0.4.1

Changes in 0.4.1

Summary

• Bugfix - Adapting to new settings API for fetching roles: #96
• Change - Create account api-call implicitly adds "default-user" role: #173

Details

• Bugfix - Adapting to new settings API for fetching roles: #96

  We fixed the usage of the ocis-settings endpoint for fetching roles.

  #96

• Change - Create account api-call implicitly adds "default-user" role: #173

  When calling CreateAccount default-user-role is implicitly added.

  owncloud/product#173

0.4.0

Changes in 0.4.0

Summary

• Change - Add role selection to accounts UI: #103

Details

• Change - Add role selection to accounts UI: #103

  We added a role selection dropdown for each account in the accounts UI. As a first iteration,
  this doesn't require account management permissions.

  owncloud/product#103
  #89

0.3.0

Changes in 0.3.0

Summary

• Bugfix - Atomic Requests: #82
• Bugfix - Unescape value for prefix query: #76
• Change - Adapt to new ocis-settings data model: #87
• Change - Add permissions for language to default roles: #88

Details

• Bugfix - Atomic Requests: #82

  Operations on the file system level are now atomic. This happens only on the provisioning API.

  #82

• Bugfix - Unescape value for prefix query: #76

  Prefix queries also need to unescape token values like 'some ''ol string' to some 'ol string before using it in a prefix query

  #76

• Change - Adapt to new ocis-settings data model: #87

  Ocis-settings introduced UUIDs and less verbose endpoint and message type names. This PR
  adjusts ocis-accounts accordingly.

  #87
  owncloud/ocis-settings#46

• Change - Add permissions for language to default roles: #88

  Ocis-settings has default roles and exposes the respective bundle uuids. We now added
  permissions for reading/writing the preferred language to the default roles.

  #88

0.2.0

Changes in 0.2.0

Summary

• Bugfix - Add write mutexes: #71
• Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60
• Bugfix - Fix index mapping: #73
• Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28
• Bugfix - Prevent segfault when no password is set: #65
• Bugfix - Update account return value not used: #70
• Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64
• Change - Align structure of this extension with other extensions: #51
• Change - Change api errors: #11
• Change - Enable accounts on creation: #43
• Change - Fix index update on create/update: #57
• Change - Pass around the correct logger throughout the code: #41
• Change - Remove timezone setting: #33
• Change - Tighten screws on usernames and email addresses: #65
• Enhancement - Add early version of cli tools for user-management: #69
• Enhancement - Update accounts API: #30
• Enhancement - Add simple user listing UI: #51

Details

• Bugfix - Add write mutexes: #71

  Concurrent account or groups writes would corrupt the json file on disk, because the different
  goroutines would be treated as a single thread from the os. We introduce a mutex for account and
  group file writes each. This locks the update frequency for all accounts/groups and could be
  further improved by using a concurrent map of mutexes with a mutex per account / group. PR
  welcome.

  #71

• Bugfix - Fix the accountId and groupId mismatch in DeleteGroup Method: #60

  We've fixed a bug in deleting the groups.

  The accountId and GroupId were swapped when removing the member from a group after deleting the
  group.

  #60

• Bugfix - Fix index mapping: #73

  The index mapping was not being used because we were not using the right blevesearch TypeField,
  leading to username like properties like preferred_name and
  on_premises_sam_account_name to be case sensitive.

  #73

• Bugfix - Use NewNumericRangeInclusiveQuery for numeric literals: #28

  Some LDAP properties like uidnumber and gidnumber are numeric. When an OS tries to look up a
  user it will not only try to lookup the user by username, but also by the uidnumber:
  (&(objectclass=posixAccount)(uidnumber=20000)). The accounts backend for glauth was
  sending that as a string query uid_number eq '20000' and has been changed to send it as
  uid_number eq 20000. The removed quotes allow the parser in ocis-accounts to identify the
  numeric literal and use the NewNumericRangeInclusiveQuery instead of a TermQuery.

  owncloud/ocis-glauth#28
  #68
  owncloud/ocis-glauth#29

• Bugfix - Prevent segfault when no password is set: #65

  Passwords are stored in a dedicated child struct of an account. We fixed several segfault
  conditions where the methods would try to unset a password when that child struct was not
  existing.

  #65

• Bugfix - Update account return value not used: #70

  In order to return a value using the micro go code we need to override the out value.

  #70

• Bugfix - Build docker images with alpine:latest instead of alpine:edge: #64

  ARM builds were failing when built on alpine:edge, so we switched to alpine:latest instead.

  #64

• Change - Align structure of this extension with other extensions: #51

  We aim to have a similar project structure for all our ocis extensions. This extension was
  different with regard to the structure of the server command and naming of some flag names.

  #51

• Change - Change api errors: #11

  Replaced the plain golang errors with the error model from the micro framework.

  #11

• Change - Enable accounts on creation: #43

  Accounts have been created with the account_enabled flag set to false. Now when they are
  created accounts will be enabled per default.

  #43

• Change - Fix index update on create/update: #57

  We fixed a bug in creating/updating accounts and groups, that caused new entities not to show up
  in list queries.

  #57
  #59

• Change - Pass around the correct logger throughout the code: #41

  Pass around the logger to have consistent log formatting, log level, etc.

  #41
  #48

• Change - Remove timezone setting: #33

  We had a timezone setting in our profile settings bundle. As we're not dealing with a timezone
  yet it would be confusing for the user to have a timezone setting available. We removed it, until
  we have a timezone implementation available in ocis-web.

  #33

• Change - Tighten screws on usernames and email addresses: #65

  In order to match accounts to the OIDC claims we currently rely on the email address or username
  to be present. We force both to match the W3C recommended
  regex
  with usernames having to start with a character or _. This allows the username to be presented
  and used in ACLs when integrating the os with the glauth LDAP service of ocis.

  #65

• Enhancement - Add early version of cli tools for user-management: #69

  Following commands are available:

  List, ls List existing accounts add, create, Create a new account update Make changes to an
  existing account remove, rm Removes an existing account inspect Show detailed data on an
  existing account

  See --help for details.

  Note that not all account-attributes have an effect yet. This is due to ocis being in an early
  development stage.

  owncloud/product#115
  #69

• Enhancement - Update accounts API: #30

  We updated the api to allow fetching users not onyl by UUID, but also by identity (OpenID issuer
  and subject) email, username and optionally a password.

  #30

• Enhancement - Add simple user listing UI: #51

  We added an extension for ocis-web that shows a simple list of all existing users.

  #51

0.1.1

Changes in 0.1.1

Summary

• Enhancement - Logging is configurable: #24

Details

• Enhancement - Logging is configurable: #24

  ACCOUNTS_LOG_* env-vars or cli-flags can be used for logging configuration. See --help for
  more details.

  #24

0.1.0

Changes in 0.1.0

Summary

• Change - Initial release of basic version: #1
• Enhancement - Configuration: #15

Details

• Change - Initial release of basic version: #1

  Just prepared an initial basic version.

  #1

• Enhancement - Configuration: #15

  Extensions should be responsible of configuring themselves. We use Viper for config loading
  from default paths. Environment variables WILL take precedence over config files.

  #15