diff --git a/changelog/unreleased/bump-reva.md b/changelog/unreleased/bump-reva.md
index 17ce51bc0..f9bfbdda5 100644
--- a/changelog/unreleased/bump-reva.md
+++ b/changelog/unreleased/bump-reva.md
@@ -2,6 +2,7 @@ Enhancement: Bump Reva
bumps reva version
+https://github.com/owncloud/ocis/pull/9236
https://github.com/owncloud/ocis/pull/9188
https://github.com/owncloud/ocis/pull/9132
https://github.com/owncloud/ocis/pull/9041
diff --git a/docs/apis/http/webdav/_index.md b/docs/apis/http/webdav/_index.md
index 01371ff55..07be35b44 100644
--- a/docs/apis/http/webdav/_index.md
+++ b/docs/apis/http/webdav/_index.md
@@ -334,7 +334,7 @@ Available namespaces:
| `` | The globally unique ID of the resource. | `storage-1$27475553-7fb7-4689-b4cf-bbb635daff79!27475553-7fb7-4689-b4cf-bbb635daff79` |
| `` | The globally unique ID of the resource. | `storage-1$27475553-7fb7-4689-b4cf-bbb635daff79!27475553-7fb7-4689-b4cf-bbb635daff79` |
| `` | Direct URL to download a file from. | Not implemented. |
-| `` | The permissions a user has on the resource. | The value is a string containing letters for all available permissions. |
+| `` | Determines the actions a user can take on the resource. | The value is a string containing letters that clients can use to determine available actions. |
| | | `S`: Shared |
| | | `M`: Mounted |
| | | `D`: Deletable |
@@ -343,6 +343,8 @@ Available namespaces:
| | | `CK`: Creatable (folders only) |
| | | `Z`: Deniable |
| | | `P`: Trashbin Purgable |
+| | | `X`: Securely Viewable |
+| | | In the early stages this was indeed a list of permissions. Over time, more flags were added and the term permissions no longer really fits well. |
| `` | List of user specified tags. | `test` |
| ` ` | The favorite state. | `0` for not favourited, `1` for favourited |
| `` | The user id of the owner of a resource. Project spaces have no owner. | `einstein` |
diff --git a/go.mod b/go.mod
index 879eccda7..49682d6fb 100644
--- a/go.mod
+++ b/go.mod
@@ -15,7 +15,7 @@ require (
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/coreos/go-oidc/v3 v3.10.0
github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781
- github.com/cs3org/reva/v2 v2.19.2-0.20240521134642-8fb71adbe500
+ github.com/cs3org/reva/v2 v2.19.2-0.20240522140613-fae5c105158f
github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e
github.com/egirna/icap-client v0.1.1
diff --git a/go.sum b/go.sum
index 3b288de13..f76969ea4 100644
--- a/go.sum
+++ b/go.sum
@@ -1025,8 +1025,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY=
github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
-github.com/cs3org/reva/v2 v2.19.2-0.20240521134642-8fb71adbe500 h1:BsbDsBAnEJlCN8PU6XhDgQNX9/aSrVcyDocrBR6GI5g=
-github.com/cs3org/reva/v2 v2.19.2-0.20240521134642-8fb71adbe500/go.mod h1:BOlJApKFrWRiaOoBCRxCTG5bghTTMlYaEZrRxOzKaS8=
+github.com/cs3org/reva/v2 v2.19.2-0.20240522140613-fae5c105158f h1:gQNgViSZs4DogTJNQ7yiWGPS+HbYwhccSw6OjYQYxlk=
+github.com/cs3org/reva/v2 v2.19.2-0.20240522140613-fae5c105158f/go.mod h1:BOlJApKFrWRiaOoBCRxCTG5bghTTMlYaEZrRxOzKaS8=
github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=
diff --git a/vendor/github.com/cs3org/reva/v2/pkg/conversions/role.go b/vendor/github.com/cs3org/reva/v2/pkg/conversions/role.go
index f4dd614da..6bf92d4ea 100644
--- a/vendor/github.com/cs3org/reva/v2/pkg/conversions/role.go
+++ b/vendor/github.com/cs3org/reva/v2/pkg/conversions/role.go
@@ -106,6 +106,7 @@ func (r *Role) OCSPermissions() Permissions {
// M = Mounted
// Z = Deniable (NEW)
// P = Purge from trashbin
+// X = SecureViewable
func (r *Role) WebDAVPermissions(isDir, isShared, isMountpoint, isPublic bool) string {
var b strings.Builder
if !isPublic && isShared {
@@ -141,6 +142,10 @@ func (r *Role) WebDAVPermissions(isDir, isShared, isMountpoint, isPublic bool) s
fmt.Fprintf(&b, "P")
}
+ if r.Name == RoleSecureViewer {
+ fmt.Fprintf(&b, "X")
+ }
+
return b.String()
}
@@ -541,6 +546,9 @@ func RoleFromResourcePermissions(rp *provider.ResourcePermissions, islink bool)
r.Name = RoleViewer
return r
}
+ } else if rp.Stat && rp.GetPath && rp.ListContainer && !rp.InitiateFileUpload && !rp.Delete && !rp.AddGrant {
+ r.Name = RoleSecureViewer
+ return r
}
if r.ocsPermissions == PermissionCreate {
if rp.GetPath && rp.InitiateFileDownload && rp.ListContainer && rp.Move {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 4082d1f68..fae69a973 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -366,7 +366,7 @@ github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1
github.com/cs3org/go-cs3apis/cs3/storage/registry/v1beta1
github.com/cs3org/go-cs3apis/cs3/tx/v1beta1
github.com/cs3org/go-cs3apis/cs3/types/v1beta1
-# github.com/cs3org/reva/v2 v2.19.2-0.20240521134642-8fb71adbe500
+# github.com/cs3org/reva/v2 v2.19.2-0.20240522140613-fae5c105158f
## explicit; go 1.21
github.com/cs3org/reva/v2/cmd/revad/internal/grace
github.com/cs3org/reva/v2/cmd/revad/runtime