diff --git a/.drone.env b/.drone.env index 6d838238ce..0a5df7f555 100644 --- a/.drone.env +++ b/.drone.env @@ -1,7 +1,7 @@ # The test runner source for API tests -CORE_COMMITID=acabd119e473833f1be47e89ddcc700aa59af0b2 +CORE_COMMITID=9801edd6d51699aa1008a9a78b349151dc8fcb7c CORE_BRANCH=master # The test runner source for UI tests -WEB_COMMITID=a6cdf4d4bb5dec6aabcf56855be9c40ce87dd735 +WEB_COMMITID=06c1383810b710925149b3b51f426315cca8ed67 WEB_BRANCH=master diff --git a/.drone.star b/.drone.star index 89ea78e918..20e2a19369 100644 --- a/.drone.star +++ b/.drone.star @@ -1576,6 +1576,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = user = "0:0" environment = { "OCIS_URL": OCIS_URL, + "FRONTEND_ENABLE_RESHARING": "true", "GATEWAY_GRPC_ADDR": "0.0.0.0:9142", # cs3api-validator needs the cs3api gatway exposed "STORAGE_USERS_DRIVER": "%s" % (storage), "STORAGE_USERS_DRIVER_LOCAL_ROOT": "/srv/app/tmp/ocis/local/root", @@ -1584,7 +1585,6 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "SHARING_USER_JSON_FILE": "/srv/app/tmp/ocis/shares.json", "PROXY_ENABLE_BASIC_AUTH": True, "WEB_UI_CONFIG": "/drone/src/tests/config/drone/ocis-config.json", - "IDP_IDENTIFIER_REGISTRATION_CONF": "/drone/src/tests/config/drone/identifier-registration.yml", "OCIS_LOG_LEVEL": "error", "SETTINGS_DATA_PATH": "/srv/app/tmp/ocis/settings", "IDM_CREATE_DEMO_USERS": True, @@ -1594,7 +1594,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "name": "wait-for-ocis-server", "image": OC_CI_ALPINE, "commands": [ - "curl -k -u admin:admin --fail --retry-connrefused --retry 10 --retry-all-errors 'https://ocis-server:9200/graph/v1.0/users/admin'", + "curl -k -u admin:admin --fail --retry-connrefused --retry 7 --retry-all-errors 'https://ocis-server:9200/graph/v1.0/users/admin'", ], "depends_on": depends_on, } @@ -1644,6 +1644,7 @@ def ocisServer(storage, accounts_hash_difficulty = 4, volumes = [], depends_on = "OCIS_RUN_EXTENSIONS": "app-registry,app-provider,auth-basic,auth-bearer,auth-machine,frontend,gateway,graph,graph-explorer,groups,nats,notifications,ocdav,ocs,proxy,search,settings,sharing,storage-system,storage-publiclink,storage-shares,storage-users,store,thumbnails,users,web,webdav", "OCIS_LOG_LEVEL": "info", "OCIS_URL": OCIS_URL, + "FRONTEND_ENABLE_RESHARING": "true", "OCIS_BASE_DATA_PATH": "/mnt/data/ocis", "OCIS_CONFIG_DIR": "/etc/ocis", "PROXY_ENABLE_BASIC_AUTH": "true", @@ -2260,6 +2261,7 @@ def parallelAcceptance(env): "OCIS_SKELETON_STRATEGY": "copy", "SEND_SCENARIO_LINE_REFERENCES": "true", "UPLOAD_DELETE_WAIT_TIME": "1", + "FRONTEND_ENABLE_RESHARING": "true", } environment.update(env) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 3ba0c5921b..e3de65b777 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -27,15 +27,15 @@ A clear and concise description of what happened. ## Setup -Please describe how you started the server and provide a list of relevant environment variables. +Please describe how you started the server and provide a list of relevant environment variables or configuration files.

```console -OCIS_VERSION=vX.X.X -BRANCH=vX.X.X -STORAGE_FRONTEND_UPLOAD_DISABLE_TUS=false +OCIS_XXX=somevalue +OCIS_YYY=somevalue +PROXY_XXX=somevalue ```

diff --git a/.github/settings.yml b/.github/settings.yml index ae496fcc1c..9839fdf8de 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -9,7 +9,7 @@ repository: private: false has_issues: true - has_projects: false + has_projects: true has_wiki: false has_downloads: false @@ -43,6 +43,8 @@ teams: permission: push - name: cern permission: triage + - name: ocis-contractors + permission: push branches: - name: master @@ -63,6 +65,7 @@ branches: teams: - ci - employees + - ocis-contractors ... diff --git a/CHANGELOG.md b/CHANGELOG.md index b285d98271..1c2b1a614f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,113 +6,36 @@ The following sections list the changes for unreleased. ## Summary -* Bugfix - Rework default role provisioning: [#3900](https://github.com/owncloud/ocis/issues/3900) -* Bugfix - Remove unused OCS storage configuration: [#3955](https://github.com/owncloud/ocis/pull/3955) -* Bugfix - Fix version info: [#3953](https://github.com/owncloud/ocis/pull/3953) -* Bugfix - Fix graph endpoint: [#3925](https://github.com/owncloud/ocis/issues/3925) -* Bugfix - Make IDP only wait for certs when using LDAP: [#3965](https://github.com/owncloud/ocis/pull/3965) -* Bugfix - Make ocdav service behave properly: [#3957](https://github.com/owncloud/ocis/pull/3957) -* Enhancement - Add audit events for created containers: [#3941](https://github.com/owncloud/ocis/pull/3941) -* Enhancement - Don't setup demo role assignments on default: [#3661](https://github.com/owncloud/ocis/issues/3661) -* Enhancement - Disable the color logging in docker compose examples: [#871](https://github.com/owncloud/ocis/issues/871) -* Enhancement - Allow resharing: [#3903](https://github.com/owncloud/ocis/pull/3903) -* Enhancement - Make thumbnails service log less noisy: [#3959](https://github.com/owncloud/ocis/pull/3959) -* Enhancement - Update reva: [#3944](https://github.com/owncloud/ocis/pull/3944) +* Enhancement - Add FRONTEND_ENABLE_RESHARING env variable: [#4023](https://github.com/owncloud/ocis/pull/4023) +* Enhancement - Generate signing key and encryption secret: [#3909](https://github.com/owncloud/ocis/issues/3909) +* Enhancement - Update reva: [#4025](https://github.com/owncloud/ocis/pull/4025) ## Details -* Bugfix - Rework default role provisioning: [#3900](https://github.com/owncloud/ocis/issues/3900) +* Enhancement - Add FRONTEND_ENABLE_RESHARING env variable: [#4023](https://github.com/owncloud/ocis/pull/4023) - We fixed a race condition in the default role assignment code that could lead to users loosing - privileges. When authenticating before the settings service was fully running. + We introduced resharing which was enabled by default, this is now configurable and can be + enabled by setting the env `FRONTEND_ENABLE_RESHARING` to `true`. By default resharing is + now disabled. - https://github.com/owncloud/ocis/issues/3900 + https://github.com/owncloud/ocis/pull/4023 -* Bugfix - Remove unused OCS storage configuration: [#3955](https://github.com/owncloud/ocis/pull/3955) +* Enhancement - Generate signing key and encryption secret: [#3909](https://github.com/owncloud/ocis/issues/3909) - We've removed the unused OCS configuration option `OCS_STORAGE_USERS_DRIVER`. + The idp service now automatically generates a signing key and encryption secret when they + don't exist. This will enable service restarts without invalidating existing sessions. - https://github.com/owncloud/ocis/pull/3955 + https://github.com/owncloud/ocis/issues/3909 + https://github.com/owncloud/ocis/pull/4022 -* Bugfix - Fix version info: [#3953](https://github.com/owncloud/ocis/pull/3953) +* Enhancement - Update reva: [#4025](https://github.com/owncloud/ocis/pull/4025) - We've fixed the version info that is displayed when you run: + https://github.com/owncloud/ocis/pull/4025 +# Changelog for [2.0.0-beta.4] (2022-06-22) - - `ocis version` - `ocis version` +The following sections list the changes for 2.0.0-beta.4. - Since #2918, these commands returned an empty version only. - - https://github.com/owncloud/ocis/pull/3953 - -* Bugfix - Fix graph endpoint: [#3925](https://github.com/owncloud/ocis/issues/3925) - - We have added the memberOf slice to the /users endpoint and the member slice to the /group - endpoint - - https://github.com/owncloud/ocis/issues/3925 - -* Bugfix - Make IDP only wait for certs when using LDAP: [#3965](https://github.com/owncloud/ocis/pull/3965) - - When configuring cs3 as the backend the IDP no longer waits for an LDAP certificate to appear. - - https://github.com/owncloud/ocis/pull/3965 - -* Bugfix - Make ocdav service behave properly: [#3957](https://github.com/owncloud/ocis/pull/3957) - - The ocdav service now properly passes the tracing config and shuts down when receiving a kill - signal. - - https://github.com/owncloud/ocis/pull/3957 - -* Enhancement - Add audit events for created containers: [#3941](https://github.com/owncloud/ocis/pull/3941) - - Handle the event `ContainerCreated` in the audit service. - - https://github.com/owncloud/ocis/pull/3941 - -* Enhancement - Don't setup demo role assignments on default: [#3661](https://github.com/owncloud/ocis/issues/3661) - - Added a configuration option to explicitly tell the settings service to generate the default - role assignments. - - https://github.com/owncloud/ocis/issues/3661 - https://github.com/owncloud/ocis/pull/3956 - -* Enhancement - Disable the color logging in docker compose examples: [#871](https://github.com/owncloud/ocis/issues/871) - - Disabled the color logging in the example docker compose deployments. Although colored logs - are helpful during the development process they may be undesired in other situations like - production deployments, where the logs aren't consumed by humans directly but instead by a log - aggregator. - - https://github.com/owncloud/ocis/issues/871 - https://github.com/owncloud/ocis/pull/3935 - -* Enhancement - Allow resharing: [#3903](https://github.com/owncloud/ocis/pull/3903) - - This will allow resharing files - - https://github.com/owncloud/ocis/pull/3903 - -* Enhancement - Make thumbnails service log less noisy: [#3959](https://github.com/owncloud/ocis/pull/3959) - - Reduced the log severity when no thumbnail was found from warn to debug. This reduces the spam in - the logs. - - https://github.com/owncloud/ocis/pull/3959 - -* Enhancement - Update reva: [#3944](https://github.com/owncloud/ocis/pull/3944) - - TBD - - https://github.com/owncloud/ocis/pull/3944 - https://github.com/owncloud/ocis/pull/3975 - https://github.com/owncloud/ocis/pull/3982 -# Changelog for [2.0.0-beta.3] (2022-06-08) - -The following sections list the changes for 2.0.0-beta.3. - -[2.0.0-beta.3]: https://github.com/owncloud/ocis/compare/v1.20.0...v2.0.0-beta.3 +[2.0.0-beta.4]: https://github.com/owncloud/ocis/compare/v1.20.0...v2.0.0-beta.4 ## Summary @@ -122,11 +45,13 @@ The following sections list the changes for 2.0.0-beta.3. * Bugfix - Remove unused transfer secret from app provider: [#3798](https://github.com/owncloud/ocis/pull/3798) * Bugfix - Make IDP secrets configurable via environment variables: [#3744](https://github.com/owncloud/ocis/pull/3744) * Bugfix - Enable debug server by default: [#3827](https://github.com/owncloud/ocis/pull/3827) +* Bugfix - Rework default role provisioning: [#3900](https://github.com/owncloud/ocis/issues/3900) * Bugfix - Fix search index getting out of sync: [#3851](https://github.com/owncloud/ocis/pull/3851) * Bugfix - Inconsistency env var naming for LDAP filter configuration: [#3890](https://github.com/owncloud/ocis/issues/3890) * Bugfix - Fix LDAP insecure options: [#3897](https://github.com/owncloud/ocis/pull/3897) * Bugfix - Set default name for public link via capabilities: [#3834](https://github.com/owncloud/ocis/pull/3834) * Bugfix - Remove legacy accounts proxy routes: [#3831](https://github.com/owncloud/ocis/pull/3831) +* Bugfix - Remove unused OCS storage configuration: [#3955](https://github.com/owncloud/ocis/pull/3955) * Bugfix - Fix the `ocis search` command: [#3796](https://github.com/owncloud/ocis/pull/3796) * Bugfix - Rename search env variable for the grpc server address: [#3800](https://github.com/owncloud/ocis/pull/3800) * Bugfix - Fix the idm and settings extensions' admin user id configuration option: [#3799](https://github.com/owncloud/ocis/pull/3799) @@ -134,9 +59,13 @@ The following sections list the changes for 2.0.0-beta.3. * Bugfix - Fix multiple storage-users env variables: [#3802](https://github.com/owncloud/ocis/pull/3802) * Bugfix - Thumbnails for `/dav/xxx?preview=1` requests: [#3567](https://github.com/owncloud/ocis/pull/3567) * Bugfix - Fix user autoprovisioning: [#3893](https://github.com/owncloud/ocis/issues/3893) +* Bugfix - Fix version info: [#3953](https://github.com/owncloud/ocis/pull/3953) * Bugfix - Fix version number in status page: [#3788](https://github.com/owncloud/ocis/issues/3788) * Bugfix - Fix the webdav URL of drive roots: [#3706](https://github.com/owncloud/ocis/issues/3706) * Bugfix - Idp: Check if CA certificate if present: [#3623](https://github.com/owncloud/ocis/issues/3623) +* Bugfix - Fix graph endpoint: [#3925](https://github.com/owncloud/ocis/issues/3925) +* Bugfix - Make IDP only wait for certs when using LDAP: [#3965](https://github.com/owncloud/ocis/pull/3965) +* Bugfix - Make ocdav service behave properly: [#3957](https://github.com/owncloud/ocis/pull/3957) * Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483) * Bugfix - Save Katherine: [#3823](https://github.com/owncloud/ocis/issues/3823) * Bugfix - Fix Thumbnails for IDs without a trailing path: [#3791](https://github.com/owncloud/ocis/pull/3791) @@ -154,24 +83,32 @@ The following sections list the changes for 2.0.0-beta.3. * Change - Rename serviceUser to systemUser: [#3673](https://github.com/owncloud/ocis/pull/3673) * Change - Split MachineAuth from SystemUser: [#3672](https://github.com/owncloud/ocis/pull/3672) * Enhancement - Align service naming: [#3606](https://github.com/owncloud/ocis/pull/3606) +* Enhancement - Add acting user to the audit log: [#3753](https://github.com/owncloud/ocis/issues/3753) +* Enhancement - Add audit events for created containers: [#3941](https://github.com/owncloud/ocis/pull/3941) +* Enhancement - Don't setup demo role assignments on default: [#3661](https://github.com/owncloud/ocis/issues/3661) * Enhancement - Introduce service registry cache: [#3833](https://github.com/owncloud/ocis/pull/3833) * Enhancement - Reintroduce user autoprovisioning in proxy: [#3860](https://github.com/owncloud/ocis/pull/3860) +* Enhancement - Disable the color logging in docker compose examples: [#871](https://github.com/owncloud/ocis/issues/871) * Enhancement - Add config option to provide TLS certificate: [#3818](https://github.com/owncloud/ocis/issues/3818) * Enhancement - Add descriptions for graph-explorer config: [#3759](https://github.com/owncloud/ocis/pull/3759) * Enhancement - Add /me/changePassword endpoint to GraphAPI: [#3063](https://github.com/owncloud/ocis/issues/3063) * Enhancement - Wrap metadata storage with dedicated reva gateway: [#3602](https://github.com/owncloud/ocis/pull/3602) * Enhancement - Product field in OCS version: [#2918](https://github.com/owncloud/ocis/pull/2918) +* Enhancement - Allow resharing: [#3904](https://github.com/owncloud/ocis/pull/3904) * Enhancement - Add initial version of the search extensions: [#3635](https://github.com/owncloud/ocis/pull/3635) * Enhancement - Add capability for public link single file edit: [#6787](https://github.com/owncloud/web/pull/6787) * Enhancement - Added `share_jail` and `projects` feature flags in spaces capability: [#3626](https://github.com/owncloud/ocis/pull/3626) * Enhancement - Add description tags to the thumbnails config structs: [#3752](https://github.com/owncloud/ocis/pull/3752) +* Enhancement - Make thumbnails service log less noisy: [#3959](https://github.com/owncloud/ocis/pull/3959) * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) +* Enhancement - Update reva: [#3944](https://github.com/owncloud/ocis/pull/3944) * Enhancement - Update reva to version 2.4.1: [#3746](https://github.com/owncloud/ocis/pull/3746) * Enhancement - Update reva to version 2.5.1: [#3932](https://github.com/owncloud/ocis/pull/3932) * Enhancement - Update reva to v2.3.1: [#3552](https://github.com/owncloud/ocis/pull/3552) * Enhancement - Update ownCloud Web to v5.5.0-rc.8: [#6854](https://github.com/owncloud/web/pull/6854) * Enhancement - Update ownCloud Web to v5.5.0-rc.9: [#6854](https://github.com/owncloud/web/pull/6854) * Enhancement - Update ownCloud Web to v5.5.0-rc.6: [#6854](https://github.com/owncloud/web/pull/6854) +* Enhancement - Update ownCloud Web to v5.7.0-rc.1: [#4005](https://github.com/owncloud/ocis/pull/4005) * Enhancement - Add descriptions to webdav configuration: [#3755](https://github.com/owncloud/ocis/pull/3755) ## Details @@ -225,6 +162,13 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3827 +* Bugfix - Rework default role provisioning: [#3900](https://github.com/owncloud/ocis/issues/3900) + + We fixed a race condition in the default role assignment code that could lead to users loosing + privileges. When authenticating before the settings service was fully running. + + https://github.com/owncloud/ocis/issues/3900 + * Bugfix - Fix search index getting out of sync: [#3851](https://github.com/owncloud/ocis/pull/3851) We fixed a problem where the search index got out of sync with child elements of a parent @@ -270,6 +214,12 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3831 +* Bugfix - Remove unused OCS storage configuration: [#3955](https://github.com/owncloud/ocis/pull/3955) + + We've removed the unused OCS configuration option `OCS_STORAGE_USERS_DRIVER`. + + https://github.com/owncloud/ocis/pull/3955 + * Bugfix - Fix the `ocis search` command: [#3796](https://github.com/owncloud/ocis/pull/3796) We've fixed the behavior for `ocis search`, which didn't show further help when not all secrets @@ -334,6 +284,16 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/issues/3893 +* Bugfix - Fix version info: [#3953](https://github.com/owncloud/ocis/pull/3953) + + We've fixed the version info that is displayed when you run: + + - `ocis version` - `ocis version` + + Since #2918, these commands returned an empty version only. + + https://github.com/owncloud/ocis/pull/3953 + * Bugfix - Fix version number in status page: [#3788](https://github.com/owncloud/ocis/issues/3788) We needed to undo the version number changes on the status page to keep compatibility for legacy @@ -357,6 +317,26 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/issues/3623 +* Bugfix - Fix graph endpoint: [#3925](https://github.com/owncloud/ocis/issues/3925) + + We have added the memberOf slice to the /users endpoint and the member slice to the /group + endpoint + + https://github.com/owncloud/ocis/issues/3925 + +* Bugfix - Make IDP only wait for certs when using LDAP: [#3965](https://github.com/owncloud/ocis/pull/3965) + + When configuring cs3 as the backend the IDP no longer waits for an LDAP certificate to appear. + + https://github.com/owncloud/ocis/pull/3965 + +* Bugfix - Make ocdav service behave properly: [#3957](https://github.com/owncloud/ocis/pull/3957) + + The ocdav service now properly passes the tracing config and shuts down when receiving a kill + signal. + + https://github.com/owncloud/ocis/pull/3957 + * Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: [#3483](https://github.com/owncloud/ocis/issues/3483) The ocs API was just exiting with a fatal error on any update request, when configured for the cs3 @@ -492,6 +472,27 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/issues/3603 https://github.com/owncloud/ocis/pull/3606 +* Enhancement - Add acting user to the audit log: [#3753](https://github.com/owncloud/ocis/issues/3753) + + Added the acting user to the events in the audit log. + + https://github.com/owncloud/ocis/issues/3753 + https://github.com/owncloud/ocis/pull/3992 + +* Enhancement - Add audit events for created containers: [#3941](https://github.com/owncloud/ocis/pull/3941) + + Handle the event `ContainerCreated` in the audit service. + + https://github.com/owncloud/ocis/pull/3941 + +* Enhancement - Don't setup demo role assignments on default: [#3661](https://github.com/owncloud/ocis/issues/3661) + + Added a configuration option to explicitly tell the settings service to generate the default + role assignments. + + https://github.com/owncloud/ocis/issues/3661 + https://github.com/owncloud/ocis/pull/3956 + * Enhancement - Introduce service registry cache: [#3833](https://github.com/owncloud/ocis/pull/3833) We've improved the service registry / service discovery by setting up registry caching (TTL @@ -507,6 +508,16 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3860 +* Enhancement - Disable the color logging in docker compose examples: [#871](https://github.com/owncloud/ocis/issues/871) + + Disabled the color logging in the example docker compose deployments. Although colored logs + are helpful during the development process they may be undesired in other situations like + production deployments, where the logs aren't consumed by humans directly but instead by a log + aggregator. + + https://github.com/owncloud/ocis/issues/871 + https://github.com/owncloud/ocis/pull/3935 + * Enhancement - Add config option to provide TLS certificate: [#3818](https://github.com/owncloud/ocis/issues/3818) Added a config option to the graph service to provide a TLS certificate to be used to verify the @@ -548,6 +559,12 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/2918 +* Enhancement - Allow resharing: [#3904](https://github.com/owncloud/ocis/pull/3904) + + This will allow resharing files + + https://github.com/owncloud/ocis/pull/3904 + * Enhancement - Add initial version of the search extensions: [#3635](https://github.com/owncloud/ocis/pull/3635) It is now possible to search for files and directories by their name using the web UI. Therefor @@ -585,6 +602,13 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3752 +* Enhancement - Make thumbnails service log less noisy: [#3959](https://github.com/owncloud/ocis/pull/3959) + + Reduced the log severity when no thumbnail was found from warn to debug. This reduces the spam in + the logs. + + https://github.com/owncloud/ocis/pull/3959 + * Enhancement - Update linkshare capabilities: [#3579](https://github.com/owncloud/ocis/pull/3579) We have updated the capabilities regarding password enforcement and expiration dates of @@ -593,6 +617,38 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3579 +* Enhancement - Update reva: [#3944](https://github.com/owncloud/ocis/pull/3944) + + Changelog for reva 2.6.0 (2022-06-21) ======================================= + + The following sections list the changes in reva 2.6.0 relevant to reva users. The changes are + ordered by importance. + + * Bugfix [cs3org/reva#2985](https://github.com/cs3org/reva/pull/2985): Make stat requests route based on storage providerid + * Bugfix [cs3org/reva#2987](https://github.com/cs3org/reva/pull/2987): Let archiver handle all error codes + * Bugfix [cs3org/reva#2994](https://github.com/cs3org/reva/pull/2994): Bugfix errors when loading shares + * Bugfix [cs3org/reva#2996](https://github.com/cs3org/reva/pull/2996): Do not close share dump channels + * Bugfix [cs3org/reva#2993](https://github.com/cs3org/reva/pull/2993): Remove unused configuration + * Bugfix [cs3org/reva#2950](https://github.com/cs3org/reva/pull/2950): Bugfix sharing with space ref + * Bugfix [cs3org/reva#2991](https://github.com/cs3org/reva/pull/2991): Make sharesstorageprovider get accepted share + * Change [cs3org/reva#2877](https://github.com/cs3org/reva/pull/2877): Enable resharing + * Change [cs3org/reva#2984](https://github.com/cs3org/reva/pull/2984): Update CS3Apis + * Enhancement [cs3org/reva#3753](https://github.com/cs3org/reva/pull/3753): Add executant to the events + * Enhancement [cs3org/reva#2820](https://github.com/cs3org/reva/pull/2820): Instrument GRPC and HTTP requests with OTel + * Enhancement [cs3org/reva#2975](https://github.com/cs3org/reva/pull/2975): Leverage shares space storageid and type when listing shares + * Enhancement [cs3org/reva#3882](https://github.com/cs3org/reva/pull/3882): Explicitly return on ocdav move requests with body + * Enhancement [cs3org/reva#2932](https://github.com/cs3org/reva/pull/2932): Stat accepted shares mountpoints, configure existing share updates + * Enhancement [cs3org/reva#2944](https://github.com/cs3org/reva/pull/2944): Improve owncloudsql connection management + * Enhancement [cs3org/reva#2962](https://github.com/cs3org/reva/pull/2962): Per service TracerProvider + * Enhancement [cs3org/reva#2911](https://github.com/cs3org/reva/pull/2911): Allow for dumping and loading shares + * Enhancement [cs3org/reva#2938](https://github.com/cs3org/reva/pull/2938): Sharpen tooling + + https://github.com/owncloud/ocis/pull/3944 + https://github.com/owncloud/ocis/pull/3975 + https://github.com/owncloud/ocis/pull/3982 + https://github.com/owncloud/ocis/pull/4000 + https://github.com/owncloud/ocis/pull/4006 + * Enhancement - Update reva to version 2.4.1: [#3746](https://github.com/owncloud/ocis/pull/3746) Changelog for reva 2.4.1 (2022-05-24) ======================================= @@ -798,6 +854,40 @@ The following sections list the changes for 2.0.0-beta.3. https://github.com/owncloud/ocis/pull/3797 https://github.com/owncloud/web/releases/tag/v5.5.0-rc.6 +* Enhancement - Update ownCloud Web to v5.7.0-rc.1: [#4005](https://github.com/owncloud/ocis/pull/4005) + + Tags: web + + We updated ownCloud Web to v5.7.0-rc.1. Please refer to the changelog (linked) for details on + the web release. + + * Enhancement [owncloud/web#7119](https://github.com/owncloud/web/pull/7119): Copy/Move conflict dialog + * Enhancement [owncloud/web#7122](https://github.com/owncloud/web/pull/7122): Enable Drag&Drop and keyboard shortcuts for all views + * Enhancement [owncloud/web#7053](https://github.com/owncloud/web/pull/7053): Personal space id in URL + * Enhancement [owncloud/web#6933](https://github.com/owncloud/web/pull/6933): Customize additional mimeTypes for preview app + * Enhancement [owncloud/web#7078](https://github.com/owncloud/web/pull/7078): Add Hotkeys to ResourceTable + * Enhancement [owncloud/web#7120](https://github.com/owncloud/web/pull/7120): Use tus chunksize from backend + * Enhancement [owncloud/web#6749](https://github.com/owncloud/web/pull/6749): Update ODS to v13.2.0-rc.1 + * Enhancement [owncloud/web#7111](https://github.com/owncloud/web/pull/7111): Upload data during creation + * Enhancement [owncloud/web#7109](https://github.com/owncloud/web/pull/7109): Clickable folder links in upload overlay + * Enhancement [owncloud/web#7123](https://github.com/owncloud/web/pull/7123): Indeterminate progress bar in upload overlay + * Enhancement [owncloud/web#7088](https://github.com/owncloud/web/pull/7088): Upload time estimation + * Enhancement [owncloud/web#7125](https://github.com/owncloud/web/pull/7125): Wording improvements + * Enhancement [owncloud/web#7140](https://github.com/owncloud/web/pull/7140): Separate direct and indirect link shares in sidebar + * Bugfix [owncloud/web#7156](https://github.com/owncloud/web/pull/7156): Folder link targets + * Bugfix [owncloud/web#7108](https://github.com/owncloud/web/pull/7108): Reload of an updated space-image and/or -readme + * Bugfix [owncloud/web#6846](https://github.com/owncloud/web/pull/6846): Upload meta data serialization + * Bugfix [owncloud/web#7100](https://github.com/owncloud/web/pull/7100): Complete-state of the upload overlay + * Bugfix [owncloud/web#7104](https://github.com/owncloud/web/pull/7104): Parent folder name on public links + * Bugfix [owncloud/web#7173](https://github.com/owncloud/web/pull/7173): Re-introduce dynamic app name in document title + * Bugfix [owncloud/web#7166](https://github.com/owncloud/web/pull/7166): External apps fixes + + https://github.com/owncloud/ocis/pull/4005 + https://github.com/owncloud/web/pull/7158 + https://github.com/owncloud/ocis/pull/3990 + https://github.com/owncloud/web/pull/6854 + https://github.com/owncloud/web/releases/tag/v5.7.0-rc.1 + * Enhancement - Add descriptions to webdav configuration: [#3755](https://github.com/owncloud/ocis/pull/3755) Added descriptions to webdav config structs to include them in the config documentation. diff --git a/changelog/2.0.0_2022-06-08/align-service-naming.md b/changelog/2.0.0_2022-06-22/align-service-naming.md similarity index 100% rename from changelog/2.0.0_2022-06-08/align-service-naming.md rename to changelog/2.0.0_2022-06-22/align-service-naming.md diff --git a/changelog/2.0.0_2022-06-22/audit-service.md b/changelog/2.0.0_2022-06-22/audit-service.md new file mode 100644 index 0000000000..f49d02eabb --- /dev/null +++ b/changelog/2.0.0_2022-06-22/audit-service.md @@ -0,0 +1,6 @@ +Enhancement: add acting user to the audit log + +Added the acting user to the events in the audit log. + +https://github.com/owncloud/ocis/issues/3753 +https://github.com/owncloud/ocis/pull/3992 diff --git a/changelog/2.0.0_2022-06-08/bump-ocis-package-v2.md b/changelog/2.0.0_2022-06-22/bump-ocis-package-v2.md similarity index 100% rename from changelog/2.0.0_2022-06-08/bump-ocis-package-v2.md rename to changelog/2.0.0_2022-06-22/bump-ocis-package-v2.md diff --git a/changelog/2.0.0_2022-06-08/change-load-config-from-only-one-dir.md b/changelog/2.0.0_2022-06-22/change-load-config-from-only-one-dir.md similarity index 100% rename from changelog/2.0.0_2022-06-08/change-load-config-from-only-one-dir.md rename to changelog/2.0.0_2022-06-22/change-load-config-from-only-one-dir.md diff --git a/changelog/2.0.0_2022-06-08/change-ocis-docker-volume-permissions.md b/changelog/2.0.0_2022-06-22/change-ocis-docker-volume-permissions.md similarity index 100% rename from changelog/2.0.0_2022-06-08/change-ocis-docker-volume-permissions.md rename to changelog/2.0.0_2022-06-22/change-ocis-docker-volume-permissions.md diff --git a/changelog/2.0.0_2022-06-08/change-ocis-init.md b/changelog/2.0.0_2022-06-22/change-ocis-init.md similarity index 100% rename from changelog/2.0.0_2022-06-08/change-ocis-init.md rename to changelog/2.0.0_2022-06-22/change-ocis-init.md diff --git a/changelog/2.0.0_2022-06-08/change-remove-runtime-kill-run-commands.md b/changelog/2.0.0_2022-06-22/change-remove-runtime-kill-run-commands.md similarity index 100% rename from changelog/2.0.0_2022-06-08/change-remove-runtime-kill-run-commands.md rename to changelog/2.0.0_2022-06-22/change-remove-runtime-kill-run-commands.md diff --git a/changelog/unreleased/container-created-audit.md b/changelog/2.0.0_2022-06-22/container-created-audit.md similarity index 100% rename from changelog/unreleased/container-created-audit.md rename to changelog/2.0.0_2022-06-22/container-created-audit.md diff --git a/changelog/unreleased/default-role-assignments.md b/changelog/2.0.0_2022-06-22/default-role-assignments.md similarity index 100% rename from changelog/unreleased/default-role-assignments.md rename to changelog/2.0.0_2022-06-22/default-role-assignments.md diff --git a/changelog/2.0.0_2022-06-08/deleteSpacePermissions.md b/changelog/2.0.0_2022-06-22/deleteSpacePermissions.md similarity index 100% rename from changelog/2.0.0_2022-06-08/deleteSpacePermissions.md rename to changelog/2.0.0_2022-06-22/deleteSpacePermissions.md diff --git a/changelog/2.0.0_2022-06-08/enhancement-registry-cache.md b/changelog/2.0.0_2022-06-22/enhancement-registry-cache.md similarity index 100% rename from changelog/2.0.0_2022-06-08/enhancement-registry-cache.md rename to changelog/2.0.0_2022-06-22/enhancement-registry-cache.md diff --git a/changelog/2.0.0_2022-06-08/enhancement-user-autoprovision.md b/changelog/2.0.0_2022-06-22/enhancement-user-autoprovision.md similarity index 100% rename from changelog/2.0.0_2022-06-08/enhancement-user-autoprovision.md rename to changelog/2.0.0_2022-06-22/enhancement-user-autoprovision.md diff --git a/changelog/unreleased/example-deployments.md b/changelog/2.0.0_2022-06-22/example-deployments.md similarity index 100% rename from changelog/unreleased/example-deployments.md rename to changelog/2.0.0_2022-06-22/example-deployments.md diff --git a/changelog/2.0.0_2022-06-08/fix-allow-empty-environment-variables b/changelog/2.0.0_2022-06-22/fix-allow-empty-environment-variables similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-allow-empty-environment-variables rename to changelog/2.0.0_2022-06-22/fix-allow-empty-environment-variables diff --git a/changelog/2.0.0_2022-06-08/fix-app-provider-unused-transfer-secret.md b/changelog/2.0.0_2022-06-22/fix-app-provider-unused-transfer-secret.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-app-provider-unused-transfer-secret.md rename to changelog/2.0.0_2022-06-22/fix-app-provider-unused-transfer-secret.md diff --git a/changelog/2.0.0_2022-06-08/fix-configure-idp-secrets-env.md b/changelog/2.0.0_2022-06-22/fix-configure-idp-secrets-env.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-configure-idp-secrets-env.md rename to changelog/2.0.0_2022-06-22/fix-configure-idp-secrets-env.md diff --git a/changelog/2.0.0_2022-06-08/fix-debug-config-enable-by-default.md b/changelog/2.0.0_2022-06-22/fix-debug-config-enable-by-default.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-debug-config-enable-by-default.md rename to changelog/2.0.0_2022-06-22/fix-debug-config-enable-by-default.md diff --git a/changelog/unreleased/fix-default-role-assign.md b/changelog/2.0.0_2022-06-22/fix-default-role-assign.md similarity index 100% rename from changelog/unreleased/fix-default-role-assign.md rename to changelog/2.0.0_2022-06-22/fix-default-role-assign.md diff --git a/changelog/2.0.0_2022-06-08/fix-index-integrity.md b/changelog/2.0.0_2022-06-22/fix-index-integrity.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-index-integrity.md rename to changelog/2.0.0_2022-06-22/fix-index-integrity.md diff --git a/changelog/2.0.0_2022-06-08/fix-ldap-filter-envvar.md b/changelog/2.0.0_2022-06-22/fix-ldap-filter-envvar.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-ldap-filter-envvar.md rename to changelog/2.0.0_2022-06-22/fix-ldap-filter-envvar.md diff --git a/changelog/2.0.0_2022-06-08/fix-ldap-insecure-options.md b/changelog/2.0.0_2022-06-22/fix-ldap-insecure-options.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-ldap-insecure-options.md rename to changelog/2.0.0_2022-06-22/fix-ldap-insecure-options.md diff --git a/changelog/2.0.0_2022-06-08/fix-public-link-defaultname-capability b/changelog/2.0.0_2022-06-22/fix-public-link-defaultname-capability similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-public-link-defaultname-capability rename to changelog/2.0.0_2022-06-22/fix-public-link-defaultname-capability diff --git a/changelog/2.0.0_2022-06-08/fix-remove-legacy-accounts-routes.md b/changelog/2.0.0_2022-06-22/fix-remove-legacy-accounts-routes.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-remove-legacy-accounts-routes.md rename to changelog/2.0.0_2022-06-22/fix-remove-legacy-accounts-routes.md diff --git a/changelog/unreleased/fix-remove-unused-ocs-storage-config.md b/changelog/2.0.0_2022-06-22/fix-remove-unused-ocs-storage-config.md similarity index 100% rename from changelog/unreleased/fix-remove-unused-ocs-storage-config.md rename to changelog/2.0.0_2022-06-22/fix-remove-unused-ocs-storage-config.md diff --git a/changelog/2.0.0_2022-06-08/fix-search-command-server-command.md b/changelog/2.0.0_2022-06-22/fix-search-command-server-command.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-search-command-server-command.md rename to changelog/2.0.0_2022-06-22/fix-search-command-server-command.md diff --git a/changelog/2.0.0_2022-06-08/fix-search-grpc-addr-env.md b/changelog/2.0.0_2022-06-22/fix-search-grpc-addr-env.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-search-grpc-addr-env.md rename to changelog/2.0.0_2022-06-22/fix-search-grpc-addr-env.md diff --git a/changelog/2.0.0_2022-06-08/fix-settings-idm-adminuserid.md b/changelog/2.0.0_2022-06-22/fix-settings-idm-adminuserid.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-settings-idm-adminuserid.md rename to changelog/2.0.0_2022-06-22/fix-settings-idm-adminuserid.md diff --git a/changelog/2.0.0_2022-06-08/fix-skip-validate-for-non-fullstack.md b/changelog/2.0.0_2022-06-22/fix-skip-validate-for-non-fullstack.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-skip-validate-for-non-fullstack.md rename to changelog/2.0.0_2022-06-22/fix-skip-validate-for-non-fullstack.md diff --git a/changelog/2.0.0_2022-06-08/fix-storage-users-config.md b/changelog/2.0.0_2022-06-22/fix-storage-users-config.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-storage-users-config.md rename to changelog/2.0.0_2022-06-22/fix-storage-users-config.md diff --git a/changelog/2.0.0_2022-06-08/fix-thumbnails-dav.md b/changelog/2.0.0_2022-06-22/fix-thumbnails-dav.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-thumbnails-dav.md rename to changelog/2.0.0_2022-06-22/fix-thumbnails-dav.md diff --git a/changelog/2.0.0_2022-06-08/fix-user-autoprovision.md b/changelog/2.0.0_2022-06-22/fix-user-autoprovision.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-user-autoprovision.md rename to changelog/2.0.0_2022-06-22/fix-user-autoprovision.md diff --git a/changelog/unreleased/fix-version-info b/changelog/2.0.0_2022-06-22/fix-version-info similarity index 100% rename from changelog/unreleased/fix-version-info rename to changelog/2.0.0_2022-06-22/fix-version-info diff --git a/changelog/2.0.0_2022-06-08/fix-version.md b/changelog/2.0.0_2022-06-22/fix-version.md similarity index 100% rename from changelog/2.0.0_2022-06-08/fix-version.md rename to changelog/2.0.0_2022-06-22/fix-version.md diff --git a/changelog/2.0.0_2022-06-08/glauth-accounts-rm.md b/changelog/2.0.0_2022-06-22/glauth-accounts-rm.md similarity index 100% rename from changelog/2.0.0_2022-06-08/glauth-accounts-rm.md rename to changelog/2.0.0_2022-06-22/glauth-accounts-rm.md diff --git a/changelog/2.0.0_2022-06-08/graph-cacert.md b/changelog/2.0.0_2022-06-22/graph-cacert.md similarity index 100% rename from changelog/2.0.0_2022-06-08/graph-cacert.md rename to changelog/2.0.0_2022-06-22/graph-cacert.md diff --git a/changelog/2.0.0_2022-06-08/graph-explorer-env-doc.md b/changelog/2.0.0_2022-06-22/graph-explorer-env-doc.md similarity index 100% rename from changelog/2.0.0_2022-06-08/graph-explorer-env-doc.md rename to changelog/2.0.0_2022-06-22/graph-explorer-env-doc.md diff --git a/changelog/2.0.0_2022-06-08/graph-me-changepw.md b/changelog/2.0.0_2022-06-22/graph-me-changepw.md similarity index 100% rename from changelog/2.0.0_2022-06-08/graph-me-changepw.md rename to changelog/2.0.0_2022-06-22/graph-me-changepw.md diff --git a/changelog/2.0.0_2022-06-08/graph-me-drives.md b/changelog/2.0.0_2022-06-22/graph-me-drives.md similarity index 100% rename from changelog/2.0.0_2022-06-08/graph-me-drives.md rename to changelog/2.0.0_2022-06-22/graph-me-drives.md diff --git a/changelog/2.0.0_2022-06-08/graph-webdav-url.md b/changelog/2.0.0_2022-06-22/graph-webdav-url.md similarity index 100% rename from changelog/2.0.0_2022-06-08/graph-webdav-url.md rename to changelog/2.0.0_2022-06-22/graph-webdav-url.md diff --git a/changelog/2.0.0_2022-06-08/idp-cert-wait.md b/changelog/2.0.0_2022-06-22/idp-cert-wait.md similarity index 100% rename from changelog/2.0.0_2022-06-08/idp-cert-wait.md rename to changelog/2.0.0_2022-06-22/idp-cert-wait.md diff --git a/changelog/unreleased/improve-graph.md b/changelog/2.0.0_2022-06-22/improve-graph.md similarity index 100% rename from changelog/unreleased/improve-graph.md rename to changelog/2.0.0_2022-06-22/improve-graph.md diff --git a/changelog/2.0.0_2022-06-08/libregraph-idm-switch.md b/changelog/2.0.0_2022-06-22/libregraph-idm-switch.md similarity index 100% rename from changelog/2.0.0_2022-06-08/libregraph-idm-switch.md rename to changelog/2.0.0_2022-06-22/libregraph-idm-switch.md diff --git a/changelog/unreleased/make-idp-only-wait-for-certs-when-using-ldap.md b/changelog/2.0.0_2022-06-22/make-idp-only-wait-for-certs-when-using-ldap.md similarity index 100% rename from changelog/unreleased/make-idp-only-wait-for-certs-when-using-ldap.md rename to changelog/2.0.0_2022-06-22/make-idp-only-wait-for-certs-when-using-ldap.md diff --git a/changelog/unreleased/make-ocdav-service-behave.md b/changelog/2.0.0_2022-06-22/make-ocdav-service-behave.md similarity index 100% rename from changelog/unreleased/make-ocdav-service-behave.md rename to changelog/2.0.0_2022-06-22/make-ocdav-service-behave.md diff --git a/changelog/2.0.0_2022-06-08/metadata-gateway.md b/changelog/2.0.0_2022-06-22/metadata-gateway.md similarity index 100% rename from changelog/2.0.0_2022-06-08/metadata-gateway.md rename to changelog/2.0.0_2022-06-22/metadata-gateway.md diff --git a/changelog/2.0.0_2022-06-08/metadatauserid-systemuserid.md b/changelog/2.0.0_2022-06-22/metadatauserid-systemuserid.md similarity index 100% rename from changelog/2.0.0_2022-06-08/metadatauserid-systemuserid.md rename to changelog/2.0.0_2022-06-22/metadatauserid-systemuserid.md diff --git a/changelog/2.0.0_2022-06-08/new-space-id-functions.md b/changelog/2.0.0_2022-06-22/new-space-id-functions.md similarity index 100% rename from changelog/2.0.0_2022-06-08/new-space-id-functions.md rename to changelog/2.0.0_2022-06-22/new-space-id-functions.md diff --git a/changelog/2.0.0_2022-06-08/ocs-cs3-fatal.md b/changelog/2.0.0_2022-06-22/ocs-cs3-fatal.md similarity index 100% rename from changelog/2.0.0_2022-06-08/ocs-cs3-fatal.md rename to changelog/2.0.0_2022-06-22/ocs-cs3-fatal.md diff --git a/changelog/2.0.0_2022-06-08/ocs-version-product-field.md b/changelog/2.0.0_2022-06-22/ocs-version-product-field.md similarity index 100% rename from changelog/2.0.0_2022-06-08/ocs-version-product-field.md rename to changelog/2.0.0_2022-06-22/ocs-version-product-field.md diff --git a/changelog/2.0.0_2022-06-08/prevent-access-to-disabled-space.md b/changelog/2.0.0_2022-06-22/prevent-access-to-disabled-space.md similarity index 100% rename from changelog/2.0.0_2022-06-08/prevent-access-to-disabled-space.md rename to changelog/2.0.0_2022-06-22/prevent-access-to-disabled-space.md diff --git a/changelog/unreleased/resharing.md b/changelog/2.0.0_2022-06-22/resharing.md similarity index 59% rename from changelog/unreleased/resharing.md rename to changelog/2.0.0_2022-06-22/resharing.md index ee56e90e6c..58a45aed25 100644 --- a/changelog/unreleased/resharing.md +++ b/changelog/2.0.0_2022-06-22/resharing.md @@ -2,4 +2,4 @@ Enhancement: Allow resharing This will allow resharing files -https://github.com/owncloud/ocis/pull/3903 +https://github.com/owncloud/ocis/pull/3904 diff --git a/changelog/2.0.0_2022-06-08/save-katherine.md b/changelog/2.0.0_2022-06-22/save-katherine.md similarity index 100% rename from changelog/2.0.0_2022-06-08/save-katherine.md rename to changelog/2.0.0_2022-06-22/save-katherine.md diff --git a/changelog/2.0.0_2022-06-08/search-extension.md b/changelog/2.0.0_2022-06-22/search-extension.md similarity index 100% rename from changelog/2.0.0_2022-06-08/search-extension.md rename to changelog/2.0.0_2022-06-22/search-extension.md diff --git a/changelog/2.0.0_2022-06-08/serviceUser-systemUser.md b/changelog/2.0.0_2022-06-22/serviceUser-systemUser.md similarity index 100% rename from changelog/2.0.0_2022-06-08/serviceUser-systemUser.md rename to changelog/2.0.0_2022-06-22/serviceUser-systemUser.md diff --git a/changelog/2.0.0_2022-06-08/share-jail-fixes.md b/changelog/2.0.0_2022-06-22/share-jail-fixes.md similarity index 100% rename from changelog/2.0.0_2022-06-08/share-jail-fixes.md rename to changelog/2.0.0_2022-06-22/share-jail-fixes.md diff --git a/changelog/2.0.0_2022-06-08/single-file-edit.md b/changelog/2.0.0_2022-06-22/single-file-edit.md similarity index 100% rename from changelog/2.0.0_2022-06-08/single-file-edit.md rename to changelog/2.0.0_2022-06-22/single-file-edit.md diff --git a/changelog/2.0.0_2022-06-08/spaces-capabilities.md b/changelog/2.0.0_2022-06-22/spaces-capabilities.md similarity index 100% rename from changelog/2.0.0_2022-06-08/spaces-capabilities.md rename to changelog/2.0.0_2022-06-22/spaces-capabilities.md diff --git a/changelog/2.0.0_2022-06-08/split-machineauth-and-systemuserauth.md b/changelog/2.0.0_2022-06-22/split-machineauth-and-systemuserauth.md similarity index 100% rename from changelog/2.0.0_2022-06-08/split-machineauth-and-systemuserauth.md rename to changelog/2.0.0_2022-06-22/split-machineauth-and-systemuserauth.md diff --git a/changelog/2.0.0_2022-06-08/thumbnails-env-doc.md b/changelog/2.0.0_2022-06-22/thumbnails-env-doc.md similarity index 100% rename from changelog/2.0.0_2022-06-08/thumbnails-env-doc.md rename to changelog/2.0.0_2022-06-22/thumbnails-env-doc.md diff --git a/changelog/unreleased/thumbnails-log.md b/changelog/2.0.0_2022-06-22/thumbnails-log.md similarity index 100% rename from changelog/unreleased/thumbnails-log.md rename to changelog/2.0.0_2022-06-22/thumbnails-log.md diff --git a/changelog/2.0.0_2022-06-08/update-linkshare-capabilities.md b/changelog/2.0.0_2022-06-22/update-linkshare-capabilities.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-linkshare-capabilities.md rename to changelog/2.0.0_2022-06-22/update-linkshare-capabilities.md diff --git a/changelog/2.0.0_2022-06-22/update-reva-beta.4.md b/changelog/2.0.0_2022-06-22/update-reva-beta.4.md new file mode 100644 index 0000000000..ded537ded6 --- /dev/null +++ b/changelog/2.0.0_2022-06-22/update-reva-beta.4.md @@ -0,0 +1,32 @@ +Enhancement: Update reva + +Changelog for reva 2.6.0 (2022-06-21) +======================================= + +The following sections list the changes in reva 2.6.0 relevant to +reva users. The changes are ordered by importance. + +* Bugfix [cs3org/reva#2985](https://github.com/cs3org/reva/pull/2985): Make stat requests route based on storage providerid +* Bugfix [cs3org/reva#2987](https://github.com/cs3org/reva/pull/2987): Let archiver handle all error codes +* Bugfix [cs3org/reva#2994](https://github.com/cs3org/reva/pull/2994): Bugfix errors when loading shares +* Bugfix [cs3org/reva#2996](https://github.com/cs3org/reva/pull/2996): Do not close share dump channels +* Bugfix [cs3org/reva#2993](https://github.com/cs3org/reva/pull/2993): Remove unused configuration +* Bugfix [cs3org/reva#2950](https://github.com/cs3org/reva/pull/2950): Bugfix sharing with space ref +* Bugfix [cs3org/reva#2991](https://github.com/cs3org/reva/pull/2991): Make sharesstorageprovider get accepted share +* Change [cs3org/reva#2877](https://github.com/cs3org/reva/pull/2877): Enable resharing +* Change [cs3org/reva#2984](https://github.com/cs3org/reva/pull/2984): Update CS3Apis +* Enhancement [cs3org/reva#3753](https://github.com/cs3org/reva/pull/3753): Add executant to the events +* Enhancement [cs3org/reva#2820](https://github.com/cs3org/reva/pull/2820): Instrument GRPC and HTTP requests with OTel +* Enhancement [cs3org/reva#2975](https://github.com/cs3org/reva/pull/2975): Leverage shares space storageid and type when listing shares +* Enhancement [cs3org/reva#3882](https://github.com/cs3org/reva/pull/3882): Explicitly return on ocdav move requests with body +* Enhancement [cs3org/reva#2932](https://github.com/cs3org/reva/pull/2932): Stat accepted shares mountpoints, configure existing share updates +* Enhancement [cs3org/reva#2944](https://github.com/cs3org/reva/pull/2944): Improve owncloudsql connection management +* Enhancement [cs3org/reva#2962](https://github.com/cs3org/reva/pull/2962): Per service TracerProvider +* Enhancement [cs3org/reva#2911](https://github.com/cs3org/reva/pull/2911): Allow for dumping and loading shares +* Enhancement [cs3org/reva#2938](https://github.com/cs3org/reva/pull/2938): Sharpen tooling + +https://github.com/owncloud/ocis/pull/3944 +https://github.com/owncloud/ocis/pull/3975 +https://github.com/owncloud/ocis/pull/3982 +https://github.com/owncloud/ocis/pull/4000 +https://github.com/owncloud/ocis/pull/4006 diff --git a/changelog/2.0.0_2022-06-08/update-reva-beta2.md b/changelog/2.0.0_2022-06-22/update-reva-beta2.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-reva-beta2.md rename to changelog/2.0.0_2022-06-22/update-reva-beta2.md diff --git a/changelog/2.0.0_2022-06-08/update-reva-beta3.md b/changelog/2.0.0_2022-06-22/update-reva-beta3.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-reva-beta3.md rename to changelog/2.0.0_2022-06-22/update-reva-beta3.md diff --git a/changelog/2.0.0_2022-06-08/update-reva.md b/changelog/2.0.0_2022-06-22/update-reva.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-reva.md rename to changelog/2.0.0_2022-06-22/update-reva.md diff --git a/changelog/2.0.0_2022-06-08/update-web-5.5.0-beta2.md b/changelog/2.0.0_2022-06-22/update-web-5.5.0-beta2.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-web-5.5.0-beta2.md rename to changelog/2.0.0_2022-06-22/update-web-5.5.0-beta2.md diff --git a/changelog/2.0.0_2022-06-08/update-web-5.5.0-beta3.md b/changelog/2.0.0_2022-06-22/update-web-5.5.0-beta3.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-web-5.5.0-beta3.md rename to changelog/2.0.0_2022-06-22/update-web-5.5.0-beta3.md diff --git a/changelog/2.0.0_2022-06-08/update-web-5.5.0.md b/changelog/2.0.0_2022-06-22/update-web-5.5.0.md similarity index 100% rename from changelog/2.0.0_2022-06-08/update-web-5.5.0.md rename to changelog/2.0.0_2022-06-22/update-web-5.5.0.md diff --git a/changelog/2.0.0_2022-06-22/update-web-5.7.0-rc.1-beta.4.md b/changelog/2.0.0_2022-06-22/update-web-5.7.0-rc.1-beta.4.md new file mode 100644 index 0000000000..a12483bf46 --- /dev/null +++ b/changelog/2.0.0_2022-06-22/update-web-5.7.0-rc.1-beta.4.md @@ -0,0 +1,32 @@ +Enhancement: Update ownCloud Web to v5.7.0-rc.1 + +Tags: web + +We updated ownCloud Web to v5.7.0-rc.1. Please refer to the changelog (linked) for details on the web release. + +* Enhancement [owncloud/web#7119](https://github.com/owncloud/web/pull/7119): Copy/Move conflict dialog +* Enhancement [owncloud/web#7122](https://github.com/owncloud/web/pull/7122): Enable Drag&Drop and keyboard shortcuts for all views +* Enhancement [owncloud/web#7053](https://github.com/owncloud/web/pull/7053): Personal space id in URL +* Enhancement [owncloud/web#6933](https://github.com/owncloud/web/pull/6933): Customize additional mimeTypes for preview app +* Enhancement [owncloud/web#7078](https://github.com/owncloud/web/pull/7078): Add Hotkeys to ResourceTable +* Enhancement [owncloud/web#7120](https://github.com/owncloud/web/pull/7120): Use tus chunksize from backend +* Enhancement [owncloud/web#6749](https://github.com/owncloud/web/pull/6749): Update ODS to v13.2.0-rc.1 +* Enhancement [owncloud/web#7111](https://github.com/owncloud/web/pull/7111): Upload data during creation +* Enhancement [owncloud/web#7109](https://github.com/owncloud/web/pull/7109): Clickable folder links in upload overlay +* Enhancement [owncloud/web#7123](https://github.com/owncloud/web/pull/7123): Indeterminate progress bar in upload overlay +* Enhancement [owncloud/web#7088](https://github.com/owncloud/web/pull/7088): Upload time estimation +* Enhancement [owncloud/web#7125](https://github.com/owncloud/web/pull/7125): Wording improvements +* Enhancement [owncloud/web#7140](https://github.com/owncloud/web/pull/7140): Separate direct and indirect link shares in sidebar +* Bugfix [owncloud/web#7156](https://github.com/owncloud/web/pull/7156): Folder link targets +* Bugfix [owncloud/web#7108](https://github.com/owncloud/web/pull/7108): Reload of an updated space-image and/or -readme +* Bugfix [owncloud/web#6846](https://github.com/owncloud/web/pull/6846): Upload meta data serialization +* Bugfix [owncloud/web#7100](https://github.com/owncloud/web/pull/7100): Complete-state of the upload overlay +* Bugfix [owncloud/web#7104](https://github.com/owncloud/web/pull/7104): Parent folder name on public links +* Bugfix [owncloud/web#7173](https://github.com/owncloud/web/pull/7173): Re-introduce dynamic app name in document title +* Bugfix [owncloud/web#7166](https://github.com/owncloud/web/pull/7166): External apps fixes + +https://github.com/owncloud/ocis/pull/4005 +https://github.com/owncloud/web/pull/7158 +https://github.com/owncloud/ocis/pull/3990 +https://github.com/owncloud/web/pull/6854 +https://github.com/owncloud/web/releases/tag/v5.7.0-rc.1 diff --git a/changelog/2.0.0_2022-06-08/urlencoding-graph-api.md b/changelog/2.0.0_2022-06-22/urlencoding-graph-api.md similarity index 100% rename from changelog/2.0.0_2022-06-08/urlencoding-graph-api.md rename to changelog/2.0.0_2022-06-22/urlencoding-graph-api.md diff --git a/changelog/2.0.0_2022-06-08/webdav-env-doc.md b/changelog/2.0.0_2022-06-22/webdav-env-doc.md similarity index 100% rename from changelog/2.0.0_2022-06-08/webdav-env-doc.md rename to changelog/2.0.0_2022-06-22/webdav-env-doc.md diff --git a/changelog/CHANGELOG.tmpl b/changelog/CHANGELOG.tmpl index 10a8fc3024..cf0df62429 100644 --- a/changelog/CHANGELOG.tmpl +++ b/changelog/CHANGELOG.tmpl @@ -3,7 +3,7 @@ {{ $version := .Version -}} {{/* ocis beta program */ -}} {{ if eq .Version "2.0.0" -}} -{{ $version = (printf "%v-%v" $version "beta.3") -}} +{{ $version = (printf "%v-%v" $version "beta.4") -}} {{ end -}} {{ if gt (len $allVersions) 1 -}} # Changelog for [{{ $version }}] ({{ .Date }}) diff --git a/changelog/unreleased/add-resharing-env.md b/changelog/unreleased/add-resharing-env.md new file mode 100644 index 0000000000..fc8cfd7c2f --- /dev/null +++ b/changelog/unreleased/add-resharing-env.md @@ -0,0 +1,6 @@ +Enhancement: add FRONTEND_ENABLE_RESHARING env variable + +We introduced resharing which was enabled by default, this is now configurable and can be enabled by setting the env `FRONTEND_ENABLE_RESHARING` to `true`. +By default resharing is now disabled. + +https://github.com/owncloud/ocis/pull/4023 diff --git a/changelog/unreleased/idp-default-files.md b/changelog/unreleased/idp-default-files.md new file mode 100644 index 0000000000..6d710126aa --- /dev/null +++ b/changelog/unreleased/idp-default-files.md @@ -0,0 +1,7 @@ +Enhancement: Generate signing key and encryption secret + +The idp service now automatically generates a signing key and encryption secret when they don't exist. +This will enable service restarts without invalidating existing sessions. + +https://github.com/owncloud/ocis/issues/3909 +https://github.com/owncloud/ocis/pull/4022 diff --git a/changelog/unreleased/update-reva-beta.4.md b/changelog/unreleased/update-reva-beta.4.md deleted file mode 100644 index d609a72898..0000000000 --- a/changelog/unreleased/update-reva-beta.4.md +++ /dev/null @@ -1,7 +0,0 @@ -Enhancement: Update reva - -TBD - -https://github.com/owncloud/ocis/pull/3944 -https://github.com/owncloud/ocis/pull/3975 -https://github.com/owncloud/ocis/pull/3982 diff --git a/changelog/unreleased/update-reva-beta.5.md b/changelog/unreleased/update-reva-beta.5.md new file mode 100644 index 0000000000..55e41aad6f --- /dev/null +++ b/changelog/unreleased/update-reva-beta.5.md @@ -0,0 +1,3 @@ +Enhancement: Update reva + +https://github.com/owncloud/ocis/pull/4025 \ No newline at end of file diff --git a/deployments/examples/ocis_keycloak/.env b/deployments/examples/ocis_keycloak/.env index 7c0b9b1e76..59b76c8d5d 100644 --- a/deployments/examples/ocis_keycloak/.env +++ b/deployments/examples/ocis_keycloak/.env @@ -23,16 +23,6 @@ OCIS_DOCKER_TAG= OCIS_DOMAIN= # owncloud Web openid connect client id. Defaults to "web" OCIS_OIDC_CLIENT_ID= -# IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp". -IDP_LDAP_BIND_PASSWORD= -# Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva". -STORAGE_LDAP_BIND_PASSWORD= -# JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" -OCIS_JWT_SECRET= -# JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" -STORAGE_TRANSFER_SECRET= -# Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" -OCIS_MACHINE_AUTH_API_KEY= ### Keycloak ### # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test" diff --git a/deployments/examples/ocis_keycloak/docker-compose.yml b/deployments/examples/ocis_keycloak/docker-compose.yml index 3a086b36de..d02ea46a32 100644 --- a/deployments/examples/ocis_keycloak/docker-compose.yml +++ b/deployments/examples/ocis_keycloak/docker-compose.yml @@ -63,14 +63,6 @@ services: OCIS_LOG_LEVEL: ${OCIS_LOG_LEVEL:-error} # make oCIS less verbose OCIS_LOG_COLOR: "${OCIS_LOG_COLOR:-false}" PROXY_TLS: "false" # do not use SSL between Traefik and oCIS - # demo users - IDM_CREATE_DEMO_USERS: "${DEMO_USERS:-false}" - # change default secrets - IDP_LDAP_BIND_PASSWORD: ${IDP_LDAP_BIND_PASSWORD:-idp} - STORAGE_LDAP_BIND_PASSWORD: ${STORAGE_LDAP_BIND_PASSWORD:-reva} - OCIS_JWT_SECRET: ${OCIS_JWT_SECRET:-Pive-Fumkiu4} - STORAGE_TRANSFER_SECRET: ${STORAGE_TRANSFER_SECRET:-replace-me-with-a-transfer-secret} - OCIS_MACHINE_AUTH_API_KEY: ${OCIS_MACHINE_AUTH_API_KEY:-change-me-please} # INSECURE: needed if oCIS / Traefik is using self generated certificates OCIS_INSECURE: "${INSECURE:-false}" volumes: diff --git a/deployments/examples/ocis_wopi/docker-compose.yml b/deployments/examples/ocis_wopi/docker-compose.yml index 8e9d58b219..45d0fcee6f 100644 --- a/deployments/examples/ocis_wopi/docker-compose.yml +++ b/deployments/examples/ocis_wopi/docker-compose.yml @@ -161,11 +161,11 @@ services: restart: always collabora: - image: collabora/code:6.4.11.3 + image: collabora/code:21.11.5.3.1 networks: ocis-net: environment: - domain: ${OCIS_DOMAIN:-ocis.owncloud.test} + aliasgroup1: https://${WOPISERVER_DOMAIN:-wopiserver.owncloud.test}:443 DONT_GEN_SSL_CERT: "YES" extra_params: --o:ssl.enable=false --o:ssl.termination=true --o:welcome.enable=false --o:net.frame_ancestors=${OCIS_DOMAIN:-ocis.owncloud.test} username: ${COLLABORA_ADMIN_USER} @@ -184,11 +184,12 @@ services: restart: always onlyoffice: - image: onlyoffice/documentserver:6.4.0 + image: onlyoffice/documentserver:7.1 networks: ocis-net: environment: - USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" # selfsigned certificates + WOPI_ENABLED: "true" + USE_UNAUTHORIZED_STORAGE: "${INSECURE:-false}" # self signed certificates labels: - "traefik.enable=true" - "traefik.http.routers.onlyoffice.entrypoints=https" diff --git a/docs/extensions/settings/tests.md b/docs/extensions/settings/tests.md index b07ae58739..5d7d243d9b 100644 --- a/docs/extensions/settings/tests.md +++ b/docs/extensions/settings/tests.md @@ -16,15 +16,6 @@ You need a working installation of [the Go programming language](https://golang. Make sure you've cloned the [web frontend repo](https://github.com/owncloud/web/) and the [infinite scale repo](https://github.com/owncloud/ocis/) next to each other. If your file/folder structure is different, you'll have to change the paths below accordingly. -{{< hint info >}} -For now, an IDP configuration file gets generated once and will fail upon changing the oCIS url as done below. To avoid any clashes, remove this file before starting the tests: - -```bash -rm ~/.ocis/idp/identifier-registration.yaml -``` - -{{< /hint >}} - ### In the web repo #### **Optional:** Build web to test local changes diff --git a/docs/ocis/deployment/basic-remote-setup.md b/docs/ocis/deployment/basic-remote-setup.md index 461cb5b4b5..47734c8d2c 100644 --- a/docs/ocis/deployment/basic-remote-setup.md +++ b/docs/ocis/deployment/basic-remote-setup.md @@ -19,12 +19,6 @@ Initialize the oCIS configuration by running `./bin/ocis init`. Upon first start of the oCIS fullstack server with `./bin/ocis server` it will generate a directory tree skeleton in `$HOME/.ocis`. If that is already existing it will not be overwritten as it contains all relevant data for oCIS. -In `$HOME/.ocis/idp` is a file `identifier-registration.yaml`. It is used to configure the built-in identity provider and therefore contains the OpenID Connect issuer and also information about relying parties, for example ownCloud Web and our desktop and mobile applications. - -{{< hint warning >}} -The `identifier-registration.yaml` file will only be generated if it does not exist yet. If you want to change certain environment variables like `OCIS_URL`, please delete this file first before doing so. Otherwise your changes will not be applied correctly and you will run into errors. -{{< /hint >}} - For the following examples you need to have the oCIS binary in your current working directory, we assume it is named `ocis` and it needs to be marked as executable. See [Getting Started]({{< ref "../getting-started/#binaries" >}}) for where to get the binary from. ### Using automatically generated certificates diff --git a/docs/ocis/deployment/bridge.md b/docs/ocis/deployment/bridge.md index 44f8c44522..bdc8c26070 100644 --- a/docs/ocis/deployment/bridge.md +++ b/docs/ocis/deployment/bridge.md @@ -204,15 +204,6 @@ export IDP_LDAP_NAME_ATTRIBUTE=givenName ``` Don't forget to use an existing user with admin permissions (only admins are allowed to list all users via the graph api) and the correct password. -{{< hint warning >}} -* TODO: change the default values in glauth & ocis to use an `ownclouduuid` attribute. -* TODO: split `OCIS_URL` and `IDP_ISS` env vars and use `OCIS_URL` to generate the clients in the `identifier-registration.yaml`. -{{< /hint >}} - -### Configure clients - -When the `identifier-registration.yaml` does not exist it will be generated based on the `OCIS_URL` environment variable. - #### Run it! You can now bring up `ocis/bin/ocis idp` with: @@ -276,7 +267,7 @@ $ bin/web server --web-config-server https://cloud.example.com --oidc-authority - `--web-config-server https://cloud.example.com` is ownCloud url with webdav and ocs endpoints (oc10 or ocis) - `--oidc-authority https://192.168.1.100:9130` the openid connect issuing authority, in our case `oidc-idp`, running on port 9130 - `--oidc-metadata-url https://192.168.1.100:9130/.well-known/openid-configuration` the openid connect configuration endpoint, typically the issuer host with `.well-known/openid-configuration`, but there are cases when another endpoint is used, e.g. ping identity provides multiple endpoints to separate domains -- `--oidc-client-id ocis` the client id we will register later with `ocis-idp` in the `identifier-registration.yaml` +- `--oidc-client-id ocis` the client id we will register later with `ocis-idp` in idp OIDC client settings ### Patch owncloud @@ -324,4 +315,4 @@ In the above configuration replace Aside from the above todos these are the next steps - tie it all together behind `ocis-proxy` -- create an `ocis bridge` command that runs all the ocis services in one step with a properly preconfigured `ocis-idp` `identifier-registration.yaml` file for `ownCloud Web` and the owncloud 10 `openidconnect` app, as well as a randomized `--signing-kid`. +- create an `ocis bridge` command that runs all the ocis services in one step with a properly preconfigured idp OIDC client `ocis-idp` for `ownCloud Web` and the owncloud 10 `openidconnect` app, as well as a randomized `--signing-kid`. diff --git a/docs/ocis/deployment/ocis_keycloak.md b/docs/ocis/deployment/ocis_keycloak.md index a53a10da4e..cbeb4934bc 100644 --- a/docs/ocis/deployment/ocis_keycloak.md +++ b/docs/ocis/deployment/ocis_keycloak.md @@ -72,16 +72,6 @@ See also [example server setup]({{< ref "preparing_server" >}}) OCIS_DOMAIN= # ownCloud Web openid connect client id. Defaults to "ocis-web" OCIS_OIDC_CLIENT_ID= - # IDP LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "idp". - IDP_LDAP_BIND_PASSWORD= - # Storage LDAP bind password. Must be changed in order to have a secure oCIS. Defaults to "reva". - STORAGE_LDAP_BIND_PASSWORD= - # JWT secret which is used for the storage provider. Must be changed in order to have a secure oCIS. Defaults to "Pive-Fumkiu4" - OCIS_JWT_SECRET= - # JWT secret which is used for uploads to create transfer tokens. Must be changed in order to have a secure oCIS. Defaults to "replace-me-with-a-transfer-secret" - STORAGE_TRANSFER_SECRET= - # Machine auth api key secret. Must be changed in order to have a secure oCIS. Defaults to "change-me-please" - OCIS_MACHINE_AUTH_API_KEY= ### Keycloak ### # Domain of Keycloak, where you can find the management and authentication frontend. Defaults to "keycloak.owncloud.test" diff --git a/extensions/audit/pkg/service/service_test.go b/extensions/audit/pkg/service/service_test.go index 5de097bedf..ae64f43a2c 100644 --- a/extensions/audit/pkg/service/service_test.go +++ b/extensions/audit/pkg/service/service_test.go @@ -162,6 +162,7 @@ var testCases = []struct { }, { Alias: "LinkRemoved - id", SystemEvent: events.LinkRemoved{ + Executant: userID("sharing-userid"), ShareID: linkID("shareid"), ShareToken: "", }, @@ -170,9 +171,9 @@ var testCases = []struct { require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "public link id:'shareid' was removed", "file_unshared") + checkBaseAuditEvent(t, ev.AuditEvent, "sharing-userid", "", "user 'sharing-userid' removed public link with id:'shareid'", "file_unshared") // AuditEventSharing fields - checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "shareid") + checkSharingAuditEvent(t, ev.AuditEventSharing, "", "sharing-userid", "shareid") // AuditEventShareUpdated fields require.Equal(t, "", ev.ItemType) // not implemented atm require.Equal(t, "link", ev.ShareType) @@ -181,6 +182,7 @@ var testCases = []struct { }, { Alias: "LinkRemoved - token", SystemEvent: events.LinkRemoved{ + Executant: userID("sharing-userid"), ShareID: nil, ShareToken: "token-123", }, @@ -189,9 +191,9 @@ var testCases = []struct { require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "public link id:'token-123' was removed", "file_unshared") + checkBaseAuditEvent(t, ev.AuditEvent, "sharing-userid", "", "user 'sharing-userid' removed public link with id:'token-123'", "file_unshared") // AuditEventSharing fields - checkSharingAuditEvent(t, ev.AuditEventSharing, "", "", "token-123") + checkSharingAuditEvent(t, ev.AuditEventSharing, "", "sharing-userid", "token-123") // AuditEventShareUpdated fields require.Equal(t, "", ev.ItemType) // not implemented atm require.Equal(t, "link", ev.ShareType) @@ -297,51 +299,55 @@ var testCases = []struct { }, { Alias: "File created", SystemEvent: events.FileUploaded{ - Ref: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Executant: userID("uid-123"), + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileCreated{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was created", "file_create") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' created file 'sto-123!iid-123/item'", "file_create") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") }, }, { Alias: "File read", SystemEvent: events.FileDownloaded{ - Ref: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Executant: userID("uid-123"), + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileRead{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was read", "file_read") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' read file 'sto-123!iid-123/item'", "file_read") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") }, }, { Alias: "File trashed", SystemEvent: events.ItemTrashed{ - Ref: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Executant: userID("uid-123"), + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileDeleted{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was trashed", "file_delete") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' trashed file 'sto-123!iid-123/item'", "file_delete") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") }, }, { Alias: "File renamed", SystemEvent: events.ItemMoved{ + Executant: userID("uid-123"), Ref: reference("sto-123", "iid-123", "./item"), OldReference: reference("sto-123", "iid-123", "./anotheritem"), Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva @@ -351,7 +357,7 @@ var testCases = []struct { require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was moved from './anotheritem' to './item'", "file_rename") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' moved file 'sto-123!iid-123/item' from './anotheritem' to './item'", "file_rename") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") // AuditEventFileRenamed fields @@ -361,21 +367,23 @@ var testCases = []struct { }, { Alias: "File purged", SystemEvent: events.ItemPurged{ - Ref: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Executant: userID("uid-123"), + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFilePurged{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was removed from trashbin", "file_trash_delete") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' removed file 'sto-123!iid-123/item' from trashbin", "file_trash_delete") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") }, }, { Alias: "File restored", SystemEvent: events.ItemRestored{ + Executant: userID("uid-123"), Ref: reference("sto-123", "iid-123", "./item"), Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva OldReference: reference("sto-123", "sto-123!iid-123/item", "./oldpath"), @@ -386,7 +394,7 @@ var testCases = []struct { require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was restored from trashbin to './item'", "file_trash_restore") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' restored file 'sto-123!iid-123/item' from trashbin to './item'", "file_trash_restore") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") // AuditEventFileRestored fields @@ -396,16 +404,17 @@ var testCases = []struct { }, { Alias: "File version restored", SystemEvent: events.FileVersionRestored{ - Ref: reference("sto-123", "iid-123", "./item"), - Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva - Key: "v1", + Executant: userID("uid-123"), + Ref: reference("sto-123", "iid-123", "./item"), + Owner: userID("uid-123"), // NOTE: owner not yet implemented in reva + Key: "v1", }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventFileVersionRestored{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "File 'sto-123!iid-123/item' was restored in version 'v1'", "file_version_restore") + checkBaseAuditEvent(t, ev.AuditEvent, "uid-123", "", "user 'uid-123' restored file 'sto-123!iid-123/item' in version 'v1'", "file_version_restore") // AuditEventSharing fields checkFilesAuditEvent(t, ev.AuditEventFiles, "sto-123!iid-123/item", "uid-123", "./item") // AuditEventFileRestored fields @@ -415,20 +424,21 @@ var testCases = []struct { }, { Alias: "Space created", SystemEvent: events.SpaceCreated{ - ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, - Owner: userID("uid-123"), - Root: resourceID("sto-123", "iid-123"), - Name: "test-space", - Type: "project", - Quota: nil, // Quota not interesting atm - MTime: timestamp(10e9), + Executant: userID("uid-123"), + ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, + Owner: userID("uid-123"), + Root: resourceID("sto-123", "iid-123"), + Name: "test-space", + Type: "project", + Quota: nil, // Quota not interesting atm + MTime: timestamp(10e9), }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventSpaceCreated{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "2286-11-20T17:46:40Z", "Space 'space-123' with name 'test-space' was created", "space_created") + checkBaseAuditEvent(t, ev.AuditEvent, "", "2286-11-20T17:46:40Z", "user 'uid-123' created a space 'space-123' with name 'test-space'", "space_created") // AuditEventSpaces fields checkSpacesAuditEvent(t, ev.AuditEventSpaces, "space-123") // AuditEventFileRestored fields @@ -440,16 +450,17 @@ var testCases = []struct { }, { Alias: "Space renamed", SystemEvent: events.SpaceRenamed{ - ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, - Owner: userID("uid-123"), - Name: "new-name", + Executant: userID("uid-123"), + ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, + Owner: userID("uid-123"), + Name: "new-name", }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventSpaceRenamed{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "Space 'space-123' was renamed to 'new-name'", "space_renamed") + checkBaseAuditEvent(t, ev.AuditEvent, "", "", "user 'uid-123' renamed space 'space-123' to 'new-name'", "space_renamed") // AuditEventSpaces fields checkSpacesAuditEvent(t, ev.AuditEventSpaces, "space-123") // AuditEventSpaceRenamed fields @@ -458,42 +469,45 @@ var testCases = []struct { }, { Alias: "Space disabled", SystemEvent: events.SpaceDisabled{ - ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, + Executant: userID("uid-123"), + ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventSpaceDisabled{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "Space 'space-123' was disabled", "space_disabled") + checkBaseAuditEvent(t, ev.AuditEvent, "", "", "user 'uid-123' disabled the space 'space-123'", "space_disabled") // AuditEventSpaces fields checkSpacesAuditEvent(t, ev.AuditEventSpaces, "space-123") }, }, { Alias: "Space enabled", SystemEvent: events.SpaceEnabled{ - ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, + Executant: userID("uid-123"), + ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventSpaceEnabled{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "Space 'space-123' was (re-) enabled", "space_enabled") + checkBaseAuditEvent(t, ev.AuditEvent, "", "", "user 'uid-123' (re-) enabled the space 'space-123'", "space_enabled") // AuditEventSpaces fields checkSpacesAuditEvent(t, ev.AuditEventSpaces, "space-123") }, }, { Alias: "Space deleted", SystemEvent: events.SpaceDeleted{ - ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, + Executant: userID("uid-123"), + ID: &provider.StorageSpaceId{OpaqueId: "space-123"}, }, CheckAuditEvent: func(t *testing.T, b []byte) { ev := types.AuditEventSpaceDeleted{} require.NoError(t, json.Unmarshal(b, &ev)) // AuditEvent fields - checkBaseAuditEvent(t, ev.AuditEvent, "", "", "Space 'space-123' was deleted", "space_deleted") + checkBaseAuditEvent(t, ev.AuditEvent, "", "", "user 'uid-123' deleted the space 'space-123'", "space_deleted") // AuditEventSpaces fields checkSpacesAuditEvent(t, ev.AuditEventSpaces, "space-123") }, diff --git a/extensions/audit/pkg/types/constants.go b/extensions/audit/pkg/types/constants.go index 69423d57db..29d9197242 100644 --- a/extensions/audit/pkg/types/constants.go +++ b/extensions/audit/pkg/types/constants.go @@ -75,8 +75,8 @@ func MessageShareRemoved(sharer, shareid, itemid string) string { } // MessageLinkRemoved returns the human readable string that describes the action -func MessageLinkRemoved(shareid string) string { - return fmt.Sprintf("public link id:'%s' was removed", shareid) +func MessageLinkRemoved(executant, shareid string) string { + return fmt.Sprintf("user '%s' removed public link with id:'%s'", executant, shareid) } // MessageShareAccepted returns the human readable string that describes the action @@ -95,87 +95,89 @@ func MessageLinkAccessed(linkid string, success bool) string { } // MessageContainerCreated returns the human readable string that describes the action -func MessageContainerCreated(item string) string { - return fmt.Sprintf("Folder '%s' was created", item) +func MessageContainerCreated(executant, item string) string { + return fmt.Sprintf("user '%s' created folder '%s'", executant, item) } // MessageFileCreated returns the human readable string that describes the action -func MessageFileCreated(item string) string { - return fmt.Sprintf("File '%s' was created", item) +func MessageFileCreated(executant, item string) string { + return fmt.Sprintf("user '%s' created file '%s'", executant, item) } // MessageFileRead returns the human readable string that describes the action -func MessageFileRead(item string) string { - return fmt.Sprintf("File '%s' was read", item) +func MessageFileRead(executant, item string) string { + return fmt.Sprintf("user '%s' read file '%s'", executant, item) } // MessageFileTrashed returns the human readable string that describes the action -func MessageFileTrashed(item string) string { - return fmt.Sprintf("File '%s' was trashed", item) +func MessageFileTrashed(executant, item string) string { + return fmt.Sprintf("user '%s' trashed file '%s'", executant, item) } // MessageFileRenamed returns the human readable string that describes the action -func MessageFileRenamed(item, oldpath, newpath string) string { - return fmt.Sprintf("File '%s' was moved from '%s' to '%s'", item, oldpath, newpath) +func MessageFileRenamed(executant, item, oldpath, newpath string) string { + return fmt.Sprintf("user '%s' moved file '%s' from '%s' to '%s'", executant, item, oldpath, newpath) } // MessageFilePurged returns the human readable string that describes the action -func MessageFilePurged(item string) string { - return fmt.Sprintf("File '%s' was removed from trashbin", item) +func MessageFilePurged(executant, item string) string { + return fmt.Sprintf("user '%s' removed file '%s' from trashbin", executant, item) } // MessageFileRestored returns the human readable string that describes the action -func MessageFileRestored(item, path string) string { - return fmt.Sprintf("File '%s' was restored from trashbin to '%s'", item, path) +func MessageFileRestored(executant, item, path string) string { + return fmt.Sprintf("user '%s' restored file '%s' from trashbin to '%s'", executant, item, path) } // MessageFileVersionRestored returns the human readable string that describes the action -func MessageFileVersionRestored(item string, version string) string { - return fmt.Sprintf("File '%s' was restored in version '%s'", item, version) +func MessageFileVersionRestored(executant, item, version string) string { + return fmt.Sprintf("user '%s' restored file '%s' in version '%s'", executant, item, version) } // MessageSpaceCreated returns the human readable string that describes the action -func MessageSpaceCreated(spaceID string, name string) string { - return fmt.Sprintf("Space '%s' with name '%s' was created", spaceID, name) +func MessageSpaceCreated(executant, spaceID, name string) string { + return fmt.Sprintf("user '%s' created a space '%s' with name '%s'", executant, spaceID, name) } // MessageSpaceRenamed returns the human readable string that describes the action -func MessageSpaceRenamed(spaceID string, name string) string { - return fmt.Sprintf("Space '%s' was renamed to '%s'", spaceID, name) +func MessageSpaceRenamed(executant, spaceID, name string) string { + return fmt.Sprintf("user '%s' renamed space '%s' to '%s'", executant, spaceID, name) } // MessageSpaceDisabled returns the human readable string that describes the action -func MessageSpaceDisabled(spaceID string) string { - return fmt.Sprintf("Space '%s' was disabled", spaceID) +func MessageSpaceDisabled(executant, spaceID string) string { + return fmt.Sprintf("user '%s' disabled the space '%s'", executant, spaceID) } // MessageSpaceEnabled returns the human readable string that describes the action -func MessageSpaceEnabled(spaceID string) string { - return fmt.Sprintf("Space '%s' was (re-) enabled", spaceID) +func MessageSpaceEnabled(executant, spaceID string) string { + return fmt.Sprintf("user '%s' (re-) enabled the space '%s'", executant, spaceID) } // MessageSpaceDeleted returns the human readable string that describes the action -func MessageSpaceDeleted(spaceID string) string { - return fmt.Sprintf("Space '%s' was deleted", spaceID) +func MessageSpaceDeleted(executant, spaceID string) string { + return fmt.Sprintf("user '%s' deleted the space '%s'", executant, spaceID) } // MessageUserCreated returns the human readable string that describes the action -func MessageUserCreated(userID string) string { - return fmt.Sprintf("User '%s' was created", userID) +func MessageUserCreated(executant, userID string) string { + return fmt.Sprintf("user '%s' created the user '%s'", executant, userID) } // MessageUserDeleted returns the human readable string that describes the action -func MessageUserDeleted(userID string) string { - return fmt.Sprintf("User '%s' was deleted", userID) +func MessageUserDeleted(executant, userID string) string { + return fmt.Sprintf("user '%s' deleted the user '%s'", executant, userID) } // MessageUserFeatureChanged returns the human readable string that describes the action -func MessageUserFeatureChanged(userID string, features []events.UserFeature) string { - // Result is: "User %username%'s feature changed: %featurename%=%featurevalue% %featurename%=%featurevalue%" +func MessageUserFeatureChanged(executant, userID string, features []events.UserFeature) string { + // Result is: "user '%executant%' changed user %username%'s features: %featurename%=%featurevalue% %featurename%=%featurevalue%" var sb strings.Builder - sb.WriteString("User ") + sb.WriteString("user '") + sb.WriteString(executant) + sb.WriteString("' changed user ") sb.WriteString(userID) - sb.WriteString("'s feature changed: ") + sb.WriteString("'s features:") for _, f := range features { sb.WriteString(f.Name) sb.WriteRune('=') @@ -186,21 +188,21 @@ func MessageUserFeatureChanged(userID string, features []events.UserFeature) str } // MessageGroupCreated returns the human readable string that describes the action -func MessageGroupCreated(groupID string) string { - return fmt.Sprintf("Group '%s' was created", groupID) +func MessageGroupCreated(executant, groupID string) string { + return fmt.Sprintf("user '%s' created group '%s'", executant, groupID) } // MessageGroupDeleted returns the human readable string that describes the action -func MessageGroupDeleted(groupID string) string { - return fmt.Sprintf("Group '%s' was deleted", groupID) +func MessageGroupDeleted(executant, groupID string) string { + return fmt.Sprintf("user '%s' deleted group '%s'", executant, groupID) } // MessageGroupMemberAdded returns the human readable string that describes the action -func MessageGroupMemberAdded(userID, groupID string) string { - return fmt.Sprintf("User '%s' was added to group '%s'", userID, groupID) +func MessageGroupMemberAdded(executant, userID, groupID string) string { + return fmt.Sprintf("user '%s' added user '%s' was added to group '%s'", executant, userID, groupID) } // MessageGroupMemberRemoved returns the human readable string that describes the action -func MessageGroupMemberRemoved(userID, groupID string) string { - return fmt.Sprintf("User '%s' was removed from group '%s'", userID, groupID) +func MessageGroupMemberRemoved(executant, userID, groupID string) string { + return fmt.Sprintf("user '%s' added user '%s' was removed from group '%s'", executant, userID, groupID) } diff --git a/extensions/audit/pkg/types/conversion.go b/extensions/audit/pkg/types/conversion.go index 3cbfeaa329..14cea5a015 100644 --- a/extensions/audit/pkg/types/conversion.go +++ b/extensions/audit/pkg/types/conversion.go @@ -48,12 +48,12 @@ func SharingAuditEvent(shareid string, fileid string, uid string, base AuditEven // ShareCreated converts a ShareCreated Event to an AuditEventShareCreated func ShareCreated(ev events.ShareCreated) AuditEventShareCreated { uid := ev.Sharer.OpaqueId - with, typ := extractGrantee(ev.GranteeUserID, ev.GranteeGroupID) - base := BasicAuditEvent(uid, formatTime(ev.CTime), MessageShareCreated(uid, ev.ItemID.OpaqueId, with), ActionShareCreated) + grantee, typ := extractGrantee(ev.GranteeUserID, ev.GranteeGroupID) + base := BasicAuditEvent(uid, formatTime(ev.CTime), MessageShareCreated(uid, ev.ItemID.OpaqueId, grantee), ActionShareCreated) return AuditEventShareCreated{ AuditEventSharing: SharingAuditEvent("", ev.ItemID.OpaqueId, uid, base), ShareOwner: uid, - ShareWith: with, + ShareWith: grantee, ShareType: typ, // NOTE: those values are not in the event and can therefore not be filled at the moment @@ -150,14 +150,14 @@ func ShareRemoved(ev events.ShareRemoved) AuditEventShareRemoved { // LinkRemoved converts a LinkRemoved event to an AuditEventShareRemoved func LinkRemoved(ev events.LinkRemoved) AuditEventShareRemoved { - uid, sid, typ := "", "", "link" + uid, sid, typ := ev.Executant.GetOpaqueId(), "", "link" if ev.ShareID != nil { sid = ev.ShareID.GetOpaqueId() } else { sid = ev.ShareToken } - base := BasicAuditEvent(uid, "", MessageLinkRemoved(sid), ActionShareRemoved) + base := BasicAuditEvent(uid, "", MessageLinkRemoved(uid, sid), ActionShareRemoved) return AuditEventShareRemoved{ AuditEventSharing: SharingAuditEvent(sid, "", uid, base), ShareWith: "", @@ -234,8 +234,8 @@ func FilesAuditEvent(base AuditEvent, itemid, owner, path string) AuditEventFile // ContainerCreated converts a ContainerCreated event to an AuditEventContainerCreated func ContainerCreated(ev events.ContainerCreated) AuditEventContainerCreated { - iid, path, uid := extractFileDetails(ev.Ref, ev.Executant) - base := BasicAuditEvent(uid, "", MessageContainerCreated(iid), ActionContainerCreated) + iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) + base := BasicAuditEvent(uid, "", MessageContainerCreated(ev.Executant.GetOpaqueId(), iid), ActionContainerCreated) return AuditEventContainerCreated{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), } @@ -244,7 +244,7 @@ func ContainerCreated(ev events.ContainerCreated) AuditEventContainerCreated { // FileUploaded converts a FileUploaded event to an AuditEventFileCreated func FileUploaded(ev events.FileUploaded) AuditEventFileCreated { iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) - base := BasicAuditEvent(uid, "", MessageFileCreated(iid), ActionFileCreated) + base := BasicAuditEvent(uid, "", MessageFileCreated(ev.Executant.GetOpaqueId(), iid), ActionFileCreated) return AuditEventFileCreated{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), } @@ -253,7 +253,7 @@ func FileUploaded(ev events.FileUploaded) AuditEventFileCreated { // FileDownloaded converts a FileDownloaded event to an AuditEventFileRead func FileDownloaded(ev events.FileDownloaded) AuditEventFileRead { iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) - base := BasicAuditEvent(uid, "", MessageFileRead(iid), ActionFileRead) + base := BasicAuditEvent(uid, "", MessageFileRead(ev.Executant.GetOpaqueId(), iid), ActionFileRead) return AuditEventFileRead{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), } @@ -268,7 +268,7 @@ func ItemMoved(ev events.ItemMoved) AuditEventFileRenamed { oldpath = ev.OldReference.GetPath() } - base := BasicAuditEvent(uid, "", MessageFileRenamed(iid, oldpath, path), ActionFileRenamed) + base := BasicAuditEvent(uid, "", MessageFileRenamed(ev.Executant.GetOpaqueId(), iid, oldpath, path), ActionFileRenamed) return AuditEventFileRenamed{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), OldPath: oldpath, @@ -278,7 +278,7 @@ func ItemMoved(ev events.ItemMoved) AuditEventFileRenamed { // ItemTrashed converts a ItemTrashed event to an AuditEventFileDeleted func ItemTrashed(ev events.ItemTrashed) AuditEventFileDeleted { iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) - base := BasicAuditEvent(uid, "", MessageFileTrashed(iid), ActionFileTrashed) + base := BasicAuditEvent(uid, "", MessageFileTrashed(ev.Executant.GetOpaqueId(), iid), ActionFileTrashed) return AuditEventFileDeleted{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), } @@ -287,7 +287,7 @@ func ItemTrashed(ev events.ItemTrashed) AuditEventFileDeleted { // ItemPurged converts a ItemPurged event to an AuditEventFilePurged func ItemPurged(ev events.ItemPurged) AuditEventFilePurged { iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) - base := BasicAuditEvent(uid, "", MessageFilePurged(iid), ActionFilePurged) + base := BasicAuditEvent(uid, "", MessageFilePurged(ev.Executant.GetOpaqueId(), iid), ActionFilePurged) return AuditEventFilePurged{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), } @@ -302,7 +302,7 @@ func ItemRestored(ev events.ItemRestored) AuditEventFileRestored { oldpath = ev.OldReference.GetPath() } - base := BasicAuditEvent(uid, "", MessageFileRestored(iid, path), ActionFileRestored) + base := BasicAuditEvent(uid, "", MessageFileRestored(ev.Executant.GetOpaqueId(), iid, path), ActionFileRestored) return AuditEventFileRestored{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), OldPath: oldpath, @@ -312,7 +312,7 @@ func ItemRestored(ev events.ItemRestored) AuditEventFileRestored { // FileVersionRestored converts a FileVersionRestored event to an AuditEventFileVersionRestored func FileVersionRestored(ev events.FileVersionRestored) AuditEventFileVersionRestored { iid, path, uid := extractFileDetails(ev.Ref, ev.Owner) - base := BasicAuditEvent(uid, "", MessageFileVersionRestored(iid, ev.Key), ActionFileVersionRestored) + base := BasicAuditEvent(uid, "", MessageFileVersionRestored(ev.Executant.GetOpaqueId(), iid, ev.Key), ActionFileVersionRestored) return AuditEventFileVersionRestored{ AuditEventFiles: FilesAuditEvent(base, iid, uid, path), Key: ev.Key, @@ -331,7 +331,7 @@ func SpacesAuditEvent(base AuditEvent, spaceID string) AuditEventSpaces { func SpaceCreated(ev events.SpaceCreated) AuditEventSpaceCreated { sid := ev.ID.GetOpaqueId() iid, _, owner := extractFileDetails(&provider.Reference{ResourceId: ev.Root}, ev.Owner) - base := BasicAuditEvent("", formatTime(ev.MTime), MessageSpaceCreated(sid, ev.Name), ActionSpaceCreated) + base := BasicAuditEvent("", formatTime(ev.MTime), MessageSpaceCreated(ev.Executant.GetOpaqueId(), sid, ev.Name), ActionSpaceCreated) return AuditEventSpaceCreated{ AuditEventSpaces: SpacesAuditEvent(base, sid), Owner: owner, @@ -344,7 +344,7 @@ func SpaceCreated(ev events.SpaceCreated) AuditEventSpaceCreated { // SpaceRenamed converts a SpaceRenamed event to an AuditEventSpaceRenamed func SpaceRenamed(ev events.SpaceRenamed) AuditEventSpaceRenamed { sid := ev.ID.GetOpaqueId() - base := BasicAuditEvent("", "", MessageSpaceRenamed(sid, ev.Name), ActionSpaceRenamed) + base := BasicAuditEvent("", "", MessageSpaceRenamed(ev.Executant.GetOpaqueId(), sid, ev.Name), ActionSpaceRenamed) return AuditEventSpaceRenamed{ AuditEventSpaces: SpacesAuditEvent(base, sid), NewName: ev.Name, @@ -354,7 +354,7 @@ func SpaceRenamed(ev events.SpaceRenamed) AuditEventSpaceRenamed { // SpaceDisabled converts a SpaceDisabled event to an AuditEventSpaceDisabled func SpaceDisabled(ev events.SpaceDisabled) AuditEventSpaceDisabled { sid := ev.ID.GetOpaqueId() - base := BasicAuditEvent("", "", MessageSpaceDisabled(sid), ActionSpaceDisabled) + base := BasicAuditEvent("", "", MessageSpaceDisabled(ev.Executant.GetOpaqueId(), sid), ActionSpaceDisabled) return AuditEventSpaceDisabled{ AuditEventSpaces: SpacesAuditEvent(base, sid), } @@ -363,7 +363,7 @@ func SpaceDisabled(ev events.SpaceDisabled) AuditEventSpaceDisabled { // SpaceEnabled converts a SpaceEnabled event to an AuditEventSpaceEnabled func SpaceEnabled(ev events.SpaceEnabled) AuditEventSpaceEnabled { sid := ev.ID.GetOpaqueId() - base := BasicAuditEvent("", "", MessageSpaceEnabled(sid), ActionSpaceEnabled) + base := BasicAuditEvent("", "", MessageSpaceEnabled(ev.Executant.GetOpaqueId(), sid), ActionSpaceEnabled) return AuditEventSpaceEnabled{ AuditEventSpaces: SpacesAuditEvent(base, sid), } @@ -372,7 +372,7 @@ func SpaceEnabled(ev events.SpaceEnabled) AuditEventSpaceEnabled { // SpaceDeleted converts a SpaceDeleted event to an AuditEventSpaceDeleted func SpaceDeleted(ev events.SpaceDeleted) AuditEventSpaceDeleted { sid := ev.ID.GetOpaqueId() - base := BasicAuditEvent("", "", MessageSpaceDeleted(sid), ActionSpaceDeleted) + base := BasicAuditEvent("", "", MessageSpaceDeleted(ev.Executant.GetOpaqueId(), sid), ActionSpaceDeleted) return AuditEventSpaceDeleted{ AuditEventSpaces: SpacesAuditEvent(base, sid), } @@ -380,7 +380,7 @@ func SpaceDeleted(ev events.SpaceDeleted) AuditEventSpaceDeleted { // UserCreated converts a UserCreated event to an AuditEventUserCreated func UserCreated(ev events.UserCreated) AuditEventUserCreated { - base := BasicAuditEvent("", "", MessageUserCreated(ev.UserID), ActionUserCreated) + base := BasicAuditEvent("", "", MessageUserCreated(ev.Executant.GetOpaqueId(), ev.UserID), ActionUserCreated) return AuditEventUserCreated{ AuditEvent: base, UserID: ev.UserID, @@ -389,7 +389,7 @@ func UserCreated(ev events.UserCreated) AuditEventUserCreated { // UserDeleted converts a UserDeleted event to an AuditEventUserDeleted func UserDeleted(ev events.UserDeleted) AuditEventUserDeleted { - base := BasicAuditEvent("", "", MessageUserDeleted(ev.UserID), ActionUserDeleted) + base := BasicAuditEvent("", "", MessageUserDeleted(ev.Executant.GetOpaqueId(), ev.UserID), ActionUserDeleted) return AuditEventUserDeleted{ AuditEvent: base, UserID: ev.UserID, @@ -398,7 +398,7 @@ func UserDeleted(ev events.UserDeleted) AuditEventUserDeleted { // UserFeatureChanged converts a UserFeatureChanged event to an AuditEventUserFeatureChanged func UserFeatureChanged(ev events.UserFeatureChanged) AuditEventUserFeatureChanged { - msg := MessageUserFeatureChanged(ev.UserID, ev.Features) + msg := MessageUserFeatureChanged(ev.Executant.GetOpaqueId(), ev.UserID, ev.Features) base := BasicAuditEvent("", "", msg, ActionUserFeatureChanged) return AuditEventUserFeatureChanged{ AuditEvent: base, @@ -409,7 +409,7 @@ func UserFeatureChanged(ev events.UserFeatureChanged) AuditEventUserFeatureChang // GroupCreated converts a GroupCreated event to an AuditEventGroupCreated func GroupCreated(ev events.GroupCreated) AuditEventGroupCreated { - base := BasicAuditEvent("", "", MessageGroupCreated(ev.GroupID), ActionGroupCreated) + base := BasicAuditEvent("", "", MessageGroupCreated(ev.Executant.GetOpaqueId(), ev.GroupID), ActionGroupCreated) return AuditEventGroupCreated{ AuditEvent: base, GroupID: ev.GroupID, @@ -418,7 +418,7 @@ func GroupCreated(ev events.GroupCreated) AuditEventGroupCreated { // GroupDeleted converts a GroupDeleted event to an AuditEventGroupDeleted func GroupDeleted(ev events.GroupDeleted) AuditEventGroupDeleted { - base := BasicAuditEvent("", "", MessageGroupDeleted(ev.GroupID), ActionGroupDeleted) + base := BasicAuditEvent("", "", MessageGroupDeleted(ev.Executant.GetOpaqueId(), ev.GroupID), ActionGroupDeleted) return AuditEventGroupDeleted{ AuditEvent: base, GroupID: ev.GroupID, @@ -427,7 +427,7 @@ func GroupDeleted(ev events.GroupDeleted) AuditEventGroupDeleted { // GroupMemberAdded converts a GroupMemberAdded event to an AuditEventGroupMemberAdded func GroupMemberAdded(ev events.GroupMemberAdded) AuditEventGroupMemberAdded { - msg := MessageGroupMemberAdded(ev.GroupID, ev.UserID) + msg := MessageGroupMemberAdded(ev.Executant.GetOpaqueId(), ev.GroupID, ev.UserID) base := BasicAuditEvent("", "", msg, ActionGroupMemberAdded) return AuditEventGroupMemberAdded{ AuditEvent: base, @@ -438,7 +438,7 @@ func GroupMemberAdded(ev events.GroupMemberAdded) AuditEventGroupMemberAdded { // GroupMemberRemoved converts a GroupMemberRemoved event to an AuditEventGroupMemberRemove func GroupMemberRemoved(ev events.GroupMemberRemoved) AuditEventGroupMemberRemoved { - msg := MessageGroupMemberRemoved(ev.GroupID, ev.UserID) + msg := MessageGroupMemberRemoved(ev.Executant.GetOpaqueId(), ev.GroupID, ev.UserID) base := BasicAuditEvent("", "", msg, ActionGroupMemberRemoved) return AuditEventGroupMemberRemoved{ AuditEvent: base, @@ -480,18 +480,18 @@ func formatTime(t *types.Timestamp) string { } func updateType(u string) string { - switch { - case u == "permissions": + switch u { + case "permissions": return ActionSharePermissionUpdated - case u == "displayname": + case "displayname": return ActionShareDisplayNameUpdated - case u == "TYPE_PERMISSIONS": + case "TYPE_PERMISSIONS": return ActionSharePermissionUpdated - case u == "TYPE_DISPLAYNAME": + case "TYPE_DISPLAYNAME": return ActionShareDisplayNameUpdated - case u == "TYPE_PASSWORD": + case "TYPE_PASSWORD": return ActionSharePasswordUpdated - case u == "TYPE_EXPIRATION": + case "TYPE_EXPIRATION": return ActionShareExpirationUpdated default: fmt.Println("Unknown update type", u) diff --git a/extensions/frontend/pkg/config/config.go b/extensions/frontend/pkg/config/config.go index a09f5909c6..4393f6346e 100644 --- a/extensions/frontend/pkg/config/config.go +++ b/extensions/frontend/pkg/config/config.go @@ -25,12 +25,13 @@ type Config struct { SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"FRONTEND_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token."` - EnableFavorites bool `yaml:"enable_favorites" env:"FRONTEND_ENABLE_FAVORITES" desc:"Disables the support for favorites in the frontend."` + EnableFavorites bool `yaml:"enable_favorites" env:"FRONTEND_ENABLE_FAVORITES" desc:"Enables the support for favorites in the frontend."` EnableProjectSpaces bool `yaml:"enable_project_spaces" env:"FRONTEND_ENABLE_PROJECT_SPACES" desc:"Indicates to clients that project spaces are supposed to be made available."` EnableShareJail bool `yaml:"enable_share_jail" env:"FRONTEND_ENABLE_SHARE_JAIL" desc:"Indicates to clients that the share jail is supposed to be used."` UploadMaxChunkSize int `yaml:"upload_max_chunk_size" env:"FRONTEND_UPLOAD_MAX_CHUNK_SIZE" desc:"Sets the max chunk sizes for uploads via the frontend." ` UploadHTTPMethodOverride string `yaml:"upload_http_method_override" env:"FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE" desc:"Advise TUS to replace PATCH requests by POST requests."` DefaultUploadProtocol string `yaml:"default_upload_protocol" env:"FRONTEND_DEFAULT_UPLOAD_PROTOCOL" desc:"The default upload protocol to use in the frontend (e.g. tus)."` + EnableResharing bool `yaml:"enable_resharing" env:"FRONTEND_ENABLE_RESHARING" desc:"Enables the support for resharing in the frontend."` PublicURL string `yaml:"public_url" env:"OCIS_URL;FRONTEND_PUBLIC_URL" desc:"The public facing url of the ocis frontend."` diff --git a/extensions/frontend/pkg/config/defaults/defaultconfig.go b/extensions/frontend/pkg/config/defaults/defaultconfig.go index 051fbad36a..3dea23c38a 100644 --- a/extensions/frontend/pkg/config/defaults/defaultconfig.go +++ b/extensions/frontend/pkg/config/defaults/defaultconfig.go @@ -38,6 +38,7 @@ func DefaultConfig() *config.Config { UploadMaxChunkSize: 1e+8, UploadHTTPMethodOverride: "", DefaultUploadProtocol: "tus", + EnableResharing: false, Checksums: config.Checksums{ SupportedTypes: []string{"sha1", "md5", "adler32"}, PreferredUploadType: "", diff --git a/extensions/frontend/pkg/revaconfig/config.go b/extensions/frontend/pkg/revaconfig/config.go index f9862ba130..aa0ad16430 100644 --- a/extensions/frontend/pkg/revaconfig/config.go +++ b/extensions/frontend/pkg/revaconfig/config.go @@ -159,7 +159,7 @@ func FrontendConfigFromStruct(cfg *config.Config) map[string]interface{} { }, "files_sharing": map[string]interface{}{ "api_enabled": true, - "resharing": true, + "resharing": cfg.EnableResharing, "group_sharing": true, "auto_accept_share": true, "share_with_group_members_only": true, diff --git a/extensions/gateway/pkg/config/config.go b/extensions/gateway/pkg/config/config.go index 1f6951728b..355b6decd7 100644 --- a/extensions/gateway/pkg/config/config.go +++ b/extensions/gateway/pkg/config/config.go @@ -21,28 +21,27 @@ type Config struct { SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"GATEWAY_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token."` - CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant" env:"GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT"` - CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref" env:"GATEWAY_COMMIT_SHARE_TO_STORAGE_REF"` - ShareFolder string `yaml:"share_folder_name" env:"GATEWAY_SHARE_FOLDER_NAME"` - DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login" env:"GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN"` - TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET" desc:"Transfer secret for signing file up- and download requests."` - TransferExpires int `yaml:"transfer_expires" env:"GATEWAY_TRANSFER_EXPIRES"` - HomeMapping string `yaml:"home_mapping" env:"GATEWAY_HOME_MAPPING"` - EtagCacheTTL int `yaml:"etag_cache_ttl" env:"GATEWAY_ETAG_CACHE_TTL"` + CommitShareToStorageGrant bool `yaml:"commit_share_to_storage_grant" env:"GATEWAY_COMMIT_SHARE_TO_STORAGE_GRANT" desc:"Commit shares to storage grants."` + CommitShareToStorageRef bool `yaml:"commit_share_to_storage_ref" env:"GATEWAY_COMMIT_SHARE_TO_STORAGE_REF" desc:"Commit shares to storage."` + ShareFolder string `yaml:"share_folder_name" env:"GATEWAY_SHARE_FOLDER_NAME" desc:"Name of the share folder in users' home space."` + DisableHomeCreationOnLogin bool `yaml:"disable_home_creation_on_login" env:"GATEWAY_DISABLE_HOME_CREATION_ON_LOGIN" desc:"Disable creation of the home space on login."` + TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET" desc:"The storage transfer secret"` // TODO: how to name the env + TransferExpires int `yaml:"transfer_expires" env:"GATEWAY_TRANSFER_EXPIRES" desc:"Expiry for the gateway tokens"` + EtagCacheTTL int `yaml:"etag_cache_ttl" env:"GATEWAY_ETAG_CACHE_TTL" desc:"Max TTL for the gateway's ETAG cache."` - FrontendPublicURL string `yaml:"frontend_public_url" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL" desc:"URL, where oCIS is reachable for users."` + FrontendPublicURL string `yaml:"frontend_public_url" env:"OCIS_URL;GATEWAY_FRONTEND_PUBLIC_URL" desc:"The public facing url of the ocis frontend."` - UsersEndpoint string `yaml:"users_endpoint" env:"GATEWAY_USERS_ENDPOINT"` - GroupsEndpoint string `yaml:"groups_endpoint" env:"GATEWAY_GROUPS_ENDPOINT"` - PermissionsEndpoint string `yaml:"permissions_endpoint" env:"GATEWAY_PERMISSIONS_ENDPOINT"` - SharingEndpoint string `yaml:"sharing_endpoint" env:"GATEWAY_SHARING_ENDPOINT"` - AuthBasicEndpoint string `yaml:"auth_basic_endpoint" env:"GATEWAY_AUTH_BASIC_ENDPOINT"` - AuthBearerEndpoint string `yaml:"auth_bearer_endpoint" env:"GATEWAY_AUTH_BEARER_ENDPOINT"` - AuthMachineEndpoint string `yaml:"auth_machine_endpoint" env:"GATEWAY_AUTH_MACHINE_ENDPOINT"` - StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint" env:"GATEWAY_STORAGE_PUBLIC_LINK_ENDPOINT"` - StorageUsersEndpoint string `yaml:"storage_users_endpoint" env:"GATEWAY_STORAGE_USERS_ENDPOINT"` - StorageSharesEndpoint string `yaml:"storage_shares_endpoint" env:"GATEWAY_STORAGE_SHARES_ENDPOINT"` - AppRegistryEndpoint string `yaml:"app_registry_endpoint" env:"GATEWAY_APP_REGISTRY_ENDPOINT"` + UsersEndpoint string `yaml:"users_endpoint" env:"GATEWAY_USERS_ENDPOINT" desc:"The users api endpoint."` + GroupsEndpoint string `yaml:"groups_endpoint" env:"GATEWAY_GROUPS_ENDPOINT" desc:"The groups api endpoint."` + PermissionsEndpoint string `yaml:"permissions_endpoint" env:"GATEWAY_PERMISSIONS_ENDPOINT" desc:"The permission api endpoint."` + SharingEndpoint string `yaml:"sharing_endpoint" env:"GATEWAY_SHARING_ENDPOINT" desc:"The share api endpoint."` + AuthBasicEndpoint string `yaml:"auth_basic_endpoint" env:"GATEWAY_AUTH_BASIC_ENDPOINT" desc:"The auth basic api endpoint."` + AuthBearerEndpoint string `yaml:"auth_bearer_endpoint" env:"GATEWAY_AUTH_BEARER_ENDPOINT" desc:"The auth bearer api endpoint."` + AuthMachineEndpoint string `yaml:"auth_machine_endpoint" env:"GATEWAY_AUTH_MACHINE_ENDPOINT" desc:"The auth machine api endpoint."` + StoragePublicLinkEndpoint string `yaml:"storage_public_link_endpoint" env:"GATEWAY_STORAGE_PUBLIC_LINK_ENDPOINT" desc:"The storage puliclink api endpoint."` + StorageUsersEndpoint string `yaml:"storage_users_endpoint" env:"GATEWAY_STORAGE_USERS_ENDPOINT" desc:"The storage users api endpoint."` + StorageSharesEndpoint string `yaml:"storage_shares_endpoint" env:"GATEWAY_STORAGE_SHARES_ENDPOINT" desc:"The storage shares api endpoint."` + AppRegistryEndpoint string `yaml:"app_registry_endpoint" env:"GATEWAY_APP_REGISTRY_ENDPOINT" desc:"The app registry api endpoint."` StorageRegistry StorageRegistry `yaml:"storage_registry"` //TODO: should we even support switching this? diff --git a/extensions/gateway/pkg/config/defaults/defaultconfig.go b/extensions/gateway/pkg/config/defaults/defaultconfig.go index b4dc0c603e..f7616174af 100644 --- a/extensions/gateway/pkg/config/defaults/defaultconfig.go +++ b/extensions/gateway/pkg/config/defaults/defaultconfig.go @@ -36,7 +36,6 @@ func DefaultConfig() *config.Config { ShareFolder: "Shares", DisableHomeCreationOnLogin: true, TransferExpires: 24 * 60 * 60, - HomeMapping: "", EtagCacheTTL: 0, FrontendPublicURL: "https://localhost:9200", diff --git a/extensions/gateway/pkg/revaconfig/config.go b/extensions/gateway/pkg/revaconfig/config.go index 2ced3c68a5..ad93f3eaea 100644 --- a/extensions/gateway/pkg/revaconfig/config.go +++ b/extensions/gateway/pkg/revaconfig/config.go @@ -52,7 +52,6 @@ func GatewayConfigFromStruct(cfg *config.Config, logger log.Logger) map[string]i "datagateway": strings.TrimRight(cfg.FrontendPublicURL, "/") + "/data", "transfer_shared_secret": cfg.TransferSecret, "transfer_expires": cfg.TransferExpires, - "home_mapping": cfg.HomeMapping, "etag_cache_ttl": cfg.EtagCacheTTL, }, "authregistry": map[string]interface{}{ diff --git a/extensions/graph/pkg/config/config.go b/extensions/graph/pkg/config/config.go index 8d7bc46942..9abc881ecd 100644 --- a/extensions/graph/pkg/config/config.go +++ b/extensions/graph/pkg/config/config.go @@ -29,15 +29,15 @@ type Config struct { } type Spaces struct { - WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE" desc:"URL, where oCIS is reachable for users."` - WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH"` - DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA"` - Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE"` - ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL"` + WebDavBase string `yaml:"webdav_base" env:"OCIS_URL;GRAPH_SPACES_WEBDAV_BASE" desc:"The public facing URL of WebDAV."` + WebDavPath string `yaml:"webdav_path" env:"GRAPH_SPACES_WEBDAV_PATH" desc:"The WebDAV subpath for spaces."` + DefaultQuota string `yaml:"default_quota" env:"GRAPH_SPACES_DEFAULT_QUOTA" desc:"The default quota in bytes."` + Insecure bool `yaml:"insecure" env:"OCIS_INSECURE;GRAPH_SPACES_INSECURE" desc:"Allow insecure connetctions to the spaces."` + ExtendedSpacePropertiesCacheTTL int `yaml:"extended_space_properties_cache_ttl" env:"GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL" desc:"Max TTL for the spaces property cache."` } type LDAP struct { - URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI"` + URI string `yaml:"uri" env:"LDAP_URI;GRAPH_LDAP_URI" desc:"URI of the LDAP Server to connect to. Supported URI schemes are 'ldaps://' and 'ldap://'"` CACert string `yaml:"cacert" env:"LDAP_CACERT;GRAPH_LDAP_CACERT" desc:"The certificate to verify TLS connections"` Insecure bool `yaml:"insecure" env:"LDAP_INSECURE;GRAPH_LDAP_INSECURE"` BindDN string `yaml:"bind_dn" env:"LDAP_BIND_DN;GRAPH_LDAP_BIND_DN"` diff --git a/extensions/graph/pkg/identity/ldap.go b/extensions/graph/pkg/identity/ldap.go index db666f8156..f7726179bc 100644 --- a/extensions/graph/pkg/identity/ldap.go +++ b/extensions/graph/pkg/identity/ldap.go @@ -467,7 +467,7 @@ func (i *LDAP) GetGroup(ctx context.Context, nameOrID string, queryParam url.Val if err != nil { return nil, err } - if len(members) > 1 { + if len(members) > 0 { m := make([]libregraph.User, 0, len(members)) for _, u := range members { m = append(m, *u) @@ -623,7 +623,7 @@ func (i *LDAP) GetGroups(ctx context.Context, queryParam url.Values) ([]*libregr if err != nil { return nil, err } - if len(members) > 1 { + if len(members) > 0 { m := make([]libregraph.User, 0, len(members)) for _, u := range members { m = append(m, *u) diff --git a/extensions/graph/pkg/server/http/server.go b/extensions/graph/pkg/server/http/server.go index d61a17f6a8..ed208ad22a 100644 --- a/extensions/graph/pkg/server/http/server.go +++ b/extensions/graph/pkg/server/http/server.go @@ -59,6 +59,10 @@ func Server(opts ...Option) (http.Service, error) { svc.EventsPublisher(publisher), ) + if handle == nil { + return http.Service{}, errors.New("could not initialize graph service") + } + { handle = svc.NewInstrument(handle, options.Metrics) handle = svc.NewLogging(handle, options.Logger) diff --git a/extensions/graph/pkg/service/v0/groups.go b/extensions/graph/pkg/service/v0/groups.go index 3fef37505e..6d19bd7b48 100644 --- a/extensions/graph/pkg/service/v0/groups.go +++ b/extensions/graph/pkg/service/v0/groups.go @@ -13,6 +13,7 @@ import ( libregraph "github.com/owncloud/libre-graph-api-go" "github.com/owncloud/ocis/v2/extensions/graph/pkg/service/v0/errorcode" + ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" "github.com/cs3org/reva/v2/pkg/events" "github.com/go-chi/chi/v5" "github.com/go-chi/render" @@ -83,7 +84,8 @@ func (g Graph) PostGroup(w http.ResponseWriter, r *http.Request) { } if grp != nil && grp.Id != nil { - g.publishEvent(events.GroupCreated{GroupID: *grp.Id}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.GroupCreated{Executant: currentUser.Id, GroupID: *grp.Id}) } render.Status(r, http.StatusOK) render.JSON(w, r, grp) @@ -202,7 +204,8 @@ func (g Graph) DeleteGroup(w http.ResponseWriter, r *http.Request) { return } - g.publishEvent(events.GroupDeleted{GroupID: groupID}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.GroupDeleted{Executant: currentUser.Id, GroupID: groupID}) render.Status(r, http.StatusNoContent) render.NoContent(w, r) } @@ -286,7 +289,8 @@ func (g Graph) PostGroupMember(w http.ResponseWriter, r *http.Request) { return } - g.publishEvent(events.GroupMemberAdded{GroupID: groupID, UserID: id}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.GroupMemberAdded{Executant: currentUser.Id, GroupID: groupID, UserID: id}) render.Status(r, http.StatusNoContent) render.NoContent(w, r) } @@ -330,7 +334,8 @@ func (g Graph) DeleteGroupMember(w http.ResponseWriter, r *http.Request) { } return } - g.publishEvent(events.GroupMemberRemoved{GroupID: groupID, UserID: memberID}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.GroupMemberRemoved{Executant: currentUser.Id, GroupID: groupID, UserID: memberID}) render.Status(r, http.StatusNoContent) render.NoContent(w, r) } diff --git a/extensions/graph/pkg/service/v0/password.go b/extensions/graph/pkg/service/v0/password.go index 51da7b41ba..c94b969f34 100644 --- a/extensions/graph/pkg/service/v0/password.go +++ b/extensions/graph/pkg/service/v0/password.go @@ -8,6 +8,7 @@ import ( "github.com/CiscoM31/godata" gateway "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1" cs3rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" + ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" revactx "github.com/cs3org/reva/v2/pkg/ctx" "github.com/cs3org/reva/v2/pkg/events" "github.com/go-chi/render" @@ -84,11 +85,13 @@ func (g Graph) ChangeOwnPassword(w http.ResponseWriter, r *http.Request) { return } + currentUser := ctxpkg.ContextMustGetUser(r.Context()) g.publishEvent( events.UserFeatureChanged{ - UserID: u.Id.OpaqueId, + Executant: currentUser.Id, + UserID: u.Id.OpaqueId, Features: []events.UserFeature{ - events.UserFeature{Name: "password", Value: "***"}, + {Name: "password", Value: "***"}, }, }, ) diff --git a/extensions/graph/pkg/service/v0/service.go b/extensions/graph/pkg/service/v0/service.go index 2386a21c64..ee31660a86 100644 --- a/extensions/graph/pkg/service/v0/service.go +++ b/extensions/graph/pkg/service/v0/service.go @@ -106,10 +106,13 @@ func NewService(opts ...Option) Service { certs := x509.NewCertPool() pemData, err := ioutil.ReadFile(options.Config.Identity.LDAP.CACert) if err != nil { - options.Logger.Error().Msgf("Error initializing LDAP Backend: '%s'", err) + options.Logger.Error().Err(err).Msgf("Error initializing LDAP Backend") + return nil + } + if !certs.AppendCertsFromPEM(pemData) { + options.Logger.Error().Msgf("Error initializing LDAP Backend. Adding CA cert failed") return nil } - certs.AppendCertsFromPEM(pemData) tlsConf.RootCAs = certs } diff --git a/extensions/graph/pkg/service/v0/users.go b/extensions/graph/pkg/service/v0/users.go index 7e28020194..d567e3e98f 100644 --- a/extensions/graph/pkg/service/v0/users.go +++ b/extensions/graph/pkg/service/v0/users.go @@ -11,6 +11,7 @@ import ( "strings" "github.com/CiscoM31/godata" + ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" revactx "github.com/cs3org/reva/v2/pkg/ctx" "github.com/cs3org/reva/v2/pkg/events" "github.com/go-chi/chi/v5" @@ -140,7 +141,8 @@ func (g Graph) PostUser(w http.ResponseWriter, r *http.Request) { return } - g.publishEvent(events.UserCreated{UserID: *u.Id}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.UserCreated{Executant: currentUser.Id, UserID: *u.Id}) render.Status(r, http.StatusOK) render.JSON(w, r, u) @@ -197,7 +199,8 @@ func (g Graph) DeleteUser(w http.ResponseWriter, r *http.Request) { } } - g.publishEvent(events.UserDeleted{UserID: userID}) + currentUser := ctxpkg.ContextMustGetUser(r.Context()) + g.publishEvent(events.UserDeleted{Executant: currentUser.Id, UserID: userID}) render.Status(r, http.StatusNoContent) render.NoContent(w, r) @@ -247,10 +250,12 @@ func (g Graph) PatchUser(w http.ResponseWriter, r *http.Request) { } } + currentUser := ctxpkg.ContextMustGetUser(r.Context()) g.publishEvent( events.UserFeatureChanged{ - UserID: nameOrID, - Features: features, + Executant: currentUser.Id, + UserID: nameOrID, + Features: features, }, ) render.Status(r, http.StatusOK) diff --git a/extensions/idp/pkg/command/server.go b/extensions/idp/pkg/command/server.go index be0147f8d9..31024e92f2 100644 --- a/extensions/idp/pkg/command/server.go +++ b/extensions/idp/pkg/command/server.go @@ -1,9 +1,18 @@ package command import ( + "bytes" "context" + "crypto/rand" + "crypto/rsa" + "crypto/x509" + "encoding/pem" + "errors" "fmt" + "io" + "io/fs" "os" + "path/filepath" "github.com/oklog/run" "github.com/owncloud/ocis/v2/extensions/idp/pkg/config" @@ -17,6 +26,8 @@ import ( "github.com/urfave/cli/v2" ) +const _rsaKeySize = 4096 + // Server is the entrypoint for the server command. func Server(cfg *config.Config) *cli.Command { return &cli.Command{ @@ -29,6 +40,15 @@ func Server(cfg *config.Config) *cli.Command { fmt.Printf("%v", err) os.Exit(1) } + + if cfg.IDP.EncryptionSecretFile != "" { + if err := ensureEncryptionSecretExists(cfg.IDP.EncryptionSecretFile); err != nil { + return err + } + if err := ensureSigningPrivateKeyExists(cfg.IDP.SigningPrivateKeyFiles); err != nil { + return err + } + } return err }, Action: func(c *cli.Context) error { @@ -102,3 +122,77 @@ func Server(cfg *config.Config) *cli.Command { }, } } + +func ensureEncryptionSecretExists(path string) error { + _, err := os.Stat(path) + if err == nil { + // If the file exists we can just return + return nil + } + if !errors.Is(err, fs.ErrNotExist) { + return err + } + + dir := filepath.Dir(path) + err = os.MkdirAll(dir, 0700) + if err != nil { + return err + } + + f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, 0600) + if err != nil { + return nil + } + defer f.Close() + + secret := make([]byte, 32) + _, err = rand.Read(secret) + if err != nil { + return err + } + _, err = io.Copy(f, bytes.NewReader(secret)) + if err != nil { + return err + } + + return nil +} + +func ensureSigningPrivateKeyExists(paths []string) error { + for _, path := range paths { + _, err := os.Stat(path) + if err == nil { + // If the file exists we can just return + return nil + } + if !errors.Is(err, fs.ErrNotExist) { + return err + } + + dir := filepath.Dir(path) + err = os.MkdirAll(dir, 0700) + if err != nil { + return err + } + + f, err := os.OpenFile(path, os.O_CREATE|os.O_WRONLY, 0600) + if err != nil { + return nil + } + defer f.Close() + + pk, err := rsa.GenerateKey(rand.Reader, _rsaKeySize) + if err != nil { + return err + } + + pb := &pem.Block{ + Type: "RSA PRIVATE KEY", + Bytes: x509.MarshalPKCS1PrivateKey(pk), + } + if err := pem.Encode(f, pb); err != nil { + return err + } + } + return nil +} diff --git a/extensions/idp/pkg/config/config.go b/extensions/idp/pkg/config/config.go index 80415bfb61..5ce0481f99 100644 --- a/extensions/idp/pkg/config/config.go +++ b/extensions/idp/pkg/config/config.go @@ -87,8 +87,8 @@ type Settings struct { TrustedProxy []string `yaml:"trusted_proxy"` //TODO: how to configure this via env? AllowScope []string `yaml:"allow_scope"` // TODO: is this even needed? - AllowClientGuests bool `yaml:"allow_client_guests" env:"IDP_ALLOW_CLIENT_GUESTS"` - AllowDynamicClientRegistration bool `yaml:"allow_dynamic_client_registration" env:"IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION"` + AllowClientGuests bool `yaml:"allow_client_guests" env:"IDP_ALLOW_CLIENT_GUESTS" desc:"Allow guest clients to access ocis."` + AllowDynamicClientRegistration bool `yaml:"allow_dynamic_client_registration" env:"IDP_ALLOW_DYNAMIC_CLIENT_REGISTRATION" desc:"Allow dynamic client registration."` EncryptionSecretFile string `yaml:"encrypt_secret_file" env:"IDP_ENCRYPTION_SECRET_FILE" desc:"Path to the encryption secret file, if unset, a new certificate will be autogenerated upon each restart, thus invalidating all existing sessions."` @@ -114,5 +114,5 @@ type Settings struct { AccessTokenDurationSeconds uint64 `yaml:"access_token_duration_seconds" env:"IDP_ACCESS_TOKEN_EXPIRATION" desc:"Expiration time for idp access token (in seconds)."` IDTokenDurationSeconds uint64 `yaml:"id_token_duration_seconds" env:"IDP_ID_TOKEN_EXPIRATION" desc:"Expiration time for idp id tokens (in seconds)."` RefreshTokenDurationSeconds uint64 `yaml:"refresh_token_duration_seconds" env:"IDP_REFRESH_TOKEN_EXPIRATION" desc:"Expiration time for refresh tokens (in seconds)."` - DyamicClientSecretDurationSeconds uint64 `yaml:"dynamic_client_secret_duration_seconds" env:""` + DyamicClientSecretDurationSeconds uint64 `yaml:"dynamic_client_secret_duration_seconds" env:"IDP_DYNAMIC_CLIENT_SECRET_DURATION" desc:"Expiration time for dynamic clients (in seconds)."` } diff --git a/extensions/idp/pkg/config/defaults/defaultconfig.go b/extensions/idp/pkg/config/defaults/defaultconfig.go index f67a8b4a4b..2fd213cdfa 100644 --- a/extensions/idp/pkg/config/defaults/defaultconfig.go +++ b/extensions/idp/pkg/config/defaults/defaultconfig.go @@ -1,7 +1,7 @@ package defaults import ( - "path" + "path/filepath" "strings" "github.com/owncloud/ocis/v2/extensions/idp/pkg/config" @@ -24,8 +24,8 @@ func DefaultConfig() *config.Config { Addr: "127.0.0.1:9130", Root: "/", Namespace: "com.owncloud.web", - TLSCert: path.Join(defaults.BaseDataPath(), "idp", "server.crt"), - TLSKey: path.Join(defaults.BaseDataPath(), "idp", "server.key"), + TLSCert: filepath.Join(defaults.BaseDataPath(), "idp", "server.crt"), + TLSKey: filepath.Join(defaults.BaseDataPath(), "idp", "server.key"), TLS: false, }, Reva: &config.Reva{ @@ -47,18 +47,18 @@ func DefaultConfig() *config.Config { AllowScope: nil, AllowClientGuests: false, AllowDynamicClientRegistration: false, - EncryptionSecretFile: "", + EncryptionSecretFile: filepath.Join(defaults.BaseDataPath(), "idp", "encryption.key"), Listen: "", IdentifierClientDisabled: true, - IdentifierClientPath: path.Join(defaults.BaseDataPath(), "idp"), - IdentifierRegistrationConf: path.Join(defaults.BaseDataPath(), "idp", "tmp", "identifier-registration.yaml"), + IdentifierClientPath: filepath.Join(defaults.BaseDataPath(), "idp"), + IdentifierRegistrationConf: filepath.Join(defaults.BaseDataPath(), "idp", "tmp", "identifier-registration.yaml"), IdentifierScopesConf: "", IdentifierDefaultBannerLogo: "", IdentifierDefaultSignInPageText: "", IdentifierDefaultUsernameHintText: "", - SigningKid: "", + SigningKid: "private-key", SigningMethod: "PS256", - SigningPrivateKeyFiles: nil, + SigningPrivateKeyFiles: []string{filepath.Join(defaults.BaseDataPath(), "idp", "private-key.pem")}, ValidationKeysPath: "", CookieBackendURI: "", CookieNames: nil, @@ -124,7 +124,7 @@ func DefaultConfig() *config.Config { }, Ldap: config.Ldap{ URI: "ldaps://localhost:9235", - TLSCACert: path.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), + TLSCACert: filepath.Join(defaults.BaseDataPath(), "idm", "ldap.crt"), BindDN: "uid=idp,ou=sysusers,o=libregraph-idm", BaseDN: "ou=users,o=libregraph-idm", Scope: "sub", diff --git a/extensions/proxy/pkg/config/config.go b/extensions/proxy/pkg/config/config.go index 3246660dcd..c68f959757 100644 --- a/extensions/proxy/pkg/config/config.go +++ b/extensions/proxy/pkg/config/config.go @@ -30,8 +30,8 @@ type Config struct { UserCS3Claim string `yaml:"user_cs3_claim" env:"PROXY_USER_CS3_CLAIM" desc:"The name of a CS3 user attribute (claim) that should be mapped to the 'user_oidc_claim'. Currently defaults to 'mail' (other possible values are: 'username', 'displayname')"` MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY;PROXY_MACHINE_AUTH_API_KEY" desc:"Machine auth API key used for accessing the 'auth-machine' service to impersonate users."` AutoprovisionAccounts bool `yaml:"auto_provision_accounts" env:"PROXY_AUTOPROVISION_ACCOUNTS" desc:"Set this to 'true' to automatically provsion users that do not yet exist in the users service on-demand upon first signin. To use this a write-enabled libregraph user backend needs to be setup an running."` - EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH" desc:"Set this to true to enable 'basic' (username/password) authentication. (Default: false)"` - InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS" desc:"Disable TLS certificate validation for all http backend connections. (Default: false)"` + EnableBasicAuth bool `yaml:"enable_basic_auth" env:"PROXY_ENABLE_BASIC_AUTH" desc:"Set this to true to enable 'basic' (username/password) authentication."` + InsecureBackends bool `yaml:"insecure_backends" env:"PROXY_INSECURE_BACKENDS" desc:"Disable TLS certificate validation for all http backend connections."` AuthMiddleware AuthMiddleware `yaml:"auth_middleware"` Context context.Context `yaml:"-"` diff --git a/extensions/search/pkg/search/provider/events.go b/extensions/search/pkg/search/provider/events.go index 641c3010a9..37c62c237f 100644 --- a/extensions/search/pkg/search/provider/events.go +++ b/extensions/search/pkg/search/provider/events.go @@ -91,6 +91,11 @@ func (p *Provider) handleEvent(ev interface{}) { owner = &user.User{ Id: e.Executant, } + case events.FileTouched: + ref = e.Ref + owner = &user.User{ + Id: e.Executant, + } case events.FileVersionRestored: ref = e.Ref owner = &user.User{ diff --git a/extensions/search/pkg/search/provider/events_test.go b/extensions/search/pkg/search/provider/events_test.go index a36b36aef9..f90b9b0e26 100644 --- a/extensions/search/pkg/search/provider/events_test.go +++ b/extensions/search/pkg/search/provider/events_test.go @@ -95,6 +95,23 @@ var _ = Describe("Searchprovider", func() { }, "2s").Should(BeTrue()) }) + It("triggers an index update when a file has been touched", func() { + called := false + indexClient.On("Add", mock.Anything, mock.MatchedBy(func(riToIndex *sprovider.ResourceInfo) bool { + return riToIndex.Id.OpaqueId == ri.Id.OpaqueId + })).Return(nil).Run(func(args mock.Arguments) { + called = true + }) + eventsChan <- events.FileTouched{ + Ref: ref, + Executant: user.Id, + } + + Eventually(func() bool { + return called + }, "2s").Should(BeTrue()) + }) + It("removes an entry from the index when the file has been deleted", func() { called := false gwClient.On("Stat", mock.Anything, mock.Anything).Return(&sprovider.StatResponse{ diff --git a/extensions/search/pkg/search/provider/searchprovider.go b/extensions/search/pkg/search/provider/searchprovider.go index 067d9665eb..5b0301c8e6 100644 --- a/extensions/search/pkg/search/provider/searchprovider.go +++ b/extensions/search/pkg/search/provider/searchprovider.go @@ -14,6 +14,7 @@ import ( provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1" ctxpkg "github.com/cs3org/reva/v2/pkg/ctx" "github.com/cs3org/reva/v2/pkg/errtypes" + "github.com/cs3org/reva/v2/pkg/events" sdk "github.com/cs3org/reva/v2/pkg/sdk/common" "github.com/cs3org/reva/v2/pkg/storage/utils/walker" "github.com/cs3org/reva/v2/pkg/storagespace" @@ -26,6 +27,16 @@ import ( searchsvc "github.com/owncloud/ocis/v2/protogen/gen/ocis/services/search/v0" ) +var ListenEvents = []events.Unmarshaller{ + events.ItemTrashed{}, + events.ItemRestored{}, + events.ItemMoved{}, + events.ContainerCreated{}, + events.FileUploaded{}, + events.FileTouched{}, + events.FileVersionRestored{}, +} + type Provider struct { logger log.Logger gwClient gateway.GatewayAPIClient diff --git a/extensions/search/pkg/service/v0/service.go b/extensions/search/pkg/service/v0/service.go index ef589ec5ea..235b561019 100644 --- a/extensions/search/pkg/service/v0/service.go +++ b/extensions/search/pkg/service/v0/service.go @@ -14,7 +14,6 @@ import ( "go-micro.dev/v4/metadata" grpcmetadata "google.golang.org/grpc/metadata" - "github.com/owncloud/ocis/v2/extensions/audit/pkg/types" "github.com/owncloud/ocis/v2/extensions/search/pkg/config" "github.com/owncloud/ocis/v2/extensions/search/pkg/search" "github.com/owncloud/ocis/v2/extensions/search/pkg/search/index" @@ -38,7 +37,7 @@ func NewHandler(opts ...Option) (searchsvc.SearchProviderHandler, error) { if err != nil { return nil, err } - evts, err := events.Consume(client, evtsCfg.ConsumerGroup, types.RegisteredEvents()...) + evts, err := events.Consume(client, evtsCfg.ConsumerGroup, searchprovider.ListenEvents...) if err != nil { return nil, err } diff --git a/extensions/web/Makefile b/extensions/web/Makefile index 2b3dfe306f..7c4106ca55 100644 --- a/extensions/web/Makefile +++ b/extensions/web/Makefile @@ -1,6 +1,6 @@ SHELL := bash NAME := web -WEB_ASSETS_VERSION = v5.5.0-rc.9 +WEB_ASSETS_VERSION = v5.7.0-rc.1 include ../../.make/recursion.mk diff --git a/go.mod b/go.mod index 1f056f94df..237cda7fae 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/blevesearch/bleve_index_api v1.0.2 github.com/coreos/go-oidc/v3 v3.2.0 github.com/cs3org/go-cs3apis v0.0.0-20220512100524-551800f020d8 - github.com/cs3org/reva/v2 v2.5.2-0.20220617144643-4758360f5d55 + github.com/cs3org/reva/v2 v2.6.1-0.20220625133157-47ade515fb1e github.com/disintegration/imaging v1.6.2 github.com/go-chi/chi/v5 v5.0.7 github.com/go-chi/cors v1.2.1 diff --git a/go.sum b/go.sum index b844dbae0c..13e51770bb 100644 --- a/go.sum +++ b/go.sum @@ -294,8 +294,8 @@ github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3p github.com/crewjam/saml v0.4.6 h1:XCUFPkQSJLvzyl4cW9OvpWUbRf0gE7VUpU8ZnilbeM4= github.com/crewjam/saml v0.4.6/go.mod h1:ZBOXnNPFzB3CgOkRm7Nd6IVdkG+l/wF+0ZXLqD96t1A= github.com/cs3org/cato v0.0.0-20200828125504-e418fc54dd5e/go.mod h1:XJEZ3/EQuI3BXTp/6DUzFr850vlxq11I6satRtz0YQ4= -github.com/cs3org/reva/v2 v2.5.2-0.20220617144643-4758360f5d55 h1:N1E8H+pgrDW//X315BniqmvDYYPoMBkbJZhQEQ3Y+98= -github.com/cs3org/reva/v2 v2.5.2-0.20220617144643-4758360f5d55/go.mod h1:zAHqzr36X4lIalonDQeNbwrIXjn66C38lp5A+MTRS1c= +github.com/cs3org/reva/v2 v2.6.1-0.20220625133157-47ade515fb1e h1:/XaypNR4cVLC6jD2KQ6Z7D7Euyzj4hPHrLlQQad0bmo= +github.com/cs3org/reva/v2 v2.6.1-0.20220625133157-47ade515fb1e/go.mod h1:zAHqzr36X4lIalonDQeNbwrIXjn66C38lp5A+MTRS1c= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8 h1:Z9lwXumT5ACSmJ7WGnFl+OMLLjpz5uR2fyz7dC255FI= github.com/cubewise-code/go-mime v0.0.0-20200519001935-8c5762b177d8/go.mod h1:4abs/jPXcmJzYoYGF91JF9Uq9s/KL5n1jvFDix8KcqY= github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4= diff --git a/ocis-pkg/ldap/ldap.go b/ocis-pkg/ldap/ldap.go index a03d588486..8eceaf3cb9 100644 --- a/ocis-pkg/ldap/ldap.go +++ b/ocis-pkg/ldap/ldap.go @@ -1,24 +1,39 @@ package ldap import ( + "crypto/x509" "errors" + "io/ioutil" "os" "time" "github.com/owncloud/ocis/v2/ocis-pkg/log" ) -const _caTimeout = 5 +const ( + caCheckRetries = 3 + caCheckSleep = 2 +) func WaitForCA(log log.Logger, insecure bool, caCert string) error { if !insecure && caCert != "" { - if _, err := os.Stat(caCert); errors.Is(err, os.ErrNotExist) { - log.Warn().Str("LDAP CACert", caCert).Msgf("File does not exist. Waiting %d seconds for it to appear.", _caTimeout) - time.Sleep(_caTimeout * time.Second) - if _, err := os.Stat(caCert); errors.Is(err, os.ErrNotExist) { - log.Warn().Str("LDAP CACert", caCert).Msgf("File still does not exist after Timeout") + for i := 0; i < caCheckRetries; i++ { + if _, err := os.Stat(caCert); err != nil && !errors.Is(err, os.ErrNotExist) { return err } + // Check if this actually is a CA cert. We need to retry here as well + // as the file might exist already, but have no contents yet. + certs := x509.NewCertPool() + pemData, err := ioutil.ReadFile(caCert) + if err != nil { + log.Debug().Err(err).Str("LDAP CACert", caCert).Msg("Error reading CA") + } else if !certs.AppendCertsFromPEM(pemData) { + log.Debug().Str("LDAP CAcert", caCert).Msg("Failed to append CA to pool") + } else { + return nil + } + time.Sleep(caCheckSleep * time.Second) + log.Warn().Str("LDAP CACert", caCert).Msgf("CA cert file is not ready yet. Waiting %d seconds for it to appear.", caCheckSleep) } } return nil diff --git a/ocis-pkg/version/version.go b/ocis-pkg/version/version.go index 850a1bb073..092a4de3e9 100644 --- a/ocis-pkg/version/version.go +++ b/ocis-pkg/version/version.go @@ -16,7 +16,7 @@ var ( // LatestTag is the latest released version plus the dev meta version. // Will be overwritten by the release pipeline // Needs a manual change for every tagged release - LatestTag = "2.0.0-beta.3+dev" + LatestTag = "2.0.0-beta.4+dev" // Date indicates the build date. Date = time.Now().Format("20060102") diff --git a/ocis/pkg/command/migrate.go b/ocis/pkg/command/migrate.go new file mode 100644 index 0000000000..b45bdf1883 --- /dev/null +++ b/ocis/pkg/command/migrate.go @@ -0,0 +1,290 @@ +package command + +import ( + "context" + "fmt" + "os" + "sync" + + collaboration "github.com/cs3org/go-cs3apis/cs3/sharing/collaboration/v1beta1" + "github.com/cs3org/reva/v2/pkg/publicshare" + publicregistry "github.com/cs3org/reva/v2/pkg/publicshare/manager/registry" + "github.com/cs3org/reva/v2/pkg/share" + "github.com/cs3org/reva/v2/pkg/share/manager/registry" + sharing "github.com/owncloud/ocis/v2/extensions/sharing/pkg/config" + "github.com/owncloud/ocis/v2/ocis-pkg/config" + "github.com/owncloud/ocis/v2/ocis-pkg/config/parser" + "github.com/owncloud/ocis/v2/ocis/pkg/register" + "github.com/rs/zerolog" + "github.com/urfave/cli/v2" +) + +// Migrate is the entrypoint for the Migrate command. +func Migrate(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "migrate", + Usage: "migrate data from an existing to another instance", + Category: "migration", + Before: func(c *cli.Context) error { + if err := parser.ParseConfig(cfg, true); err != nil { + fmt.Printf("%v", err) + return err + } + return nil + }, + Subcommands: []*cli.Command{ + MigrateShares(cfg), + MigratePublicShares(cfg), + }, + } +} + +func init() { + register.AddCommand(Migrate) +} + +func MigrateShares(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "shares", + Usage: "migrates shares from the previous to the new share manager", + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "from", + Value: "json", + Usage: "Share manager to export the data from", + }, + &cli.StringFlag{ + Name: "to", + Value: "cs3", + Usage: "Share manager to import the data into", + }, + }, + Before: func(c *cli.Context) error { + err := parser.ParseConfig(cfg, true) + if err != nil { + fmt.Printf("%v", err) + os.Exit(1) + } + return nil + }, + Action: func(c *cli.Context) error { + log := zerolog.New(zerolog.ConsoleWriter{Out: os.Stderr}).With().Timestamp().Logger() + ctx := log.WithContext(context.Background()) + rcfg := revaShareConfig(cfg.Sharing) + oldDriver := c.String("from") + newDriver := c.String("to") + shareChan := make(chan *collaboration.Share) + receivedShareChan := make(chan share.ReceivedShareWithUser) + + f, ok := registry.NewFuncs[oldDriver] + if !ok { + log.Error().Msg("Unknown share manager type '" + oldDriver + "'") + os.Exit(1) + } + oldMgr, err := f(rcfg[oldDriver].(map[string]interface{})) + if err != nil { + log.Error().Err(err).Msg("failed to initiate source share manager") + os.Exit(1) + } + dumpMgr, ok := oldMgr.(share.DumpableManager) + if !ok { + log.Error().Msg("Share manager type '" + oldDriver + "' does not support dumping its shares.") + os.Exit(1) + } + + f, ok = registry.NewFuncs[newDriver] + if !ok { + log.Error().Msg("Unknown share manager type '" + newDriver + "'") + os.Exit(1) + } + newMgr, err := f(rcfg[newDriver].(map[string]interface{})) + if err != nil { + log.Error().Err(err).Msg("failed to initiate destination share manager") + os.Exit(1) + } + loadMgr, ok := newMgr.(share.LoadableManager) + if !ok { + log.Error().Msg("Share manager type '" + newDriver + "' does not support loading a shares dump.") + os.Exit(1) + } + + var wg sync.WaitGroup + wg.Add(2) + go func() { + log.Info().Msg("Migrating shares...") + err = loadMgr.Load(ctx, shareChan, receivedShareChan) + log.Info().Msg("Finished migrating shares.") + if err != nil { + log.Error().Err(err).Msg("Error while loading shares") + os.Exit(1) + } + wg.Done() + }() + go func() { + err = dumpMgr.Dump(ctx, shareChan, receivedShareChan) + if err != nil { + log.Error().Err(err).Msg("Error while dumping shares") + os.Exit(1) + } + close(shareChan) + close(receivedShareChan) + wg.Done() + }() + wg.Wait() + return nil + }, + } +} + +func MigratePublicShares(cfg *config.Config) *cli.Command { + return &cli.Command{ + Name: "publicshares", + Usage: "migrates public shares from the previous to the new public share manager", + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "from", + Value: "json", + Usage: "Public share manager to export the data from", + }, + &cli.StringFlag{ + Name: "to", + Value: "cs3", + Usage: "Public share manager to import the data into", + }, + }, + Before: func(c *cli.Context) error { + err := parser.ParseConfig(cfg, true) + if err != nil { + fmt.Printf("%v", err) + os.Exit(1) + } + return err + }, + Action: func(c *cli.Context) error { + log := zerolog.New(zerolog.ConsoleWriter{Out: os.Stderr}).With().Timestamp().Logger() + ctx := log.WithContext(context.Background()) + + rcfg := revaPublicShareConfig(cfg.Sharing) + oldDriver := c.String("from") + newDriver := c.String("to") + shareChan := make(chan *publicshare.WithPassword) + + f, ok := publicregistry.NewFuncs[oldDriver] + if !ok { + log.Error().Msg("Unknown public share manager type '" + oldDriver + "'") + os.Exit(1) + } + oldMgr, err := f(rcfg[oldDriver].(map[string]interface{})) + if err != nil { + log.Error().Err(err).Msg("failed to initiate source public share manager") + os.Exit(1) + } + dumpMgr, ok := oldMgr.(publicshare.DumpableManager) + if !ok { + log.Error().Msg("Public share manager type '" + oldDriver + "' does not support dumping its public shares.") + os.Exit(1) + } + + f, ok = publicregistry.NewFuncs[newDriver] + if !ok { + log.Error().Msg("Unknown public share manager type '" + newDriver + "'") + os.Exit(1) + } + newMgr, err := f(rcfg[newDriver].(map[string]interface{})) + if err != nil { + log.Error().Err(err).Msg("failed to initiate destination public share manager") + os.Exit(1) + } + loadMgr, ok := newMgr.(publicshare.LoadableManager) + if !ok { + log.Error().Msg("Public share manager type '" + newDriver + "' does not support loading a public shares dump.") + os.Exit(1) + } + + var wg sync.WaitGroup + wg.Add(2) + go func() { + log.Info().Msg("Migrating public shares...") + err = loadMgr.Load(ctx, shareChan) + log.Info().Msg("Finished migrating public shares.") + if err != nil { + log.Error().Err(err).Msg("Error while loading public shares") + os.Exit(1) + } + wg.Done() + }() + go func() { + err = dumpMgr.Dump(ctx, shareChan) + if err != nil { + log.Error().Err(err).Msg("Error while dumping public shares") + os.Exit(1) + } + close(shareChan) + wg.Done() + }() + wg.Wait() + return nil + }, + } +} + +func revaShareConfig(cfg *sharing.Config) map[string]interface{} { + return map[string]interface{}{ + "json": map[string]interface{}{ + "file": cfg.UserSharingDrivers.JSON.File, + "gateway_addr": cfg.Reva.Address, + }, + "sql": map[string]interface{}{ // cernbox sql + "db_username": cfg.UserSharingDrivers.SQL.DBUsername, + "db_password": cfg.UserSharingDrivers.SQL.DBPassword, + "db_host": cfg.UserSharingDrivers.SQL.DBHost, + "db_port": cfg.UserSharingDrivers.SQL.DBPort, + "db_name": cfg.UserSharingDrivers.SQL.DBName, + "password_hash_cost": cfg.UserSharingDrivers.SQL.PasswordHashCost, + "enable_expired_shares_cleanup": cfg.UserSharingDrivers.SQL.EnableExpiredSharesCleanup, + "janitor_run_interval": cfg.UserSharingDrivers.SQL.JanitorRunInterval, + }, + "owncloudsql": map[string]interface{}{ + "gateway_addr": cfg.Reva.Address, + "storage_mount_id": cfg.UserSharingDrivers.OwnCloudSQL.UserStorageMountID, + "db_username": cfg.UserSharingDrivers.OwnCloudSQL.DBUsername, + "db_password": cfg.UserSharingDrivers.OwnCloudSQL.DBPassword, + "db_host": cfg.UserSharingDrivers.OwnCloudSQL.DBHost, + "db_port": cfg.UserSharingDrivers.OwnCloudSQL.DBPort, + "db_name": cfg.UserSharingDrivers.OwnCloudSQL.DBName, + }, + "cs3": map[string]interface{}{ + "gateway_addr": cfg.UserSharingDrivers.CS3.ProviderAddr, + "provider_addr": cfg.UserSharingDrivers.CS3.ProviderAddr, + "service_user_id": cfg.UserSharingDrivers.CS3.SystemUserID, + "service_user_idp": cfg.UserSharingDrivers.CS3.SystemUserIDP, + "machine_auth_apikey": cfg.UserSharingDrivers.CS3.SystemUserAPIKey, + }, + } +} + +func revaPublicShareConfig(cfg *sharing.Config) map[string]interface{} { + return map[string]interface{}{ + "json": map[string]interface{}{ + "file": cfg.PublicSharingDrivers.JSON.File, + "gateway_addr": cfg.Reva.Address, + }, + "sql": map[string]interface{}{ + "db_username": cfg.PublicSharingDrivers.SQL.DBUsername, + "db_password": cfg.PublicSharingDrivers.SQL.DBPassword, + "db_host": cfg.PublicSharingDrivers.SQL.DBHost, + "db_port": cfg.PublicSharingDrivers.SQL.DBPort, + "db_name": cfg.PublicSharingDrivers.SQL.DBName, + "password_hash_cost": cfg.PublicSharingDrivers.SQL.PasswordHashCost, + "enable_expired_shares_cleanup": cfg.PublicSharingDrivers.SQL.EnableExpiredSharesCleanup, + "janitor_run_interval": cfg.PublicSharingDrivers.SQL.JanitorRunInterval, + }, + "cs3": map[string]interface{}{ + "gateway_addr": cfg.PublicSharingDrivers.CS3.ProviderAddr, + "provider_addr": cfg.PublicSharingDrivers.CS3.ProviderAddr, + "service_user_id": cfg.PublicSharingDrivers.CS3.SystemUserID, + "service_user_idp": cfg.PublicSharingDrivers.CS3.SystemUserIDP, + "machine_auth_apikey": cfg.PublicSharingDrivers.CS3.SystemUserAPIKey, + }, + } +} diff --git a/sonar-project.properties b/sonar-project.properties index 4d547b2cff..5403a9d7a9 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -2,7 +2,7 @@ sonar.projectKey=owncloud_ocis sonar.organization=owncloud-1 sonar.projectName=ocis -sonar.projectVersion=2.0.0-beta.3 +sonar.projectVersion=2.0.0-beta.4 sonar.host.url=https://sonarcloud.io # ===================================================== diff --git a/tests/acceptance/docker/src/ocis-base.yml b/tests/acceptance/docker/src/ocis-base.yml index 6486a404b7..8b2f75bddb 100644 --- a/tests/acceptance/docker/src/ocis-base.yml +++ b/tests/acceptance/docker/src/ocis-base.yml @@ -12,7 +12,6 @@ services: SETTINGS_DATA_PATH: "/srv/app/tmp/ocis/settings" PROXY_ENABLE_BASIC_AUTH: "true" WEB_UI_CONFIG: /drone/src/tests/config/drone/ocis-config.json - IDP_IDENTIFIER_REGISTRATION_CONF: /drone/src/tests/config/drone/identifier-registration.yml ACCOUNTS_HASH_DIFFICULTY: 4 OCIS_INSECURE: "true" # s3ng specific settings diff --git a/tests/acceptance/expected-failures-API-on-OCIS-storage.md b/tests/acceptance/expected-failures-API-on-OCIS-storage.md index d6d8095385..b492a3a391 100644 --- a/tests/acceptance/expected-failures-API-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-API-on-OCIS-storage.md @@ -945,36 +945,40 @@ _ocdav: api compatibility, return correct status code_ #### [REPORT request not implemented](https://github.com/owncloud/ocis/issues/1330) - [apiWebdavOperations/search.feature:42](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L42) -- [apiWebdavOperations/search.feature:43](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L43) - [apiWebdavOperations/search.feature:48](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L48) - [apiWebdavOperations/search.feature:64](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L64) -- [apiWebdavOperations/search.feature:65](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L65) - [apiWebdavOperations/search.feature:70](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L70) - [apiWebdavOperations/search.feature:87](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L87) -- [apiWebdavOperations/search.feature:88](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L88) - [apiWebdavOperations/search.feature:93](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L93) - [apiWebdavOperations/search.feature:102](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L102) -- [apiWebdavOperations/search.feature:103](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L103) -- [apiWebdavOperations/search.feature:108](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L108) - [apiWebdavOperations/search.feature:126](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L126) -- [apiWebdavOperations/search.feature:127](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L127) - [apiWebdavOperations/search.feature:132](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L132) - [apiWebdavOperations/search.feature:150](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L150) -- [apiWebdavOperations/search.feature:151](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L151) - [apiWebdavOperations/search.feature:156](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L156) - [apiWebdavOperations/search.feature:174](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L174) -- [apiWebdavOperations/search.feature:175](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L175) - [apiWebdavOperations/search.feature:180](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L180) - [apiWebdavOperations/search.feature:207](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L207) - [apiWebdavOperations/search.feature:208](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L208) - [apiWebdavOperations/search.feature:213](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L213) - [apiWebdavOperations/search.feature:239](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L239) -- [apiWebdavOperations/search.feature:240](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L240) - [apiWebdavOperations/search.feature:245](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L245) - [apiWebdavOperations/search.feature:264](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L264) -- [apiWebdavOperations/search.feature:265](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L265) - [apiWebdavOperations/search.feature:270](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L270) +### [Different response status code while searching with empty pattern with new webdav](https://github.com/owncloud/ocis/issues/4016) + +- [apiWebdavOperations/search.feature:103](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L103) + +### [No permisions propertry in response while searching for files and folders on ocis with new webdav](https://github.com/owncloud/ocis/issues/4009) + +- [apiWebdavOperations/search.feature:108](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L108) +- [apiWebdavOperations/search.feature:240](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L240) + +### [Search with limit does not give required response with new webdav](https://github.com/owncloud/ocis/issues/4017) + +- [apiWebdavOperations/search.feature:127](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L127) +- [apiWebdavOperations/search.feature:151](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiWebdavOperations/search.feature#L151) + #### [Support for favorites](https://github.com/owncloud/ocis/issues/1228) - [apiFavorites/favorites.feature:115](https://github.com/owncloud/core/blob/master/tests/acceptance/features/apiFavorites/favorites.feature#L115) diff --git a/tests/acceptance/expected-failures-webUI-on-OCIS-storage-ocisSmokeTest.md b/tests/acceptance/expected-failures-webUI-on-OCIS-storage-ocisSmokeTest.md index a1e09b5b8f..950d2326b3 100644 --- a/tests/acceptance/expected-failures-webUI-on-OCIS-storage-ocisSmokeTest.md +++ b/tests/acceptance/expected-failures-webUI-on-OCIS-storage-ocisSmokeTest.md @@ -11,19 +11,10 @@ Other free text and Markdown formatting can be used elsewhere in the document if Only the web scenarios tagged ocisSmokeTest are run by default in OCIS CI. This file lists the expected-failures of those ocisSmokeTest scenarios. -### [name of public link is empty and not "Public link" when not specified in the create request](https://github.com/owncloud/ocis/issues/1237) -- [webUISharingPublicBasic/publicLinkCreate.feature:11](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicBasic/publicLinkCreate.feature#L11) -- [webUISharingPublicBasic/publicLinkCreate.feature:28](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicBasic/publicLinkCreate.feature#L28) - ### [Copy private link option not available](https://github.com/owncloud/ocis/issues/1409) - [webUIPrivateLinks/accessingPrivateLinks.feature:9](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIPrivateLinks/accessingPrivateLinks.feature#L9) - [webUIPrivateLinks/accessingPrivateLinks.feature:17](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIPrivateLinks/accessingPrivateLinks.feature#L17) -### [name of public link is empty and not "Public link" when not specified in the create request](https://github.com/owncloud/ocis/issues/1237) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:33](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L33) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:34](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L34) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:35](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L35) - ### [impossible to navigate into a folder in the trashbin](https://github.com/owncloud/web/issues/1725) - [webUITrashbinDelete/trashbinDelete.feature:29](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITrashbinDelete/trashbinDelete.feature#L29) diff --git a/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md b/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md index aec95cb226..c7b97f6fde 100644 --- a/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-webUI-on-OCIS-storage.md @@ -29,7 +29,6 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUIFavorites/unfavoriteFile.feature:70](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFavorites/unfavoriteFile.feature#L70) - [webUIFavorites/unfavoriteFile.feature:87](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFavorites/unfavoriteFile.feature#L87) - [webUIFavorites/unfavoriteFile.feature:102](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFavorites/unfavoriteFile.feature#L102) -- [webUIFilesSearch/search.feature:178](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesSearch/search.feature#L178) - [webUIResharing1/reshareUsers.feature:219](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing1/reshareUsers.feature#L219) ### [file_path property is not unique for a share created with same resource name i.e already present in sharee](https://github.com/owncloud/ocis/issues/2249) @@ -46,9 +45,9 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUISharingInternalUsers/shareWithUsers.feature:276](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalUsers/shareWithUsers.feature#L276) - [webUISharingInternalUsers/shareWithUsers.feature:277](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalUsers/shareWithUsers.feature#L277) - [webUISharingInternalUsersShareWithPage/shareWithUsers.feature:140](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalUsersShareWithPage/shareWithUsers.feature#L140) -- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:196](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L196) -- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:209](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L209) -- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:223](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L223) +- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:187](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L196) +- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:200](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L209) +- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:214](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L223) - [webUIResharing2/reshareUsers.feature:41](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing2/reshareUsers.feature#L41) - [webUIResharing2/reshareUsers.feature:69](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing2/reshareUsers.feature#L69) - [webUIResharing2/reshareUsers.feature:70](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing2/reshareUsers.feature#L70) @@ -60,8 +59,7 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUIResharing1/reshareUsers.feature:46](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing1/reshareUsers.feature#L46) - [webUIResharing1/reshareUsers.feature:74](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIResharing1/reshareUsers.feature#L74) - -### [No share indicators inside share jail (needs concept / PM decision)](https://github.com/owncloud/web/issues/6894) +### [No share indicators inside share jail](https://github.com/owncloud/web/issues/6894) - [webUISharingInternalUsersSharingIndicator/shareWithUsers.feature:100](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalUsersSharingIndicator/shareWithUsers.feature#L100) - [webUISharingInternalUsersSharingIndicator/shareWithUsers.feature:121](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalUsersSharingIndicator/shareWithUsers.feature#L121) - [webUISharingPublicManagement/publicLinkIndicator.feature:64](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicManagement/publicLinkIndicator.feature#L64) @@ -151,22 +149,15 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:52](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L52) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:71](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L71) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:72](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L72) -- [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:75](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L75) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:86](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L86) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:106](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L106) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:130](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L130) - [webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature:147](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicExpire/shareByPublicLinkExpiringLinks.feature#L147) - [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:276](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L276) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:284](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L284) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:293](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L293) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:302](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L302) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:311](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L311) - [webUIMoveFilesFolders/moveFiles.feature:97](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIMoveFilesFolders/moveFiles.feature#L97) - [webUIMoveFilesFolders/moveFolders.feature:72](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIMoveFilesFolders/moveFolders.feature#L72) - [webUIFilesActionMenu/versions.feature:93](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesActionMenu/versions.feature#L93) -### [PROPFIND to sub-folder of a shared resources with same name gives 404](https://github.com/owncloud/ocis/issues/3859) -- [webUISharingAcceptShares/acceptShares.feature:245](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingAcceptShares/acceptShares.feature#L245) ### [Share not created with default permissions](https://github.com/owncloud/ocis/issues/1277) - [webUISharingInternalGroups/shareWithGroups.feature:74](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalGroups/shareWithGroups.feature#L74) @@ -202,18 +193,12 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUISharingNotifications/shareWithUsers.feature:40](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingNotifications/shareWithUsers.feature#L40) - [webUISharingNotifications/shareWithUsers.feature:53](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingNotifications/shareWithUsers.feature#L53) -### [name of public link is empty and not "Public link" when not specified in the create request](https://github.com/owncloud/ocis/issues/1237) -- [webUISharingPublicBasic/publicLinkCreate.feature:11](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicBasic/publicLinkCreate.feature#L11) -- [webUISharingPublicBasic/publicLinkCreate.feature:28](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicBasic/publicLinkCreate.feature#L28) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:33](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L33) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:34](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L34) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:35](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L35) -- [webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature:60](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicDifferentRoles/shareByPublicLinkDifferentRoles.feature#L60) - ### [Listing shares via ocs API does not show path for parent folders](https://github.com/owncloud/ocis/issues/1231) - [webUISharingPublicManagement/shareByPublicLink.feature:133](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPublicManagement/shareByPublicLink.feature#L133) ### [Propfind response to trashbin endpoint is different in ocis](https://github.com/owncloud/product/issues/186) +- [webUIFilesSearch/search.feature:178](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesSearch/search.feature#L178) + ### [restoring a file from "Deleted files" (trashbin) is not possible if the original folder does not exist any-more](https://github.com/owncloud/web/issues/1753) - [webUITrashbinRestore/trashbinRestore.feature:138](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITrashbinRestore/trashbinRestore.feature#L138) @@ -245,9 +230,6 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUIFilesDetails/fileDetails.feature:124](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesDetails/fileDetails.feature#L124) - [webUIFilesDetails/fileDetails.feature:153](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesDetails/fileDetails.feature#L153) -### [Group shares support](https://github.com/owncloud/ocis/issues/1289) -- [webUISharingInternalGroupsSharingIndicator/shareWithGroups.feature:80](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingInternalGroupsSharingIndicator/shareWithGroups.feature#L80) - ### [Deletion of a recursive folder from trashbin is not possible](https://github.com/owncloud/product/issues/188) - [webUITrashbinDelete/trashbinDelete.feature:85](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITrashbinDelete/trashbinDelete.feature#L85) - [webUITrashbinDelete/trashbinDelete.feature:71](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUITrashbinDelete/trashbinDelete.feature#L71) @@ -396,10 +378,9 @@ Other free text and markdown formatting can be used elsewhere in the document if - [webUIFilesDetails/fileDetails.feature:57](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesDetails/fileDetails.feature#L57) - [webUIRenameFiles/renameFiles.feature:257](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIRenameFiles/renameFiles.feature#L257) -### [Copy/move not possible from and into shares in oCIS](https://github.com/owncloud/web/issues/6892) +### [Copy/move not possible from and into shares in oCIS](https://github.com/owncloud/web/issues/6892) - [webUIFilesCopy/copy.feature:89](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesCopy/copy.feature#L89) - [webUIFilesCopy/copy.feature:101](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUIFilesCopy/copy.feature#L101) -### WebUI shows wrong role name -- [webUISharingPermissionsUsers/sharePermissionsUsers.feature:169](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingPermissionsUsers/sharePermissionsUsers.feature#L169) - +### [PROPFIND to sub-folder of a shared resources with same name gives 404](https://github.com/owncloud/ocis/issues/3859) +- [webUISharingAcceptShares/acceptShares.feature:245](https://github.com/owncloud/web/blob/master/tests/acceptance/features/webUISharingAcceptShares/acceptShares.feature#L245)