Table of Contents
- Changelog for 5.0.0-rc.3
Changes in 5.0.0-rc.3
Summary
- Bugfix - Fix wrong compile date: #6132
- Bugfix - Fix the kql-bleve search: #7290
- Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
- Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
- Bugfix - Deprecate redundant encryptions settings for notification service: #7345
- Bugfix - Check school number for duplicates before adding a school: #7351
- Bugfix - Don't reload web config: #7369
- Bugfix - Delete outdated userlog events: #7410
- Bugfix - Set the mountpoint on auto accept: #7460
- Bugfix - Fix default language fallback: #7465
- Bugfix - GetUserByClaim fixed for Active Directory: #7476
- Bugfix - Fix preview request 500 error when made too early: #7502
- Bugfix - Fix 403 in docs pipeline: #7509
- Bugfix - Fix the auth service env variable: #7523
- Bugfix - Token storage config fixed: #7528
- Bugfix - Set existing mountpoint on auto accept: #7592
- Bugfix - Return 423 status code on tag create: #7596
- Bugfix - Fix libre-graph status codes: #7678
- Bugfix - Fix unlock via space API: #7726
- Bugfix - Disable DEPTH infinity in PROPFIND: #7746
- Bugfix - Fix the tgz mime type: #7772
- Bugfix - Fix natsjs cache: #7790
- Bugfix - Fix search service start: #7795
- Bugfix - The race conditions in tests: #7847
- Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
- Bugfix - Fix the public link update: #7862
- Bugfix - Fix jwt config of policies service: #7893
- Bugfix - Updating logo with new theme structure: #7930
- Bugfix - Password policy return code was wrong: #7952
- Bugfix - Removed outdated and unused dependency from idp package: #7957
- Bugfix - Update permission validation: #7963
- Bugfix - Renaming a user to a string with capital letters: #7964
- Bugfix - Improve OCM support: #7973
- Bugfix - Permissions of a role with duplicate ID: #7976
- Bugfix - Non durable streams for sse service: #7986
- Bugfix - Fix empty trace ids: #8023
- Bugfix - Fix search by containing special characters: #8050
- Bugfix - Fix the upload postprocessing: #8117
- Bugfix - Disallow to delete a file during the processing: #8132
- Bugfix - Fix wrong naming in nats-js-kv registry: #8140
- Bugfix - IDP CS3 backend sessions now survire restart: #8142
- Bugfix - Fix patching of language: #8182
- Bugfix - Fix search service to not log expected cases as errors: #8200
- Bugfix - Updating and reset logo failed: #8211
- Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
- Bugfix - Cleanup
search/pkg/search/search.go
: #8230 - Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
- Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
- Bugfix - Fix nats authentication: #8236
- Bugfix - Fix the resource name: #8246
- Bugfix - Apply role constraints when creating shares via the graph API: #8247
- Bugfix - Fix concurrent access to a map: #8269
- Bugfix - Fix nats registry: #8281
- Bugfix - Fix last month search: #31145
- Change - Auto-Accept Shares: #7097
- Change - Change the default TUS chunk size: #7273
- Change - Remove privacyURL and imprintURL from the config: #7938
- Change - Remove accessDeniedHelpUrl from the config: #7970
- Enhancement - Add the Banned Passwords List: #4197
- Enhancement - Introduce service accounts: #6427
- Enhancement - SSE for messaging: #6992
- Enhancement - Support spec violating AD FS access token issuer: #7138
- Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
- Enhancement - Keyword Query Language (KQL) search syntax: #7212
- Enhancement - Introduce clientlog service: #7217
- Enhancement - Proxy uses service accounts for provisioning: #7240
- Enhancement - The password policies change request: #7264
- Enhancement - Introduce natsjs registry: #7272
- Enhancement - Add the password policies: #7285
- Enhancement - Add login URL config: #7317
- Enhancement - Improve SSE format: #7325
- Enhancement - New value
auto
for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356 - Enhancement - Make sse service scalable: #7382
- Enhancement - Edit wrong named enves: #7406
- Enhancement - Thumbnail generation with image processors: #7409
- Enhancement - Set default for Async Uploads to true: #7416
- Enhancement - The default language added: #7417
- Enhancement - Add "Last modified" filter Chip: #7455
- Enhancement - Config for disabling Web extensions: #7486
- Enhancement - Store and index metadata: #7490
- Enhancement - Add support for audio files to the thumbnails service: #7491
- Enhancement - Implement sharing roles: #7524
- Enhancement - Add new permission to delete public link password: #7538
- Enhancement - Add config to enforce passwords on all public links: #7547
- Enhancement - Tika content extraction cleanup for search: #7553
- Enhancement - Allow configuring storage registry with envvars: #7554
- Enhancement - Add search MediaType filter: #7602
- Enhancement - Add Sharing NG endpoints: #7633
- Enhancement - Configs for Web embed mode: #7670
- Enhancement - Add new permissions: #7700
- Enhancement - Add preferred language to user settings: #7720
- Enhancement - Add user filter startswith and contains: #7739
- Enhancement - Allow configuring additional routes: #7740
- Enhancement - Default link permission config: #7783
- Enhancement - Add banned password list to the default deployments: #7784
- Enhancement - Update to go 1.21: #7794
- Enhancement - Add Sharing NG list permissions endpoint: #7805
- Enhancement - Add user list requires filter config: #7866
- Enhancement - Retry antivirus postprocessing step in case of problems: #7874
- Enhancement - Add validation to public share provider: #7877
- Enhancement - Store and index metadata: #7886
- Enhancement - Allow regular users to list other users: #7887
- Enhancement - Add edit public share to sharing NG: #7908
- Enhancement - Add cli commands for trash-bin: #7917
- Enhancement - Add validation update public share: #7978
- Enhancement - Allow inmemory nats-js-kv stores: #7979
- Enhancement - Disable the password policy: #7985
- Enhancement - Use kv store in natsjs registry: #7987
- Enhancement - Allow authentication nats connections: #7989
- Enhancement - Add RED metrics to the metrics endpoint: #7994
- Enhancement - Add ocm and sciencemesh services: #7998
- Enhancement - Make nats-js-kv the default registry: #8011
- Enhancement - Service Account roles: #8051
- Enhancement - Update antivirus service: #8062
- Enhancement - Remove deprecated environment variables: #8149
- Enhancement - Disable the password policy: #8152
- Enhancement - Update web to v8.0.0-rc.2: #8154
- Enhancement - Update reva to latest edge version: #8287
- Enhancement - Allow restarting multiple uploads with one command: #8287
Details
-
Bugfix - Fix wrong compile date: #6132
We fixed that current date is always printed.
-
Bugfix - Fix the kql-bleve search: #7290
We fixed the issue when 500 on searches that contain ":". Added the characters
escaping according to https://blevesearch.com/docs/Query-String-Query/ -
Bugfix - Bring back the USERS_LDAP_USER_SCHEMA_ID variable: #7312
We reintroduced the USERS_LDAP_USER_SCHEMA_ID variable which was accidently
removed from the users service with the 4.0.0 release. -
Bugfix - Do not reset state of received shares when rebuilding the jsoncs3 index: #7319
We fixed a problem with the "ocis migrate rebuild-jsoncs3-indexes" command which
reset the state of received shares to "pending". -
Bugfix - Deprecate redundant encryptions settings for notification service: #7345
The values
tls
andssl
for thesmtp_encryption
configuration setting are
duplicates ofstarttls
andssltls
. They have been marked as deprecated. A
warning will be logged when they are still used. Please usestarttls
instead
fortls
andssltls
instead of `ssl. -
Bugfix - Check school number for duplicates before adding a school: #7351
We fixed an issue that allowed to create two schools with the same school number
-
Bugfix - Don't reload web config: #7369
When requesting
config.json
file from the server, web service would reload the
file if a path is set. This will remove config entries set via Envvar. Since we
want to have the possiblity to set configuration from both sources we removed
the reading from file. The file will still be loaded on service startup. -
Bugfix - Delete outdated userlog events: #7410
Userlog will now delete events when the user has no longer access to the
underlying resource -
Bugfix - Set the mountpoint on auto accept: #7460
On shares auto accept set a mountpoint with same logic as ocs handler
-
Bugfix - Fix default language fallback: #7465
Add the default language for the webui, the settings, userlog and notification
service. -
Bugfix - GetUserByClaim fixed for Active Directory: #7476
The reva ldap backend for the users and groups service did not hex escape binary
uuids in LDAP filter correctly this could cause problems in Active Directory
setups for services using the GetUserByClaim CS3 request with claim "userid". -
Bugfix - Fix preview request 500 error when made too early: #7502
Fix the status code and message when a thumbnail request is made too early.
-
Bugfix - Fix 403 in docs pipeline: #7509
Docs pipeline was not routed through our proxies which could lead to requests
being blacklisted -
Bugfix - Fix the auth service env variable: #7523
We the auth service env variable to the service specific name. Before it was
configurable viaAUTH_MACHINE_JWT_SECRET
and now is configurable via
AUTH_SERVICE_JWT_SECRET
. -
Bugfix - Token storage config fixed: #7528
The token storage config in the config.json for web was missing when it was set
tofalse
. -
Bugfix - Set existing mountpoint on auto accept: #7592
When already having a share for a specific resource, auto accept would use
custom mountpoints which lead to other errors. Now auto-accept is using the
existing mountpoint of a share. -
Bugfix - Return 423 status code on tag create: #7596
When a file is locked, return 423 status code instead 500 on tag create
-
Bugfix - Fix libre-graph status codes: #7678
Creating group: https://owncloud.dev/libre-graph-api/#/groups/CreateGroup
changed: 200 -> 201Creating users: https://owncloud.dev/libre-graph-api/#/users/CreateUser changed:
200 -> 201Export GDPR: https://owncloud.dev/libre-graph-api/#/user/ExportPersonalData
changed: 201 -> 202 -
Bugfix - Fix unlock via space API: #7726
We fixed a bug that caused Error 500 when user try to unlock file using fileid
The handleSpaceUnlock has been added -
Bugfix - Disable DEPTH infinity in PROPFIND: #7746
We fixed the Disabled DEPTH infinity in PROPFIND for: Personal
/remote.php/dav/files/admin Public link share
/remote.php/dav/public-files/ Trashbin
/remote.php/dav/spaces/trash-bin/ -
Bugfix - Fix the tgz mime type: #7772
We have fixed a bug when the tgz mime type was not "application/gzip"
-
Bugfix - Fix natsjs cache: #7790
The nats-js cache was not working. It paniced and wrote a lot of error logs.
Both is fixed now. -
Bugfix - Fix search service start: #7795
The
search
service would sometimes not start correctly because config values
are overwritten by default configuration. -
Bugfix - The race conditions in tests: #7847
We fixed the race conditions in tests.
-
Bugfix - Do not purge expired upload sessions that are still postprocessing: #7859
-
Bugfix - Fix the public link update: #7862
We fixed a bug when normal users can update the public link to delete its
password if permission is not sent in data. -
Bugfix - Fix jwt config of policies service: #7893
Removes jwt config of policies service
-
Bugfix - Updating logo with new theme structure: #7930
Updating and resetting the logo when using the new
theme.json
structure in Web
has been fixed. -
Bugfix - Password policy return code was wrong: #7952
We fixed the status code on SharingNG update permissions for public shares.
-
Bugfix - Removed outdated and unused dependency from idp package: #7957
We've removed the outdated and apparently unused dependency
cldr
from the
kpop
dependency inside the idp web ui. This resolves a security issue around
an oudatedxmldom
package version, originating from saidkpop
library. -
Bugfix - Update permission validation: #7963
We fixed a bug where the permission validation was not working correctly.
-
Bugfix - Renaming a user to a string with capital letters: #7964
We fixed the issue that led to correct update but the 404 response code when
renaming an existing user to a string with capital letters. -
Bugfix - Improve OCM support: #7973
We improved functionality of the OCM support.
-
Bugfix - Permissions of a role with duplicate ID: #7976
We remove the redundant permissions of a role with duplicate ID.
-
Bugfix - Non durable streams for sse service: #7986
Configure sse streams to be non-durable. This functionality is not needed for
the sse service -
Bugfix - Fix empty trace ids: #8023
We changed the default tracing to produce non-empty traceids.
-
Bugfix - Fix search by containing special characters: #8050
As the OData query parser interprets characters like '@' or '-' in a special
way. Search request for users or groups needs to be quoted. We fixed the
libregraph users and groups endpoints to handle quoted search terms correctly. -
Bugfix - Fix the upload postprocessing: #8117
We fixed the upload postprocessing when the destination file does not exist
anymore. -
Bugfix - Disallow to delete a file during the processing: #8132
We want to disallow deleting a file during the processing to prevent collecting
the orphan uploads. -
Bugfix - Fix wrong naming in nats-js-kv registry: #8140
Registers the registry under the correct name
-
Bugfix - IDP CS3 backend sessions now survire restart: #8142
We now correctly reinitialize the CS3 backend session after the IDP has been
restarted. -
Bugfix - Fix patching of language: #8182
User would not be able to patch their preferred language when the ldap backend
is set toread-only
. This makes no sense as language is stored elsewhere. -
Bugfix - Fix search service to not log expected cases as errors: #8200
We changed the search service to not log cases where resources that were about
to be indexed can no longer be found. Those are expected cases, e.g. when the
file in question has already been deleted or renamed meanwhile. -
Bugfix - Updating and reset logo failed: #8211
We fixed a bug when admin tried to update or reset the logo.
-
Bugfix - Cleanup graph/pkg/service/v0/driveitems.go: #8228
Main fix is using proto getters to avoid panics. But some other code
improvements were also done -
Bugfix - Cleanup
search/pkg/search/search.go
: #8230Now uses proto getters to avoid panics.
-
Bugfix - Graph/sharedWithMe works for shares from project spaces now: #8233
We fixed a bug in the 'graph/v1beta1/me/drive/sharedWithMe' endpoint that caused
an error response when the user received shares from project spaces.
Additionally the endpoint now behaves more graceful in cases where the
displayname of the owner or creator of a share or shared resource couldn't be
resolved. -
Bugfix - Fix PATCH/DELETE status code for drives that don't support them: #8235
Updating and Deleting the virtual drives for shares is currently not supported.
Instead of returning a generic 500 status we return a 405 response now. -
Bugfix - Fix nats authentication: #8236
Fixes nats authentication for registry/events/stores
-
Bugfix - Fix the resource name: #8246
We fixed a problem where after renaming resource as sharer the receiver see a
new name. -
Bugfix - Apply role constraints when creating shares via the graph API: #8247
We fixed a bug in the graph API for creating and updating shares so that
Spaceroot specific roles like 'Manager' and 'Co-owner' can no longer be assigned
for shares on files or directories. -
Bugfix - Fix concurrent access to a map: #8269
We fixed the race condition that led to concurrent map access in a publicshare
manager. -
Bugfix - Fix nats registry: #8281
The nats registry would behave badly when configuring
nats-js-kv
via envvar.
Reason is the way go-micro initializes. It took 5 developers to find the issue
and the fix so the details cannot be shared here. Just accept that it is working
now -
Bugfix - Fix last month search: #31145
We've fixed the last month search edge case when currently is 31-th.
Https://github.com/owncloud/ocis/issues/7629
#7742golang/go#31145
The
issue
is
related
to
the
build-in
package
behavior -
Change - Auto-Accept Shares: #7097
Automatically accepts shares. This feature is active by default and can be
deactivated via the environment variableFRONTEND_AUTO_ACCEPT_SHARES
. -
Change - Change the default TUS chunk size: #7273
We changed the default TUS chunk size from 100MB to 10MB. You can still use the
old value by configuring it in your deployment. -
Change - Remove privacyURL and imprintURL from the config: #7938
We've removed the option privacyURL and imprintURL from the config, since other
clients weren't able to consume these. In order to be accessible by other
clients, not just Web, those should be configured via the theme.json file. -
Change - Remove accessDeniedHelpUrl from the config: #7970
We've removed the option accessDeniedHelpUrl from the config, since other
clients weren't able to consume it. In order to be accessible by other clients,
not just Web, it should be configured via the theme.json file. -
Enhancement - Add the Banned Passwords List: #4197
Added an option to enable a password check against a banned passwords list
OCIS-3809 -
Enhancement - Introduce service accounts: #6427
Introduces service accounts to avoid impersonating users in async processes
-
Enhancement - SSE for messaging: #6992
So far, sse has only been used to exchange messages between the server and the
client. In order to be able to send more content to the client, we have moved
the endpoint to a separate service and are now also using it for other
notifications like:- notify postprocessing state changes.
- notify file locking and unlocking.
- ... @todo
-
Enhancement - Support spec violating AD FS access token issuer: #7138
AD FS
/adfs/.well-known/openid-configuration
has an optional
access_token_issuer
which, in violation of the OpenID Connect spec, takes
precedence overissuer
. -
Enhancement - Add OCIS_LDAP_BIND_PASSWORD as replacement for LDAP_BIND_PASSWORD: #7176
The enviroment variable
OCIS_LDAP_BIND_PASSWORD
was added to be more
consistent with all other global LDAP variables.LDAP_BIND_PASSWORD
is deprecated now and scheduled for removal with the 5.0.0
release.We also deprecated
LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
for removal with 5.0.0.
The replacement for it isOCIS_LDAP_USER_SCHEMA_ID_IS_OCTETSTRING
. -
Enhancement - Keyword Query Language (KQL) search syntax: #7212
We've introduced support for
KQL
as the default oCIS search query language.Simple queries:
tag:golden tag:"silver"
name:file.txt name:"file.docx"
content:ahab content:"captain aha*"
Date/-range queries
Mtime:"2023-09-05T08:42:11.23554+02:00"
Mtime>"2023-09-05T08:42:11.23554+02:00"
Mtime>="2023-09-05T08:42:11.23554+02:00"
Mtime<"2023-09-05T08:42:11.23554+02:00"
Mtime<="2023-09-05T08:42:11.23554+02:00"
Mtime:today
- range: start of today till end of todayMtime:yesterday
- range: start of yesterday till end of yesterdayMtime:"this week"
- range: start of this week till end of this weekMtime:"this month"
- range: start of this month till end of this monthMtime:"last month"
- range: start of last month till end of last monthMtime:"this year"
- range: start of this year till end of this yearMtime:"last year"
- range: start of last year till end of last year
Conjunctive normal form queries:
tag:golden AND tag:"silver
,tag:golden OR tag:"silver
,tag:golden NOT tag:"silver
(tag:book content:ahab*)
,tag:(book pdf)
Complex queries:
(name:"moby di*" OR tag:bestseller) AND tag:book NOT tag:read
#7042
#7179
#7114
owncloud/web#9636
owncloud/web#9646
#7212
#7043
#7247
#7248
#7254
#7262
owncloud/web#9653
owncloud/web#9672 -
Enhancement - Introduce clientlog service: #7217
Add the clientlog service which will send machine readable notifications to
clients -
Enhancement - Proxy uses service accounts for provisioning: #7240
The proxy service now uses a service account for provsioning task, like role
assignment and user auto-provisioning. This cleans up some technical debt that
required us to mint reva tokes inside the proxy service. -
Enhancement - The password policies change request: #7264
The variables renaming OCIS-3767
-
Enhancement - Introduce natsjs registry: #7272
Introduce a registry based on the natsjs object store
-
Enhancement - Add the password policies: #7285
Add the password policies OCIS-3767
-
Enhancement - Add login URL config: #7317
Introduce a config to set the web login URL via
WEB_OPTION_LOGIN_URL
. -
Enhancement - Improve SSE format: #7325
Improve format of sse notifications
-
Enhancement - New value
auto
for NOTIFICATIONS_SMTP_AUTHENTICATION: #7356This cause the notifications service to automatically pick a suitable
authentication method to use with the configured SMTP server. This is also the
new default behavior. The previous default was to not use authentication at all. -
Enhancement - Make sse service scalable: #7382
When running multiple sse instances some events would not be reported to the
user. This is fixed. -
Enhancement - Edit wrong named enves: #7406
Checked and changed the envvars specified in the task and also removed those
that are no longer used. -
Enhancement - Thumbnail generation with image processors: #7409
Thumbnails can now be changed during creation, previously the images were always
scaled to fit the given frame, but it could happen that the images were cut off
because they could not be placed better due to the aspect ratio.This pr introduces the possibility of specifying how the behavior should be,
following processors are available- resize
- fit
- fill
- thumbnail
The processor can be applied by adding the processor query param to the request,
e.g.processor=fit
,processor=fill
, ...To find out more how the individual processors work please read
https://github.com/disintegration/imagingIf no processor is provided it behaves the same as before (resize for gif's and
thumbnail for all other)https://github.com/owncloud/enterprise/issues/6057
#5179
owncloud/web#7728
#7409 -
Enhancement - Set default for Async Uploads to true: #7416
Async Uploads are meanwhile standard and needed for multiple features. Hence we
default them to true -
Enhancement - The default language added: #7417
The ability of configuration the default language has been added to the setting
service. -
Enhancement - Add "Last modified" filter Chip: #7455
Add "Last modified" filter Chip
-
Enhancement - Config for disabling Web extensions: #7486
A new config for disabling specific Web extensions via their id has been added.
-
Enhancement - Store and index metadata: #7490
Audio metadata is now extracted and stored by the search service. It is
available for driveItems in a folder listing using the Graph API. -
Enhancement - Add support for audio files to the thumbnails service: #7491
The thumbnails service can now extract artwork from audio files (mp3, ogg, flac)
and render it just like any other image. -
Enhancement - Implement sharing roles: #7524
Implement libre graph sharing roles
-
Enhancement - Add new permission to delete public link password: #7538
Users with this new permission can now delete passwords on read-only public
links. The permission is added to the default roles "Admin" and "Space Admin". -
Enhancement - Add config to enforce passwords on all public links: #7547
We added the config
OCIS_SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD
to enforce
passwords on all public shares. -
Enhancement - Tika content extraction cleanup for search: #7553
So far it has not been possible to determine whether the content for search
should be cleaned up of 'stop words' or not. Stop words are filling words like
"I, you, have, am" etc and defined by the search engine.The behaviour can now be set with the newly introduced settings option
SEARCH_EXTRACTOR_TIKA_CLEAN_STOP_WORDS=false
which is enabled by default.In addition, the stop word cleanup is no longer as aggressive and now ignores
numbers, urls, basically everything except the defined stop words. -
Enhancement - Allow configuring storage registry with envvars: #7554
Introduced new envvars to configure the storage registry in the gateway service
-
Enhancement - Add search MediaType filter: #7602
Add filter MediaType filter shortcuts to search for specific document types. For
example, a search query mediatype:documents will search for files with the
following mimetypes:Application/msword
MimeType:application/vnd.openxmlformats-officedocument.wordprocessingml.document
MimeType:application/vnd.oasis.opendocument.text MimeType:text/plain
MimeType:text/markdown MimeType:application/rtf
MimeType:application/vnd.apple.pagesBesides the document shorthand, it also contains following:
- file
- folder
- document
- spreadsheet
- presentation
- image
- video
- audio
- archive
File
Folder
Document:
Application/msword
application/vnd.openxmlformats-officedocument.wordprocessingml.document
application/vnd.oasis.opendocument.text text/plain text/markdown application/rtf
application/vnd.apple.pagesSpreadsheet:
Application/vnd.ms-excel application/vnd.oasis.opendocument.spreadsheet text/csv
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
application/vnd.oasis.opendocument.spreadsheet application/vnd.apple.numbersPresentations:
Application/vnd.ms-powerpoint
application/vnd.openxmlformats-officedocument.presentationml.presentation
application/vnd.oasis.opendocument.presentation application/vnd.apple.keynotePDF
Application/pdf
Image:
Image/*
Video:
Video/*
Audio:
Audio/*
Archive (zip ...):
Application/zip application/x-tar application/x-gzip application/x-7z-compressed
application/x-rar-compressed application/x-bzip2 application/x-bzip
application/x-tgz -
Enhancement - Add Sharing NG endpoints: #7633
We've added new sharing ng endpoints to the graph beta api. The following
endpoints are added:- /v1beta1/me/drive/sharedByMe
- /v1beta1/me/drive/sharedWithMe
- /v1beta1/roleManagement/permissions/roleDefinitions
- /v1beta1/roleManagement/permissions/roleDefinitions/{roleID}
- /v1beta1/drives/{drive-id}/items/{item-id}/createLink (create a sharing link)
#7436
#6993
#7633
#7686
#7684
#7683
#7239
#7687
#7751
owncloud/libre-graph-api#112 -
Enhancement - Configs for Web embed mode: #7670
New configs for the Web embed mode have been added:
enabled
Defines if embed mode is enabled.target
Defines how Web is being integrated when running in embed mode.messagesOrigin
Defines a URL under which Web can be integrated via iFrame.delegateAuthentication
Defines whether Web should require authentication to be done by the parent application.delegateAuthenticationOrigin
Defines the host to validate the message event origin against when running Web in 'embed' mode.
-
Enhancement - Add new permissions: #7700
Adds new permissions to admin/spaceadmin/user roles - Favorites.List allows /
denies the Favorites Listing Request - Favorites.Write is implemented to be
enforced on marking/unmark files as favouritesShare - Shares.Write permission
denies / allows sharing completely for a user on all share CUD requests. (User,
Group) -
Enhancement - Add preferred language to user settings: #7720
We have added the preferred language to the libre-graph api & added endpoints
for that to ocis. -
Enhancement - Add user filter startswith and contains: #7739
We add two new filters to the user list endpoint. The
startswith
filter allows
to filter users by the beginning of their name. Thecontains
filter allows to
filter users by a substring of their name. -
Enhancement - Allow configuring additional routes: #7740
Allows adding custom routes to the ocis proxy. This enables customs ocis
extensions -
Enhancement - Default link permission config: #7783
A new config for default link permissions that is being announced via
capabilities has been added. It defaults to 1 (= public link with viewer
permissions). -
Enhancement - Add banned password list to the default deployments: #7784
We add banned password list to the default deployments
-
Enhancement - Update to go 1.21: #7794
We updated to go 1.21.
-
Enhancement - Add Sharing NG list permissions endpoint: #7805
We've added a new sharing ng endpoint which lists all permissions for a given
item. -
Enhancement - Add user list requires filter config: #7866
Introduce a config to require filters in order to list users in Web via
WEB_OPTION_USER_LIST_REQUIRES_FILTER
. -
Enhancement - Retry antivirus postprocessing step in case of problems: #7874
The antivirus postprocessing step will now be retried for a configurable amount
of times in case it can't get a result from clamav. -
Enhancement - Add validation to public share provider: #7877
We changed the implementation of the public share provider in reva to do the
validation on the CS3 Api side. This makes the implementation on the graph side
smaller. -
Enhancement - Store and index metadata: #7886
Location metadata is now extracted and stored by the search service. It is
available for driveItems in a folder listing using the Graph API. -
Enhancement - Allow regular users to list other users: #7887
Regular users can search for other users and groups. The following limitations
apply:- Only search queries are allowed (using the
$search=term
query parameter) - The search term needs to have at least 3 characters
- for user searches the result set only contains the attributes
displayName
,userType
,mail
andid
- for group searches the result set only contains the attributes
displayName
,groupTypes
andid
- Only search queries are allowed (using the
-
Enhancement - Add edit public share to sharing NG: #7908
We added the ability to edit public shares to the sharing NG endpoints.
-
Enhancement - Add cli commands for trash-bin: #7917
We added the
list
andrestore
commands to the trash-bin items to the CLI -
Enhancement - Add validation update public share: #7978
For Sharing NG, we needed validation in the implementing reva service to keep
the client implementation simple. -
Enhancement - Allow inmemory nats-js-kv stores: #7979
Adds envvars to keep nats-js-kv stores in memory and not persist them on disc.
-
Enhancement - Disable the password policy: #7985
We add the environment variable that allow to disable the password policy.
-
Enhancement - Use kv store in natsjs registry: #7987
Replaces the nats object store with the nats kv store in the natsjs registry
-
Enhancement - Allow authentication nats connections: #7989
Allow events, store and registry implementation to pass username/password to the
nats instance -
Enhancement - Add RED metrics to the metrics endpoint: #7994
We added three new metrics to the metrics endpoint to support the RED method for
monitoring microservices.- Request Rate: The number of requests per second. The total count of requests
is available underocis_proxy_requests_total
. - Error Rate: The number of
failed requests per second. The total count of failed requests is available
underocis_proxy_errors_total
. - Duration: The amount of time each request
takes. The duration of all requests is available under
ocis_proxy_request_duration_seconds
. This is a histogram metric, so it also
provides information about the distribution of request durations.
The metrics are available under the following paths:
PROXY_DEBUG_ADDR/metrics
in a prometheus compatible format and maybe secured byPROXY_DEBUG_TOKEN
. - Request Rate: The number of requests per second. The total count of requests
-
Enhancement - Add ocm and sciencemesh services: #7998
We added sciencemesh and ocm services to enable federation.
-
Enhancement - Make nats-js-kv the default registry: #8011
The previously used default
mdns
is faulty. Deprecated it together with
consul
,nats
andetcd
implementations. -
Enhancement - Service Account roles: #8051
Use a hidden role for service accounts. It will not appear in ListRoles calls
but internally handled by settings service -
Enhancement - Update antivirus service: #8062
We update the antivirus icap client library and optimize the antivirus scanning
service. ANTIVIRUS_ICAP_TIMEOUT is now deprecated and
ANTIVIRUS_ICAP_SCAN_TIMEOUT should be used instead.ANTIVIRUS_ICAP_SCAN_TIMEOUT supports human durations like
1s
,1m
,1h
and
1d
. -
Enhancement - Remove deprecated environment variables: #8149
We have removed all deprecated environment variables that have been marked for
removal for 5.0.0 -
Enhancement - Disable the password policy: #8152
We reworked and moved disabling the password policy logic from the reva to the
ocis. -
Enhancement - Update web to v8.0.0-rc.2: #8154
Tags: web
We updated ownCloud Web to v8.0.0-rc.2. Please refer to the changelog (linked)
for details on the web release.Summary * Bugfix
owncloud/web#10176: Turned off
file extensions not always respected * Bugfix
owncloud/web#10232: Skip searchbar
preview fetch on reloadWe updated ownCloud Web to v8.0.0-rc.1. Please refer to the changelog (linked)
for details on the web release.Summary * Enhancement
owncloud/web#10224: Harmonize
AppSwitcher icon colors * Bugfix
owncloud/web#10230: Configurable
concurrent requests * Bugfix
owncloud/web#10158: GDPR export
polling * Bugfix
owncloud/web#10220: Loading
indicator during conflict dialog * Bugfix
owncloud/web#10156: Uploading
the same files parallel * Bugfix
owncloud/web#10179: Space
navigate to trash missing * Bugfix
owncloud/web#10118: Tilesview
has whitespace * Bugfix
owncloud/web#10182: Make
versions panel readonly in viewers and editorsWe updated ownCloud Web to v8.0.0-beta.2. Please refer to the changelog (linked)
for details on the web release.Summary * Bugfix
owncloud/web#10010: Displaying
full video in their dimensions * Bugfix
owncloud/web#10149: Spaces files
list previews cropped * Bugfix
owncloud/web#10149: Spaces
overview tile previews zoomed * Bugfix
owncloud/web#10154: Resolving
links without drive aliasWe updated ownCloud Web to v8.0.0-beta.1. Please refer to the changelog (linked)
for details on the web release.Summary * Change
owncloud/web#9698: Theme handling *
Enhancement owncloud/web#10111:
Registering right sidebar panels as extension * Enhancement
owncloud/web#10111: File sidebar
in viewer and editor appsWe updated ownCloud Web to v8.0.0-alpha.13. Please refer to the changelog
(linked) for details on the web release.Summary * Enhancement
owncloud/web#10104: Create link
modalWe updated ownCloud Web to v8.0.0-alpha.12. Please refer to the changelog
(linked) for details on the web release.Summary * Bugfix
owncloud/web#9257: Filter out
shares without display name * Bugfix
owncloud/web#9483: PDF loading
Safari * Bugfix owncloud/web#9513:
Set or remove expiration date on group share not possible * Bugfix
owncloud/web#9529: Shared with
action menu label alignment * Bugfix
owncloud/web#9587: Internal public
link resolving * Bugfix
owncloud/web#9593: Audio- &
video-loading on Shared with me page * Bugfix
owncloud/web#9649: Add project
space filter * Bugfix
owncloud/web#9663: Respect the
open-in-new-tab-config for external apps * Bugfix
owncloud/web#9670: Tiles view
accessibility * Bugfix
owncloud/web#9694: Special
characters in username * Bugfix
owncloud/web#9788: Create .space
folder if it does not exist * Bugfix
owncloud/web#9799: Link resolving
into default app * Bugfix
owncloud/web#9832: Copy quicklinks
for webkit navigator * Bugfix
owncloud/web#9843: Fix display path
on resources * Bugfix
owncloud/web#9844: Upload space
image * Bugfix owncloud/web#9861:
Duplicated file search request * Bugfix
owncloud/web#9873: Tags are no
longer editable for a locked file * Bugfix
owncloud/web#9881: Prevent
rendering of old/wrong set of resources in search list * Bugfix
owncloud/web#9915: Keep both
folders conflict in same-named folders * Bugfix
owncloud/web#9931: Enabling "invite
people" for password-protected folder/file * Bugfix
owncloud/web#10031: Icon
extension mapping * Bugfix
owncloud/web#10065: Logout page
after token expiry * Bugfix
owncloud/web#10083: Disable
expiration date for alias link (internal) * Bugfix
owncloud/web#10092: Allow empty
search query in "in-here" search * Bugfix
owncloud/web#10096: Remove
password buttons on input if disabled * Change
owncloud/web#7338: Remove
deprecated code * Enhancement
owncloud/web#7317: Make login url
configurable * Enhancement
owncloud/web#7497: Permission
checks for shares and favorites * Enhancement
owncloud/web#7600: Scroll to
newly created folder * Enhancement
owncloud/web#9302: Application
unification * Enhancement
owncloud/web#9423: Show local
loading spinner in sharing button * Enhancement
owncloud/web#9441: File versions
tooltip with absolute date * Enhancement
owncloud/web#9441: Disabling
extensions * Enhancement
owncloud/web#9451: Add SSE to get
notifications instantly * Enhancement
owncloud/web#9525: Tags form
improved * Enhancement
owncloud/web#9527: Don't display
confirmation dialog on file deletion * Enhancement
owncloud/web#9531: Personal
shares can be shown and hidden * Enhancement
owncloud/web#9552: Upload
preparation time * Enhancement
owncloud/web#9561: Indicate
processing state * Enhancement
owncloud/web#9566: Display locking
information * Enhancement
owncloud/web#9584: Moving share's
"set expiration date" function * Enhancement
owncloud/web#9625: Add keyboard
navigation to spaces overview * Enhancement
owncloud/web#9627: Add batch
actions to spaces * Enhancement
owncloud/web#9653: Keyword Query
Language (KQL) search syntax * Enhancement
owncloud/web#9671: OcModal set
buttons to same width * Enhancement
owncloud/web#9682: Add password
policy compatibility * Enhancement
owncloud/web#9691: Password
generator for public links * Enhancement
owncloud/web#9696: Added app banner
for mobile devices * Enhancement
owncloud/web#9706: Unify sharing
expiration date menu items * Enhancement
owncloud/web#9727: Show error if
password is on a banned password list * Enhancement
owncloud/web#9771: Handle
postprocessing state via Server Sent Events * Enhancement
owncloud/web#9806: Preview image
presentation * Enhancement
owncloud/web#9809: Add editors to
the application menu * Enhancement
owncloud/web#9814: Registering nav
items as extension * Enhancement
owncloud/web#9815: Add new portal
into runtime to include footer * Enhancement
owncloud/web#9818: Addmode
config option * Enhancement
owncloud/web#9831: Last modified
filter chips * Enhancement
owncloud/web#9841: Add embed mode
actions * Enhancement
owncloud/web#9847: Provide vendor
neutral file icons * Enhancement
owncloud/web#9853: Show only create
folder button in embed mode * Enhancement
owncloud/web#9854: Search query
term linking * Enhancement
owncloud/web#9857: Add permission
to delete link passwords when password is enforced * Enhancement
owncloud/web#9858: Remove settings
icon from searchbar * Enhancement
owncloud/web#9863: Location picker
in embed mode * Enhancement
owncloud/web#9864: Search tags
filter chips style aligned * Enhancement
owncloud/web#9884: Enable dark
theme on importer * Enhancement
owncloud/web#9890: Create shortcuts- Enhancement owncloud/web#9905:
Manage tags in details panel * Enhancement
owncloud/web#9906: Reorganize "New"
menu * Enhancement
owncloud/web#9912: Add media type
filter chip * Enhancement
owncloud/web#9940: Display error
message for upload to locked folder * Enhancement
owncloud/web#9966: Support more
audio formats with correct icon * Enhancement
owncloud/web#10007: Additional
languages * Enhancement
owncloud/web#10013: Shared by
filter * Enhancement
owncloud/web#10014: Share search
filter * Enhancement
owncloud/web#10024: Duplicate
space * Enhancement
owncloud/web#10037: Default link
permission * Enhancement
owncloud/web#10047: Add explaining
contextual helper to spaces overview * Enhancement
owncloud/web#10057: Folder tree
creation during upload * Enhancement
owncloud/web#10062: Show webdav
information in details view * Enhancement
owncloud/web#10072: Add
authentication delegation in the Embed mode * Enhancement
owncloud/web#10099: Support
mandatory filter while listing users * Enhancement
owncloud/web#10102: Registering
quick actions as extension
#8154
#8055
#7930
#7952
#7918
#7883
https://github.com/owncloud/web/releases/tag/v8.0.0-rc.2
https://github.com/owncloud/web/releases/tag/v8.0.0-rc.1
https://github.com/owncloud/web/releases/tag/v8.0.0-beta.1
https://github.com/owncloud/web/releases/tag/v8.0.0-beta.2
https://github.com/owncloud/web/releases/tag/v8.0.0-alpha.13
https://github.com/owncloud/web/releases/tag/v8.0.0-alpha.12 - Enhancement owncloud/web#9905:
-
Enhancement - Update reva to latest edge version: #8287
We update reva to the latest edge version to get the latest fixes and features.
Changelog for reva edge
- Bugfix cs3org/reva#4454: Skip unnecessary share retrieval
- Bugfix cs3org/reva#4461: CORS handling for WebDAV requests fixed
- Bugfix cs3org/reva#4462: Prevent setting container specific permissions on files
- Bugfix cs3org/reva#4463: Fix the resource name
- Bugfix cs3org/reva#4466: Fix natsjskv store
- Bugfix cs3org/reva#4469: Handle interrupted uploads
- Bugfix cs3org/reva#4472: Fix concurrent access to a map
- Bugfix cs3org/reva#4473: Decomposedfs now correctly lists sessions
- Bugfix cs3org/reva#4474: Make /dav/meta consistent
- Bugfix cs3org/reva#4475: Upload session specific processing flag
- Bugfix cs3org/reva#4476: No need to unmark postprocessing when it was not started
- Bugfix cs3org/reva#4479: Fix creating documents in the approvider
- Bugfix cs3org/reva#4481: Distinguish failure and node metadata reversal
- Bugfix cs3org/reva#4434: Fix the upload postprocessing
- Bugfix cs3org/reva#4443: Fixed wrong status code when moving a file to a denied path
- Bugfix cs3org/reva#4446: Disallow to delete a file during the processing
- Bugfix cs3org/reva#4448: Fix truncating existing files
- Bugfix cs3org/reva#4449: Keep failed processing status
- Bugfix cs3org/reva#4452: More efficient share jail
- Bugfix cs3org/reva#4456: Do not lose revisions when restoring the first revision
- Bugfix cs3org/reva#4457: Fix concurrent map access in sharecache
- Enhancement cs3org/reva#4453: Disable the password policy
- Enhancement cs3org/reva#4477: Extend ResumePostprocessing event
Changelog for reva 2.18.0 (2023-12-22)
The following sections list the changes in reva 2.18.0 relevant to reva users.
The changes are ordered by importance.- Bugfix cs3org/reva#4424: Fixed panic in receivedsharecache pkg
- Bugfix cs3org/reva#4425: Fix overwriting files with empty files
- Bugfix cs3org/reva#4432: Fix /dav/meta endpoint for shares
- Bugfix cs3org/reva#4422: Fix disconnected traces
- Bugfix cs3org/reva#4429: Internal link creation
- Bugfix cs3org/reva#4407: Make ocdav return correct oc:spaceid
- Bugfix cs3org/reva#4410: Improve OCM support
- Bugfix cs3org/reva#4402: Refactor upload session
- Enhancement cs3org/reva#4421: Check permissions before adding, deleting or updating shares
- Enhancement cs3org/reva#4403: Add validation to update public share
- Enhancement cs3org/reva#4409: Disable the password policy
- Enhancement cs3org/reva#4412: Allow authentication for nats connections
- Enhancement cs3org/reva#4411: Add option to configure streams non durable
- Enhancement cs3org/reva#4406: Rework cache configuration
- Enhancement cs3org/reva#4414: Track more upload session metrics
Changelog for reva 2.17.0 (2023-12-12)
The following sections list the changes in reva 2.17.0 relevant to reva users.
The changes are ordered by importance.- Bugfix cs3org/reva#4278: Disable DEPTH infinity in PROPFIND
- Bugfix cs3org/reva#4318: Do not allow moves between shares
- Bugfix cs3org/reva#4290: Prevent panic when trying to move a non-existent file
- Bugfix cs3org/reva#4241: Allow an empty credentials chain in the auth middleware
- Bugfix cs3org/reva#4216: Fix an error message
- Bugfix cs3org/reva#4324: Fix capabilities decoding
- Bugfix cs3org/reva#4267: Fix concurrency issue
- Bugfix cs3org/reva#4362: Fix concurrent lookup
- Bugfix cs3org/reva#4336: Fix definition of "file-editor" role
- Bugfix cs3org/reva#4302: Fix checking of filename length
- Bugfix cs3org/reva#4366: Fix CS3 status code when looking up non existing share
- Bugfix cs3org/reva#4299: Fix HTTP verb of the generate-invite endpoint
- Bugfix cs3org/reva#4249: GetUserByClaim not working with MSAD for claim "userid"
- Bugfix cs3org/reva#4217: Fix missing case for "hide" in UpdateShares
- Bugfix cs3org/reva#4140: Fix missing etag in shares jail
- Bugfix cs3org/reva#4229: Fix destroying the Personal and Project spaces data
- Bugfix cs3org/reva#4193: Fix overwrite a file with an empty file
- Bugfix cs3org/reva#4365: Fix create public share
- Bugfix cs3org/reva#4380: Fix the public link update
- Bugfix cs3org/reva#4250: Fix race condition
- Bugfix cs3org/reva#4345: Fix conversion of custom ocs permissions to roles
- Bugfix cs3org/reva#4134: Fix share jail
- Bugfix cs3org/reva#4335: Fix public shares cleanup config
- Bugfix cs3org/reva#4338: Fix unlock via space API
- Bugfix cs3org/reva#4341: Fix spaceID in meta endpoint response
- Bugfix cs3org/reva#4351: Fix 500 when open public link
- Bugfix cs3org/reva#4352: Fix the tgz mime type
- Bugfix cs3org/reva#4388: Allow UpdateUserShare() to update just the expiration date
- Bugfix cs3org/reva#4214: Always pass adjusted default nats options
- Bugfix cs3org/reva#4291: Release lock when expired
- Bugfix cs3org/reva#4386: Remove dead enable_home config
- Bugfix cs3org/reva#4292: Return 403 when user is not permitted to lock
- Enhancement cs3org/reva#4389: Add audio and location props
- Enhancement cs3org/reva#4337: Check permissions before creating shares
- Enhancement cs3org/reva#4326: Add search mediatype filter
- Enhancement cs3org/reva#4367: Add GGS mime type
- Enhancement cs3org/reva#4194: Add hide flag to shares
- Enhancement cs3org/reva#4358: Add default permissions capability for links
- Enhancement cs3org/reva#4133: Add more metadata to locks
- Enhancement cs3org/reva#4353: Add support for .docxf files
- Enhancement cs3org/reva#4363: Add nats-js-kv store
- Enhancement cs3org/reva#4197: Add the Banned-Passwords List
- Enhancement cs3org/reva#4190: Add the password policies
- Enhancement cs3org/reva#4384: Add a retry postprocessing outcome and event
- Enhancement cs3org/reva#4271: Add search capability
- Enhancement cs3org/reva#4119: Add sse event
- Enhancement cs3org/reva#4392: Add additional permissions to service accounts
- Enhancement cs3org/reva#4344: Add url extension to mime type list
- Enhancement cs3org/reva#4372: Add validation to the public share provider
- Enhancement cs3org/reva#4244: Allow listing reveived shares by service accounts
- Enhancement cs3org/reva#4129: Auto-Accept Shares through ServiceAccounts
- Enhancement cs3org/reva#4374: Handle trashbin file listings concurrently
- Enhancement cs3org/reva#4325: Enforce Permissions
- Enhancement cs3org/reva#4368: Extract log initialization
- Enhancement cs3org/reva#4375: Introduce UploadSessionLister interface
- Enhancement cs3org/reva#4268: Implement sharing roles
- Enhancement cs3org/reva#4160: Improve utils pkg
- Enhancement cs3org/reva#4335: Add sufficient permissions check function
- Enhancement cs3org/reva#4281: Port OCM changes from master
- Enhancement cs3org/reva#4270: Opt out of public link password enforcement
- Enhancement cs3org/reva#4181: Change the variable names for the password policy
- Enhancement cs3org/reva#4256: Rename hidden share variable name
- Enhancement cs3org/reva#3926: Service Accounts
- Enhancement cs3org/reva#4359: Update go-ldap to v3.4.6
- Enhancement cs3org/reva#4170: Update password policies
- Enhancement cs3org/reva#4232: Improve error handling in utils package
#8287
#8278
#8264
#8100
#8100
#8038
#8056
#7949
#7793
#7978
#7979
#7963
#7986
#7721
#7727
#7752 -
Enhancement - Allow restarting multiple uploads with one command: #8287
Allows to restart all commands in a specific state.