* use tls for nats connections
* add config options for nats client tls config
* add nats tls config to CI
* add function to create a certpool
* add option to provide a rootCA to validate the server's TLS certificate
* add option to provide a rootCA to validate the server's TLS certificate
* add option to provide a rootCA to validate the server's TLS certificate
* add option to provide a rootCA to validate the server's TLS certificate
* configure nats clients in reva to use tls
* fix env variables for JSONCS3 public driver configuration
* Update services/sharing/pkg/config/config.go
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* extend list of available sharing drivers
* add changelog
Co-authored-by: Michael Barz <michael.barz@zeitgestalten.eu>
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* bring back CORS env vars
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* update CORS descriptions
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* align writing of 'A comma-separated ...'
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* fix some desc quotes
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* Apply suggestions from code review
Co-authored-by: Martin <github@diemattels.at>
* Apply more suggestions from code review
Co-authored-by: Martin <github@diemattels.at>
* Apply final suggestions from code review
Co-authored-by: Martin <github@diemattels.at>
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
Co-authored-by: Martin <github@diemattels.at>
Use OCIS_URL as the link base. This change also makes sure that the
top-level OcisURL config value gets a default assigned, even when
OCIS_URL is unset.
Fixes: #4688
For looking up group members we need to pass an authenticated reva context via
the notification interface. We use the share owner's context that we generated
when stating the share target.
Fixes: #4703
'ShareCreated' and 'SpaceCreate' events for group shares have an empty
GranteeUserID attribute. We need to lookup the GranteeGroup to get the Grantee
Name for the notification mail
Partial Fix: #4703
The auth-bearer service is currently not needed by ocis. Reva tookens
for oidc authenticated clients are currently minted via the auth-machine
service. This commit does not completely remove the service as we shoud
consider to rework the proxy's oidc middleware to use the auth-bearer
service in the future (see #4701)
Fixes: #4692
* Fix unfindable entities from shares/publicshares
Directories or empty files weren't added to the search index properly
because they were indexed relative to the share instead of the space
root.
Fixes https://github.com/owncloud/ocis/issues/4489
* Add changelog
* Fix tests
* Reuse existing authorized context
* Add a Ref option to SearchRequest, e.g. for limiting the search to a space
* Enable REPORT requests for /dav/spaces URLs
* Limit the search to the according space in case of /dav/spaces searches
* Add changelog
* Adapt expected failures
* Comment exported functions
This avoids using a public global variable. It allows us to initialize
the default client a bit later (outside of init()). That way we can e.g.
properly initialize the in-memory registry.
Jörn Friedrich Dreyer