From b2059f6c5a05d3c8e17eb6aa3269c820fd72a8b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 17:28:55 +0100 Subject: [PATCH 01/27] [Build-deps]: Bump google.golang.org/grpc from 1.65.0 to 1.69.2 (#5019) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.65.0 to 1.69.2. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](https://github.com/grpc/grpc-go/compare/v1.65.0...v1.69.2) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index db99a9ba18..053d566da9 100644 --- a/go.mod +++ b/go.mod @@ -59,7 +59,7 @@ require ( golang.org/x/sys v0.28.0 golang.org/x/term v0.27.0 google.golang.org/genproto v0.0.0-20241209162323-e6fa225c2576 - google.golang.org/grpc v1.69.0 + google.golang.org/grpc v1.69.2 google.golang.org/protobuf v1.35.2 gotest.tools v2.2.0+incompatible ) diff --git a/go.sum b/go.sum index e4ace02069..dcc4671bf4 100644 --- a/go.sum +++ b/go.sum @@ -2373,8 +2373,8 @@ google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGO google.golang.org/grpc v1.56.1/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= -google.golang.org/grpc v1.69.0 h1:quSiOM1GJPmPH5XtU+BCoVXcDVJJAzNcoyfC2cCjGkI= -google.golang.org/grpc v1.69.0/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= +google.golang.org/grpc v1.69.2 h1:U3S9QEtbXC0bYNvRtcoklF3xGtLViumSYxWykJS+7AU= +google.golang.org/grpc v1.69.2/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= From cc2dd41b16c3dfc394710cd612079b28cb5061e9 Mon Sep 17 00:00:00 2001 From: Hugo Labrador Date: Tue, 7 Jan 2025 10:31:18 +0100 Subject: [PATCH 02/27] handle empty traces (#5028) --- changelog/unreleased/better-eos-traces.md | 3 +++ pkg/eosclient/eosbinary/eosbinary.go | 5 ++++- pkg/storage/fs/cephfs/errors.go | 2 +- 3 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/better-eos-traces.md diff --git a/changelog/unreleased/better-eos-traces.md b/changelog/unreleased/better-eos-traces.md new file mode 100644 index 0000000000..cdd929f71d --- /dev/null +++ b/changelog/unreleased/better-eos-traces.md @@ -0,0 +1,3 @@ +Enhancement: Handle empty EOS traces + +https://github.com/cs3org/reva/pull/5028 diff --git a/pkg/eosclient/eosbinary/eosbinary.go b/pkg/eosclient/eosbinary/eosbinary.go index 1541735246..cd38d26d45 100644 --- a/pkg/eosclient/eosbinary/eosbinary.go +++ b/pkg/eosclient/eosbinary/eosbinary.go @@ -247,7 +247,10 @@ func (c *Client) executeEOS(ctx context.Context, cmdArgs []string, auth eosclien cmd.Args = append(cmd.Args, cmdArgs...) - cmd.Args = append(cmd.Args, "--comment", trace.Get(ctx)) + t := trace.Get(ctx) + if t != "" { + cmd.Args = append(cmd.Args, "--comment", t) + } err := cmd.Run() diff --git a/pkg/storage/fs/cephfs/errors.go b/pkg/storage/fs/cephfs/errors.go index 8182635bea..abc8079941 100644 --- a/pkg/storage/fs/cephfs/errors.go +++ b/pkg/storage/fs/cephfs/errors.go @@ -28,8 +28,8 @@ package cephfs */ import "C" import ( - "fmt" "context" + "fmt" "github.com/cs3org/reva/pkg/appctx" "github.com/cs3org/reva/pkg/errtypes" ) From 38c02f803dc0a8aac0e76b6a04baaeb5f64796e1 Mon Sep 17 00:00:00 2001 From: Giuseppe Lo Presti Date: Tue, 7 Jan 2025 10:53:16 +0100 Subject: [PATCH 03/27] [docs-only] Regenerated docs --- .../grpc/services/ocmshareprovider/_index.md | 2 +- .../config/http/services/wellknown/_index.md | 58 +++++++++++++++++-- 2 files changed, 53 insertions(+), 7 deletions(-) diff --git a/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md b/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md index f68b1ea656..cc34aa2dbe 100644 --- a/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md +++ b/docs/content/en/docs/config/grpc/services/ocmshareprovider/_index.md @@ -9,7 +9,7 @@ description: > # _struct: config_ {{% dir name="provider_domain" type="string" default="The same domain registered in the provider authorizer" %}} - [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/ocmshareprovider/ocmshareprovider.go#L71) + [[Ref]](https://github.com/cs3org/reva/tree/master/internal/grpc/services/ocmshareprovider/ocmshareprovider.go#L73) {{< highlight toml >}} [grpc.services.ocmshareprovider] provider_domain = "The same domain registered in the provider authorizer" diff --git a/docs/content/en/docs/config/http/services/wellknown/_index.md b/docs/content/en/docs/config/http/services/wellknown/_index.md index c16233de74..0413a3d6b8 100644 --- a/docs/content/en/docs/config/http/services/wellknown/_index.md +++ b/docs/content/en/docs/config/http/services/wellknown/_index.md @@ -6,15 +6,61 @@ description: > Configuration for the HelloWorld service --- -{{% pageinfo %}} -TODO -{{% /pageinfo %}} +# _struct: OcmProviderConfig_ -{{% dir name="prefix" type="string" default=".well-known" %}} -Where the HTTP service is exposed. +{{% dir name="ocm_prefix" type="string" default="ocm" %}} +The prefix URL where the OCM API is served. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L33) {{< highlight toml >}} [http.services.wellknown] -prefix = "/" +ocm_prefix = "ocm" +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="endpoint" type="string" default="This host's full URL. If it's not configured, it is assumed OCM is not available." %}} + [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L34) +{{< highlight toml >}} +[http.services.wellknown] +endpoint = "This host's full URL. If it's not configured, it is assumed OCM is not available." +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="provider" type="string" default="reva" %}} +A friendly name that defines this service. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L35) +{{< highlight toml >}} +[http.services.wellknown] +provider = "reva" +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="webdav_root" type="string" default="/remote.php/dav/ocm" %}} +The root URL of the WebDAV endpoint to serve OCM shares. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L36) +{{< highlight toml >}} +[http.services.wellknown] +webdav_root = "/remote.php/dav/ocm" +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="webapp_root" type="string" default="/external/sciencemesh" %}} +The root URL to serve Web apps via OCM. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L37) +{{< highlight toml >}} +[http.services.wellknown] +webapp_root = "/external/sciencemesh" +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="enable_webapp" type="bool" default=false %}} +Whether web apps are enabled in OCM shares. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L38) +{{< highlight toml >}} +[http.services.wellknown] +enable_webapp = false +{{< /highlight >}} +{{% /dir %}} + +{{% dir name="enable_datatx" type="bool" default=false %}} +Whether data transfers are enabled in OCM shares. [[Ref]](https://github.com/cs3org/reva/tree/master/internal/http/services/wellknown/ocm.go#L39) +{{< highlight toml >}} +[http.services.wellknown] +enable_datatx = false {{< /highlight >}} {{% /dir %}} From 74e4d1e9d6c832bf9ec23a39053cbd70f33ac1ca Mon Sep 17 00:00:00 2001 From: Giuseppe Lo Presti Date: Tue, 7 Jan 2025 10:59:12 +0100 Subject: [PATCH 04/27] v1.29.0 --- CHANGELOG.md | 324 ++++++++++++++++ RELEASE_DATE | 2 +- VERSION | 2 +- .../acl-grpc.md | 0 .../better-eos-traces.md | 0 .../ceph-refactoring.md | 0 .../change-project-ownership.md | 0 .../clean-repo.md | 0 .../enhance-ceph.md | 0 .../enhance-ci.md | 0 .../eos-grpc-token-access.md | 0 .../eos-http-client-tls.md | 0 .../eos-log-app.md | 0 .../eos-perms.md | 0 .../eos-useracl.md | 0 .../eos-userquota.md | 0 .../eos-xattr.md | 0 .../fav-grpc.md | 0 .../fix-auth-log.md | 0 .../fix-block-on-sharedwithme.md | 0 .../fix-ceph-build.md | 0 .../fix-empty-fav-attr.md | 0 .../fix-eos-container-build.md | 0 .../fix-eos-grpc-errors.md | 0 .../fix-eosgrpc-stat.md | 0 .../fix-fav-grpc.md | 0 .../fix-notifications.md | 0 .../fix-ocm-open-driver.md | 0 .../go-mod.md | 0 .../locks-uploads.md | 0 .../log-home.md | 0 .../lwshares-fix.md | 0 .../no-certs-eos-http-client.md | 0 .../no-more-shadow-ns.md | 0 .../ocm-access.md | 0 .../ocm-error-handling.md | 0 .../parse-favs-grpc.md | 0 .../propfind-perms-grpc.md | 0 .../publink-fix.md | 0 .../recycle-fix.md | 0 .../restorefileversion-nilptr.md | 0 .../rootless-auth.md | 0 .../trashbin-grpc.md | 0 .../undo-gw-refactoring.md | 0 changelog/NOTE.md | 360 ++++++++++++------ .../en/docs/changelog/1.29.0/_index.md | 333 ++++++++++++++++ 46 files changed, 900 insertions(+), 121 deletions(-) rename changelog/{unreleased => 1.29.0_2025-01-07}/acl-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/better-eos-traces.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/ceph-refactoring.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/change-project-ownership.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/clean-repo.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/enhance-ceph.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/enhance-ci.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-grpc-token-access.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-http-client-tls.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-log-app.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-perms.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-useracl.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-userquota.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/eos-xattr.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fav-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-auth-log.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-block-on-sharedwithme.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-ceph-build.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-empty-fav-attr.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-eos-container-build.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-eos-grpc-errors.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-eosgrpc-stat.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-fav-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-notifications.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/fix-ocm-open-driver.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/go-mod.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/locks-uploads.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/log-home.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/lwshares-fix.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/no-certs-eos-http-client.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/no-more-shadow-ns.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/ocm-access.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/ocm-error-handling.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/parse-favs-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/propfind-perms-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/publink-fix.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/recycle-fix.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/restorefileversion-nilptr.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/rootless-auth.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/trashbin-grpc.md (100%) rename changelog/{unreleased => 1.29.0_2025-01-07}/undo-gw-refactoring.md (100%) create mode 100644 docs/content/en/docs/changelog/1.29.0/_index.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 896a1c4d39..69794df8db 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,327 @@ +Changelog for reva 1.29.0 (2025-01-07) +======================================= + +The following sections list the changes in reva 1.29.0 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + + * Fix #4898: Make ACL operations work over gRPC + * Fix #4667: Fixed permission mapping to EOS ACLs + * Fix #4520: Do not use version folders for xattrs in EOS + * Fix #4599: Auth: increase verbosity of oidc parsing errors + * Fix #5006: Blocking reva on listSharedWithMe + * Fix #4557: Fix ceph build + * Fix #5017: No empty favs attr + * Fix #4620: Fix ulimits for EOS container deployment + * Fix #5015: Fixed error reporting in the EOS gRPC client + * Fix #4931: Fixed tree metadata following fix in EOS + * Fix #4930: Make removal of favourites work + * Fix #4574: Fix notifications + * Fix #4790: Ocm: fixed domain not having a protocol scheme + * Fix #4849: Drop assumptions about user types when dealing with shares + * Fix #4894: No certs in EOS HTTP client + * Fix #4810: Simplified error handling + * Fix #4973: Handle parsing of favs over gRPC + * Fix #4901: Broken PROPFIND perms on gRPC + * Fix #4907: Public links: return error when owner could not be resolved + * Fix #4591: Eos: fixed error reporting for too large recycle bin listing + * Fix #4896: Fix nilpointer error in RollbackToVersion + * Fix #4905: PurgeDate in ListDeletedEntries was ignored + * Fix #4939: Revert 'make home layout configurable' + * Enh #5028: Handle empty EOS traces + * Enh #4911: Cephfs refactoring + make home layout configurable + * Enh #4937: @labkode steps down as project owner + * Enh #4579: Remove domain-specific code to other repos + * Enh #4824: Refactor Ceph code + * Enh #4797: Refactor CI jobs and bump to latest deps + * Enh #4934: Access to EOS via tokens over gRPC + * Enh #4870: Only load X509 on https + * Enh #5014: Log app when creating EOS gRPC requests + * Enh #4892: Do not read eos user ACLs any longer + * Enh #4720: Differentiate quota for user types in EOS + * Enh #4863: Favourites for eos/grpc + * Enh #5013: Updated dependencies + moved to go 1.22 + * Enh #4514: Pass lock holder metadata on uploads + * Enh #4970: Improved logging on createHome + * Enh #4984: Drop shadow namespaces + * Enh #4670: Ocm: support bearer token access + * Enh #4977: Do not use root on EOS + +Details +------- + + * Bugfix #4898: Make ACL operations work over gRPC + + This change solves two issues: * AddACL would fail, because the current implementation of + AddACL in the EOS gRPC client always sets msg.Recursive = true. This causes issues on the EOS + side, because it will try running a recursive find on a file, which fails. * RemoveACL would + fail, because it tried matching ACL rules with a uid to ACL rules with a username. This PR changes + this approach to use an approach similar to what is used in the binary client: just set the rule + that you want to have deleted with no permissions. + + https://github.com/cs3org/reva/pull/4898 + + * Bugfix #4667: Fixed permission mapping to EOS ACLs + + This is to remove "m" and "q" flags in EOS ACLs for regular write shares (no re-sharing). + + https://github.com/cs3org/reva/pull/4667 + + * Bugfix #4520: Do not use version folders for xattrs in EOS + + This was a workaround needed some time ago. We revert now to the standard behavior, xattrs are + stored on the files. + + https://github.com/cs3org/reva/pull/4520 + + * Bugfix #4599: Auth: increase verbosity of oidc parsing errors + + This is to help further debugging of auth issues. An unrelated error reporting was also fixed. + + https://github.com/cs3org/reva/pull/4599 + + * Bugfix #5006: Blocking reva on listSharedWithMe + + `listSharesWithMe` blocked a reva thread in the case that one of the shares was not resolvable. + This has now been fixed + + https://github.com/cs3org/reva/pull/5006 + + * Bugfix #4557: Fix ceph build + + https://github.com/cs3org/reva/pull/4557 + + * Bugfix #5017: No empty favs attr + + See issue #5016: we now unset the favs attr if no more favs are set + + https://github.com/cs3org/reva/pull/5017 + + * Bugfix #4620: Fix ulimits for EOS container deployment + + https://github.com/cs3org/reva/pull/4620 + + * Bugfix #5015: Fixed error reporting in the EOS gRPC client + + This in particular fixes the lock-related errors + + https://github.com/cs3org/reva/pull/5015 + + * Bugfix #4931: Fixed tree metadata following fix in EOS + + The treecount is now populated from the EOS response. + + https://github.com/cs3org/reva/pull/4931 + + * Bugfix #4930: Make removal of favourites work + + Currently, removing a folder from your favourites is broken, because the handleFavAttr + method is only called in SetAttr, not in UnsetAttr. This change fixes this. + + https://github.com/cs3org/reva/pull/4930 + + * Bugfix #4574: Fix notifications + + https://github.com/cs3org/reva/pull/4574 + + * Bugfix #4790: Ocm: fixed domain not having a protocol scheme + + This PR fixes a bug in the OCM open driver that causes it to be unable to probe OCM services at the + remote server due to the domain having an unsupported protocol scheme. in this case domain + doesn't have a scheme and the changes in this PR add a scheme to the domain before doing the probe. + + https://github.com/cs3org/reva/pull/4790 + + * Bugfix #4849: Drop assumptions about user types when dealing with shares + + We may have external accounts with regular usernames (and with null uid), therefore the + current logic to heuristically infer the user type from a grantee's username is broken. This PR + removes those heuristics and requires the upper level to resolve the user type. + + https://github.com/cs3org/reva/pull/4849 + + * Bugfix #4894: No certs in EOS HTTP client + + Omit HTTPS cert in EOS HTTP Client, as this causes authentication issues on EOS < 5.2.28. When + EOS receives a certificate, it will look for this cert in the gridmap file. If it is not found + there, the whole authn flow is aborted and the user is mapped to nobody. + + https://github.com/cs3org/reva/pull/4894 + + * Bugfix #4810: Simplified error handling + + Minor rewording and simplification, following cs3org/OCM-API#90 and cs3org/OCM-API#91 + + https://github.com/cs3org/reva/pull/4810 + + * Bugfix #4973: Handle parsing of favs over gRPC + + To store user favorites, the key `user.http://owncloud.org/ns/favorite` maps to a list of + users, in the format `u:username=1`. Right now, extracting the "correct" user doesn't happen + in gRPC, while it is implemented in the EOS binary client. This feature has now been moved to the + higher-level call in eosfs. + + https://github.com/cs3org/reva/pull/4973 + + * Bugfix #4901: Broken PROPFIND perms on gRPC + + When using the EOS gRPC stack, the permissions returned by PROPFIND on a folder in a project were + erroneous because ACL permissions were being ignored. This stems from a bug in + grpcMDResponseToFileInfo, where the SysACL attribute of the FileInfo struct was not being + populated. + + https://github.com/cs3org/reva/pull/4901 + see: + + * Bugfix #4907: Public links: return error when owner could not be resolved + + https://github.com/cs3org/reva/pull/4907 + + * Bugfix #4591: Eos: fixed error reporting for too large recycle bin listing + + EOS returns E2BIG, which internally gets converted to PermissionDenied and has to be properly + handled in this case. + + https://github.com/cs3org/reva/pull/4591 + + * Bugfix #4896: Fix nilpointer error in RollbackToVersion + + https://github.com/cs3org/reva/pull/4896 + + * Bugfix #4905: PurgeDate in ListDeletedEntries was ignored + + The date range that can be passed to ListDeletedEntries was not taken into account due to a bug in + reva: the Purgedate argument was set, which only works for PURGE requests, and not for LIST + requests. Instead, the Listflag argument must be used. Additionally, there was a bug in the + loop that is used to iterate over all days in the date range. + + https://github.com/cs3org/reva/pull/4905 + + * Bugfix #4939: Revert 'make home layout configurable' + + Partial revert of #4911, to be re-added after more testing and configuration validation. The + eoshome vs eos storage drivers are to be adapted. + + https://github.com/cs3org/reva/pull/4939 + + * Enhancement #5028: Handle empty EOS traces + + https://github.com/cs3org/reva/pull/5028 + + * Enhancement #4911: Cephfs refactoring + make home layout configurable + + https://github.com/cs3org/reva/pull/4911 + + * Enhancement #4937: @labkode steps down as project owner + + Hugo (@labkode) steps down as project owner of Reva. + + https://github.com/cs3org/reva/pull/4937 + + * Enhancement #4579: Remove domain-specific code to other repos + + https://github.com/cs3org/reva/pull/4579 + + * Enhancement #4824: Refactor Ceph code + + https://github.com/cs3org/reva/pull/4824 + + * Enhancement #4797: Refactor CI jobs and bump to latest deps + + https://github.com/cs3org/reva/pull/4797 + + * Enhancement #4934: Access to EOS via tokens over gRPC + + As a guest account, accessing a file shared with you relies on a token that is generated on behalf + of the resource owner. This method, GenerateToken, has now been implemented in the EOS gRPC + client. Additionally, the HTTP client now takes tokens into account. + + https://github.com/cs3org/reva/pull/4934 + + * Enhancement #4870: Only load X509 on https + + Currently, the EOS HTTP Client always tries to read an X509 key pair from the file system (by + default, from /etc/grid-security/host{key,cert}.pem). This makes it harder to write unit + tests, as these fail when this key pair is not on the file system (which is the case for the test + pipeline as well). + + This PR introduces a fix for this problem, by only loading the X509 key pair if the scheme of the + EOS endpoint is https. Unit tests can then create a mock HTTP endpoint, which will not trigger + the loading of the key pair. + + https://github.com/cs3org/reva/pull/4870 + + * Enhancement #5014: Log app when creating EOS gRPC requests + + https://github.com/cs3org/reva/pull/5014 + + * Enhancement #4892: Do not read eos user ACLs any longer + + This PR drops the compatibility code to read eos user ACLs in the eos binary client, and aligns it + to the GRPC client. + + https://github.com/cs3org/reva/pull/4892 + + * Enhancement #4720: Differentiate quota for user types in EOS + + We now assign a different initial quota to users depending on their type, whether PRIMARY or + not. + + https://github.com/cs3org/reva/pull/4720 + + * Enhancement #4863: Favourites for eos/grpc + + https://github.com/cs3org/reva/pull/4863 + + * Enhancement #5013: Updated dependencies + moved to go 1.22 + + https://github.com/cs3org/reva/pull/5013 + + * Enhancement #4514: Pass lock holder metadata on uploads + + We now pass relevant metadata (lock id and lock holder) downstream on uploads, and handle the + case of conflicts due to lock mismatch. + + https://github.com/cs3org/reva/pull/4514 + + * Enhancement #4970: Improved logging on createHome + + https://github.com/cs3org/reva/pull/4970 + + * Enhancement #4984: Drop shadow namespaces + + This comes as part of the effort to operate EOS without being root, see + https://github.com/cs3org/reva/pull/4977 + + In this PR the post-home creation hook (and corresponding flag) is replaced by a + create_home_hook, and the following configuration parameters are suppressed: + + Shadow_namespace share_folder default_quota_bytes default_secondary_quota_bytes + default_quota_files uploads_namespace (unused) + + https://github.com/cs3org/reva/pull/4984 + + * Enhancement #4670: Ocm: support bearer token access + + This PR adds support for accessing remote OCM 1.1 shares via bearer token, as opposed to having + the shared secret in the URL only. In addition, the OCM client package is now part of the OCMD + server package, and the Discover methods have been all consolidated in one place. + + https://github.com/cs3org/reva/pull/4670 + + * Enhancement #4977: Do not use root on EOS + + Currently, the EOS drivers use root authentication for many different operations. This has + now been changed to use one of the following: * cbox, which is a sudo'er * daemon, for read-only + operations * the user himselft + + Note that home creation is excluded here as this will be tackled in a different PR. + + https://github.com/cs3org/reva/pull/4977/ + + Changelog for reva 1.28.0 (2024-02-27) ======================================= diff --git a/RELEASE_DATE b/RELEASE_DATE index 5179d2e64e..3f49a7df3c 100644 --- a/RELEASE_DATE +++ b/RELEASE_DATE @@ -1 +1 @@ -2024-02-27 \ No newline at end of file +2025-01-07 \ No newline at end of file diff --git a/VERSION b/VERSION index 3c71e47210..72f3c1dacc 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -1.28.0 \ No newline at end of file +1.29.0 \ No newline at end of file diff --git a/changelog/unreleased/acl-grpc.md b/changelog/1.29.0_2025-01-07/acl-grpc.md similarity index 100% rename from changelog/unreleased/acl-grpc.md rename to changelog/1.29.0_2025-01-07/acl-grpc.md diff --git a/changelog/unreleased/better-eos-traces.md b/changelog/1.29.0_2025-01-07/better-eos-traces.md similarity index 100% rename from changelog/unreleased/better-eos-traces.md rename to changelog/1.29.0_2025-01-07/better-eos-traces.md diff --git a/changelog/unreleased/ceph-refactoring.md b/changelog/1.29.0_2025-01-07/ceph-refactoring.md similarity index 100% rename from changelog/unreleased/ceph-refactoring.md rename to changelog/1.29.0_2025-01-07/ceph-refactoring.md diff --git a/changelog/unreleased/change-project-ownership.md b/changelog/1.29.0_2025-01-07/change-project-ownership.md similarity index 100% rename from changelog/unreleased/change-project-ownership.md rename to changelog/1.29.0_2025-01-07/change-project-ownership.md diff --git a/changelog/unreleased/clean-repo.md b/changelog/1.29.0_2025-01-07/clean-repo.md similarity index 100% rename from changelog/unreleased/clean-repo.md rename to changelog/1.29.0_2025-01-07/clean-repo.md diff --git a/changelog/unreleased/enhance-ceph.md b/changelog/1.29.0_2025-01-07/enhance-ceph.md similarity index 100% rename from changelog/unreleased/enhance-ceph.md rename to changelog/1.29.0_2025-01-07/enhance-ceph.md diff --git a/changelog/unreleased/enhance-ci.md b/changelog/1.29.0_2025-01-07/enhance-ci.md similarity index 100% rename from changelog/unreleased/enhance-ci.md rename to changelog/1.29.0_2025-01-07/enhance-ci.md diff --git a/changelog/unreleased/eos-grpc-token-access.md b/changelog/1.29.0_2025-01-07/eos-grpc-token-access.md similarity index 100% rename from changelog/unreleased/eos-grpc-token-access.md rename to changelog/1.29.0_2025-01-07/eos-grpc-token-access.md diff --git a/changelog/unreleased/eos-http-client-tls.md b/changelog/1.29.0_2025-01-07/eos-http-client-tls.md similarity index 100% rename from changelog/unreleased/eos-http-client-tls.md rename to changelog/1.29.0_2025-01-07/eos-http-client-tls.md diff --git a/changelog/unreleased/eos-log-app.md b/changelog/1.29.0_2025-01-07/eos-log-app.md similarity index 100% rename from changelog/unreleased/eos-log-app.md rename to changelog/1.29.0_2025-01-07/eos-log-app.md diff --git a/changelog/unreleased/eos-perms.md b/changelog/1.29.0_2025-01-07/eos-perms.md similarity index 100% rename from changelog/unreleased/eos-perms.md rename to changelog/1.29.0_2025-01-07/eos-perms.md diff --git a/changelog/unreleased/eos-useracl.md b/changelog/1.29.0_2025-01-07/eos-useracl.md similarity index 100% rename from changelog/unreleased/eos-useracl.md rename to changelog/1.29.0_2025-01-07/eos-useracl.md diff --git a/changelog/unreleased/eos-userquota.md b/changelog/1.29.0_2025-01-07/eos-userquota.md similarity index 100% rename from changelog/unreleased/eos-userquota.md rename to changelog/1.29.0_2025-01-07/eos-userquota.md diff --git a/changelog/unreleased/eos-xattr.md b/changelog/1.29.0_2025-01-07/eos-xattr.md similarity index 100% rename from changelog/unreleased/eos-xattr.md rename to changelog/1.29.0_2025-01-07/eos-xattr.md diff --git a/changelog/unreleased/fav-grpc.md b/changelog/1.29.0_2025-01-07/fav-grpc.md similarity index 100% rename from changelog/unreleased/fav-grpc.md rename to changelog/1.29.0_2025-01-07/fav-grpc.md diff --git a/changelog/unreleased/fix-auth-log.md b/changelog/1.29.0_2025-01-07/fix-auth-log.md similarity index 100% rename from changelog/unreleased/fix-auth-log.md rename to changelog/1.29.0_2025-01-07/fix-auth-log.md diff --git a/changelog/unreleased/fix-block-on-sharedwithme.md b/changelog/1.29.0_2025-01-07/fix-block-on-sharedwithme.md similarity index 100% rename from changelog/unreleased/fix-block-on-sharedwithme.md rename to changelog/1.29.0_2025-01-07/fix-block-on-sharedwithme.md diff --git a/changelog/unreleased/fix-ceph-build.md b/changelog/1.29.0_2025-01-07/fix-ceph-build.md similarity index 100% rename from changelog/unreleased/fix-ceph-build.md rename to changelog/1.29.0_2025-01-07/fix-ceph-build.md diff --git a/changelog/unreleased/fix-empty-fav-attr.md b/changelog/1.29.0_2025-01-07/fix-empty-fav-attr.md similarity index 100% rename from changelog/unreleased/fix-empty-fav-attr.md rename to changelog/1.29.0_2025-01-07/fix-empty-fav-attr.md diff --git a/changelog/unreleased/fix-eos-container-build.md b/changelog/1.29.0_2025-01-07/fix-eos-container-build.md similarity index 100% rename from changelog/unreleased/fix-eos-container-build.md rename to changelog/1.29.0_2025-01-07/fix-eos-container-build.md diff --git a/changelog/unreleased/fix-eos-grpc-errors.md b/changelog/1.29.0_2025-01-07/fix-eos-grpc-errors.md similarity index 100% rename from changelog/unreleased/fix-eos-grpc-errors.md rename to changelog/1.29.0_2025-01-07/fix-eos-grpc-errors.md diff --git a/changelog/unreleased/fix-eosgrpc-stat.md b/changelog/1.29.0_2025-01-07/fix-eosgrpc-stat.md similarity index 100% rename from changelog/unreleased/fix-eosgrpc-stat.md rename to changelog/1.29.0_2025-01-07/fix-eosgrpc-stat.md diff --git a/changelog/unreleased/fix-fav-grpc.md b/changelog/1.29.0_2025-01-07/fix-fav-grpc.md similarity index 100% rename from changelog/unreleased/fix-fav-grpc.md rename to changelog/1.29.0_2025-01-07/fix-fav-grpc.md diff --git a/changelog/unreleased/fix-notifications.md b/changelog/1.29.0_2025-01-07/fix-notifications.md similarity index 100% rename from changelog/unreleased/fix-notifications.md rename to changelog/1.29.0_2025-01-07/fix-notifications.md diff --git a/changelog/unreleased/fix-ocm-open-driver.md b/changelog/1.29.0_2025-01-07/fix-ocm-open-driver.md similarity index 100% rename from changelog/unreleased/fix-ocm-open-driver.md rename to changelog/1.29.0_2025-01-07/fix-ocm-open-driver.md diff --git a/changelog/unreleased/go-mod.md b/changelog/1.29.0_2025-01-07/go-mod.md similarity index 100% rename from changelog/unreleased/go-mod.md rename to changelog/1.29.0_2025-01-07/go-mod.md diff --git a/changelog/unreleased/locks-uploads.md b/changelog/1.29.0_2025-01-07/locks-uploads.md similarity index 100% rename from changelog/unreleased/locks-uploads.md rename to changelog/1.29.0_2025-01-07/locks-uploads.md diff --git a/changelog/unreleased/log-home.md b/changelog/1.29.0_2025-01-07/log-home.md similarity index 100% rename from changelog/unreleased/log-home.md rename to changelog/1.29.0_2025-01-07/log-home.md diff --git a/changelog/unreleased/lwshares-fix.md b/changelog/1.29.0_2025-01-07/lwshares-fix.md similarity index 100% rename from changelog/unreleased/lwshares-fix.md rename to changelog/1.29.0_2025-01-07/lwshares-fix.md diff --git a/changelog/unreleased/no-certs-eos-http-client.md b/changelog/1.29.0_2025-01-07/no-certs-eos-http-client.md similarity index 100% rename from changelog/unreleased/no-certs-eos-http-client.md rename to changelog/1.29.0_2025-01-07/no-certs-eos-http-client.md diff --git a/changelog/unreleased/no-more-shadow-ns.md b/changelog/1.29.0_2025-01-07/no-more-shadow-ns.md similarity index 100% rename from changelog/unreleased/no-more-shadow-ns.md rename to changelog/1.29.0_2025-01-07/no-more-shadow-ns.md diff --git a/changelog/unreleased/ocm-access.md b/changelog/1.29.0_2025-01-07/ocm-access.md similarity index 100% rename from changelog/unreleased/ocm-access.md rename to changelog/1.29.0_2025-01-07/ocm-access.md diff --git a/changelog/unreleased/ocm-error-handling.md b/changelog/1.29.0_2025-01-07/ocm-error-handling.md similarity index 100% rename from changelog/unreleased/ocm-error-handling.md rename to changelog/1.29.0_2025-01-07/ocm-error-handling.md diff --git a/changelog/unreleased/parse-favs-grpc.md b/changelog/1.29.0_2025-01-07/parse-favs-grpc.md similarity index 100% rename from changelog/unreleased/parse-favs-grpc.md rename to changelog/1.29.0_2025-01-07/parse-favs-grpc.md diff --git a/changelog/unreleased/propfind-perms-grpc.md b/changelog/1.29.0_2025-01-07/propfind-perms-grpc.md similarity index 100% rename from changelog/unreleased/propfind-perms-grpc.md rename to changelog/1.29.0_2025-01-07/propfind-perms-grpc.md diff --git a/changelog/unreleased/publink-fix.md b/changelog/1.29.0_2025-01-07/publink-fix.md similarity index 100% rename from changelog/unreleased/publink-fix.md rename to changelog/1.29.0_2025-01-07/publink-fix.md diff --git a/changelog/unreleased/recycle-fix.md b/changelog/1.29.0_2025-01-07/recycle-fix.md similarity index 100% rename from changelog/unreleased/recycle-fix.md rename to changelog/1.29.0_2025-01-07/recycle-fix.md diff --git a/changelog/unreleased/restorefileversion-nilptr.md b/changelog/1.29.0_2025-01-07/restorefileversion-nilptr.md similarity index 100% rename from changelog/unreleased/restorefileversion-nilptr.md rename to changelog/1.29.0_2025-01-07/restorefileversion-nilptr.md diff --git a/changelog/unreleased/rootless-auth.md b/changelog/1.29.0_2025-01-07/rootless-auth.md similarity index 100% rename from changelog/unreleased/rootless-auth.md rename to changelog/1.29.0_2025-01-07/rootless-auth.md diff --git a/changelog/unreleased/trashbin-grpc.md b/changelog/1.29.0_2025-01-07/trashbin-grpc.md similarity index 100% rename from changelog/unreleased/trashbin-grpc.md rename to changelog/1.29.0_2025-01-07/trashbin-grpc.md diff --git a/changelog/unreleased/undo-gw-refactoring.md b/changelog/1.29.0_2025-01-07/undo-gw-refactoring.md similarity index 100% rename from changelog/unreleased/undo-gw-refactoring.md rename to changelog/1.29.0_2025-01-07/undo-gw-refactoring.md diff --git a/changelog/NOTE.md b/changelog/NOTE.md index 32333c743b..eba9a7fab6 100644 --- a/changelog/NOTE.md +++ b/changelog/NOTE.md @@ -1,202 +1,324 @@ -Changelog for reva 1.28.0 (2024-02-27) +Changelog for reva 1.29.0 (2025-01-07) ======================================= -The following sections list the changes in reva 1.28.0 relevant to +The following sections list the changes in reva 1.29.0 relevant to reva users. The changes are ordered by importance. Summary ------- - * Fix #4369: Carefully use root credentials to perform system level ops - * Fix #4306: Correctly treat EOS urls containing # chars - * Fix #4510: Propagates traceID to EOS - * Fix #4321: Reworked List() to support version folder tricks - * Fix #4400: Fix group-based capabilities - * Fix #4319: Fixed registration of custom extensions in the mime registry - * Fix #4287: Fixes registration and naming of services - * Fix #4310: Restore changes to ceph driver - * Fix #4294: Sciencemesh fixes - * Fix #4307: Dynamic storage registry storage_id aliases - * Fix #4497: Removed stat to all storage providers on Depth:0 PROPFIND to "/" - * Enh #4280: Implementation of Locks for the CephFS driver - * Enh #4282: Support multiple templates in config entries - * Enh #4304: Disable open in app for given paths - * Enh #4455: Limit max number of entries returned by ListRecycle in eos - * Enh #4309: Get the logger in the grpcMDResponseToFileInfo func, log the stat - * Enh #4311: Init time logger for eosgrpc storage driver - * Enh #4301: Added listversions command - * Enh #4493: Removed notification capability - * Enh #4288: Print plugins' version - * Enh #4508: Add pprof http service - * Enh #4376: Removed cback from upstream codebase - * Enh #4391: CERNBox setup for ScienceMesh tests - * Enh #4246: Revamp ScienceMesh integration tests - * Enh #4240: Reworked protocol with ScienceMesh NC/OC apps - * Enh #4370: Storage registry: fail at init if config is missing any providers + * Fix #4898: Make ACL operations work over gRPC + * Fix #4667: Fixed permission mapping to EOS ACLs + * Fix #4520: Do not use version folders for xattrs in EOS + * Fix #4599: Auth: increase verbosity of oidc parsing errors + * Fix #5006: Blocking reva on listSharedWithMe + * Fix #4557: Fix ceph build + * Fix #5017: No empty favs attr + * Fix #4620: Fix ulimits for EOS container deployment + * Fix #5015: Fixed error reporting in the EOS gRPC client + * Fix #4931: Fixed tree metadata following fix in EOS + * Fix #4930: Make removal of favourites work + * Fix #4574: Fix notifications + * Fix #4790: Ocm: fixed domain not having a protocol scheme + * Fix #4849: Drop assumptions about user types when dealing with shares + * Fix #4894: No certs in EOS HTTP client + * Fix #4810: Simplified error handling + * Fix #4973: Handle parsing of favs over gRPC + * Fix #4901: Broken PROPFIND perms on gRPC + * Fix #4907: Public links: return error when owner could not be resolved + * Fix #4591: Eos: fixed error reporting for too large recycle bin listing + * Fix #4896: Fix nilpointer error in RollbackToVersion + * Fix #4905: PurgeDate in ListDeletedEntries was ignored + * Fix #4939: Revert 'make home layout configurable' + * Enh #5028: Handle empty EOS traces + * Enh #4911: Cephfs refactoring + make home layout configurable + * Enh #4937: @labkode steps down as project owner + * Enh #4579: Remove domain-specific code to other repos + * Enh #4824: Refactor Ceph code + * Enh #4797: Refactor CI jobs and bump to latest deps + * Enh #4934: Access to EOS via tokens over gRPC + * Enh #4870: Only load X509 on https + * Enh #5014: Log app when creating EOS gRPC requests + * Enh #4892: Do not read eos user ACLs any longer + * Enh #4720: Differentiate quota for user types in EOS + * Enh #4863: Favourites for eos/grpc + * Enh #5013: Updated dependencies + moved to go 1.22 + * Enh #4514: Pass lock holder metadata on uploads + * Enh #4970: Improved logging on createHome + * Enh #4984: Drop shadow namespaces + * Enh #4670: Ocm: support bearer token access + * Enh #4977: Do not use root on EOS Details ------- - * Bugfix #4369: Carefully use root credentials to perform system level ops + * Bugfix #4898: Make ACL operations work over gRPC - This PR ensures that system level ops like setlock, setattr, stat... work when invoked from a - gateway This is relevant for eosgrpc, as eosbinary exploited the permissivity of the eos - cmdline + This change solves two issues: * AddACL would fail, because the current implementation of + AddACL in the EOS gRPC client always sets msg.Recursive = true. This causes issues on the EOS + side, because it will try running a recursive find on a file, which fails. * RemoveACL would + fail, because it tried matching ACL rules with a uid to ACL rules with a username. This PR changes + this approach to use an approach similar to what is used in the binary client: just set the rule + that you want to have deleted with no permissions. - https://github.com/cs3org/reva/pull/4369 + https://github.com/cs3org/reva/pull/4898 - * Bugfix #4306: Correctly treat EOS urls containing # chars + * Bugfix #4667: Fixed permission mapping to EOS ACLs - https://github.com/cs3org/reva/pull/4306 + This is to remove "m" and "q" flags in EOS ACLs for regular write shares (no re-sharing). - * Bugfix #4510: Propagates traceID to EOS + https://github.com/cs3org/reva/pull/4667 - This PR fixes the cases where the EOS trace ID was always a bunch of zeroes. + * Bugfix #4520: Do not use version folders for xattrs in EOS - https://github.com/cs3org/reva/pull/4510 + This was a workaround needed some time ago. We revert now to the standard behavior, xattrs are + stored on the files. - * Bugfix #4321: Reworked List() to support version folder tricks + https://github.com/cs3org/reva/pull/4520 - https://github.com/cs3org/reva/pull/4321 + * Bugfix #4599: Auth: increase verbosity of oidc parsing errors - * Bugfix #4400: Fix group-based capabilities + This is to help further debugging of auth issues. An unrelated error reporting was also fixed. - The group-based capabilities require an authenticated endpoint, as we must query the - logged-in user's groups to get those. This PR moves them to the `getSelf` endpoint in the user - handler. + https://github.com/cs3org/reva/pull/4599 - https://github.com/cs3org/reva/pull/4400 + * Bugfix #5006: Blocking reva on listSharedWithMe - * Bugfix #4319: Fixed registration of custom extensions in the mime registry + `listSharesWithMe` blocked a reva thread in the case that one of the shares was not resolvable. + This has now been fixed - This PR ensures custom extensions/mime-types are registered by trimming any eventual - leading '.' from the extension. + https://github.com/cs3org/reva/pull/5006 - https://github.com/cs3org/reva/pull/4319 + * Bugfix #4557: Fix ceph build - * Bugfix #4287: Fixes registration and naming of services + https://github.com/cs3org/reva/pull/4557 - https://github.com/cs3org/reva/pull/4287 + * Bugfix #5017: No empty favs attr - * Bugfix #4310: Restore changes to ceph driver + See issue #5016: we now unset the favs attr if no more favs are set - PR [4166](https://github.com/cs3org/reva/pull/4166) accidentally reverted the ceph - driver changes. This PR recovers them. + https://github.com/cs3org/reva/pull/5017 - https://github.com/cs3org/reva/pull/4310 + * Bugfix #4620: Fix ulimits for EOS container deployment - * Bugfix #4294: Sciencemesh fixes + https://github.com/cs3org/reva/pull/4620 - Fixes different issues introduced with the recent changes, in ocm/sciencemesh, in - particular the `GetAccepetdUser` and `/sciencemesh/find-accepted-users` endpoints. + * Bugfix #5015: Fixed error reporting in the EOS gRPC client - https://github.com/cs3org/reva/pull/4294 + This in particular fixes the lock-related errors - * Bugfix #4307: Dynamic storage registry storage_id aliases + https://github.com/cs3org/reva/pull/5015 - Fixes the bug where the dynamic storage registry would not be able to resolve storage ids like - `eoshome-a`, as those are aliased and need to be resolved into the proper storage-id - (`eoshome-i01`). + * Bugfix #4931: Fixed tree metadata following fix in EOS - https://github.com/cs3org/reva/pull/4307 + The treecount is now populated from the EOS response. - * Bugfix #4497: Removed stat to all storage providers on Depth:0 PROPFIND to "/" + https://github.com/cs3org/reva/pull/4931 - This PR removes an unnecessary and potentially problematic call, which would fail if any of the - configured storage providers has an issue. + * Bugfix #4930: Make removal of favourites work - https://github.com/cs3org/reva/pull/4497 + Currently, removing a folder from your favourites is broken, because the handleFavAttr + method is only called in SetAttr, not in UnsetAttr. This change fixes this. - * Enhancement #4280: Implementation of Locks for the CephFS driver + https://github.com/cs3org/reva/pull/4930 - This PR brings CS3APIs Locks for CephFS + * Bugfix #4574: Fix notifications - https://github.com/cs3org/reva/pull/4280 + https://github.com/cs3org/reva/pull/4574 - * Enhancement #4282: Support multiple templates in config entries + * Bugfix #4790: Ocm: fixed domain not having a protocol scheme - This PR introduces support for config entries with multiple templates, such as `parameter = - "{{ vars.v1 }} foo {{ vars.v2 }}"`. Previously, only one `{{ template }}` was allowed in a given - configuration entry. + This PR fixes a bug in the OCM open driver that causes it to be unable to probe OCM services at the + remote server due to the domain having an unsupported protocol scheme. in this case domain + doesn't have a scheme and the changes in this PR add a scheme to the domain before doing the probe. - https://github.com/cs3org/reva/pull/4282 + https://github.com/cs3org/reva/pull/4790 - * Enhancement #4304: Disable open in app for given paths + * Bugfix #4849: Drop assumptions about user types when dealing with shares - https://github.com/cs3org/reva/pull/4304 + We may have external accounts with regular usernames (and with null uid), therefore the + current logic to heuristically infer the user type from a grantee's username is broken. This PR + removes those heuristics and requires the upper level to resolve the user type. - * Enhancement #4455: Limit max number of entries returned by ListRecycle in eos + https://github.com/cs3org/reva/pull/4849 - The idea is to query first how many entries we'd have from eos recycle ls and bail out if "too - many". + * Bugfix #4894: No certs in EOS HTTP client - https://github.com/cs3org/reva/pull/4455 + Omit HTTPS cert in EOS HTTP Client, as this causes authentication issues on EOS < 5.2.28. When + EOS receives a certificate, it will look for this cert in the gridmap file. If it is not found + there, the whole authn flow is aborted and the user is mapped to nobody. - * Enhancement #4309: Get the logger in the grpcMDResponseToFileInfo func, log the stat + https://github.com/cs3org/reva/pull/4894 - https://github.com/cs3org/reva/pull/4309 + * Bugfix #4810: Simplified error handling - * Enhancement #4311: Init time logger for eosgrpc storage driver + Minor rewording and simplification, following cs3org/OCM-API#90 and cs3org/OCM-API#91 - Before the `eosgrpc` driver was using a custom logger. Now that the reva logger is available at - init time, the driver will use this. + https://github.com/cs3org/reva/pull/4810 - https://github.com/cs3org/reva/pull/4311 + * Bugfix #4973: Handle parsing of favs over gRPC - * Enhancement #4301: Added listversions command + To store user favorites, the key `user.http://owncloud.org/ns/favorite` maps to a list of + users, in the format `u:username=1`. Right now, extracting the "correct" user doesn't happen + in gRPC, while it is implemented in the EOS binary client. This feature has now been moved to the + higher-level call in eosfs. - https://github.com/cs3org/reva/pull/4301 + https://github.com/cs3org/reva/pull/4973 - * Enhancement #4493: Removed notification capability + * Bugfix #4901: Broken PROPFIND perms on gRPC - This is not needed any longer, the code was simplified to enable notifications if they are - configured + When using the EOS gRPC stack, the permissions returned by PROPFIND on a folder in a project were + erroneous because ACL permissions were being ignored. This stems from a bug in + grpcMDResponseToFileInfo, where the SysACL attribute of the FileInfo struct was not being + populated. - https://github.com/cs3org/reva/pull/4493 + https://github.com/cs3org/reva/pull/4901 + see: - * Enhancement #4288: Print plugins' version + * Bugfix #4907: Public links: return error when owner could not be resolved - https://github.com/cs3org/reva/pull/4288 + https://github.com/cs3org/reva/pull/4907 - * Enhancement #4508: Add pprof http service + * Bugfix #4591: Eos: fixed error reporting for too large recycle bin listing - This service is useful to trigger diagnostics on running processes + EOS returns E2BIG, which internally gets converted to PermissionDenied and has to be properly + handled in this case. - https://github.com/cs3org/reva/pull/4508 + https://github.com/cs3org/reva/pull/4591 - * Enhancement #4376: Removed cback from upstream codebase + * Bugfix #4896: Fix nilpointer error in RollbackToVersion - The code has been moved to as a CERNBox plugin. + https://github.com/cs3org/reva/pull/4896 - https://github.com/cs3org/reva/pull/4376 + * Bugfix #4905: PurgeDate in ListDeletedEntries was ignored - * Enhancement #4391: CERNBox setup for ScienceMesh tests + The date range that can be passed to ListDeletedEntries was not taken into account due to a bug in + reva: the Purgedate argument was set, which only works for PURGE requests, and not for LIST + requests. Instead, the Listflag argument must be used. Additionally, there was a bug in the + loop that is used to iterate over all days in the date range. - This PR includes a bundled CERNBox-like web UI and backend to test the ScienceMesh workflows - with OC10 and NC + https://github.com/cs3org/reva/pull/4905 - https://github.com/cs3org/reva/pull/4391 + * Bugfix #4939: Revert 'make home layout configurable' - * Enhancement #4246: Revamp ScienceMesh integration tests + Partial revert of #4911, to be re-added after more testing and configuration validation. The + eoshome vs eos storage drivers are to be adapted. - This extends the ScienceMesh tests by running a wopiserver next to each EFSS/IOP, and by - including a CERNBox-like minimal configuration. The latter is based on local storage and - in-memory shares (no db dependency). + https://github.com/cs3org/reva/pull/4939 - https://github.com/cs3org/reva/pull/4246 + * Enhancement #5028: Handle empty EOS traces - * Enhancement #4240: Reworked protocol with ScienceMesh NC/OC apps + https://github.com/cs3org/reva/pull/5028 - This ensures full OCM 1.1 coverage + * Enhancement #4911: Cephfs refactoring + make home layout configurable - https://github.com/cs3org/reva/pull/4240 + https://github.com/cs3org/reva/pull/4911 - * Enhancement #4370: Storage registry: fail at init if config is missing any providers + * Enhancement #4937: @labkode steps down as project owner - This change makes the dynamic storage registry fail at startup if there are missing rules in the - config file. That is, any `mount_id` in the routing table must have a corresponding - `storage_id`/`address` pair in the config, otherwise the registry will fail to start. + Hugo (@labkode) steps down as project owner of Reva. - https://github.com/cs3org/reva/pull/4370 + https://github.com/cs3org/reva/pull/4937 + + * Enhancement #4579: Remove domain-specific code to other repos + + https://github.com/cs3org/reva/pull/4579 + + * Enhancement #4824: Refactor Ceph code + + https://github.com/cs3org/reva/pull/4824 + + * Enhancement #4797: Refactor CI jobs and bump to latest deps + + https://github.com/cs3org/reva/pull/4797 + + * Enhancement #4934: Access to EOS via tokens over gRPC + + As a guest account, accessing a file shared with you relies on a token that is generated on behalf + of the resource owner. This method, GenerateToken, has now been implemented in the EOS gRPC + client. Additionally, the HTTP client now takes tokens into account. + + https://github.com/cs3org/reva/pull/4934 + + * Enhancement #4870: Only load X509 on https + + Currently, the EOS HTTP Client always tries to read an X509 key pair from the file system (by + default, from /etc/grid-security/host{key,cert}.pem). This makes it harder to write unit + tests, as these fail when this key pair is not on the file system (which is the case for the test + pipeline as well). + + This PR introduces a fix for this problem, by only loading the X509 key pair if the scheme of the + EOS endpoint is https. Unit tests can then create a mock HTTP endpoint, which will not trigger + the loading of the key pair. + + https://github.com/cs3org/reva/pull/4870 + + * Enhancement #5014: Log app when creating EOS gRPC requests + + https://github.com/cs3org/reva/pull/5014 + + * Enhancement #4892: Do not read eos user ACLs any longer + + This PR drops the compatibility code to read eos user ACLs in the eos binary client, and aligns it + to the GRPC client. + + https://github.com/cs3org/reva/pull/4892 + + * Enhancement #4720: Differentiate quota for user types in EOS + + We now assign a different initial quota to users depending on their type, whether PRIMARY or + not. + + https://github.com/cs3org/reva/pull/4720 + + * Enhancement #4863: Favourites for eos/grpc + + https://github.com/cs3org/reva/pull/4863 + + * Enhancement #5013: Updated dependencies + moved to go 1.22 + + https://github.com/cs3org/reva/pull/5013 + + * Enhancement #4514: Pass lock holder metadata on uploads + + We now pass relevant metadata (lock id and lock holder) downstream on uploads, and handle the + case of conflicts due to lock mismatch. + + https://github.com/cs3org/reva/pull/4514 + + * Enhancement #4970: Improved logging on createHome + + https://github.com/cs3org/reva/pull/4970 + + * Enhancement #4984: Drop shadow namespaces + + This comes as part of the effort to operate EOS without being root, see + https://github.com/cs3org/reva/pull/4977 + + In this PR the post-home creation hook (and corresponding flag) is replaced by a + create_home_hook, and the following configuration parameters are suppressed: + + Shadow_namespace share_folder default_quota_bytes default_secondary_quota_bytes + default_quota_files uploads_namespace (unused) + + https://github.com/cs3org/reva/pull/4984 + + * Enhancement #4670: Ocm: support bearer token access + + This PR adds support for accessing remote OCM 1.1 shares via bearer token, as opposed to having + the shared secret in the URL only. In addition, the OCM client package is now part of the OCMD + server package, and the Discover methods have been all consolidated in one place. + + https://github.com/cs3org/reva/pull/4670 + + * Enhancement #4977: Do not use root on EOS + + Currently, the EOS drivers use root authentication for many different operations. This has + now been changed to use one of the following: * cbox, which is a sudo'er * daemon, for read-only + operations * the user himselft + + Note that home creation is excluded here as this will be tackled in a different PR. + + https://github.com/cs3org/reva/pull/4977/ diff --git a/docs/content/en/docs/changelog/1.29.0/_index.md b/docs/content/en/docs/changelog/1.29.0/_index.md new file mode 100644 index 0000000000..70408d67dd --- /dev/null +++ b/docs/content/en/docs/changelog/1.29.0/_index.md @@ -0,0 +1,333 @@ + +--- +title: "v1.29.0" +linkTitle: "v1.29.0" +weight: 40 +description: > + Changelog for Reva v1.29.0 (2025-01-07) +--- + +Changelog for reva 1.29.0 (2025-01-07) +======================================= + +The following sections list the changes in reva 1.29.0 relevant to +reva users. The changes are ordered by importance. + +Summary +------- + + * Fix #4898: Make ACL operations work over gRPC + * Fix #4667: Fixed permission mapping to EOS ACLs + * Fix #4520: Do not use version folders for xattrs in EOS + * Fix #4599: Auth: increase verbosity of oidc parsing errors + * Fix #5006: Blocking reva on listSharedWithMe + * Fix #4557: Fix ceph build + * Fix #5017: No empty favs attr + * Fix #4620: Fix ulimits for EOS container deployment + * Fix #5015: Fixed error reporting in the EOS gRPC client + * Fix #4931: Fixed tree metadata following fix in EOS + * Fix #4930: Make removal of favourites work + * Fix #4574: Fix notifications + * Fix #4790: Ocm: fixed domain not having a protocol scheme + * Fix #4849: Drop assumptions about user types when dealing with shares + * Fix #4894: No certs in EOS HTTP client + * Fix #4810: Simplified error handling + * Fix #4973: Handle parsing of favs over gRPC + * Fix #4901: Broken PROPFIND perms on gRPC + * Fix #4907: Public links: return error when owner could not be resolved + * Fix #4591: Eos: fixed error reporting for too large recycle bin listing + * Fix #4896: Fix nilpointer error in RollbackToVersion + * Fix #4905: PurgeDate in ListDeletedEntries was ignored + * Fix #4939: Revert 'make home layout configurable' + * Enh #5028: Handle empty EOS traces + * Enh #4911: Cephfs refactoring + make home layout configurable + * Enh #4937: @labkode steps down as project owner + * Enh #4579: Remove domain-specific code to other repos + * Enh #4824: Refactor Ceph code + * Enh #4797: Refactor CI jobs and bump to latest deps + * Enh #4934: Access to EOS via tokens over gRPC + * Enh #4870: Only load X509 on https + * Enh #5014: Log app when creating EOS gRPC requests + * Enh #4892: Do not read eos user ACLs any longer + * Enh #4720: Differentiate quota for user types in EOS + * Enh #4863: Favourites for eos/grpc + * Enh #5013: Updated dependencies + moved to go 1.22 + * Enh #4514: Pass lock holder metadata on uploads + * Enh #4970: Improved logging on createHome + * Enh #4984: Drop shadow namespaces + * Enh #4670: Ocm: support bearer token access + * Enh #4977: Do not use root on EOS + +Details +------- + + * Bugfix #4898: Make ACL operations work over gRPC + + This change solves two issues: * AddACL would fail, because the current implementation of + AddACL in the EOS gRPC client always sets msg.Recursive = true. This causes issues on the EOS + side, because it will try running a recursive find on a file, which fails. * RemoveACL would + fail, because it tried matching ACL rules with a uid to ACL rules with a username. This PR changes + this approach to use an approach similar to what is used in the binary client: just set the rule + that you want to have deleted with no permissions. + + https://github.com/cs3org/reva/pull/4898 + + * Bugfix #4667: Fixed permission mapping to EOS ACLs + + This is to remove "m" and "q" flags in EOS ACLs for regular write shares (no re-sharing). + + https://github.com/cs3org/reva/pull/4667 + + * Bugfix #4520: Do not use version folders for xattrs in EOS + + This was a workaround needed some time ago. We revert now to the standard behavior, xattrs are + stored on the files. + + https://github.com/cs3org/reva/pull/4520 + + * Bugfix #4599: Auth: increase verbosity of oidc parsing errors + + This is to help further debugging of auth issues. An unrelated error reporting was also fixed. + + https://github.com/cs3org/reva/pull/4599 + + * Bugfix #5006: Blocking reva on listSharedWithMe + + `listSharesWithMe` blocked a reva thread in the case that one of the shares was not resolvable. + This has now been fixed + + https://github.com/cs3org/reva/pull/5006 + + * Bugfix #4557: Fix ceph build + + https://github.com/cs3org/reva/pull/4557 + + * Bugfix #5017: No empty favs attr + + See issue #5016: we now unset the favs attr if no more favs are set + + https://github.com/cs3org/reva/pull/5017 + + * Bugfix #4620: Fix ulimits for EOS container deployment + + https://github.com/cs3org/reva/pull/4620 + + * Bugfix #5015: Fixed error reporting in the EOS gRPC client + + This in particular fixes the lock-related errors + + https://github.com/cs3org/reva/pull/5015 + + * Bugfix #4931: Fixed tree metadata following fix in EOS + + The treecount is now populated from the EOS response. + + https://github.com/cs3org/reva/pull/4931 + + * Bugfix #4930: Make removal of favourites work + + Currently, removing a folder from your favourites is broken, because the handleFavAttr + method is only called in SetAttr, not in UnsetAttr. This change fixes this. + + https://github.com/cs3org/reva/pull/4930 + + * Bugfix #4574: Fix notifications + + https://github.com/cs3org/reva/pull/4574 + + * Bugfix #4790: Ocm: fixed domain not having a protocol scheme + + This PR fixes a bug in the OCM open driver that causes it to be unable to probe OCM services at the + remote server due to the domain having an unsupported protocol scheme. in this case domain + doesn't have a scheme and the changes in this PR add a scheme to the domain before doing the probe. + + https://github.com/cs3org/reva/pull/4790 + + * Bugfix #4849: Drop assumptions about user types when dealing with shares + + We may have external accounts with regular usernames (and with null uid), therefore the + current logic to heuristically infer the user type from a grantee's username is broken. This PR + removes those heuristics and requires the upper level to resolve the user type. + + https://github.com/cs3org/reva/pull/4849 + + * Bugfix #4894: No certs in EOS HTTP client + + Omit HTTPS cert in EOS HTTP Client, as this causes authentication issues on EOS < 5.2.28. When + EOS receives a certificate, it will look for this cert in the gridmap file. If it is not found + there, the whole authn flow is aborted and the user is mapped to nobody. + + https://github.com/cs3org/reva/pull/4894 + + * Bugfix #4810: Simplified error handling + + Minor rewording and simplification, following cs3org/OCM-API#90 and cs3org/OCM-API#91 + + https://github.com/cs3org/reva/pull/4810 + + * Bugfix #4973: Handle parsing of favs over gRPC + + To store user favorites, the key `user.http://owncloud.org/ns/favorite` maps to a list of + users, in the format `u:username=1`. Right now, extracting the "correct" user doesn't happen + in gRPC, while it is implemented in the EOS binary client. This feature has now been moved to the + higher-level call in eosfs. + + https://github.com/cs3org/reva/pull/4973 + + * Bugfix #4901: Broken PROPFIND perms on gRPC + + When using the EOS gRPC stack, the permissions returned by PROPFIND on a folder in a project were + erroneous because ACL permissions were being ignored. This stems from a bug in + grpcMDResponseToFileInfo, where the SysACL attribute of the FileInfo struct was not being + populated. + + https://github.com/cs3org/reva/pull/4901 + see: + + * Bugfix #4907: Public links: return error when owner could not be resolved + + https://github.com/cs3org/reva/pull/4907 + + * Bugfix #4591: Eos: fixed error reporting for too large recycle bin listing + + EOS returns E2BIG, which internally gets converted to PermissionDenied and has to be properly + handled in this case. + + https://github.com/cs3org/reva/pull/4591 + + * Bugfix #4896: Fix nilpointer error in RollbackToVersion + + https://github.com/cs3org/reva/pull/4896 + + * Bugfix #4905: PurgeDate in ListDeletedEntries was ignored + + The date range that can be passed to ListDeletedEntries was not taken into account due to a bug in + reva: the Purgedate argument was set, which only works for PURGE requests, and not for LIST + requests. Instead, the Listflag argument must be used. Additionally, there was a bug in the + loop that is used to iterate over all days in the date range. + + https://github.com/cs3org/reva/pull/4905 + + * Bugfix #4939: Revert 'make home layout configurable' + + Partial revert of #4911, to be re-added after more testing and configuration validation. The + eoshome vs eos storage drivers are to be adapted. + + https://github.com/cs3org/reva/pull/4939 + + * Enhancement #5028: Handle empty EOS traces + + https://github.com/cs3org/reva/pull/5028 + + * Enhancement #4911: Cephfs refactoring + make home layout configurable + + https://github.com/cs3org/reva/pull/4911 + + * Enhancement #4937: @labkode steps down as project owner + + Hugo (@labkode) steps down as project owner of Reva. + + https://github.com/cs3org/reva/pull/4937 + + * Enhancement #4579: Remove domain-specific code to other repos + + https://github.com/cs3org/reva/pull/4579 + + * Enhancement #4824: Refactor Ceph code + + https://github.com/cs3org/reva/pull/4824 + + * Enhancement #4797: Refactor CI jobs and bump to latest deps + + https://github.com/cs3org/reva/pull/4797 + + * Enhancement #4934: Access to EOS via tokens over gRPC + + As a guest account, accessing a file shared with you relies on a token that is generated on behalf + of the resource owner. This method, GenerateToken, has now been implemented in the EOS gRPC + client. Additionally, the HTTP client now takes tokens into account. + + https://github.com/cs3org/reva/pull/4934 + + * Enhancement #4870: Only load X509 on https + + Currently, the EOS HTTP Client always tries to read an X509 key pair from the file system (by + default, from /etc/grid-security/host{key,cert}.pem). This makes it harder to write unit + tests, as these fail when this key pair is not on the file system (which is the case for the test + pipeline as well). + + This PR introduces a fix for this problem, by only loading the X509 key pair if the scheme of the + EOS endpoint is https. Unit tests can then create a mock HTTP endpoint, which will not trigger + the loading of the key pair. + + https://github.com/cs3org/reva/pull/4870 + + * Enhancement #5014: Log app when creating EOS gRPC requests + + https://github.com/cs3org/reva/pull/5014 + + * Enhancement #4892: Do not read eos user ACLs any longer + + This PR drops the compatibility code to read eos user ACLs in the eos binary client, and aligns it + to the GRPC client. + + https://github.com/cs3org/reva/pull/4892 + + * Enhancement #4720: Differentiate quota for user types in EOS + + We now assign a different initial quota to users depending on their type, whether PRIMARY or + not. + + https://github.com/cs3org/reva/pull/4720 + + * Enhancement #4863: Favourites for eos/grpc + + https://github.com/cs3org/reva/pull/4863 + + * Enhancement #5013: Updated dependencies + moved to go 1.22 + + https://github.com/cs3org/reva/pull/5013 + + * Enhancement #4514: Pass lock holder metadata on uploads + + We now pass relevant metadata (lock id and lock holder) downstream on uploads, and handle the + case of conflicts due to lock mismatch. + + https://github.com/cs3org/reva/pull/4514 + + * Enhancement #4970: Improved logging on createHome + + https://github.com/cs3org/reva/pull/4970 + + * Enhancement #4984: Drop shadow namespaces + + This comes as part of the effort to operate EOS without being root, see + https://github.com/cs3org/reva/pull/4977 + + In this PR the post-home creation hook (and corresponding flag) is replaced by a + create_home_hook, and the following configuration parameters are suppressed: + + Shadow_namespace share_folder default_quota_bytes default_secondary_quota_bytes + default_quota_files uploads_namespace (unused) + + https://github.com/cs3org/reva/pull/4984 + + * Enhancement #4670: Ocm: support bearer token access + + This PR adds support for accessing remote OCM 1.1 shares via bearer token, as opposed to having + the shared secret in the URL only. In addition, the OCM client package is now part of the OCMD + server package, and the Discover methods have been all consolidated in one place. + + https://github.com/cs3org/reva/pull/4670 + + * Enhancement #4977: Do not use root on EOS + + Currently, the EOS drivers use root authentication for many different operations. This has + now been changed to use one of the following: * cbox, which is a sudo'er * daemon, for read-only + operations * the user himselft + + Note that home creation is excluded here as this will be tackled in a different PR. + + https://github.com/cs3org/reva/pull/4977/ + + From bb7dcda3a55aef3d4d2f64f8a9995ab594c141fb Mon Sep 17 00:00:00 2001 From: Giuseppe Lo Presti Date: Tue, 7 Jan 2025 11:02:58 +0100 Subject: [PATCH 05/27] Readded unreleased changelog folder --- changelog/unreleased/.gitkeep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog/unreleased/.gitkeep diff --git a/changelog/unreleased/.gitkeep b/changelog/unreleased/.gitkeep new file mode 100644 index 0000000000..e69de29bb2 From 4da81f7fa1518195acd4f882db1c9df4bf1d7eb8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 17:27:19 +0100 Subject: [PATCH 06/27] [Build-deps]: Bump golang.org/x/term from 0.27.0 to 0.28.0 (#5036) Bumps [golang.org/x/term](https://github.com/golang/term) from 0.27.0 to 0.28.0. - [Commits](https://github.com/golang/term/compare/v0.27.0...v0.28.0) --- updated-dependencies: - dependency-name: golang.org/x/term dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 6 ++++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 053d566da9..ed0d80303c 100644 --- a/go.mod +++ b/go.mod @@ -56,8 +56,8 @@ require ( golang.org/x/crypto v0.31.0 golang.org/x/oauth2 v0.24.0 golang.org/x/sync v0.10.0 - golang.org/x/sys v0.28.0 - golang.org/x/term v0.27.0 + golang.org/x/sys v0.29.0 + golang.org/x/term v0.28.0 google.golang.org/genproto v0.0.0-20241209162323-e6fa225c2576 google.golang.org/grpc v1.69.2 google.golang.org/protobuf v1.35.2 diff --git a/go.sum b/go.sum index dcc4671bf4..4e4560a403 100644 --- a/go.sum +++ b/go.sum @@ -1938,8 +1938,9 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= @@ -1957,8 +1958,9 @@ golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q= golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM= +golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= From 9cf997ce0cc0cb93be77728eb87d46fea85c5ba9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 17:34:13 +0100 Subject: [PATCH 07/27] [Build-deps]: Bump golang.org/x/oauth2 from 0.20.0 to 0.25.0 (#5027) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.20.0 to 0.25.0. - [Commits](https://github.com/golang/oauth2/compare/v0.20.0...v0.25.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ed0d80303c..8e6bad20c1 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( go.opencensus.io v0.24.0 go.step.sm/crypto v0.55.0 golang.org/x/crypto v0.31.0 - golang.org/x/oauth2 v0.24.0 + golang.org/x/oauth2 v0.25.0 golang.org/x/sync v0.10.0 golang.org/x/sys v0.29.0 golang.org/x/term v0.28.0 diff --git a/go.sum b/go.sum index 4e4560a403..3963aa8b79 100644 --- a/go.sum +++ b/go.sum @@ -1800,8 +1800,8 @@ golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= -golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE= -golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= +golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From 6ad3fe0c5aa20a780f65cd838ac80002ed8f9db9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 17:34:42 +0100 Subject: [PATCH 08/27] [Build-deps]: Bump github.com/onsi/gomega from 1.30.0 to 1.36.2 (#5021) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.30.0 to 1.36.2. - [Release notes](https://github.com/onsi/gomega/releases) - [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md) - [Commits](https://github.com/onsi/gomega/compare/v1.30.0...v1.36.2) --- updated-dependencies: - dependency-name: github.com/onsi/gomega dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 10 +++++----- go.sum | 31 +++++++++++++++++-------------- 2 files changed, 22 insertions(+), 19 deletions(-) diff --git a/go.mod b/go.mod index 8e6bad20c1..5b17a3ba8b 100644 --- a/go.mod +++ b/go.mod @@ -40,7 +40,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/nats-io/nats.go v1.37.0 github.com/onsi/ginkgo v1.16.5 - github.com/onsi/gomega v1.30.0 + github.com/onsi/gomega v1.36.2 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.20.5 github.com/rs/cors v1.11.1 @@ -60,7 +60,7 @@ require ( golang.org/x/term v0.28.0 google.golang.org/genproto v0.0.0-20241209162323-e6fa225c2576 google.golang.org/grpc v1.69.2 - google.golang.org/protobuf v1.35.2 + google.golang.org/protobuf v1.36.1 gotest.tools v2.2.0+incompatible ) @@ -121,10 +121,10 @@ require ( go.mongodb.org/mongo-driver v1.17.1 // indirect go.opentelemetry.io/otel v1.31.0 // indirect go.opentelemetry.io/otel/trace v1.31.0 // indirect - golang.org/x/mod v0.18.0 // indirect - golang.org/x/net v0.32.0 // indirect + golang.org/x/mod v0.22.0 // indirect + golang.org/x/net v0.33.0 // indirect golang.org/x/text v0.21.0 // indirect - golang.org/x/tools v0.22.0 // indirect + golang.org/x/tools v0.28.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect gopkg.in/src-d/go-errors.v1 v1.0.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect diff --git a/go.sum b/go.sum index 3963aa8b79..84c194f2b5 100644 --- a/go.sum +++ b/go.sum @@ -1006,9 +1006,10 @@ github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LB github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y= github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0 h1:p104kn46Q8WdvHunIJ9dAyjPVtrBPhSr3KT2yUst43I= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/gocraft/dbr/v2 v2.7.2 h1:ccUxMuz6RdZvD7VPhMRRMSS/ECF3gytPhPtcavjktHk= github.com/gocraft/dbr/v2 v2.7.2/go.mod h1:5bCqyIXO5fYn3jEp/L06QF4K1siFdhxChMjdNu6YJrg= @@ -1113,8 +1114,9 @@ github.com/google/pprof v0.0.0-20210122040257-d980be63207e/go.mod h1:kpwsk12EmLe github.com/google/pprof v0.0.0-20210226084205-cbba55b83ad5/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210601050228-01bbb1931b22/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= github.com/google/pprof v0.0.0-20210609004039-a478d1d731e9/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad h1:a6HEuzUHeKH6hwfN/ZoQgRgVIWFJljSWa/zetS2WTvg= +github.com/google/pprof v0.0.0-20241210010833-40e02aabc2ad/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= github.com/google/s2a-go v0.1.0/go.mod h1:OJpEgntRZo8ugHpF9hkoLJbS5dSI20XZeXJ9JVywLlM= github.com/google/s2a-go v0.1.3/go.mod h1:Ej+mSEMGRnqRzjc7VtF+jdBwYG5fuJfiZ8ELkjEwM0A= @@ -1379,14 +1381,14 @@ github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= -github.com/onsi/ginkgo/v2 v2.13.0 h1:0jY9lJquiL8fcf3M4LAXN5aMlS/b2BV86HFFPCPMgE4= -github.com/onsi/ginkgo/v2 v2.13.0/go.mod h1:TE309ZR8s5FsKKpuB1YAQYBzCaAfUgatB/xlT/ETL/o= +github.com/onsi/ginkgo/v2 v2.22.1 h1:QW7tbJAUDyVDVOM5dFa7qaybo+CRfR7bemlQUN6Z8aM= +github.com/onsi/ginkgo/v2 v2.22.1/go.mod h1:S6aTpoRsSq2cZOd+pssHAlKW/Q/jZt6cPrPlnj4a1xM= github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.5/go.mod h1:gza4q3jKQJijlu05nKWRCW/GavJumGt8aNRxWg7mt48= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/gomega v1.36.2 h1:koNYke6TVk6ZmnyHrCXba/T/MoLBXFjeC1PtvYgw0A8= +github.com/onsi/gomega v1.36.2/go.mod h1:DdwyADRjrc825LhMEkD76cHR5+pUnjhUN8GlHlRPHzY= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis= github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74= @@ -1687,8 +1689,8 @@ golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= -golang.org/x/mod v0.18.0 h1:5+9lSbEzPSdWkH32vYPBwEpX8KwDbM52Ud9xBUvNlb0= -golang.org/x/mod v0.18.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.22.0 h1:D4nJWe9zXqHOmWqj4VMOJhvzj7bEZg4wEYa759z1pH4= +golang.org/x/mod v0.22.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -1766,8 +1768,9 @@ golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI= golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= +golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2067,8 +2070,8 @@ golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s= golang.org/x/tools v0.9.1/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA= -golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c= +golang.org/x/tools v0.28.0 h1:WuB6qZ4RPCQo5aP3WdKZS7i595EdWqWR8vqJTlwTVK8= +golang.org/x/tools v0.28.0/go.mod h1:dcIOrVd3mfQKTgrDVQHqCPMWy6lnhfhtX3hLXYVLfRw= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -2396,8 +2399,8 @@ google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io= -google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= +google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/Acconut/lockfile.v1 v1.1.0/go.mod h1:6UCz3wJ8tSFUsPR6uP/j8uegEtDuEEqFxlpi0JI4Umw= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From 51e12b4ecf5806ce930d8870c07620e0b2c37edf Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Fri, 17 Jan 2025 11:42:20 +0100 Subject: [PATCH 09/27] Return an error when EOS returns an error in List (#5044) Co-authored-by: Jesse Geens --- changelog/unreleased/return-err-list.md | 6 ++++++ pkg/eosclient/eosgrpc/eosgrpc.go | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 changelog/unreleased/return-err-list.md diff --git a/changelog/unreleased/return-err-list.md b/changelog/unreleased/return-err-list.md new file mode 100644 index 0000000000..674b62433c --- /dev/null +++ b/changelog/unreleased/return-err-list.md @@ -0,0 +1,6 @@ +Bugfix: Return an error when EOS List errors + +If we get an error while reading items, we now return the error to the user and break off the List operation +We do not want to return a partial list, because then a sync client may delete local files that are missing on the server + +https://github.com/cs3org/reva/pull/5044 \ No newline at end of file diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index 49f82dd718..c9e18c737c 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -1259,12 +1259,12 @@ func (c *Client) List(ctx context.Context, auth eosclient.Authorization, dpath s break } - // We got an error while reading items. We log this as an error and we return - // the items we have + // We got an error while reading items. We return the error to the user and break off the List operation + // We do not want to return a partial list, because then a sync client may delete local files that are missing on the server log.Error().Err(err).Str("func", "List").Int("nitems", i).Str("path", dpath).Str("got err from EOS", err.Error()).Msg("") if i > 0 { log.Error().Str("path", dpath).Int("nitems", i).Msg("No more items, dirty exit") - return mylst, nil + return nil, errors.Wrap(err, "Error listing files") } } From 637e0fedb9655d0fbf79bf6a7acbb7c1ba3b4e8b Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Wed, 29 Jan 2025 10:34:07 +0100 Subject: [PATCH 10/27] Pseudo-transactionalize sharing (#5029) Co-authored-by: Jesse Geens --- changelog/unreleased/pseudo-tx-share.md | 8 +++ .../services/gateway/usershareprovider.go | 71 ++++++++++++------- .../usershareprovider/usershareprovider.go | 2 +- 3 files changed, 55 insertions(+), 26 deletions(-) create mode 100644 changelog/unreleased/pseudo-tx-share.md diff --git a/changelog/unreleased/pseudo-tx-share.md b/changelog/unreleased/pseudo-tx-share.md new file mode 100644 index 0000000000..837d487315 --- /dev/null +++ b/changelog/unreleased/pseudo-tx-share.md @@ -0,0 +1,8 @@ +Enhancement: pseudo-transactionalize sharing + +Currently, sharing is not transactionalized: setting ACLs and writing the share to the db is completely independent. In the current situation, shares are written to the db before setting the ACL, letting users falsely believe that they successfully shared a resource, even if setting the ACL afterwards fails. his enhancement improves the situation by doing the least reliable (setting ACLs on EOS) first: +a) first pinging the db +b) writing the ACLs +c) writing to the db + +https://github.com/cs3org/reva/pull/5029 \ No newline at end of file diff --git a/internal/grpc/services/gateway/usershareprovider.go b/internal/grpc/services/gateway/usershareprovider.go index 74e612b0c9..126a65060f 100644 --- a/internal/grpc/services/gateway/usershareprovider.go +++ b/internal/grpc/services/gateway/usershareprovider.go @@ -22,6 +22,7 @@ import ( "context" "fmt" "path" + "strings" userpb "github.com/cs3org/go-cs3apis/cs3/identity/user/v1beta1" rpc "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1" @@ -37,34 +38,42 @@ import ( "github.com/pkg/errors" ) -// TODO(labkode): add multi-phase commit logic when commit share or commit ref is enabled. func (s *svc) CreateShare(ctx context.Context, req *collaboration.CreateShareRequest) (*collaboration.CreateShareResponse, error) { if s.isSharedFolder(ctx, req.ResourceInfo.GetPath()) { return nil, errtypes.AlreadyExists("gateway: can't share the share folder itself") } - c, err := pool.GetUserShareProviderClient(pool.Endpoint(s.c.UserShareProviderEndpoint)) + log := appctx.GetLogger(ctx) + + shareClient, err := pool.GetUserShareProviderClient(pool.Endpoint(s.c.UserShareProviderEndpoint)) if err != nil { return &collaboration.CreateShareResponse{ Status: status.NewInternal(ctx, err, "error getting user share provider client"), }, nil } - // TODO the user share manager needs to be able to decide if the current user is allowed to create that share (and not eg. incerase permissions) - // jfd: AFAICT this can only be determined by a storage driver - either the storage provider is queried first or the share manager needs to access the storage using a storage driver - res, err := c.CreateShare(ctx, req) - if err != nil { - return nil, errors.Wrap(err, "gateway: error calling CreateShare") - } - if res.Status.Code != rpc.Code_CODE_OK { - return res, nil - } + // First we ping the db + // -------------------- + // See ADR-REVA-003 + _, err = shareClient.GetShare(ctx, &collaboration.GetShareRequest{ + Ref: &collaboration.ShareReference{ + Spec: &collaboration.ShareReference_Id{ + Id: &collaboration.ShareId{ + OpaqueId: "0", + }, + }, + }, + }) - // if we don't need to commit we return earlier - if !s.c.CommitShareToStorageGrant && !s.c.CommitShareToStorageRef { - return res, nil + // We expect a "not found" error when querying ID 0 + // error checking is kind of ugly, because we lose the original error object over grpc + if !strings.HasSuffix(err.Error(), errtypes.NotFound("0").Error()) { + return nil, errtypes.InternalError("ShareManager is not online") } + // Then we set ACLs on the storage layer + // ------------------------------------- + // TODO(labkode): if both commits are enabled they could be done concurrently. if s.c.CommitShareToStorageGrant { // If the share is a denial we call denyGrant instead. @@ -76,20 +85,32 @@ func (s *svc) CreateShare(ctx context.Context, req *collaboration.CreateShareReq if denyGrantStatus.Code != rpc.Code_CODE_OK { return &collaboration.CreateShareResponse{ Status: denyGrantStatus, - }, err + }, nil + } + } else { + addGrantStatus, err := s.addGrant(ctx, req.ResourceInfo.Id, req.Grant.Grantee, req.Grant.Permissions.Permissions) + if err != nil { + log.Error().Err(err).Str("ResourceInfo", req.ResourceInfo.String()).Str("Grantee", req.Grant.Grantee.String()).Str("Message", addGrantStatus.Message).Msg("Failed to Create Share: error during addGrant") + return nil, errors.Wrap(err, "gateway: error adding grant to storage") + } + if addGrantStatus.Code != rpc.Code_CODE_OK { + return &collaboration.CreateShareResponse{ + Status: addGrantStatus, + }, nil } - return res, nil } + } - addGrantStatus, err := s.addGrant(ctx, req.ResourceInfo.Id, req.Grant.Grantee, req.Grant.Permissions.Permissions) - if err != nil { - return nil, errors.Wrap(err, "gateway: error adding grant to storage") - } - if addGrantStatus.Code != rpc.Code_CODE_OK { - return &collaboration.CreateShareResponse{ - Status: addGrantStatus, - }, err - } + // Then we commit to the db + // ------------------------ + res, err := shareClient.CreateShare(ctx, req) + + if err != nil { + log.Error().Str("ResourceInfo", req.ResourceInfo.String()).Str("Grantee", req.Grant.Grantee.String()).Msg("Failed to Create Share but ACLs are already set") + return nil, errors.Wrap(err, "gateway: error calling CreateShare") + } + if res.Status.Code != rpc.Code_CODE_OK { + return nil, errors.New("ShareClient returned error: " + res.Status.Code.String() + ": " + res.Status.Message) } return res, nil diff --git a/internal/grpc/services/usershareprovider/usershareprovider.go b/internal/grpc/services/usershareprovider/usershareprovider.go index 6df38cb029..1bd566c289 100644 --- a/internal/grpc/services/usershareprovider/usershareprovider.go +++ b/internal/grpc/services/usershareprovider/usershareprovider.go @@ -172,7 +172,7 @@ func (s *service) GetShare(ctx context.Context, req *collaboration.GetShareReque if err != nil { return &collaboration.GetShareResponse{ Status: status.NewInternal(ctx, err, "error getting share"), - }, nil + }, err } return &collaboration.GetShareResponse{ From 0652f55f252de9cfeac2983af5562cc358ec18ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 10:35:03 +0100 Subject: [PATCH 11/27] [Build-deps]: Bump google.golang.org/protobuf from 1.36.1 to 1.36.4 (#5053) Bumps google.golang.org/protobuf from 1.36.1 to 1.36.4. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5b17a3ba8b..5d23c13ff2 100644 --- a/go.mod +++ b/go.mod @@ -60,7 +60,7 @@ require ( golang.org/x/term v0.28.0 google.golang.org/genproto v0.0.0-20241209162323-e6fa225c2576 google.golang.org/grpc v1.69.2 - google.golang.org/protobuf v1.36.1 + google.golang.org/protobuf v1.36.4 gotest.tools v2.2.0+incompatible ) diff --git a/go.sum b/go.sum index 84c194f2b5..d8fd2fb506 100644 --- a/go.sum +++ b/go.sum @@ -2399,8 +2399,8 @@ google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk= -google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= +google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/Acconut/lockfile.v1 v1.1.0/go.mod h1:6UCz3wJ8tSFUsPR6uP/j8uegEtDuEEqFxlpi0JI4Umw= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= From f697e1cd12af7182822bea2bb3b82002768c6434 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 10:41:19 +0100 Subject: [PATCH 12/27] [Build-deps]: Bump github.com/coreos/go-oidc/v3 from 3.11.0 to 3.12.0 (#5049) Bumps [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) from 3.11.0 to 3.12.0. - [Release notes](https://github.com/coreos/go-oidc/releases) - [Commits](https://github.com/coreos/go-oidc/compare/v3.11.0...v3.12.0) --- updated-dependencies: - dependency-name: github.com/coreos/go-oidc/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 5d23c13ff2..8a805189a6 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/ceph/go-ceph v0.30.0 github.com/cern-eos/go-eosgrpc v0.0.0-20240909164147-ad693be93181 github.com/cheggaaa/pb v1.0.29 - github.com/coreos/go-oidc/v3 v3.11.0 + github.com/coreos/go-oidc/v3 v3.12.0 github.com/creasty/defaults v1.8.0 github.com/cs3org/cato v0.0.0-20200828125504-e418fc54dd5e github.com/cs3org/go-cs3apis v0.0.0-20241105092511-3ad35d174fc1 diff --git a/go.sum b/go.sum index d8fd2fb506..5d7d3947f5 100644 --- a/go.sum +++ b/go.sum @@ -878,8 +878,8 @@ github.com/cncf/xds/go v0.0.0-20230310173818-32f1caf87195/go.mod h1:eXthEFrGJvWH github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= -github.com/coreos/go-oidc/v3 v3.11.0 h1:Ia3MxdwpSw702YW0xgfmP1GVCMA9aEFWu12XUZ3/OtI= -github.com/coreos/go-oidc/v3 v3.11.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0= +github.com/coreos/go-oidc/v3 v3.12.0 h1:sJk+8G2qq94rDI6ehZ71Bol3oUHy63qNYmkiSjrc/Jo= +github.com/coreos/go-oidc/v3 v3.12.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= From 9f14cb90257f1edecdf31c00975edcea49292075 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 12:05:36 +0100 Subject: [PATCH 13/27] [Build-deps]: Bump go.step.sm/crypto from 0.55.0 to 0.57.0 (#5048) Bumps [go.step.sm/crypto](https://github.com/smallstep/crypto) from 0.55.0 to 0.57.0. - [Release notes](https://github.com/smallstep/crypto/releases) - [Commits](https://github.com/smallstep/crypto/compare/v0.55.0...v0.57.0) --- updated-dependencies: - dependency-name: go.step.sm/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 10 +++++----- go.sum | 19 ++++++++++--------- 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/go.mod b/go.mod index 8a805189a6..b121d8638d 100644 --- a/go.mod +++ b/go.mod @@ -52,14 +52,14 @@ require ( github.com/tus/tusd v1.13.0 github.com/wk8/go-ordered-map v1.0.0 go.opencensus.io v0.24.0 - go.step.sm/crypto v0.55.0 - golang.org/x/crypto v0.31.0 + go.step.sm/crypto v0.57.0 + golang.org/x/crypto v0.32.0 golang.org/x/oauth2 v0.25.0 golang.org/x/sync v0.10.0 golang.org/x/sys v0.29.0 golang.org/x/term v0.28.0 google.golang.org/genproto v0.0.0-20241209162323-e6fa225c2576 - google.golang.org/grpc v1.69.2 + google.golang.org/grpc v1.69.4 google.golang.org/protobuf v1.36.4 gotest.tools v2.2.0+incompatible ) @@ -122,10 +122,10 @@ require ( go.opentelemetry.io/otel v1.31.0 // indirect go.opentelemetry.io/otel/trace v1.31.0 // indirect golang.org/x/mod v0.22.0 // indirect - golang.org/x/net v0.33.0 // indirect + golang.org/x/net v0.34.0 // indirect golang.org/x/text v0.21.0 // indirect golang.org/x/tools v0.28.0 // indirect - google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20250102185135-69823020774d // indirect gopkg.in/src-d/go-errors.v1 v1.0.0 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index 5d7d3947f5..ea1c0b754c 100644 --- a/go.sum +++ b/go.sum @@ -1585,8 +1585,8 @@ go.opentelemetry.io/otel/trace v1.31.0/go.mod h1:TXZkRk7SM2ZQLtR6eoAWQFIHPvzQ06F go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= go.opentelemetry.io/proto/otlp v0.15.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= go.opentelemetry.io/proto/otlp v0.19.0/go.mod h1:H7XAot3MsfNsj7EXtrA2q5xSNQ10UqI405h3+duxN4U= -go.step.sm/crypto v0.55.0 h1:575Q7NahuM/ZRxUVN1GkO2e1aDYQJqIIg+nbfOajQJk= -go.step.sm/crypto v0.55.0/go.mod h1:MgEmD1lgwsuzZwTgI0GwKapHjKVEQLVggSvHuf3bYnU= +go.step.sm/crypto v0.57.0 h1:YjoRQDaJYAxHLVwjst0Bl0xcnoKzVwuHCJtEo2VSHYU= +go.step.sm/crypto v0.57.0/go.mod h1:+Lwp5gOVPaTa3H/Ul/TzGbxQPXZZcKIUGMS0lG6n9Go= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -1625,8 +1625,9 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= -golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= +golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1769,8 +1770,8 @@ golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= -golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= -golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= +golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= +golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -2326,8 +2327,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20230706204954-ccb25ca9f130/go. google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= google.golang.org/genproto/googleapis/rpc v0.0.0-20230731190214-cbb8c96f2d6d/go.mod h1:TUfxEVdsvPg18p6AslUXFoLdpED4oBnGwyqk3dV1XzM= google.golang.org/genproto/googleapis/rpc v0.0.0-20230807174057-1744710a1577/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY= -google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576/go.mod h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250102185135-69823020774d h1:xJJRGY7TJcvIlpSrN3K6LAWgNFUILlO+OMAqtg9aqnw= +google.golang.org/genproto/googleapis/rpc v0.0.0-20250102185135-69823020774d/go.mod h1:3ENsm/5D1mzDyhpzeRi1NR784I0BcofWBoSc5QqqMK4= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM= @@ -2378,8 +2379,8 @@ google.golang.org/grpc v1.55.0/go.mod h1:iYEXKGkEBhg1PjZQvoYEVPTDkHo1/bjTnfwTeGO google.golang.org/grpc v1.56.1/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc v1.56.2/go.mod h1:I9bI3vqKfayGqPUAwGdOSu7kt6oIJLixfffKrpXqQ9s= google.golang.org/grpc v1.57.0/go.mod h1:Sd+9RMTACXwmub0zcNY2c4arhtrbBYD1AUHI/dt16Mo= -google.golang.org/grpc v1.69.2 h1:U3S9QEtbXC0bYNvRtcoklF3xGtLViumSYxWykJS+7AU= -google.golang.org/grpc v1.69.2/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= +google.golang.org/grpc v1.69.4 h1:MF5TftSMkd8GLw/m0KM6V8CMOCY6NZ1NQDPGFgbTt4A= +google.golang.org/grpc v1.69.4/go.mod h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4= google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= From a10ff4e4e82faa5823ede0e3acfbd5f1111e3ff9 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Mon, 3 Feb 2025 17:05:30 +0100 Subject: [PATCH 14/27] Fix for broken ListRevision in EOS Projects: we impersonate the owner for ListRevisions --- .../unreleased/listrevisions-impersonate.md | 5 ++ pkg/eosclient/eosgrpc/eosgrpc.go | 19 +++-- pkg/storage/utils/eosfs/eosfs.go | 79 +------------------ 3 files changed, 20 insertions(+), 83 deletions(-) create mode 100644 changelog/unreleased/listrevisions-impersonate.md diff --git a/changelog/unreleased/listrevisions-impersonate.md b/changelog/unreleased/listrevisions-impersonate.md new file mode 100644 index 0000000000..69f71fe307 --- /dev/null +++ b/changelog/unreleased/listrevisions-impersonate.md @@ -0,0 +1,5 @@ +Bugfix: impersonate owner on ListRevisions + +ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to, if so configured, do the call on behalf of the owner. + +https://github.com/cs3org/reva/pull/5064 \ No newline at end of file diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index c9e18c737c..706c1baf6a 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -1229,13 +1229,17 @@ func (c *Client) List(ctx context.Context, auth eosclient.Authorization, dpath s fdrq.Role = new(erpc.RoleId) uid, gid, err := utils.ExtractUidGid(auth) - if err != nil { - return nil, errors.Wrap(err, "Failed to extract uid/gid from auth") - } - fdrq.Role.Uid = uid - fdrq.Role.Gid = gid + if err == nil { + fdrq.Role.Uid = uid + fdrq.Role.Gid = gid - fdrq.Authkey = c.opt.Authkey + fdrq.Authkey = c.opt.Authkey + } else { + if auth.Token == "" { + return nil, errors.Wrap(err, "Failed to extract uid/gid from auth") + } + fdrq.Authkey = auth.Token + } // Now send the req and see what happens resp, err := c.cl.Find(appctx.ContextGetClean(ctx), fdrq) @@ -1580,8 +1584,7 @@ func (c *Client) ListVersions(ctx context.Context, auth eosclient.Authorization, versionFolder := getVersionFolder(p) finfos, err := c.List(ctx, auth, versionFolder) if err != nil { - // we send back an empty list - return []*eosclient.FileInfo{}, nil + return []*eosclient.FileInfo{}, err } return finfos, nil } diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index 8267b671b7..4ef5a5a51a 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1285,66 +1285,6 @@ func (fs *eosfs) CreateHome(ctx context.Context) error { return nil } -func (fs *eosfs) createUserDir(ctx context.Context, u *userpb.User, path string, recursiveAttr bool) error { - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return nil - } - - chownAuth, err := fs.getUserAuth(ctx, u, "") - if err != nil { - return err - } - - err = fs.c.CreateDir(ctx, rootAuth, path) - if err != nil { - // EOS will return success on mkdir over an existing directory. - return errors.Wrap(err, "eosfs: error creating dir") - } - - err = fs.c.Chown(ctx, rootAuth, chownAuth, path) - if err != nil { - return errors.Wrap(err, "eosfs: error chowning directory") - } - - err = fs.c.Chmod(ctx, rootAuth, "2700", path) - if err != nil { - return errors.Wrap(err, "eosfs: error chmoding directory") - } - - attrs := []*eosclient.Attribute{ - { - Type: SystemAttr, - Key: "mask", - Val: "700", - }, - { - Type: SystemAttr, - Key: "allow.oc.sync", - Val: "1", - }, - { - Type: SystemAttr, - Key: "mtime.propagation", - Val: "1", - }, - { - Type: SystemAttr, - Key: "forced.atomic", - Val: "1", - }, - } - - for _, attr := range attrs { - err = fs.c.SetAttr(ctx, rootAuth, attr, false, recursiveAttr, path, "") - if err != nil { - return errors.Wrap(err, "eosfs: error setting attribute") - } - } - - return nil -} - func (fs *eosfs) CreateDir(ctx context.Context, ref *provider.Reference) error { log := appctx.GetLogger(ctx) @@ -1478,8 +1418,7 @@ func (fs *eosfs) ListRevisions(ctx context.Context, ref *provider.Reference) ([] var auth eosclient.Authorization var fn string var err error - - if !fs.conf.EnableHome && fs.conf.ImpersonateOwnerforRevisions { + if !fs.conf.EnableHome { // We need to access the revisions for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1490,7 +1429,8 @@ func (fs *eosfs) ListRevisions(ctx context.Context, ref *provider.Reference) ([] fn = fs.wrap(ctx, md.Path) if md.PermissionSet.ListFileVersions { - auth, err = fs.getUIDGateway(ctx, md.Owner) + user := appctx.ContextMustGetUser(ctx) + auth, err = fs.getEOSToken(ctx, user, fn) if err != nil { return nil, err } @@ -2084,6 +2024,7 @@ func (fs *eosfs) getUserAuth(ctx context.Context, u *userpb.User, fn string) (eo return fs.extractUIDAndGID(u) } +// Generate an EOS token that acts on behalf of the owner of the file `fn` func (fs *eosfs) getEOSToken(ctx context.Context, u *userpb.User, fn string) (eosclient.Authorization, error) { if fn == "" { return eosclient.Authorization{}, errtypes.BadRequest("eosfs: path cannot be empty") @@ -2133,18 +2074,6 @@ func (fs *eosfs) getEOSToken(ctx context.Context, u *userpb.User, fn string) (eo return eosclient.Authorization{Token: tkn}, nil } -func (fs *eosfs) getRootAuth(ctx context.Context) (eosclient.Authorization, error) { - if fs.conf.ForceSingleUserMode { - if fs.singleUserAuth.Role.UID != "" && fs.singleUserAuth.Role.GID != "" { - return fs.singleUserAuth, nil - } - var err error - fs.singleUserAuth, err = fs.getUIDGateway(ctx, &userpb.UserId{OpaqueId: fs.conf.SingleUsername}) - return fs.singleUserAuth, err - } - return eosclient.Authorization{Role: eosclient.Role{UID: "0", GID: "0"}}, nil -} - // Returns an eosclient.Authorization object with the uid/gid of the daemon user // This is a system user with read-only access to files. // We use it e.g. when retrieving metadata from a file when accessing through a guest account, From 5b30162d2aa5644b1f3c094babd2e0645f7777d6 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Tue, 4 Feb 2025 11:54:17 +0100 Subject: [PATCH 15/27] Update CI --- .github/workflows/docker.yml | 2 +- changelog/unreleased/listrevisions-impersonate.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bae63b1ec7..e18955af60 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -50,7 +50,7 @@ jobs: push: ${{ inputs.push }} platforms: ${{ inputs.platforms }} - name: Upload ${{ steps.build.outputs.imageid }} Docker image to artifacts - uses: ishworkh/docker-image-artifact-upload@v1 + uses: ishworkh/container-image-artifact-upload@v2.0.0 if: inputs.load with: image: ${{ steps.build.outputs.imageid }} diff --git a/changelog/unreleased/listrevisions-impersonate.md b/changelog/unreleased/listrevisions-impersonate.md index 69f71fe307..eb9c76ef31 100644 --- a/changelog/unreleased/listrevisions-impersonate.md +++ b/changelog/unreleased/listrevisions-impersonate.md @@ -1,5 +1,5 @@ Bugfix: impersonate owner on ListRevisions -ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to, if so configured, do the call on behalf of the owner. +ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). https://github.com/cs3org/reva/pull/5064 \ No newline at end of file From 19a7a864d4888c2bf8179aad7fc9c7e7d7dd8407 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Tue, 4 Feb 2025 15:12:10 +0100 Subject: [PATCH 16/27] Fix for broken ListRevision in EOS Projects (#5064) * Fix for broken ListRevision in EOS Projects: we impersonate the owner for ListRevisions * Update CI --------- Co-authored-by: Jesse Geens --- .github/workflows/docker.yml | 2 +- .../unreleased/listrevisions-impersonate.md | 5 ++ pkg/eosclient/eosgrpc/eosgrpc.go | 19 +++-- pkg/storage/utils/eosfs/eosfs.go | 79 +------------------ 4 files changed, 21 insertions(+), 84 deletions(-) create mode 100644 changelog/unreleased/listrevisions-impersonate.md diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bae63b1ec7..e18955af60 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -50,7 +50,7 @@ jobs: push: ${{ inputs.push }} platforms: ${{ inputs.platforms }} - name: Upload ${{ steps.build.outputs.imageid }} Docker image to artifacts - uses: ishworkh/docker-image-artifact-upload@v1 + uses: ishworkh/container-image-artifact-upload@v2.0.0 if: inputs.load with: image: ${{ steps.build.outputs.imageid }} diff --git a/changelog/unreleased/listrevisions-impersonate.md b/changelog/unreleased/listrevisions-impersonate.md new file mode 100644 index 0000000000..eb9c76ef31 --- /dev/null +++ b/changelog/unreleased/listrevisions-impersonate.md @@ -0,0 +1,5 @@ +Bugfix: impersonate owner on ListRevisions + +ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). + +https://github.com/cs3org/reva/pull/5064 \ No newline at end of file diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index c9e18c737c..706c1baf6a 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -1229,13 +1229,17 @@ func (c *Client) List(ctx context.Context, auth eosclient.Authorization, dpath s fdrq.Role = new(erpc.RoleId) uid, gid, err := utils.ExtractUidGid(auth) - if err != nil { - return nil, errors.Wrap(err, "Failed to extract uid/gid from auth") - } - fdrq.Role.Uid = uid - fdrq.Role.Gid = gid + if err == nil { + fdrq.Role.Uid = uid + fdrq.Role.Gid = gid - fdrq.Authkey = c.opt.Authkey + fdrq.Authkey = c.opt.Authkey + } else { + if auth.Token == "" { + return nil, errors.Wrap(err, "Failed to extract uid/gid from auth") + } + fdrq.Authkey = auth.Token + } // Now send the req and see what happens resp, err := c.cl.Find(appctx.ContextGetClean(ctx), fdrq) @@ -1580,8 +1584,7 @@ func (c *Client) ListVersions(ctx context.Context, auth eosclient.Authorization, versionFolder := getVersionFolder(p) finfos, err := c.List(ctx, auth, versionFolder) if err != nil { - // we send back an empty list - return []*eosclient.FileInfo{}, nil + return []*eosclient.FileInfo{}, err } return finfos, nil } diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index 8267b671b7..4ef5a5a51a 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1285,66 +1285,6 @@ func (fs *eosfs) CreateHome(ctx context.Context) error { return nil } -func (fs *eosfs) createUserDir(ctx context.Context, u *userpb.User, path string, recursiveAttr bool) error { - rootAuth, err := fs.getRootAuth(ctx) - if err != nil { - return nil - } - - chownAuth, err := fs.getUserAuth(ctx, u, "") - if err != nil { - return err - } - - err = fs.c.CreateDir(ctx, rootAuth, path) - if err != nil { - // EOS will return success on mkdir over an existing directory. - return errors.Wrap(err, "eosfs: error creating dir") - } - - err = fs.c.Chown(ctx, rootAuth, chownAuth, path) - if err != nil { - return errors.Wrap(err, "eosfs: error chowning directory") - } - - err = fs.c.Chmod(ctx, rootAuth, "2700", path) - if err != nil { - return errors.Wrap(err, "eosfs: error chmoding directory") - } - - attrs := []*eosclient.Attribute{ - { - Type: SystemAttr, - Key: "mask", - Val: "700", - }, - { - Type: SystemAttr, - Key: "allow.oc.sync", - Val: "1", - }, - { - Type: SystemAttr, - Key: "mtime.propagation", - Val: "1", - }, - { - Type: SystemAttr, - Key: "forced.atomic", - Val: "1", - }, - } - - for _, attr := range attrs { - err = fs.c.SetAttr(ctx, rootAuth, attr, false, recursiveAttr, path, "") - if err != nil { - return errors.Wrap(err, "eosfs: error setting attribute") - } - } - - return nil -} - func (fs *eosfs) CreateDir(ctx context.Context, ref *provider.Reference) error { log := appctx.GetLogger(ctx) @@ -1478,8 +1418,7 @@ func (fs *eosfs) ListRevisions(ctx context.Context, ref *provider.Reference) ([] var auth eosclient.Authorization var fn string var err error - - if !fs.conf.EnableHome && fs.conf.ImpersonateOwnerforRevisions { + if !fs.conf.EnableHome { // We need to access the revisions for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1490,7 +1429,8 @@ func (fs *eosfs) ListRevisions(ctx context.Context, ref *provider.Reference) ([] fn = fs.wrap(ctx, md.Path) if md.PermissionSet.ListFileVersions { - auth, err = fs.getUIDGateway(ctx, md.Owner) + user := appctx.ContextMustGetUser(ctx) + auth, err = fs.getEOSToken(ctx, user, fn) if err != nil { return nil, err } @@ -2084,6 +2024,7 @@ func (fs *eosfs) getUserAuth(ctx context.Context, u *userpb.User, fn string) (eo return fs.extractUIDAndGID(u) } +// Generate an EOS token that acts on behalf of the owner of the file `fn` func (fs *eosfs) getEOSToken(ctx context.Context, u *userpb.User, fn string) (eosclient.Authorization, error) { if fn == "" { return eosclient.Authorization{}, errtypes.BadRequest("eosfs: path cannot be empty") @@ -2133,18 +2074,6 @@ func (fs *eosfs) getEOSToken(ctx context.Context, u *userpb.User, fn string) (eo return eosclient.Authorization{Token: tkn}, nil } -func (fs *eosfs) getRootAuth(ctx context.Context) (eosclient.Authorization, error) { - if fs.conf.ForceSingleUserMode { - if fs.singleUserAuth.Role.UID != "" && fs.singleUserAuth.Role.GID != "" { - return fs.singleUserAuth, nil - } - var err error - fs.singleUserAuth, err = fs.getUIDGateway(ctx, &userpb.UserId{OpaqueId: fs.conf.SingleUsername}) - return fs.singleUserAuth, err - } - return eosclient.Authorization{Role: eosclient.Role{UID: "0", GID: "0"}}, nil -} - // Returns an eosclient.Authorization object with the uid/gid of the daemon user // This is a system user with read-only access to files. // We use it e.g. when retrieving metadata from a file when accessing through a guest account, From b43b4e543bdd80f269e08406af2ff798b55cc663 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Wed, 5 Feb 2025 15:49:05 +0100 Subject: [PATCH 17/27] Also impersonate for project versions in case of download / restore --- changelog/unreleased/listrevisions-impersonate.md | 4 ++-- pkg/storage/utils/eosfs/config.go | 4 ---- pkg/storage/utils/eosfs/eosfs.go | 10 ++++++---- 3 files changed, 8 insertions(+), 10 deletions(-) diff --git a/changelog/unreleased/listrevisions-impersonate.md b/changelog/unreleased/listrevisions-impersonate.md index eb9c76ef31..f80d02f1c0 100644 --- a/changelog/unreleased/listrevisions-impersonate.md +++ b/changelog/unreleased/listrevisions-impersonate.md @@ -1,5 +1,5 @@ -Bugfix: impersonate owner on ListRevisions +Bugfix: impersonate owner on Revisions -ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). +List / Download / Restore Revisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). https://github.com/cs3org/reva/pull/5064 \ No newline at end of file diff --git a/pkg/storage/utils/eosfs/config.go b/pkg/storage/utils/eosfs/config.go index 86b54c7496..173349787e 100644 --- a/pkg/storage/utils/eosfs/config.go +++ b/pkg/storage/utils/eosfs/config.go @@ -126,10 +126,6 @@ type Config struct { // Only considered when EnableHome is false. AllowPathRecycleOperations bool `mapstructure:"allow_path_recycle_operations"` - // Whether we should impersonate the owner of a resource when trying to perform - // revisions-related operations. - ImpersonateOwnerforRevisions bool `mapstructure:"impersonate_owner_for_revisions"` - // HTTP connections to EOS: max number of idle conns MaxIdleConns int `mapstructure:"max_idle_conns"` diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index 4ef5a5a51a..5ea59221a3 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1464,7 +1464,7 @@ func (fs *eosfs) DownloadRevision(ctx context.Context, ref *provider.Reference, var fn string var err error - if !fs.conf.EnableHome && fs.conf.ImpersonateOwnerforRevisions { + if !fs.conf.EnableHome { // We need to access the revisions for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1475,7 +1475,8 @@ func (fs *eosfs) DownloadRevision(ctx context.Context, ref *provider.Reference, fn = fs.wrap(ctx, md.Path) if md.PermissionSet.InitiateFileDownload { - auth, err = fs.getUIDGateway(ctx, md.Owner) + user := appctx.ContextMustGetUser(ctx) + auth, err = fs.getEOSToken(ctx, user, fn) if err != nil { return nil, err } @@ -1497,7 +1498,7 @@ func (fs *eosfs) RestoreRevision(ctx context.Context, ref *provider.Reference, r var fn string var err error - if !fs.conf.EnableHome && fs.conf.ImpersonateOwnerforRevisions { + if !fs.conf.EnableHome { // We need to access the revisions for a non-home reference. // We'll get the owner of the particular resource and impersonate them // if we have access to it. @@ -1508,7 +1509,8 @@ func (fs *eosfs) RestoreRevision(ctx context.Context, ref *provider.Reference, r fn = fs.wrap(ctx, md.Path) if md.PermissionSet.RestoreFileVersion { - auth, err = fs.getUIDGateway(ctx, md.Owner) + user := appctx.ContextMustGetUser(ctx) + auth, err = fs.getEOSToken(ctx, user, fn) if err != nil { return err } From 63f3b9e0a4f07d47e4a0d0c5343f5c23b20bc4ac Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Wed, 5 Feb 2025 15:49:05 +0100 Subject: [PATCH 18/27] Also impersonate for project versions in case of download / restore --- changelog/unreleased/listrevisions-impersonate.md | 4 ++-- changelog/unreleased/revisions-impersonate | 5 +++++ 2 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/revisions-impersonate diff --git a/changelog/unreleased/listrevisions-impersonate.md b/changelog/unreleased/listrevisions-impersonate.md index f80d02f1c0..eb9c76ef31 100644 --- a/changelog/unreleased/listrevisions-impersonate.md +++ b/changelog/unreleased/listrevisions-impersonate.md @@ -1,5 +1,5 @@ -Bugfix: impersonate owner on Revisions +Bugfix: impersonate owner on ListRevisions -List / Download / Restore Revisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). +ListRevisions is currently broken for projects, because this happens on behalf of the user, instead of the owner of the file. This behaviour is changed to do the call on behalf of the owner (if we are in a non-home space). https://github.com/cs3org/reva/pull/5064 \ No newline at end of file diff --git a/changelog/unreleased/revisions-impersonate b/changelog/unreleased/revisions-impersonate new file mode 100644 index 0000000000..9c5c6af480 --- /dev/null +++ b/changelog/unreleased/revisions-impersonate @@ -0,0 +1,5 @@ +Bugfix: impersonate owner on Revisions + +The current implementation of Download / Restore Revisions is not consistent with ListRevisions, where we impersonate the owner in projects. We now also impersonate in the case of Download and Restore. + +https://github.com/cs3org/reva/pull/5072 \ No newline at end of file From bb9b46f99be2e63b99851a76c65061dc88be4b30 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:03:40 +0100 Subject: [PATCH 19/27] [Build-deps]: Bump github.com/go-ldap/ldap/v3 from 3.4.9 to 3.4.10 (#5037) Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.4.9 to 3.4.10. - [Release notes](https://github.com/go-ldap/ldap/releases) - [Commits](https://github.com/go-ldap/ldap/compare/v3.4.9...v3.4.10) --- updated-dependencies: - dependency-name: github.com/go-ldap/ldap/v3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index b121d8638d..d26ff57d6a 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/gdexlab/go-render v1.0.1 github.com/glpatcern/go-mime v0.0.0-20221026162842-2a8d71ad17a9 github.com/go-chi/chi/v5 v5.2.0 - github.com/go-ldap/ldap/v3 v3.4.9 + github.com/go-ldap/ldap/v3 v3.4.10 github.com/go-playground/locales v0.14.1 github.com/go-playground/universal-translator v0.18.1 github.com/go-playground/validator/v10 v10.23.0 diff --git a/go.sum b/go.sum index ea1c0b754c..49c0e8ad8c 100644 --- a/go.sum +++ b/go.sum @@ -976,8 +976,8 @@ github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBj github.com/go-kit/log v0.2.1/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-latex/latex v0.0.0-20210118124228-b3d85cf34e07/go.mod h1:CO1AlKB2CSIqUrmQPqA0gdRIlnLEY0gK5JGjh37zN5U= github.com/go-latex/latex v0.0.0-20210823091927-c0d11ff05a81/go.mod h1:SX0U8uGpxhq9o2S/CELCSUxEWWAuoCUcVCQWv7G2OCk= -github.com/go-ldap/ldap/v3 v3.4.9 h1:KxX9eO44/MpqPXVVMPJDB+k/35GEePHE/Jfvl7oRMUo= -github.com/go-ldap/ldap/v3 v3.4.9/go.mod h1:+CE/4PPOOdEPGTi2B7qXKQOq+pNBvXZtlBNcVZY0AWI= +github.com/go-ldap/ldap/v3 v3.4.10 h1:ot/iwPOhfpNVgB1o+AVXljizWZ9JTp7YF5oeyONmcJU= +github.com/go-ldap/ldap/v3 v3.4.10/go.mod h1:JXh4Uxgi40P6E9rdsYqpUtbW46D9UTjJ9QSwGRznplY= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= @@ -1624,7 +1624,6 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= @@ -1769,7 +1768,7 @@ golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= +golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= From efb5656e662d97396f174afcf40e0607501eb3d5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:04:02 +0100 Subject: [PATCH 20/27] [Build-deps]: Bump github.com/studio-b12/gowebdav from 0.9.0 to 0.10.0 (#5047) Bumps [github.com/studio-b12/gowebdav](https://github.com/studio-b12/gowebdav) from 0.9.0 to 0.10.0. - [Release notes](https://github.com/studio-b12/gowebdav/releases) - [Commits](https://github.com/studio-b12/gowebdav/compare/v0.9.0...v0.10.0) --- updated-dependencies: - dependency-name: github.com/studio-b12/gowebdav dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index d26ff57d6a..7c7e4b948e 100644 --- a/go.mod +++ b/go.mod @@ -47,7 +47,7 @@ require ( github.com/rs/zerolog v1.33.0 github.com/sethvargo/go-password v0.3.1 github.com/stretchr/testify v1.10.0 - github.com/studio-b12/gowebdav v0.9.0 + github.com/studio-b12/gowebdav v0.10.0 github.com/thanhpk/randstr v1.0.6 github.com/tus/tusd v1.13.0 github.com/wk8/go-ordered-map v1.0.0 diff --git a/go.sum b/go.sum index 49c0e8ad8c..36e59581b4 100644 --- a/go.sum +++ b/go.sum @@ -1534,8 +1534,8 @@ github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXl github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= -github.com/studio-b12/gowebdav v0.9.0 h1:1j1sc9gQnNxbXXM4M/CebPOX4aXYtr7MojAVcN4dHjU= -github.com/studio-b12/gowebdav v0.9.0/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE= +github.com/studio-b12/gowebdav v0.10.0 h1:Yewz8FFiadcGEu4hxS/AAJQlHelndqln1bns3hcJIYc= +github.com/studio-b12/gowebdav v0.10.0/go.mod h1:bHA7t77X/QFExdeAnDzK6vKM34kEZAcE1OX4MfiwjkE= github.com/thanhpk/randstr v1.0.6 h1:psAOktJFD4vV9NEVb3qkhRSMvYh4ORRaj1+w/hn4B+o= github.com/thanhpk/randstr v1.0.6/go.mod h1:M/H2P1eNLZzlDwAzpkkkUvoyNNMbzRGhESZuEQk3r0U= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= From 2bf9b40c2c364481a03f3b77fd508dd0c1a784c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:05:23 +0100 Subject: [PATCH 21/27] [Build-deps]: Bump github.com/nats-io/nats.go from 1.37.0 to 1.39.0 (#5074) Bumps [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) from 1.37.0 to 1.39.0. - [Release notes](https://github.com/nats-io/nats.go/releases) - [Commits](https://github.com/nats-io/nats.go/compare/v1.37.0...v1.39.0) --- updated-dependencies: - dependency-name: github.com/nats-io/nats.go dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 7c7e4b948e..39ca58a63a 100644 --- a/go.mod +++ b/go.mod @@ -38,7 +38,7 @@ require ( github.com/maxymania/go-system v0.0.0-20170110133659-647cc364bf0b github.com/mileusna/useragent v1.3.5 github.com/mitchellh/mapstructure v1.5.0 - github.com/nats-io/nats.go v1.37.0 + github.com/nats-io/nats.go v1.39.0 github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.36.2 github.com/pkg/errors v0.9.1 diff --git a/go.sum b/go.sum index 36e59581b4..963b5e2dce 100644 --- a/go.sum +++ b/go.sum @@ -1357,8 +1357,8 @@ github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5Vgl github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU= github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k= github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w= -github.com/nats-io/nats.go v1.37.0 h1:07rauXbVnnJvv1gfIyghFEo6lUcYRY0WXc3x7x0vUxE= -github.com/nats-io/nats.go v1.37.0/go.mod h1:Ubdu4Nh9exXdSz0RVWRFBbRfrbSxOYd26oF0wkWclB8= +github.com/nats-io/nats.go v1.39.0 h1:2/yg2JQjiYYKLwDuBzV0FbB2sIV+eFNkEevlRi4n9lI= +github.com/nats-io/nats.go v1.39.0/go.mod h1:MgRb8oOdigA6cYpEPhXJuRVH6UE/V4jblJ2jQ27IXYM= github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nkeys v0.4.9 h1:qe9Faq2Gxwi6RZnZMXfmGMZkg3afLLOtrU+gDZJ35b0= From 83bef5696a4a56e2cff8ec217a9d03f3b2741ce3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:56:51 +0100 Subject: [PATCH 22/27] [Build-deps]: Bump github.com/ceph/go-ceph from 0.30.0 to 0.32.0 (#5078) Bumps [github.com/ceph/go-ceph](https://github.com/ceph/go-ceph) from 0.30.0 to 0.32.0. - [Release notes](https://github.com/ceph/go-ceph/releases) - [Changelog](https://github.com/ceph/go-ceph/blob/master/docs/release-process.md) - [Commits](https://github.com/ceph/go-ceph/compare/v0.30.0...v0.32.0) --- updated-dependencies: - dependency-name: github.com/ceph/go-ceph dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 39ca58a63a..a45b1a011c 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/beevik/etree v1.4.1 github.com/bluele/gcache v0.0.2 github.com/c-bata/go-prompt v0.2.6 - github.com/ceph/go-ceph v0.30.0 + github.com/ceph/go-ceph v0.32.0 github.com/cern-eos/go-eosgrpc v0.0.0-20240909164147-ad693be93181 github.com/cheggaaa/pb v1.0.29 github.com/coreos/go-oidc/v3 v3.12.0 diff --git a/go.sum b/go.sum index 963b5e2dce..43243cba76 100644 --- a/go.sum +++ b/go.sum @@ -844,8 +844,8 @@ github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw= -github.com/ceph/go-ceph v0.30.0 h1:p/+rNnn9dUByrDhXfBFilVriRZKJghMJcts8N2wQ+ws= -github.com/ceph/go-ceph v0.30.0/go.mod h1:OJFju/Xmtb7ihHo/aXOayw6RhVOUGNke5EwTipwaf6A= +github.com/ceph/go-ceph v0.32.0 h1:iXRUGdPmH7h9Vf/WA1Dg3Wo1tgL7gcUbylfpbxrlGLs= +github.com/ceph/go-ceph v0.32.0/go.mod h1:42eoJzyLS3VREzqrg2ot44NtuluQZi55hFRSoLF36GQ= github.com/cern-eos/go-eosgrpc v0.0.0-20240909164147-ad693be93181 h1:2ZK/g0kTWuO98hM8uCuGnFwtljWhjI3k6nTQJLYj8vE= github.com/cern-eos/go-eosgrpc v0.0.0-20240909164147-ad693be93181/go.mod h1:ZiIzbg4sDO2MwYlspcnauUR2dfwZHUzxker+HP9k+20= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= From bcddacc4c52faa519326eb300c520a9075bfdcc1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:57:47 +0100 Subject: [PATCH 23/27] [Build-deps]: Bump github.com/go-playground/validator/v10 (#5079) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.23.0 to 10.25.0. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](https://github.com/go-playground/validator/compare/v10.23.0...v10.25.0) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index a45b1a011c..4274816f0f 100644 --- a/go.mod +++ b/go.mod @@ -22,7 +22,7 @@ require ( github.com/go-ldap/ldap/v3 v3.4.10 github.com/go-playground/locales v0.14.1 github.com/go-playground/universal-translator v0.18.1 - github.com/go-playground/validator/v10 v10.23.0 + github.com/go-playground/validator/v10 v10.25.0 github.com/go-sql-driver/mysql v1.8.1 github.com/gofrs/uuid v4.4.0+incompatible github.com/golang-jwt/jwt v3.2.2+incompatible @@ -79,7 +79,7 @@ require ( github.com/dustin/go-humanize v1.0.1 // indirect github.com/fatih/color v1.16.0 // indirect github.com/fsnotify/fsnotify v1.4.9 // indirect - github.com/gabriel-vasile/mimetype v1.4.7 // indirect + github.com/gabriel-vasile/mimetype v1.4.8 // indirect github.com/go-asn1-ber/asn1-ber v1.5.7 // indirect github.com/go-jose/go-jose/v4 v4.0.4 // indirect github.com/go-kit/kit v0.10.0 // indirect diff --git a/go.sum b/go.sum index 43243cba76..5af38be569 100644 --- a/go.sum +++ b/go.sum @@ -946,8 +946,8 @@ github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/gabriel-vasile/mimetype v1.4.7 h1:SKFKl7kD0RiPdbht0s7hFtjl489WcQ1VyPW8ZzUMYCA= -github.com/gabriel-vasile/mimetype v1.4.7/go.mod h1:GDlAgAyIRT27BhFl53XNAFtfjzOkLaF35JdEG0P7LtU= +github.com/gabriel-vasile/mimetype v1.4.8 h1:FfZ3gj38NjllZIeJAmMhr+qKL8Wu+nOoI3GqacKw1NM= +github.com/gabriel-vasile/mimetype v1.4.8/go.mod h1:ByKUIKGjh1ODkGM1asKUbQZOLGrPjydw3hYPU2YU9t8= github.com/gdexlab/go-render v1.0.1 h1:rxqB3vo5s4n1kF0ySmoNeSPRYkEsyHgln4jFIQY7v0U= github.com/gdexlab/go-render v1.0.1/go.mod h1:wRi5nW2qfjiGj4mPukH4UV0IknS1cHD4VgFTmJX5JzM= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= @@ -998,8 +998,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= -github.com/go-playground/validator/v10 v10.23.0 h1:/PwmTwZhS0dPkav3cdK9kV1FsAmrL8sThn8IHr/sO+o= -github.com/go-playground/validator/v10 v10.23.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/go-playground/validator/v10 v10.25.0 h1:5Dh7cjvzR7BRZadnsVOzPhWsrwUr0nmsZJxEAnFLNO8= +github.com/go-playground/validator/v10 v10.25.0/go.mod h1:GGzBIJMuE98Ic/kJsBXbz1x/7cByt++cQ+YOuDM5wus= github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= From 483081473965ff39a43981012e3ca3650905281b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 16:47:25 +0100 Subject: [PATCH 24/27] [Build-deps]: Bump golang.org/x/oauth2 from 0.25.0 to 0.26.0 (#5073) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.25.0 to 0.26.0. - [Commits](https://github.com/golang/oauth2/compare/v0.25.0...v0.26.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 4274816f0f..44a3b5da37 100644 --- a/go.mod +++ b/go.mod @@ -54,7 +54,7 @@ require ( go.opencensus.io v0.24.0 go.step.sm/crypto v0.57.0 golang.org/x/crypto v0.32.0 - golang.org/x/oauth2 v0.25.0 + golang.org/x/oauth2 v0.26.0 golang.org/x/sync v0.10.0 golang.org/x/sys v0.29.0 golang.org/x/term v0.28.0 diff --git a/go.sum b/go.sum index 5af38be569..b377322827 100644 --- a/go.sum +++ b/go.sum @@ -1803,8 +1803,8 @@ golang.org/x/oauth2 v0.7.0/go.mod h1:hPLQkd9LyjfXTiRohC/41GhcFqxisoUQ99sCUOHO9x4 golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= -golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= -golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE= +golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= From fc2db0b2e4d71712c1d7634e6e32c95beca864e4 Mon Sep 17 00:00:00 2001 From: Giuseppe Lo Presti Date: Thu, 20 Feb 2025 14:05:22 +0100 Subject: [PATCH 25/27] apps: log viewmode in the returning app URL message (#5080) --- changelog/unreleased/fix-app-log.md | 3 +++ internal/http/services/appprovider/appprovider.go | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) create mode 100644 changelog/unreleased/fix-app-log.md diff --git a/changelog/unreleased/fix-app-log.md b/changelog/unreleased/fix-app-log.md new file mode 100644 index 0000000000..ab4d975575 --- /dev/null +++ b/changelog/unreleased/fix-app-log.md @@ -0,0 +1,3 @@ +Enhancement: log viewmode in the returning app URL message + +https://github.com/cs3org/reva/pull/5080 diff --git a/internal/http/services/appprovider/appprovider.go b/internal/http/services/appprovider/appprovider.go index 9d1483b7a4..a2b8ce4552 100644 --- a/internal/http/services/appprovider/appprovider.go +++ b/internal/http/services/appprovider/appprovider.go @@ -435,7 +435,7 @@ func (s *svc) handleOpen(w http.ResponseWriter, r *http.Request) { } log := appctx.GetLogger(ctx) - log.Info().Interface("resource", fileRef).Str("url", openRes.AppUrl.AppUrl).Str("method", openRes.AppUrl.Method).Interface("target", openRes.AppUrl.Target).Msg("returning app URL for file") + log.Info().Interface("resource", fileRef).Str("url", openRes.AppUrl.AppUrl).Str("method", openRes.AppUrl.Method).Interface("viewMode", viewMode).Msg("returning app URL for file") w.Header().Set("Content-Type", "application/json") if _, err = w.Write(js); err != nil { From 84a2d22b3b3e945a9dca63500c61064d5b5fd2d6 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Thu, 20 Feb 2025 15:32:20 +0100 Subject: [PATCH 26/27] Replaced availablebytes -> totalbytes, as this was erroneously used (#5082) --- changelog/unreleased/broken-quota.md | 5 +++++ pkg/eosclient/eosbinary/eosbinary.go | 8 ++++---- pkg/eosclient/eosclient.go | 6 +++--- pkg/eosclient/eosgrpc/eosgrpc.go | 12 ++---------- pkg/storage/utils/eosfs/eosfs.go | 4 ++-- 5 files changed, 16 insertions(+), 19 deletions(-) create mode 100644 changelog/unreleased/broken-quota.md diff --git a/changelog/unreleased/broken-quota.md b/changelog/unreleased/broken-quota.md new file mode 100644 index 0000000000..7bd85be519 --- /dev/null +++ b/changelog/unreleased/broken-quota.md @@ -0,0 +1,5 @@ +Bugfix: wrong quota total reported + +The EOS `QuotaInfo` struct had fields for `AvailableBytes` and `AvailableInodes`, but these were used to mean the total. This is fixed now. + +https://github.com/cs3org/reva/pull/5082 \ No newline at end of file diff --git a/pkg/eosclient/eosbinary/eosbinary.go b/pkg/eosclient/eosbinary/eosbinary.go index cd38d26d45..cc1b84a0a1 100644 --- a/pkg/eosclient/eosbinary/eosbinary.go +++ b/pkg/eosclient/eosbinary/eosbinary.go @@ -1073,10 +1073,10 @@ func (c *Client) parseQuota(path, raw string) (*eosclient.QuotaInfo, error) { usedInodes, _ := strconv.ParseUint(usedInodesString, 10, 64) qi := &eosclient.QuotaInfo{ - AvailableBytes: maxBytes, - UsedBytes: usedBytes, - AvailableInodes: maxInodes, - UsedInodes: usedInodes, + TotalBytes: maxBytes, + UsedBytes: usedBytes, + TotalInodes: maxInodes, + UsedInodes: usedInodes, } return qi, nil } diff --git a/pkg/eosclient/eosclient.go b/pkg/eosclient/eosclient.go index bbbf31a428..c3e436a535 100644 --- a/pkg/eosclient/eosclient.go +++ b/pkg/eosclient/eosclient.go @@ -110,11 +110,11 @@ type Checksum struct { XSType string } -// QuotaInfo reports the available bytes and inodes for a particular user. +// QuotaInfo reports the total and used bytes and inodes for a particular user. // eos reports all quota values are unsigned long, see https://github.com/cern-eos/eos/blob/93515df8c0d5a858982853d960bec98f983c1285/mgm/Quota.hh#L135 type QuotaInfo struct { - AvailableBytes, UsedBytes uint64 - AvailableInodes, UsedInodes uint64 + TotalBytes, UsedBytes uint64 + TotalInodes, UsedInodes uint64 } // SetQuotaInfo encapsulates the information needed to diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index 706c1baf6a..452f7912f6 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -852,18 +852,10 @@ func (c *Client) GetQuota(ctx context.Context, username string, rootAuth eosclie for i := 0; i < len(resp.Quota.Quotanode); i++ { log.Debug().Str("func", "GetQuota").Str("quotanode:", fmt.Sprintf("%d: %#v", i, resp.Quota.Quotanode[i])).Msg("") - mx := int64(resp.Quota.Quotanode[i].Maxlogicalbytes) - int64(resp.Quota.Quotanode[i].Usedbytes) - if mx < 0 { - mx = 0 - } - qi.AvailableBytes += uint64(mx) + qi.TotalBytes += max(uint64(resp.Quota.Quotanode[i].Maxlogicalbytes), 0) qi.UsedBytes += resp.Quota.Quotanode[i].Usedbytes - mx = int64(resp.Quota.Quotanode[i].Maxfiles) - int64(resp.Quota.Quotanode[i].Usedfiles) - if mx < 0 { - mx = 0 - } - qi.AvailableInodes += uint64(mx) + qi.TotalInodes += max(uint64(resp.Quota.Quotanode[i].Maxfiles), 0) qi.UsedInodes += resp.Quota.Quotanode[i].Usedfiles } diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index 5ea59221a3..5f56b96109 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -1202,7 +1202,7 @@ func (fs *eosfs) CreateStorageSpace(ctx context.Context, req *provider.CreateSto return nil, fmt.Errorf("unimplemented: CreateStorageSpace") } -func (fs *eosfs) GetQuota(ctx context.Context, ref *provider.Reference) (uint64, uint64, error) { +func (fs *eosfs) GetQuota(ctx context.Context, ref *provider.Reference) (totalbytes, usedbytes uint64, err error) { u, err := utils.GetUser(ctx) if err != nil { return 0, 0, errors.Wrap(err, "eosfs: no user in ctx") @@ -1221,7 +1221,7 @@ func (fs *eosfs) GetQuota(ctx context.Context, ref *provider.Reference) (uint64, return 0, 0, err } - return qi.AvailableBytes, qi.UsedBytes, nil + return qi.TotalBytes, qi.UsedBytes, nil } func (fs *eosfs) GetHome(ctx context.Context) (string, error) { From 7c299e3c620b19e7da6b42acf298602119c34067 Mon Sep 17 00:00:00 2001 From: Jesse Geens Date: Thu, 20 Feb 2025 16:33:48 +0100 Subject: [PATCH 27/27] Fix usedbytes -> usedlogicalbytes (#5084) --- changelog/unreleased/quota-logical.md | 5 +++++ pkg/eosclient/eosgrpc/eosgrpc.go | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 changelog/unreleased/quota-logical.md diff --git a/changelog/unreleased/quota-logical.md b/changelog/unreleased/quota-logical.md new file mode 100644 index 0000000000..48441a92cb --- /dev/null +++ b/changelog/unreleased/quota-logical.md @@ -0,0 +1,5 @@ +Bugfix: use logicalbytes instead of bytes + +EOS gRPC used `usedbytes` instead of `usedlogicalbytes` for calculating quota, resulting in a wrong view + +https://github.com/cs3org/reva/pull/5084 \ No newline at end of file diff --git a/pkg/eosclient/eosgrpc/eosgrpc.go b/pkg/eosclient/eosgrpc/eosgrpc.go index 452f7912f6..a03765e707 100644 --- a/pkg/eosclient/eosgrpc/eosgrpc.go +++ b/pkg/eosclient/eosgrpc/eosgrpc.go @@ -853,7 +853,7 @@ func (c *Client) GetQuota(ctx context.Context, username string, rootAuth eosclie log.Debug().Str("func", "GetQuota").Str("quotanode:", fmt.Sprintf("%d: %#v", i, resp.Quota.Quotanode[i])).Msg("") qi.TotalBytes += max(uint64(resp.Quota.Quotanode[i].Maxlogicalbytes), 0) - qi.UsedBytes += resp.Quota.Quotanode[i].Usedbytes + qi.UsedBytes += resp.Quota.Quotanode[i].Usedlogicalbytes qi.TotalInodes += max(uint64(resp.Quota.Quotanode[i].Maxfiles), 0) qi.UsedInodes += resp.Quota.Quotanode[i].Usedfiles