Commit Graph

10756 Commits

Author SHA1 Message Date
John Molakvoæ (skjnldsv) 0c4297cee9 Make sure root storage is valid before checking its size
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-11-09 10:05:54 +00:00
Ashod Nakashian 7298d037b2 Unlock when promoting to exclusive lock fails
In certain cases changeLock to EXCLUSIVE fails
and throws LockedException. This leaves the
file locked as SHARED in file_put_contents,
which prevents retrying (because on second
call file_put_contents takes another SHARED
lock on the same file, and changeLock doesn't
allow more than a single SHARED lock to promote
to EXCLUSIVE).

To avoid this case, we catch the LockedException
and unlock before re-throwing.

Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
2020-11-09 10:03:15 +00:00
Morris Jobke 20885847c8
Merge pull request #23971 from nextcloud/backport/23936/stable20
[stable20] Use query builder instead of OC_DB in trashbin
2020-11-09 10:27:29 +01:00
Daniel Kesselberg a01da78f1d
Add explicit typecast for $value.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-11-09 10:13:36 +01:00
Joas Schilling b3dfa9290d Update parameters
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-07 15:57:47 +00:00
Joas Schilling 2e3cffc53b Make sure Oracle always casts everything in the best way
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-07 15:57:46 +00:00
Joas Schilling c71cc6824e Use Query builder function
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-07 15:57:45 +00:00
Joas Schilling d111e88d4c Fix order of GREATEST for Oracle
As per https://docs.oracle.com/cd/B19306_01/server.102/b14200/functions060.htm
Oracle uses the first value to cast the rest or the values.
So when the first value is a plain int, instead of doing the math,
it will cast the expression to int and continue with a potential 0.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-07 15:57:44 +00:00
Roeland Jago Douma 71de05f775
Merge pull request #23951 from nextcloud/backport/23922/stable20
[stable20] Improve query type detection
2020-11-07 10:49:06 +01:00
Roeland Jago Douma bac92bb814
Merge pull request #23954 from nextcloud/backport/23943/stable20
[stable20] Fix iLike() falsely turning escaped % and _ into wildcards
2020-11-07 09:18:23 +01:00
Roeland Jago Douma a5c6abc93a
Merge pull request #23948 from nextcloud/backport/23940/stable20
[stable20] Skip already loaded apps in loadApps
2020-11-07 07:59:52 +01:00
Joas Schilling 73a09a4f54 Replace some usages of OC_DB in OC\Share\* with query builder
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-06 21:43:46 +00:00
Joas Schilling 3a7e2fbff1 Fix iLike() falsely turning escaped % and _ into wildcards
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-06 21:29:48 +00:00
Morris Jobke f8b550dab7
Merge pull request #23935 from nextcloud/backport/23921/stable20
[stable20] Fix casting of integer and boolean on Oracle
2020-11-06 22:24:31 +01:00
Joas Schilling 3ffd31353c Improve query type detection
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-06 21:20:44 +00:00
Morris Jobke a2c9915ca4
Merge pull request #23924 from nextcloud/backport/23920/stable20
[stable20] Bearer must be in the start of the auth header
2020-11-06 22:10:01 +01:00
Roeland Jago Douma ef5cee12d1 Skip already loaded apps in loadApps
Otherwise you might end up calling a lot of functions unneeded.
And while the individual calls are cheap if you multiply them by 20k
they still get somewhat expensive.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-11-06 21:01:12 +00:00
Joas Schilling 990bb07002
Cast bool things to numbers as that is how they are stored in the database
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-06 13:36:57 +01:00
Joas Schilling 2b0b57d304 Fix casting to integer on Oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-11-06 10:42:15 +00:00
Roeland Jago Douma c9bf32b454 Bearer must be in the start of the auth header
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-11-06 08:21:30 +00:00
Tobias Assmann 2b55a90ae4
fix: also remove use statement of UserCreatedEvent
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
2020-11-05 23:08:14 +01:00
Tobias Assmann 6d1ecf2218
fix: no more translation from postCreateUser hook to UserCreatedEvent anymore, as event is already emitted in user manager
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
2020-11-05 23:08:04 +01:00
Morris Jobke 23d3586865 No need to check if there is an avatar available, because it is generated on the fly nowadays
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-02 18:10:23 +00:00
Morris Jobke 24e93bbba4 Fetch the logger and system config once for all query builder instances
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-10-30 06:40:43 +00:00
Christoph Wurst c509410b1d Type the \OCP\IUserManager::callForSeenUsers closure with Psalm
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-28 19:08:14 +00:00
Morris Jobke 017a3f86c2 Use lib instead if core as l10n module in OC_Files
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-10-27 16:30:26 +00:00
Morris Jobke 2b12d71a0d
Merge pull request #23641 from nextcloud/backport/23602/stable20
[stable20] Fix updates of NULL appconfig values
2020-10-25 21:38:49 +01:00
Roeland Jago Douma 0b46ebe3c6
Merge pull request #23611 from nextcloud/backport/23606/stable20
[stable20] Only use index of mount point when it is there
2020-10-24 10:53:45 +02:00
Roeland Jago Douma 1cc6a0f8e3 Fix updates of NULL appconfig values
The comparisson of NULL is a bit special.
So we need to handle this a tad beter else it might not replace NULL
values. or allow you to set NULL values on updates.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-10-23 08:45:29 +00:00
Julius Härtl 367a7bd87e Only retry fetching app store data once every 5 minutes in case it fails
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-10-22 14:14:49 +00:00
Joas Schilling 2160dc9583 Only use index of mount point when it is there
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-21 18:46:13 +00:00
Morris Jobke 41090d0faa
Merge pull request #23205 from nextcloud/backport/23012/stable20
[stable20] Make BeforeTemplateRenderedEvent aware of the actual response
2020-10-19 10:15:22 +02:00
Morris Jobke cbde9d878f
Merge pull request #23514 from nextcloud/backport/23508/stable20
[stable20] fixes potential passing of null to getUserGroupIds
2020-10-19 10:14:06 +02:00
Morris Jobke e95a1420f1
Clear cached app config while waiting for the SCSSCache to finish processing the file
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-10-16 15:46:59 +02:00
Arthur Schiwon a615e7dcfa fixes potential passing of null to getUserGroupIds
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-10-16 13:01:06 +00:00
Morris Jobke 2dcf50cd78 SCSSCacher - Lock should not be removed
This is within the failed lock acquiring branch. So the lock is free by another process and should not be removed because the cached file (that was created by the process having the lock) appeared on the filesystem.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-10-16 11:27:36 +00:00
Morris Jobke 96e08a508e Provide log statements for SCSS cache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-10-16 07:50:21 +00:00
Christoph Wurst 3a3d7ea6cd Type the authentication listeners
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-15 22:34:18 +00:00
Robin Windey 06895ef8cc Fix typo 'shared' 2020-10-12 18:08:36 +00:00
Joas Schilling d68d62f052 Make sure getUsersFavoritingObject can be run without a user
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-07 11:10:38 +00:00
Roeland Jago Douma 1f3e3e782f Use the correct l10n for activities
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-10-07 09:37:23 +00:00
Morris Jobke 21f00069fe
Merge pull request #23213 from nextcloud/backport/22937/stable20
[stable20] Allow configuring the activity update interval of token
2020-10-06 16:07:54 +02:00
Roeland Jago Douma ca32ee1a65
Merge pull request #23220 from nextcloud/backport/23215/stable20
[stable20] Only run the query to get the account data once
2020-10-06 14:46:06 +02:00
Joas Schilling 851acc1d74 Only run the query to get the account data once
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-06 10:48:24 +00:00
Roeland Jago Douma e0bc29d907 Allow configuring the activity update interval of token
On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-10-06 08:04:12 +00:00
Julius Härtl bc0a429822 Add acutal response to BeforeTemplateRenderedEvent
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-10-05 19:53:05 +00:00
Robin Appelman aec422a874 add mount point to quota warning message
makes it more clear to the user what the quota applies to

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-10-04 11:05:24 +00:00
Roeland Jago Douma fa4cd4435b
Merge pull request #23089 from nextcloud/backport/23074/stable20
[stable20] Do not match sharees on an empty email address
2020-10-01 19:29:39 +02:00
Roeland Jago Douma 2e87668f77
Merge pull request #23092 from nextcloud/backport/23083/stable20
[stable20] Generate exception to log on php errors
2020-09-29 16:38:56 +02:00
Julius Härtl 05fa5e4d9e Generate exception to log on php errors
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-29 08:17:21 +00:00
Christoph Wurst 851333edab Do not match sharees on an empty email address
When asking for sharees we compare not only UID and displayname but also
the email address. And if that matches we return the sharee as an exact
match. This logic had a flaw as in that it also matched the empty string
to users with no email address.

This is most noticeable when you disable sharee enumeration and open the
ownership transfer dialog. It suggested other users of the instance
before. This has stopped now.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-29 07:29:43 +00:00
Joas Schilling 71b33fb87a Show federation and email results also with exact user match unless containing @
Before when you have a user "smith" and a federated user "smith@example.com"
you could see the federation result with "smit" but not with "smith" anymore.
With most LDAP configurations and local backend setups this is disturbing and
causes issues.
The idea of not showing the email and federation on a matching user was with:
Local user registered with "smith@example.com" user id and having that same
email / cloud id in your contacts addressbook. So we now only hide those
"side results" when the search does contain an @

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-29 07:16:12 +00:00
Roeland Jago Douma 15ff980583
Merge pull request #23029 from nextcloud/backport/23024/stable20
[stable20] Add occ command to set theming values
2020-09-28 12:24:23 +02:00
Joas Schilling 5475bb4083 Log a warning if a "lazy" initial state loads longer than 1 second
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-24 13:00:19 +00:00
Joas Schilling 87f8e1e366 Log an error if a dashboard widget loads longer than 1 second
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-24 13:00:19 +00:00
Julius Härtl 99b25ef3fe Add occ command to set theming values
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-24 12:38:53 +00:00
Joas Schilling 26603c7cdd Don't log "duplicate section" for the shared "connected-accounts" section
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-23 11:03:50 +00:00
Robin Appelman 674db6da88
add event to allow apps to overwrite user quota
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-17 16:32:48 +02:00
Morris Jobke ec07ca2abb
Merge pull request #22844 from nextcloud/enh/richdocumentscode-arm
Support architecture limitations for apps and allow richdocumentscode_arm64 though htaccess
2020-09-17 12:22:42 +02:00
Morris Jobke d144a84df1
Merge pull request #22903 from nextcloud/techdebt/16696/no-need-to-get-full-path-again
Do not fetch the normalized full path again if it is already available
2020-09-17 11:54:47 +02:00
Morris Jobke 063ac9d353
Do not fetch the normalized full path again if it is already available
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-17 09:56:45 +02:00
Roeland Jago Douma b0c04a3e0c
Merge pull request #22867 from nextcloud/shared-storage-init-less
Shared storage optimizations
2020-09-17 08:55:35 +02:00
Julius Härtl 04eb1bb949
Allow to specify supported architectures in appinfo.xml
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:15 +02:00
Julius Härtl 364b96d5b9
Add htaccess exception for richdocumentscode_arm64
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:15 +02:00
Julius Härtl 5340215871
Install richdocumentscode depending on the architecture
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:14 +02:00
Roeland Jago Douma 05edd1e5d6
Merge pull request #22890 from nextcloud/techdebt/18680/help-static-code-analysis-understand-code
Help static code analysis to understand code
2020-09-17 08:51:20 +02:00
Morris Jobke 1bed77c5fc
Merge pull request #22888 from nextcloud/techdebt/18680/remove-unused-code
Remove not needed semicolon and PHPDoc hint
2020-09-16 20:44:46 +02:00
Daniel Kesselberg 096fe20611
Help static code analysis to understand code.
It adds proper type hints to private namespace to allow private namespace methods.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-09-16 16:37:17 +02:00
Morris Jobke 6b4998f20f
Merge pull request #22884 from nextcloud/phpdoc/21873/define-deprecated-version
Specific version for @deprecated PHPDoc
2020-09-16 16:25:11 +02:00
Morris Jobke d3680e682a
Remove not needed semicolon and PHPDoc hint
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 16:18:43 +02:00
Morris Jobke 99c9423766
Remove @suppress SqlInjectionChecker
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 15:53:56 +02:00
Morris Jobke 4cfbe0c97d
Specific version for @deprecated PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 15:09:00 +02:00
Robin Appelman cfde74442c
optimize View::getPath if we already know the storage id
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-16 13:49:07 +02:00
Robin Appelman 244fd6ae49
disable update checking for shared storages
update checking is already handled by the share source

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-15 16:42:40 +02:00
Joas Schilling 441adaa74a
Remove unneeded isset check
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-11 16:20:30 +02:00
Morris Jobke e269f15d56
Merge pull request #22234 from nextcloud/bugfix/noid/reshare-mount
Use user mount with matching shared storage only
2020-09-10 16:19:04 +02:00
Morris Jobke 3d61f7b258
Merge pull request #22774 from nextcloud/bugfix/noid/no-delay-without-ip
Don't break when the IP is empty
2020-09-10 16:11:06 +02:00
Morris Jobke 4ae8caaf28
Merge pull request #22768 from nextcloud/fix/22288/change-0-to-null-for-bmp-encoding
Change 0 to null to properly encode image to BMP if the first pixel is black
2020-09-10 15:25:08 +02:00
Joas Schilling c25063dc07
Don't break when the IP is empty
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-10 14:20:27 +02:00
Morris Jobke 9708b004f7
Merge pull request #22552 from nextcloud/bugfix/noid/opendocument-templates
Add opendocument templates to mimetype mappings
2020-09-10 12:42:29 +02:00
Morris Jobke 46525f8639
Change 0 to null to properly encode image to BMP if the first pixel is black
Ref #22288

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-10 12:08:01 +02:00
Joas Schilling b5a70b31c1
Don't create a deprecation log in base.php
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-10 09:03:39 +02:00
Roeland Jago Douma 6895d97cf0
Merge pull request #22520 from nextcloud/normalize-path-invalid-utf8
dont use `false` as cache key for non utf8 path in normalizePath
2020-09-09 21:52:36 +02:00
Roeland Jago Douma bb06b6cce4
Fix reading empty files from objectstorage
Since we try to do range requests this will fail hard.
However since empty files are not that interesting to read anyways we
just read from an emptry memory stream.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-09 20:45:13 +02:00
Morris Jobke cd563023db
Merge pull request #22657 from nextcloud/bugfix/noid/quota-trash-creation
Check if quota should be applied to path when creating directories
2020-09-09 17:37:28 +02:00
Joas Schilling e280c05053
Merge pull request #22636 from nextcloud/bugfix/noid/initial-stte-cspv3
Make sure that getConfig is still called for browsers that do not support CSPv3
2020-09-09 13:11:59 +02:00
Morris Jobke d8dea5070b
Merge pull request #22729 from nextcloud/fix/object_storage_permissions_shortcut
Run stat less often for objectstorages
2020-09-09 10:43:37 +02:00
Roeland Jago Douma 9fdeed8cc0
Run stat less often for objectstorages
When we want to get the permissions we now do stat at least 5 times for
each entry. Which is a bit much. Especially since the permssions are all
just in the database already.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-08 14:38:36 +02:00
Roeland Jago Douma 919a8d473b
Merge pull request #22646 from nextcloud/bugfix/mimetype-mapping
Fix detecting text/x-php mimetype and secure mimetype mapping
2020-09-08 10:41:09 +02:00
Roeland Jago Douma ac5f2914c7
Merge pull request #22641 from nextcloud/fix/credentials-store-upgrade-property-undefined
Fix undefined class property access after upgrade from 19 to 20
2020-09-08 10:26:23 +02:00
Julius Härtl 87e5fd0d2c
Check if quota should be applied to path when creating directories
This fixes an issue where the files_trashbin hierarchy of a user could
not been created as the mkdir operations were blocked by the quota
storage wrapper. Even with 0 quota, users should be able to have a
trashbin for external storages.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-08 07:33:57 +02:00
Morris Jobke 34d2ae25f7
Merge pull request #22643 from nextcloud/bugfix/noid/fix-installing-on-oracle
Fix installing on Oracle
2020-09-07 20:55:50 +02:00
Julius Härtl 5e4303b1fe
Properly add both mimetypes to secure mimetype mapping
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-07 16:42:11 +02:00
Christoph Wurst 1f7f93a695
Update license headers for Nextcloud 20 (again)
There are still lots of outdated headers, so time for another round of
updates.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 14:37:44 +02:00
Christoph Wurst adf100a42f
Fix undefined class property access after upgrade from 19 to 20
The serialized data in 19 has one property less and this was not
considered in the code. Hence adding a fallback. Moreover I'm changing
the deserialization into an array instead of object, as that is the
safer option.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 13:31:24 +02:00
Joas Schilling 50230847ce
Warn about adding NotNull columns with nullable default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-07 13:14:49 +02:00
blizzz 3eb748fc39
Merge pull request #22589 from nextcloud/bugfix/noid/allow-additional-personal-settings-via-normal-registration
Allow additional personal settings via normal registration
2020-09-07 11:34:06 +02:00
Julius Härtl a9f39bf500
Make sure that getConfig is still called for browsers that do not support CSPv3
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-07 09:37:49 +02:00
Roeland Jago Douma c538b1e4c6
Merge pull request #22597 from nextcloud/techdebt/noid/allow-to-di-the-settings-manager
Add missing alias for OCP\Settings\IManager and deprecate the old one
2020-09-04 20:22:52 +02:00
John Molakvoæ 593d64d935
Merge pull request #17456 from brad2014/feature/brad2014/12391-improve-imip-mail-message-take-2 2020-09-04 19:53:02 +02:00
Joas Schilling 770d12d191
Add missing alias for OCP\Settings\IManager and deprecate the old one
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 16:39:01 +02:00
Joas Schilling cb146c8486
Allow additional personal settings via normal registration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 15:21:48 +02:00
Joas Schilling e690f0e7e3
Merge pull request #22550 from nextcloud/bugfix/13556/use-correct-root-when-compiling-scss
Use the correct root to determinate the webroot for the resource
2020-09-04 08:58:07 +02:00
Julius Härtl b0970f86f0
Update repair step apply new opendocument template mimes
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-04 08:42:32 +02:00
Roeland Jago Douma 0452877a67
Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +02:00
Brad Rubenstein 442af8c5d5 Minor cleanup: php-cs-fixer, tests, interface consistency
IMipPlugin.php Removed blank lines to make php-cs-fixer happy.
Minor cleanup:  bugs found by Psalm static checker
IEMailTemplate: The public interface to addBodyListItem also needs to include the new plainIndent parameter.
IMipPlugin: Fixes an undefined variable for events that do not have DTEND.  Also use explicit string conversion for parameters and properties in several places.

The new email template adds an additional blank line before "button" links in plain text, so the tests were fixed to include that additional blank line.

Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2020-09-02 17:54:36 +02:00
Joas Schilling 87aa9b187e
Use the correct root to determinate the webroot for the resource
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-02 17:13:24 +02:00
Roeland Jago Douma 6bda2c26c7
Merge pull request #22423 from nextcloud/bugfix/noid/direct-editing-encryption
Do not expose direct editing if no master key is available
2020-09-01 20:32:21 +02:00
Roeland Jago Douma ab6bd79c02
Only disable zip64 if the size is known
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-01 15:01:12 +02:00
Julius Härtl e0ae37745a
Do not expose direct editing if no master key is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-01 11:40:27 +02:00
Roeland Jago Douma d0a7f833cc
Merge pull request #22116 from nextcloud/bugfix/noid/transfer-ownership-share-root
Fix share transfer of single files and on the transfered node
2020-09-01 08:50:22 +02:00
Roeland Jago Douma e0d767d3e1
Merge pull request #16632 from nextcloud/bugfix/external-reshare
Set proper root path for single file shares originating from other storages
2020-09-01 08:48:31 +02:00
Roeland Jago Douma 8dd249937f
Merge pull request #22514 from nextcloud/fix/s3/only_delete_new_failed
Fix S3 error handling
2020-08-31 19:03:24 +02:00
Robin Appelman a792a51dca
dont use `false` as cache key for non utf8 path in normalizePath
since `json_encode` returns `false` if it's input isn't utf8, all non utf8 paths passed to normalizePath will currently return the same cached result.

Fixing this makes working with non utf8 storages a *little* bit more possible for apps

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 17:29:36 +02:00
Robin Appelman 81c5aa9819
set the mount id before calling storage wrapper
this allows the storage wrapper to use the mount id for it's own logic

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 16:38:47 +02:00
Julius Härtl ac2999a26a
Transfer shares of the transferred root node
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-31 14:23:34 +02:00
Roeland Jago Douma 789b33aba4
Only update the filecache entry once the file has been written to S3
If we already update before we have no way to revert if the upload
fails.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:28:04 +02:00
Roeland Jago Douma 6ffd7173f9
Don't lose filecache entry on s3 overwrite error
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:25:20 +02:00
Roeland Jago Douma c43189beae
Merge pull request #22476 from nextcloud/setting-sections-unique
ignore duplicate setting sections
2020-08-30 21:15:50 +02:00
Robin Appelman eb4154cee0
ignore duplicate setting sections
this prevents some 'Section with the same ID already registered' errors in the log

also includes an improvement of the error message to make other cases easier to find

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 17:06:48 +02:00
Roeland Jago Douma 7b8364e001
Merge pull request #21288 from lmamane/master
Return correct loginname in credentials
2020-08-28 16:11:46 +02:00
Robin Appelman 2879472f81
trim slashes
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 11:14:50 +02:00
Julius Härtl 7512dc2b34
Set proper root path for single file shares originating from other storages
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-28 10:50:15 +02:00
Robin Appelman c077c15875
show better quota warning for group folders and external storage
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-25 16:05:16 +02:00
Roeland Jago Douma 7e6f04490e
Merge pull request #22393 from nextcloud/fix/license-headers-20
Update the license headers for Nextcloud 20
2020-08-24 22:03:00 +02:00
Joas Schilling df857604d5
Merge pull request #21894 from nextcloud/fix-file-quota
fix: file quota was not applied in all cases
2020-08-24 15:48:48 +02:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-24 14:54:25 +02:00
John Molakvoæ dd054f0bdb
Merge pull request #22382 from nextcloud/bugfix/22380
Add repair step to remove old dashboard app config
2020-08-24 14:00:41 +02:00
Julius Härtl 17579c6471
Add repair step to remove old dashboard app config
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-24 10:16:15 +02:00
Roeland Jago Douma 51922caa5f
Properly search for users when limittogroups is enabled
Searching just for the uid is not enough.
This makes sure this done properly again now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-21 13:14:32 +02:00
brad2014 781359a582 iMIP email improvements (take 2)
This PR is a replacement for PR #17195. It is intended to be simpler
to review and approve, with fewer changes, some disabled by default.

It addresses issues #12391 and #13555, with the following changes:

- The plainText of iMIP emails has been upgraded as described in
issue #12391. The HTML design style has not been changed.

- Some of the HTML and plainText content has been rearranged
(simplified header language, moving the event title to from text
body to the first item in the bullet list, spelling corrections,
moving the description to the end of the list), per issue #12391.

- The interface for EMailTemplate has been extended: addBodyListItem
now takes an optional `plainIndent` parameter. Existing callers
see no change. Where new calls set the  new parameter >0, the list
item label (metaInfo) is put in column 1, and the value is indented
into column 2 (properly accounting for multiple lines, if any).

- An optional dav config setting has been added,
`invitation_list_attendees`. It defaults to 'no', leaving emails
unchanged. If set by the site admin to 'yes', then iMIP emails
include, for the organizer and each attendee, their name, email,
and a ✔︎ if they have accepted the invitation.

- Minor refactoring.

Notes:

- The labels for organizers and attendees list items are new, and
require translation/localization.

- Dav config settings are documented in the code, but not in the
Administrator's Guide.

Signed-off-by: brad2014 <brad2014@users.noreply.github.com>
2020-08-20 22:16:47 +02:00
Roeland Jago Douma 6e4b089265
Merge pull request #20891 from cuppett/cuppett/issue#19790
Resolves #19790, Provides Support for IAM Credentials
2020-08-20 20:28:05 +02:00
Roeland Jago Douma 987f621173
Merge pull request #22331 from nextcloud/bugfix/noid/dont-use-deprecated-inigetwrapper
Don't use deprecated getIniWrapper() anymore
2020-08-20 19:45:47 +02:00
Morris Jobke 65b5e65185
Merge pull request #21529 from nextcloud/enh/encryption/improve_key_format
New SSE key format
2020-08-20 17:41:18 +02:00
Joas Schilling b09620651c
Don't use deprecated getIniWrapper() anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 16:35:38 +02:00
korelstar d8a80cd45c
fix: file quota was not applied in all cases 2020-08-20 16:11:50 +02:00
Lionel Elie Mamane ac8b40b8b1
Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-08-20 16:02:22 +02:00
Stephen Cuppett 5ef0f86ce7
Resolves #19790, Provides Support for IAM Credentials
Includes support for either leveraging environment variables
passed to the PHP runtime or IAM instance profile present
on the host being used. The default and first choice is
still the parameter file as documented.

See also: https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_provider.html#chaining-providers

Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2020-08-20 15:54:33 +02:00
Roeland Jago Douma 5340ab3a75
New SSE key format
* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-20 15:42:43 +02:00
Robin Appelman 5af7d921a9
Make Cache::removeChildren non recursive
Currently the "add new files during scanning" call stack is smaller than
the "remove deleted files during scanning" call stack. This can lead to
the scanner adding folders in the folder tree that are to deep to be
removed.

This changes the `removeChildren` logic to be non recursive so there is
no limit to the depth of the folder tree during removal

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-20 15:37:02 +02:00
Morris Jobke 6cdaadbc57
Merge pull request #13712 from nextcloud/bugfix/noid/do-not-load-all-routes
Only load routes of the app which is requested
2020-08-20 14:32:25 +02:00
Joas Schilling 2e4b3cebc6
Exclude the Bridge Bot password as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 10:28:35 +02:00
Roeland Jago Douma af3a59fab5
Merge pull request #22237 from nextcloud/bugfix/noid/allow_putContent_empty_string
Allow writing empty content to new file
2020-08-20 09:03:06 +02:00
Morris Jobke d8bdb439a4
Merge pull request #22289 from nextcloud/techdebt/noid/fix-encryption-stream-invalid-scalar-arguments
Cast float to int to avoid invalid scalar argument warning
2020-08-19 22:08:15 +02:00
Morris Jobke 387cac4c5f
Properly inject IRouter into URLGenerator to properly encapsulate tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 22:00:47 +02:00
Morris Jobke 053ee7b386
Only load routes of the app which is requested
* Add fallback to load all routes if needed
* Move partial loaded routes test to proper place

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 21:58:20 +02:00
Roeland Jago Douma b604d5232e
Merge pull request #22218 from nextcloud/enh/sse/make_legacy_cipher_opt_in
SSE: make legacy format opt in
2020-08-19 20:10:45 +02:00
Morris Jobke c449d54204
Merge pull request #22304 from nextcloud/techdebt/noid/matching-param-names
Use matching parameter names form interfaces and implementations
2020-08-19 19:34:02 +02:00
Morris Jobke 4c6eb96471
Merge pull request #22280 from nextcloud/bugfix/noid/429-on-brute-force-maximum
Send "429 Too Many Requests" in case of brute force protection
2020-08-19 18:21:01 +02:00
Morris Jobke fedf9c69d9
Use matching parameter names form interfaces and implementations
Found by Psalm 3.14.1

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 18:16:35 +02:00
Morris Jobke 60be722ee8
Merge pull request #22288 from nextcloud/techdebt/noid/fix-oc_image-invalid-scalar-arguments
Cast float/char to int to avoid invalid scalar argument warning
2020-08-19 17:55:56 +02:00
Morris Jobke e93bf71369
Fix the return type of OC_Template->fetchPage() to be string only
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 16:48:06 +02:00
Roeland Jago Douma 2bbb848c31
Add legacy scanning command
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Roeland Jago Douma 8928bbe969
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Joas Schilling 35a8519591
Fix CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 770381c0c6
Correctly return ms delay when at max
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 931aca2fee
Add missing default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling d9c4c9eb99
Simplify array filter
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling dfeee3b850
Fix wrong doc + type hint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 8376c4891f
Only throw when also the last 30 mins were attacking
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 6f751d01db
Make the throttling O(2^n) instead of O(n^n)
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 64539a6ee1
Make Throttler strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling c8fea66d65
Split delay calculation from getting the attempts
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling cdb36c8ead
Let the database count the entries
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling e66bc4a8a7
Send "429 Too Many Requests" in case of brute force protection
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling c8f175e936
Allow to disable share emails
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 09:03:58 +02:00
Morris Jobke 560ccf5d83
Cast float to int to avoid invalid scalar argument warning
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-18 16:56:36 +02:00
Morris Jobke 27e7332a9c
Cast float/char to int to avoid invalid scalar argument warning
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-18 16:51:59 +02:00
Roeland Jago Douma 6ed4c8a946
Improve recent file fetching
Fixes #16876

Before we'd just fetch everything from all storages we'd have access to.
Then we'd sort. And filter in php. Now this of course is tricky if a
user shared just a file with you and then has a ton of activity.

Now we try to contruct the prefix path. So that the filtering can happen
right away in the databae.

Now this will make the DB more busy. But it should help overall as in
most cases less queries are needed then etc.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-18 05:56:06 +02:00
John Molakvoæ 565ccb08cd
Merge pull request #22109 from nextcloud/feature/20931/followup-1 2020-08-17 22:13:45 +02:00
Roeland Jago Douma 6675528804
Merge pull request #22271 from nextcloud/phpdoc/22063/add-interface-method-and-phpdoc
Properly add new methods to interface and document in PHPDoc for getR…
2020-08-17 19:34:56 +02:00
Morris Jobke d7f66c36ac
Fix "misplaced variables" warning of Psalm in PHPDoc statements
Ref #21787

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-17 17:46:57 +02:00
Morris Jobke 00cb8e6c54
Merge pull request #22253 from nextcloud/debt/noid/docblocks
Fix some MissingDocblockType or InvalidDocblock warnings.
2020-08-17 17:45:11 +02:00
Morris Jobke e47cfc9a54
Properly add new methods to interface and document in PHPDoc for getRootMounts()
Introduced in #22063 and was just forgotten.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-17 17:13:46 +02:00
Daniel Kesselberg 3e7b815da4
Fix more MissingDocblockType or InvalidDocblock warnings.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-14 20:19:23 +02:00
Daniel Kesselberg 10ac844448
Update documentation for QueryBuilder::set
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-14 19:55:01 +02:00
Georg Ehrke 5b26487f14
Expose status via Collaborators API
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-14 17:04:52 +02:00
Roeland Jago Douma 8daaf33e3d
Silence duplicate session warnings
Fixes #20490

Basically restroring the old behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-14 05:23:11 +02:00
Gary Kim 5559570faf
Merge pull request #22242 from nextcloud/techdebt/noid/remove-deprecated-methods
Remove deprecated and unused method calls
2020-08-14 10:10:53 +08:00
Scott Dutton b12a390220
Always try and show pre rendered preview
Currently if the following situation happens

Server generates preview
Server has command removed which allows a preview to be shown
Client asks for preview, gets a 404 error when preview exists
(Mime checked before preview)

This happens more often with documents, or video as the commands are not
native PHP, they require a binary on the server.

After the fix the following would happen

Server generates preview
Server has command removed which allows a preview to be shown
Client asks for preview, gets preview which has been generated
(Mime checked after preview)

This would also allow offline generation (for example a docker image
containing the extra binaries), allowing a reduction in attack surface
of the instance serving the preview data.

Signed-off-by: Scott Dutton <scott@exussum.co.uk>
2020-08-13 22:50:38 +02:00
Morris Jobke 16d83ab30a
Remove getLastJob from IJobList
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 21:50:06 +02:00
Georg Ehrke ee23906c3c
Allow writing empty content to new file
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-13 15:41:26 +02:00
Julius Härtl 52eff4ae7c
Use user mount with matching shared storage only
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-13 15:10:05 +02:00
Morris Jobke 0b856329eb
Merge pull request #22202 from nextcloud/enh/noid/cleanup-servercontainer
Use autowiring where possible in server container
2020-08-13 10:55:48 +02:00
Morris Jobke 3c56922444
Merge pull request #22205 from nextcloud/activity-settings-cleanup
merge file activity settings into a single 'favorite changed' item
2020-08-13 08:15:06 +02:00
Morris Jobke df4bcd616f
Add @deprecated labels for server DI containter aliases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 07:43:37 +02:00
Morris Jobke 725fecee34
Merge pull request #21344 from nextcloud/fix/twofactor-cleanup-event
Emit an event for every disabled 2FA provider during cleanup
2020-08-13 07:25:01 +02:00
Morris Jobke 894640206e
Use registerDeprecatedAlias for non-namespaced aliases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 05:43:38 +02:00
Morris Jobke 2f2252cfba
Use autowiring where possible in server container
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 05:43:36 +02:00
Robin Appelman 5f58cefbd7
merge file activity settings into a single 'favorite changed' item
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-13 00:01:34 +02:00
Daniel Kesselberg 4dd507675c
Generate password by password_policy app
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-11 21:58:51 +02:00
Morris Jobke 8fc877ff7d
Merge pull request #22117 from nextcloud/activity-settings-grouping
allow grouping of activity settings
2020-08-11 11:24:23 +02:00
Morris Jobke c0be7e329f
Prefer typed event over string based ones
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-10 15:22:55 +02:00
Morris Jobke 54726d5934
Merge pull request #21738 from nextcloud/techdebt/14552/migrate-OC_Group-post_removeFromGroup
Migrate OC_Group post_removeFromGroup hook to actual event object
2020-08-07 17:46:00 +02:00
Morris Jobke 408ed7ebd4
Merge pull request #22139 from nextcloud/fix/noid/check-for-preview-multibucket-fallback-as-second-step
Check previews in multibucket fallback folder as the last step and not as first step
2020-08-07 16:02:02 +02:00
John Molakvoæ (skjnldsv) 9e962fb69f
Allow to update to nightly
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-07 13:51:39 +02:00
Morris Jobke 0807e29e17
Merge pull request #22133 from nextcloud/boot-app-once
only boot apps once
2020-08-07 12:05:09 +02:00
Morris Jobke 06eb230d24
Merge pull request #22135 from nextcloud/enh/noid/occ-preview-repair
Add occ preview:migrate to migrate previews from the old flat structure to a subfolder structure
2020-08-07 11:09:16 +02:00
Robin Appelman 246ed35d94
only boot apps once
in some cases `loadApp` is called more then once which is currently causing apps to be "booted" multiple times which can lead to unexepected behaviour with things like registering hooks

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-07 11:04:47 +02:00
Morris Jobke 4d0c3fa4a8
Check previews in multibucket fallback folder as the last step and not as first step
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-07 09:37:11 +02:00