Changelog for unreleased (UNRELEASED)

The following sections list the changes for unreleased.

Summary

Bugfix - Check if roles are present in user object before looking those up: #1388
Bugfix - Fix etcd address configuration: #1546
Bugfix - Remove unimplemented config file option for oCIS root command: #1636
Bugfix - Fix thumbnail generation when using different idp: #1624
Change - Move runtime code on refs/pman over to owncloud/ocis/ocis: #1483
Enhancement - Use a default protocol parameter instead of explicitly disabling tus: #1331
Enhancement - Functionality to map home directory to different storage providers: #1186
Enhancement - Introduce ADR: #1042
Enhancement - Switch to opencontainers annotation scheme: #1381
Enhancement - Migrate ocis-graph-explorer to ocis monorepo: #1596
Enhancement - Update reva to v1.5.2-0.20210125114636-0c10b333ee69: #1482

Details

Bugfix - Check if roles are present in user object before looking those up: #1388

owncloud#1388
Bugfix - Fix etcd address configuration: #1546

The etcd server address in MICRO_REGISTRY_ADDRESS was not picked up when etcd was set as service discovery registry MICRO_REGISTRY=etcd. Therefore etcd was only working if available on localhost / 127.0.0.1.

owncloud#1546
Bugfix - Remove unimplemented config file option for oCIS root command: #1636

owncloud#1636
Bugfix - Fix thumbnail generation when using different idp: #1624

The thumbnail service was relying on a konnectd specific field in the access token. This logic was now replaced by a service parameter for the username.

owncloud#1624 owncloud#1628
Change - Move runtime code on refs/pman over to owncloud/ocis/ocis: #1483

Tags: ocis, runtime

Currently, the runtime is under the private account of an oCIS developer. For future-proofing we don't want oCIS mission critical components to depend on external repositories, so we're including refs/pman module as an oCIS package instead.

owncloud#1483
Enhancement - Use a default protocol parameter instead of explicitly disabling tus: #1331

cs3org/reva#1331 owncloud#1374
Enhancement - Functionality to map home directory to different storage providers: #1186

We added a parameter in reva that allows us to redirect /home requests to different storage providers based on a mapping derived from the user attributes, which was previously not possible since we hardcode the /home path for all users. For example, having its value as /home/{{substr 0 1 .Username}} can be used to redirect home requests for different users to different storage providers.

owncloud#1186 cs3org/reva#1142
Enhancement - Introduce ADR: #1042

We will keep track of Architectual Decision Records using Markdown in /docs/adr.

owncloud#1042
Enhancement - Switch to opencontainers annotation scheme: #1381

Switch docker image annotation scheme to org.opencontainers standard because org.label-schema is depreciated.

owncloud#1381
Enhancement - Migrate ocis-graph-explorer to ocis monorepo: #1596

Tags: ocis, ocis-graph-explorer

Ocis-graph-explorer was not migrated during the monorepo conversion.

owncloud#1596
Enhancement - Update reva to v1.5.2-0.20210125114636-0c10b333ee69: #1482
- initial checksum support for ocis cs3org/reva#1400
- Use updated etag of home directory even if it is cached cs3org/reva#1416
- Indicate in EOS containers that TUS is not supported cs3org/reva#1415
- Get status code from recycle response cs3org/reva#1408
owncloud#1482 cs3org/reva#1400 cs3org/reva#1416 cs3org/reva#1415 cs3org/reva#1408

Changelog for 1.1.0 (2021-01-22)

The following sections list the changes for 1.1.0.

Summary

Change - Disable pretty logging by default: #1133
Change - Add "volume" declaration to docker images: #1375
Change - Add "expose" information to docker images: #1366
Change - Generate cryptographically secure state token: #1203
Change - Move k6 to cdperf: #1358
Change - Update go version: #1364
Change - Update ownCloud Web to v1.0.1: #1191
Enhancement - Add OCIS_URL env var: #1148
Enhancement - Use sync.cache for roles cache: #1367
Enhancement - Add named locks and refactor cache: #1212
Enhancement - Update reva to v1.5.1: #1372
Enhancement - Update reva to v1.4.1-0.20210111080247-f2b63bfd6825: #1194

Details

Change - Disable pretty logging by default: #1133

Tags: ocis

Disable pretty logging default for performance reasons.

owncloud#1133
Change - Add "volume" declaration to docker images: #1375

Tags: docker

Add "volume" declaration to docker images. This makes it easier for Docker users to see where oCIS stores data.

owncloud#1375
Change - Add "expose" information to docker images: #1366

Tags: docker

Add "expose" information to docker images. Docker users will now see that we offer services on port 9200.

owncloud#1366
Change - Generate cryptographically secure state token: #1203

Replaced Math.random with a cryptographically secure way to generate the oidc state token using the javascript crypto api.

owncloud#1203 https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/random
Change - Move k6 to cdperf: #1358

Tags: performance, testing, k6

The ownCloud performance tests can not only be used to test oCIS. This is why we have decided to move the k6 tests to https://github.com/owncloud/cdperf

owncloud#1358
Change - Update go version: #1364

Tags: go

Update go from 1.13 to 1.15

owncloud#1364
Change - Update ownCloud Web to v1.0.1: #1191

Tags: web

We updated ownCloud Web to v1.0.1. Please refer to the changelog (linked) for details on the web release.

owncloud#1191 https://github.com/owncloud/web/releases/tag/v1.0.1
Enhancement - Add OCIS_URL env var: #1148

Tags: ocis

We introduced a new environment variable OCIS_URL that expects a URL including protocol, host and optionally port to simplify configuring all the different services. These existing environment variables still take precedence, but will also fall back to OCIS_URL: STORAGE_LDAP_IDP, STORAGE_OIDC_ISSUER, PROXY_OIDC_ISSUER, STORAGE_FRONTEND_PUBLIC_URL, KONNECTD_ISS, WEB_OIDC_AUTHORITY, and WEB_UI_CONFIG_SERVER.

Some environment variables are now built dynamically if they are not set: - STORAGE_DATAGATEWAY_PUBLIC_URL defaults to <STORAGE_FRONTEND_PUBLIC_URL>/data, also falling back to OCIS_URL - WEB_OIDC_METADATA_URL defaults to <WEB_OIDC_AUTHORITY>/.well-known/openid-configuration, also falling back to OCIS_URL

Furthermore, the built in konnectd will generate an identifier-registration.yaml that uses the KONNECTD_ISS in the allowed redirect_uris and origins. It simplifies the default https://localhost:9200 and remote deployment with OCIS_URL which is evaluated as a fallback if KONNECTD_ISS is not set.

An oCIS server can now be started on a remote machine as easy as OCIS_URL=https://cloud.ocis.test PROXY_HTTP_ADDR=0.0.0.0:443 ocis server.

Note that the OCIS_DOMAIN environment variable is not used by oCIS, but by the docker containers.

owncloud#1148
Enhancement - Use sync.cache for roles cache: #1367

Tags: ocis-pkg

Update ocis-pkg/roles cache to use ocis-pkg/sync cache

owncloud#1367
Enhancement - Add named locks and refactor cache: #1212

Tags: ocis-pkg, accounts

We had the case that we needed kind of a named locking mechanism which enables us to lock only under certain conditions. It's used in the indexer package where we do not need to lock everything, instead just lock the requested parts and differentiate between reads and writes.

This made it possible to entirely remove locks from the accounts service and move them to the ocis-pkg indexer. Another part of this refactor was to make the cache atomic and write tests for it.
- remove locking from accounts service - add sync package with named mutex - add named locking to indexer - move cache to sync package
owncloud#966 owncloud#1212
Enhancement - Update reva to v1.5.1: #1372

Summary -------
- Fix #1401: Use the user in request for deciding the layout for non-home DAV requests
- Fix #1413: Re-include the '.git' dir in the Docker images to pass the version tag
- Fix #1399: Fix ocis trash-bin purge
- Enh #1397: Bump the Copyright date to 2021
- Enh #1398: Support site authorization status in Mentix
- Enh #1393: Allow setting favorites, mtime and a temporary etag
- Enh #1403: Support remote cloud gathering metrics
Details -------
- Bugfix #1401: Use the user in request for deciding the layout for non-home DAV requests
For the incoming /dav/files/userID requests, we have different namespaces depending on whether the request is for the logged-in user's namespace or not. Since in the storage drivers, we specify the layout depending only on the user whose resources are to be accessed, this fails when a user wants to access another user's namespace when the storage provider depends on the logged in user's namespace. This PR fixes that.

For example, consider the following case. The owncloud fs uses a layout {{substr 0 1 .Id.OpaqueId}}/{{.Id.OpaqueId}}. The user einstein sends a request to access a resource shared with him, say /dav/files/marie/abcd, which should be allowed. However, based on the way we applied the layout, there's no way in which this can be translated to /m/marie/.

Https://github.com/cs3org/reva/pull/1401
- Bugfix #1413: Re-include the '.git' dir in the Docker images to pass the version tag
And git SHA to the release tool.

Https://github.com/cs3org/reva/pull/1413
- Bugfix #1399: Fix ocis trash-bin purge
Fixes the empty trash-bin functionality for ocis-storage

Https://github.com/owncloud/product/issues/254 cs3org/reva#1399
- Enhancement #1397: Bump the Copyright date to 2021
Https://github.com/cs3org/reva/pull/1397
- Enhancement #1398: Support site authorization status in Mentix
This enhancement adds support for a site authorization status to Mentix. This way, sites registered via a web app can now be excluded until authorized manually by an administrator.

Furthermore, Mentix now sets the scheme for Prometheus targets. This allows us to also support monitoring of sites that do not support the default HTTPS scheme.

Https://github.com/cs3org/reva/pull/1398
- Enhancement #1393: Allow setting favorites, mtime and a temporary etag
We now let the oCIS driver persist favorites, set temporary etags and the mtime as arbitrary metadata.

Https://github.com/owncloud/ocis/issues/567 cs3org/reva#1394 cs3org/reva#1393
- Enhancement #1403: Support remote cloud gathering metrics
The current metrics package can only gather metrics either from json files. With this feature, the metrics can be gathered polling the http endpoints exposed by the owncloud/nextcloud sciencemesh apps.

Https://github.com/cs3org/reva/pull/1403

owncloud#1372
Enhancement - Update reva to v1.4.1-0.20210111080247-f2b63bfd6825: #1194
- Enhancement: calculate and expose actual file permission set cs3org/reva#1368
- initial range request support cs3org/reva#1326
owncloud#1194 cs3org/reva#1368 cs3org/reva#1388

Changelog for [1.0.0] (2020-12-17)

The following sections list the changes for 1.0.0.

Summary

Bugfix - Enable scrolling in accounts list: #909
Bugfix - Add missing env vars to docker compose: #392
Bugfix - Don't enforce empty external apps slice: #473
Bugfix - Lower Bound was not working for the cs3 api index implementation: #741
Bugfix - Accounts config sometimes being overwritten: #808
Bugfix - Make settings service start without go coroutines: #835
Bugfix - Fix button layout after phoenix update: #625
Bugfix - Fix choose account dialogue: #846
Bugfix - Fix id or username query handling: #745
Bugfix - Fix konnectd build: #809
Bugfix - Fix path of files shared with me in ocs api: #204
Bugfix - Use micro default client: #718
Bugfix - Allow consent-prompt with switch-account: #788
Bugfix - Mint token with uid and gid: #737
Bugfix - Serve index.html for directories: #912
Bugfix - Don't create account if id/mail/username already taken: #709
Bugfix - Fix director selection in proxy: #521
Bugfix - Permission checks for settings write access: #1092
Bugfix - Fix minor ui bugs: #1043
Bugfix - Disable public link expiration by default: #987
Bugfix - Build docker images with alpine:latest instead of alpine:edge: #416
Change - Accounts UI shows message when no permissions: #656
Change - Cache password validation: #958
Change - Filesystem based index: #709
Change - Rebuild index command for accounts: #748
Change - Add the thumbnails command: #156
Change - CS3 can be used as accounts-backend: #1020
Change - Use bcrypt to hash the user passwords: #510
Change - Replace the library which scales the images: #910
Change - Choose disk or cs3 storage for accounts and groups: #623
Change - Enable OpenID dynamic client registration: #811
Change - Integrate import command from ocis-migration: #249
Change - Improve reva service descriptions: #536
Change - Initial release of basic version: #2
Change - Add cli-commands to manage accounts: #115
Change - Start ocis-accounts with the ocis server command: #25
Change - Properly style konnectd consent page: #754
Change - Make all paths configurable and default to a common temp dir: #1080
Change - Move the indexer package from ocis/accounts to ocis/ocis-pkg: #794
Change - Switch over to a new custom-built runtime: #287
Change - Move ocis default config to root level: #842
Change - Remove username field in OCS: #709
Change - Account management permissions for Admin role: #124
Change - Update phoenix to v0.18.0: #651
Change - Default apps in ownCloud Web: #688
Change - Proxy allow insecure upstreams: #1007
Change - Make ocis-settings available: #287
Change - Start ocis-proxy with the ocis server command: #119
Change - Theme welcome and choose account pages: #887
Change - Bring oC theme: #698
Change - Unify Configuration Parsing: #675
Change - Update phoenix to v0.20.0: #674
Change - Update phoenix to v0.21.0: #728
Change - Update phoenix to v0.22.0: #757
Change - Update phoenix to v0.23.0: #785
Change - Update phoenix to v0.24.0: #817
Change - Update phoenix to v0.25.0: #868
Change - Update phoenix to v0.26.0: #935
Change - Update phoenix to v0.27.0: #943
Change - Update phoenix to v0.28.0: #1027
Change - Update phoenix to v0.29.0: #1034
Change - Update reva config: #336
Change - Update reva to v1.4.1-0.20201209113234-e791b5599a89: #1089
Change - Clarify storage driver env vars: #729
Change - Update ownCloud Web to v1.0.0-beta3: #1105
Change - Update ownCloud Web to v1.0.0-beta4: #1110
Change - Settings and accounts appear in the user menu: #656
Enhancement - Add tracing to the accounts service: #1016
Enhancement - Add the accounts service: #244
Enhancement - Add basic auth option: #627
Enhancement - Document how to run OCIS on top of EOS: #172
Enhancement - Add the glauth service: #244
Enhancement - Add k6: #941
Enhancement - Add the konnectd service: #244
Enhancement - Add the ocis-phoenix service: #244
Enhancement - Add the ocis-pkg package: #244
Enhancement - Add the ocs service: #244
Enhancement - Add the proxy service: #244
Enhancement - Add the settings service: #244
Enhancement - Add the storage service: #244
Enhancement - Add the store service: #244
Enhancement - Add the thumbnails service: #244
Enhancement - Add a command to list the versions of running instances: #226
Enhancement - Add the webdav service: #244
Enhancement - Better adopt Go-Micro: #840
Enhancement - Add permission check when assigning and removing roles: #879
Enhancement - Create OnlyOffice extension: #857
Enhancement - Show basic-auth warning only once: #886
Enhancement - Add glauth fallback backend: #649
Enhancement - Tidy dependencies: #845
Enhancement - Launch a storage to store ocis-metadata: #602
Enhancement - Add a version command to ocis: #915
Enhancement - Create a proxy access-log: #889
Enhancement - Cache userinfo in proxy: #877
Enhancement - Update reva to v1.4.1-0.20201125144025-57da0c27434c: #1320
Enhancement - Runtime Cleanup: #1066
Enhancement - Update OCIS Runtime: #1108
Enhancement - Simplify tracing config: #92
Enhancement - Update glauth to dev fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2: #834
Enhancement - Update glauth to dev 4f029234b2308: #786
Enhancement - Update konnectd to v0.33.8: #744
Enhancement - Update reva to v1.4.1-0.20201123062044-b2c4af4e897d: #823
Enhancement - Update reva to v1.4.1-0.20201130061320-ac85e68e0600: #980
Enhancement - Update reva to cdb3d6688da5: #748
Enhancement - Update reva to dd3a8c0f38: #725
Enhancement - Update reva to v1.4.1-0.20201127111856-e6a6212c1b7b: #971
Enhancement - Update reva to 063b3db9162b: #1091
Enhancement - Add www-authenticate based on user agent: #1009

Details

Bugfix - Enable scrolling in accounts list: #909

Tags: accounts

We've fixed the accounts list to enable scrolling.

owncloud#909
Bugfix - Add missing env vars to docker compose: #392

Tags: docker

Without setting REVA_FRONTEND_URL and REVA_DATAGATEWAY_URL uploads would default to locahost and fail if OCIS_DOMAIN was used to run ocis on a remote host.

owncloud#392
Bugfix - Don't enforce empty external apps slice: #473

Tags: web

The command for ocis-phoenix enforced an empty external apps configuration. This was removed, as it was blocking a new set of default external apps in ocis-phoenix.

owncloud#473
Bugfix - Lower Bound was not working for the cs3 api index implementation: #741

Tags: accounts

Lower bound working on the cs3 index implementation

owncloud#741
Bugfix - Accounts config sometimes being overwritten: #808

Tags: accounts

Sometimes when running the accounts extensions flags were not being taken into consideration.

owncloud#808
Bugfix - Make settings service start without go coroutines: #835

The go routines cause a race condition that sometimes causes the tests to fail. The ListRoles request would not return all permissions.

owncloud#835
Bugfix - Fix button layout after phoenix update: #625

Tags: accounts

With the phoenix update to v0.17.0 a new ODS version was released which has a breaking change for buttons regarding their layouting. We adjusted the button layout in the accounts UI accordingly.

owncloud#625
Bugfix - Fix choose account dialogue: #846

Tags: konnectd

We've fixed the choose account dialogue in konnectd bug that the user hasn't been logged in after selecting account.

owncloud#846
Bugfix - Fix id or username query handling: #745

Tags: accounts

The code was stopping execution when encountering an error while loading an account by id. But for or queries we can continue execution.

owncloud#745
Bugfix - Fix konnectd build: #809

Tags: konnectd

We fixed the default config for konnectd and updated the Makefile to include the yarn installand yarn build steps if the static assets are missing.

owncloud#809
Bugfix - Fix path of files shared with me in ocs api: #204

The path of files shared with me using the ocs api was pointing to an incorrect location.

owncloud/product#204 owncloud#994
Bugfix - Use micro default client: #718

Tags: glauth

We found a file descriptor leak in the glauth connections to the accounts service. Fixed it by using the micro default client.

owncloud#718
Bugfix - Allow consent-prompt with switch-account: #788

Multiple prompt values are allowed and this change fixes the check for select_account if it was used together with other prompt values. Where select_account previously was ignored, it is now processed as required, fixing the use case when a RP wants to trigger select_account first while at the same time wants also to request interactive consent.

owncloud#788
Bugfix - Mint token with uid and gid: #737

Tags: accounts

The eos driver expects the uid and gid from the opaque map of a user. While the proxy does mint tokens correctly, the accounts service wasn't.

owncloud#737
Bugfix - Serve index.html for directories: #912

The static middleware in ocis-pkg now serves index.html instead of returning 404 on paths with a trailing /.

owncloud/ocis-pkg#63 owncloud#912
Bugfix - Don't create account if id/mail/username already taken: #709

Tags: accounts

We don't allow anymore to create a new account if the provided id/mail/username is already taken.

owncloud#709
Bugfix - Fix director selection in proxy: #521

Tags: proxy

We fixed a bug in ocis-proxy where simultaneous requests could be executed on the wrong backend.

owncloud#521 owncloud/ocis-proxy#99
Bugfix - Permission checks for settings write access: #1092

Tags: settings

There were several endpoints with write access to the settings service that were not protected by permission checks. We introduced a generic settings management permission to fix this for now. Will be more fine grained later on.

owncloud#1092
Bugfix - Fix minor ui bugs: #1043
- the ui haven't updated the language of the items in the settings view menu. Now we listen to the selected language and update the ui - deduplicate resetMenuItems call
owncloud#1043 owncloud#1044
Bugfix - Disable public link expiration by default: #987

Tags: storage

The public link expiration was enabled by default and didn't have a default expiration span by default, which resulted in already expired public links coming from the public link quick action. We fixed this by disabling the public link expiration by default.

owncloud#987 owncloud#1035
Bugfix - Build docker images with alpine:latest instead of alpine:edge: #416

Tags: docker

ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.

owncloud#416
Change - Accounts UI shows message when no permissions: #656

We improved the UX of the accounts UI by showing a message information the user about missing permissions when the accounts or roles fail to load. This was showing an indeterminate progress bar before.

owncloud#656
Change - Cache password validation: #958

Tags: accounts

The password validity check for requests like login eq '%s' and password eq '%s' is now cached for 10 minutes. This improves the performance for basic auth requests.

owncloud#958
Change - Filesystem based index: #709

Tags: accounts, storage

We replaced bleve with a new filesystem based index implementation. There is an indexer which is capable of orchestrating different index types to build indices on documents by field. You can choose from the index types unique, non-unique or autoincrement. Indices can be utilized to run search queries (full matches or globbing) on document fields. The accounts service is using this index internally to run the search queries coming in via ListAccounts and ListGroups and to generate UIDs for new accounts as well as GIDs for new groups.

The accounts service can be configured to store the index on the local FS / a NFS (disk implementation of the index) or to use an arbitrary storage ( cs3 implementation of the index). cs3 is the new default, which is configured to use the metadata storage.

owncloud#709
Change - Rebuild index command for accounts: #748

Tags: accounts

The index for the accounts service can now be rebuilt by running the cli command ./bin/ocis accounts rebuild. It deletes all configured indices and rebuilds them from the documents found on storage. For this we also introduced a LoadAccounts and LoadGroups function on storage for loading all existing documents.

owncloud#748
Change - Add the thumbnails command: #156

Tags: thumbnails

Added the thumbnails command so that the thumbnails service can get started via ocis.

owncloud#156
Change - CS3 can be used as accounts-backend: #1020

Tags: proxy

PROXY_ACCOUNT_BACKEND_TYPE=cs3 PROXY_ACCOUNT_BACKEND_TYPE=accounts (default)

By using a backend which implements the CS3 user-api (currently provided by reva/storage) it is possible to bypass the ocis-accounts service and for example use ldap directly.

owncloud#1020
Change - Use bcrypt to hash the user passwords: #510

Change the hashing algorithm from SHA-512 to bcrypt since the latter is better suitable for password hashing. This is a breaking change. Existing deployments need to regenerate the accounts folder.

owncloud#510
Change - Replace the library which scales the images: #910

The library went out of support. Also did some refactoring of the thumbnails service code.

owncloud#910
Change - Choose disk or cs3 storage for accounts and groups: #623

Tags: accounts

The accounts service now has an abstraction layer for the storage. In addition to the local disk implementation we implemented a cs3 storage, which is the new default for the accounts service.

owncloud#623
Change - Enable OpenID dynamic client registration: #811

Enable OpenID dynamic client registration

owncloud#811 owncloud#813
Change - Integrate import command from ocis-migration: #249

Tags: migration

owncloud#249 https://github.com/owncloud/ocis-migration
Change - Improve reva service descriptions: #536

Tags: docs

The descriptions make it clearer that the services actually represent a mount point in the combined storage. Each mount point can have a different driver.

owncloud#536
Change - Initial release of basic version: #2

Just prepared an initial basic version which simply embeds the minimum of required services in the context of the ownCloud Infinite Scale project.

owncloud#2
Change - Add cli-commands to manage accounts: #115

Tags: accounts

COMMANDS:
- list, ls List existing accounts
- add, create Create a new account
- update Make changes to an existing account
- remove, rm Removes an existing account
- inspect Show detailed data on an existing account
- help, h Shows a list of commands or help for one command
owncloud/product#115
Change - Start ocis-accounts with the ocis server command: #25

Tags: accounts

Starts ocis-accounts in single binary mode (./ocis server). This service stores the user-account information.

owncloud/product#25 https://github.com/owncloud/ocis/pull/239/files
Change - Properly style konnectd consent page: #754

Tags: konnectd

After bringing our theme into konnectd, we've had to adjust the styles of the consent page so the text is visible and button reflects our theme.

owncloud#754
Change - Make all paths configurable and default to a common temp dir: #1080

Aligned all services to use a dir following/var/tmp/ocis/<service>/... by default. Also made some missing temp paths configurable via env vars and config flags.

owncloud#1080
Change - Move the indexer package from ocis/accounts to ocis/ocis-pkg: #794

We are making that change for semantic reasons. So consumers of any index don't necessarily need to know of the accounts service.

owncloud#794
Change - Switch over to a new custom-built runtime: #287

We moved away from using the go-micro runtime and are now using our own runtime. This allows us to spawn service processes even when they are using different versions of go-micro. On top of that we now have the commands ocis list, ocis kill and ocis run available for service runtime management.

owncloud#287
Change - Move ocis default config to root level: #842

Tags: ocis

We moved the tracing config to the root flagset so that they are parsed on all commands. We also introduced a JWTSecret flag in the root flagset, in order to apply a common default JWTSecret to all services that have one.

owncloud#842 owncloud#843
Change - Remove username field in OCS: #709

Tags: ocs

We use the incoming userid as both the id and the on_premises_sam_account_name for new accounts in the accounts service. The userid in OCS requests is in fact the username, not our internal account id. We need to enforce the userid as our internal account id though, because the account id is part of various path formats.

owncloud#709 owncloud#816
Change - Account management permissions for Admin role: #124

Tags: accounts, settings

We created an AccountManagement permission and added it to the default admin role. There are permission checks in place to protected http endpoints in ocis-accounts against requests without the permission. All existing default users (einstein, marie, richard) have the default user role now (doesn't have the AccountManagement permission). Additionally, there is a new default Admin user with credentials moss:vista.

Known issue: for users without the AccountManagement permission, the accounts UI extension is still available in the ocis-web app switcher, but the requests for loading the users will fail (as expected). We are working on a way to hide the accounts UI extension if the user doesn't have the AccountManagement permission.

owncloud/product#124 owncloud/ocis-settings#59 owncloud/ocis-settings#66 owncloud/ocis-settings#67 owncloud/ocis-settings#69 owncloud/ocis-proxy#95 owncloud/ocis-pkg#59 owncloud/ocis-accounts#95 owncloud/ocis-accounts#100 owncloud/ocis-accounts#102
Change - Update phoenix to v0.18.0: #651

Tags: web

We updated phoenix to v0.18.0. Please refer to the changelog (linked) for details on the phoenix release. With the ODS release brought in by phoenix we now have proper oc-checkbox and oc-radio components for the settings and accounts UI.

owncloud#651 https://github.com/owncloud/phoenix/releases/tag/v0.18.0 https://github.com/owncloud/owncloud-design-system/releases/tag/v1.12.1
Change - Default apps in ownCloud Web: #688

Tags: web

We changed the default apps for ownCloud Web to be only files and media-viewer. Markdown-editor and draw-io have been removed as defaults.

owncloud#688
Change - Proxy allow insecure upstreams: #1007

Tags: proxy

We can now configure the proxy if insecure upstream servers are allowed. This was added since you need to disable certificate checks fore some situations like testing.

owncloud#1007
Change - Make ocis-settings available: #287

Tags: settings

This version delivers settings as a new service. It is part of the array of services in the server command.

owncloud#287
Change - Start ocis-proxy with the ocis server command: #119

Tags: proxy

Starts the proxy in single binary mode (./ocis server) on port 9200. The proxy serves as a single-entry point for all http-clients.

owncloud#119 owncloud#136
Change - Theme welcome and choose account pages: #887

Tags: konnectd

We've themed the konnectd pages Welcome and Choose account. All text has a white color now to be easily readable on the dark background.

owncloud#887
Change - Bring oC theme: #698

Tags: konnectd

We've styled our konnectd login page to reflect ownCloud theme.

owncloud#698
Change - Unify Configuration Parsing: #675

Tags: ocis
- responsibility for config parsing should be on the subcommand - if there is a config file in the environment location, env var should take precedence - general rule of thumb: the more explicit the config file is that would be picked up. Order from less to more explicit: - config location (/etc/ocis) - environment variable - cli flag
owncloud#675
Change - Update phoenix to v0.20.0: #674

Tags: web

We updated phoenix to v0.20.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#674 https://github.com/owncloud/phoenix/releases/tag/v0.20.0
Change - Update phoenix to v0.21.0: #728

Tags: web

We updated phoenix to v0.21.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#728 https://github.com/owncloud/phoenix/releases/tag/v0.21.0
Change - Update phoenix to v0.22.0: #757

Tags: web

We updated phoenix to v0.22.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#757 https://github.com/owncloud/phoenix/releases/tag/v0.22.0
Change - Update phoenix to v0.23.0: #785

Tags: web

We updated phoenix to v0.23.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#785 https://github.com/owncloud/phoenix/releases/tag/v0.23.0
Change - Update phoenix to v0.24.0: #817

Tags: web

We updated phoenix to v0.24.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#817 https://github.com/owncloud/phoenix/releases/tag/v0.24.0
Change - Update phoenix to v0.25.0: #868

Tags: web

We updated phoenix to v0.25.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#868 https://github.com/owncloud/phoenix/releases/tag/v0.25.0
Change - Update phoenix to v0.26.0: #935

Tags: web

We updated phoenix to v0.26.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#935 https://github.com/owncloud/phoenix/releases/tag/v0.26.0
Change - Update phoenix to v0.27.0: #943

Tags: web

We updated phoenix to v0.27.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#943 https://github.com/owncloud/phoenix/releases/tag/v0.27.0
Change - Update phoenix to v0.28.0: #1027

Tags: web

We updated phoenix to v0.28.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#1027 https://github.com/owncloud/phoenix/releases/tag/v0.28.0
Change - Update phoenix to v0.29.0: #1034

Tags: web

We updated phoenix to v0.29.0. Please refer to the changelog (linked) for details on the phoenix release.

owncloud#1034 https://github.com/owncloud/phoenix/releases/tag/v0.29.0
Change - Update reva config: #336
- EOS homes are not configured with an enable-flag anymore, but with a dedicated storage driver.
- We're using it now and adapted default configs of storages
owncloud#336 owncloud#337 owncloud#338 https://github.com/owncloud/ocis-reva/pull/891
Change - Update reva to v1.4.1-0.20201209113234-e791b5599a89: #1089

Updated reva to v1.4.1-0.20201209113234-e791b5599a89

owncloud#1089
Change - Clarify storage driver env vars: #729

After renaming ocsi-reva to storage and combining the storage and data providers some env vars were confusingly named STORAGE_STORAGE_.... We are changing the prefix for driver related env vars to STORAGE_DRIVER_.... This makes changing the storage driver using eg.: STORAGE_HOME_DRIVER=eos and setting driver options using STORAGE_DRIVER_EOS_LAYOUT=... less confusing.

owncloud#729
Change - Update ownCloud Web to v1.0.0-beta3: #1105

Tags: web

We updated ownCloud Web to v1.0.0-beta3. Please refer to the changelog (linked) for details on the web release.

owncloud#1105 https://github.com/owncloud/phoenix/releases/tag/v1.0.0-beta3
Change - Update ownCloud Web to v1.0.0-beta4: #1110

Tags: web

We updated ownCloud Web to v1.0.0-beta4. Please refer to the changelog (linked) for details on the web release.

owncloud#1110 https://github.com/owncloud/phoenix/releases/tag/v1.0.0-beta4
Change - Settings and accounts appear in the user menu: #656

We moved settings and accounts to the user menu.

owncloud#656
Enhancement - Add tracing to the accounts service: #1016

Added tracing to the accounts service.

owncloud#1016
Enhancement - Add the accounts service: #244

Tags: accounts
- Bugfix - Initialize roleService client in GRPC server: #114
- Bugfix - Cleanup separated indices in memory: #224
- Change - Set user role on builtin users: #102
- Change - Add new builtin admin user: #102
- Change - We make use of the roles cache to enforce permission checks: #100
- Change - We make use of the roles manager to enforce permission checks: #108
- Enhancement - Add create account form: #148
- Enhancement - Add delete accounts action: #148
- Enhancement - Add enable/disable capabilities to the WebUI: #118
- Enhancement - Improve visual appearance of accounts UI: #222
- Bugfix - Adapting to new settings API for fetching roles: #96
- Change - Create account api-call implicitly adds "default-user" role: #173
- Change - Add role selection to accounts UI: #103
- Bugfix - Atomic Requests: #82
- Bugfix - Unescape value for prefix query: #76
- Change - Adapt to new ocis-settings data model: #87
- Change - Add permissions for language to default roles: #88
- Bugfix - Add write mutexes: #71
- Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60
- Bugfix - Fix index mapping: #73
- Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28
- Bugfix - Prevent segfault when no password is set: #65
- Bugfix - Update account return value not used: #70
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64
- Change - Align structure of this extension with other extensions: #51
- Change - Change api errors: #11
- Change - Enable accounts on creation: #43
- Change - Fix index update on create/update: #57
- Change - Pass around the correct logger throughout the code: #41
- Change - Remove timezone setting: #33
- Change - Tighten screws on usernames and email addresses: #65
- Enhancement - Add early version of cli tools for user-management: #69
- Enhancement - Update accounts API: #30
- Enhancement - Add simple user listing UI: #51
- Enhancement - Logging is configurable: #24
- Change - Initial release of basic version: #1
- Enhancement - Configuration: #15
owncloud/product#244
Enhancement - Add basic auth option: #627

We added a new enable-basic-auth option and PROXY_ENABLE_BASIC_AUTH environment variable that can be set to true to make the proxy verify the basic auth header with the accounts service. This should only be used for testing and development and is disabled by default.

owncloud/product#198 owncloud#627
Enhancement - Document how to run OCIS on top of EOS: #172

Tags: eos

We have added rules to the Makefile that use the official eos docker images to boot an eos cluster and configure OCIS to use it.

owncloud#172
Enhancement - Add the glauth service: #244

Tags: glauth
- Bugfix - Return invalid credentials when user was not found: #30
- Bugfix - Query numeric attribute values without quotes: #28
- Bugfix - Use searchBaseDN if already a user/group name: #214
- Bugfix - Fix LDAP substring startswith filters: #31
- Enhancement - Add build information to the metrics: #226
- Enhancement - Reenable configuring backends: #600
- Bugfix - Ignore case when comparing objectclass values: #26
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #24
- Enhancement - Handle ownCloudUUID attribute: #27
- Enhancement - Implement group queries: #22
- Enhancement - Configuration: #11
- Enhancement - Improve default settings: #12
- Enhancement - Generate temporary ldap certificates if LDAPS is enabled: #12
- Enhancement - Provide additional tls-endpoint: #12
- Change - Use physicist demo users: #5
- Change - Default to config based user backend: #6
owncloud/product#244
Enhancement - Add k6: #941

Tags: tests

Add k6 as a performance testing framework

owncloud#941 owncloud#983
Enhancement - Add the konnectd service: #244

Tags: konnectd
- Enhancement - Add version command: #226
- Bugfix - Add silent redirect url: #69
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #71
- Bugfix - Include the assets for #62: #64
- Bugfix - Redirect to the provided uri: #26
- Change - Add a trailing slash to trusted redirect uris: #26
- Change - Improve client identifiers for end users: #62
- Enhancement - Use upstream version of konnect library: #14
- Enhancement - Change default config for single-binary: #55
- Bugfix - Generate a random CSP-Nonce in the webapp: #17
- Change - Dummy index.html is not required anymore by upstream: #25
- Change - Initial release of basic version: #1
- Change - Use glauth as ldap backend, default to running behind ocis-proxy: #52
owncloud/product#244
Enhancement - Add the ocis-phoenix service: #244

Tags: web
- Bugfix - Fix external app URLs: #218
- Change - Remove pdf-viewer from default apps: #85
- Change - Enable Settings and Accounts apps by default: #80
- Bugfix - Exit when assets or config are not found: #76
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #73
- Change - Hide searchbar by default: #116
- Bugfix - Allow silent refresh of access token: #69
- Change - Update Phoenix: #60
- Enhancement - Configuration: #57
- Bugfix - Config file value not being read: #45
- Change - Default to running behind ocis-proxy: #55
owncloud/product#244
Enhancement - Add the ocis-pkg package: #244

Tags: ocis-pkg
- Change - Unwrap roleIDs from access-token into metadata context: #59
- Change - Provide cache for roles: #59
- Change - Roles manager: #60
- Change - Use go-micro's metadata context for account id: #56
- Bugfix - Remove redigo 2.0.0+incompatible dependency: #33
- Change - Add middleware for x-access-token distmantling: #46
- Enhancement - Add ocis.id and numeric id claims: #50
- Bugfix - Pass flags to micro service: #44
- Change - Add header to cors handler: #41
- Enhancement - Tracing middleware: #35
- Enhancement - Allow http services to register handlers: #33
- Change - Upgrade the micro libraries: #22
- Bugfix - Fix Module Path: #25
- Bugfix - Change import paths to ocis-pkg/v2: #27
- Bugfix - Fix serving static assets: #14
- Change - Add TLS support for http services: #19
- Enhancement - Introduce OpenID Connect middleware: #8
- Change - Add root path to static middleware: #9
- Change - Better log level handling within micro: #2
owncloud/product#244
Enhancement - Add the ocs service: #244

Tags: ocs
- Bugfix - Match the user response to the OC10 format: #181
- Enhancement - Add version command: #226
- Bugfix - Add the top level response structure to json responses: #181
- Enhancement - Update ocis-accounts: #42
- Bugfix - Mimic oc10 user enabled as string in provisioning api: #39
- Bugfix - Use opaque ID of a user for signing keys: #436
- Enhancement - Add option to create user with uidnumber and gidnumber: #34
- Bugfix - Fix file descriptor leak: #79
- Enhancement - Add Group management for OCS Povisioning API: #25
- Enhancement - Basic Support for the User Provisioning API: #23
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #20
- Change - Initial release of basic version: #1
- Change - Upgrade micro libraries: #11
- Enhancement - Configuration: #14
- Enhancement - Support signing key: #18
owncloud/product#244
Enhancement - Add the proxy service: #244

Tags: proxy
- Bugfix - Fix director selection: #99
- Bugfix - Add settings API and app endpoints to example config: #93
- Change - Remove accounts caching: #100
- Enhancement - Add autoprovision accounts flag: #219
- Enhancement - Add hello API and app endpoints to example config and builtin config: #96
- Enhancement - Add roleIDs to the access token: #95
- Enhancement - Add version command: #226
- Enhancement - Add numeric uid and gid to the access token: #89
- Enhancement - Add configuration options for the pre-signed url middleware: #91
- Bugfix - Enable new accounts by default: #79
- Bugfix - Lookup user by id for presigned URLs: #85
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #78
- Change - Add settings and ocs group routes: #81
- Change - Add route for user provisioning API in ocis-ocs: #80
- Bugfix - Provide token configuration from config: #69
- Bugfix - Provide token configuration from config: #76
- Change - Add OIDC config flags: #66
- Change - Mint new username property in the reva token: #62
- Enhancement - Add Accounts UI routes: #65
- Enhancement - Add option to disable TLS: #71
- Enhancement - Only send create home request if an account has been migrated: #52
- Enhancement - Create a root span on proxy that propagates down to consumers: #64
- Enhancement - Support signed URLs: #73
- Bugfix - Accounts service response was ignored: #43
- Bugfix - Fix x-access-token in header: #41
- Change - Point /data endpoint to reva frontend: #45
- Change - Send autocreate home request to reva gateway: #51
- Change - Update to new accounts API: #39
- Enhancement - Retrieve Account UUID From User Claims: #36
- Enhancement - Create account if it doesn't exist in ocis-accounts: #55
- Enhancement - Disable keep-alive on server-side OIDC requests: #268
- Enhancement - Make jwt secret configurable: #41
- Enhancement - Respect account_enabled flag: #53
- Change - Update ocis-pkg: #30
- Change - Insecure http-requests are now redirected to https: #29
- Enhancement - Configurable OpenID Connect client: #27
- Enhancement - Add policy selectors: #4
- Bugfix - Set TLS-Certificate correctly: #25
- Change - Route requests based on regex or query parameters: #21
- Enhancement - Proxy client urls in default configuration: #19
- Enhancement - Make TLS-Cert configurable: #14
- Enhancement - Load Proxy Policies at Runtime: #17
owncloud/product#244
Enhancement - Add the settings service: #244

Tags: settings
- Bugfix - Fix loading and saving system scoped values: #66
- Bugfix - Complete input validation: #66
- Change - Add filter option for bundle ids in ListBundles and ListRoles: #59
- Change - Reuse roleIDs from the metadata context: #69
- Change - Update ocis-pkg/v2: #72
- Enhancement - Add version command: #226
- Bugfix - Fix fetching bundles in settings UI: #61
- Change - Filter settings by permissions: #99
- Change - Add role service: #110
- Change - Rename endpoints and message types: #36
- Change - Use UUIDs instead of alphanumeric identifiers: #46
- Bugfix - Adjust UUID validation to be more tolerant: #41
- Bugfix - Fix runtime error when type asserting on nil value: #38
- Bugfix - Fix multiple submits on string and number form elements: #745
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #39
- Change - Dynamically add navItems for extensions with settings bundles: #25
- Change - Introduce input validation: #22
- Change - Use account uuid from x-access-token: #14
- Change - Use server config variable from ocis-web: #34
- Enhancement - Remove paths from Makefile: #33
- Enhancement - Extend the docs: #11
- Enhancement - Update ocis-pkg/v2: #42
owncloud/product#244
Enhancement - Add the storage service: #244

Tags: storage, reva
- Enhancement - Enable ocis driver treetime accounting: #620
- Enhancement - Launch a storage to store ocis-metadata: #602
In the future accounts, settings etc. should be stored in a dedicated metadata storage. The services should talk to this storage directly, bypassing reva-gateway.

Https://github.com/owncloud/ocis/pull/602
- Enhancement - Update reva to v1.2.2-0.20200924071957-e6676516e61e: #601
- Update reva to v1.2.2-0.20200924071957-e6676516e61e - eos client: Handle eos EPERM as permission denied (reva/#1183) - ocis driver: synctime based etag propagation (reva/#1180) - ocis driver: fix litmus (reva/#1179) - ocis driver: fix move (reva/#1177) - ocs service: cache displaynames (reva/#1161)
Https://github.com/owncloud/ocis-reva/issues/262 https://github.com/owncloud/ocis-reva/issues/357 https://github.com/owncloud/ocis-reva/issues/301 https://github.com/owncloud/ocis-reva/issues/302 owncloud#601
- Bugfix - Fix default configuration for accessing shares: #205
The storage provider mounted at /home should always have EnableHome set to true. The other storage providers should have it set to false.

Https://github.com/owncloud/product/issues/205 owncloud/ocis-reva#461
- Enhancement - Allow configuring arbitrary storage registry rules: #193
We added a new config flag storage-registry-rule that can be given multiple times for the gateway to specify arbitrary storage registry rules. You can also use a comma separated list of rules in the REVA_STORAGE_REGISTRY_RULES environment variable.

Https://github.com/owncloud/product/issues/193 owncloud/ocis-reva#461
- Enhancement - Update reva to v1.2.1-0.20200826162318-c0f54e1f37ea: #454
- Update reva to v1.2.1-0.20200826162318-c0f54e1f37ea - Do not swallow 'not found' errors in Stat (reva/#1124) - Rewire dav files to the home storage (reva/#1125) - Do not restore recycle entry on purge (reva/#1099) - Allow listing the trashbin (reva/#1091) - Restore and delete trash items via ocs (reva/#1103) - Ensure ignoring public stray shares (reva/#1090) - Ensure ignoring stray shares (reva/#1064) - Minor fixes in reva cmd, gateway uploads and smtpclient (reva/#1082) - Owncloud driver - propagate mtime on RemoveGrant (reva/#1115) - Handle redirection prefixes when extracting destination from URL (reva/#1111) - Add UID and GID in ldap auth driver (reva/#1101) - Add calens check to verify changelog entries in CI (reva/#1077) - Refactor Reva CLI with prompts (reva/#1072) - Get file info using fxids from EOS (reva/#1079) - Update LDAP user driver (reva/#1088) - System information metrics cleanup (reva/#1114) - System information included in Prometheus metrics (reva/#1071) - Add logic for resolving storage references over webdav (reva/#1094)
Https://github.com/owncloud/ocis-reva/pull/454
- Enhancement - Update reva to v1.2.1-0.20200911111727-51649e37df2d: #466
- Update reva to v1.2.1-0.20200911111727-51649e37df2d - Added new OCIS storage driver ocis (reva/#1155) - App provider: fallback to env. variable if 'iopsecret' unset (reva/#1146) - Add switch to database (reva/#1135) - Add the ocdav HTTP svc to the standalone config (reva/#1128)
Https://github.com/owncloud/ocis-reva/pull/466
- Enhancement - Separate user and auth providers, add config for rest user: #412
Previously, the auth and user provider services used to have the same driver, which restricted using separate drivers and configs for both. This PR separates the two and adds the config for the rest user driver and the gatewaysvc parameter to EOS fs.

Https://github.com/owncloud/ocis-reva/pull/412 cs3org/reva#995
- Enhancement - Update reva to v1.1.1-0.20200819100654-dcbf0c8ea187: #447
- Update reva to v1.1.1-0.20200819100654-dcbf0c8ea187 - fix restoring and deleting trash items via ocs (reva/#1103) - Add UID and GID in ldap auth driver (reva/#1101) - Allow listing the trashbin (reva/#1091) - Ignore Stray Public Shares (reva/#1090) - Implement GetUserByClaim for LDAP user driver (reva/#1088) - eosclient: get file info by fxid (reva/#1079) - Ensure stray shares get ignored (reva/#1064) - Improve timestamp precision while logging (reva/#1059) - Ocfs lookup userid (update) (reva/#1052) - Disallow sharing the shares directory (reva/#1051) - Local storage provider: Fixed resolution of fileid (reva/#1046) - List public shares only created by the current user (reva/#1042)
Https://github.com/owncloud/ocis-reva/pull/447
- Bugfix - Update LDAP filters: #399
With the separation of use and find filters we can now use a filter that taken into account a users uuid as well as his username. This is necessary to make sharing work with the new account service which assigns accounts an immutable account id that is different from the username. Furthermore, the separate find filters now allows searching users by their displayname or email as well.
```
"(&(objectclass=posixAccount)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))"
findfilter =
"(&(objectclass=posixAccount)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))"
```
Https://github.com/owncloud/ocis-reva/pull/399 cs3org/reva#996
- Change - Environment updates for the username userid split: #420
We updated the owncloud storage driver in reva to properly look up users by userid or username using the userprovider instead of taking the path segment as is. This requires the user service address as well as changing the default layout to the userid instead of the username. The latter is not considered a stable and persistent identifier.

Https://github.com/owncloud/ocis-reva/pull/420 cs3org/reva#1033
- Enhancement - Update storage documentation: #384
We added details to the documentation about storage requirements known from ownCloud 10, the local storage driver and the ownCloud storage driver.

Https://github.com/owncloud/ocis-reva/pull/384 owncloud/ocis-reva#390
- Enhancement - Update reva to v0.1.1-0.20200724135750-b46288b375d6: #399
- Update reva to v0.1.1-0.20200724135750-b46288b375d6 - Split LDAP user filters (reva/#996) - meshdirectory: Add invite forward API to provider links (reva/#1000) - OCM: Pass the link to the meshdirectory service in token mail (reva/#1002) - Update github.com/go-ldap/ldap to v3 (reva/#1004)
Https://github.com/owncloud/ocis-reva/pull/399 cs3org/reva#996 cs3org/reva#1000 cs3org/reva#1002 cs3org/reva#1004
- Enhancement - Update reva to v0.1.1-0.20200728071211-c948977dd3a0: #407
- Update reva to v0.1.1-0.20200728071211-c948977dd3a0 - Use proper logging for ldap auth requests (reva/#1008) - Update github.com/eventials/go-tus to v0.0.0-20200718001131-45c7ec8f5d59 (reva/#1007) - Check if SMTP credentials are nil (reva/#1006)
Https://github.com/owncloud/ocis-reva/pull/407 cs3org/reva#1008 cs3org/reva#1007 cs3org/reva#1006
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #393
ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.

Https://github.com/owncloud/ocis-reva/pull/393
- Enhancement - Update reva to v0.1.1-0.20200710143425-cf38a45220c5: #371
- Update reva to v0.1.1-0.20200710143425-cf38a45220c5 (#371) - Add wopi open (reva/#920) - Added a CS3API compliant data exporter to Mentix (reva/#955) - Read SMTP password from env if not set in config (reva/#953) - OCS share fix including file info after update (reva/#958) - Add flag to smtpclient for for unauthenticated SMTP (reva/#963)
Https://github.com/owncloud/ocis-reva/pull/371 cs3org/reva#920 cs3org/reva#953 cs3org/reva#955 cs3org/reva#958 cs3org/reva#963
- Enhancement - Update reva to v0.1.1-0.20200722125752-6dea7936f9d1: #392
- Update reva to v0.1.1-0.20200722125752-6dea7936f9d1 - Added signing key capability (reva/#986) - Add functionality to create webdav references for OCM shares (reva/#974) - Added a site locations exporter to Mentix (reva/#972) - Add option to config to allow requests to hosts with unverified certificates (reva/#969)
Https://github.com/owncloud/ocis-reva/pull/392 cs3org/reva#986 cs3org/reva#974 cs3org/reva#972 cs3org/reva#969
- Enhancement - Make frontend prefixes configurable: #363
We introduce three new environment variables and preconfigure them the following way:
- REVA_FRONTEND_DATAGATEWAY_PREFIX="data"
- REVA_FRONTEND_OCDAV_PREFIX=""
- REVA_FRONTEND_OCS_PREFIX="ocs"
This restores the reva defaults that were changed upstream.

Https://github.com/owncloud/ocis-reva/pull/363 https://github.com/cs3org/reva/pull/936/files#diff-51bf4fb310f7362f5c4306581132fc3bR63
- Enhancement - Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66: #341
- Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66 (#341) - Added country information to Mentix (reva/#924) - Refactor metrics package to implement reader interface (reva/#934) - Fix OCS public link share update values logic (#252, #288, reva/#930)
Https://github.com/owncloud/ocis-reva/issues/252 owncloud/ocis-reva#288 owncloud/ocis-reva#341 cs3org/reva#924 cs3org/reva#934 cs3org/reva#930
- Enhancement - Update reva to v0.1.1-0.20200709064551-91eed007038f: #362
- Update reva to v0.1.1-0.20200709064551-91eed007038f (#362) - Fix config for uploads when data server is not exposed (reva/#936) - Update OCM partners endpoints (reva/#937) - Update Ailleron endpoint (reva/#938) - OCS: Fix initialization of shares json file (reva/#940) - OCS: Fix returned public link URL (#336, reva/#945) - OCS: Share wrap resource id correctly (#344, reva/#951) - OCS: Implement share handling for accepting and listing shares (#11, reva/#929) - ocm: dynamically lookup IPs for provider check (reva/#946) - ocm: add functionality to mail OCM invite tokens (reva/#944) - Change percentagused to percentageused (reva/#903) - Fix file-descriptor leak (reva/#954)
Https://github.com/owncloud/ocis-reva/issues/344 owncloud/ocis-reva#336 owncloud/ocis-reva#11 owncloud/ocis-reva#362 cs3org/reva#936 cs3org/reva#937 cs3org/reva#938 cs3org/reva#940 cs3org/reva#951 cs3org/reva#945 cs3org/reva#929 cs3org/reva#946 cs3org/reva#944 cs3org/reva#903 cs3org/reva#954
- Enhancement - Add new config options for the http client: #330
The internal certificates are checked for validity after cs3org/reva#914, which causes the acceptance tests to fail. This change sets new hardcoded defaults.

Https://github.com/owncloud/ocis-reva/pull/330
- Enhancement - Allow datagateway transfers to take 24h: #323
- Increase transfer token life time to 24h (PR #323)
Https://github.com/owncloud/ocis-reva/pull/323
- Enhancement - Update reva to v0.1.1-0.20200630075923-39a90d431566: #320
- Update reva to v0.1.1-0.20200630075923-39a90d431566 (#320) - Return special value for public link password (#294, reva/#904) - Fix public stat and listcontainer response to contain the correct prefix (#310, reva/#902)
Https://github.com/owncloud/ocis-reva/issues/310 owncloud/ocis-reva#294 owncloud/ocis-reva#320 cs3org/reva#902 cs3org/reva#904
- Enhancement - Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66: #328
- Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66 (#328) - Use sync.Map on pool package (reva/#909) - Use mutex instead of sync.Map (reva/#915) - Use gatewayProviders instead of storageProviders on conn pool (reva/#916) - Add logic to ls and stat to process arbitrary metadata keys (reva/#905) - Preliminary implementation of Set/UnsetArbitraryMetadata (reva/#912) - Make datagateway forward headers (reva/#913, reva/#926) - Add option to cmd upload to disable tus (reva/#911) - OCS Share Allow date-only expiration for public shares (#288, reva/#918) - OCS Share Remove array from OCS Share update response (#252, reva/#919) - OCS Share Implement GET request for single shares (#249, reva/#921)
Https://github.com/owncloud/ocis-reva/issues/288 owncloud/ocis-reva#252 owncloud/ocis-reva#249 owncloud/ocis-reva#328 cs3org/reva#909 cs3org/reva#915 cs3org/reva#916 cs3org/reva#905 cs3org/reva#912 cs3org/reva#913 cs3org/reva#926 cs3org/reva#911 cs3org/reva#918 cs3org/reva#919 cs3org/reva#921
- Enhancement - Update reva to v0.1.1-0.20200629131207-04298ea1c088: #309
- Update reva to v0.1.1-0.20200629094927-e33d65230abc (#309) - Fix public link file share (#278, reva/#895, reva/#900) - Delete public share (reva/#899) - Updated reva to v0.1.1-0.20200629131207-04298ea1c088 (#313)
Https://github.com/owncloud/ocis-reva/issues/278 owncloud/ocis-reva#309 cs3org/reva#895 cs3org/reva#899 cs3org/reva#900 owncloud/ocis-reva#313
- Enhancement - Update reva to v0.1.1-0.20200626111234-e21c32db9614: #261
- Updated reva to v0.1.1-0.20200626111234-e21c32db9614 (#304) - TUS upload support through datagateway (#261, reva/#878, reva/#888) - Added support for differing metrics path for Prometheus to Mentix (reva/#875) - More data exported by Mentix (reva/#881) - Implementation of file operations in public folder shares (#49, #293, reva/#877) - Make httpclient trust local certificates for now (reva/#880) - EOS homes are not configured with an enable-flag anymore, but with a dedicated storage driver. We're using it now and adapted default configs of storages (reva/#891, #304)
Https://github.com/owncloud/ocis-reva/issues/49 owncloud/ocis-reva#293 owncloud/ocis-reva#261 owncloud/ocis-reva#261 cs3org/reva#875 cs3org/reva#877 cs3org/reva#878 cs3org/reva#881 cs3org/reva#880 cs3org/reva#888 owncloud/ocis-reva#304 cs3org/reva#891
- Enhancement - Update reva to v0.1.1-0.20200624063447-db5e6635d5f0: #279
- Updated reva to v0.1.1-0.20200624063447-db5e6635d5f0 (#279) - Local storage: URL-encode file ids to ease integration with other microservices like WOPI (reva/#799) - Mentix fixes (reva/#803, reva/#817) - OCDAV: fix returned timestamp format (#116, reva/#805) - OCM: add default prefix (#814) - add the content-length header to the responses (reva/#816) - Deps: clean (reva/#818) - Fix trashbin listing (#112, #253, #254, reva/#819) - Make the json publicshare driver configurable (reva/#820) - TUS: Return metadata headers after direct upload (ocis/#216, reva/#813) - Set mtime to storage after simple upload (#174, reva/#823, reva/#841) - Configure grpc client to allow for insecure conns and skip server certificate verification (reva/#825) - Deployment: simplify config with more default values (reva/#826, reva/#837, reva/#843, reva/#848, reva/#842) - Separate local fs into home and with home disabled (reva/#829) - Register reflection after other services (reva/#831) - Refactor EOS fs (reva/#830) - Add ocs-share-permissions to the propfind response (#47, reva/#836) - OCS: Properly read permissions when creating public link (reva/#852) - localfs: make normalize return associated error (reva/#850) - EOS grpc driver (reva/#664) - OCS: Add support for legacy public link arg publicUpload (reva/#853) - Add cache layer to user REST package (reva/#849) - Meshdirectory: pass query params to selected provider (reva/#863) - Pass etag in quotes from the fs layer (#269, reva/#866, reva/#867) - OCM: use refactored cs3apis provider definition (reva/#864)
Https://github.com/owncloud/ocis-reva/issues/116 owncloud/ocis-reva#112 owncloud/ocis-reva#253 owncloud/ocis-reva#254 owncloud#216 owncloud/ocis-reva#174 https://github.com/owncloud/ocis-reva/issues/47 owncloud/ocis-reva#269 owncloud/ocis-reva#279 https://github.com/owncloud/cs3org/reva/pull/799 https://github.com/owncloud/cs3org/reva/pull/803 https://github.com/owncloud/cs3org/reva/pull/817 https://github.com/owncloud/cs3org/reva/pull/805 https://github.com/owncloud/cs3org/reva/pull/814 https://github.com/owncloud/cs3org/reva/pull/816 https://github.com/owncloud/cs3org/reva/pull/818 https://github.com/owncloud/cs3org/reva/pull/819 https://github.com/owncloud/cs3org/reva/pull/820 https://github.com/owncloud/cs3org/reva/pull/823 https://github.com/owncloud/cs3org/reva/pull/841 https://github.com/owncloud/cs3org/reva/pull/813 https://github.com/owncloud/cs3org/reva/pull/825 https://github.com/owncloud/cs3org/reva/pull/826 https://github.com/owncloud/cs3org/reva/pull/837 https://github.com/owncloud/cs3org/reva/pull/843 https://github.com/owncloud/cs3org/reva/pull/848 https://github.com/owncloud/cs3org/reva/pull/842 https://github.com/owncloud/cs3org/reva/pull/829 https://github.com/owncloud/cs3org/reva/pull/831 https://github.com/owncloud/cs3org/reva/pull/830 https://github.com/owncloud/cs3org/reva/pull/836 https://github.com/owncloud/cs3org/reva/pull/852 https://github.com/owncloud/cs3org/reva/pull/850 https://github.com/owncloud/cs3org/reva/pull/664 https://github.com/owncloud/cs3org/reva/pull/853 https://github.com/owncloud/cs3org/reva/pull/849 https://github.com/owncloud/cs3org/reva/pull/863 https://github.com/owncloud/cs3org/reva/pull/866 https://github.com/owncloud/cs3org/reva/pull/867 https://github.com/owncloud/cs3org/reva/pull/864
- Enhancement - Add TUS global capability: #177
The TUS global capabilities from Reva are now exposed.

The advertised max chunk size can be configured using the "--upload-max-chunk-size" CLI switch or "REVA_FRONTEND_UPLOAD_MAX_CHUNK_SIZE" environment variable. The advertised http method override can be configured using the "--upload-http-method-override" CLI switch or "REVA_FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE" environment variable.

Https://github.com/owncloud/ocis-reva/issues/177 owncloud/ocis-reva#228
- Enhancement - Update reva to v0.1.1-0.20200603071553-e05a87521618: #244
- Updated reva to v0.1.1-0.20200603071553-e05a87521618 (#244) - Add option to disable TUS on OC layer (#177, reva/#791) - Dataprovider now supports method override (#177, reva/#792) - OCS fixes for create public link (reva/#798)
Https://github.com/owncloud/ocis-reva/issues/244 owncloud/ocis-reva#177 cs3org/reva#791 cs3org/reva#792 cs3org/reva#798
- Enhancement - Add public shares service: #49
Added Public Shares service with CRUD operations and File Public Shares Manager

Https://github.com/owncloud/ocis-reva/issues/49 owncloud/ocis-reva#232
- Enhancement - Update reva to v0.1.1-0.20200529120551-4f2d9c85d3c9: #49
- Updated reva to v0.1.1-0.20200529120551 (#232) - Public Shares CRUD, File Public Shares Manager (#49, #232, reva/#681, reva/#788) - Disable HTTP-KeepAlives to reduce fd count (ocis/#268, reva/#787) - Fix trashbin listing (#229, reva/#782) - Create PUT wrapper for TUS uploads (reva/#770) - Add security access headers for ocdav requests (#66, reva/#780) - Add option to revad cmd to specify logging level (reva/#772) - New metrics package (reva/#740) - Remove implicit data member from memory store (reva/#774) - Added TUS global capabilities (#177, reva/#775) - Fix PROPFIND with Depth 1 for cross-storage operations (reva/#779)
Https://github.com/owncloud/ocis-reva/issues/49 owncloud/ocis-reva#229 owncloud/ocis-reva#66 owncloud/ocis-reva#177 owncloud#268 owncloud/ocis-reva#232 cs3org/reva#787 cs3org/reva#681 cs3org/reva#788 cs3org/reva#782 cs3org/reva#770 cs3org/reva#780 cs3org/reva#772 cs3org/reva#740 cs3org/reva#774 cs3org/reva#775 cs3org/reva#779
- Enhancement - Update reva to v0.1.1-0.20200520150229: #161
- Update reva to v0.1.1-0.20200520150229 (#161, #180, #192, #207, #221) - Return arbitrary metadata with stat, upload without TUS (reva/#766) - Stat file before returning datagateway URL when initiating download (reva/#765) - REST driver for user package (reva/#747) - Sharing behavior now consistent with the old backend (#20, #26, #43, #44, #46, #94 ,reva/#748) - Mentix service (reva/#755) - meshdirectory: add mentix driver for gocdb sites integration (reva/#754) - Add functionality to commit to storage for OCM shares (reva/#760) - Add option in config to disable tus (reva/#759) - ocdav: fix custom property XML parsing in PROPPATCH handler (#203, reva/#743) - ocdav: fix PROPPATCH response for removed properties (#186, reva/#742) - ocdav: implement PROPFIND infinity depth (#212, reva/#758) - Local fs: Allow setting of arbitrary metadata, minor bug fixes (reva/#764) - Local fs: metadata handling and share persistence (reva/#732) - Local fs: return file owner info in stat (reva/#750) - Fixed regression when uploading empty files to OCFS or EOS with PUT and TUS (#188, reva/#734) - On delete move the file versions to the trashbin (#94, reva/#731) - Fix OCFS move operation (#182, reva/#729) - Fix OCFS custom property / xattr removal (reva/#728) - Retry trashbin in case of timestamp collision (reva/#730) - Disable chunking v1 by default (reva/#678) - Implement ocs to http status code mapping (#26, reva/#696, reva/#707, reva/#711) - Handle the case if directory already exists (reva/#695) - Added TUS upload support (reva/#674, reva/#725, reva/#717) - Always return file sizes in Webdav PROPFIND (reva/#712) - Use default mime type when none was detected (reva/#713) - Fixed Webdav shallow COPY (reva/#714) - Fixed arbitrary namespace usage for custom properties in PROPFIND (#57, reva/#720) - Implement returning Webdav custom properties from xattr (#57, reva/#721) - Minor fix in OCM share pkg (reva/#718)
Https://github.com/owncloud/ocis-reva/issues/20 owncloud/ocis-reva#26 owncloud/ocis-reva#43 owncloud/ocis-reva#44 owncloud/ocis-reva#46 owncloud/ocis-reva#94 owncloud/ocis-reva#26 owncloud/ocis-reva#67 owncloud/ocis-reva#57 owncloud/ocis-reva#94 owncloud/ocis-reva#188 owncloud/ocis-reva#182 owncloud/ocis-reva#212 owncloud/ocis-reva#186 owncloud/ocis-reva#203 owncloud/ocis-reva#161 owncloud/ocis-reva#180 owncloud/ocis-reva#192 owncloud/ocis-reva#207 owncloud/ocis-reva#221 cs3org/reva#766 cs3org/reva#765 cs3org/reva#755 cs3org/reva#754 cs3org/reva#747 cs3org/reva#748 cs3org/reva#760 cs3org/reva#759 cs3org/reva#678 cs3org/reva#696 cs3org/reva#707 cs3org/reva#711 cs3org/reva#695 cs3org/reva#674 cs3org/reva#725 cs3org/reva#717 cs3org/reva#712 cs3org/reva#713 cs3org/reva#720 cs3org/reva#718 cs3org/reva#731 cs3org/reva#734 cs3org/reva#729 cs3org/reva#728 cs3org/reva#730 cs3org/reva#758 cs3org/reva#742 cs3org/reva#764 cs3org/reva#743 cs3org/reva#732 cs3org/reva#750
- Bugfix - Stop advertising unsupported chunking v2: #145
Removed "chunking" attribute in the DAV capabilities. Please note that chunking v2 is advertised as "chunking 1.0" while chunking v1 is the attribute "bigfilechunking" which is already false.

Https://github.com/owncloud/ocis-reva/pull/145
- Enhancement - Allow configuring the gateway for dataproviders: #136
This allows using basic or bearer auth when directly talking to dataproviders.

Https://github.com/owncloud/ocis-reva/pull/136
- Enhancement - Use a configured logger on reva runtime: #153
For consistency reasons we need a configured logger that is inline with an ocis logger, so the log cascade can be easily parsed by a human.

Https://github.com/owncloud/ocis-reva/pull/153
- Bugfix - Fix eos user sharing config: #127
We have added missing config options for the user sharing manager and added a dedicated eos storage command with pre configured settings for the eos-docker container. It configures a Shares folder in a users home when using eos as the storage driver.

Https://github.com/owncloud/ocis-reva/pull/127
- Enhancement - Update reva to v1.1.0-20200414133413: #127
Adds initial public sharing and ocm implementation.

Https://github.com/owncloud/ocis-reva/pull/127
- Bugfix - Fix eos config: #125
We have added missing config options for the home layout to the config struct that is passed to eos.

Https://github.com/owncloud/ocis-reva/pull/125
- Bugfix - Set correct flag type in the flagsets: #75
While upgrading to the micro/cli version 2 there where two instances of StringFlag which had not been changed to StringSliceFlag. This caused ocis-reva users and ocis-reva storage-root to fail on startup.

Https://github.com/owncloud/ocis-reva/issues/75 owncloud/ocis-reva#76
- Bugfix - We fixed a typo in the REVA_LDAP_SCHEMA_MAIL environment variable: #113
It was misspelled as REVA_LDAP_SCHEMA_Mail.

Https://github.com/owncloud/ocis-reva/pull/113
- Bugfix - Allow different namespaces for /webdav and /dav/files: #68
After fbf131c the path for the "new" webdav path does not contain a username /remote.php/dav/files/textfile0.txt. It used to be /remote.php/dav/files/oc/einstein/textfile0.txt So it lost oc/einstein.

This PR allows setting up different namespaces for /webav and /dav/files:

/webdav is jailed into /home - which uses the home storage driver and uses the logged in user to construct the path /dav/files is jailed into /oc - which uses the owncloud storage driver and expects a username as the first path segment

This mimics oc10

The WEBDAV_NAMESPACE_JAIL environment variable is split into - WEBDAV_NAMESPACE and - DAV_FILES_NAMESPACE accordingly.

Https://github.com/owncloud/ocis-reva/pull/68 related:
- Change - Use /home as default namespace: #68
Currently, cross storage etag propagation is not yet implemented, which prevents the desktop client from detecting changes via the PROPFIND to /. / is managed by the root storage provider which is independend of the home and oc storage providers. If a file changes in /home/foo, the etag change will only be propagated to the root of the home storage provider.

This change jails users into the /home namespace, and allows configuring the namespace to use for the two webdav endpoints using the new environment variable WEBDAV_NAMESPACE_JAIL which affects both endpoints /dav/files and /webdav.

This will allow us to focus on getting a single storage driver like eos or owncloud tested and better resembles what owncloud 10 does.

To get back the global namespace, which ultimately is the goal, just set the above environment variable to /.

Https://github.com/owncloud/ocis-reva/pull/68
- Change - Initial release of basic version: #1
Just prepared an initial basic version to start a reva server and start integrating with the go-micro base dextension framework of ownCloud Infinite Scale.

Https://github.com/owncloud/ocis-reva/issues/1
- Change - Start multiple services with dedicated commands: #6
The initial version would only allow us to use a set of reva configurations to start multiple services. We use a more opinionated set of commands to start dedicated services that allows us to configure them individually. It allows us to switch eg. the user backend to LDAP and fully use it on the cli.

Https://github.com/owncloud/ocis-reva/issues/6
- Change - Storage providers now default to exposing data servers: #89
The flags that let reva storage providers announce that they expose a data server now defaults to true:

REVA_STORAGE_HOME_EXPOSE_DATA_SERVER=1 REVA_STORAGE_OC_EXPOSE_DATA_SERVER=1

Https://github.com/owncloud/ocis-reva/issues/89
- Change - Default to running behind ocis-proxy: #113
We changed the default configuration to integrate better with ocis.
- We use ocis-glauth as the default ldap server on port 9125 with base dc=example,dc=org. - We use a dedicated technical reva user to make ldap binds - Clients are supposed to use the ocis-proxy endpoint https://localhost:9200 - We removed unneeded ocis configuration from the frontend which no longer serves an oidc provider. - We changed the default user OpaqueID attribute from sub to preferred_username. The latter is a claim populated by konnectd that can also be used by the reva ldap user manager to look up users by their OpaqueId
Https://github.com/owncloud/ocis-reva/pull/113
- Enhancement - Expose owncloud storage driver config in flagset: #87
Three new flags are now available:
- scan files on startup to generate missing fileids default: true env var: REVA_STORAGE_OWNCLOUD_SCAN cli option: --storage-owncloud-scan
- autocreate home path for new users default: true env var: REVA_STORAGE_OWNCLOUD_AUTOCREATE cli option: --storage-owncloud-autocreate
- the address of the redis server default: :6379 env var: REVA_STORAGE_OWNCLOUD_REDIS_ADDR cli option: --storage-owncloud-redis
Https://github.com/owncloud/ocis-reva/issues/87
- Enhancement - Update reva to v0.0.2-0.20200212114015-0dbce24f7e8b: #91
Reva has seen a lot of changes that allow us to - reduce the configuration overhead - use the autocreato home folder option - use the home folder path layout option - no longer start the root storage

Https://github.com/owncloud/ocis-reva/pull/91 related:
- Enhancement - Allow configuring user sharing driver: #115
We now default to json which persists shares in the sharing manager in a json file instead of an in memory db.

Https://github.com/owncloud/ocis-reva/pull/115

owncloud/product#244
Enhancement - Add the store service: #244

Tags: store
- Enhancement - Add version command: #226
- Bugfix - Removed code from other service: #7
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #5
- Change - Initial release of basic version: #1
owncloud/product#244
Enhancement - Add the thumbnails service: #244

Tags: thumbnails
- Enhancement - Add version command: #226
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #35
- Enhancement - Serve the metrics endpoint: #37
- Change - Add more default resolutions: #23
- Change - Refactor code to remove code smells: #21
- Change - Use micro service error api: #31
- Enhancement - Limit users to access own thumbnails: #5
- Bugfix - Fix usage of context.Context: #18
- Bugfix - Fix execution when passing program flags: #15
- Change - Initial release of basic version: #1
- Change - Use predefined resolutions for thumbnail generation: #7
- Change - Implement the first working version: #3
owncloud/product#244
Enhancement - Add a command to list the versions of running instances: #226

Tags: accounts

Added a micro command to list the versions of running accounts services.

owncloud/product#226
Enhancement - Add the webdav service: #244

Tags: webdav
- Enhancement - Add version command: #226
- Bugfix - Build docker images with alpine:latest instead of alpine:edge: #22
- Change Change status not found on missing thumbnail: #20
- Change - Initial release of basic version: #1
- Change - Update ocis-pkg to version 2.2.0: #16
- Enhancement - Configuration: #14
- Enhancement - Implement preview API: #13
owncloud/product#244
Enhancement - Better adopt Go-Micro: #840

Tags: ocis

There are a few building blocks that we were relying on default behavior, such as micro.Registry and the go-micro client. In order for oCIS to work in any environment and not relying in black magic configuration or running daemons we need to be able to:
- Provide with a configurable go-micro registry. - Use our own go-micro client adjusted to our own needs (i.e: custom timeout, custom dial timeout, custom transport...)
This PR is relying on 2 env variables from Micro: MICRO_REGISTRY and MICRO_REGISTRY_ADDRESS. The latter does not make sense to provide if the registry is not etcd.

The current implementation only accounts for mdns and etcd registries, defaulting to mdns when not explicitly defined to use etcd.

owncloud#840
Enhancement - Add permission check when assigning and removing roles: #879

Everyone could add and remove roles from users. Added a new permission and a check so that only users with the role management permissions can assign and unassign roles.

owncloud#879
Enhancement - Create OnlyOffice extension: #857

Tags: OnlyOffice

We've created an OnlyOffice extension which enables users to create and edit docx documents and open spreadsheets and presentations.

owncloud#857
Enhancement - Show basic-auth warning only once: #886

Show basic-auth warning only on startup instead on every request.

owncloud#886
Enhancement - Add glauth fallback backend: #649

We introduced the fallback-datastore config option and the corresponding options to allow configuring a simple chain of two handlers.

Simple, because it is intended for bind and single result search queries. Merging large sets of results is currently out of scope. For now, the implementation will only search the fallback backend if the default backend returns an error or the number of results is 0. This is sufficient to allow an IdP to authenticate users from ocis as well as owncloud 10 as described in the bridge scenario.

owncloud/ocis-glauth#18 owncloud#649

Enhancement - Tidy dependencies: #845

Methodology:

-name go.mod -print | sed 's:/go.mod$::' } ```

``` for m in $(go-modules); do (cd $m && go mod tidy); done ```

https://github.com/owncloud/ocis/pull/845

Enhancement - Launch a storage to store ocis-metadata: #602

Tags: metadata, accounts, settings

In the future accounts, settings etc. should be stored in a dedicated metadata storage. The services should talk to this storage directly, bypassing reva-gateway.

owncloud#602
Enhancement - Add a version command to ocis: #915

The version command was only implemented in the extensions. This adds the version command to ocis to list all services in the ocis namespace.

owncloud#915
Enhancement - Create a proxy access-log: #889

Logs client access at the proxy

owncloud#889
Enhancement - Cache userinfo in proxy: #877

Tags: proxy

We introduced caching for the userinfo response. The token expiration is used for cache invalidation if available. Otherwise we fall back to a preconfigured TTL (default 10 seconds).

owncloud#877
Enhancement - Update reva to v1.4.1-0.20201125144025-57da0c27434c: #1320

Mostly to bring fixes to pressing changes.

cs3org/reva#1320 cs3org/reva#1338
Enhancement - Runtime Cleanup: #1066

Small runtime cleanup prior to Tech Preview release

owncloud#1066
Enhancement - Update OCIS Runtime: #1108
- enhances the overall behavior of our runtime - runtime db file configurable - two new env variables to deal with the runtime - RUNTIME_DB_FILE and RUNTIME_KEEP_ALIVE - RUNTIME_KEEP_ALIVE defaults to false to provide backwards compatibility - if RUNTIME_KEEP_ALIVE is set to true, if a supervised process terminates the runtime will attempt to start with the same environment provided.
owncloud#1108
Enhancement - Simplify tracing config: #92

We now apply the oCIS tracing config to all services which have tracing. With this it is possible to set one tracing config for all services at the same time.

owncloud/product#92 owncloud#329 owncloud#409
Enhancement - Update glauth to dev fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2: #834

We updated glauth to dev commit fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2, which allows to skip certificate checks for the owncloud backend.

owncloud#834
Enhancement - Update glauth to dev 4f029234b2308: #786

Includes a bugfix, don't mix graph and provisioning api.

owncloud#786
Enhancement - Update konnectd to v0.33.8: #744

This update adds options which allow the configuration of oidc-token expiration parameters: KONNECTD_ACCESS_TOKEN_EXPIRATION, KONNECTD_ID_TOKEN_EXPIRATION and KONNECTD_REFRESH_TOKEN_EXPIRATION.

Other changes from upstream:
- Generate random endsession state for external authority - Update dependencies in Dockerfile - Set prompt=None to avoid loops with external authority - Update Jenkins reporting plugin from checkstyle to recordIssues - Remove extra kty key from JWKS top level document - Fix regression which encodes URL fragments twice - Avoid generating fragmet/query URLs with wrong order - Return state for oidc endsession response redirects - Use server provided username to avoid case mismatch - Use signed-out-uri if set as fallback for goodbye redirect on saml slo - Add checks to ensure post_logout_redirect_uri is not empty - Fix SAML2 logout request parsing - Cure panic when no state is found in saml esr - Use SAML IdP Issuer value from meta data entityID - Allow configuration of expiration of oidc access, id and refresh tokens - Implement trampolin for external OIDC authority end session - Update ca-certificates version
owncloud#744
Enhancement - Update reva to v1.4.1-0.20201123062044-b2c4af4e897d: #823
- Refactor the uploading files workflow from various clients cs3org/reva#1285, cs3org/reva#1314
- [OCS] filter share with me requests cs3org/reva#1302
- Fix listing shares for nonexisting path cs3org/reva#1316
- prevent nil pointer when listing shares cs3org/reva#1317
- Sharee retrieves the information about a share -but gets response containing all the shares owncloud/ocis-reva#260
- Deleting a public link after renaming a file owncloud/ocis-reva#311
- Avoid log spam cs3org/reva#1323, cs3org/reva#1324
- Fix trashbin cs3org/reva#1326
https://github.com/owncloud/ocis-reva/issues/260 https://github.com/owncloud/ocis-reva/issues/311 owncloud#823 cs3org/reva#1285 cs3org/reva#1302 cs3org/reva#1314 cs3org/reva#1316 cs3org/reva#1317 cs3org/reva#1323 cs3org/reva#1324 cs3org/reva#1326
Enhancement - Update reva to v1.4.1-0.20201130061320-ac85e68e0600: #980
- Fix move operation in ocis storage driver csorg/reva#1343
owncloud#975 owncloud#980 cs3org/reva#1343
Enhancement - Update reva to cdb3d6688da5: #748
- let the gateway filter invalid references
owncloud#748 cs3org/reva#1274
Enhancement - Update reva to dd3a8c0f38: #725
- fixes etag propagation in the ocis driver
owncloud#725 cs3org/reva#1264
Enhancement - Update reva to v1.4.1-0.20201127111856-e6a6212c1b7b: #971

Tags: reva
- Fix capabilities response for multiple client versions #1331 cs3org/reva#1331
- Fix home storage redirect for remote.php/dav/files cs3org/reva#1342
owncloud#971 cs3org/reva#1331 cs3org/reva#1342
Enhancement - Update reva to 063b3db9162b: #1091
- bring public link removal changes to OCIS. - fix subcommand name collision from renaming phoenix -> web.
owncloud#1098 owncloud#1091

Enhancement - Add www-authenticate based on user agent: #1009

Tags: reva, proxy

We now comply with HTTP spec by adding Www-Authenticate headers on every 401 request. Furthermore, we not only take care of such a thing at the Proxy but also Reva will take care of it. In addition, we now are able to lock-in a set of User-Agent to specific challenges.

Admins can use this feature by configuring oCIS + Reva following this approach:

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101
Firefox/83.0:bearer" \
PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT="mirall:basic, Mozilla/5.0
(Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0:bearer" \
PROXY_ENABLE_BASIC_AUTH=true \ go run cmd/ocis/main.go server ```

We introduced two new environment variables:

`STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT` as well as
`PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT`, The reason they have the same value
is not to rely on the os env on a distributed environment, so in redundancy we trust. They both
configure the same on the backend storage and oCIS Proxy.

https://github.com/owncloud/ocis/pull/1009

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CHANGELOG.md

CHANGELOG.md

Changelog for unreleased (UNRELEASED)

Summary

Details

Changelog for 1.1.0 (2021-01-22)

Summary

Details

Changelog for [1.0.0] (2020-12-17)

Summary

Details

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

Changelog for unreleased (UNRELEASED)

Summary

Details

Changelog for 1.1.0 (2021-01-22)

Summary

Details

Changelog for [1.0.0] (2020-12-17)

Summary

Details