bump reva and add config options

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

go.mod

@@ -13,7 +13,7 @@ require (
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/coreos/go-oidc/v3 v3.9.0
 	github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781
-	github.com/cs3org/reva/v2 v2.18.1-0.20240208163049-039a779e377b
+	github.com/cs3org/reva/v2 v2.18.1-0.20240220100621-283b39bc20e6
 	github.com/dhowden/tag v0.0.0-20230630033851-978a0926ee25
 	github.com/disintegration/imaging v1.6.2
 	github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e

go.sum

@@ -1019,8 +1019,8 @@ github.com/crewjam/saml v0.4.14 h1:g9FBNx62osKusnFzs3QTN5L9CVA/Egfgm+stJShzw/c=
 github.com/crewjam/saml v0.4.14/go.mod h1:UVSZCf18jJkk6GpWNVqcyQJMD5HsRugBPf4I1nl2mME=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781 h1:BUdwkIlf8IS2FasrrPg8gGPHQPOrQ18MS1Oew2tmGtY=
 github.com/cs3org/go-cs3apis v0.0.0-20231023073225-7748710e0781/go.mod h1:UXha4TguuB52H14EMoSsCqDj7k8a/t7g4gVP+bgY5LY=
-github.com/cs3org/reva/v2 v2.18.1-0.20240208163049-039a779e377b h1:nTKOX+nyoljL7CDnfEjec7nzUKc1+7Jc89Q/uRRc2Zs=
-github.com/cs3org/reva/v2 v2.18.1-0.20240208163049-039a779e377b/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
+github.com/cs3org/reva/v2 v2.18.1-0.20240220100621-283b39bc20e6 h1:9O1K3ZaeK5752WYKqRH+ESnS/zIEZpl+ss6FsYnpUmc=
+github.com/cs3org/reva/v2 v2.18.1-0.20240220100621-283b39bc20e6/go.mod h1:GRUrOp5HbFVwZTgR9bVrMZ/MvVy+Jhxw1PdMmhhKP9E=
 github.com/cyberdelia/templates v0.0.0-20141128023046-ca7fffd4298c/go.mod h1:GyV+0YP4qX0UQ7r2MoYZ+AvYDp12OF5yg4q8rGnyNh4=
 github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg=
 github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4=

services/sharing/pkg/config/config.go

@@ -21,6 +21,8 @@ type Config struct {
 
 	SkipUserGroupsInToken bool `yaml:"skip_user_groups_in_token" env:"SHARING_SKIP_USER_GROUPS_IN_TOKEN" desc:"Disables the loading of user's group memberships from the reva access token."`
 
+	EnableResharing bool `yaml:"enable_resharing" env:"OCIS_ENABLE_RESHARING;SHARING_ENABLE_RESHARING" desc:"Changing this value is NOT supported. Enables the support for resharing."`
+
 	UserSharingDriver              string               `yaml:"user_sharing_driver" env:"SHARING_USER_DRIVER" desc:"Driver to be used to persist shares. Supported values are 'jsoncs3', 'json', 'cs3' (deprecated) and 'owncloudsql'."`
 	UserSharingDrivers             UserSharingDrivers   `yaml:"user_sharing_drivers"`
 	PublicSharingDriver            string               `yaml:"public_sharing_driver" env:"SHARING_PUBLIC_DRIVER" desc:"Driver to be used to persist public shares. Supported values are 'jsoncs3', 'json' and 'cs3' (deprecated)."`

services/sharing/pkg/config/defaults/defaultconfig.go

@@ -35,6 +35,7 @@ func DefaultConfig() *config.Config {
 			Name: "sharing",
 		},
 		Reva:              shared.DefaultRevaConfig(),
+		EnableResharing:   true,
 		UserSharingDriver: "jsoncs3",
 		UserSharingDrivers: config.UserSharingDrivers{
 			JSON: config.UserSharingJSONDriver{

services/sharing/pkg/revaconfig/config.go

@@ -86,6 +86,7 @@ func SharingConfigFromStruct(cfg *config.Config, logger log.Logger) (map[string]
 							},
 						},
 					},
+					"disable_resharing": cfg.EnableResharing,
 				},
 				"publicshareprovider": map[string]interface{}{
 					"gateway_addr":                       cfg.Reva.Address,

services/storage-users/pkg/config/config.go

@@ -84,6 +84,17 @@ type HTTPConfig struct {
 	Namespace string `yaml:"-"`
 	Protocol  string `yaml:"protocol" env:"STORAGE_USERS_HTTP_PROTOCOL" desc:"The transport protocol of the HTTP service."`
 	Prefix    string
+	CORS      CORS `yaml:"cors"`
+}
+
+// CORS defines the available cors configuration.
+type CORS struct {
+	AllowedOrigins   []string `yaml:"allow_origins" env:"OCIS_CORS_ALLOW_ORIGINS;STORAGE_USERS_CORS_ALLOW_ORIGINS" desc:"A list of allowed CORS origins. See following chapter for more details: *Access-Control-Allow-Origin* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin. See the Environment Variable Types description for more details."`
+	AllowedMethods   []string `yaml:"allow_methods" env:"OCIS_CORS_ALLOW_METHODS;STORAGE_USERS_CORS_ALLOW_METHODS" desc:"A list of allowed CORS methods. See following chapter for more details: *Access-Control-Request-Method* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method. See the Environment Variable Types description for more details."`
+	AllowedHeaders   []string `yaml:"allow_headers" env:"OCIS_CORS_ALLOW_HEADERS;STORAGE_USERS_CORS_ALLOW_HEADERS" desc:"A list of allowed CORS headers. See following chapter for more details: *Access-Control-Request-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers. See the Environment Variable Types description for more details."`
+	AllowCredentials bool     `yaml:"allow_credentials" env:"OCIS_CORS_ALLOW_CREDENTIALS;STORAGE_USERS_CORS_ALLOW_CREDENTIALS" desc:"Allow credentials for CORS.See following chapter for more details: *Access-Control-Allow-Credentials* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials."`
+	ExposedHeaders   []string `yaml:"expose_headers" env:"OCIS_CORS_EXPOSE_HEADERS;STORAGE_USERS_CORS_EXPOSE_HEADERS" desc:"A list of exposed CORS headers. See following chapter for more details: *Access-Control-Expose-Headers* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers. See the Environment Variable Types description for more details."`
+	MaxAge           uint     `yaml:"max_age" env:"OCIS_CORS_MAX_AGE;STORAGE_USERS_CORS_MAX_AGE" desc:"The max cache duration of preflight headers. See following chapter for more details: *Access-Control-Max-Age* at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age. See the Environment Variable Types description for more details."`
 }
 
 // Drivers combine all storage driver configurations
@@ -132,14 +143,20 @@ type S3NGDriver struct {
 	Propagator             string                 `yaml:"propagator" env:"OCIS_DECOMPOSEDFS_PROPAGATOR;STORAGE_USERS_S3NG_PROPAGATOR" desc:"The propagator used for decomposedfs. At the moment, only 'sync' is fully supported, 'async' is available as an experimental option."`
 	AsyncPropagatorOptions AsyncPropagatorOptions `yaml:"async_propagator_options"`
 	// Root is the absolute path to the location of the data
-	Root                string `yaml:"root" env:"STORAGE_USERS_S3NG_ROOT" desc:"The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users."`
-	UserLayout          string `yaml:"user_layout" env:"STORAGE_USERS_S3NG_USER_LAYOUT" desc:"Template string for the user storage layout in the user directory."`
-	PermissionsEndpoint string `yaml:"permissions_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT" desc:"Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'."`
-	Region              string `yaml:"region" env:"STORAGE_USERS_S3NG_REGION" desc:"Region of the S3 bucket."`
-	AccessKey           string `yaml:"access_key" env:"STORAGE_USERS_S3NG_ACCESS_KEY" desc:"Access key for the S3 bucket."`
-	SecretKey           string `yaml:"secret_key" env:"STORAGE_USERS_S3NG_SECRET_KEY" desc:"Secret key for the S3 bucket."`
-	Endpoint            string `yaml:"endpoint" env:"STORAGE_USERS_S3NG_ENDPOINT" desc:"Endpoint for the S3 bucket."`
-	Bucket              string `yaml:"bucket" env:"STORAGE_USERS_S3NG_BUCKET" desc:"Name of the S3 bucket."`
+	Root                  string `yaml:"root" env:"STORAGE_USERS_S3NG_ROOT" desc:"The directory where the filesystem storage will store metadata for blobs. If not defined, the root directory derives from $OCIS_BASE_DATA_PATH:/storage/users."`
+	UserLayout            string `yaml:"user_layout" env:"STORAGE_USERS_S3NG_USER_LAYOUT" desc:"Template string for the user storage layout in the user directory."`
+	PermissionsEndpoint   string `yaml:"permissions_endpoint" env:"STORAGE_USERS_PERMISSION_ENDPOINT;STORAGE_USERS_S3NG_PERMISSIONS_ENDPOINT" desc:"Endpoint of the permissions service. The endpoints can differ for 'ocis' and 's3ng'."`
+	Region                string `yaml:"region" env:"STORAGE_USERS_S3NG_REGION" desc:"Region of the S3 bucket."`
+	AccessKey             string `yaml:"access_key" env:"STORAGE_USERS_S3NG_ACCESS_KEY" desc:"Access key for the S3 bucket."`
+	SecretKey             string `yaml:"secret_key" env:"STORAGE_USERS_S3NG_SECRET_KEY" desc:"Secret key for the S3 bucket."`
+	Endpoint              string `yaml:"endpoint" env:"STORAGE_USERS_S3NG_ENDPOINT" desc:"Endpoint for the S3 bucket."`
+	Bucket                string `yaml:"bucket" env:"STORAGE_USERS_S3NG_BUCKET" desc:"Name of the S3 bucket."`
+	DisableContentSha256  bool   `yaml:"put_object_disable_content_sha254" env:"STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_CONTENT_SHA256" desc:"Disable sending content sha256 when copying objects to S3."`
+	DisableMultipart      bool   `yaml:"put_object_disable_multipart" env:"STORAGE_USERS_S3NG_PUT_OBJECT_DISABLE_MULTIPART" desc:"Disable multipart uploads when copying objects to S3"`
+	SendContentMd5        bool   `yaml:"put_object_send_content_md5" env:"STORAGE_USERS_S3NG_PUT_OBJECT_SEND_CONTENT_MD5" desc:"Send a Content-MD5 header when copying objects to S3."`
+	ConcurrentStreamParts bool   `yaml:"put_object_concurrent_stream_parts" env:"STORAGE_USERS_S3NG_PUT_OBJECT_CONCURRENT_STREAM_PARTS" desc:"Always precreate parts when copying objects to S3."`
+	NumThreads            uint   `yaml:"put_object_num_threads" env:"STORAGE_USERS_S3NG_PUT_OBJECT_NUM_THREADS" desc:"Number of concurrent uploads to use when copying objects to S3."`
+	PartSize              uint64 `yaml:"put_object_part_size" env:"STORAGE_USERS_S3NG_PUT_OBJECT_PART_SIZE" desc:"Part size for concurrent uploads to S3."`
 	// PersonalSpaceAliasTemplate  contains the template used to construct
 	// the personal space alias, eg: `"{{.SpaceType}}/{{.User.Username | lower}}"`
 	PersonalSpaceAliasTemplate string `yaml:"personalspacealias_template" env:"STORAGE_USERS_S3NG_PERSONAL_SPACE_ALIAS_TEMPLATE" desc:"Template string to construct personal space aliases."`

services/storage-users/pkg/config/defaults/defaultconfig.go

@@ -37,6 +37,49 @@ func DefaultConfig() *config.Config {
 			Namespace: "com.owncloud.web",
 			Protocol:  "tcp",
 			Prefix:    "data",
+			CORS: config.CORS{
+				AllowedOrigins: []string{"*"},
+				AllowedMethods: []string{
+					"POST",
+					"HEAD",
+					"PATCH",
+					"OPTIONS",
+					"GET",
+					"DELETE",
+				},
+				AllowedHeaders: []string{
+					"Authorization",
+					"Origin",
+					"X-Requested-With",
+					"X-Request-Id",
+					"X-HTTP-Method-Override",
+					"Content-Type",
+					"Upload-Length",
+					"Upload-Offset",
+					"Tus-Resumable",
+					"Upload-Metadata",
+					"Upload-Defer-Length",
+					"Upload-Concat",
+					"Upload-Incomplete",
+					"Upload-Draft-Interop-Version",
+				},
+				AllowCredentials: true,
+				ExposedHeaders: []string{
+					"Upload-Offset",
+					"Location",
+					"Upload-Length",
+					"Tus-Version",
+					"Tus-Resumable",
+					"Tus-Max-Size",
+					"Tus-Extension",
+					"Upload-Metadata",
+					"Upload-Defer-Length",
+					"Upload-Concat",
+					"Upload-Incomplete",
+					"Upload-Draft-Interop-Version",
+				},
+				MaxAge: 86400,
+			},
 		},
 		Service: config.Service{
 			Name: "storage-users",
@@ -69,6 +112,9 @@ func DefaultConfig() *config.Config {
 				ShareFolder:                "/Shares",
 				UserLayout:                 "{{.Id.OpaqueId}}",
 				Region:                     "default",
+				SendContentMd5:             true,
+				ConcurrentStreamParts:      true,
+				NumThreads:                 4,
 				PersonalSpaceAliasTemplate: "{{.SpaceType}}/{{.User.Username | lower}}",
 				GeneralSpaceAliasTemplate:  "{{.SpaceType}}/{{.SpaceName | replace \" \" \"-\" | lower}}",
 				PermissionsEndpoint:        "com.owncloud.api.settings",

services/storage-users/pkg/revaconfig/config.go

@@ -2,6 +2,9 @@
 package revaconfig
 
 import (
+	"strconv"
+	"strings"
+
 	"github.com/owncloud/ocis/v2/services/storage-users/pkg/config"
 )
 
@@ -74,6 +77,31 @@ func StorageUsersConfigFromStruct(cfg *config.Config) map[string]interface{} {
 					"nats_enable_tls":        cfg.Events.EnableTLS,
 					"nats_username":          cfg.Events.AuthUsername,
 					"nats_password":          cfg.Events.AuthPassword,
+					"data_txs": map[string]interface{}{
+						"simple": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"spaces": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+						},
+						"tus": map[string]interface{}{
+							"cache_store":    "noop",
+							"cache_database": "system",
+							"cache_table":    "stat",
+							"cors_enabled":   true,
+							// allow_origin is configured as a regex in tusd, so we concatenate the configured values into a regex
+							"cors_allow_origin":      "(" + strings.ReplaceAll(strings.Join(cfg.HTTP.CORS.AllowedOrigins, "|"), "*", ".*") + ")",
+							"cors_allow_credentials": cfg.HTTP.CORS.AllowCredentials,
+							"cors_allow_methods":     strings.Join(cfg.HTTP.CORS.AllowedMethods, ","),
+							"cors_allow_headers":     strings.Join(cfg.HTTP.CORS.AllowedHeaders, ","),
+							"cors_max_age":           strconv.FormatUint(uint64(cfg.HTTP.CORS.MaxAge), 10),
+							"cors_expose_headers":    strings.Join(cfg.HTTP.CORS.ExposedHeaders, ","),
+						},
+					},
 				},
 			},
 		},

services/storage-users/pkg/revaconfig/drivers.go

@@ -243,6 +243,12 @@ func S3NG(cfg *config.Config) map[string]interface{} {
 		"s3.secret_key":               cfg.Drivers.S3NG.SecretKey,
 		"s3.endpoint":                 cfg.Drivers.S3NG.Endpoint,
 		"s3.bucket":                   cfg.Drivers.S3NG.Bucket,
+		"s3.disable_content_sha254":   cfg.Drivers.S3NG.DisableContentSha256,
+		"s3.disable_multipart":        cfg.Drivers.S3NG.DisableMultipart,
+		"s3.send_content_md5":         cfg.Drivers.S3NG.SendContentMd5,
+		"s3.concurrent_stream_parts":  cfg.Drivers.S3NG.ConcurrentStreamParts,
+		"s3.num_threads":              cfg.Drivers.S3NG.NumThreads,
+		"s3.part_size":                cfg.Drivers.S3NG.PartSize,
 		"max_acquire_lock_cycles":     cfg.Drivers.S3NG.MaxAcquireLockCycles,
 		"lock_cycle_duration_factor":  cfg.Drivers.S3NG.LockCycleDurationFactor,
 		"max_concurrency":             cfg.Drivers.S3NG.MaxConcurrency,