ownCloud
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode

Storage

Overview

The storage extension wraps reva and adds an opinionated configuration to provide two core services for the oCIS platform:

  1. A Spaces Registry that acts as a dictionary for storage Spaces and their metadata
  2. A Spaces Provider that organizes Resources in storage Spaces and persists them in an underlying Storage System

Clients will use the Spaces Registry to poll or get notified about changes in all Spaces a user has access to. Every Space has a dedicated /dav/spaces/<spaceid> WebDAV endpoint that is served by a Spaces Provider which uses a specific reva storage driver to wrap an underlying Storage System.

proxy
proxy
gateway
gateway
gateway
gateway
authregistry
authregistry
storageregistry
storageregistry
storage users
storage users
storageprovider
storageprovider
dataprovider
dataprovider
storage home
storage home
storageprovider
storageprovider
dataprovider
dataprovider
storage public link
storage public link
publicstorageprovider
publicstorageprovider
authprovider
publicshares
authprovider...
storage metadata
storage metadata
storageprovider
storageprovider
dataprovider
dataprovider
sharing
sharing
usershareprovider
usershareprovider
publicshareprovider
publicshareprovider
users
users
userprovider
userprovider
groups
groups
groupprovider
groupprovider
authbasic
authbasic
authprovider
authprovider
authbearer
authbearer
authprovider
authprovider
accounts
accounts
frontend
frontend
datagateway
datagateway
ocdav
ocdav
ocs
ocs
ocis
ocis
reva
reva
deprecated
deprec...
Viewer does not support full SVG 1.1

The dashed lines in the diagram indicate requests that are made to authenticate requests or lookup the storage provider:

  1. After authenticating a request, the proxy may either use the CS3 userprovider or the accounts service to fetch the user information that will be minted into the x-access-token.
  2. The gateway will verify the JWT signature of the x-access-token or try to authenticate the request itself, e.g. using a public link token.
The bottom part is lighter because we will deprecate it in favor of using only the CS3 user and group providers after moving some account functionality into reva and glauth. The metadata storage is not registered in the reva gateway to separate metadata necessary for running the service from data that is being served directly.

Endpoints and references

In order to reason about the request flow, two aspects in the architecture need to be understood well:

  1. What kind of namespaces are presented at the different WebDAV and CS3 endpoints?
  2. What kind of resource references are exposed or required: path or id based?
    oCIS System
    [Software System]
    oCIS System...
    Einstein
    [Person]

    End user
    Einstein...
    Client
    [Container: C++, Kotlin, Swift or Vue]

    A desktop, mobile or web Client
    Client...
    Storage Space Registry
    [Container: golang, HTTP, libregraph]

    Manages spaces for users
    Storage Space Registry...
    Storage Space Provider
    [Container: golang]

    Persists storage spaces using reva
    Storage Space Provider...
    Storage System
    [Software System]

    provides persistent storage
    Storage System...
    Moss
    [Person]

    Administrator
    Moss...
    Reads from and writes to
    [POSIX, S3]
    Reads from and writes to...
    Reads from and writes to
    [WebDAV, libregraph, CS3, tus]
    Reads from and writes to...
    Manages the users Storage Spaces in
    [libregraph]
    Manages the users Storage Spac...
    Manages resources with
    [Web UI or native clients]
    Manages resources with...
    Registers itself at and
    sends space root etag changes to
    [CS3, libregraph?, PUSH]
    Registers itself at and...
    Manages organizational Storage Spaces in
    [WebDAV, libregraph, CS3, CLI]
    Manages organizational Storage...
    Identity Management System
    [Software System]

    provides users and groups
    Identity Management System...
    Authenticates users and searches recipients with
    [OpenID Connect, LDAP, REST]
    Authenticates users and search...

    C4 Container diagram for the oCIS System

    As a platform, the oCIS system may not only includes web, mobile and desktop clients but also the underlying storage system or an identity management system

    Date: 2021-07-22T16:43

    C4 Container diagram for the oCIS System...
    Viewer does not support full SVG 1.1