition, keeps track of this specific question, so when speaking about design or functionality, it will ease communication.

4
docs/ocis/adr/0010-policy-enforcement.md
View File

@@ -23,11 +23,11 @@ There should be a way to impose certain limitations in areas of the code that re
## Considered Options
1. Build the evaluation engine in-house.
2. Use third party libraries such as Open Policy Agent (a CNCF aproved project written in Go)
2. Use third party libraries such as Open Policy Agent (a CNCF approved project written in Go)
## Decision Outcome
Chosen option: option 2; Use third party libraries such as Open Policy Agent (a CNCF aproved project written in Go)
Chosen option: option 2; Use third party libraries such as Open Policy Agent (a CNCF approved project written in Go)
### Positive Consequences

6
docs/ocis/adr/0011-global-url-format.md
View File

@@ -177,7 +177,7 @@ There is a customized ownCloud instance that uses path only based URLs:
{{< hint >}}
* `/#` is used by the current vue router.
* `/s` denotes that this is a space url.
* `<space_id>` and `<resource_id>` both consist of `<storage_id>:<node_id>`, but the `space_id` can be replaced with a shorter id or an alias. See furthor down below.
* `<space_id>` and `<resource_id>` both consist of `<storage_id>:<node_id>`, but the `space_id` can be replaced with a shorter id or an alias. See further down below.
* `<relative/path>` takes precedence over the `<resource_id>`, both are optional
{{< /hint >}}
@@ -245,11 +245,11 @@ When every space has a namespaced alias and a relative path we can build a globa
| `https://demo.owncloud.com/files/personal/einstein/relative/path/to/resource?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | sub folder `/relative/path/to/resource` |
| `https://demo.owncloud.com/files/shares/einstein/somesharename?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | shared URL for `/relative/path/to/resource` |
| `https://demo.owncloud.com/files/personal/einstein/marie is stupid/and richard as well/resource?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | sub folder `marie is stupid/and richard as well/resource` ... something einstein might not want to reveal |
| `https://demo.owncloud.com/files/shares/einstein/resource (2)?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | named link URL for `/marie is stupid/and richard as well/resource`, does not disclose the actual hierarchy, has an appended counter to avaid a collision |
| `https://demo.owncloud.com/files/shares/einstein/resource (2)?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | named link URL for `/marie is stupid/and richard as well/resource`, does not disclose the actual hierarchy, has an appended counter to avoid a collision |
| `https://demo.owncloud.com/files/shares/einstein/mybestfriends?id=b78c2044-5b51-446f-82f6-907a664d089c:194b4a97-597c-4461-ab56-afd4f5a21608` | named link URL for `/marie is stupid/and richard as well/resource`, does not disclose the actual hierarchy, has a custom alias for the share |
| `https://demo.owncloud.com/files/public/kcZVYaXr7oZ66bg/relative/path/to/resource` | sub folder `/relative/path/to/resource` in public link with token `kcZVYaXr7oZ66bg` |
| `https://demo.owncloud.com/files/public/kcZVYaXr7oZ66bg/relative/path/to/resource` | sub folder `/relative/path/to/resource` in public link with token `kcZVYaXr7oZ66bg` |
| `https://demo.owncloud.com/s/kcZVYaXr7oZ66bg/` | shortened link to a resource. This is needed to be able to copy a link to a resource whithout leaking any metadata. |
| `https://demo.owncloud.com/s/kcZVYaXr7oZ66bg/` | shortened link to a resource. This is needed to be able to copy a link to a resource without leaking any metadata. |
`</namespaced/alias></relative/path/to/resource>` is the global path in the CS3 api. The CS3 Storage Registry is responsible by managing the mount points.

2
docs/ocis/deployment/ocis_hello.md
View File

@@ -115,7 +115,7 @@ On Linux and macOS you can add them to your `/etc/hosts` files like this:
```
127.0.0.1 ocis.owncloud.test
127.0.0.1 traefik.owncloud.testt
127.0.0.1 traefik.owncloud.test
```
After that you're ready to start the application stack:

2
docs/ocis/deployment/ocis_keycloak.md
View File

@@ -19,7 +19,7 @@ geekdocFilePath: ocis_keycloak.md
The docker stack consists 4 containers. One of them is Traefik, a proxy which is terminating ssl and forwards the requests to oCIS in the internal docker network.
Keykloak add two containers: Keycloak itself and a PostgreSQL as database. Keycloak will be configured as oCIS' IDP instead of the internal IDP [LibreGraph Connect]({{< ref "../../extensions/idp" >}})
Keycloak add two containers: Keycloak itself and a PostgreSQL as database. Keycloak will be configured as oCIS' IDP instead of the internal IDP [LibreGraph Connect]({{< ref "../../extensions/idp" >}})
The other container is oCIS itself running all extensions in one container. In this example oCIS uses [oCIS storage driver]({{< ref "../../extensions/storage/storages#storage-drivers" >}})

2
docs/ocis/development/extensions.md
View File

@@ -7,7 +7,7 @@ geekdocEditPath: edit/master/docs/ocis/development
geekdocFilePath: extensions.md
---
oCIS is all about files, sync and share - but most of the time there is more you want to do with your files, e.g. having a different view on your photo collection or editing your offices files in an online file editor. ownCloud 10 faced the same problem and solved it with `applications`, which can extend the functionality of ownCloud 10 in a wide range. Since oCIS is different in its architecture compared to ownCloud 10, we had to come up with a similiar (yet slightly different) solution. To extend the functionality of oCIS, you can write or install `extensions`. An extension is basically any running code which integrates into oCIS and provides functionality to oCIS and its users. Because extensions are just microservices providing an API, you can technically choose any programming language you like - a huge improvement to ownCloud 10, where it was nearly impossible to use a different programming language than PHP.
oCIS is all about files, sync and share - but most of the time there is more you want to do with your files, e.g. having a different view on your photo collection or editing your offices files in an online file editor. ownCloud 10 faced the same problem and solved it with `applications`, which can extend the functionality of ownCloud 10 in a wide range. Since oCIS is different in its architecture compared to ownCloud 10, we had to come up with a similar (yet slightly different) solution. To extend the functionality of oCIS, you can write or install `extensions`. An extension is basically any running code which integrates into oCIS and provides functionality to oCIS and its users. Because extensions are just microservices providing an API, you can technically choose any programming language you like - a huge improvement to ownCloud 10, where it was nearly impossible to use a different programming language than PHP.
We will now introduce you to the oCIS extension system and show you how you can create a custom extension yourself.

2
docs/ocis/development/getting-started.md
View File

@@ -27,7 +27,7 @@ If you find tools needed besides the mentioned above, please feel free to open a
oCIS consists of multiple micro services, also called extensions. We started by having standalone repositories for each of them, but quickly noticed that this adds a time consuming overhead for developers. So we ended up with a monorepo housing all the extensions in one repository.
Each extension lives in a subfolder (eg. `accounts` or `settings`) within this respository as an independent Go module, following the [golang-standard project-layout](https://github.com/golang-standards/project-layout). They have common Makefile targets and can be used to change, build and run individual extensions. This allows us to version and release each extension independently.
Each extension lives in a subfolder (eg. `accounts` or `settings`) within this repository as an independent Go module, following the [golang-standard project-layout](https://github.com/golang-standards/project-layout). They have common Makefile targets and can be used to change, build and run individual extensions. This allows us to version and release each extension independently.
The `ocis` folder contains our [go-micro](https://github.com/asim/go-micro/) and [suture](https://github.com/thejerf/suture) based runtime. It is used to import all extensions and implements commands to manage them, similar to a small orchestrator. With the resulting oCIS binary you can start single extensions or even all extensions at the same time.

2
docs/ocis/flow-docs/request-flow.md
View File

@@ -50,7 +50,7 @@ sequenceDiagram
end
proxy->>+accounts: TODO API call to exchange sub@iss with account UUID
Note over proxy,accounts: does not autoprovision users. They are explicitly provsioned later.
Note over proxy,accounts: does not autoprovision users. They are explicitly provisioned later.
alt account exists or has been migrated

16
docs/ocis/migration.md
View File

@@ -78,7 +78,7 @@ _TODO @butonic add ADR for OpenID Connect_
#### User impact
When introducing OpenID Connect, the clients will detect the new authentication scheme when their current way of authenticating returns an error. Users will then have to
reauthorize at the OpenID Connecd IdP, which again, may be configured to skip the consent step for trusted clients.
reauthorize at the OpenID Connect IdP, which again, may be configured to skip the consent step for trusted clients.
#### Steps
1. There are multiple products that can be used as an OpenID Connect IdP. We test with [LibreGraph Connect](https://github.com/libregraph/lico), which is also [embedded in oCIS](https://github.com/owncloud/web/). Other alternatives include [Keycloak](https://www.keycloak.org/) or [Ping](https://www.pingidentity.com/). Please refer to the corresponding setup instructions for the product you intent to use.
@@ -106,7 +106,7 @@ Should there be problems with OpenID Connect at this point you can disable the a
<div style="break-after: avoid"></div>
Legacy clients relying on Basic auth or app passwords need to be migrated to OpenId Connect to work with oCIS. For a transition period Basic auth in oCIS can be enabled with `PROXY_ENABLE_BASIC_AUTH=true`, but we strongly recommend adopting OpenID Connect for other tools as well.
While OpenID Connect providers will send an `iss` and `sub` claim that relying parties (services like oCIS or ownCloud 10) can use to identify users we recommend introducing a dedicated, globally unique, persistent, non-reassignable user identifier like a UUID for every user. This `ownclouduuid` shold be sent as an additional claim to save additional lookups on the server side. It will become the user id in oCIS, e.g. when searching for recipients the `ownclouduuid` will be used to persist permissions with the share manager. It has a different purpose than the ownCloud 10 username, which is used to login. Using UUIDs we can not only mitigate username collisions when merging multiple instances but also allow renaming usernames after the migration to oCIS has been completed.
While OpenID Connect providers will send an `iss` and `sub` claim that relying parties (services like oCIS or ownCloud 10) can use to identify users we recommend introducing a dedicated, globally unique, persistent, non-reassignable user identifier like a UUID for every user. This `ownclouduuid` should be sent as an additional claim to save additional lookups on the server side. It will become the user id in oCIS, e.g. when searching for recipients the `ownclouduuid` will be used to persist permissions with the share manager. It has a different purpose than the ownCloud 10 username, which is used to login. Using UUIDs we can not only mitigate username collisions when merging multiple instances but also allow renaming usernames after the migration to oCIS has been completed.
<div class="editpage">
@@ -322,8 +322,8 @@ _TODO @butonic update performance comparisons nightly_
#### Steps
There are several options to move users to the oCIS backend:
- Use a canary app to let users decide thamselves
- Use an early adoptors group with an opt in
- Use a canary app to let users decide themselves
- Use an early adopters group with an opt in
- Force migrate users in batch or one by one at the administrators will
#### Verification
@@ -333,7 +333,7 @@ The same verification steps as for the internal testing stage apply. Just from t
Until now, the oCIS configuration mimics ownCloud 10 and uses the old data directory layout and the ownCloud 10 database. Users can seamlessly be switched from ownCloud 10 to oCIS and back again.
<div class="editpage">
_TODO @butonic we need a canary app that allows users to decide for themself which backend to use_
_TODO @butonic we need a canary app that allows users to decide for themselves which backend to use_
</div>
@@ -430,7 +430,7 @@ _TODO @butonic document how to manually do that until the storage registry can d
Start with a test user, then move to early adopters and finally migrate all users.
#### Rollback
To switch the storage provider again the same storage space migration can be performed again: copy medatata and blob data using the CS3 api, then change the responsible storage provider in the storage registry.
To switch the storage provider again the same storage space migration can be performed again: copy metadata and blob data using the CS3 api, then change the responsible storage provider in the storage registry.
#### Notes
<div style="break-after: avoid"></div>
@@ -473,7 +473,7 @@ _TODO for storage provider as source of truth persist ALL share data in the stor
</div>
#### Verification
After copying all metadata start a dedicated gateway and change the configuration to use the new share manager. Route a test user, a test group and early adoptors to the new gateway. When no problems occur you can start the desired number of share managers and roll out the change to all gateways.
After copying all metadata start a dedicated gateway and change the configuration to use the new share manager. Route a test user, a test group and early adopters to the new gateway. When no problems occur you can start the desired number of share managers and roll out the change to all gateways.
<div class="editpage">
@@ -568,7 +568,7 @@ The `filecache` table itself has more metadata:
| Field | Type | Null | Key | Default | Extra | Comment | Migration |
|--------------------|---------------|------|-----|---------|----------------|----------------|----------------|
| `fileid` | bigint(20) | NO | PRI | NULL | auto_increment | | MUST become the oCIS `opaqueid` of a file reference. `ocis` driver stores it in extendet attributes and can use numbers as node ids on disk. for eos see note below table |
| `fileid` | bigint(20) | NO | PRI | NULL | auto_increment | | MUST become the oCIS `opaqueid` of a file reference. `ocis` driver stores it in extended attributes and can use numbers as node ids on disk. for eos see note below table |
| `storage` | int(11) | NO | MUL | 0 | | *the filecache holds metadata for multiple storages* | corresponds to an oCIS *storage space* |
| `path` | varchar(4000) | YES | | NULL | | *the path relative to the storages root* | MUST become the `path` relative to the storage root. `files` prefix needs to be trimmed. |
| `path_hash` | varchar(32) | NO | | | | *mysql once had problems indexing long paths, so we stored a hash for lookup by path. | - |

2
glauth/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := glauth
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

4
glauth/pkg/server/glauth/ocis.go
View File

@@ -88,8 +88,8 @@ func (h ocisHandler) Bind(bindDN, bindSimplePw string, conn net.Conn) (ldap.LDAP
// check password
res, err := h.as.ListAccounts(ctx, &accounts.ListAccountsRequest{
//Query: fmt.Sprintf("username eq '%s'", username),
// TODO this allows lookung up users when you know the username using basic auth
// adding the password to the query is an option but sending the sover the wira a la scim seems ugly
// TODO this allows looking up users when you know the username using basic auth
// adding the password to the query is an option but sending this over the wire a la scim seems ugly
// but to set passwords our accounts need it anyway
Query: fmt.Sprintf("login eq '%s' and password eq '%s'", userName, bindSimplePw),
})

8
glauth/pkg/server/glauth/option.go
View File

@@ -73,28 +73,28 @@ func Backend(val *config.Config) Option {
}
}
// Fallback provides a strring to set the fallback option.
// Fallback provides a string to set the fallback option.
func Fallback(val *config.Config) Option {
return func(o *Options) {
o.Fallback = val
}
}
// BaseDN provides a strring to set the BaseDN option.
// BaseDN provides a string to set the BaseDN option.
func BaseDN(val string) Option {
return func(o *Options) {
o.BaseDN = val
}
}
// NameFormat provides a strring to set the NameFormat option.
// NameFormat provides a string to set the NameFormat option.
func NameFormat(val string) Option {
return func(o *Options) {
o.NameFormat = val
}
}
// GroupFormat provides a strring to set the GroupFormat option.
// GroupFormat provides a string to set the GroupFormat option.
func GroupFormat(val string) Option {
return func(o *Options) {
o.GroupFormat = val

4
glauth/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
graph-explorer/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := graph-explorer
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

4
graph-explorer/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
graph/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := graph
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
graph/pkg/middleware/auth.go
View File

@@ -22,7 +22,7 @@ func authOptions(opts ...account.Option) account.Options {
return opt
}
// Auth provides a middleware to authenticate requestrs using the x-access-token header value
// Auth provides a middleware to authenticate requests using the x-access-token header value
// and write it to the context. If there is no x-access-token the middleware prevents access and renders a json document.
func Auth(opts ...account.Option) func(http.Handler) http.Handler {
opt := authOptions(opts...)

4
graph/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
idp/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := idp
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
idp/pkg/flagset/flagset.go
View File

@@ -270,7 +270,7 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag {
},
&cli.StringFlag{
Name: "validation-keys-path",
Usage: "Full path to a folder containg PEM encoded private or public key files used for token validaton (file name without extension is used as kid)",
Usage: "Full path to a folder containing PEM encoded private or public key files used for token validation (file name without extension is used as kid)",
EnvVars: []string{"IDP_VALIDATION_KEYS_PATH"},
Value: flags.OverrideDefaultString(cfg.IDP.ValidationKeysPath, ""),
Destination: &cfg.IDP.ValidationKeysPath,

4
idp/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
idp/ui/Makefile
View File

@@ -40,7 +40,7 @@ lint-checkstyle: vendor ; $(info running eslint checkstyle ...) @
.PHONY: vendor
vendor: .yarninstall
.yarninstall: package.json ; $(info getting depdencies with yarn ...) @
.yarninstall: package.json ; $(info getting dependencies with yarn ...) @
@$(YARN) install --silent
@touch $@

2
idp/ui/src/errors/index.js
View File

@@ -3,7 +3,7 @@ import { injectIntl, defineMessages } from 'react-intl';
export const ERROR_LOGIN_VALIDATE_MISSINGUSERNAME = 'konnect.error.login.validate.missingUsername';
export const ERROR_LOGIN_VALIDATE_MISSINGPASSWORD = 'konnect.error.login.validate.missingPassword';
export const ERROR_LOGIN_FAILED = 'konnect.error.login.failed';
export const ERROR_HTTP_NETWORK_ERROR = 'konnet.error.http.networkError';
export const ERROR_HTTP_NETWORK_ERROR = 'konnect.error.http.networkError';
export const ERROR_HTTP_UNEXPECTED_RESPONSE_STATUS = 'konnect.error.http.unexpectedResponseStatus';
export const ERROR_HTTP_UNEXPECTED_RESPONSE_STATE = 'konnect.error.http.unexpectedResponseState';

2
idp/ui/src/utils.js
View File

@@ -34,7 +34,7 @@ export function propertyFromStylesheet(selector, attribute, asURL=false) {
return false;
});
} catch(e) {
// Ignore sheels which caused errors. This for example can happen if an
// Ignore sheets which caused errors. This for example can happen if an
// extension injected styles from an other origin.
return false;
}

2
ocis-pkg/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := ocis-pkg
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
ocis-pkg/os/os_test.go
View File

@@ -30,7 +30,7 @@ func TestMustUserConfigDir(t *testing.T) {
want: filepath.Join(configDir, "ocis", "testing"),
},
{
name: "location cannot be determined becahse $HOME is not set",
name: "location cannot be determined because $HOME is not set",
args: args{
prefix: "ocis",
extension: "testing",

2
ocis/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := ocis
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
ocis/docker/Dockerfile.linux.amd64
View File

@@ -28,7 +28,7 @@ RUN mkdir -p /var/tmp/ocis && \
chown -R ocis-user:ocis-group /var/tmp/ocis && \
chmod -R 777 /var/tmp/ocis
# default artifact location for autogenerated certifaces
# default artifact location for autogenerated certificates
# needs to be a static location because of the docker uid switch mechanism
ENV GLAUTH_LDAPS_CERT=/var/tmp/ocis/.config/ldap/ldaps.crt \
GLAUTH_LDAPS_KEY=/var/tmp/ocis/.config/ldap/ldaps.key \

2
ocis/docker/Dockerfile.linux.arm
View File

@@ -28,7 +28,7 @@ RUN mkdir -p /var/tmp/ocis && \
chown -R ocis-user:ocis-group /var/tmp/ocis && \
chmod -R 777 /var/tmp/ocis
# default artifact location for autogenerated certifaces
# default artifact location for autogenerated certificates
# needs to be a static location because of the docker uid switch mechanism
ENV GLAUTH_LDAPS_CERT=/var/tmp/ocis/.config/ldap/ldaps.crt \
GLAUTH_LDAPS_KEY=/var/tmp/ocis/.config/ldap/ldaps.key \

2
ocis/docker/Dockerfile.linux.arm64
View File

@@ -28,7 +28,7 @@ RUN mkdir -p /var/tmp/ocis && \
chown -R ocis-user:ocis-group /var/tmp/ocis && \
chmod -R 777 /var/tmp/ocis
# default artifact location for autogenerated certifaces
# default artifact location for autogenerated certificates
# needs to be a static location because of the docker uid switch mechanism
ENV GLAUTH_LDAPS_CERT=/var/tmp/ocis/.config/ldap/ldaps.crt \
GLAUTH_LDAPS_KEY=/var/tmp/ocis/.config/ldap/ldaps.key \

4
ocis/templates/CONFIGURATION.tmpl
View File

@@ -49,9 +49,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
ocs/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := ocs
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
ocs/pkg/service/v0/response/response.go
View File

@@ -90,7 +90,7 @@ func DataRender(d interface{}) render.Renderer {
}
}
// ErrRender creates an Error Paylod with the given OCS error code and message
// ErrRender creates an Error Payload with the given OCS error code and message
// The httpcode will be determined using the API version stored in the context
func ErrRender(c int, m string) render.Renderer {
return &Response{

4
ocs/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
proxy/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := proxy
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
proxy/pkg/config/config.go
View File

@@ -70,7 +70,7 @@ type RouteType string
const (
// PrefixRoute are routes matched by a prefix
PrefixRoute RouteType = "prefix"
// QueryRoute are routes machted by a prefix and query parameters
// QueryRoute are routes matched by a prefix and query parameters
QueryRoute RouteType = "query"
// RegexRoute are routes matched by a pattern
RegexRoute RouteType = "regex"

2
proxy/pkg/proxy/policy/selector_test.go
View File

@@ -141,7 +141,7 @@ func TestClaimsSelector(t *testing.T) {
})
var tests = []testCase{
{"unatuhenticated", context.Background(), nil, "unauthenticated"},
{"unauthenticated", context.Background(), nil, "unauthenticated"},
{"default", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OcisRoutingPolicy: ""}), nil, "default"},
{"claim-value", oidc.NewContext(context.Background(), map[string]interface{}{oidc.OcisRoutingPolicy: "ocis.routing.policy-value"}), nil, "ocis.routing.policy-value"},
{"cookie-only", context.Background(), &http.Cookie{Name: SelectorCookieName, Value: "cookie"}, "cookie"},

4
proxy/pkg/user/backend/accounts_test.go
View File

@@ -169,10 +169,10 @@ func getAccountService(expectedResponse []*accounts.Account, err error) *account
}
}
func getRoleService(expectedRespone []*settings.UserRoleAssignment, err error) *settings.MockRoleService {
func getRoleService(expectedResponse []*settings.UserRoleAssignment, err error) *settings.MockRoleService {
return &settings.MockRoleService{
ListRoleAssignmentsFunc: func(ctx context.Context, req *settings.ListRoleAssignmentsRequest, opts ...client.CallOption) (*settings.ListRoleAssignmentsResponse, error) {
return &settings.ListRoleAssignmentsResponse{Assignments: expectedRespone}, err
return &settings.ListRoleAssignmentsResponse{Assignments: expectedResponse}, err
},
}

4
proxy/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
settings/Makefile
View File

@@ -7,7 +7,7 @@ test-acceptance-webui:
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
settings/pkg/proto/v0/settings.pb.micro_test.go
View File

@@ -808,7 +808,7 @@ func TestCreateRoleAndAssign(t *testing.T) {
}
// // TODO this tests are non-deterministic at least on my machine. Find a way to make them deterministic.
// func TestListBudlesOnAuthorizedUser(t *testing.T) {
// func TestListBundlesOnAuthorizedUser(t *testing.T) {
// client := service.Client()
// client2 := service.Client()
// cl := proto.NewBundleService("com.owncloud.api.settings", client)

4
settings/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
settings/ui/components/SettingsApp.vue
View File

@@ -27,7 +27,7 @@
</template>
<div class="oc-mt" v-else>
<oc-loader :aria-label="$gettext('Loading personal settings')" />
<oc-alert :aria-hidden="true" varition="primary" no-close>
<oc-alert :aria-hidden="true" variation="primary" no-close>
<p v-translate>Loading personal settings...</p>
</oc-alert>
</div>

2
settings/ui/tests/acceptance/pageobjects/settingsPage.js
View File

@@ -34,7 +34,7 @@ module.exports = {
let elemfound = true
// Language value is set to empty at beginning
// In that case jsut return false
// In that case just return false
await this.api.element('@languageValue', result => {
if (result.status < 0) {
elemfound = false

2
storage/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := storage
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

2
storage/pkg/command/frontend.go
View File

@@ -30,7 +30,7 @@ func Frontend(cfg *config.Config) *cli.Command {
Flags: flagset.FrontendWithConfig(cfg),
Before: func(c *cli.Context) error {
cfg.Reva.Frontend.Services = c.StringSlice("service")
cfg.Reva.ChecksumSupportedTypes = c.StringSlice("checksum-suppored-type")
cfg.Reva.ChecksumSupportedTypes = c.StringSlice("checksum-supported-type")
return loadUserAgent(c, cfg)
},
Action: func(c *cli.Context) error {

4
storage/pkg/flagset/frontend.go
View File

@@ -180,9 +180,9 @@ func FrontendWithConfig(cfg *config.Config) []cli.Flag {
Destination: &cfg.Reva.UploadHTTPMethodOverride,
},
&cli.StringSliceFlag{
Name: "checksum-suppored-type",
Name: "checksum-supported-type",
Value: cli.NewStringSlice("sha1", "md5", "adler32"),
Usage: "--checksum-suppored-type sha1 [--checksum-suppored-type adler32]",
Usage: "--checksum-supported-type sha1 [--checksum-supported-type adler32]",
EnvVars: []string{"STORAGE_FRONTEND_CHECKSUM_SUPPORTED_TYPES"},
},
&cli.StringFlag{

2
storage/pkg/flagset/sharingsql.go
View File

@@ -6,7 +6,7 @@ import (
"github.com/owncloud/ocis/storage/pkg/config"
)
// SharingSQLWithConfig applies the Shring SQL driver cfg to the flagset
// SharingSQLWithConfig applies the Sharing SQL driver cfg to the flagset
func SharingSQLWithConfig(cfg *config.Config) []cli.Flag {
return []cli.Flag{
&cli.StringFlag{

4
storage/templates/CONFIGURATION.tmpl
View File

@@ -58,9 +58,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
store/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := store
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

4
store/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

6
tests/acceptance/expected-failures-API-on-OCIS-storage.md
View File

@@ -508,7 +508,7 @@ cannot share a folder with create permission
- [apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:181](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature#L181)
- [apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature:182](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink2/reShareAsPublicLinkToSharesNewDav.feature#L182)
#### [Adding public upload to a read only shared folder as a receipient is allowed ](https://github.com/owncloud/ocis/issues/2164)
#### [Adding public upload to a read only shared folder as a recipient is allowed ](https://github.com/owncloud/ocis/issues/2164)
- [apiSharePublicLink2/updatePublicLinkShare.feature:332](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink2/updatePublicLinkShare.feature#L332)
- [apiSharePublicLink2/updatePublicLinkShare.feature:333](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiSharePublicLink2/updatePublicLinkShare.feature#L333)
@@ -849,7 +849,7 @@ _ocs: api compatibility, return correct status code_
- [apiShareCreateSpecialToShares1/createShareReceivedInMultipleWays.feature:407](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareReceivedInMultipleWays.feature#L407)
- [apiShareCreateSpecialToShares1/createShareReceivedInMultipleWays.feature:439](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares1/createShareReceivedInMultipleWays.feature#L439)
#### [Empy OCS response for a share create request using a disabled user](https://github.com/owncloud/ocis/issues/2212)
#### [Empty OCS response for a share create request using a disabled user](https://github.com/owncloud/ocis/issues/2212)
- [apiShareCreateSpecialToShares2/createShareWithDisabledUser.feature:20](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares2/createShareWithDisabledUser.feature#L20)
- [apiShareCreateSpecialToShares2/createShareWithDisabledUser.feature:23](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiShareCreateSpecialToShares2/createShareWithDisabledUser.feature#L23)
@@ -1437,7 +1437,7 @@ Scenario Outline: Unauthenticated call
### Won't fix
Not everything needs to be implemented for ocis. While the oc10 testsuite covers these things we are not looking at them right now.
* _The `OC-LazyOps` header is [no longer supported by the client](https://github.com/owncloud/client/pull/8398), implmenting this is not necessary for a first production release. We plan to have an uploed state machine to visualize the state of a file, see https://github.com/owncloud/ocis/issues/214_
* _The `OC-LazyOps` header is [no longer supported by the client](https://github.com/owncloud/client/pull/8398), implementing this is not necessary for a first production release. We plan to have an upload state machine to visualize the state of a file, see https://github.com/owncloud/ocis/issues/214_
* _Blacklisted ignored files are no longer required because ocis can handle `.htaccess` files without security implications introduced by serving user provided files with apache._
#### [uploading with old-chunking does not work](https://github.com/owncloud/ocis/issues/1343)

2
thumbnails/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := thumbnails
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

6
thumbnails/pkg/thumbnail/resolutions.go
View File

@@ -11,12 +11,12 @@ import (
)
const (
_resolutionSeperator = "x"
_resolutionSeparator = "x"
)
// ParseResolution returns an image.Rectangle representing the resolution given as a string
func ParseResolution(s string) (image.Rectangle, error) {
parts := strings.Split(s, _resolutionSeperator)
parts := strings.Split(s, _resolutionSeparator)
if len(parts) != 2 {
return image.Rectangle{}, fmt.Errorf("failed to parse resolution: %s. Expected format <width>x<height>", s)
}
@@ -78,7 +78,7 @@ func (rs Resolutions) ClosestMatch(requested image.Rectangle, sourceSize image.R
}
// Convert diff to positive value
// Multiplying by -1 is safe since we aren't getting postive numbers here
// Multiplying by -1 is safe since we aren't getting positive numbers here
// because of the check above
absDiff := diff * -1
if absDiff < minDiff {

4
thumbnails/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
web/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := web
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

4
web/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}

2
webdav/Makefile
View File

@@ -2,7 +2,7 @@ SHELL := bash
NAME := webdav
############ tooling ############
ifneq (, $(shell which go 2> /dev/null)) # supress `command not found warnings` for non go targets in CI
ifneq (, $(shell which go 2> /dev/null)) # suppress `command not found warnings` for non go targets in CI
include ../.bingo/Variables.mk
endif

4
webdav/templates/CONFIGURATION.tmpl
View File

@@ -45,9 +45,9 @@ If you prefer to configure the service with environment variables you can see th
If multiple variables are listed for one option, they are in order of precedence. This means the leftmost variable will always win if given.
### Commandline flags
### Command-line flags
If you prefer to configure the service with commandline flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
If you prefer to configure the service with command-line flags you can see the available variables below. Command line flags are only working when calling the subcommand directly.
{{ $options := .Options -}}
{{ range $com := .Commands }}{{ with (list $options $com) -}}