Versions are not deleted when the file is deleted from the trashbin

[jvillafanez]

Steps to reproduce

1. Create "test1" folder
2. Upload "file.txt" inside the "test1" folder
3. Upload multiple versions of "file.txt"
4. Delete "test1" folder
5. In the "deleted files" section of the files page, enter the "test1" folder and permanently delete the "file.txt" file

Expected behaviour

All versions of the "file.txt" file should have been deleted when the file was permanently deleted from the trashbin

Actual behaviour

Versions are still around taking up space. In particular, versions are still in "[user-folder]/files_trashbin/versions" and also in the DB. Versions are likely inaccessible from the web UI because the file itself was removed.

Server configuration

Operating system:

Web server: apache 2.4

Database: mysql

PHP version: 7.4

ownCloud version: 10.11 pre-alpha

Updated from an older ownCloud or fresh install: fresh install

Where did you install ownCloud from:

Signing status (ownCloud 9.0 and above):

Login as admin user into your ownCloud and access 
http://example.com/index.php/settings/integrity/failed 
paste the results into https://gist.github.com/ and puth the link here.

The content of config/config.php:

Log in to the web-UI with an administrator account and click on
'admin' -> 'Generate Config Report' -> 'Download ownCloud config report'
This report includes the config.php settings, the list of activated apps
and other details in a well sanitized form.

or 

If you have access to your command line run e.g.:
sudo -u www-data php occ config:list system
from within your ownCloud installation folder

*ATTENTION:* Do not post your config.php file in public as is. Please use one of the above
methods whenever possible. Both, the generated reports from the web-ui and from occ config:list
consistently remove sensitive data. You still may want to review the report before sending.
If done manually then it is critical for your own privacy to dilligently
remove *all* host names, passwords, usernames, salts and other credentials before posting.
You should assume that attackers find such information and will use them against your systems.

List of activated apps:

If you have access to your command line run e.g.:
sudo -u www-data php occ app:list
from within your ownCloud installation folder.

Are you using external storage, if yes which one: local/smb/sftp/...

Are you using encryption: yes/no

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...

LDAP configuration (delete this part if not used)

With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your ownCloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';


Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration

Browser:

Operating system:

Logs

Web server error log

Insert your webserver log here

ownCloud log (data/owncloud.log)

Insert your ownCloud log here

Browser log

Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log 
c) ...

[phil-davis]

@SwikritiT @amrita-shrestha can someone please have a look and see if there is a way to demonstrate this issue with API requests?

See also my comment #40291 (comment)

I am not sure about how to access versions of a file that is in the trashbin, and then how to access "left behind" versions that are still "somewhere in the trashbin" after the file has been deleted from the trashbin.

[SagarGi]

@phil-davis i tried reproducing the above issue but could not. All the files versions (in trashbin) gets deleted (from local file system) when i delete the files having multiple versions. But could not locate where the versions of deleted files is stored in database. And also Could not find APIs to access versions of files in the trashbin (No APIs in owncloud APIs documentation).

[phil-davis]

And also Could not find APIs to access versions of files in the trashbin

Maybe there is no API to access versions of a file in the trashbin. Maybe the versions are "there in the trashbin but undetectable from the outside", and they are meta-data about the deleted file (like comments and other file meta-data). And if the file is restored from the trashbin then all that meta-data should be restored with it (versions, comments, whatever). But ordinary users "on the outside" can only see that meta-data if they restore the file.

In that case, there is no way for us to make an external end-to-end API test that will delete a file, and confirm if the versions are stored in the trashbin.

But we could make a test scenario that confirms that versions come back from the trashbin:

1. create file with content "one"
2. overwrite the content whit "two"
3. delete the file
4. restore the file from the trashbin
5. confirm that the file has content "two" and that there is an old version available wsith content "one"

@SagarGi please have a look and see if we have a test scenario like that. If not, then add one.

[SagarGi]

@phil-davis seems like there is no scenarios like above that includes (file version after the delete and restore of file from trashbin). I will add one.

[SagarGi]

@phil-davis seems like @jvillafanez has a PR tagged to this issue. I have added possible tests scenario related to it with this PR #40322. I am unassigning this issue for now. You may close it accordingly.

[phil-davis]

This issue can be fixed by PR #40291 - that now needs review and decision.

[amrita-shrestha]

@SagarGi has added tests related to this issue. I think work from QA team has completed.

[jvillafanez]

#40291 merged. Closing