Benedikt Kulmann
12 KiB
Changelog for 0.3.0 (2020-08-20)
The following sections list the changes in ocis-accounts 0.3.0.
Summary
- Bugfix - Atomic Requests: #82
- Bugfix - Unescape value for prefix query: #76
- Change - Adapt to new ocis-settings data model: #87
- Change - Add permissions for language to default roles: #88
Details
-
Bugfix - Atomic Requests: #82
Operations on the file system level are now atomic. This happens only on the provisioning API.
-
Bugfix - Unescape value for prefix query: #76
Prefix queries also need to unescape token values like
'some ''ol string'tosome 'ol stringbefore using it in a prefix query -
Change - Adapt to new ocis-settings data model: #87
Ocis-settings introduced UUIDs and less verbose endpoint and message type names. This PR adjusts ocis-accounts accordingly.
https://github.com/owncloud/ocis-accounts/pull/87 https://github.com/owncloud/ocis-settings/pull/46
-
Change - Add permissions for language to default roles: #88
Ocis-settings has default roles and exposes the respective bundle uuids. We now added permissions for reading/writing the preferred language to the default roles.
Changelog for 0.2.0 (2020-08-19)
The following sections list the changes in ocis-accounts 0.2.0.
Summary
- Bugfix - Add write mutexes: #71
- Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60
- Bugfix - Fix index mapping: #73
- Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28
- Bugfix - Prevent segfault when no password is set: #65
- Bugfix - Update account return value not used: #70
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64
- Change - Align structure of this extension with other extensions: #51
- Change - Change api errors: #11
- Change - Enable accounts on creation: #43
- Change - Fix index update on create/update: #57
- Change - Pass around the correct logger throughout the code: #41
- Change - Remove timezone setting: #33
- Change - Tighten screws on usernames and email addresses: #65
- Enhancement - Add early version of cli tools for user-management: #69
- Enhancement - Update accounts API: #30
- Enhancement - Add simple user listing UI: #51
Details
-
Bugfix - Add write mutexes: #71
Concurrent account or groups writes would corrupt the json file on disk, because the different goroutines would be treated as a single thread from the os. We introduce a mutex for account and group file writes each. This locks the update frequency for all accounts/groups and could be further improved by using a concurrent map of mutexes with a mutex per account / group. PR welcome.
-
Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60
We've fixed a bug in deleting the groups.
The accountId and GroupId were swapped when removing the member from a group after deleting the group.
-
Bugfix - Fix index mapping: #73
The index mapping was not being used because we were not using the right blevesearch TypeField, leading to username like properties like
preferred_nameandon_premises_sam_account_nameto be case sensitive. -
Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28
Some LDAP properties like
uidnumberandgidnumberare numeric. When an OS tries to look up a user it will not only try to lookup the user by username, but also by theuidnumber:(&(objectclass=posixAccount)(uidnumber=20000)). The accounts backend for glauth was sending that as a string queryuid_number eq '20000'and has been changed to send it asuid_number eq 20000. The removed quotes allow the parser in ocis-accounts to identify the numeric literal and use the NewNumericRangeInclusiveQuery instead of a TermQuery.https://github.com/owncloud/ocis-glauth/issues/28 https://github.com/owncloud/ocis-accounts/pull/68 https://github.com/owncloud/ocis-glauth/pull/29
-
Bugfix - Prevent segfault when no password is set: #65
Passwords are stored in a dedicated child struct of an account. We fixed several segfault conditions where the methods would try to unset a password when that child struct was not existing.
-
Bugfix - Update account return value not used: #70
In order to return a value using the micro go code we need to override the
outvalue. -
Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64
ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.
-
Change - Align structure of this extension with other extensions: #51
We aim to have a similar project structure for all our ocis extensions. This extension was different with regard to the structure of the server command and naming of some flag names.
-
Change - Change api errors: #11
Replaced the plain golang errors with the error model from the micro framework.
-
Change - Enable accounts on creation: #43
Accounts have been created with the account_enabled flag set to false. Now when they are created accounts will be enabled per default.
-
Change - Fix index update on create/update: #57
We fixed a bug in creating/updating accounts and groups, that caused new entities not to show up in list queries.
https://github.com/owncloud/ocis-accounts/issues/57 https://github.com/owncloud/ocis-accounts/pull/59
-
Change - Pass around the correct logger throughout the code: #41
Pass around the logger to have consistent log formatting, log level, etc.
https://github.com/owncloud/ocis-accounts/issues/41 https://github.com/owncloud/ocis-accounts/pull/48
-
Change - Remove timezone setting: #33
We had a timezone setting in our profile settings bundle. As we're not dealing with a timezone yet it would be confusing for the user to have a timezone setting available. We removed it, until we have a timezone implementation available in ocis-web.
-
Change - Tighten screws on usernames and email addresses: #65
In order to match accounts to the OIDC claims we currently rely on the email address or username to be present. We force both to match the W3C recommended regex with usernames having to start with a character or
_. This allows the username to be presented and used in ACLs when integrating the os with the glauth LDAP service of ocis. -
Enhancement - Add early version of cli tools for user-management: #69
Following commands are available:
List, ls List existing accounts add, create, Create a new account update Make changes to an existing account remove, rm Removes an existing account inspect Show detailed data on an existing account
See --help for details.
Note that not all account-attributes have an effect yet. This is due to ocis being in an early development stage.
https://github.com/owncloud/product/issues/115 https://github.com/owncloud/ocis-accounts/pull/69
-
Enhancement - Update accounts API: #30
We updated the api to allow fetching users not onyl by UUID, but also by identity (OpenID issuer and subject) email, username and optionally a password.
-
Enhancement - Add simple user listing UI: #51
We added an extension for ocis-web that shows a simple list of all existing users.
Changelog for 0.1.1 (2020-04-29)
The following sections list the changes in ocis-accounts 0.1.1.
Summary
- Enhancement - Logging is configurable: #24
Details
-
Enhancement - Logging is configurable: #24
ACCOUNTS_LOG_* env-vars or cli-flags can be used for logging configuration. See --help for more details.
Changelog for 0.1.0 (2020-03-18)
The following sections list the changes in ocis-accounts 0.1.0.