add glauth and tags

2026-01-10 06:10:05 -06:00 · 2020-10-07 10:11:04 +02:00
parent 03bbb41a66
commit 66df806e45
24 changed files with 72 additions and 213 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -6,7 +6,6 @@
 * Bugfix - Don't enforce empty external apps slice: [#473](https://github.com/owncloud/ocis/pull/473)
 * Bugfix - Fix director selection in proxy: [#521](https://github.com/owncloud/ocis/pull/521)
 * Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#416](https://github.com/owncloud/ocis/pull/416)
-* Change - Accounts UI shows message when no permissions: [#656](https://github.com/owncloud/ocis/pull/656)
 * Change - Add the thumbnails command: [#156](https://github.com/owncloud/ocis/issues/156)
 * Change - Integrate import command from ocis-migration: [#249](https://github.com/owncloud/ocis/pull/249)
 * Change - Improve reva service descriptions: [#536](https://github.com/owncloud/ocis/pull/536)
@@ -19,7 +18,6 @@
 * Change - Make ocis-settings available: [#287](https://github.com/owncloud/ocis/pull/287)
 * Change - Start ocis-proxy with the ocis server command: [#119](https://github.com/owncloud/ocis/issues/119)
 * Change - Update reva config: [#336](https://github.com/owncloud/ocis/pull/336)
-* Change - Settings and accounts appear in the user menu: [#656](https://github.com/owncloud/ocis/pull/656)
 * Enhancement - Add the accounts service: [#593](https://github.com/owncloud/ocis/pull/593)
 * Enhancement - Document how to run OCIS on top of EOS: [#172](https://github.com/owncloud/ocis/pull/172)
 * Enhancement - Launch a storage to store ocis-metadata: [#602](https://github.com/owncloud/ocis/pull/602)
@@ -55,14 +53,6 @@

   https://github.com/owncloud/ocis/pull/416

-* Change - Accounts UI shows message when no permissions: [#656](https://github.com/owncloud/ocis/pull/656)
-
-   We improved the UX of the accounts UI by showing a message information the user about missing
-   permissions when the accounts or roles fail to load. This was showing an indeterminate
-   progress bar before.
-
-   https://github.com/owncloud/ocis/pull/656
-
 * Change - Add the thumbnails command: [#156](https://github.com/owncloud/ocis/issues/156)

   Added the thumbnails command so that the thumbnails service can get started via ocis.
@@ -177,12 +167,6 @@
   https://github.com/owncloud/ocis/pull/338
   https://github.com/owncloud/ocis/ocis-reva/pull/891

-* Change - Settings and accounts appear in the user menu: [#656](https://github.com/owncloud/ocis/pull/656)
-
-   We moved settings and accounts to the user menu.
-
-   https://github.com/owncloud/ocis/pull/656
-
 * Enhancement - Add the accounts service: [#593](https://github.com/owncloud/ocis/pull/593)

  * Bugfix - Initialize roleService client in GRPC server: [#114](https://github.com/owncloud/ocis-accounts/pull/114)
--- a/changelog/unreleased/add-accounts-service-to-monorepo
+++ b/changelog/unreleased/add-accounts-service-to-monorepo
@@ -1,5 +1,7 @@
 Enhancement: Add the accounts service

+Tags: accounts
+
 * Bugfix - Initialize roleService client in GRPC server: [#114](https://github.com/owncloud/ocis-accounts/pull/114)
 * Bugfix - Cleanup separated indices in memory: [#224](https://github.com/owncloud/product/issues/224)
 * Change - Set user role on builtin users: [#102](https://github.com/owncloud/ocis-accounts/pull/102)
@@ -38,4 +40,4 @@ Enhancement: Add the accounts service
 * Change - Initial release of basic version: [#1](https://github.com/owncloud/ocis-accounts/issues/1)
 * Enhancement - Configuration: [#15](https://github.com/owncloud/ocis-accounts/pull/15)

-https://github.com/owncloud/ocis/pull/593
+https://github.com/owncloud/product/issues/244
--- a/changelog/unreleased/add-eos.md
+++ b/changelog/unreleased/add-eos.md
@@ -1,5 +1,7 @@
-Enhancement: Document how to run OCIS on top of EOS 
+Enhancement: Document how to run OCIS on top of EOS
+
+Tags: eos

 We have added rules to the Makefile that use the official [eos docker images](https://gitlab.cern.ch/eos/eos-docker) to boot an eos cluster and configure OCIS to use it.

-https://github.com/owncloud/ocis/pull/172
+https://github.com/owncloud/ocis/pull/172
--- a/changelog/unreleased/add-glauth-service-to-monorepo
+++ b/changelog/unreleased/add-glauth-service-to-monorepo
@@ -0,0 +1,22 @@
+Enhancement: Add the glauth service
+
+Tags: glauth
+
+* Bugfix - Return invalid credentials when user was not found: [#30](https://github.com/owncloud/ocis/glauth/pull/30)
+* Bugfix - Query numeric attribute values without quotes: [#28](https://github.com/owncloud/ocis/glauth/issues/28)
+* Bugfix - Use searchBaseDN if already a user/group name: [#214](https://github.com/owncloud/product/issues/214)
+* Bugfix - Fix LDAP substring startswith filters: [#31](https://github.com/owncloud/ocis/glauth/pull/31)
+* Enhancement - Add build information to the metrics: [#226](https://github.com/owncloud/product/issues/226)
+* Enhancement - Reenable configuring backends: [#600](https://github.com/owncloud/ocis/pull/600)
+* Bugfix - Ignore case when comparing objectclass values: [#26](https://github.com/owncloud/ocis/glauth/pull/26)
+* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#24](https://github.com/owncloud/ocis/glauth/pull/24)
+* Enhancement - Handle ownCloudUUID attribute: [#27](https://github.com/owncloud/ocis/glauth/pull/27)
+* Enhancement - Implement group queries: [#22](https://github.com/owncloud/ocis/glauth/issues/22)
+* Enhancement - Configuration: [#11](https://github.com/owncloud/ocis/glauth/pull/11)
+* Enhancement - Improve default settings: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
+* Enhancement - Generate temporary ldap certificates if LDAPS is enabled: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
+* Enhancement - Provide additional tls-endpoint: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
+* Change - Use physicist demo users: [#5](https://github.com/owncloud/ocis/glauth/issues/5)
+* Change - Default to config based user backend: [#6](https://github.com/owncloud/ocis/glauth/pull/6)
+
+https://github.com/owncloud/product/issues/244
--- a/changelog/unreleased/add-missing-env-vars.md
+++ b/changelog/unreleased/add-missing-env-vars.md
@@ -1,5 +1,7 @@
 Bugfix: add missing env vars to docker compose

+Tags: docker
+
 Without setting `REVA_FRONTEND_URL` and `REVA_DATAGATEWAY_URL` uploads would default to locahost and fail if `OCIS_DOMAIN` was used to run ocis on a remote host.

 https://github.com/owncloud/ocis/pull/392
--- a/changelog/unreleased/add-thumbnails-command.md
+++ b/changelog/unreleased/add-thumbnails-command.md
@@ -1,4 +1,6 @@
-Change: add the thumbnails command 
+Change: add the thumbnails command
+
+Tags: thumbnails, ocis

 Added the thumbnails command so that the thumbnails service can get started via ocis.

--- a/accounts/changelog/unreleased/add-version-command.md
+++ b/accounts/changelog/unreleased/add-version-command.md
@@ -1,5 +1,7 @@
 Enhancement: add a command to list the versions of running instances

+Tags: accounts, ocis
+
 Added a micro command to list the versions of running accounts services.

 https://github.com/owncloud/product/issues/226
--- a/changelog/unreleased/clear-external-apps.md
+++ b/changelog/unreleased/clear-external-apps.md
@@ -1,5 +1,7 @@
 Bugfix: Don't enforce empty external apps slice

+Tags: web
+
 The command for ocis-phoenix enforced an empty external apps configuration. This was removed, as it was blocking a new set of default external apps in ocis-phoenix.

 https://github.com/owncloud/ocis/pull/473
--- a/accounts/changelog/unreleased/configurable-storage.md
+++ b/accounts/changelog/unreleased/configurable-storage.md
@@ -1,5 +1,7 @@
 Change: Choose disk or cs3 storage for accounts and groups

+Tags: accounts
+
 The accounts service now has an abstraction layer for the storage. In addition to the local disk implementation
 we implemented a cs3 storage, which is the new default for the accounts service.

--- a/accounts/changelog/unreleased/fix-button-layout.md
+++ b/accounts/changelog/unreleased/fix-button-layout.md
@@ -1,5 +1,7 @@
 Bugfix: Fix button layout after phoenix update

+Tags: accounts
+
 With the phoenix update to v0.17.0 a new ODS version was released which has a breaking change for buttons regarding
 their layouting. We adjusted the button layout in the accounts UI accordingly.

--- a/changelog/unreleased/import.md
+++ b/changelog/unreleased/import.md
@@ -1,4 +1,6 @@
 Change: Integrate import command from ocis-migration

+Tags: migration
+
 https://github.com/owncloud/ocis/pull/249
 https://github.com/owncloud/ocis-migration
--- a/changelog/unreleased/improve-reva-service-descriptions.md
+++ b/changelog/unreleased/improve-reva-service-descriptions.md
@@ -1,5 +1,7 @@
 Change: Improve reva service descriptions

+Tags: docs
+
 The descriptions make it clearer that the services actually represent a
 mount point in the combined storage. Each mount point can have a
 different driver.
--- a/changelog/unreleased/integrate-accounts-cli.md
+++ b/changelog/unreleased/integrate-accounts-cli.md
@@ -1,5 +1,7 @@
 Change: Add cli-commands to manage accounts

+Tags: accounts
+
 COMMANDS:

 * list, ls        List existing accounts
--- a/changelog/unreleased/integrate-accounts.md
+++ b/changelog/unreleased/integrate-accounts.md
@@ -1,5 +1,7 @@
 Change: Start ocis-accounts with the ocis server command

+Tags: accounts
+
 Starts ocis-accounts in single binary mode (./ocis server). This service stores the user-account information.

 https://github.com/owncloud/product/issues/25
--- a/changelog/unreleased/metadata-storage.md
+++ b/changelog/unreleased/metadata-storage.md
@@ -1,5 +1,7 @@
 Enhancement: Launch a storage to store ocis-metadata

+Tags: metadata, accounts, settings
+
 In the future accounts, settings etc. should be stored in a dedicated metadata storage.
 The services should talk to this storage directly, bypassing reva-gateway.

--- a/changelog/unreleased/new-runtime.md
+++ b/changelog/unreleased/new-runtime.md
@@ -1,5 +1,7 @@
 Change: Switch over to a new custom-built runtime

+Tags: ocis
+
 We moved away from using the go-micro runtime and are now using [our own runtime](https://github.com/refs/pman).
 This allows us to spawn service processes even when they are using different versions of go-micro. On top of that we
 now have the commands `ocis list`, `ocis kill` and `ocis run` available for service runtime management.
--- a/changelog/unreleased/permission-checks-in-ocis-accounts.md
+++ b/changelog/unreleased/permission-checks-in-ocis-accounts.md
@@ -1,5 +1,7 @@
 Change: Account management permissions for Admin role

+Tags: accounts, settings
+
 We created an `AccountManagement` permission and added it to the default admin role. There are permission
 checks in place to protected http endpoints in ocis-accounts against requests without the permission.
 All existing default users (einstein, marie, richard) have the default user role now (doesn't have the
--- a/changelog/unreleased/phoenix-0.18.0.md
+++ b/changelog/unreleased/phoenix-0.18.0.md
@@ -1,5 +1,7 @@
 Change: Update phoenix to v0.18.0

+Tags: web
+
 We updated phoenix to v0.18.0. Please refer to the changelog (linked) for details on the phoenix release. With the ODS release brought in by phoenix we now have proper oc-checkbox and oc-radio components for the settings and accounts UI.

 https://github.com/owncloud/ocis/pull/651
--- a/changelog/unreleased/proxy-fix-director-selection.md
+++ b/changelog/unreleased/proxy-fix-director-selection.md
@@ -1,5 +1,7 @@
 Bugfix: Fix director selection in proxy

+Tags: proxy
+
 We fixed a bug in ocis-proxy where simultaneous requests could be executed on the wrong backend.

 https://github.com/owncloud/ocis/pull/521
--- a/changelog/unreleased/settings-service.md
+++ b/changelog/unreleased/settings-service.md
@@ -1,5 +1,7 @@
 Change: Make ocis-settings available

+Tags: settings
+
 This version delivers `settings` as a new service. It is part of the array of services in the `server` command.

 https://github.com/owncloud/ocis/pull/287
--- a/changelog/unreleased/simplify-tracing.md
+++ b/changelog/unreleased/simplify-tracing.md
@@ -1,5 +1,7 @@
 Enhancement: Simplify tracing config

+Tags: ocis
+
 We now apply the oCIS tracing config to all services which have tracing. With this it is possible
 to set one tracing config for all services at the same time.

--- a/changelog/unreleased/start-proxy-with-server.md
+++ b/changelog/unreleased/start-proxy-with-server.md
@@ -1,5 +1,7 @@
 Change: Start ocis-proxy with the ocis server command

+Tags: proxy
+
 Starts the proxy in single binary mode (./ocis server) on port 9200. The proxy serves as a single-entry point
 for all http-clients.

--- a/changelog/unreleased/use-alpine-latest.md
+++ b/changelog/unreleased/use-alpine-latest.md
@@ -1,5 +1,7 @@
 Bugfix: build docker images with alpine:latest instead of alpine:edge

+Tags: ocis, docker
+
 ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.

 https://github.com/owncloud/ocis/pull/416
--- a/glauth/CHANGELOG.md
+++ b/glauth/CHANGELOG.md
@@ -1,207 +1,18 @@
-# Changelog for [unreleased] (UNRELEASED)
-
-The following sections list the changes in ocis-glauth unreleased.
-
-[unreleased]: https://github.com/owncloud/ocis/glauth/compare/v0.5.0...master
-
-## Summary
+Change: Add glauth service to the monorepo

 * Bugfix - Return invalid credentials when user was not found: [#30](https://github.com/owncloud/ocis/glauth/pull/30)
 * Bugfix - Query numeric attribute values without quotes: [#28](https://github.com/owncloud/ocis/glauth/issues/28)
 * Bugfix - Use searchBaseDN if already a user/group name: [#214](https://github.com/owncloud/product/issues/214)
 * Bugfix - Fix LDAP substring startswith filters: [#31](https://github.com/owncloud/ocis/glauth/pull/31)
-
-## Details
-
-* Bugfix - Return invalid credentials when user was not found: [#30](https://github.com/owncloud/ocis/glauth/pull/30)
-
-   We were relying on an error code of the ListAccounts call when the username and password was
-   wrong. But the list will be empty if no user with the given login was found. So we also need to check
-   if the list of accounts is empty.
-
-   https://github.com/owncloud/ocis/glauth/pull/30
-
-
-* Bugfix - Query numeric attribute values without quotes: [#28](https://github.com/owncloud/ocis/glauth/issues/28)
-
-   Some LDAP properties like `uidnumber` and `gidnumber` are numeric. When an OS tries to look up a
-   user it will not only try to lookup the user by username, but also by the `uidnumber`:
-   `(&(objectclass=posixAccount)(uidnumber=20000))`. The accounts backend for glauth was
-   sending that as a string query `uid_number eq '20000'` in the ListAccounts query. This PR
-   changes that to `uid_number eq 20000`. The removed quotes allow the parser in ocis-accounts to
-   identify the numeric literal.
-
-   https://github.com/owncloud/ocis/glauth/issues/28
-   https://github.com/owncloud/ocis/glauth/pull/29
-   https://github.com/owncloud/ocis/accounts/pull/68
-
-
-* Bugfix - Use searchBaseDN if already a user/group name: [#214](https://github.com/owncloud/product/issues/214)
-
-   In case of the searchBaseDN already referencing a user or group, the search query was ignoring
-   the user/group name entirely, because the searchBaseDN is not part of the LDAP filters. We
-   fixed this by including an additional query part if the searchBaseDN contains a CN.
-
-   https://github.com/owncloud/product/issues/214
-   https://github.com/owncloud/ocis/glauth/pull/32
-
-
-* Bugfix - Fix LDAP substring startswith filters: [#31](https://github.com/owncloud/ocis/glauth/pull/31)
-
-   Filters like `(mail=mar*)` are currentld not parsed correctly, but they are used when
-   searching for recipients. This PR correctly converts them to odata filters like
-   `startswith(mail,'mar')`.
-
-   https://github.com/owncloud/ocis/glauth/pull/31
-
-# Changelog for [0.5.0] (2020-07-23)
-
-The following sections list the changes in ocis-glauth 0.5.0.
-
-[0.5.0]: https://github.com/owncloud/ocis/glauth/compare/v0.4.0...v0.5.0
-
-## Summary
-
+* Enhancement - Add build information to the metrics: [#226](https://github.com/owncloud/product/issues/226)
+* Enhancement - Reenable configuring backends: [#600](https://github.com/owncloud/ocis/pull/600)
 * Bugfix - Ignore case when comparing objectclass values: [#26](https://github.com/owncloud/ocis/glauth/pull/26)
 * Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#24](https://github.com/owncloud/ocis/glauth/pull/24)
 * Enhancement - Handle ownCloudUUID attribute: [#27](https://github.com/owncloud/ocis/glauth/pull/27)
 * Enhancement - Implement group queries: [#22](https://github.com/owncloud/ocis/glauth/issues/22)
-
-## Details
-
-* Bugfix - Ignore case when comparing objectclass values: [#26](https://github.com/owncloud/ocis/glauth/pull/26)
-
-   The LDAP equality comparison is specified as case insensitive. We fixed the comparison for
-   objectclass properties.
-
-   https://github.com/owncloud/ocis/glauth/pull/26
-
-
-* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#24](https://github.com/owncloud/ocis/glauth/pull/24)
-
-   ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.
-
-   https://github.com/owncloud/ocis/glauth/pull/24
-
-
-* Enhancement - Handle ownCloudUUID attribute: [#27](https://github.com/owncloud/ocis/glauth/pull/27)
-
-   Clients can now query an accounts immutable id by using the [new `ownCloudUUID`
-   attribute](https://github.com/butonic/owncloud-ldap-schema/blob/master/owncloud.schema#L28-L34).
-
-   https://github.com/owncloud/ocis/glauth/pull/27
-
-
-* Enhancement - Implement group queries: [#22](https://github.com/owncloud/ocis/glauth/issues/22)
-
-   Refactored the handler and implemented group queries.
-
-   https://github.com/owncloud/ocis/glauth/issues/22
-   https://github.com/owncloud/ocis/glauth/pull/23
-
-# Changelog for [0.4.0] (2020-03-18)
-
-The following sections list the changes in ocis-glauth 0.4.0.
-
-[0.4.0]: https://github.com/owncloud/ocis/glauth/compare/v0.2.0...v0.4.0
-
-## Summary
-
 * Enhancement - Configuration: [#11](https://github.com/owncloud/ocis/glauth/pull/11)
 * Enhancement - Improve default settings: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
 * Enhancement - Generate temporary ldap certificates if LDAPS is enabled: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
 * Enhancement - Provide additional tls-endpoint: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
-
-## Details
-
-* Enhancement - Configuration: [#11](https://github.com/owncloud/ocis/glauth/pull/11)
-
-   Extensions should be responsible of configuring themselves. We use Viper for config loading
-   from default paths. Environment variables **WILL** take precedence over config files.
-
-   https://github.com/owncloud/ocis/glauth/pull/11
-
-
-* Enhancement - Improve default settings: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
-
-   This helps achieve zero-config in single-binary.
-
-   https://github.com/owncloud/ocis/glauth/pull/12
-
-
-* Enhancement - Generate temporary ldap certificates if LDAPS is enabled: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
-
-   This change helps to achieve zero-configuration in single-binary mode.
-
-   https://github.com/owncloud/ocis/glauth/pull/12
-
-
-* Enhancement - Provide additional tls-endpoint: [#12](https://github.com/owncloud/ocis/glauth/pull/12)
-
-   Ocis-glauth is now able to concurrently serve a encrypted and an unencrypted ldap-port.
-   Please note that only SSL (no StarTLS) is supported at the moment.
-
-   https://github.com/owncloud/ocis/glauth/pull/12
-
-# Changelog for [0.2.0] (2020-03-17)
-
-The following sections list the changes in ocis-glauth 0.2.0.
-
-[0.2.0]: https://github.com/owncloud/ocis/glauth/compare/v0.3.0...v0.2.0
-
-## Summary
-
-* Change - Default to config based user backend: [#6](https://github.com/owncloud/ocis/glauth/pull/6)
-
-## Details
-
-* Change - Default to config based user backend: [#6](https://github.com/owncloud/ocis/glauth/pull/6)
-
-   We changed the default configuration to use the config file backend instead of the ownCloud
-   backend.
-
-   The config backend currently only has two hard coded users: demo and admin. To switch back to the
-   ownCloud backend use `GLAUTH_BACKEND_DATASTORE=owncloud`
-
-   https://github.com/owncloud/ocis/glauth/pull/6
-
-# Changelog for [0.3.0] (2020-03-17)
-
-The following sections list the changes in ocis-glauth 0.3.0.
-
-[0.3.0]: https://github.com/owncloud/ocis/glauth/compare/v0.1.0...v0.3.0
-
-## Summary
-
 * Change - Use physicist demo users: [#5](https://github.com/owncloud/ocis/glauth/issues/5)
-
-## Details
-
-* Change - Use physicist demo users: [#5](https://github.com/owncloud/ocis/glauth/issues/5)
-
-   Demo users like admin, demo and test don't allow you to tell a story. Which is why we changed the
-   set of hard coded demo users to `einstein`, `marie` and `feynman`. You should know who they are.
-   This also changes the ldap domain from `dc=owncloud,dc=com` to `dc=example,dc=org` because
-   that is what these users use as their email domain. There are also `konnectd` and `reva` for
-   technical purposes, eg. to allow konnectd and reva to bind to glauth.
-
-   https://github.com/owncloud/ocis/glauth/issues/5
-
-# Changelog for [0.1.0] (2020-02-28)
-
-The following sections list the changes in ocis-glauth 0.1.0.
-
-[0.1.0]: https://github.com/owncloud/ocis/glauth/compare/178b6ccde34b64a88e8c14a9acb5857a4c6a3164...v0.1.0
-
-## Summary
-
-* Enhancement - Initial release of basic version: [#1](https://github.com/owncloud/ocis/glauth/pull/1)
-
-## Details
-
-* Enhancement - Initial release of basic version: [#1](https://github.com/owncloud/ocis/glauth/pull/1)
-
-   Just prepare an initial basic version to provide a glauth service.
-
-   https://github.com/owncloud/ocis/glauth/pull/1
-
+* Change - Default to config based user backend: [#6](https://github.com/owncloud/ocis/glauth/pull/6)