Releases: cs3org/reva
v2.22.0
Changelog for reva 2.22.0 (2024-07-29)
The following sections list the changes in reva 2.22.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4741: Always find unique providers
- Fix #4762: Blanks in dav Content-Disposition header
- Fix #4775: Fixed the response code when copying the shared from to personal
- Fix #4633: Allow all users to create internal links
- Fix #4771: Deleting resources via their id
- Fix #4768: Fixed the file name validation if nodeid is used
- Fix #4758: Fix moving locked files, enable handling locked files via ocdav
- Fix #4774: Fix micro ocdav service init and registration
- Fix #4776: Fix response code for DEL file that in postprocessing
- Fix #4746: Uploading the same file multiple times leads to orphaned blobs
- Fix #4778: Zero byte uploads
- Chg #4759: Updated to the latest version of the go-cs3apis
- Chg #4773: Ocis bumped
- Enh #4766: Set archiver output format via query parameter
- Enh #4763: Improve posixfs storage driver
Details
- Bugfix #4741: Always find unique providers
The gateway will now always try to find a single unique provider. It has stopped aggregating
multiple ListContainer responses when we removed any business logic from it.
- Bugfix #4762: Blanks in dav Content-Disposition header
We've fixed the encoding of blanks in the dav Content-Disposition header.
- Bugfix #4775: Fixed the response code when copying the shared from to personal
We fixed the response code when copying the file from shares to personal space with a secure view
role.
- Bugfix #4633: Allow all users to create internal links
Due to a bug, not all space members were allowed to create internal links. This has been fixed.
- Bugfix #4771: Deleting resources via their id
We fixed a bug where deleting resources by using their id via the /dav/spaces/ endpoint would
not work.
- Bugfix #4768: Fixed the file name validation if nodeid is used
We have fixed the file name validation if nodeid is used
- Bugfix #4758: Fix moving locked files, enable handling locked files via ocdav
We fixed a problem when trying to move locked files. We also enabled the ocdav service to handle
locked files.
- Bugfix #4774: Fix micro ocdav service init and registration
We no longer call Init to configure default options because it was replacing the existing
options.
- Bugfix #4776: Fix response code for DEL file that in postprocessing
We fixed the response code when DELETE and MOVE requests to the file that is still in
post-processing.
- Bugfix #4746: Uploading the same file multiple times leads to orphaned blobs
Fixed a bug where multiple uploads of the same file would lead to orphaned blobs in the
blobstore. These orphaned blobs will now be deleted.
- Bugfix #4778: Zero byte uploads
Zero byte uploads would trigger postprocessing which lead to breaking pipelines.
- Change #4759: Updated to the latest version of the go-cs3apis
The go-cs3apis dependency was updated to the latest version
- Change #4773: Ocis bumped
Ocis bumped. The expected failures removed.
- Enhancement #4766: Set archiver output format via query parameter
Sets the archive output format e.G "tar" via the url query parameter "output-format",
possible params are "zip" and "tar", falls back to "zip".
owncloud/ocis#9399
owncloud/web#11080
#4766
- Enhancement #4763: Improve posixfs storage driver
Improve the posixfs storage driver by fixing several issues and corner cases.
v2.21.0
Changelog for reva 2.21.0 (2024-07-08)
The following sections list the changes in reva 2.21.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4740: Disallow reserved filenames
- Fix #4748: Quotes in dav Content-Disposition header
- Fix #4750: Validate a space path
- Enh #4737: Add the backchannel logout event
- Enh #4749: DAV error codes
- Enh #4742: Expose disable-versioning configuration option
- Enh #4739: Improve posixfs storage driver
- Enh #4738: Add GetServiceUserToken() method to utils pkg
Details
- Bugfix #4740: Disallow reserved filenames
We now disallow the reserved .. and . filenames. They are only allowed as destinations of
move or copy operations.
- Bugfix #4748: Quotes in dav Content-Disposition header
We've fixed the the quotes in the dav Content-Disposition header. They caused an issue where
certain browsers would decode the quotes and falsely prepend them to the filename.
- Bugfix #4750: Validate a space path
We've fixed the issue when validating a space path
- Enhancement #4737: Add the backchannel logout event
We've added the backchannel logout event
- Enhancement #4749: DAV error codes
DAV error responses now include an error code for clients to use if they need to check for a
specific error type.
- Enhancement #4742: Expose disable-versioning configuration option
This PR exposes the disable-versioning configuration option to the user. This option allows
the user to disable versioning for the storage-providers.
- Enhancement #4739: Improve posixfs storage driver
Improve the posixfs storage driver by fixing several issues and adding missing features.
- Enhancement #4738: Add GetServiceUserToken() method to utils pkg
Added GetServiceUserToken() function to the utils pkg to easily get a reva token for a service
account.
v2.20.0
Changelog for reva 2.20.0 (2024-06-19)
The following sections list the changes in reva 2.20.0 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4623: Consistently use spaceid and nodeid in logs
- Fix #4584: Prevent copying a file to a parent folder
- Fix #4700: Clean empty trash node path on delete
- Fix #4567: Fix error message in authprovider if user is not found
- Fix #4615: Write blob based on session id
- Fix #4557: Fix ceph build
- Fix #4711: Duplicate headers in DAV responses
- Fix #4568: Fix sharing invite on virtual drive
- Fix #4559: Fix graph drive invite
- Fix #4593: Make initiatorIDs also work on uploads
- Fix #4608: Use gateway selector in jsoncs3
- Fix #4546: Fix the mount points naming
- Fix #4678: Fix nats encoding
- Fix #4630: Fix ocm-share-id
- Fix #4518: Fix an error when lock/unlock a file
- Fix #4622: Fix public share update
- Fix #4566: Fix public link previews
- Fix #4589: Fix uploading via a public link
- Fix #4660: Fix creating documents in nested folders of public shares
- Fix #4635: Fix nil pointer when removing groups from space
- Fix #4709: Fix share update
- Fix #4661: Fix space share update for ocs
- Fix #4656: Fix space share update
- Fix #4561: Fix Stat() by Path on re-created resource
- Fix #4710: Tolerate missing user space index
- Fix #4632: Fix access to files withing a public link targeting a space root
- Fix #4603: Mask user email in output
- Chg #4542: Drop unused service spanning stat cache
- Enh #4712: Add the error translation to the utils
- Enh #4696: Add List method to ocis and s3ng blobstore
- Enh #4693: Add mimetype for sb3 files
- Enh #4699: Add a Path method to blobstore
- Enh #4695: Add photo and image props
- Enh #4706: Add secureview flag when listing apps via http
- Enh #4585: Move more consistency checks to the usershare API
- Enh #4702: Added theme capability
- Enh #4672: Add virus filter to list uploads sessions
- Enh #4614: Bump mockery to v2.40.2
- Enh #4621: Use a memory cache for the personal space creation cache
- Enh #4556: Allow tracing requests by giving util functions a context
- Enh #4694: Expose SecureView in WebDAV permissions
- Enh #4652: Better error codes when removing a space member
- Enh #4725: Unique share mountpoint name
- Enh #4689: Extend service account permissions
- Enh #4545: Extend service account permissions
- Enh #4581: Make decomposedfs more extensible
- Enh #4564: Send file locked/unlocked events
- Enh #4730: Improve posixfs storage driver
- Enh #4587: Allow passing a initiator id
- Enh #4645: Add ItemID to LinkRemoved
- Enh #4686: Mint view only token for open in app requests
- Enh #4606: Remove resharing
- Enh #4643: Secure viewer share role
- Enh #4631: Add space-share-updated event
- Enh #4685: Support t and x in ACEs
- Enh #4625: Test async processing cornercases
- Enh #4653: Allow to resolve public shares without the ocs tokeninfo endpoint
- Enh #4657: Add ScanData to Uploadsession
Details
- Bugfix #4623: Consistently use spaceid and nodeid in logs
Sometimes we tried to log a node which led to a JSON recursion error because it contains a
reference to the space root, which references itself. We now always log spaceid and
nodeid.
- Bugfix #4584: Prevent copying a file to a parent folder
When copying a file to its parent folder, the file would be copied onto the parent folder, moving
the original folder to the trash-bin.
owncloud/ocis#1230
#4584
#4582
#4571
- Bugfix #4700: Clean empty trash node path on delete
We now delete empty directories in the trash when an item is purged or restored. This prevents
old empty directories from slowing down the globbing of trash items.
- Bugfix #4567: Fix error message in authprovider if user is not found
- Bugfix #4615: Write blob based on session id
Decomposedfs now uses the session id and size when moving an uplode to the blobstore. This fixes
a cornercase that prevents an upload session from correctly being finished when another
upload session to the file was started and already finished.
- Bugfix #4557: Fix ceph build
- Bugfix #4711: Duplicate headers in DAV responses
We fixed an issue where the DAV response headers were duplicated. This was caused by the WebDav
handler which copied over all headers from the datagateways response. Now, only the relevant
headers are copied over to the DAV response to prevent duplication.
- Bugfix #4568: Fix sharing invite on virtual drive
We fixed the issue when sharing of virtual drive with other users was allowed
- Bugfix #4559: Fix graph drive invite
We fixed the issue when sharing of personal drive is allowed via graph
- Bugfix #4593: Make initiatorIDs also work on uploads
One needs to pass them on initateupload already.
- Bugfix #4608: Use gateway selector in jsoncs3
The jsoncs3 user share manager now uses the gateway selector to get a fresh client before making
requests and uses the configured logger from the context.
- Bugfix #4546: Fix the mount points naming
We fixed a bug that caused inconsistent naming when multiple users share the resource with same
name to another user.
- Bugfix #4678: Fix nats encoding
Encode nats-js-kv keys. This got lost by a dependency bump.
- Bugfix #4630: Fix ocm-share-id
We now use the share id to correctly identify ocm shares.
- Bugfix #4518: Fix an error when lock/unlock a file
We fixed a bug when anonymous user with viewer role in public link of a folder can lock/unlock a
file inside it
- Bugfix #4622: Fix public share update
We fixed the permission check for updating public shares. When updating the permissions of a
public share while not providing a password, the check must be against the new permissions to
take into account that users can opt out only for view permissions.
- Bugfix #4566: Fix public link previews
Fixes previews for public links
- Bugfix #4589: Fix uploading via a public link
Fix http error when uploading via a public link
- Bugfix #4660: Fix creating documents in nested folders of public shares
We fixed a bug that prevented creating new documented in a nested folder of a public share.
- Bugfix #4635: Fix nil pointer when removing groups from space
We fixed the nil pointer when removing groups from space via graph
- Bugfix #4709: Fix share update
We fixed the response code when the role/permission is empty on the share update
- Bugfix #4661: Fix space share update for ocs
We fixed the space share update for ocs.
- Bugfix #4656: Fix space share update
We fixed the permission check for updating the space shares when update an expirationDateTime
only.
- Bugfix #4561: Fix Stat() by Path on re-created resource
We fixed bug that caused Stat Requests using a Path reference to a mount point in the sharejail to
not resolve correctly, when a share using the same mount point to an already deleted resource
was still existing.
- Bugfix #4710: Tolerate missing user space index
We fixed a bug where the spaces for a user were not listed if the user had no space index by user.
This happens when a user has the role "User Light" and has been invited to a project space via a
group.
- Bugfix #4632: Fix access to files withing a public link targeting a space root
We fixed an issue that prevented users from opening documents within a public share that
targets a space root.
- Bugfix #4603: Mask user email in output
We have fixed a bug where the user email was not masked in the output and the user emails could be
enumerated through the sharee search.
- Change #4542: Drop unused service spanning stat cache
We removed the stat cache shared between gateway and storage providers. It is constantly
invalidated and needs a different approach.
v2.19.7
Changelog for reva 2.19.7 (2024-05-13)
The following sections list the changes in reva 2.19.7 relevant to
reva users. The changes are ordered by importance.
Summary
- Enh #4673: Add virus filter to list uploads sessions
Details
- Enhancement #4673: Add virus filter to list uploads sessions
Adds a filter for filtering for infected uploads
v2.19.6
Changelog for reva 2.19.6 (2024-04-29)
The following sections list the changes in reva 2.19.6 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4654: Write blob based on session id
- Fix #4666: Fix uploading via a public link
- Fix #4665: Fix creating documents in nested folders of public shares
- Enh #4655: Bump mockery to v2.40.2
- Enh #4664: Add ScanData to Uploadsession
Details
- Bugfix #4654: Write blob based on session id
Decomposedfs now uses the session id and size when moving an uplode to the blobstore. This fixes
a cornercase that prevents an upload session from correctly being finished when another
upload session to the file was started and already finished.
- Bugfix #4666: Fix uploading via a public link
Fix http error when uploading via a public link
owncloud/ocis#8699
#4666
#4589
- Bugfix #4665: Fix creating documents in nested folders of public shares
We fixed a bug that prevented creating new documented in a nested folder of a public share.
owncloud/ocis#8957
#4665
#4660
- Enhancement #4655: Bump mockery to v2.40.2
We switched to the latest mockery and changed to .mockery.yaml based mock generation.
- Enhancement #4664: Add ScanData to Uploadsession
Adds virus scan results to the upload session.
v2.19.5
Changelog for reva 2.19.5 (2024-04-17)
The following sections list the changes in reva 2.19.5 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4626: Fix public share update
- Fix #4634: Fix access to files withing a public link targeting a space root
Details
- Bugfix #4626: Fix public share update
We fixed the permission check for updating public shares. When updating the permissions of a
public share while not providing a password, the check must be against the new permissions to
take into account that users can opt out only for view permissions.
- Bugfix #4634: Fix access to files withing a public link targeting a space root
We fixed an issue that prevented users from opening documents within a public share that
targets a space root.
v2.19.3
Changelog for reva 2.19.3 (2024-04-04)
The following sections list the changes in reva 2.19.3 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4607: Mask user email in output
Details
- Bugfix #4607: Mask user email in output
We have fixed a bug where the user email was not masked in the output and the user emails could be
enumerated through the sharee search.
v2.16.4
Changelog for reva 2.16.4 (2024-03-22)
The following sections list the changes in reva 2.16.4 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4398: Fix ceph build
- Fix #4396: Allow an empty credentials chain in the auth middleware
- Fix #4423: Fix disconnected traces
- Fix #4590: Fix uploading via a public link
- Fix #4470: Keep failed processing status
- Enh #4397: Introduce UploadSessionLister interface
Details
- Bugfix #4398: Fix ceph build
Fix ceph build as already fixed in edge
- Bugfix #4396: Allow an empty credentials chain in the auth middleware
When running with ocis, all external http-authentication is handled by the proxy service. So
the reva auth middleware should not try to do any basic or bearer auth.
owncloud/ocis#6692
#4396
#4241
- Bugfix #4423: Fix disconnected traces
We fixed a problem where the appctx logger was using a new traceid instead of picking up the one
from the trace parent.
- Bugfix #4590: Fix uploading via a public link
Fix http error when uploading via a public link
owncloud/ocis#8658
owncloud/ocis#8629
#4590
- Bugfix #4470: Keep failed processing status
We now keep the postprocessing status when a blob could not be copied to the blobstore.
- Enhancement #4397: Introduce UploadSessionLister interface
We introduced a new UploadSessionLister interface that allows better control of upload
sessions. Upload sessions include the processing state and can be used to filter and purge the
list of currently ongoing upload sessions.
v2.19.2
Changelog for reva 2.19.2 (2024-03-13)
The following sections list the changes in reva 2.19.2 relevant to
reva users. The changes are ordered by importance.
Summary
- Fix #4557: Fix ceph build
- Fix #4570: Fix sharing invite on virtual drive
- Fix #4559: Fix graph drive invite
- Fix #4518: Fix an error when lock/unlock a file
- Fix #4566: Fix public link previews
- Fix #4561: Fix Stat() by Path on re-created resource
- Enh #4556: Allow tracing requests by giving util functions a context
- Enh #4545: Extend service account permissions
- Enh #4564: Send file locked/unlocked events
Details
- Bugfix #4557: Fix ceph build
- Bugfix #4570: Fix sharing invite on virtual drive
We fixed the issue when sharing of virtual drive with other users was allowed
- Bugfix #4559: Fix graph drive invite
We fixed the issue when sharing of personal drive is allowed via graph
- Bugfix #4518: Fix an error when lock/unlock a file
We fixed a bug when anonymous user with viewer role in public link of a folder can lock/unlock a
file inside it
- Bugfix #4566: Fix public link previews
Fixes previews for public links
- Bugfix #4561: Fix Stat() by Path on re-created resource
We fixed bug that caused Stat Requests using a Path reference to a mount point in the sharejail to
not resolve correctly, when a share using the same mount point to an already deleted resource
was still existing.
- Enhancement #4556: Allow tracing requests by giving util functions a context
We deprecated GetServiceUserContext with GetServiceUserContextWithContext and GetUser
with GetUserWithContext to allow passing in a trace context.
- Enhancement #4545: Extend service account permissions
Adds CreateContainer permisson and improves cs3 storage pkg
- Enhancement #4564: Send file locked/unlocked events
Emit an event when a file is locked or unlocked
v2.19.1
Changelog for reva 2.19.1 (2024-02-29)
The following sections list the changes in reva 2.19.1 relevant to
reva users. The changes are ordered by importance.
Summary
Details
- Bugfix #4534: Fix remove/update share permissions
This is a workaround that should prevent removing or changing the share permissions when the
file is locked. These limitations have to be removed after the wopi server will be able to unlock
the file properly. These limitations are not spread on the files inside the shared folder.
- Bugfix #4539: Fix a typo
We fixed a typo