Commit Graph

58547 Commits

Author SHA1 Message Date
Roeland Jago Douma 83330b8c4c
Merge pull request #26896 from nextcloud/Valdnet-patch-8
l10n: Replace the apostrophe with double quotation
2021-05-18 08:44:09 +02:00
Roeland Jago Douma ee3dc57cbd
Merge pull request #26626 from J0WI/strict-security
Make Security module strict
2021-05-18 08:43:13 +02:00
korelstar b38e8678e4 fix error when using CORS with no auth credentials 2021-05-18 07:11:10 +02:00
Roeland Jago Douma 4a2775a442 Harden apptoken check
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-17 16:05:45 +02:00
Roeland Jago Douma 44a638f961
Merge pull request #26998 from nextcloud/dependabot/npm_and_yarn/babel/core-7.14.2
Bump @babel/core from 7.13.16 to 7.14.2
2021-05-17 15:26:51 +02:00
Lukas Reschke c4fddd9b5c
Merge pull request #26946 from nextcloud/enh/fed_share/respect_default_permissions
Respect default share permissions for federated reshares
2021-05-17 12:01:59 +02:00
dependabot-preview[bot] 93aff09bda
Bump @babel/core from 7.13.16 to 7.14.2
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.13.16 to 7.14.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.14.2/packages/babel-core)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
2021-05-17 09:51:33 +02:00
Roeland Jago Douma 3854e7f8f0 Respect default share permissions for federated reshares
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-17 09:48:31 +02:00
Morris Jobke 77a4368418
Merge pull request #26846 from nextcloud/followup/26572/reply-with-json-when-not-accepting-html
Reply with json when not accepting html on LoginException
2021-05-17 09:36:18 +02:00
Nextcloud bot 06377b7df1
[tx-robot] updated from transifex 2021-05-17 02:26:35 +00:00
Nextcloud bot 5ea903d824
[tx-robot] updated from transifex 2021-05-16 02:26:44 +00:00
François Freitag 3f8fe4f35e Remove unused apps/dav/js/schedule-response.js
File is not included in the schedule-response-options template and is
commented out. The commented code relies on the buttonset() jQuery
plugin, which is deprecated.
https://api.jqueryui.com/buttonset/

If this code was to be re-introduced, it would take a different form.

Signed-off-by: François Freitag <mail@franek.fr>
2021-05-15 10:57:50 +02:00
Nextcloud bot 07476fd991
[tx-robot] updated from transifex 2021-05-15 02:29:20 +00:00
dependabot-preview[bot] 53e03a8b4f
Bump node-sass from 5.0.0 to 6.0.0 in /build
Bumps [node-sass](https://github.com/sass/node-sass) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/sass/node-sass/releases)
- [Changelog](https://github.com/sass/node-sass/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sass/node-sass/compare/v5.0.0...v6.0.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-05-15 01:14:16 +00:00
Julius Härtl bcf38692ae
Use parent wrapper to properly handle moves on the same source/target storage
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-05-14 09:41:01 +02:00
Nextcloud bot 3e69ed8849
[tx-robot] updated from transifex 2021-05-14 02:24:59 +00:00
blizzz 0ab5b3e265
Merge pull request #26679 from nextcloud/bugfix/noid/fix-unauthorized-ocs-status-in-provisioning
Fix unauthorized OCS status in provisioning
2021-05-13 23:39:20 +02:00
blizzz b8b2e796bf
Merge pull request #26959 from nextcloud/techdebt/noid/verifiyuserdata-iaccountmanager
VerifyUserData shall use IAccountManager, not private API
2021-05-12 23:35:39 +02:00
blizzz a923213b4f
Merge pull request #26961 from nextcloud/techdet/noid/lib-accountmanager-api
ValidatePhoneNumber and PersonalInfo to use public IAccountManager
2021-05-12 23:35:28 +02:00
Arthur Schiwon 9977027321
VerifyUserData shall use IAccountManager, not private API
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-12 22:57:20 +02:00
Arthur Schiwon a49588bbe5
PersonalInfo settings to use public AccoutManager API
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-12 22:55:34 +02:00
Arthur Schiwon 2ee34ff76c
Repair job to use public AccoutManager API
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-12 22:55:28 +02:00
Roeland Jago Douma 9b36252de0
Merge pull request #26958 from nextcloud/enh/MountPublicLinkController/throttling
Throttle MountPublicLinkController when share is not found
2021-05-12 21:20:09 +02:00
Roeland Jago Douma 50517a2622 Throttle MountPublicLinkController when share is not found
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-12 16:26:31 +02:00
Roeland Jago Douma b01c7289ef
Merge pull request #26962 from nextcloud/fix-cs
Fix CS check
2021-05-12 16:25:12 +02:00
Robin Appelman 8d7fae8fae
fmt
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-05-12 16:11:55 +02:00
Robin Appelman a9eb1f6af3
update public interface with new methods
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-05-12 16:11:35 +02:00
Robin Appelman 0e6321957d
allow excluding groups from creating link shares
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-05-12 16:11:31 +02:00
Robin Appelman b1dca57a1c
load share settings from the share manager in more places
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-05-12 16:11:28 +02:00
Roeland Jago Douma 749dd1374c Fix CS check
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-12 16:01:05 +02:00
blizzz 7e1c842d96
Merge pull request #26923 from nextcloud/techdebt/noid/provapi-no-private-accountmanager
provisioning API to use only public API of IAccountManager
2021-05-12 14:17:50 +02:00
Roeland Jago Douma 6c741724fb
Merge pull request #26941 from nextcloud/enh/register-multiselect-fileactions
Allow apps to register a file action for multiselect
2021-05-12 10:53:58 +02:00
Roeland Jago Douma a2a96466fc
Merge pull request #26922 from nextcloud/techdebt/noid/dav-no-private-class
dav: Converter & SyncService shall not use private AccountManager
2021-05-12 10:22:49 +02:00
Roeland Jago Douma 024ed97e7e
Merge pull request #26945 from nextcloud/enh/shareinfo/throttle
Add bruteforce protection to the shareinfo endpoint
2021-05-12 10:07:28 +02:00
Julius Härtl 96515d7338
Allow apps to register a file action for multiselect
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-05-12 09:48:52 +02:00
Roeland Jago Douma 701294520a Add bruteforce protection to the shareinfo endpoint
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-12 09:34:45 +02:00
Joas Schilling b6c6527705
Fix unauthorized OCS status in provisioning
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-05-12 08:16:07 +02:00
Joas Schilling 236f1b64f9
Reply with JSON when html is not accepted like in SecurityMiddleware
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-05-12 08:02:53 +02:00
Joas Schilling a2d5d2d613
Reply with UNAUTHORIZED like on APIs when login exception was thrown
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-05-12 08:02:53 +02:00
Julius Härtl 0599a8060c
Merge pull request #26949 from nextcloud/fix-add-app-password
fix occ command user:add-app-password
2021-05-12 07:24:32 +02:00
Nextcloud bot 0df326ab20
[tx-robot] updated from transifex 2021-05-12 02:26:16 +00:00
Arthur Schiwon 8413ed9475
allow to set valid scopes only in AccountProperty
the auto-fallback to v2-local is removed as well to react on wrong input

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-12 01:31:15 +02:00
Arthur Schiwon 665ffbdf80
remove private AccountManager from SyncService
and fix test

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-11 23:38:31 +02:00
Bjoern Schiessle da21e86a07 use the UID as loginName and not the display name.
Otherwise the app password will not work for users with a display name different to the UID.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2021-05-11 20:38:54 +02:00
Roeland Jago Douma bf86050c77
Merge pull request #26751 from nextcloud/3rdparty/archive_tar/1.4.13
[3rdparty] Archive tar 1.4.13 bump
2021-05-11 09:17:43 +02:00
Nextcloud bot b2ad201644
[tx-robot] updated from transifex 2021-05-11 02:26:02 +00:00
Roeland Jago Douma ec6df60062 [3rdparty] Archive tar 1.4.13 bump
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-05-10 12:40:08 +02:00
Roeland Jago Douma ca49ba6441
Merge pull request #26917 from nextcloud/dependabot/npm_and_yarn/build/hosted-git-info-2.8.9
[Security] Bump hosted-git-info from 2.7.1 to 2.8.9 in /build
2021-05-10 10:22:09 +02:00
dependabot-preview[bot] cc3654ce37
[Security] Bump hosted-git-info from 2.7.1 to 2.8.9 in /build
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9. **This update includes a security fix.**
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-05-10 07:27:01 +00:00
Roeland Jago Douma 87d6b3fa01
Merge pull request #26919 from nextcloud/dependabot/npm_and_yarn/hosted-git-info-2.8.9
[Security] Bump hosted-git-info from 2.8.8 to 2.8.9
2021-05-10 09:25:20 +02:00