cloud/ocis
1
0
Fork 0
mirror of https://github.com/owncloud/ocis.git synced 2025-04-17 12:37:07 +03:00
Code
ocis/CHANGELOG.md
Roman Perekhod 20f32d4f2a Automated changelog update [skip ci]
2025-04-15 11:39:18 +00:00

888 KiB
Raw Permalink Blame History

Table of Contents

Changelog for unreleased (UNRELEASED)

The following sections list the changes for unreleased.

Summary

  • Bugfix - Fix the OCM role editor: #11071
  • Bugfix - Fix the SpaceMembershipExpired event: #11078
  • Bugfix - Fix the OCM role file editor: #11093
  • Bugfix - Fix the parent-id for the share-jail root: #11101
  • Bugfix - Adjust the capabilities according to full text search config: #11111
  • Bugfix - Fix app-auth: #11123
  • Bugfix - Fix the SpaceMembershipExpired duplicate event: #11127
  • Bugfix - Fix migrate rebuild-jsoncs3-indexes cli: #11145
  • Bugfix - OCM Share Notifications: #11162
  • Bugfix - Fix pdf form creation: #11163
  • Bugfix - Fix app-auth, REST status code: #11190
  • Enhancement - Update Mockery to 2.52.3: #11070
  • Enhancement - Improve postprocessing logs: #11108
  • Enhancement - Improve graph space management logs: #11115
  • Enhancement - CLI, storage-users uploads delete-stale-nodes: #11216
  • Enhancement - Limit length of tags: #11231

Details

Changelog for 7.1.2 (2025-03-28)

The following sections list the changes for 7.1.2.

Summary

  • Bugfix - Fix pdf form creation: #11163

Details

Changelog for 7.1.1 (2025-03-14)

The following sections list the changes for 7.1.1.

Summary

  • Bugfix - Fix translations of editor roles: #11116
  • Enhancement - Update Web to v11.3.1: #11131

Details

Changelog for 7.1.0 (2025-03-06)

The following sections list the changes for 7.1.0.

Summary

  • Bugfix - Update govips to 2.16.0: #10378
  • Bugfix - Share creation date is missing in invite response: #10781
  • Bugfix - Bump some golang dependencies: #10795
  • Bugfix - Allow to accepted invite after it was once deleted: #10834
  • Bugfix - Fix the mail notifications for the user light: #10865
  • Bugfix - Fix filtering of PostprocessingStepFinished events: #10868
  • Bugfix - Prevent empty email body for grouped email notifications: #10869
  • Bugfix - Consistently name roles: #10871
  • Bugfix - Fix grouped email notifications store key: #10873
  • Bugfix - Fix missing newline in grouped email: #10883
  • Bugfix - Fix email templates white spaces & new lines: #10884
  • Bugfix - Fix the ocm gateway connection pool: #10916
  • Bugfix - Add fallback for folder names: #10932
  • Bugfix - Allow view ocm shares: #10944
  • Bugfix - Fix Collaboration file extension check: #10947
  • Bugfix - Add Identities to education user: #11016
  • Bugfix - Bump libregraph api: #11021
  • Bugfix - Fix OCM create share: #11047
  • Bugfix - Fix update grants for the OCM share: #11052
  • Enhancement - Part I: The user settings are extended by notifications preferences: #10706
  • Enhancement - Part II: Filtering of in-app notifications: #10779
  • Enhancement - Part III: Filtering of mail notifications: #10792
  • Enhancement - Translate Notification Settings: #10812
  • Enhancement - Part IV: Grouping of mail notifications: #10838
  • Enhancement - Update web to v11.1.0: #10853
  • Enhancement - Add tests for grouped emails: #10885
  • Enhancement - Use maintained forks: #10886
  • Enhancement - Add email notification for share removed event: #10915
  • Enhancement - Update Web to v1.11.1: #10918
  • Enhancement - Update Web to v1.11.2: #10930
  • Enhancement - Implement debug docker for arm64 platform: #10940
  • Enhancement - Add roles: #10964
  • Enhancement - Update Web to v1.11.3: #10977
  • Enhancement - Add the ocm notification handler: #11005
  • Enhancement - Add logging when a users space gets deleted: #11037
  • Enhancement - Add the ocm notification ShareChangePermission: #11041
  • Enhancement - Update Web to v11.2.0: #11049
  • Enhancement - Update Web to v11.3.0: #11058
  • Enhancement - Bump Reva: #11083

Details

Changelog for 7.0.0 (2024-12-17)

The following sections list the changes for 7.0.0.

Summary

  • Bugfix - Generate short tokens to be used as access tokens for WOPI: #10391
  • Bugfix - Fix put relative wopi operation for microsoft: #10403
  • Bugfix - Make SSE keepalive interval configurable: #10411
  • Bugfix - Removed 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' setting: #10425
  • Bugfix - Micro registry cache fixes: #10429
  • Bugfix - Fix the memlimit loglevel: #10433
  • Bugfix - Log GRPC requests in debug mode: #10438
  • Bugfix - Restart Postprocessing properly: #10439
  • Bugfix - Allow to configure data server URL for ocm: #10440
  • Bugfix - Respect proxy url when validating proofkeys: #10462
  • Bugfix - Return wopi lock header in get lock response: #10470
  • Bugfix - 'ocis backup consistency' fixed for file revisions: #10493
  • Bugfix - Wait for services to be ready before registering them: #10498
  • Bugfix - Fix 0-byte file uploads: #10500
  • Bugfix - Fixed sharedWithMe response for OCM shares: #10501
  • Bugfix - Fix gateway nats checks: #10502
  • Bugfix - Fix idp guest role default assignment: #10511
  • Bugfix - Remove mbreaker: #10524
  • Bugfix - Fix impersonated request user mismatch: #10548
  • Bugfix - Fix federated sharing when using an external IDP: #10567
  • Bugfix - Fix node cache ttl updates: #10575
  • Bugfix - We now limit the number of workers of the jsoncs3 share manager: #10578
  • Bugfix - Set MaxConcurrency to 1: #10580
  • Bugfix - Reuse go-micro service clients: #10582
  • Bugfix - Make collaboration service use a gateway selector: #10584
  • Bugfix - Return an error if we can't get the keys and ensure they're cached: #10590
  • Bugfix - Fix status code for thumbnail requests: #10592
  • Bugfix - Fix the activity field mapping: #10593
  • Bugfix - Fix deny access for graph roles: #10627
  • Bugfix - Fix link activity message: #10663
  • Bugfix - Fix possible race condition when a thumbnails is stored in the FS: #10693
  • Bugfix - Skip fetching members: #10701
  • Bugfix - Fix FileInfo BreadcrumbFolderURL: #10718
  • Bugfix - Fix graph drives response for federated shares: #10730
  • Bugfix - GetLastModified property in the REPORT response will use RFC1123 format: #10738
  • Bugfix - Unifi logging: #10743
  • Bugfix - Fix FileInfo BreadcrumbFolderURL upd: #10757
  • Bugfix - Bump Reva: #10766
  • Enhancement - Create thumbnails for GGP MIME types: #10304
  • Enhancement - Include a product name in the collaboration service: #10335
  • Enhancement - Add web extensions to the ocis_full example: #10399
  • Enhancement - Remove deprecated CLI commands: #10432
  • Enhancement - Bump cs3api: #10449
  • Enhancement - Bump reva to latest: #10472
  • Enhancement - Concurrent userlog processing: #10504
  • Enhancement - Concurrent autoaccept for shares: #10507
  • Enhancement - Fetch shared resource metadata concurrently in graph: #10683
  • Enhancement - Update web to v11.0.6: #10755

Details

Changelog for 5.0.9 (2024-11-14)

The following sections list the changes for 5.0.9.

Summary

  • Bugfix - Thumbnail request limit: #10280
  • Bugfix - Restart Postprocessing properly: #10439
  • Change - Define maximum input image dimensions and size when generating previews: #10270

Details

Changelog for 6.6.1 (2024-10-24)

The following sections list the changes for 6.6.1.

Summary

  • Bugfix - Fix panic when stopping the nats: #10363
  • Bugfix - Disable download activity: #10368
  • Bugfix - Fix Activitylog issues: #10376
  • Bugfix - Security fixes: #10376
  • Bugfix - Make antivirus workers configurable: #10383
  • Bugfix - Increase event processing workers: #10385
  • Bugfix - Fix envvar deprecations for next production release: #10386
  • Bugfix - Fix healthchecks: #10405

Details

Changelog for 6.6.0 (2024-10-21)

The following sections list the changes for 6.6.0.

Summary

  • Bugfix - Fix health and ready endpoints: #10163
  • Bugfix - Always treat LDAP attribute names case-insensitively: #10204
  • Bugfix - Fix delete share panic: #10219
  • Bugfix - Continue listing shares on error: #10243
  • Bugfix - Avoid re-creating thumbnails: #10251
  • Bugfix - Graph service now supports OCIS_LDAP_USER_SCHEMA_DISPLAYNAME env var: #10257
  • Bugfix - Kept historical resource naming in activity: #10266
  • Bugfix - Fix panic when sharing with groups: #10279
  • Bugfix - Thumbnail request limit: #10280
  • Bugfix - Forbid the ocm space sharing: #10287
  • Bugfix - Use secure config defaults for OCM: #10307
  • Enhancement - Add OCM wellknown configuration: #9815
  • Enhancement - Load IDP logo from theme: #10274
  • Enhancement - WebOffice Templates: #10276
  • Enhancement - Remove Deprecations: #10305
  • Enhancement - Allow to use libvips for generating thumbnails: #10310
  • Enhancement - Bump various dependencies: #10352
  • Enhancement - Update web to v11.0.0: #10357
  • Enhancement - Bump reva to 2.26.0: #10364

Details

Changelog for 6.5.0 (2024-10-01)

The following sections list the changes for 6.5.0.

Summary

  • Bugfix - Fixed the ocm email template: #10030
  • Bugfix - Fixed activity filter depth: #10031
  • Bugfix - Fixed proxy build info: #10039
  • Bugfix - Fixed the ocm tocken: #10050
  • Bugfix - Fix ocm space sharing: #10060
  • Bugfix - Fix the error code for ocm space sharing: #10079
  • Bugfix - Added LinkUpdated activity: #10085
  • Bugfix - Fix Activities leak: #10092
  • Bugfix - Include additional logs in the collaboration service: #10101
  • Bugfix - Added ShareUpdate activity: #10104
  • Bugfix - Fixed the collaboration service registration: #10107
  • Bugfix - CheckFileInfo will return a 404 error if the target file isn't found: #10112
  • Bugfix - Forbid Activities for Sharees: #10136
  • Bugfix - Always select next gateway client: #10141
  • Bugfix - Remove duplicate CSP header from responses: #10146
  • Bugfix - Fixed the missing folder variable: #10150
  • Bugfix - Fix activity limit: #10165
  • Bugfix - Fix email translations: #10171
  • Bugfix - Fix Activities translation: #10175
  • Enhancement - Allow to maintain the last sign-in timestamp of a user: #9942
  • Enhancement - Add an Activity for FileUpdated: #10072
  • Enhancement - Remove METADATA_BACKEND: #10113
  • Enhancement - Load CSP configuration file if it exists: #10139
  • Enhancement - FileDownloaded Activity: #10161
  • Enhancement - Add WOPI host URLs to the collaboration service: #10174
  • Enhancement - Update web to v10.3.0: #10177
  • Enhancement - Bump reva to 2.25.0: #10194

Details

Changelog for 5.0.8 (2024-09-30)

The following sections list the changes for 5.0.8.

Summary

  • Bugfix - Update reva to v2.19.8: #10138

Details

Changelog for 6.4.0 (2024-09-12)

The following sections list the changes for 6.4.0.

Summary

  • Bugfix - Set capability response disable_self_password_change correctly: #9853
  • Bugfix - Activity Translations: #9856
  • Bugfix - The user attributes userType and memberOf are readonly: #9867
  • Bugfix - Use key to get specific trash item: #9879
  • Bugfix - Fix response code when upload a file over locked: #9894
  • Bugfix - List OCM permissions as graph drive item permissions: #9905
  • Bugfix - Fix listing ocm shares: #9925
  • Bugfix - Allow update of ocm shares: #9980
  • Change - Remove store service: #9890
  • Enhancement - We now set the configured protocol transport for service metadata: #9490
  • Enhancement - Microsoft Office365 and Office Online support: #9686
  • Enhancement - Added a new role space editor without versions: #9880
  • Enhancement - Improve revisions purge: #9891
  • Enhancement - Allow setting default locale of activitylog: #9892
  • Enhancement - Graph translation path: #9902
  • Enhancement - Added a new roles viewer/editor with ListGrants: #9943
  • Enhancement - Handle OCM invite generated event: #9966
  • Enhancement - Update web to v10.2.0: #9988
  • Enhancement - Allow blob as connect-src in default CSP: #9993
  • Enhancement - Unified Roles Management: #10013
  • Enhancement - Bump reva to v2.24.1: #10028

Details

Changelog for 5.0.7 (2024-09-04)

The following sections list the changes for 5.0.7.

Summary

  • Enhancement - Add virus filter to sessions command: #9041
  • Enhancement - Assimilate clean into sessions command: #9828
  • Enhancement - Update web to v8.0.5: #9958

Details

Changelog for 6.3.0 (2024-08-20)

The following sections list the changes for 6.3.0.

Summary

  • Bugfix - Ignore address for kubernetes registry: #9490
  • Bugfix - Use bool type for web embed delegatedAuthentication: #9692
  • Bugfix - Repair nats-js-kv registry: #9734
  • Bugfix - Use less selectors that watch the registry: #9741
  • Bugfix - We fixed the client config generation for the built in IDP: #9770
  • Bugfix - Change ocmproviders config defaultpath: #9778
  • Bugfix - Web theme color contrasts: #10726
  • Enhancement - New WOPI operations added to the collaboration service: #9505
  • Enhancement - Allow configuring grpc max connection age: #9657
  • Enhancement - Tracing improvements in the collaboration service: #9684
  • Enhancement - Local WEB App configuration: #9691
  • Enhancement - Bump tusd pkg to v2: #9714
  • Enhancement - Gateways should directly talk to themselves: #9714
  • Enhancement - Support Skyhigh Security ICAP as an ICAP server: #9720
  • Enhancement - Added generic way to translate composite entities: #9722
  • Enhancement - Add an API to auth-app service: #9755
  • Enhancement - Bump go-micro plugins pkg: #9756
  • Enhancement - Allow querying federated user roles for sharing: #9765
  • Enhancement - Refactor the connector in the collaboration service: #9771
  • Enhancement - Add OCIS_ENABLE_OCM env var: #9784
  • Enhancement - OCM related adjustments in graph: #9788
  • Enhancement - Update web to v10.1.0: #9832
  • Enhancement - Bump reva to 2.23.0: #9852

Details

Changelog for 6.2.0 (2024-07-30)

The following sections list the changes for 6.2.0.

Summary

  • Bugfix - Fix restarting of postprocessing: #6945
  • Bugfix - Fix crash on empty tracing provider: #9622
  • Bugfix - Fixed the file name validation if nodeid is used: #9634
  • Bugfix - Fix a missing SecureView permission attribute in the REPORT response: #9638
  • Bugfix - Fixed the channel lock in a workers pool: #9647
  • Bugfix - Missing invitation in permission responses: #9652
  • Bugfix - Repair nats-js-kv registry: #9662
  • Bugfix - Fix panic: #9673
  • Bugfix - Fixed the response code when copying the shared from to personal: #9677
  • Bugfix - Fixed response code for DELETE file that is in postprocessing: #9689
  • Change - Remove unavailable web config options: #9679
  • Enhancement - Introduce auth-app service: #9079
  • Enhancement - Add support for proof keys for the collaboration service: #9366
  • Enhancement - Log user agent and remote addr on auth errors: #9475
  • Enhancement - Add missing WOPI features: #9580
  • Enhancement - Bump commitID for web: #9631
  • Enhancement - Remove oidc-go dependency: #9641
  • Enhancement - Improve the collaboration service logging: #9653
  • Enhancement - Fix trash command: #9665
  • Enhancement - Added the debugging to full ocis docker example: #9666
  • Enhancement - Add locking support for MS Office Online Server: #9685
  • Enhancement - Bump reva to v.2.22.0: #9690
  • Enhancement - Add --diff to the ocis init command: #9693
  • Enhancement - Update web to v10.0.0: #9707

Details

Changelog for 5.0.6 (2024-07-17)

The following sections list the changes for 5.0.6.

Summary

  • Bugfix - Allow all uploads to restart: #9506
  • Bugfix - Fix the email notification service: #9514
  • Enhancement - Limit concurrent thumbnail requests: #9199
  • Enhancement - Update web to v8.0.4: #9429
  • Enhancement - Add cli to purge revisions: #9497

Details

Changelog for 6.1.0 (2024-07-08)

The following sections list the changes for 6.1.0.

Summary

  • Bugfix - Fix sharing-ng permission listings for personal and virtual drive items: #9438
  • Bugfix - Add inotify-tools and bash packages to docker files: #9440
  • Bugfix - Allow all uploads to restart: #9465
  • Bugfix - Fix the email notification service: #9467
  • Bugfix - Fix Password Reset: #9479
  • Bugfix - Fixed the email template: #9484
  • Bugfix - Polish secure view: #9532
  • Enhancement - Rudimentary OCM support in graph: #8909
  • Enhancement - Activitylog API: #9361
  • Enhancement - Add the backchannel logout event: #9447
  • Enhancement - Add fail flag to consistency check: #9447
  • Enhancement - Configurable OCM timeouts: #9450
  • Enhancement - Deprecate gateway environment variables: #9451
  • Enhancement - Allow reindexing all spaces: #9456
  • Enhancement - Autoprovision group memberships: #9458
  • Enhancement - Allow disable versioning: #9473
  • Enhancement - Empty trash directories: #9483
  • Enhancement - Various fixes for the activitylog service: #9485
  • Enhancement - Add cli to purge revisions: #9497
  • Enhancement - Update web to v9.1.0: #9547
  • Enhancement - Bump reva to v2.21.0: #9556

Details

Changelog for 6.0.0 (2024-06-19)

The following sections list the changes for 6.0.0.

Summary

  • Bugfix - Fix an error when lock/unlock a public shared file: #8472
  • Bugfix - Fix the docker-compose wopi: #8483
  • Bugfix - Fix remove/update share permissions: #8529
  • Bugfix - Correct the default mapping of roles: #8534
  • Bugfix - Fix graph drive invite: #8538
  • Bugfix - Fix the mount points naming: #8543
  • Bugfix - We now always select the next clients when autoaccepting shares: #8570
  • Bugfix - Always select next before making calls: #8578
  • Bugfix - Fix sharing invite on virtual drive: #8609
  • Bugfix - Prevent copying a file to a parent folder: #8649
  • Bugfix - Disable Multipart uploads: #8666
  • Bugfix - Internal links shouldn't have a password: #8668
  • Bugfix - Fix uploading via a public link: #8702
  • Bugfix - Mask user email in output: #8726
  • Bugfix - Fix restarting of postprocessing: #8782
  • Bugfix - Fix the create personal space cache: #8799
  • Bugfix - Fix removing groups from space: #8803
  • Bugfix - Validate conditions for sharing roles by resource type: #8815
  • Bugfix - Fix creating the drive item: #8817
  • Bugfix - Fix unmount item from share: #8827
  • Bugfix - Fix creating new WOPI documents on public shares: #8828
  • Bugfix - Nats reconnects: #8880
  • Bugfix - Update the admin user role assignment to enforce the config: #8897
  • Bugfix - Fix affected users on sses: #8928
  • Bugfix - Fix well-known rewrite endpoint: #8946
  • Bugfix - Crash when processing crafted TIFF files: #8981
  • Bugfix - Fix collaboration registry setting: #9105
  • Bugfix - Service startup of WOPI example: #9127
  • Bugfix - Fix the status code for multiple mount and unmount share: #9193
  • Bugfix - Don't show thumbnails for secureview shares: #9299
  • Bugfix - Fix share update: #9301
  • Bugfix - Fix the error translation from utils: #9331
  • Bugfix - Fix the settings metedata tests: #9341
  • Bugfix - The hidden shares have been excluded from a search result: #9371
  • Bugfix - Encode Registry Keys: #9385
  • Change - Change the default store for presigned keys to nats-js-kv: #8419
  • Change - Disable resharing by default for deprecation: #8653
  • Change - The filesystem backend for the settings service has been removed: #9138
  • Change - Define maximum input image dimensions and size when generating previews: #9360
  • Enhancement - Introduce staticroutes package & remove well-known OIDC middleware: #6095
  • Enhancement - Graphs endpoint for mounting and unmounting shares: #7885
  • Enhancement - Add epub reader to web default apps: #8410
  • Enhancement - Change Cors default settings: #8518
  • Enhancement - Custom WEB App Loading: #8523
  • Enhancement - Update to go 1.22: #8586
  • Enhancement - Send more sse events: #8587
  • Enhancement - Send SSE when file is locked/unlocked: #8602
  • Enhancement - Add the spaceID to sse: #8614
  • Enhancement - The graph endpoints for listing permission works for spaces now: #8642
  • Enhancement - Bump keycloak: #8687
  • Enhancement - Make IDP cookies same site strict: #8716
  • Enhancement - Make server side space templates production ready: #8723
  • Enhancement - Sharing NG role names and descriptions: #8743
  • Enhancement - Ability to Change Share Item Visibility in Graph API: #8750
  • Enhancement - Enable web extension drawio by default: #8760
  • Enhancement - Remove resharing: #8762
  • Enhancement - Add CSP and other security related headers to oCIS: #8777
  • Enhancement - Add FileTouched SSE Event: #8778
  • Enhancement - Prepare runners to start the services: #8802
  • Enhancement - Sharing SSEs: #8854
  • Enhancement - Secure viewer share role: #8907
  • Enhancement - Add Link SSEs: #8908
  • Enhancement - ShareeIDs in SSEs: #8915
  • Enhancement - Allow to resolve public shares without the ocs tokeninfo endpoint: #8926
  • Enhancement - Initiator-IDs: #8936
  • Enhancement - Add endpoint for getting drive items: #8939
  • Enhancement - Improve infected file handling: #8947
  • Enhancement - Configurable claims for auto-provisioning user accounts: #8952
  • Enhancement - Bump nats-js-kv pkg: #8953
  • Enhancement - Graph permission created date time: #8954
  • Enhancement - Add virus filter to sessions command: #9041
  • Enhancement - Assimilate clean into sessions command: #9041
  • Enhancement - Add remote item id to WebDAV report responses: #9094
  • Enhancement - Theme Processing and Logo Customization: #9133
  • Enhancement - Add watermark text: #9144
  • Enhancement - Update selected attributes of autoprovisioned users: #9166
  • Enhancement - Limit concurrent thumbnail requests: #9199
  • Enhancement - The storage-users doc updated: #9228
  • Enhancement - Docker compose example for ClamAV: #9229
  • Enhancement - Add command to check ocis backup consistency: #9238
  • Enhancement - Web server compression: #9287
  • Enhancement - Add secureview flag when listing apps via http: #9289
  • Enhancement - Activitylog Service: #9327
  • Enhancement - Update web to v9.0.0-alpha.7: #9395
  • Enhancement - Bump Reva to v2.20.0: #9415

Details

Changelog for 5.0.5 (2024-05-22)

The following sections list the changes for 5.0.5.

Summary

  • Enhancement - Update web to v8.0.2: #9153

Details

Changelog for 5.0.4 (2024-05-13)

The following sections list the changes for 5.0.4.

Summary

  • Bugfix - Update reva to v2.19.7: #9011
  • Bugfix - Service startup of WOPI example: #9127
  • Bugfix - Nats reconnects: #9139

Details

Changelog for 5.0.3 (2024-05-02)

The following sections list the changes for 5.0.3.

Summary

  • Bugfix - Update the admin user role assignment to enforce the config: #8918
  • Bugfix - Crash when processing crafted TIFF files: #8981
  • Bugfix - Update reva to v2.19.6: #9011
  • Bugfix - Fix infected file handling: #9011

Details

Changelog for 5.0.2 (2024-04-17)

The following sections list the changes for 5.0.2.

Summary

  • Bugfix - Fix creating new WOPI documents on public shares: #8828
  • Bugfix - Update reva to v2.19.5: #8873

Details

Changelog for 5.0.1 (2024-04-10)

The following sections list the changes for 5.0.1.

Summary

  • Bugfix - Make IDP cookies same site strict: #8716
  • Bugfix - Update reva to v2.19.4: #8781
  • Bugfix - Fix restarting of postprocessing: #8782
  • Bugfix - Fix the create personal space cache: #8799

Details

  • Bugfix - Make IDP cookies same site strict: #8716

    To enhance the security of our application and prevent Cross-Site Request Forgery (CSRF) attacks, we have updated the SameSite attribute of the build in Identity Provider (IDP) cookies to Strict.

    This change restricts the browser from sending these cookies with any cross-site requests, thereby limiting the exposure of the user's session to potential threats.

    This update does not impact the existing functionality of the application but provides an additional layer of security where needed.

    This only affects cookies set by the built-in IDP. Production systems should not be affected.

    https://github.com/owncloud/ocis/pull/8716

  • Bugfix - Update reva to v2.19.4: #8781

    We updated reva to v2.19.4

    Https://github.com/owncloud/ocis/pull/8787

    We updated reva to v2.19.3

    https://github.com/owncloud/ocis/pull/8781

  • Bugfix - Fix restarting of postprocessing: #8782

    When an upload is not found, the logic to restart postprocessing was bunked. Additionally we extended the upload sessions command to be able to restart the uploads without using a second command.

    NOTE: This also includes a breaking fix for the deprecated ocis storage-users uploads list command

    https://github.com/owncloud/ocis/pull/8782

  • Bugfix - Fix the create personal space cache: #8799

    We fixed a problem with the config for the create personal space cache which resulted in the cache never being used.

    https://github.com/owncloud/ocis/pull/8799

Changelog for 4.0.7 (2024-03-27)

The following sections list the changes for 4.0.7.

Summary

  • Bugfix - Update reva to include bugfixes and improvements: #8718
  • Enhancement - Update to go 1.22: #8597

Details

Changelog for 5.0.0 (2024-03-18)

The following sections list the changes for 5.0.0.

Summary

  • Bugfix - Fix wrong compile date: #6132
  • Bugfix - Fix the kql-bleve search: #7290
  • Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
  • Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
  • Bugfix - Deprecate redundant encryptions settings for notification service: #7345
  • Bugfix - Check school number for duplicates before adding a school: #7351
  • Bugfix - Don't reload web config: #7369
  • Bugfix - Delete outdated userlog events: #7410
  • Bugfix - Set the mountpoint on auto accept: #7460
  • Bugfix - Fix default language fallback: #7465
  • Bugfix - GetUserByClaim fixed for Active Directory: #7476
  • Bugfix - Fix preview request 500 error when made too early: #7502
  • Bugfix - Fix 403 in docs pipeline: #7509
  • Bugfix - Fix the auth service env variable: #7523
  • Bugfix - Token storage config fixed: #7528
  • Bugfix - Set existing mountpoint on auto accept: #7592
  • Bugfix - Return 423 status code on tag create: #7596
  • Bugfix - Fix libre-graph status codes: #7678
  • Bugfix - Fix unlock via space API: #7726
  • Bugfix - Disable DEPTH infinity in PROPFIND: #7746
  • Bugfix - Fix the tgz mime type: #7772
  • Bugfix - Fix natsjs cache: #7790
  • Bugfix - Fix search service start: #7795
  • Bugfix - Fix search response: #7815
  • Bugfix - The race conditions in tests: #7847
  • Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
  • Bugfix - Fix the public link update: #7862
  • Bugfix - Fix jwt config of policies service: #7893
  • Bugfix - Updating logo with new theme structure: #7930
  • Bugfix - Password policy return code was wrong: #7952
  • Bugfix - Removed outdated and unused dependency from idp package: #7957
  • Bugfix - Update permission validation: #7963
  • Bugfix - Renaming a user to a string with capital letters: #7964
  • Bugfix - Improve OCM support: #7973
  • Bugfix - Permissions of a role with duplicate ID: #7976
  • Bugfix - Non durable streams for sse service: #7986
  • Bugfix - Fix empty trace ids: #8023
  • Bugfix - Fix search by containing special characters: #8050
  • Bugfix - Fix the upload postprocessing: #8117
  • Bugfix - Disallow to delete a file during the processing: #8132
  • Bugfix - Fix wrong naming in nats-js-kv registry: #8140
  • Bugfix - IDP CS3 backend sessions now survive a restart: #8142
  • Bugfix - Fix patching of language: #8182
  • Bugfix - Fix search service to not log expected cases as errors: #8200
  • Bugfix - Updating and reset logo failed: #8211
  • Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
  • Bugfix - Cleanup search/pkg/search/search.go: #8230
  • Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
  • Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
  • Bugfix - Fix nats authentication: #8236
  • Bugfix - Fix the resource name: #8246
  • Bugfix - Apply role constraints when creating shares via the graph API: #8247
  • Bugfix - Fix concurrent access to a map: #8269
  • Bugfix - Fix nats registry: #8281
  • Bugfix - Remove invalid environment variables: #8303
  • Bugfix - Fix concurrent shares config: #8317
  • Bugfix - Fix Content-Disposition header for downloads: #8381
  • Bugfix - Signed url verification: #8385
  • Bugfix - Fix an error when move: #8396
  • Bugfix - Fix extended env parser: #8409
  • Bugfix - Graph/drives/permission Expiration date update: #8413
  • Bugfix - Fix search error message: #8444
  • Bugfix - Graph/sharedWithMe align IDs with webdav response: #8467
  • Bugfix - Fix an error when lock/unlock a public shared file: #8472
  • Bugfix - Bump reva to pull in changes to fix recursive trashcan purge: #8505
  • Bugfix - Fix remove/update share permissions: #8529
  • Bugfix - Fix graph drive invite: #8538
  • Bugfix - We now always select the next clients when autoaccepting shares: #8570
  • Bugfix - Correct the default mapping of roles: #8639
  • Bugfix - Disable Multipart uploads: #8667
  • Bugfix - Fix last month search: #31145
  • Change - Auto-Accept Shares: #7097
  • Change - Change the default TUS chunk size: #7273
  • Change - Remove privacyURL and imprintURL from the config: #7938
  • Change - Remove accessDeniedHelpUrl from the config: #7970
  • Change - Change the default store for presigned keys to nats-js-kv: #8419
  • Change - Deprecate sharing cs3 backends: #8478
  • Enhancement - Add the Banned Passwords List: #4197
  • Enhancement - Introduce service accounts: #6427
  • Enhancement - SSE for messaging: #6992
  • Enhancement - Support spec violating AD FS access token issuer: #7140
  • Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
  • Enhancement - Keyword Query Language (KQL) search syntax: #7212
  • Enhancement - Introduce clientlog service: #7217
  • Enhancement - Proxy uses service accounts for provisioning: #7240
  • Enhancement - The password policies change request: #7264
  • Enhancement - Introduce natsjs registry: #7272
  • Enhancement - Add the password policies: #7285
  • Enhancement - Add login URL config: #7317
  • Enhancement - Improve SSE format: #7325
  • Enhancement - New value auto for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356
  • Enhancement - Make sse service scalable: #7382
  • Enhancement - Edit wrong named enves: #7406
  • Enhancement - Thumbnail generation with image processors: #7409
  • Enhancement - Set default for Async Uploads to true: #7416
  • Enhancement - The default language added: #7417
  • Enhancement - Add "Last modified" filter Chip: #7455
  • Enhancement - Config for disabling Web extensions: #7486
  • Enhancement - Store and index metadata: #7490
  • Enhancement - Add support for audio files to the thumbnails service: #7491
  • Enhancement - Implement sharing roles: #7524
  • Enhancement - Add new permission to delete public link password: #7538
  • Enhancement - Add config to enforce passwords on all public links: #7547
  • Enhancement - Tika content extraction cleanup for search: #7553
  • Enhancement - Allow configuring storage registry with envvars: #7554
  • Enhancement - Add search MediaType filter: #7602
  • Enhancement - Add Sharing NG endpoints: #7633
  • Enhancement - Configs for Web embed mode: #7670
  • Enhancement - Support login page background configuration: #7674
  • Enhancement - Add new permissions: #7700
  • Enhancement - Add preferred language to user settings: #7720
  • Enhancement - Add user filter startswith and contains: #7739
  • Enhancement - Allow configuring additional routes: #7741
  • Enhancement - Default link permission config: #7783
  • Enhancement - Add banned password list to the default deployments: #7784
  • Enhancement - Update to go 1.21: #7794
  • Enhancement - Add Sharing NG list permissions endpoint: #7805
  • Enhancement - Add user list requires filter config: #7866
  • Enhancement - Retry antivirus postprocessing step in case of problems: #7874
  • Enhancement - Add validation to public share provider: #7877
  • Enhancement - Graphs endpoint for mounting and unmounting shares: #7885
  • Enhancement - Store and index metadata: #7886
  • Enhancement - Allow regular users to list other users: #7887
  • Enhancement - Add edit public share to sharing NG: #7908
  • Enhancement - Add cli commands for trash-bin: #7917
  • Enhancement - Add validation update public share: #7978
  • Enhancement - Allow inmemory nats-js-kv stores: #7979
  • Enhancement - Disable the password policy: #7985
  • Enhancement - Use kv store in natsjs registry: #7987
  • Enhancement - Allow authentication nats connections: #7989
  • Enhancement - Add RED metrics to the metrics endpoint: #7994
  • Enhancement - Add ocm and sciencemesh services: #7998
  • Enhancement - Make nats-js-kv the default registry: #8011
  • Enhancement - Service Account roles: #8051
  • Enhancement - Update antivirus service: #8062
  • Enhancement - Remove deprecated environment variables: #8149
  • Enhancement - Disable the password policy: #8152
  • Enhancement - Allow restarting multiple uploads with one command: #8287
  • Enhancement - Modify the concurrency default: #8309
  • Enhancement - Improve ocis single binary start: #8320
  • Enhancement - Use environment variables in yaml config files: #8339
  • Enhancement - Increment filenames on upload collisions in secret filedrops: #8340
  • Enhancement - Allow sending multiple user ids in one sse event: #8379
  • Enhancement - Allow to skip service listing: #8408
  • Enhancement - Add a make step to validate the env var annotations: #8436
  • Enhancement - Drop the unnecessary grants exists check when creating shares: #8502
  • Enhancement - Update to go 1.22: #8586
  • Enhancement - Update web to v8.0.0: #8613
  • Enhancement - Update web to v8.0.1: #8626
  • Enhancement - Update reva to 2.19.2: #8638

Details

Changelog for 4.0.6 (2024-02-07)

The following sections list the changes for 4.0.6.

Summary

  • Bugfix - Fix RED metrics on the metrics endpoint: #7994
  • Bugfix - Signed url verification: #8385

Details

  • Bugfix - Fix RED metrics on the metrics endpoint: #7994

    We connected some metrics to the metrics endpoint to support the RED method for monitoring microservices.

    • Request Rate: The number of requests per second. The total count of requests is available under ocis_proxy_requests_total. - Error Rate: The number of failed requests per second. The total count of failed requests is available under ocis_proxy_errors_total. - Duration: The amount of time each request takes. The duration of all requests is available under ocis_proxy_request_duration_seconds. This is a histogram metric, so it also provides information about the distribution of request durations.

    The metrics are available under the following paths: PROXY_DEBUG_ADDR/metrics in a prometheus compatible format and maybe secured by PROXY_DEBUG_TOKEN.

    https://github.com/owncloud/ocis/pull/7994

  • Bugfix - Signed url verification: #8385

    Signed urls now expire properly

    https://github.com/owncloud/ocis/pull/8385

Changelog for 4.0.5 (2023-12-21)

The following sections list the changes for 4.0.5.

Summary

  • Bugfix - Fix reva config of frontend service to avoid misleading error logs: #7934
  • Bugfix - Do not purge expired upload sessions that are still postprocessing: #7941
  • Bugfix - Fix trace ids: #8026
  • Enhancement - Add cli commands for trash-bin: #7936

Details

Changelog for 4.0.4 (2023-12-07)

The following sections list the changes for 4.0.4.

Summary

  • Enhancement - Update reva to improve trashbin listing: #7858

Details

Changelog for 4.0.3 (2023-11-24)

The following sections list the changes for 4.0.3.

Summary

  • Bugfix - Bump reva to 2.16.2: #7512
  • Bugfix - Token storage config fixed: #7546
  • Enhancement - Support spec violating AD FS access token issuer: #7138
  • Enhancement - Update web to v7.1.2: #7798

Details

Changelog for 4.0.2 (2023-09-28)

The following sections list the changes for 4.0.2.

Summary

  • Bugfix - Actually pass PROXY_OIDC_SKIP_USER_INFO option to oidc client middleware: #7220
  • Bugfix - Disable username validation for keycloak example: #7230
  • Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
  • Bugfix - Do not reset received share state to pending: #7319
  • Bugfix - Bump reva to 2.16.1: #7350
  • Bugfix - Check school number for duplicates before adding a school: #7351
  • Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176

Details

Changelog for 4.0.1 (2023-09-01)

The following sections list the changes for 4.0.1.

Summary

  • Bugfix - Disallow sharee to search sharer files outside the share: #7184

Details

  • Bugfix - Disallow sharee to search sharer files outside the share: #7184

    When a file was shared with user(sharee) and the sharee searched the shared file the response contained unshared resources as well.

    https://github.com/owncloud/ocis/pull/7184

Changelog for 4.0.0 (2023-08-21)

The following sections list the changes for 4.0.0.

Summary

  • Bugfix - Fix error message on 400 response for thumbnail requests: #2064
  • Bugfix - Handle the bad request status: #6469
  • Bugfix - Add missing timestamps: #6515
  • Bugfix - Add token to LinkAccessedEvent: #6554
  • Bugfix - Don't connect to ldap on startup: #6565
  • Bugfix - Add default store to postprocessing: #6578
  • Bugfix - Fix the oidc role assigner: #6605
  • Bugfix - Restart Postprocessing: #6726
  • Bugfix - Fix search shares: #6741
  • Bugfix - Fix the default document language for OnlyOffice: #6878
  • Bugfix - Fix nats registry: #6881
  • Bugfix - Check public auth first: #6900
  • Bugfix - Fix CORS issues: #6912
  • Bugfix - Let clients cache web and theme assets: #6914
  • Bugfix - Fix the search: #6947
  • Bugfix - Graph service did not honor the OCIS_LDAP_GROUP_SCHEMA_MEMBER setting: #7032
  • Bugfix - Fix the routing capability: #9367
  • Change - YAML configuration files are restricted to yaml-1.2: #6510
  • Enhancement - Add SSE Endpoint: #5998
  • Enhancement - Add postprocessing mimetype to extension helper: #6133
  • Enhancement - Add more metadata to the remote item: #6300
  • Enhancement - Add WEB_OPTION_OPEN_LINKS_WITH_DEFAULT_APP env variable: #6328
  • Enhancement - Fix the username validation: #6437
  • Enhancement - Use reva client selectors: #6452
  • Enhancement - Add companion URL config: #6453
  • Enhancement - Update go-micro kubernetes registry: #6457
  • Enhancement - Add imprint and privacy url config: #6462
  • Enhancement - Update web to v7.0.1: #6470
  • Enhancement - Make the app provider service name configurable: #6482
  • Enhancement - Fix the groupname validation: #6490
  • Enhancement - Add functionality to retry postprocessing: #6500
  • Enhancement - Fix envvar defaults: #6516
  • Enhancement - Add permissions to report: #6528
  • Enhancement - Add old & new values to audit logs: #6537
  • Enhancement - Allow disabling wopi chat: #6544
  • Enhancement - We added the storage id to the audit log for spaces: #6548
  • Enhancement - Add logged out url config: #6549
  • Enhancement - Add 'ocis decomposedfs check-treesize' command: #6556
  • Enhancement - Skip if the simulink is a directory: #6574
  • Enhancement - Thumbnails can be disabled for webdav & web now: #6577
  • Enhancement - Make the post logout redirect uri configurable: #6583
  • Enhancement - Move proxy to service tracerprovider: #6591
  • Enhancement - Add IDs to graph resource logging: #6593
  • Enhancement - Add search result content preview and term highlighting: #6634
  • Enhancement - Move graph to service tracerprovider: #6695
  • Enhancement - Provide Search filter for locations: #6713
  • Enhancement - Add X-Request-Id to all responses: #6715
  • Enhancement - Clarify license text in the dev docs: #6755
  • Enhancement - Add WEB_OPTION_TOKEN_STORAGE_LOCAL env variable: #6760
  • Enhancement - Bump Hugo: #6787
  • Enhancement - Bump reva to 2.16.0: #6829
  • Enhancement - Configure max grpc message size: #6849
  • Enhancement - Improve the notification logs: #6862
  • Enhancement - Extendable policy mimetype extension mapping: #6869
  • Enhancement - Evaluate policy resource information on single file shares: #6888
  • Enhancement - Update web to v7.1.0-rc.5: #6944
  • Enhancement - Add static secret to gn endpoints: #6946
  • Enhancement - Bump sonarcloud: #6961
  • Enhancement - Nats named connections: #6979
  • Enhancement - Add command for rebuilding the jsoncs3 share manager indexes: #6986
  • Enhancement - Remove deprecated environment variables: #7099
  • Enhancement - Update web to v7.1.0: #7107

Details

Changelog for 3.0.0 (2023-06-06)

The following sections list the changes for 3.0.0.

Summary

  • Bugfix - Use UUID attribute for computing "sub" claim in lico idp: #904
  • Bugfix - Fix default role assignment for demo users: #3432
  • Bugfix - Hide the existence of space when deleting/updating: #5031
  • Bugfix - Fix Postprocessing events: #5269
  • Bugfix - Return 425 on Thumbnails: #5300
  • Bugfix - Disassociate users from deleted school: #5343
  • Bugfix - Fix Search tag indexing: #5405
  • Bugfix - Populate expanded properties: #5421
  • Bugfix - Fix the empty string givenName attribute when creating user: #5431
  • Bugfix - Add portrait thumbnail resolutions: #5656
  • Bugfix - Fix so that PATCH requests for groups actually updates the group name: #5949
  • Bugfix - Add missing CORS config: #5987
  • Bugfix - Fix authenticate headers for API requests: #5992
  • Bugfix - Fix OIDC auth cache: #5997
  • Bugfix - Fix user type config for user provider: #6027
  • Bugfix - Fix the wrong status code when appRoleAssignments is forbidden: #6037
  • Bugfix - Fix Search reindexing performance regression: #6085
  • Bugfix - Fix userlog panic: #6114
  • Bugfix - Fix wrong compile date: #6132
  • Bugfix - Fix Logout Url config name: #6227
  • Bugfix - Allow selected updates on graph users: #6233
  • Bugfix - Add missing response to blocked requests: #6277
  • Bugfix - Update the default admin role: #6310
  • Bugfix - Trace proxy middlewares: #6313
  • Bugfix - Reduced default TTL of user and group caches in graph API: #6320
  • Bugfix - Empty exact list while searching for a sharee: #6398
  • Bugfix - Fix error message when disabling users: #6435
  • Change - Remove the settings ui: #5463
  • Change - Do not share versions: #5531
  • Change - Bump libregraph lico: #5768
  • Change - Updated Cache Configuration: #5829
  • Change - We renamed the guest role to user light: #6456
  • Enhancement - Rename permissions: #3922
  • Enhancement - Open Debug endpoint for Notifications: #5002
  • Enhancement - Open Debug endpoint for Nats: #5002
  • Enhancement - Add otlp tracing exporter: #5132
  • Enhancement - Add global env variable extractor: #5164
  • Enhancement - Async Postprocessing: #5207
  • Enhancement - Extended search: #5221
  • Enhancement - Resource tags: #5227
  • Enhancement - Bump libre-graph-api-go: #5309
  • Enhancement - Drive group permissions: #5312
  • Enhancement - Expiration Notifications: #5330
  • Enhancement - Graph Drives IdentitySet displayName: #5347
  • Enhancement - Make the group members addition limit configurable: #5357
  • Enhancement - Collect global envvars: #5367
  • Enhancement - Add webfinger service: #5373
  • Enhancement - Display surname and givenName attributes: #5388
  • Enhancement - Add expiration to user and group shares: #5389
  • Enhancement - Space Management permissions: #5441
  • Enhancement - Better config for postprocessing service: #5457
  • Enhancement - Cli to purge expired trash-bin items: #5500
  • Enhancement - Allow username to be changed: #5509
  • Enhancement - Allow users to be disabled: #5588
  • Enhancement - Make the settings bundles part of the service config: #5589
  • Enhancement - Add endpoint to list permissions: #5594
  • Enhancement - Eventhistory service: #5600
  • Enhancement - Userlog Service: #5610
  • Enhancement - Added option to configure default quota per role: #5616
  • Enhancement - Add new SetProjectSpaceQuota permission: #5660
  • Enhancement - Make graph/education API errors more consistent: #5682
  • Enhancement - Add new permission for public links: #5690
  • Enhancement - Userlog: #5699
  • Enhancement - Introduce policies-service: #5714
  • Enhancement - Update to go 1.20 to use memlimit: #5732
  • Enhancement - Add endpoints to upload a custom logo: #5735
  • Enhancement - Add config option to enforce passwords on public links: #5848
  • Enhancement - Add 'ocis decomposedfs metadata' command: #5858
  • Enhancement - Use gotext master: #5867
  • Enhancement - No Notifications for own actions: #5871
  • Enhancement - Automate md creation: #5901
  • Enhancement - Notify about policies: #5912
  • Enhancement - Use Accept-Language Header: #5918
  • Enhancement - Add MessageRichParameters: #5927
  • Enhancement - Add more logging to av service: #5973
  • Enhancement - Make the LDAP base DN for new groups configurable: #5974
  • Enhancement - Add a capability for the Personal Data export: #5984
  • Enhancement - Bump go-ldap version: #6004
  • Enhancement - Configure GRPC in ocs: #6022
  • Enhancement - Web config additions: #6032
  • Enhancement - Notifications: #6038
  • Enhancement - Added possibility to assign roles based on OIDC claims: #6048
  • Enhancement - GDPR Export: #6064
  • Enhancement - Add optional services to the runtime: #6071
  • Enhancement - Determine the users language to translate via Transifex: #6089
  • Enhancement - Return Bad Request when requesting GDPR export for another user: #6123
  • Enhancement - Disable Notifications: #6137
  • Enhancement - Add the email HTML templates: #6147
  • Enhancement - Add debug server to idm: #6153
  • Enhancement - Add debug server to audit: #6178
  • Enhancement - Web options configuration: #6188
  • Enhancement - Add debug server to userlog: #6202
  • Enhancement - Add debug server to postprocessing: #6203
  • Enhancement - Add debug server to eventhistory: #6204
  • Enhancement - Add specific result to antivirus for debugging: #6265
  • Enhancement - Add Store to postprocessing: #6281
  • Enhancement - Update web to v7.0.0-rc.37: #6294
  • Enhancement - Remove quota from share jails api responses: #6309
  • Enhancement - Graph user capabilities: #6339
  • Enhancement - Configurable ID Cache: #6353
  • Enhancement - Fix err when the user share the locked file: #6358
  • Enhancement - Remove the email logo: #6359
  • Enhancement - Default LDAP write to true: #6362
  • Enhancement - Add fulltextsearch capabilty: #6366
  • Enhancement - Update web to v7.0.0-rc.38: #6375
  • Enhancement - Fix preview or viewing of shared animated GIFs: #6386
  • Enhancement - Unify CA Cert envvars: #6392
  • Enhancement - Fix to prevent the email X-Site scripting: #6429
  • Enhancement - Update web to v7.0.0: #6438
  • Enhancement - Update Reva to version 2.14.0: #6448

Details

Changelog for 2.0.0 (2022-11-30)

The following sections list the changes for 2.0.0.

Summary

  • Bugfix - Substring search for sharees: #547
  • Bugfix - Return proper errors when ocs/cloud/users is using the cs3 backend: #3483
  • Bugfix - Thumbnails for /dav/xxx?preview=1 requests: #3567
  • Bugfix - URL encode the webdav url in the graph API: #3597
  • Bugfix - Idp: Check if CA certificate if present: #3623
  • Bugfix - Fix DN parsing issues and sizelimit handling in libregraph/idm: #3631
  • Bugfix - Fix the webdav URL of drive roots: #3706
  • Bugfix - Check permissions when deleting Space: #3709
  • Bugfix - Remove runtime kill and run commands: #3740
  • Bugfix - Make IDP secrets configurable via environment variables: #3744
  • Bugfix - Store user passwords hashed in idm: #3778
  • Bugfix - Fix version number in status page: #3788
  • Bugfix - Fix Thumbnails for IDs without a trailing path: #3791
  • Bugfix - Fix the ocis search command: #3796
  • Bugfix - Remove unused transfer secret from app provider: #3798
  • Bugfix - Fix the idm and settings extensions' admin user id configuration option: #3799
  • Bugfix - Rename search env variable for the grpc server address: #3800
  • Bugfix - Fix multiple storage-users env variables: #3802
  • Bugfix - Save Katherine: #3823
  • Bugfix - Enable debug server by default: #3827
  • Bugfix - Remove legacy accounts proxy routes: #3831
  • Bugfix - Set default name for public link via capabilities: #3834
  • Bugfix - Fix search index getting out of sync: #3851
  • Bugfix - Inconsistency env var naming for LDAP filter configuration: #3890
  • Bugfix - Allow empty environment variables: #3892
  • Bugfix - Fix user autoprovisioning: #3893
  • Bugfix - Fix LDAP insecure options: #3897
  • Bugfix - Rework default role provisioning: #3900
  • Bugfix - Fix configuration validation for extensions' server commands: #3911
  • Bugfix - Fix graph endpoint: #3925
  • Bugfix - Fix version info: #3953
  • Bugfix - Remove unused OCS storage configuration: #3955
  • Bugfix - Make ocdav service behave properly: #3957
  • Bugfix - Make IDP only wait for certs when using LDAP: #3965
  • Bugfix - Remove unused configuration options: #3973
  • Bugfix - CSP rules for silent token refresh in iframe: #4031
  • Bugfix - Logging in on the wrong account when an email address is not unique: #4039
  • Bugfix - Remove static ocs user backend config: #4077
  • Bugfix - Fix make sensitive config values in the proxy's debug server: #4086
  • Bugfix - Fix startup error logging: #4093
  • Bugfix - Polish search: #4094
  • Bugfix - Fix logging levels: #4102
  • Bugfix - Escape DN attribute value: #4117
  • Bugfix - Fix OCIS_RUN_SERVICES: #4133
  • Bugfix - Space Creators can hand over spaces: #4244
  • Bugfix - Fix handling of invalid LDAP users and groups: #4274
  • Bugfix - Fix search in received shares: #4308
  • Bugfix - Fix unrestricted quota on the graphAPI: #4363
  • Bugfix - Autocreate IDP private key also if file exists but is empty: #4394
  • Bugfix - Show help for some commands when unconfigured: #4405
  • Bugfix - Rename extensions to services (leftover occurrences): #4407
  • Bugfix - Fix configuration of mimetypes for the app registry: #4411
  • Bugfix - Disable default expiration for public links: #4445
  • Bugfix - Fix permissions in REPORT: #4520
  • Bugfix - Render webdav permissions as string in search report: #4575
  • Bugfix - Graph service now forwards trace context: #4582
  • Bugfix - Fix sharing jsoncs3 driver options: #4593
  • Bugfix - Fix the OIDC provider cache: #4600
  • Bugfix - Change the default value for PROXY_OIDC_INSECURE to false: #4601
  • Bugfix - Fix authentication for autoprovisioned users: #4616
  • Bugfix - Fix wopi access to public shares: #4631
  • Bugfix - Fix unfindable entities from shares/publicshares: #4651
  • Bugfix - Fix notifications service settings: #4652
  • Bugfix - Bring back the settings UI in Web: #4691
  • Bugfix - Don't run auth-bearer service by default: #4692
  • Bugfix - Mail notifications for group shares: #4714
  • Bugfix - Make tokeninfo endpoint unprotected: #4715
  • Bugfix - Fix cache stat table config: #4732
  • Bugfix - Trigger a rescan of spaces in the search index when items have changed: #4777
  • Bugfix - Disable cache for selected static web assets: #4809
  • Bugfix - Remove the storage-users event configuration: #4825
  • Bugfix - Fix the shareroot path in REPORT responses: #4859
  • Bugfix - Disable federation capabilities: #4864
  • Bugfix - Fix permission check in settings service: #4890
  • Bugfix - Fix CORS in frontend service: #4948
  • Bugfix - Fix notifications Web UI url: #4998
  • Bugfix - Do not reindex a space twice at the same time: #5001
  • Bugfix - Find spaces by their name: #5044
  • Bugfix - Initial role assignment with external IDM: #5045
  • Bugfix - Lower IDP token lifespans: #5077
  • Bugfix - Adjust cache related configuration options: #5087
  • Bugfix - Make storage users mount ids unique by default: #5091
  • Bugfix - Update reva to version 2.12.0: #5092
  • Bugfix - Decomposedfs increase filelock duration factor: #5130
  • Bugfix - Translations on login page: #7550
  • Bugfix - Fix search report: #7557
  • Bugfix - Fix unused config option GRAPH_SPACES_INSECURE: #55555
  • Change - Switched default configuration to use libregraph/idm: #3331
  • Change - Introduce ocis init and remove all default secrets: #3551
  • Change - Load configuration files just from one directory: #3587
  • Change - Reduce drives in graph /me/drives API: #3629
  • Change - Reduce permissions on docker image predeclared volumes: #3641
  • Change - Use new space ID util functions: #3648
  • Change - Rename MetadataUserID: #3671
  • Change - Split MachineAuth from SystemUser: #3672
  • Change - Rename serviceUser to systemUser: #3673
  • Change - Update ocis packages and imports to V2: #3678
  • Change - The glauth and accounts services are removed: #3685
  • Change - Prevent access to disabled space: #3779
  • Change - Rename "uploads purge" command to "uploads clean": #4403
  • Change - Enable private links by default: #4599
  • Change - Use the spaceID on the cs3 resource: #4748
  • Change - Build service frontends with pnpm instead of yarn: #4878
  • Enhancement - Disable the color logging in docker compose examples: #871
  • Enhancement - Product field in OCS version: #2918
  • Enhancement - Add /me/changePassword endpoint to GraphAPI: #3063
  • Enhancement - Update IdP UI: #3493
  • Enhancement - Update reva to v2.3.1: #3552
  • Enhancement - Update linkshare capabilities: #3579
  • Enhancement - Wrap metadata storage with dedicated reva gateway: #3602
  • Enhancement - Align service naming: #3606
  • Enhancement - Added share_jail and projects feature flags in spaces capability: #3626
  • Enhancement - Add initial version of the search extensions: #3635
  • Enhancement - Don't setup demo role assignments on default: #3661
  • Enhancement - Restrict admins from self-removal: #3713
  • Enhancement - Update reva to version 2.4.1: #3746
  • Enhancement - Add description tags to the thumbnails config structs: #3752
  • Enhancement - Add acting user to the audit log: #3753
  • Enhancement - Add descriptions to webdav configuration: #3755
  • Enhancement - Add descriptions for graph-explorer config: #3759
  • Enhancement - Add config option to provide TLS certificate: #3818
  • Enhancement - Introduce service registry cache: #3833
  • Enhancement - Improve validation of OIDC access tokens: #3841
  • Enhancement - Reintroduce user autoprovisioning in proxy: #3860
  • Enhancement - Allow resharing: #3904
  • Enhancement - Generate signing key and encryption secret: #3909
  • Enhancement - Add deprecation annotation: #3917
  • Enhancement - Update reva to version 2.5.1: #3932
  • Enhancement - Add audit events for created containers: #3941
  • Enhancement - Update reva: #3944
  • Enhancement - Make thumbnails service log less noisy: #3959
  • Enhancement - Refactor extensions to services: #3980
  • Enhancement - Add capability for alias links: #3983
  • Enhancement - New migrate command for migrating shares and public shares: #3987
  • Enhancement - Update ownCloud Web to v5.7.0-rc.1: #4005
  • Enhancement - Add FRONTEND_ENABLE_RESHARING env variable: #4023
  • Enhancement - Add drives field to users endpoint: #4072
  • Enhancement - Added command to reset administrator password: #4084
  • Enhancement - Update reva to version 2.7.2: #4115
  • Enhancement - Search service at the old webdav endpoint: #4118
  • Enhancement - Update ownCloud Web to v5.7.0-rc.4: #4140
  • Enhancement - Add number of total matches to the search result: #4189
  • Enhancement - Introduce "delete-all-spaces" permission: #4196
  • Enhancement - Improve error log for "could not get user by claim" error: #4227
  • Enhancement - Allow providing list of services NOT to start: #4254
  • Enhancement - Introduce insecure flag for smtp email notifications: #4279
  • Enhancement - Update reva to v2.7.4: #4294
  • Enhancement - Update ownCloud Web to v5.7.0-rc.8: #4314
  • Enhancement - OCS get share now also handle received shares: #4322
  • Enhancement - Fix behavior for foobar (in present tense): #4346
  • Enhancement - Use storageID when requesting special items: #4356
  • Enhancement - Expand personal drive on the graph user: #4357
  • Enhancement - Rewrite of the request authentication middleware: #4374
  • Enhancement - Add /app/open-with-web endpoint: #4376
  • Enhancement - Added language option to the app provider: #4399
  • Enhancement - Refactor the proxy service: #4401
  • Enhancement - Add previewFileMimeTypes to web default config: #4414
  • Enhancement - Update ownCloud Web to v5.7.0-rc.10: #4439
  • Enhancement - Add configuration options for mail authentication and encryption: #4443
  • Enhancement - Update reva to v2.8.0: #4444
  • Enhancement - Add missing unprotected paths: #4454
  • Enhancement - Automatically orientate photos when generating thumbnails: #4477
  • Enhancement - Improve login screen design: #4500
  • Enhancement - Update ownCloud Web to v5.7.0: #4508
  • Enhancement - Update Reva to version 2.10.0: #4522
  • Enhancement - Add Email templating: #4564
  • Enhancement - Allow to configure applications in Web: #4578
  • Enhancement - Add webURL to space root: #4588
  • Enhancement - Update reva to version 2.11.0: #4588
  • Enhancement - Allow to configuring the reva cache store: #4627
  • Enhancement - Add thumbnails support for tiff and bmp files: #4634
  • Enhancement - Add support for REPORT requests to /dav/spaces URLs: #4661
  • Enhancement - Make it possible to configure a WOPI folderurl: #4716
  • Enhancement - Add curl to the oCIS OCI image: #4751
  • Enhancement - Report parent id: #4757
  • Enhancement - Secure the nats connection with TLS: #4781
  • Enhancement - Allow to setup TLS for grpc services: #4798
  • Enhancement - We added e-mail subject templating: #4799
  • Enhancement - Logging improvements: #4815
  • Enhancement - Prohibit users from setting or listing other user's values: #4897
  • Enhancement - Deny access to resources: #4903
  • Enhancement - Validate space names: #4955
  • Enhancement - Configurable max lock cycles: #4965
  • Enhancement - Rename AUTH_BASIC_AUTH_PROVIDER envvar: #4966
  • Enhancement - Default to tls 1.2: #4969
  • Enhancement - Add the "hidden" state to the search index: #5018
  • Enhancement - Remove windows from ci & release makefile: #5026
  • Enhancement - Add tracing to search: #5113
  • Enhancement - Update ownCloud Web to v6.0.0: #5153
  • Enhancement - Add capability for public link single file edit: #6787
  • Enhancement - Update ownCloud Web to v5.5.0-rc.8: #6854
  • Enhancement - Update ownCloud Web to v5.5.0-rc.9: #6854
  • Enhancement - Update ownCloud Web to v5.5.0-rc.6: #6854
  • Enhancement - Optional events in graph service: #55555

Details

Changelog for 1.20.0 (2022-04-13)

The following sections list the changes for 1.20.0.

Summary

  • Bugfix - Ensure the same data on /ocs/v?.php/config like oC10: #3113
  • Bugfix - Use the default server download protocol if spaces are not supported: #3386
  • Bugfix - Add owncloudsql driver to authprovider config: #3435
  • Bugfix - Corrected documentation: #3439
  • Change - Fix keys with underscores in the config files: #3412
  • Change - Don't create demo users by default: #3474
  • Enhancement - Add sorting to GraphAPI users and groups: #3360
  • Enhancement - Use embeddable ocdav go micro service: #3397
  • Enhancement - Update reva to v2.2.0: #3397
  • Enhancement - Make config dir configurable: #3440
  • Enhancement - Replace deprecated String.prototype.substr(): #3448
  • Enhancement - Alias links: #3454
  • Enhancement - Implement audit events for user and groups: #3467
  • Enhancement - Unify LDAP config settings across services: #3476
  • Enhancement - Update ownCloud Web to v5.4.0: #6709

Details

Changelog for 1.19.0 (2022-03-29)

The following sections list the changes for 1.19.0.

Summary

  • Bugfix - Fix request validation on GraphAPI User updates: #3167
  • Bugfix - Network configuration in individual_services example: #3238
  • Bugfix - Improve gif thumbnails: #3305
  • Bugfix - Replace public mountpoint fileid with grant fileid: #3349
  • Bugfix - Fix error handling in GraphAPI GetUsers call: #3357
  • Change - Switch NATS backend: #3192
  • Change - Settings service now stores its data via metadata service: #3232
  • Change - Add remote item to mountpoint and fix spaceID: #3365
  • Change - Drop json config file support: #3366
  • Enhancement - Include etags in drives listing: #3267
  • Enhancement - Improve thumbnails API: #3272
  • Enhancement - Add space aliases: #3283
  • Enhancement - Log sharing events in audit service: #3301
  • Enhancement - Add password reset link to login page: #3329
  • Enhancement - Update reva to v2.1.0: #3330
  • Enhancement - Audit logger will now log file events: #3332
  • Enhancement - Update ownCloud Web to v5.3.0: #6561

Details

Changelog for 1.19.1 (2022-03-29)

The following sections list the changes for 1.19.1.

Summary

  • Bugfix - Return correct special item urls: #3419

Details

Changelog for 1.18.0 (2022-03-03)

The following sections list the changes for 1.18.0.

Summary

  • Bugfix - Align storage metadata GPRC bind port with other variable names: #3169
  • Bugfix - Make events settings configurable: #3214
  • Bugfix - Capabilities for password protected public links: #3229
  • Change - Unify file IDs: #3185
  • Enhancement - Re-Enabling web cache control: #3109
  • Enhancement - Add SPA conform fileserver for web: #3109
  • Enhancement - Add sorting to list Spaces: #3200
  • Enhancement - Change NATS port: #3210
  • Enhancement - Implement notifications service: #3217
  • Enhancement - Thumbnails in spaces: #3219
  • Enhancement - Update reva to v2.0.0: #3231
  • Enhancement - Update ownCloud Web to v5.2.0: #6506

Details

Changelog for 1.17.0 (2022-02-16)

The following sections list the changes for 1.17.0.

Summary

  • Bugfix - Fix configuration for space membership endpoint: #2893
  • Bugfix - Add ocis storage-auth-machine subcommand: #2910
  • Bugfix - Fix the default tracing provider: #2952
  • Bugfix - Fix retry handling for LDAP connections: #2974
  • Bugfix - Remove group memberships when deleting a user: #3027
  • Bugfix - Make the default grpc client use the registry settings: #3041
  • Bugfix - Use same jwt secret for accounts as for metadata storage: #3081
  • Change - Unify configuration and commands: #2818
  • Change - Update libre-graph-api to v0.3.0: #2858
  • Change - Return not found when updating non existent space: #2869
  • Change - Update the graph api: #2885
  • Change - Change log level default from debug to error: #3071
  • Change - Remove the ownCloud storage driver: #3072
  • Change - Functionality to restore spaces: #3092
  • Change - Extended Space Properties: #3141
  • Enhancement - Support signature auth in the public share auth middleware: #2831
  • Enhancement - Update REVA to v1.16.1-0.20220215130802-df1264deff58: #2878
  • Enhancement - Add new file url of the app provider to the ocs capabilities: #2884
  • Enhancement - Update ownCloud Web to v5.0.0: #2895
  • Enhancement - Add spaces capability: #2931
  • Enhancement - Add filter by driveType and id to /me/drives: #2946
  • Enhancement - Introduce User and Group Management capabilities on GraphAPI: #2947
  • Enhancement - Update REVA to v1.16.1-0.20220112085026-07451f6cd806: #2953
  • Enhancement - Add endpoint to retrieve a single space: #2978
  • Enhancement - Add graph endpoint to delete and purge spaces: #2979
  • Enhancement - Add permissions to graph drives: #3095
  • Enhancement - Consul as supported service registry: #3133
  • Enhancement - Provide Description when creating a space: #3167

Details

Changelog for 1.16.0 (2021-12-10)

The following sections list the changes for 1.16.0.

Summary

  • Bugfix - Fix claim selector based routing for basic auth: #2779
  • Bugfix - Fix using s3ng as the metadata storage backend: #2807
  • Bugfix - Disallow creation of a group with empty name via the OCS api: #2825
  • Bugfix - Use the CS3api up- and download workflow for the accounts service: #2837
  • Change - OIDC: fallback if IDP doesn't provide "preferred_username" claim: #2644
  • Change - Restructure Configuration Parsing: #2708
  • Change - Rename APP_PROVIDER_BASIC_* environment variables: #2812
  • Enhancement - Cleanup ocis-pkg config: #2813
  • Enhancement - Correct shutdown of services under runtime: #2843
  • Enhancement - Update ownCloud Web to v4.6.1: #2846
  • Enhancement - Update REVA to v1.17.0: #2849

Details

Changelog for 1.15.0 (2021-11-19)

The following sections list the changes for 1.15.0.

Summary

  • Bugfix - Don't allow empty password: #197
  • Bugfix - Don't announce resharing via capabilities: #2690
  • Bugfix - Fix oCIS startup ony systems with IPv6: #2698
  • Bugfix - Fix error logging when there is no thumbnail for a file: #2702
  • Bugfix - Fix basic auth config: #2719
  • Bugfix - Fix opening images in media viewer for some usernames: #2738
  • Bugfix - Fix basic auth with custom user claim: #2755
  • Change - Make all insecure options configurable and change the default to false: #2700
  • Change - Update ownCloud Web to v4.5.0: #2780
  • Enhancement - Add API to list all spaces: #2692
  • Enhancement - Update REVA to v1.16.0: #2737

Details

Changelog for 1.14.0 (2021-10-27)

The following sections list the changes for 1.14.0.

Summary

  • Security - Don't expose services by default: #2612
  • Bugfix - Create parent directories for idp configuration: #2667
  • Change - New default data paths and easier configuration of the data path: #2590
  • Change - Configurable default quota: #2621
  • Change - Split spaces webdav url and graph url in base and path: #2660
  • Change - Update ownCloud Web to v4.4.0: #2681
  • Enhancement - Replace fileb0x with go-embed: #1199
  • Enhancement - Start up a new machine auth provider in the storage service: #2528
  • Enhancement - Add a middleware to authenticate public share requests: #2536
  • Enhancement - Lower TUS max chunk size: #2584
  • Enhancement - Upgrade to go-micro v4.1.0: #2616
  • Enhancement - Report quota states: #2628
  • Enhancement - Broaden bufbuild/Buf usage: #2630
  • Enhancement - Add sharees additional info parameter config to ocs: #2637
  • Enhancement - Enforce permission on update space quota: #2650
  • Enhancement - Update lico to v0.51.1: #2654
  • Enhancement - Add user setting capability: #2655
  • Enhancement - Update reva to v1.15: #2658
  • Enhancement - Review and correct http header: #2666

Details

Changelog for 1.13.0 (2021-10-13)

The following sections list the changes for 1.13.0.

Summary

  • Bugfix - Use proper url path decode on the username: #2511
  • Bugfix - Remove notifications placeholder: #2514
  • Bugfix - Fix the account resolver middleware: #2557
  • Bugfix - Race condition in config parsing: #2574
  • Bugfix - Fix version information for extensions: #2575
  • Bugfix - Remove asset path configuration option from proxy: #2576
  • Bugfix - Add the gatewaysvc to all shared configuration in REVA services: #2597
  • Change - Make the drives create method odata compliant: #2531
  • Change - Unify Envvar names configuring REVA gateway address: #2587
  • Change - Update ownCloud Web to v4.3.0: #2589
  • Change - Configure users and metadata storage separately: #2598
  • Enhancement - TLS config options for ldap in reva: #2492
  • Enhancement - Redirect invalid links to oC Web: #2493
  • Enhancement - Add option to skip generation of demo users and groups: #2495
  • Enhancement - Allow overriding the cookie based route by claim: #2508
  • Enhancement - Expose the reva archiver in OCIS: #2509
  • Enhancement - Set reva JWT token expiration time to 24 hours by default: #2527
  • Enhancement - Use reva's Authenticate method instead of spawning token managers: #2528
  • Enhancement - Add maximum files and size to archiver capabilities: #2544
  • Enhancement - Make mimetype allow list configurable for app provider: #2553
  • Enhancement - Reduced repository size: #2579
  • Enhancement - Add allow_creation parameter to mime type config: #2591
  • Enhancement - Favorites capability: #2599
  • Enhancement - Updated MimeTypes configuration for AppRegistry: #2603
  • Enhancement - Upgrade to GO 1.17: #2605
  • Enhancement - Return the newly created space: #2610
  • Enhancement - Update reva to v1.14.0: #2615

Details

Changelog for 1.12.0 (2021-09-14)

The following sections list the changes for 1.12.0.

Summary

  • Bugfix - Set English as default language in the dropdown in the settings page: #2465
  • Bugfix - Remove non working proxy route and fix cs3 users example: #2474
  • Change - Remove OnlyOffice extension: #2433
  • Change - Remove OnlyOffice extension: #2433
  • Change - Update ownCloud Web to v4.2.0: #2501
  • Enhancement - Add app provider and app provider registry: #2204
  • Enhancement - Update go-chi/chi to version 5.0.3: #2429
  • Enhancement - Upgrade go micro to v3.6.0: #2451
  • Enhancement - Add set space quota permission: #2459
  • Enhancement - Add the create space permission: #2461
  • Enhancement - Create a Space using the Graph API: #2471
  • Enhancement - Update reva to v1.13.0: #2477

Details

Changelog for 1.11.0 (2021-08-24)

The following sections list the changes for 1.11.0.

Summary

  • Bugfix - Specify primary user type for all accounts: #2364
  • Bugfix - Fix naming of the user- and groupprovider services: #2388
  • Change - Update ownCloud Web to v4.1.0: #2426
  • Enhancement - Use non root user for the owncloud/ocis docker image: #2380
  • Enhancement - Replace unmaintained jwt library: #2386
  • Enhancement - Update bleve to version 2.1.0: #2391
  • Enhancement - Update github.com/coreos/go-oidc to v3.0.0: #2393
  • Enhancement - Update reva to v1.12: #2423

Details

Changelog for 1.10.0 (2021-08-06)

The following sections list the changes for 1.10.0.

Summary

  • Bugfix - Forward basic auth to OpenID connect token authentication endpoint: #2095
  • Bugfix - Log all requests in the proxy access log: #2301
  • Bugfix - Update glauth to 20210729125545-b9aecdfcac31: #2336
  • Bugfix - Improve IDP Login Accessibility: #5376
  • Change - Update ownCloud Web to v4.0.0: #2353
  • Enhancement - Proxy: Add claims policy selector: #2248
  • Enhancement - Refactor graph API: #2277
  • Enhancement - Add ocs cache warmup config and warn on protobuf ns conflicts: #2328
  • Enhancement - Use only one go.mod file for project dependencies: #2344
  • Enhancement - Update REVA: #2355

Details

Changelog for 1.9.0 (2021-07-13)

The following sections list the changes for 1.9.0.

Summary

  • Bugfix - Panic when service fails to start: #2252
  • Bugfix - Dont use port 80 as debug for GroupsProvider: #2271
  • Change - Update ownCloud Web to v3.4.0: #2276
  • Change - Update WEB to v3.4.1: #2283
  • Enhancement - Remove unnecessary Service.Init(): #1705
  • Enhancement - Update REVA to v1.9.1-0.20210628143859-9d29c36c0c3f: #2227
  • Enhancement - Runtime support for cherry picking extensions: #2229
  • Enhancement - Add readonly mode for storagehome and storageusers: #2230
  • Enhancement - Update REVA to v1.9.1: #2280

Details

Changelog for 1.8.0 (2021-06-28)

The following sections list the changes for 1.8.0.

Summary

  • Bugfix - External storage registration used wrong config: #2120
  • Bugfix - Remove authentication from /status.php completely: #2188
  • Bugfix - Make webdav namespace configurable across services: #2198
  • Change - Update ownCloud Web to v3.3.0: #2187
  • Enhancement - Properly configure graph-explorer client registration: #2118
  • Enhancement - Use system default location to store TLS artefacts: #2129
  • Enhancement - Update REVA to v1.9: #2205

Details

Changelog for 1.7.0 (2021-06-04)

The following sections list the changes for 1.7.0.

Summary

  • Bugfix - Change the groups index to be case sensitive: #2109
  • Change - Update ownCloud Web to v3.2.0: #2096
  • Enhancement - Enable the s3ng storage driver: #1886
  • Enhancement - Announce user profile picture capability: #2036
  • Enhancement - Color contrasts on IDP/OIDC login pages: #2088
  • Enhancement - Update reva to v1.7.1-0.20210531093513-b74a2b156af6: #2104

Details

Changelog for 1.6.0 (2021-05-12)

The following sections list the changes for 1.6.0.

Summary

  • Bugfix - Fix STORAGE_METADATA_ROOT default value override: #1956
  • Bugfix - Stop the supervisor if a service fails to start: #1963
  • Change - Update ownCloud Web to v3.1.0: #2045
  • Enhancement - User Deprovisioning for the OCS API: #1962
  • Enhancement - Use oc-select: #1979
  • Enhancement - Support thumbnails for txt files: #1988
  • Enhancement - Introduce login form with h1 tag for screen readers only: #1991
  • Enhancement - Added dictionary files: #2003
  • Enhancement - Update reva to v1.7.1-0.20210430154404-69bd21f2cc97: #2010
  • Enhancement - Set SameSite settings to Strict for Web: #2019
  • Enhancement - Update reva to v1.7.1-0.20210507160327-e2c3841d0dbc: #2044

Details

Changelog for 1.5.0 (2021-04-21)

The following sections list the changes for 1.5.0.

Summary

  • Bugfix - Fixes "unaligned 64-bit atomic operation" panic on 32-bit ARM: #1888
  • Change - Make Protobuf package names unique: #1875
  • Change - Update ownCloud Web to v3.0.0: #1938
  • Enhancement - Update reva to v1.6.1-0.20210414111318-a4b5148cbfb2: #1872
  • Enhancement - Change default path for thumbnails: #1892
  • Enhancement - Add config for public share SQL driver: #1916
  • Enhancement - Add option to reading registry rules from json file: #1917
  • Enhancement - Remove dead runtime code: #1923
  • Enhancement - Parse config on supervised mode with run subcommand: #1931
  • Enhancement - Update ODS in accounts & settings extension: #1934

Details

Changelog for 1.4.0 (2021-03-30)

The following sections list the changes for 1.4.0.

Summary

  • Bugfix - Fix thumbnail generation for jpegs: #1785
  • Change - Update ownCloud Web to v2.1.0: #1870
  • Enhancement - Update reva to v1.6.1-0.20210326165326-e8a00d9b2368: #1683
  • Enhancement - Clarify expected failures: #1790
  • Enhancement - Generate thumbnails for .gif files: #1791
  • Enhancement - Add focus to input elements on login page: #1792
  • Enhancement - Improve accessibility to input elements on login page: #1794
  • Enhancement - Replace special character in login page title with a regular minus: #1813
  • Enhancement - File Logging: #1816
  • Enhancement - Tracing Refactor: #1819
  • Enhancement - Runtime Hostname and Port are now configurable: #1822
  • Enhancement - Add new build targets: #1824

Details

Changelog for 1.3.0 (2021-03-09)

The following sections list the changes for 1.3.0.

Summary

  • Bugfix - Fix accounts initialization: #1696
  • Bugfix - Fix the ttl of the authentication middleware cache: #1699
  • Bugfix - Add missing gateway config: #1716
  • Bugfix - Purposely delay accounts service startup: #1734
  • Change - Update ownCloud Web to v2.0.1: #1683
  • Change - Update ownCloud Web to v2.0.2: #1776
  • Enhancement - Update go-micro to v3.5.1-0.20210217182006-0f0ace1a44a9: #1670
  • Enhancement - Update reva to v1.6.1-0.20210223065028-53f39499762e: #1683
  • Enhancement - Add initial nats and kubernetes registry support: #1697
  • Enhancement - Remove the JWT from the log: #1758

Details

  • Bugfix - Fix accounts initialization: #1696

    Originally the accounts service relies on both the settings and storage-metadata to be up and running at the moment it starts. This is an antipattern as it will cause the entire service to panic if the dependants are not present.

    We inverted this dependency and moved the default initialization data (i.e: creating roles, permissions, settings bundles) and instead of notifying the settings service that the account has to provide with such options, the settings is instead initialized with the options the accounts rely on. Essentially saving bandwidth as there is no longer a gRPC call to the settings service.

    For the storage-metadata a retry mechanism was added that retries by default 20 times to fetch the com.owncloud.storage.metadata from the service registry every 500 milliseconds. If this retry expires the accounts panics, as its dependency on the storage-metadata service cannot be resolved.

    We also introduced a client wrapper that acts as middleware between a client and a server. For more information on how it works further read here

    https://github.com/owncloud/ocis/pull/1696

  • Bugfix - Fix the ttl of the authentication middleware cache: #1699

    The authentication cache ttl was multiplied with time.Second multiple times. This resulted in a ttl that was not intended.

    https://github.com/owncloud/ocis/pull/1699

  • Bugfix - Add missing gateway config: #1716

    The auth provider ldap and oidc drivers now need to be able talk to the reva gateway. We added the gatewayscv to the config that is passed to reva.

    https://github.com/owncloud/ocis/pull/1716

  • Bugfix - Purposely delay accounts service startup: #1734

    As it turns out the race condition between accounts <-> storage-metadata still remains. This PR is a hotfix, and it should be followed up with a proper fix. Either:

    • block the accounts' initialization until the storage metadata is ready (using the registry) or - allow the accounts service to initialize and use a message broker to signal the accounts the metadata storage is ready to receive requests.

    https://github.com/owncloud/ocis/pull/1734

  • Change - Update ownCloud Web to v2.0.1: #1683

    Tags: web

    We updated ownCloud Web to v2.0.1. Please refer to the changelog (linked) for details on the web release.

    https://github.com/owncloud/ocis/pull/1683 https://github.com/owncloud/web/releases/tag/v2.0.1

  • Change - Update ownCloud Web to v2.0.2: #1776

    Tags: web

    We updated ownCloud Web to v2.0.2. Please refer to the changelog (linked) for details on the web release.

    https://github.com/owncloud/ocis/pull/1776 https://github.com/owncloud/web/releases/tag/v2.0.2

  • Enhancement - Update go-micro to v3.5.1-0.20210217182006-0f0ace1a44a9: #1670

    • We updated from go micro v2 (v2.9.1) go-micro v3 (v3.5.1 edge). - oCIS runtime is now aware of MICRO_LOG_LEVEL and is set to error by default. This decision was made because ownCloud, as framework builders, want to log everything oCIS related and hide everything unrelated by default. It can be re-enabled by setting it to a log level other than error. i.e: MICRO_LOG_LEVEL=info. - Updated protoc-gen-micro to the latest version. - We're using Prometheus wrappers from go-micro.

    https://github.com/owncloud/ocis/pull/1670 https://github.com/asim/go-micro/pull/2126

  • Enhancement - Update reva to v1.6.1-0.20210223065028-53f39499762e: #1683

    https://github.com/owncloud/ocis/pull/1683 https://github.com/cs3org/reva/pull/1405

  • Enhancement - Add initial nats and kubernetes registry support: #1697

    We added initial support to use nats and kubernetes as a service registry using MICRO_REGISTRY=nats and MICRO_REGISTRY=kubernetes respectively. Multiple nodes can be given with MICRO_REGISTRY_ADDRESS=1.2.3.4,5.6.7.8,9.10.11.12.

    https://github.com/owncloud/ocis/pull/1697

  • Enhancement - Remove the JWT from the log: #1758

    We were logging the JWT in some places. Secrets should not be exposed in logs so it got removed.

    https://github.com/owncloud/ocis/pull/1758

Changelog for 1.2.0 (2021-02-17)

The following sections list the changes for 1.2.0.

Summary

  • Bugfix - Check if roles are present in user object before looking those up: #1388
  • Bugfix - Fix etcd address configuration: #1546
  • Bugfix - Fix thumbnail generation when using different idp: #1624
  • Bugfix - Remove unimplemented config file option for oCIS root command: #1636
  • Change - Move runtime code on refs/pman over to owncloud/ocis/ocis: #1483
  • Change - Initial release of graph and graph explorer: #1594
  • Change - Update ownCloud Web to v2.0.0: #1661
  • Enhancement - Introduce ADR: #1042
  • Enhancement - Functionality to map home directory to different storage providers: #1186
  • Enhancement - Use a default protocol parameter instead of explicitly disabling tus: #1331
  • Enhancement - Switch to opencontainers annotation scheme: #1381
  • Enhancement - Update reva to v1.5.2-0.20210125114636-0c10b333ee69: #1482
  • Enhancement - Migrate ocis-graph to ocis monorepo: #1594
  • Enhancement - Migrate ocis-graph-explorer to ocis monorepo: #1596
  • Enhancement - Make use of new design-system oc-table: #1597
  • Enhancement - Enable group sharing and add config for sharing SQL driver: #1626

Details

Changelog for 1.1.0 (2021-01-22)

The following sections list the changes for 1.1.0.

Summary

  • Change - Disable pretty logging by default: #1133
  • Change - Update ownCloud Web to v1.0.1: #1191
  • Change - Generate cryptographically secure state token: #1203
  • Change - Move k6 to cdperf: #1358
  • Change - Update go version: #1364
  • Change - Add "expose" information to docker images: #1366
  • Change - Add "volume" declaration to docker images: #1375
  • Enhancement - Add OCIS_URL env var: #1148
  • Enhancement - Update reva to v1.4.1-0.20210111080247-f2b63bfd6825: #1194
  • Enhancement - Add named locks and refactor cache: #1212
  • Enhancement - Use sync.cache for roles cache: #1367
  • Enhancement - Update reva to v1.5.1: #1372

Details

  • Change - Disable pretty logging by default: #1133

    Tags: ocis

    Disable pretty logging default for performance reasons.

    https://github.com/owncloud/ocis/pull/1133

  • Change - Update ownCloud Web to v1.0.1: #1191

    Tags: web

    We updated ownCloud Web to v1.0.1. Please refer to the changelog (linked) for details on the web release.

    https://github.com/owncloud/ocis/pull/1191 https://github.com/owncloud/web/releases/tag/v1.0.1

  • Change - Generate cryptographically secure state token: #1203

    Replaced Math.random with a cryptographically secure way to generate the oidc state token using the javascript crypto api.

    https://github.com/owncloud/ocis/pull/1203 https://developer.mozilla.org/en-US/docs/Web/API/Crypto/getRandomValues https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Math/random

  • Change - Move k6 to cdperf: #1358

    Tags: performance, testing, k6

    The ownCloud performance tests can not only be used to test oCIS. This is why we have decided to move the k6 tests to https://github.com/owncloud/cdperf

    https://github.com/owncloud/ocis/pull/1358

  • Change - Update go version: #1364

    Tags: go

    Update go from 1.13 to 1.15

    https://github.com/owncloud/ocis/pull/1364

  • Change - Add "expose" information to docker images: #1366

    Tags: docker

    Add "expose" information to docker images. Docker users will now see that we offer services on port 9200.

    https://github.com/owncloud/ocis/pull/1366

  • Change - Add "volume" declaration to docker images: #1375

    Tags: docker

    Add "volume" declaration to docker images. This makes it easier for Docker users to see where oCIS stores data.

    https://github.com/owncloud/ocis/pull/1375

  • Enhancement - Add OCIS_URL env var: #1148

    Tags: ocis

    We introduced a new environment variable OCIS_URL that expects a URL including protocol, host and optionally port to simplify configuring all the different services. These existing environment variables still take precedence, but will also fall back to OCIS_URL: STORAGE_LDAP_IDP, STORAGE_OIDC_ISSUER, PROXY_OIDC_ISSUER, STORAGE_FRONTEND_PUBLIC_URL, KONNECTD_ISS, WEB_OIDC_AUTHORITY, and WEB_UI_CONFIG_SERVER.

    Some environment variables are now built dynamically if they are not set: - STORAGE_DATAGATEWAY_PUBLIC_URL defaults to <STORAGE_FRONTEND_PUBLIC_URL>/data, also falling back to OCIS_URL - WEB_OIDC_METADATA_URL defaults to <WEB_OIDC_AUTHORITY>/.well-known/openid-configuration, also falling back to OCIS_URL

    Furthermore, the built in konnectd will generate an identifier-registration.yaml that uses the KONNECTD_ISS in the allowed redirect_uris and origins. It simplifies the default https://localhost:9200 and remote deployment with OCIS_URL which is evaluated as a fallback if KONNECTD_ISS is not set.

    An oCIS server can now be started on a remote machine as easy as OCIS_URL=https://cloud.ocis.test PROXY_HTTP_ADDR=0.0.0.0:443 ocis server.

    Note that the OCIS_DOMAIN environment variable is not used by oCIS, but by the docker containers.

    https://github.com/owncloud/ocis/pull/1148

  • Enhancement - Update reva to v1.4.1-0.20210111080247-f2b63bfd6825: #1194

    https://github.com/owncloud/ocis/pull/1194 https://github.com/cs3org/reva/pull/1368 https://github.com/cs3org/reva/pull/1388

  • Enhancement - Add named locks and refactor cache: #1212

    Tags: ocis-pkg, accounts

    We had the case that we needed kind of a named locking mechanism which enables us to lock only under certain conditions. It's used in the indexer package where we do not need to lock everything, instead just lock the requested parts and differentiate between reads and writes.

    This made it possible to entirely remove locks from the accounts service and move them to the ocis-pkg indexer. Another part of this refactor was to make the cache atomic and write tests for it.

    • remove locking from accounts service - add sync package with named mutex - add named locking to indexer - move cache to sync package

    https://github.com/owncloud/ocis/issues/966 https://github.com/owncloud/ocis/pull/1212

  • Enhancement - Use sync.cache for roles cache: #1367

    Tags: ocis-pkg

    Update ocis-pkg/roles cache to use ocis-pkg/sync cache

    https://github.com/owncloud/ocis/pull/1367

  • Enhancement - Update reva to v1.5.1: #1372

    Summary -------

    • Fix #1401: Use the user in request for deciding the layout for non-home DAV requests
    • Fix #1413: Re-include the '.git' dir in the Docker images to pass the version tag
    • Fix #1399: Fix ocis trash-bin purge
    • Enh #1397: Bump the Copyright date to 2021
    • Enh #1398: Support site authorization status in Mentix
    • Enh #1393: Allow setting favorites, mtime and a temporary etag
    • Enh #1403: Support remote cloud gathering metrics

    Details -------

    • Bugfix #1401: Use the user in request for deciding the layout for non-home DAV requests

    For the incoming /dav/files/userID requests, we have different namespaces depending on whether the request is for the logged-in user's namespace or not. Since in the storage drivers, we specify the layout depending only on the user whose resources are to be accessed, this fails when a user wants to access another user's namespace when the storage provider depends on the logged in user's namespace. This PR fixes that.

    For example, consider the following case. The owncloud fs uses a layout {{substr 0 1 .Id.OpaqueId}}/{{.Id.OpaqueId}}. The user einstein sends a request to access a resource shared with him, say /dav/files/marie/abcd, which should be allowed. However, based on the way we applied the layout, there's no way in which this can be translated to /m/marie/.

    Https://github.com/cs3org/reva/pull/1401

    • Bugfix #1413: Re-include the '.git' dir in the Docker images to pass the version tag

    And git SHA to the release tool.

    Https://github.com/cs3org/reva/pull/1413

    • Bugfix #1399: Fix ocis trash-bin purge

    Fixes the empty trash-bin functionality for ocis-storage

    Https://github.com/owncloud/product/issues/254 https://github.com/cs3org/reva/pull/1399

    • Enhancement #1397: Bump the Copyright date to 2021

    Https://github.com/cs3org/reva/pull/1397

    • Enhancement #1398: Support site authorization status in Mentix

    This enhancement adds support for a site authorization status to Mentix. This way, sites registered via a web app can now be excluded until authorized manually by an administrator.

    Furthermore, Mentix now sets the scheme for Prometheus targets. This allows us to also support monitoring of sites that do not support the default HTTPS scheme.

    Https://github.com/cs3org/reva/pull/1398

    • Enhancement #1393: Allow setting favorites, mtime and a temporary etag

    We now let the oCIS driver persist favorites, set temporary etags and the mtime as arbitrary metadata.

    Https://github.com/owncloud/ocis/issues/567 https://github.com/cs3org/reva/issues/1394 https://github.com/cs3org/reva/pull/1393

    • Enhancement #1403: Support remote cloud gathering metrics

    The current metrics package can only gather metrics either from json files. With this feature, the metrics can be gathered polling the http endpoints exposed by the owncloud/nextcloud sciencemesh apps.

    Https://github.com/cs3org/reva/pull/1403

    https://github.com/owncloud/ocis/pull/1372

Changelog for [1.0.0] (2020-12-17)

The following sections list the changes for 1.0.0.

Summary

  • Bugfix - Fix path of files shared with me in ocs api: #204
  • Bugfix - Add missing env vars to docker compose: #392
  • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #416
  • Bugfix - Don't enforce empty external apps slice: #473
  • Bugfix - Fix director selection in proxy: #521
  • Bugfix - Fix button layout after phoenix update: #625
  • Bugfix - Don't create account if id/mail/username already taken: #709
  • Bugfix - Use micro default client: #718
  • Bugfix - Mint token with uid and gid: #737
  • Bugfix - Lower Bound was not working for the cs3 api index implementation: #741
  • Bugfix - Fix id or username query handling: #745
  • Bugfix - Allow consent-prompt with switch-account: #788
  • Bugfix - Accounts config sometimes being overwritten: #808
  • Bugfix - Fix konnectd build: #809
  • Bugfix - Make settings service start without go coroutines: #835
  • Bugfix - Fix choose account dialogue: #846
  • Bugfix - Enable scrolling in accounts list: #909
  • Bugfix - Serve index.html for directories: #912
  • Bugfix - Disable public link expiration by default: #987
  • Bugfix - Fix minor ui bugs: #1043
  • Bugfix - Permission checks for settings write access: #1092
  • Change - Initial release of basic version: #2
  • Change - Start ocis-accounts with the ocis server command: #25
  • Change - Add cli-commands to manage accounts: #115
  • Change - Start ocis-proxy with the ocis server command: #119
  • Change - Account management permissions for Admin role: #124
  • Change - Add the thumbnails command: #156
  • Change - Integrate import command from ocis-migration: #249
  • Change - Switch over to a new custom-built runtime: #287
  • Change - Make ocis-settings available: #287
  • Change - Update reva config: #336
  • Change - Use bcrypt to hash the user passwords: #510
  • Change - Improve reva service descriptions: #536
  • Change - Choose disk or cs3 storage for accounts and groups: #623
  • Change - Update phoenix to v0.18.0: #651
  • Change - Accounts UI shows message when no permissions: #656
  • Change - Settings and accounts appear in the user menu: #656
  • Change - Update phoenix to v0.20.0: #674
  • Change - Unify Configuration Parsing: #675
  • Change - Default apps in ownCloud Web: #688
  • Change - Bring oC theme: #698
  • Change - Filesystem based index: #709
  • Change - Remove username field in OCS: #709
  • Change - Update phoenix to v0.21.0: #728
  • Change - Clarify storage driver env vars: #729
  • Change - Rebuild index command for accounts: #748
  • Change - Properly style konnectd consent page: #754
  • Change - Update phoenix to v0.22.0: #757
  • Change - Update phoenix to v0.23.0: #785
  • Change - Move the indexer package from ocis/accounts to ocis/ocis-pkg: #794
  • Change - Enable OpenID dynamic client registration: #811
  • Change - Update phoenix to v0.24.0: #817
  • Change - Move ocis default config to root level: #842
  • Change - Update phoenix to v0.25.0: #868
  • Change - Theme welcome and choose account pages: #887
  • Change - Replace the library which scales the images: #910
  • Change - Update phoenix to v0.26.0: #935
  • Change - Update phoenix to v0.27.0: #943
  • Change - Cache password validation: #958
  • Change - Proxy allow insecure upstreams: #1007
  • Change - CS3 can be used as accounts-backend: #1020
  • Change - Update phoenix to v0.28.0: #1027
  • Change - Update phoenix to v0.29.0: #1034
  • Change - Make all paths configurable and default to a common temp dir: #1080
  • Change - Update reva to v1.4.1-0.20201209113234-e791b5599a89: #1089
  • Change - Update ownCloud Web to v1.0.0-beta3: #1105
  • Change - Update ownCloud Web to v1.0.0-beta4: #1110
  • Enhancement - Simplify tracing config: #92
  • Enhancement - Document how to run OCIS on top of EOS: #172
  • Enhancement - Add a command to list the versions of running instances: #226
  • Enhancement - Add the accounts service: #244
  • Enhancement - Add the glauth service: #244
  • Enhancement - Add the konnectd service: #244
  • Enhancement - Add the ocis-phoenix service: #244
  • Enhancement - Add the ocis-pkg package: #244
  • Enhancement - Add the ocs service: #244
  • Enhancement - Add the proxy service: #244
  • Enhancement - Add the settings service: #244
  • Enhancement - Add the storage service: #244
  • Enhancement - Add the store service: #244
  • Enhancement - Add the thumbnails service: #244
  • Enhancement - Add the webdav service: #244
  • Enhancement - Launch a storage to store ocis-metadata: #602
  • Enhancement - Add basic auth option: #627
  • Enhancement - Add glauth fallback backend: #649
  • Enhancement - Update reva to dd3a8c0f38: #725
  • Enhancement - Update konnectd to v0.33.8: #744
  • Enhancement - Update reva to cdb3d6688da5: #748
  • Enhancement - Update glauth to dev 4f029234b2308: #786
  • Enhancement - Update reva to v1.4.1-0.20201123062044-b2c4af4e897d: #823
  • Enhancement - Update glauth to dev fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2: #834
  • Enhancement - Better adopt Go-Micro: #840
  • Enhancement - Tidy dependencies: #845
  • Enhancement - Create OnlyOffice extension: #857
  • Enhancement - Cache userinfo in proxy: #877
  • Enhancement - Add permission check when assigning and removing roles: #879
  • Enhancement - Show basic-auth warning only once: #886
  • Enhancement - Create a proxy access-log: #889
  • Enhancement - Add a version command to ocis: #915
  • Enhancement - Add k6: #941
  • Enhancement - Update reva to v1.4.1-0.20201127111856-e6a6212c1b7b: #971
  • Enhancement - Update reva to v1.4.1-0.20201130061320-ac85e68e0600: #980
  • Enhancement - Add www-authenticate based on user agent: #1009
  • Enhancement - Add tracing to the accounts service: #1016
  • Enhancement - Runtime Cleanup: #1066
  • Enhancement - Update reva to 063b3db9162b: #1091
  • Enhancement - Update OCIS Runtime: #1108
  • Enhancement - Update reva to v1.4.1-0.20201125144025-57da0c27434c: #1320

Details

  • Bugfix - Fix path of files shared with me in ocs api: #204

    The path of files shared with me using the ocs api was pointing to an incorrect location.

    https://github.com/owncloud/product/issues/204 https://github.com/owncloud/ocis/pull/994

  • Bugfix - Add missing env vars to docker compose: #392

    Tags: docker

    Without setting REVA_FRONTEND_URL and REVA_DATAGATEWAY_URL uploads would default to localhost and fail if OCIS_DOMAIN was used to run ocis on a remote host.

    https://github.com/owncloud/ocis/pull/392

  • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #416

    Tags: docker

    ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.

    https://github.com/owncloud/ocis/pull/416

  • Bugfix - Don't enforce empty external apps slice: #473

    Tags: web

    The command for ocis-phoenix enforced an empty external apps configuration. This was removed, as it was blocking a new set of default external apps in ocis-phoenix.

    https://github.com/owncloud/ocis/pull/473

  • Bugfix - Fix director selection in proxy: #521

    Tags: proxy

    We fixed a bug in ocis-proxy where simultaneous requests could be executed on the wrong backend.

    https://github.com/owncloud/ocis/pull/521 https://github.com/owncloud/ocis-proxy/pull/99

  • Bugfix - Fix button layout after phoenix update: #625

    Tags: accounts

    With the phoenix update to v0.17.0 a new ODS version was released which has a breaking change for buttons regarding their layout. We adjusted the button layout in the accounts UI accordingly.

    https://github.com/owncloud/ocis/pull/625

  • Bugfix - Don't create account if id/mail/username already taken: #709

    Tags: accounts

    We don't allow anymore to create a new account if the provided id/mail/username is already taken.

    https://github.com/owncloud/ocis/pull/709

  • Bugfix - Use micro default client: #718

    Tags: glauth

    We found a file descriptor leak in the glauth connections to the accounts service. Fixed it by using the micro default client.

    https://github.com/owncloud/ocis/pull/718

  • Bugfix - Mint token with uid and gid: #737

    Tags: accounts

    The eos driver expects the uid and gid from the opaque map of a user. While the proxy does mint tokens correctly, the accounts service wasn't.

    https://github.com/owncloud/ocis/pull/737

  • Bugfix - Lower Bound was not working for the cs3 api index implementation: #741

    Tags: accounts

    Lower bound working on the cs3 index implementation

    https://github.com/owncloud/ocis/pull/741

  • Bugfix - Fix id or username query handling: #745

    Tags: accounts

    The code was stopping execution when encountering an error while loading an account by id. But for or queries we can continue execution.

    https://github.com/owncloud/ocis/pull/745

  • Bugfix - Allow consent-prompt with switch-account: #788

    Multiple prompt values are allowed and this change fixes the check for select_account if it was used together with other prompt values. Where select_account previously was ignored, it is now processed as required, fixing the use case when a RP wants to trigger select_account first while at the same time wants also to request interactive consent.

    https://github.com/owncloud/ocis/pull/788

  • Bugfix - Accounts config sometimes being overwritten: #808

    Tags: accounts

    Sometimes when running the accounts extensions flags were not being taken into consideration.

    https://github.com/owncloud/ocis/pull/808

  • Bugfix - Fix konnectd build: #809

    Tags: konnectd

    We fixed the default config for konnectd and updated the Makefile to include the yarn installand yarn build steps if the static assets are missing.

    https://github.com/owncloud/ocis/pull/809

  • Bugfix - Make settings service start without go coroutines: #835

    The go routines cause a race condition that sometimes causes the tests to fail. The ListRoles request would not return all permissions.

    https://github.com/owncloud/ocis/pull/835

  • Bugfix - Fix choose account dialogue: #846

    Tags: konnectd

    We've fixed the choose account dialogue in konnectd bug that the user hasn't been logged in after selecting account.

    https://github.com/owncloud/ocis/pull/846

  • Bugfix - Enable scrolling in accounts list: #909

    Tags: accounts

    We've fixed the accounts list to enable scrolling.

    https://github.com/owncloud/ocis/pull/909

  • Bugfix - Serve index.html for directories: #912

    The static middleware in ocis-pkg now serves index.html instead of returning 404 on paths with a trailing /.

    https://github.com/owncloud/ocis-pkg/issues/63 https://github.com/owncloud/ocis/pull/912

  • Bugfix - Disable public link expiration by default: #987

    Tags: storage

    The public link expiration was enabled by default and didn't have a default expiration span by default, which resulted in already expired public links coming from the public link quick action. We fixed this by disabling the public link expiration by default.

    https://github.com/owncloud/ocis/issues/987 https://github.com/owncloud/ocis/pull/1035

  • Bugfix - Fix minor ui bugs: #1043

    • the ui haven't updated the language of the items in the settings view menu. Now we listen to the selected language and update the ui - deduplicate resetMenuItems call

    https://github.com/owncloud/ocis/issues/1043 https://github.com/owncloud/ocis/pull/1044

  • Bugfix - Permission checks for settings write access: #1092

    Tags: settings

    There were several endpoints with write access to the settings service that were not protected by permission checks. We introduced a generic settings management permission to fix this for now. Will be more fine grained later on.

    https://github.com/owncloud/ocis/pull/1092

  • Change - Initial release of basic version: #2

    Just prepared an initial basic version which simply embeds the minimum of required services in the context of the ownCloud Infinite Scale project.

    https://github.com/owncloud/ocis/issues/2

  • Change - Start ocis-accounts with the ocis server command: #25

    Tags: accounts

    Starts ocis-accounts in single binary mode (./ocis server). This service stores the user-account information.

    https://github.com/owncloud/product/issues/25 https://github.com/owncloud/ocis/pull/239/files

  • Change - Add cli-commands to manage accounts: #115

    Tags: accounts

    COMMANDS:

    • list, ls List existing accounts
    • add, create Create a new account
    • update Make changes to an existing account
    • remove, rm Removes an existing account
    • inspect Show detailed data on an existing account
    • help, h Shows a list of commands or help for one command

    https://github.com/owncloud/product/issues/115

  • Change - Start ocis-proxy with the ocis server command: #119

    Tags: proxy

    Starts the proxy in single binary mode (./ocis server) on port 9200. The proxy serves as a single-entry point for all http-clients.

    https://github.com/owncloud/ocis/issues/119 https://github.com/owncloud/ocis/issues/136

  • Change - Account management permissions for Admin role: #124

    Tags: accounts, settings

    We created an AccountManagement permission and added it to the default admin role. There are permission checks in place to protected http endpoints in ocis-accounts against requests without the permission. All existing default users (einstein, marie, richard) have the default user role now (doesn't have the AccountManagement permission). Additionally, there is a new default Admin user with credentials moss:vista.

    Known issue: for users without the AccountManagement permission, the accounts UI extension is still available in the ocis-web app switcher, but the requests for loading the users will fail (as expected). We are working on a way to hide the accounts UI extension if the user doesn't have the AccountManagement permission.

    https://github.com/owncloud/product/issues/124 https://github.com/owncloud/ocis-settings/pull/59 https://github.com/owncloud/ocis-settings/pull/66 https://github.com/owncloud/ocis-settings/pull/67 https://github.com/owncloud/ocis-settings/pull/69 https://github.com/owncloud/ocis-proxy/pull/95 https://github.com/owncloud/ocis-pkg/pull/59 https://github.com/owncloud/ocis-accounts/pull/95 https://github.com/owncloud/ocis-accounts/pull/100 https://github.com/owncloud/ocis-accounts/pull/102

  • Change - Add the thumbnails command: #156

    Tags: thumbnails

    Added the thumbnails command so that the thumbnails service can get started via ocis.

    https://github.com/owncloud/ocis/issues/156

  • Change - Integrate import command from ocis-migration: #249

    Tags: migration

    https://github.com/owncloud/ocis/pull/249 https://github.com/owncloud/ocis-migration

  • Change - Switch over to a new custom-built runtime: #287

    We moved away from using the go-micro runtime and are now using our own runtime. This allows us to spawn service processes even when they are using different versions of go-micro. On top of that we now have the commands ocis list, ocis kill and ocis run available for service runtime management.

    https://github.com/owncloud/ocis/pull/287

  • Change - Make ocis-settings available: #287

    Tags: settings

    This version delivers settings as a new service. It is part of the array of services in the server command.

    https://github.com/owncloud/ocis/pull/287

  • Change - Update reva config: #336

    • EOS homes are not configured with an enable-flag anymore, but with a dedicated storage driver.
    • We're using it now and adapted default configs of storages

    https://github.com/owncloud/ocis/pull/336 https://github.com/owncloud/ocis/pull/337 https://github.com/owncloud/ocis/pull/338 https://github.com/owncloud/ocis-reva/pull/891

  • Change - Use bcrypt to hash the user passwords: #510

    Change the hashing algorithm from SHA-512 to bcrypt since the latter is better suitable for password hashing. This is a breaking change. Existing deployments need to regenerate the accounts folder.

    https://github.com/owncloud/ocis/issues/510

  • Change - Improve reva service descriptions: #536

    Tags: docs

    The descriptions make it clearer that the services actually represent a mount point in the combined storage. Each mount point can have a different driver.

    https://github.com/owncloud/ocis/pull/536

  • Change - Choose disk or cs3 storage for accounts and groups: #623

    Tags: accounts

    The accounts service now has an abstraction layer for the storage. In addition to the local disk implementation we implemented a cs3 storage, which is the new default for the accounts service.

    https://github.com/owncloud/ocis/pull/623

  • Change - Update phoenix to v0.18.0: #651

    Tags: web

    We updated phoenix to v0.18.0. Please refer to the changelog (linked) for details on the phoenix release. With the ODS release brought in by phoenix we now have proper oc-checkbox and oc-radio components for the settings and accounts UI.

    https://github.com/owncloud/ocis/pull/651 https://github.com/owncloud/phoenix/releases/tag/v0.18.0 https://github.com/owncloud/owncloud-design-system/releases/tag/v1.12.1

  • Change - Accounts UI shows message when no permissions: #656

    We improved the UX of the accounts UI by showing a message information the user about missing permissions when the accounts or roles fail to load. This was showing an indeterminate progress bar before.

    https://github.com/owncloud/ocis/pull/656

  • Change - Settings and accounts appear in the user menu: #656

    We moved settings and accounts to the user menu.

    https://github.com/owncloud/ocis/pull/656

  • Change - Update phoenix to v0.20.0: #674

    Tags: web

    We updated phoenix to v0.20.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/674 https://github.com/owncloud/phoenix/releases/tag/v0.20.0

  • Change - Unify Configuration Parsing: #675

    Tags: ocis

    • responsibility for config parsing should be on the subcommand - if there is a config file in the environment location, env var should take precedence - general rule of thumb: the more explicit the config file is that would be picked up. Order from less to more explicit: - config location (/etc/ocis) - environment variable - cli flag

    https://github.com/owncloud/ocis/pull/675

  • Change - Default apps in ownCloud Web: #688

    Tags: web

    We changed the default apps for ownCloud Web to be only files and media-viewer. Markdown-editor and draw-io have been removed as defaults.

    https://github.com/owncloud/ocis/pull/688

  • Change - Bring oC theme: #698

    Tags: konnectd

    We've styled our konnectd login page to reflect ownCloud theme.

    https://github.com/owncloud/ocis/pull/698

  • Change - Filesystem based index: #709

    Tags: accounts, storage

    We replaced bleve with a new filesystem based index implementation. There is an indexer which is capable of orchestrating different index types to build indices on documents by field. You can choose from the index types unique, non-unique or autoincrement. Indices can be utilized to run search queries (full matches or globbing) on document fields. The accounts service is using this index internally to run the search queries coming in via ListAccounts and ListGroups and to generate UIDs for new accounts as well as GIDs for new groups.

    The accounts service can be configured to store the index on the local FS / a NFS (disk implementation of the index) or to use an arbitrary storage ( cs3 implementation of the index). cs3 is the new default, which is configured to use the metadata storage.

    https://github.com/owncloud/ocis/pull/709

  • Change - Remove username field in OCS: #709

    Tags: ocs

    We use the incoming userid as both the id and the on_premises_sam_account_name for new accounts in the accounts service. The userid in OCS requests is in fact the username, not our internal account id. We need to enforce the userid as our internal account id though, because the account id is part of various path formats.

    https://github.com/owncloud/ocis/pull/709 https://github.com/owncloud/ocis/pull/816

  • Change - Update phoenix to v0.21.0: #728

    Tags: web

    We updated phoenix to v0.21.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/728 https://github.com/owncloud/phoenix/releases/tag/v0.21.0

  • Change - Clarify storage driver env vars: #729

    After renaming ocsi-reva to storage and combining the storage and data providers some env vars were confusingly named STORAGE_STORAGE_.... We are changing the prefix for driver related env vars to STORAGE_DRIVER_.... This makes changing the storage driver using eg.: STORAGE_HOME_DRIVER=eos and setting driver options using STORAGE_DRIVER_EOS_LAYOUT=... less confusing.

    https://github.com/owncloud/ocis/pull/729

  • Change - Rebuild index command for accounts: #748

    Tags: accounts

    The index for the accounts service can now be rebuilt by running the cli command ./bin/ocis accounts rebuild. It deletes all configured indices and rebuilds them from the documents found on storage. For this we also introduced a LoadAccounts and LoadGroups function on storage for loading all existing documents.

    https://github.com/owncloud/ocis/pull/748

  • Change - Properly style konnectd consent page: #754

    Tags: konnectd

    After bringing our theme into konnectd, we've had to adjust the styles of the consent page so the text is visible and button reflects our theme.

    https://github.com/owncloud/ocis/pull/754

  • Change - Update phoenix to v0.22.0: #757

    Tags: web

    We updated phoenix to v0.22.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/757 https://github.com/owncloud/phoenix/releases/tag/v0.22.0

  • Change - Update phoenix to v0.23.0: #785

    Tags: web

    We updated phoenix to v0.23.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/785 https://github.com/owncloud/phoenix/releases/tag/v0.23.0

  • Change - Move the indexer package from ocis/accounts to ocis/ocis-pkg: #794

    We are making that change for semantic reasons. So consumers of any index don't necessarily need to know of the accounts service.

    https://github.com/owncloud/ocis/pull/794

  • Change - Enable OpenID dynamic client registration: #811

    Enable OpenID dynamic client registration

    https://github.com/owncloud/ocis/issues/811 https://github.com/owncloud/ocis/pull/813

  • Change - Update phoenix to v0.24.0: #817

    Tags: web

    We updated phoenix to v0.24.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/817 https://github.com/owncloud/phoenix/releases/tag/v0.24.0

  • Change - Move ocis default config to root level: #842

    Tags: ocis

    We moved the tracing config to the root flagset so that they are parsed on all commands. We also introduced a JWTSecret flag in the root flagset, in order to apply a common default JWTSecret to all services that have one.

    https://github.com/owncloud/ocis/pull/842 https://github.com/owncloud/ocis/pull/843

  • Change - Update phoenix to v0.25.0: #868

    Tags: web

    We updated phoenix to v0.25.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/868 https://github.com/owncloud/phoenix/releases/tag/v0.25.0

  • Change - Theme welcome and choose account pages: #887

    Tags: konnectd

    We've themed the konnectd pages Welcome and Choose account. All text has a white color now to be easily readable on the dark background.

    https://github.com/owncloud/ocis/pull/887

  • Change - Replace the library which scales the images: #910

    The library went out of support. Also did some refactoring of the thumbnails service code.

    https://github.com/owncloud/ocis/pull/910

  • Change - Update phoenix to v0.26.0: #935

    Tags: web

    We updated phoenix to v0.26.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/935 https://github.com/owncloud/phoenix/releases/tag/v0.26.0

  • Change - Update phoenix to v0.27.0: #943

    Tags: web

    We updated phoenix to v0.27.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/943 https://github.com/owncloud/phoenix/releases/tag/v0.27.0

  • Change - Cache password validation: #958

    Tags: accounts

    The password validity check for requests like login eq '%s' and password eq '%s' is now cached for 10 minutes. This improves the performance for basic auth requests.

    https://github.com/owncloud/ocis/pull/958

  • Change - Proxy allow insecure upstreams: #1007

    Tags: proxy

    We can now configure the proxy if insecure upstream servers are allowed. This was added since you need to disable certificate checks fore some situations like testing.

    https://github.com/owncloud/ocis/pull/1007

  • Change - CS3 can be used as accounts-backend: #1020

    Tags: proxy

    PROXY_ACCOUNT_BACKEND_TYPE=cs3 PROXY_ACCOUNT_BACKEND_TYPE=accounts (default)

    By using a backend which implements the CS3 user-api (currently provided by reva/storage) it is possible to bypass the ocis-accounts service and for example use ldap directly.

    https://github.com/owncloud/ocis/pull/1020

  • Change - Update phoenix to v0.28.0: #1027

    Tags: web

    We updated phoenix to v0.28.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/1027 https://github.com/owncloud/phoenix/releases/tag/v0.28.0

  • Change - Update phoenix to v0.29.0: #1034

    Tags: web

    We updated phoenix to v0.29.0. Please refer to the changelog (linked) for details on the phoenix release.

    https://github.com/owncloud/ocis/pull/1034 https://github.com/owncloud/phoenix/releases/tag/v0.29.0

  • Change - Make all paths configurable and default to a common temp dir: #1080

    Aligned all services to use a dir following/var/tmp/ocis/<service>/... by default. Also made some missing temp paths configurable via env vars and config flags.

    https://github.com/owncloud/ocis/pull/1080

  • Change - Update reva to v1.4.1-0.20201209113234-e791b5599a89: #1089

    Updated reva to v1.4.1-0.20201209113234-e791b5599a89

    https://github.com/owncloud/ocis/pull/1089

  • Change - Update ownCloud Web to v1.0.0-beta3: #1105

    Tags: web

    We updated ownCloud Web to v1.0.0-beta3. Please refer to the changelog (linked) for details on the web release.

    https://github.com/owncloud/ocis/pull/1105 https://github.com/owncloud/phoenix/releases/tag/v1.0.0-beta3

  • Change - Update ownCloud Web to v1.0.0-beta4: #1110

    Tags: web

    We updated ownCloud Web to v1.0.0-beta4. Please refer to the changelog (linked) for details on the web release.

    https://github.com/owncloud/ocis/pull/1110 https://github.com/owncloud/phoenix/releases/tag/v1.0.0-beta4

  • Enhancement - Simplify tracing config: #92

    We now apply the oCIS tracing config to all services which have tracing. With this it is possible to set one tracing config for all services at the same time.

    https://github.com/owncloud/product/issues/92 https://github.com/owncloud/ocis/pull/329 https://github.com/owncloud/ocis/pull/409

  • Enhancement - Document how to run OCIS on top of EOS: #172

    Tags: eos

    We have added rules to the Makefile that use the official eos docker images to boot an eos cluster and configure OCIS to use it.

    https://github.com/owncloud/ocis/pull/172

  • Enhancement - Add a command to list the versions of running instances: #226

    Tags: accounts

    Added a micro command to list the versions of running accounts services.

    https://github.com/owncloud/product/issues/226

  • Enhancement - Add the accounts service: #244

    Tags: accounts

    • Bugfix - Initialize roleService client in GRPC server: #114
    • Bugfix - Cleanup separated indices in memory: #224
    • Change - Set user role on builtin users: #102
    • Change - Add new builtin admin user: #102
    • Change - We make use of the roles cache to enforce permission checks: #100
    • Change - We make use of the roles manager to enforce permission checks: #108
    • Enhancement - Add create account form: #148
    • Enhancement - Add delete accounts action: #148
    • Enhancement - Add enable/disable capabilities to the WebUI: #118
    • Enhancement - Improve visual appearance of accounts UI: #222
    • Bugfix - Adapting to new settings API for fetching roles: #96
    • Change - Create account api-call implicitly adds "default-user" role: #173
    • Change - Add role selection to accounts UI: #103
    • Bugfix - Atomic Requests: #82
    • Bugfix - Unescape value for prefix query: #76
    • Change - Adapt to new ocis-settings data model: #87
    • Change - Add permissions for language to default roles: #88
    • Bugfix - Add write mutexes: #71
    • Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60
    • Bugfix - Fix index mapping: #73
    • Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28
    • Bugfix - Prevent segfault when no password is set: #65
    • Bugfix - Update account return value not used: #70
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64
    • Change - Align structure of this extension with other extensions: #51
    • Change - Change api errors: #11
    • Change - Enable accounts on creation: #43
    • Change - Fix index update on create/update: #57
    • Change - Pass around the correct logger throughout the code: #41
    • Change - Remove timezone setting: #33
    • Change - Tighten screws on usernames and email addresses: #65
    • Enhancement - Add early version of cli tools for user-management: #69
    • Enhancement - Update accounts API: #30
    • Enhancement - Add simple user listing UI: #51
    • Enhancement - Logging is configurable: #24
    • Change - Initial release of basic version: #1
    • Enhancement - Configuration: #15

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the glauth service: #244

    Tags: glauth

    • Bugfix - Return invalid credentials when user was not found: #30
    • Bugfix - Query numeric attribute values without quotes: #28
    • Bugfix - Use searchBaseDN if already a user/group name: #214
    • Bugfix - Fix LDAP substring startswith filters: #31
    • Enhancement - Add build information to the metrics: #226
    • Enhancement - Reenable configuring backends: #600
    • Bugfix - Ignore case when comparing objectclass values: #26
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #24
    • Enhancement - Handle ownCloudUUID attribute: #27
    • Enhancement - Implement group queries: #22
    • Enhancement - Configuration: #11
    • Enhancement - Improve default settings: #12
    • Enhancement - Generate temporary ldap certificates if LDAPS is enabled: #12
    • Enhancement - Provide additional tls-endpoint: #12
    • Change - Use physicist demo users: #5
    • Change - Default to config based user backend: #6

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the konnectd service: #244

    Tags: konnectd

    • Enhancement - Add version command: #226
    • Bugfix - Add silent redirect url: #69
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #71
    • Bugfix - Include the assets for #62: #64
    • Bugfix - Redirect to the provided uri: #26
    • Change - Add a trailing slash to trusted redirect uris: #26
    • Change - Improve client identifiers for end users: #62
    • Enhancement - Use upstream version of konnect library: #14
    • Enhancement - Change default config for single-binary: #55
    • Bugfix - Generate a random CSP-Nonce in the webapp: #17
    • Change - Dummy index.html is not required anymore by upstream: #25
    • Change - Initial release of basic version: #1
    • Change - Use glauth as ldap backend, default to running behind ocis-proxy: #52

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the ocis-phoenix service: #244

    Tags: web

    • Bugfix - Fix external app URLs: #218
    • Change - Remove pdf-viewer from default apps: #85
    • Change - Enable Settings and Accounts apps by default: #80
    • Bugfix - Exit when assets or config are not found: #76
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #73
    • Change - Hide searchbar by default: #116
    • Bugfix - Allow silent refresh of access token: #69
    • Change - Update Phoenix: #60
    • Enhancement - Configuration: #57
    • Bugfix - Config file value not being read: #45
    • Change - Default to running behind ocis-proxy: #55

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the ocis-pkg package: #244

    Tags: ocis-pkg

    • Change - Unwrap roleIDs from access-token into metadata context: #59
    • Change - Provide cache for roles: #59
    • Change - Roles manager: #60
    • Change - Use go-micro's metadata context for account id: #56
    • Bugfix - Remove redigo 2.0.0+incompatible dependency: #33
    • Change - Add middleware for x-access-token dismantling: #46
    • Enhancement - Add ocis.id and numeric id claims: #50
    • Bugfix - Pass flags to micro service: #44
    • Change - Add header to cors handler: #41
    • Enhancement - Tracing middleware: #35
    • Enhancement - Allow http services to register handlers: #33
    • Change - Upgrade the micro libraries: #22
    • Bugfix - Fix Module Path: #25
    • Bugfix - Change import paths to ocis-pkg/v2: #27
    • Bugfix - Fix serving static assets: #14
    • Change - Add TLS support for http services: #19
    • Enhancement - Introduce OpenID Connect middleware: #8
    • Change - Add root path to static middleware: #9
    • Change - Better log level handling within micro: #2

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the ocs service: #244

    Tags: ocs

    • Bugfix - Match the user response to the OC10 format: #181
    • Enhancement - Add version command: #226
    • Bugfix - Add the top level response structure to json responses: #181
    • Enhancement - Update ocis-accounts: #42
    • Bugfix - Mimic oc10 user enabled as string in provisioning api: #39
    • Bugfix - Use opaque ID of a user for signing keys: #436
    • Enhancement - Add option to create user with uidnumber and gidnumber: #34
    • Bugfix - Fix file descriptor leak: #79
    • Enhancement - Add Group management for OCS Provisioning API: #25
    • Enhancement - Basic Support for the User Provisioning API: #23
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #20
    • Change - Initial release of basic version: #1
    • Change - Upgrade micro libraries: #11
    • Enhancement - Configuration: #14
    • Enhancement - Support signing key: #18

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the proxy service: #244

    Tags: proxy

    • Bugfix - Fix director selection: #99
    • Bugfix - Add settings API and app endpoints to example config: #93
    • Change - Remove accounts caching: #100
    • Enhancement - Add autoprovision accounts flag: #219
    • Enhancement - Add hello API and app endpoints to example config and builtin config: #96
    • Enhancement - Add roleIDs to the access token: #95
    • Enhancement - Add version command: #226
    • Enhancement - Add numeric uid and gid to the access token: #89
    • Enhancement - Add configuration options for the pre-signed url middleware: #91
    • Bugfix - Enable new accounts by default: #79
    • Bugfix - Lookup user by id for presigned URLs: #85
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #78
    • Change - Add settings and ocs group routes: #81
    • Change - Add route for user provisioning API in ocis-ocs: #80
    • Bugfix - Provide token configuration from config: #69
    • Bugfix - Provide token configuration from config: #76
    • Change - Add OIDC config flags: #66
    • Change - Mint new username property in the reva token: #62
    • Enhancement - Add Accounts UI routes: #65
    • Enhancement - Add option to disable TLS: #71
    • Enhancement - Only send create home request if an account has been migrated: #52
    • Enhancement - Create a root span on proxy that propagates down to consumers: #64
    • Enhancement - Support signed URLs: #73
    • Bugfix - Accounts service response was ignored: #43
    • Bugfix - Fix x-access-token in header: #41
    • Change - Point /data endpoint to reva frontend: #45
    • Change - Send autocreate home request to reva gateway: #51
    • Change - Update to new accounts API: #39
    • Enhancement - Retrieve Account UUID From User Claims: #36
    • Enhancement - Create account if it doesn't exist in ocis-accounts: #55
    • Enhancement - Disable keep-alive on server-side OIDC requests: #268
    • Enhancement - Make jwt secret configurable: #41
    • Enhancement - Respect account_enabled flag: #53
    • Change - Update ocis-pkg: #30
    • Change - Insecure http-requests are now redirected to https: #29
    • Enhancement - Configurable OpenID Connect client: #27
    • Enhancement - Add policy selectors: #4
    • Bugfix - Set TLS-Certificate correctly: #25
    • Change - Route requests based on regex or query parameters: #21
    • Enhancement - Proxy client urls in default configuration: #19
    • Enhancement - Make TLS-Cert configurable: #14
    • Enhancement - Load Proxy Policies at Runtime: #17

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the settings service: #244

    Tags: settings

    • Bugfix - Fix loading and saving system scoped values: #66
    • Bugfix - Complete input validation: #66
    • Change - Add filter option for bundle ids in ListBundles and ListRoles: #59
    • Change - Reuse roleIDs from the metadata context: #69
    • Change - Update ocis-pkg/v2: #72
    • Enhancement - Add version command: #226
    • Bugfix - Fix fetching bundles in settings UI: #61
    • Change - Filter settings by permissions: #99
    • Change - Add role service: #110
    • Change - Rename endpoints and message types: #36
    • Change - Use UUIDs instead of alphanumeric identifiers: #46
    • Bugfix - Adjust UUID validation to be more tolerant: #41
    • Bugfix - Fix runtime error when type asserting on nil value: #38
    • Bugfix - Fix multiple submits on string and number form elements: #745
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #39
    • Change - Dynamically add navItems for extensions with settings bundles: #25
    • Change - Introduce input validation: #22
    • Change - Use account uuid from x-access-token: #14
    • Change - Use server config variable from ocis-web: #34
    • Enhancement - Remove paths from Makefile: #33
    • Enhancement - Extend the docs: #11
    • Enhancement - Update ocis-pkg/v2: #42

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the storage service: #244

    Tags: storage, reva

    • Enhancement - Enable ocis driver treetime accounting: #620
    • Enhancement - Launch a storage to store ocis-metadata: #602

    In the future accounts, settings etc. should be stored in a dedicated metadata storage. The services should talk to this storage directly, bypassing reva-gateway.

    Https://github.com/owncloud/ocis/pull/602

    • Enhancement - Update reva to v1.2.2-0.20200924071957-e6676516e61e: #601

    Https://github.com/owncloud/ocis-reva/issues/262 https://github.com/owncloud/ocis-reva/issues/357 https://github.com/owncloud/ocis-reva/issues/301 https://github.com/owncloud/ocis-reva/issues/302 https://github.com/owncloud/ocis/pull/601

    • Bugfix - Fix default configuration for accessing shares: #205

    The storage provider mounted at /home should always have EnableHome set to true. The other storage providers should have it set to false.

    Https://github.com/owncloud/product/issues/205 https://github.com/owncloud/ocis-reva/pull/461

    • Enhancement - Allow configuring arbitrary storage registry rules: #193

    We added a new config flag storage-registry-rule that can be given multiple times for the gateway to specify arbitrary storage registry rules. You can also use a comma separated list of rules in the REVA_STORAGE_REGISTRY_RULES environment variable.

    Https://github.com/owncloud/product/issues/193 https://github.com/owncloud/ocis-reva/pull/461

    • Enhancement - Update reva to v1.2.1-0.20200826162318-c0f54e1f37ea: #454

    Https://github.com/owncloud/ocis-reva/pull/454

    • Enhancement - Update reva to v1.2.1-0.20200911111727-51649e37df2d: #466
    • Update reva to v1.2.1-0.20200911111727-51649e37df2d - Added new OCIS storage driver ocis (reva/#1155) - App provider: fallback to env. variable if 'iopsecret' unset (reva/#1146) - Add switch to database (reva/#1135) - Add the ocdav HTTP svc to the standalone config (reva/#1128)

    Https://github.com/owncloud/ocis-reva/pull/466

    • Enhancement - Separate user and auth providers, add config for rest user: #412

    Previously, the auth and user provider services used to have the same driver, which restricted using separate drivers and configs for both. This PR separates the two and adds the config for the rest user driver and the gatewaysvc parameter to EOS fs.

    Https://github.com/owncloud/ocis-reva/pull/412 https://github.com/cs3org/reva/pull/995

    • Enhancement - Update reva to v1.1.1-0.20200819100654-dcbf0c8ea187: #447

    Https://github.com/owncloud/ocis-reva/pull/447

    • Bugfix - Update LDAP filters: #399

    With the separation of use and find filters we can now use a filter that taken into account a users uuid as well as his username. This is necessary to make sharing work with the new account service which assigns accounts an immutable account id that is different from the username. Furthermore, the separate find filters now allows searching users by their displayname or email as well.

      userfilter =
   "(&(objectclass=posixAccount)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))"
   findfilter =
   "(&(objectclass=posixAccount)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))"
   ```

Https://github.com/owncloud/ocis-reva/pull/399
https://github.com/cs3org/reva/pull/996

* Change - Environment updates for the username userid split: [#420](https://github.com/owncloud/ocis-reva/pull/420)

We updated the owncloud storage driver in reva to properly look up users by
userid or username using the userprovider instead of taking the path segment as
is. This requires the user service address as well as changing the default
layout to the userid instead of the username. The latter is not considered a
stable and persistent identifier.

Https://github.com/owncloud/ocis-reva/pull/420
https://github.com/cs3org/reva/pull/1033

* Enhancement - Update storage documentation: [#384](https://github.com/owncloud/ocis-reva/pull/384)

We added details to the documentation about storage requirements known from
ownCloud 10, the local storage driver and the ownCloud storage driver.

Https://github.com/owncloud/ocis-reva/pull/384
https://github.com/owncloud/ocis-reva/pull/390

* Enhancement - Update reva to v0.1.1-0.20200724135750-b46288b375d6: [#399](https://github.com/owncloud/ocis-reva/pull/399)

- Update reva to v0.1.1-0.20200724135750-b46288b375d6 - Split LDAP user filters
(reva/#996) - meshdirectory: Add invite forward API to provider links
(reva/#1000) - OCM: Pass the link to the meshdirectory service in token mail
(reva/#1002) - Update github.com/go-ldap/ldap to v3 (reva/#1004)

Https://github.com/owncloud/ocis-reva/pull/399
https://github.com/cs3org/reva/pull/996 https://github.com/cs3org/reva/pull/1000
https://github.com/cs3org/reva/pull/1002
https://github.com/cs3org/reva/pull/1004

* Enhancement - Update reva to v0.1.1-0.20200728071211-c948977dd3a0: [#407](https://github.com/owncloud/ocis-reva/pull/407)

- Update reva to v0.1.1-0.20200728071211-c948977dd3a0 - Use proper logging for
ldap auth requests (reva/#1008) - Update github.com/eventials/go-tus to
v0.0.0-20200718001131-45c7ec8f5d59 (reva/#1007) - Check if SMTP credentials are
nil (reva/#1006)

Https://github.com/owncloud/ocis-reva/pull/407
https://github.com/cs3org/reva/pull/1008
https://github.com/cs3org/reva/pull/1007
https://github.com/cs3org/reva/pull/1006

* Bugfix - Build docker images with alpine:latest instead of alpine:edge: [#393](https://github.com/owncloud/ocis-reva/pull/393)

ARM builds were failing when built on alpine:edge, so we switched to
alpine:latest instead.

Https://github.com/owncloud/ocis-reva/pull/393

* Enhancement - Update reva to v0.1.1-0.20200710143425-cf38a45220c5: [#371](https://github.com/owncloud/ocis-reva/pull/371)

- Update reva to v0.1.1-0.20200710143425-cf38a45220c5 (#371) - Add wopi open
(reva/#920) - Added a CS3API compliant data exporter to Mentix (reva/#955) -
Read SMTP password from env if not set in config (reva/#953) - OCS share fix
including file info after update (reva/#958) - Add flag to smtpclient for for
unauthenticated SMTP (reva/#963)

Https://github.com/owncloud/ocis-reva/pull/371
https://github.com/cs3org/reva/pull/920 https://github.com/cs3org/reva/pull/953
https://github.com/cs3org/reva/pull/955 https://github.com/cs3org/reva/pull/958
https://github.com/cs3org/reva/pull/963

* Enhancement - Update reva to v0.1.1-0.20200722125752-6dea7936f9d1: [#392](https://github.com/owncloud/ocis-reva/pull/392)

- Update reva to v0.1.1-0.20200722125752-6dea7936f9d1 - Added signing key
capability (reva/#986) - Add functionality to create webdav references for OCM
shares (reva/#974) - Added a site locations exporter to Mentix (reva/#972) - Add
option to config to allow requests to hosts with unverified certificates
(reva/#969)

Https://github.com/owncloud/ocis-reva/pull/392
https://github.com/cs3org/reva/pull/986 https://github.com/cs3org/reva/pull/974
https://github.com/cs3org/reva/pull/972 https://github.com/cs3org/reva/pull/969

* Enhancement - Make frontend prefixes configurable: [#363](https://github.com/owncloud/ocis-reva/pull/363)

We introduce three new environment variables and preconfigure them the following
way:

* `REVA_FRONTEND_DATAGATEWAY_PREFIX="data"`
* `REVA_FRONTEND_OCDAV_PREFIX=""`
* `REVA_FRONTEND_OCS_PREFIX="ocs"`

This restores the reva defaults that were changed upstream.

Https://github.com/owncloud/ocis-reva/pull/363
https://github.com/cs3org/reva/pull/936/files#diff-51bf4fb310f7362f5c4306581132fc3bR63

* Enhancement - Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66: [#341](https://github.com/owncloud/ocis-reva/pull/341)

- Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66 (#341) - Added country
information to Mentix (reva/#924) - Refactor metrics package to implement reader
interface (reva/#934) - Fix OCS public link share update values logic (#252,
#288, reva/#930)

Https://github.com/owncloud/ocis-reva/issues/252
https://github.com/owncloud/ocis-reva/issues/288
https://github.com/owncloud/ocis-reva/pull/341
https://github.com/cs3org/reva/pull/924 https://github.com/cs3org/reva/pull/934
https://github.com/cs3org/reva/pull/930

* Enhancement - Update reva to v0.1.1-0.20200709064551-91eed007038f: [#362](https://github.com/owncloud/ocis-reva/pull/362)

- Update reva to v0.1.1-0.20200709064551-91eed007038f (#362) - Fix config for
uploads when data server is not exposed (reva/#936) - Update OCM partners
endpoints (reva/#937) - Update Ailleron endpoint (reva/#938) - OCS: Fix
initialization of shares json file (reva/#940) - OCS: Fix returned public link
URL (#336, reva/#945) - OCS: Share wrap resource id correctly (#344, reva/#951)
- OCS: Implement share handling for accepting and listing shares (#11,
reva/#929) - ocm: dynamically lookup IPs for provider check (reva/#946) - ocm:
add functionality to mail OCM invite tokens (reva/#944) - Change percentagused
to percentageused (reva/#903) - Fix file-descriptor leak (reva/#954)

Https://github.com/owncloud/ocis-reva/issues/344
https://github.com/owncloud/ocis-reva/issues/336
https://github.com/owncloud/ocis-reva/issues/11
https://github.com/owncloud/ocis-reva/pull/362
https://github.com/cs3org/reva/pull/936 https://github.com/cs3org/reva/pull/937
https://github.com/cs3org/reva/pull/938 https://github.com/cs3org/reva/pull/940
https://github.com/cs3org/reva/pull/951 https://github.com/cs3org/reva/pull/945
https://github.com/cs3org/reva/pull/929 https://github.com/cs3org/reva/pull/946
https://github.com/cs3org/reva/pull/944 https://github.com/cs3org/reva/pull/903
https://github.com/cs3org/reva/pull/954

* Enhancement - Add new config options for the http client: [#330](https://github.com/owncloud/ocis-reva/pull/330)

The internal certificates are checked for validity after
https://github.com/cs3org/reva/pull/914, which causes the acceptance tests to
fail. This change sets new hardcoded defaults.

Https://github.com/owncloud/ocis-reva/pull/330

* Enhancement - Allow datagateway transfers to take 24h: [#323](https://github.com/owncloud/ocis-reva/pull/323)

- Increase transfer token life time to 24h (PR #323)

Https://github.com/owncloud/ocis-reva/pull/323

* Enhancement - Update reva to v0.1.1-0.20200630075923-39a90d431566: [#320](https://github.com/owncloud/ocis-reva/pull/320)

- Update reva to v0.1.1-0.20200630075923-39a90d431566 (#320) - Return special
value for public link password (#294, reva/#904) - Fix public stat and
listcontainer response to contain the correct prefix (#310, reva/#902)

Https://github.com/owncloud/ocis-reva/issues/310
https://github.com/owncloud/ocis-reva/issues/294
https://github.com/owncloud/ocis-reva/pull/320
https://github.com/cs3org/reva/pull/902 https://github.com/cs3org/reva/pull/904

* Enhancement - Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66: [#328](https://github.com/owncloud/ocis-reva/pull/328)

- Update reva to v0.1.1-0.20200701152626-2f6cc60e2f66 (#328) - Use sync.Map on
pool package (reva/#909) - Use mutex instead of sync.Map (reva/#915) - Use
gatewayProviders instead of storageProviders on conn pool (reva/#916) - Add
logic to ls and stat to process arbitrary metadata keys (reva/#905) -
Preliminary implementation of Set/UnsetArbitraryMetadata (reva/#912) - Make
datagateway forward headers (reva/#913, reva/#926) - Add option to cmd upload to
disable tus (reva/#911) - OCS Share Allow date-only expiration for public shares
(#288, reva/#918) - OCS Share Remove array from OCS Share update response (#252,
reva/#919) - OCS Share Implement GET request for single shares (#249, reva/#921)

Https://github.com/owncloud/ocis-reva/issues/288
https://github.com/owncloud/ocis-reva/issues/252
https://github.com/owncloud/ocis-reva/issues/249
https://github.com/owncloud/ocis-reva/pull/328
https://github.com/cs3org/reva/pull/909 https://github.com/cs3org/reva/pull/915
https://github.com/cs3org/reva/pull/916 https://github.com/cs3org/reva/pull/905
https://github.com/cs3org/reva/pull/912 https://github.com/cs3org/reva/pull/913
https://github.com/cs3org/reva/pull/926 https://github.com/cs3org/reva/pull/911
https://github.com/cs3org/reva/pull/918 https://github.com/cs3org/reva/pull/919
https://github.com/cs3org/reva/pull/921

* Enhancement - Update reva to v0.1.1-0.20200629131207-04298ea1c088: [#309](https://github.com/owncloud/ocis-reva/pull/309)

- Update reva to v0.1.1-0.20200629094927-e33d65230abc (#309) - Fix public link
file share (#278, reva/#895, reva/#900) - Delete public share (reva/#899) -
Updated reva to v0.1.1-0.20200629131207-04298ea1c088 (#313)

Https://github.com/owncloud/ocis-reva/issues/278
https://github.com/owncloud/ocis-reva/pull/309
https://github.com/cs3org/reva/pull/895 https://github.com/cs3org/reva/pull/899
https://github.com/cs3org/reva/pull/900
https://github.com/owncloud/ocis-reva/pull/313

* Enhancement - Update reva to v0.1.1-0.20200626111234-e21c32db9614: [#261](https://github.com/owncloud/ocis-reva/pull/261)

- Updated reva to v0.1.1-0.20200626111234-e21c32db9614 (#304) - TUS upload
support through datagateway (#261, reva/#878, reva/#888) - Added support for
differing metrics path for Prometheus to Mentix (reva/#875) - More data exported
by Mentix (reva/#881) - Implementation of file operations in public folder
shares (#49, #293, reva/#877) - Make httpclient trust local certificates for now
(reva/#880) - EOS homes are not configured with an enable-flag anymore, but with
a dedicated storage driver. We're using it now and adapted default configs of
storages (reva/#891, #304)

Https://github.com/owncloud/ocis-reva/issues/49
https://github.com/owncloud/ocis-reva/issues/293
https://github.com/owncloud/ocis-reva/issues/261
https://github.com/owncloud/ocis-reva/pull/261
https://github.com/cs3org/reva/pull/875 https://github.com/cs3org/reva/pull/877
https://github.com/cs3org/reva/pull/878 https://github.com/cs3org/reva/pull/881
https://github.com/cs3org/reva/pull/880 https://github.com/cs3org/reva/pull/888
https://github.com/owncloud/ocis-reva/pull/304
https://github.com/cs3org/reva/pull/891

* Enhancement - Update reva to v0.1.1-0.20200624063447-db5e6635d5f0: [#279](https://github.com/owncloud/ocis-reva/pull/279)

- Updated reva to v0.1.1-0.20200624063447-db5e6635d5f0 (#279) - Local storage:
URL-encode file ids to ease integration with other microservices like WOPI
(reva/#799) - Mentix fixes (reva/#803, reva/#817) - OCDAV: fix returned
timestamp format (#116, reva/#805) - OCM: add default prefix (#814) - add the
content-length header to the responses (reva/#816) - Deps: clean (reva/#818) -
Fix trashbin listing (#112, #253, #254, reva/#819) - Make the json publicshare
driver configurable (reva/#820) - TUS: Return metadata headers after direct
upload (ocis/#216, reva/#813) - Set mtime to storage after simple upload (#174,
reva/#823, reva/#841) - Configure grpc client to allow for insecure conns and
skip server certificate verification (reva/#825) - Deployment: simplify config
with more default values (reva/#826, reva/#837, reva/#843, reva/#848, reva/#842)
- Separate local fs into home and with home disabled (reva/#829) - Register
reflection after other services (reva/#831) - Refactor EOS fs (reva/#830) - Add
ocs-share-permissions to the propfind response (#47, reva/#836) - OCS: Properly
read permissions when creating public link (reva/#852) - localfs: make normalize
return associated error (reva/#850) - EOS grpc driver (reva/#664) - OCS: Add
support for legacy public link arg publicUpload (reva/#853) - Add cache layer to
user REST package (reva/#849) - Meshdirectory: pass query params to selected
provider (reva/#863) - Pass etag in quotes from the fs layer (#269, reva/#866,
reva/#867) - OCM: use refactored cs3apis provider definition (reva/#864)

Https://github.com/owncloud/ocis-reva/issues/116
https://github.com/owncloud/ocis-reva/issues/112
https://github.com/owncloud/ocis-reva/issues/253
https://github.com/owncloud/ocis-reva/issues/254
https://github.com/owncloud/ocis/issues/216
https://github.com/owncloud/ocis-reva/issues/174
https://github.com/owncloud/ocis-reva/issues/47
https://github.com/owncloud/ocis-reva/issues/269
https://github.com/owncloud/ocis-reva/pull/279
https://github.com/owncloud/cs3org/reva/pull/799
https://github.com/owncloud/cs3org/reva/pull/803
https://github.com/owncloud/cs3org/reva/pull/817
https://github.com/owncloud/cs3org/reva/pull/805
https://github.com/owncloud/cs3org/reva/pull/814
https://github.com/owncloud/cs3org/reva/pull/816
https://github.com/owncloud/cs3org/reva/pull/818
https://github.com/owncloud/cs3org/reva/pull/819
https://github.com/owncloud/cs3org/reva/pull/820
https://github.com/owncloud/cs3org/reva/pull/823
https://github.com/owncloud/cs3org/reva/pull/841
https://github.com/owncloud/cs3org/reva/pull/813
https://github.com/owncloud/cs3org/reva/pull/825
https://github.com/owncloud/cs3org/reva/pull/826
https://github.com/owncloud/cs3org/reva/pull/837
https://github.com/owncloud/cs3org/reva/pull/843
https://github.com/owncloud/cs3org/reva/pull/848
https://github.com/owncloud/cs3org/reva/pull/842
https://github.com/owncloud/cs3org/reva/pull/829
https://github.com/owncloud/cs3org/reva/pull/831
https://github.com/owncloud/cs3org/reva/pull/830
https://github.com/owncloud/cs3org/reva/pull/836
https://github.com/owncloud/cs3org/reva/pull/852
https://github.com/owncloud/cs3org/reva/pull/850
https://github.com/owncloud/cs3org/reva/pull/664
https://github.com/owncloud/cs3org/reva/pull/853
https://github.com/owncloud/cs3org/reva/pull/849
https://github.com/owncloud/cs3org/reva/pull/863
https://github.com/owncloud/cs3org/reva/pull/866
https://github.com/owncloud/cs3org/reva/pull/867
https://github.com/owncloud/cs3org/reva/pull/864

* Enhancement - Add TUS global capability: [#177](https://github.com/owncloud/ocis-reva/issues/177)

The TUS global capabilities from Reva are now exposed.

The advertised max chunk size can be configured using the
"--upload-max-chunk-size" CLI switch or "REVA_FRONTEND_UPLOAD_MAX_CHUNK_SIZE"
environment variable. The advertised http method override can be configured
using the "--upload-http-method-override" CLI switch or
"REVA_FRONTEND_UPLOAD_HTTP_METHOD_OVERRIDE" environment variable.

Https://github.com/owncloud/ocis-reva/issues/177
https://github.com/owncloud/ocis-reva/pull/228

* Enhancement - Update reva to v0.1.1-0.20200603071553-e05a87521618: [#244](https://github.com/owncloud/ocis-reva/issues/244)

- Updated reva to v0.1.1-0.20200603071553-e05a87521618 (#244) - Add option to
disable TUS on OC layer (#177, reva/#791) - Dataprovider now supports method
override (#177, reva/#792) - OCS fixes for create public link (reva/#798)

Https://github.com/owncloud/ocis-reva/issues/244
https://github.com/owncloud/ocis-reva/issues/177
https://github.com/cs3org/reva/pull/791 https://github.com/cs3org/reva/pull/792
https://github.com/cs3org/reva/pull/798

* Enhancement - Add public shares service: [#49](https://github.com/owncloud/ocis-reva/issues/49)

Added Public Shares service with CRUD operations and File Public Shares Manager

Https://github.com/owncloud/ocis-reva/issues/49
https://github.com/owncloud/ocis-reva/pull/232

* Enhancement - Update reva to v0.1.1-0.20200529120551-4f2d9c85d3c9: [#49](https://github.com/owncloud/ocis-reva/issues/49)

- Updated reva to v0.1.1-0.20200529120551 (#232) - Public Shares CRUD, File
Public Shares Manager (#49, #232, reva/#681, reva/#788) - Disable
HTTP-KeepAlives to reduce fd count (ocis/#268, reva/#787) - Fix trashbin listing
(#229, reva/#782) - Create PUT wrapper for TUS uploads (reva/#770) - Add
security access headers for ocdav requests (#66, reva/#780) - Add option to
revad cmd to specify logging level (reva/#772) - New metrics package (reva/#740)
- Remove implicit data member from memory store (reva/#774) - Added TUS global
capabilities (#177, reva/#775) - Fix PROPFIND with Depth 1 for cross-storage
operations (reva/#779)

Https://github.com/owncloud/ocis-reva/issues/49
https://github.com/owncloud/ocis-reva/issues/229
https://github.com/owncloud/ocis-reva/issues/66
https://github.com/owncloud/ocis-reva/issues/177
https://github.com/owncloud/ocis/issues/268
https://github.com/owncloud/ocis-reva/pull/232
https://github.com/cs3org/reva/pull/787 https://github.com/cs3org/reva/pull/681
https://github.com/cs3org/reva/pull/788 https://github.com/cs3org/reva/pull/782
https://github.com/cs3org/reva/pull/770 https://github.com/cs3org/reva/pull/780
https://github.com/cs3org/reva/pull/772 https://github.com/cs3org/reva/pull/740
https://github.com/cs3org/reva/pull/774 https://github.com/cs3org/reva/pull/775
https://github.com/cs3org/reva/pull/779

* Enhancement - Update reva to v0.1.1-0.20200520150229: [#161](https://github.com/owncloud/ocis-reva/pull/161)

- Update reva to v0.1.1-0.20200520150229 (#161, #180, #192, #207, #221) - Return
arbitrary metadata with stat, upload without TUS (reva/#766) - Stat file before
returning datagateway URL when initiating download (reva/#765) - REST driver for
user package (reva/#747) - Sharing behavior now consistent with the old backend
(#20, #26, #43, #44, #46, #94 ,reva/#748) - Mentix service (reva/#755) -
meshdirectory: add mentix driver for gocdb sites integration (reva/#754) - Add
functionality to commit to storage for OCM shares (reva/#760) - Add option in
config to disable tus (reva/#759) - ocdav: fix custom property XML parsing in
PROPPATCH handler (#203, reva/#743) - ocdav: fix PROPPATCH response for removed
properties (#186, reva/#742) - ocdav: implement PROPFIND infinity depth (#212,
reva/#758) - Local fs: Allow setting of arbitrary metadata, minor bug fixes
(reva/#764) - Local fs: metadata handling and share persistence (reva/#732) -
Local fs: return file owner info in stat (reva/#750) - Fixed regression when
uploading empty files to OCFS or EOS with PUT and TUS (#188, reva/#734) - On
delete move the file versions to the trashbin (#94, reva/#731) - Fix OCFS move
operation (#182, reva/#729) - Fix OCFS custom property / xattr removal
(reva/#728) - Retry trashbin in case of timestamp collision (reva/#730) -
Disable chunking v1 by default (reva/#678) - Implement ocs to http status code
mapping (#26, reva/#696, reva/#707, reva/#711) - Handle the case if directory
already exists (reva/#695) - Added TUS upload support (reva/#674, reva/#725,
reva/#717) - Always return file sizes in Webdav PROPFIND (reva/#712) - Use
default mime type when none was detected (reva/#713) - Fixed Webdav shallow COPY
(reva/#714) - Fixed arbitrary namespace usage for custom properties in PROPFIND
(#57, reva/#720) - Implement returning Webdav custom properties from xattr (#57,
reva/#721) - Minor fix in OCM share pkg (reva/#718)

Https://github.com/owncloud/ocis-reva/issues/20
https://github.com/owncloud/ocis-reva/issues/26
https://github.com/owncloud/ocis-reva/issues/43
https://github.com/owncloud/ocis-reva/issues/44
https://github.com/owncloud/ocis-reva/issues/46
https://github.com/owncloud/ocis-reva/issues/94
https://github.com/owncloud/ocis-reva/issues/26
https://github.com/owncloud/ocis-reva/issues/67
https://github.com/owncloud/ocis-reva/issues/57
https://github.com/owncloud/ocis-reva/issues/94
https://github.com/owncloud/ocis-reva/issues/188
https://github.com/owncloud/ocis-reva/issues/182
https://github.com/owncloud/ocis-reva/issues/212
https://github.com/owncloud/ocis-reva/issues/186
https://github.com/owncloud/ocis-reva/issues/203
https://github.com/owncloud/ocis-reva/pull/161
https://github.com/owncloud/ocis-reva/pull/180
https://github.com/owncloud/ocis-reva/pull/192
https://github.com/owncloud/ocis-reva/pull/207
https://github.com/owncloud/ocis-reva/pull/221
https://github.com/cs3org/reva/pull/766 https://github.com/cs3org/reva/pull/765
https://github.com/cs3org/reva/pull/755 https://github.com/cs3org/reva/pull/754
https://github.com/cs3org/reva/pull/747 https://github.com/cs3org/reva/pull/748
https://github.com/cs3org/reva/pull/760 https://github.com/cs3org/reva/pull/759
https://github.com/cs3org/reva/pull/678 https://github.com/cs3org/reva/pull/696
https://github.com/cs3org/reva/pull/707 https://github.com/cs3org/reva/pull/711
https://github.com/cs3org/reva/pull/695 https://github.com/cs3org/reva/pull/674
https://github.com/cs3org/reva/pull/725 https://github.com/cs3org/reva/pull/717
https://github.com/cs3org/reva/pull/712 https://github.com/cs3org/reva/pull/713
https://github.com/cs3org/reva/pull/720 https://github.com/cs3org/reva/pull/718
https://github.com/cs3org/reva/pull/731 https://github.com/cs3org/reva/pull/734
https://github.com/cs3org/reva/pull/729 https://github.com/cs3org/reva/pull/728
https://github.com/cs3org/reva/pull/730 https://github.com/cs3org/reva/pull/758
https://github.com/cs3org/reva/pull/742 https://github.com/cs3org/reva/pull/764
https://github.com/cs3org/reva/pull/743 https://github.com/cs3org/reva/pull/732
https://github.com/cs3org/reva/pull/750

* Bugfix - Stop advertising unsupported chunking v2: [#145](https://github.com/owncloud/ocis-reva/pull/145)

Removed "chunking" attribute in the DAV capabilities. Please note that chunking
v2 is advertised as "chunking 1.0" while chunking v1 is the attribute
"bigfilechunking" which is already false.

Https://github.com/owncloud/ocis-reva/pull/145

* Enhancement - Allow configuring the gateway for dataproviders: [#136](https://github.com/owncloud/ocis-reva/pull/136)

This allows using basic or bearer auth when directly talking to dataproviders.

Https://github.com/owncloud/ocis-reva/pull/136

* Enhancement - Use a configured logger on reva runtime: [#153](https://github.com/owncloud/ocis-reva/pull/153)

For consistency reasons we need a configured logger that is inline with an ocis
logger, so the log cascade can be easily parsed by a human.

Https://github.com/owncloud/ocis-reva/pull/153

* Bugfix - Fix eos user sharing config: [#127](https://github.com/owncloud/ocis-reva/pull/127)

We have added missing config options for the user sharing manager and added a
dedicated eos storage command with pre configured settings for the eos-docker
container. It configures a `Shares` folder in a users home when using eos as the
storage driver.

Https://github.com/owncloud/ocis-reva/pull/127

* Enhancement - Update reva to v1.1.0-20200414133413: [#127](https://github.com/owncloud/ocis-reva/pull/127)

Adds initial public sharing and ocm implementation.

Https://github.com/owncloud/ocis-reva/pull/127

* Bugfix - Fix eos config: [#125](https://github.com/owncloud/ocis-reva/pull/125)

We have added missing config options for the home layout to the config struct
that is passed to eos.

Https://github.com/owncloud/ocis-reva/pull/125

* Bugfix - Set correct flag type in the flagsets: [#75](https://github.com/owncloud/ocis-reva/issues/75)

While upgrading to the micro/cli version 2 there where two instances of
`StringFlag` which had not been changed to `StringSliceFlag`. This caused
`ocis-reva users` and `ocis-reva storage-root` to fail on startup.

Https://github.com/owncloud/ocis-reva/issues/75
https://github.com/owncloud/ocis-reva/pull/76

* Bugfix - We fixed a typo in the `REVA_LDAP_SCHEMA_MAIL` environment variable: [#113](https://github.com/owncloud/ocis-reva/pull/113)

It was misspelled as `REVA_LDAP_SCHEMA_Mail`.

Https://github.com/owncloud/ocis-reva/pull/113

* Bugfix - Allow different namespaces for /webdav and /dav/files: [#68](https://github.com/owncloud/ocis-reva/pull/68)

After fbf131c the path for the "new" webdav path does not contain a username
`/remote.php/dav/files/textfile0.txt`. It used to be
`/remote.php/dav/files/oc/einstein/textfile0.txt` So it lost `oc/einstein`.

This PR allows setting up different namespaces for `/webav` and `/dav/files`:

`/webdav` is jailed into `/home` - which uses the home storage driver and uses
the logged in user to construct the path `/dav/files` is jailed into `/oc` -
which uses the owncloud storage driver and expects a username as the first path
segment

This mimics oc10

The `WEBDAV_NAMESPACE_JAIL` environment variable is split into -
`WEBDAV_NAMESPACE` and - `DAV_FILES_NAMESPACE` accordingly.

Https://github.com/owncloud/ocis-reva/pull/68 related:

* Change - Use /home as default namespace: [#68](https://github.com/owncloud/ocis-reva/pull/68)

Currently, cross storage etag propagation is not yet implemented, which prevents
the desktop client from detecting changes via the PROPFIND to /. / is managed by
the root storage provider which is independent of the home and oc storage
providers. If a file changes in /home/foo, the etag change will only be
propagated to the root of the home storage provider.

This change jails users into the `/home` namespace, and allows configuring the
namespace to use for the two webdav endpoints using the new environment variable
`WEBDAV_NAMESPACE_JAIL` which affects both endpoints `/dav/files` and `/webdav`.

This will allow us to focus on getting a single storage driver like eos or
owncloud tested and better resembles what owncloud 10 does.

To get back the global namespace, which ultimately is the goal, just set the
above environment variable to `/`.

Https://github.com/owncloud/ocis-reva/pull/68

* Change - Initial release of basic version: [#1](https://github.com/owncloud/ocis-reva/issues/1)

Just prepared an initial basic version to start a reva server and start
integrating with the go-micro base dextension framework of ownCloud Infinite
Scale.

Https://github.com/owncloud/ocis-reva/issues/1

* Change - Start multiple services with dedicated commands: [#6](https://github.com/owncloud/ocis-reva/issues/6)

The initial version would only allow us to use a set of reva configurations to
start multiple services. We use a more opinionated set of commands to start
dedicated services that allows us to configure them individually. It allows us
to switch eg. the user backend to LDAP and fully use it on the cli.

Https://github.com/owncloud/ocis-reva/issues/6

* Change - Storage providers now default to exposing data servers: [#89](https://github.com/owncloud/ocis-reva/issues/89)

The flags that let reva storage providers announce that they expose a data
server now defaults to true:

`REVA_STORAGE_HOME_EXPOSE_DATA_SERVER=1` `REVA_STORAGE_OC_EXPOSE_DATA_SERVER=1`

Https://github.com/owncloud/ocis-reva/issues/89

* Change - Default to running behind ocis-proxy: [#113](https://github.com/owncloud/ocis-reva/pull/113)

We changed the default configuration to integrate better with ocis.

- We use ocis-glauth as the default ldap server on port 9125 with base
`dc=example,dc=org`. - We use a dedicated technical `reva` user to make ldap
binds - Clients are supposed to use the ocis-proxy endpoint
`https://localhost:9200` - We removed unneeded ocis configuration from the
frontend which no longer serves an oidc provider. - We changed the default user
OpaqueID attribute from `sub` to `preferred_username`. The latter is a claim
populated by konnectd that can also be used by the reva ldap user manager to
look up users by their OpaqueId

Https://github.com/owncloud/ocis-reva/pull/113

* Enhancement - Expose owncloud storage driver config in flagset: [#87](https://github.com/owncloud/ocis-reva/issues/87)

Three new flags are now available:

- scan files on startup to generate missing fileids default: `true` env var:
`REVA_STORAGE_OWNCLOUD_SCAN` cli option: `--storage-owncloud-scan`

- autocreate home path for new users default: `true` env var:
`REVA_STORAGE_OWNCLOUD_AUTOCREATE` cli option: `--storage-owncloud-autocreate`

- the address of the redis server default: `:6379` env var:
`REVA_STORAGE_OWNCLOUD_REDIS_ADDR` cli option: `--storage-owncloud-redis`

Https://github.com/owncloud/ocis-reva/issues/87

* Enhancement - Update reva to v0.0.2-0.20200212114015-0dbce24f7e8b: [#91](https://github.com/owncloud/ocis-reva/pull/91)

Reva has seen a lot of changes that allow us to - reduce the configuration
overhead - use the autocreate home folder option - use the home folder path
layout option - no longer start the root storage

Https://github.com/owncloud/ocis-reva/pull/91 related:

* Enhancement - Allow configuring user sharing driver: [#115](https://github.com/owncloud/ocis-reva/pull/115)

We now default to `json` which persists shares in the sharing manager in a json
file instead of an in memory db.

Https://github.com/owncloud/ocis-reva/pull/115

https://github.com/owncloud/product/issues/244

  • Enhancement - Add the store service: #244

    Tags: store

    • Enhancement - Add version command: #226
    • Bugfix - Removed code from other service: #7
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #5
    • Change - Initial release of basic version: #1

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the thumbnails service: #244

    Tags: thumbnails

    • Enhancement - Add version command: #226
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #35
    • Enhancement - Serve the metrics endpoint: #37
    • Change - Add more default resolutions: #23
    • Change - Refactor code to remove code smells: #21
    • Change - Use micro service error api: #31
    • Enhancement - Limit users to access own thumbnails: #5
    • Bugfix - Fix usage of context.Context: #18
    • Bugfix - Fix execution when passing program flags: #15
    • Change - Initial release of basic version: #1
    • Change - Use predefined resolutions for thumbnail generation: #7
    • Change - Implement the first working version: #3

    https://github.com/owncloud/product/issues/244

  • Enhancement - Add the webdav service: #244

    Tags: webdav

    • Enhancement - Add version command: #226
    • Bugfix - Build docker images with alpine:latest instead of alpine:edge: #22
    • Change Change status not found on missing thumbnail: #20
    • Change - Initial release of basic version: #1
    • Change - Update ocis-pkg to version 2.2.0: #16
    • Enhancement - Configuration: #14
    • Enhancement - Implement preview API: #13

    https://github.com/owncloud/product/issues/244

  • Enhancement - Launch a storage to store ocis-metadata: #602

    Tags: metadata, accounts, settings

    In the future accounts, settings etc. should be stored in a dedicated metadata storage. The services should talk to this storage directly, bypassing reva-gateway.

    https://github.com/owncloud/ocis/pull/602

  • Enhancement - Add basic auth option: #627

    We added a new enable-basic-auth option and PROXY_ENABLE_BASIC_AUTH environment variable that can be set to true to make the proxy verify the basic auth header with the accounts service. This should only be used for testing and development and is disabled by default.

    https://github.com/owncloud/product/issues/198 https://github.com/owncloud/ocis/pull/627

  • Enhancement - Add glauth fallback backend: #649

    We introduced the fallback-datastore config option and the corresponding options to allow configuring a simple chain of two handlers.

    Simple, because it is intended for bind and single result search queries. Merging large sets of results is currently out of scope. For now, the implementation will only search the fallback backend if the default backend returns an error or the number of results is 0. This is sufficient to allow an IdP to authenticate users from ocis as well as owncloud 10 as described in the bridge scenario.

    https://github.com/owncloud/ocis-glauth/issues/18 https://github.com/owncloud/ocis/pull/649

  • Enhancement - Update reva to dd3a8c0f38: #725

    • fixes etag propagation in the ocis driver

    https://github.com/owncloud/ocis/pull/725 https://github.com/cs3org/reva/pull/1264

  • Enhancement - Update konnectd to v0.33.8: #744

    This update adds options which allow the configuration of oidc-token expiration parameters: KONNECTD_ACCESS_TOKEN_EXPIRATION, KONNECTD_ID_TOKEN_EXPIRATION and KONNECTD_REFRESH_TOKEN_EXPIRATION.

    Other changes from upstream:

    • Generate random endsession state for external authority - Update dependencies in Dockerfile - Set prompt=None to avoid loops with external authority - Update Jenkins reporting plugin from checkstyle to recordIssues - Remove extra kty key from JWKS top level document - Fix regression which encodes URL fragments twice
    • Avoid generating fragment/query URLs with wrong order - Return state for oidc endsession response redirects - Use server provided username to avoid case mismatch - Use signed-out-uri if set as fallback for goodbye redirect on saml slo - Add checks to ensure post_logout_redirect_uri is not empty - Fix SAML2 logout request parsing - Cure panic when no state is found in saml esr - Use SAML IdP Issuer value from meta data entityID - Allow configuration of expiration of oidc access, id and refresh tokens - Implement trampolin for external OIDC authority end session - Update ca-certificates version

    https://github.com/owncloud/ocis/pull/744

  • Enhancement - Update reva to cdb3d6688da5: #748

    • let the gateway filter invalid references

    https://github.com/owncloud/ocis/pull/748 https://github.com/cs3org/reva/pull/1274

  • Enhancement - Update glauth to dev 4f029234b2308: #786

    Includes a bugfix, don't mix graph and provisioning api.

    https://github.com/owncloud/ocis/pull/786

  • Enhancement - Update reva to v1.4.1-0.20201123062044-b2c4af4e897d: #823

    https://github.com/owncloud/ocis-reva/issues/260 https://github.com/owncloud/ocis-reva/issues/311 https://github.com/owncloud/ocis/pull/823 https://github.com/cs3org/reva/pull/1285 https://github.com/cs3org/reva/pull/1302 https://github.com/cs3org/reva/pull/1314 https://github.com/cs3org/reva/pull/1316 https://github.com/cs3org/reva/pull/1317 https://github.com/cs3org/reva/pull/1323 https://github.com/cs3org/reva/pull/1324 https://github.com/cs3org/reva/pull/1326

  • Enhancement - Update glauth to dev fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2: #834

    We updated glauth to dev commit fd3ac7e4bbdc93578655d9a08d8e23f105aaa5b2, which allows to skip certificate checks for the owncloud backend.

    https://github.com/owncloud/ocis/pull/834

  • Enhancement - Better adopt Go-Micro: #840

    Tags: ocis

    There are a few building blocks that we were relying on default behavior, such as micro.Registry and the go-micro client. In order for oCIS to work in any environment and not relying in black magic configuration or running daemons we need to be able to:

    • Provide with a configurable go-micro registry. - Use our own go-micro client adjusted to our own needs (i.e: custom timeout, custom dial timeout, custom transport...)

    This PR is relying on 2 env variables from Micro: MICRO_REGISTRY and MICRO_REGISTRY_ADDRESS. The latter does not make sense to provide if the registry is not etcd.

    The current implementation only accounts for mdns and etcd registries, defaulting to mdns when not explicitly defined to use etcd.

    https://github.com/owncloud/ocis/pull/840

  • Enhancement - Tidy dependencies: #845

    Methodology:

    go-modules() {
  find . \( -name vendor -o -name '[._].*' -o -name node_modules \) -prune -o -name go.mod -print | sed 's:/go.mod$::'
}

    for m in $(go-modules); do (cd $m && go mod tidy); done

    https://github.com/owncloud/ocis/pull/845

  • Enhancement - Create OnlyOffice extension: #857

    Tags: OnlyOffice

    We've created an OnlyOffice extension which enables users to create and edit docx documents and open spreadsheets and presentations.

    https://github.com/owncloud/ocis/pull/857

  • Enhancement - Cache userinfo in proxy: #877

    Tags: proxy

    We introduced caching for the userinfo response. The token expiration is used for cache invalidation if available. Otherwise we fall back to a preconfigured TTL (default 10 seconds).

    https://github.com/owncloud/ocis/pull/877

  • Enhancement - Add permission check when assigning and removing roles: #879

    Everyone could add and remove roles from users. Added a new permission and a check so that only users with the role management permissions can assign and unassign roles.

    https://github.com/owncloud/ocis/issues/879

  • Enhancement - Show basic-auth warning only once: #886

    Show basic-auth warning only on startup instead on every request.

    https://github.com/owncloud/ocis/pull/886

  • Enhancement - Create a proxy access-log: #889

    Logs client access at the proxy

    https://github.com/owncloud/ocis/pull/889

  • Enhancement - Add a version command to ocis: #915

    The version command was only implemented in the extensions. This adds the version command to ocis to list all services in the ocis namespace.

    https://github.com/owncloud/ocis/pull/915

  • Enhancement - Add k6: #941

    Tags: tests

    Add k6 as a performance testing framework

    https://github.com/owncloud/ocis/pull/941 https://github.com/owncloud/ocis/pull/983

  • Enhancement - Update reva to v1.4.1-0.20201127111856-e6a6212c1b7b: #971

    Tags: reva

    https://github.com/owncloud/ocis/pull/971 https://github.com/cs3org/reva/pull/1331 https://github.com/cs3org/reva/pull/1342

  • Enhancement - Update reva to v1.4.1-0.20201130061320-ac85e68e0600: #980

    https://github.com/owncloud/ocis/issues/975 https://github.com/owncloud/ocis/pull/980 https://github.com/cs3org/reva/pull/1343

  • Enhancement - Add www-authenticate based on user agent: #1009

    Tags: reva, proxy

    We now comply with HTTP spec by adding Www-Authenticate headers on every 401 request. Furthermore, we not only take care of such a thing at the Proxy but also Reva will take care of it. In addition, we now are able to lock-in a set of User-Agent to specific challenges.

    Admins can use this feature by configuring oCIS + Reva following this approach:

    STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT="mirall:basic, Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0:bearer" \
PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT="mirall:basic, Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:83.0) Gecko/20100101 Firefox/83.0:bearer" \
PROXY_ENABLE_BASIC_AUTH=true \
go run cmd/ocis/main.go server

    We introduced two new environment variables:

    STORAGE_FRONTEND_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT as well as PROXY_MIDDLEWARE_AUTH_CREDENTIALS_BY_USER_AGENT, The reason they have the same value is not to rely on the os env on a distributed environment, so in redundancy we trust. They both configure the same on the backend storage and oCIS Proxy.

    https://github.com/owncloud/ocis/pull/1009

  • Enhancement - Add tracing to the accounts service: #1016

    Added tracing to the accounts service.

    https://github.com/owncloud/ocis/issues/1016

  • Enhancement - Runtime Cleanup: #1066

    Small runtime cleanup prior to Tech Preview release

    https://github.com/owncloud/ocis/pull/1066

  • Enhancement - Update reva to 063b3db9162b: #1091

    • bring public link removal changes to OCIS. - fix subcommand name collision from renaming phoenix -> web.

    https://github.com/owncloud/ocis/issues/1098 https://github.com/owncloud/ocis/pull/1091

  • Enhancement - Update OCIS Runtime: #1108

    • enhances the overall behavior of our runtime - runtime db file configurable
    • two new env variables to deal with the runtime - RUNTIME_DB_FILE and RUNTIME_KEEP_ALIVE - RUNTIME_KEEP_ALIVE defaults to false to provide backwards compatibility - if RUNTIME_KEEP_ALIVE is set to true, if a supervised process terminates the runtime will attempt to start with the same environment provided.

    https://github.com/owncloud/ocis/pull/1108

  • Enhancement - Update reva to v1.4.1-0.20201125144025-57da0c27434c: #1320

    Mostly to bring fixes to pressing changes.

    https://github.com/cs3org/reva/pull/1320 https://github.com/cs3org/reva/pull/1338