Arthur Schiwon
02d6870735
fixes terminology and allows to request an IUser instance
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-02 08:39:39 +02:00
Arthur Schiwon
a2c5ab2f8b
adjusts LDAP's home handler to use the correct user object
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-02 08:39:39 +02:00
Arthur Schiwon
d577076457
do not send null value when string is expected
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-02 08:39:39 +02:00
Julius Härtl
30c44e1d24
Provide proper user context from initMountPoints
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-02 08:39:24 +02:00
Julius Härtl
72aaf2e5fb
files_external: Make sure the correct user context is used in substitution of variables
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-02 08:39:24 +02:00
Roeland Jago Douma
f1066fd769
Merge pull request #16619 from nextcloud/bugfix/16446/theming-url-validate
...
Validate urls in theming settings and properly handle error messages
2019-07-31 12:52:19 +02:00
Roeland Jago Douma
436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540
...
Add missing password reset page to vue
2019-07-31 11:02:20 +02:00
Roeland Jago Douma
1d8b09aa86
Merge pull request #16616 from nextcloud/dep/setEvalScript
...
setting unsafe-eval is deprecated
2019-07-31 11:01:38 +02:00
Julius Härtl
47a0254bb3
Validate urls in theming settings and properly handle error messages
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 10:20:57 +02:00
Julius Härtl
3b0d13944a
Move actual password reset to vue
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 09:19:07 +02:00
Nextcloud bot
3f8f0f7609
[tx-robot] updated from transifex
2019-07-31 02:16:00 +00:00
Roeland Jago Douma
417fbb5d60
setting unsafe-eval is deprecated
...
This will be removed in a future version of Nextcloud.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-30 16:27:38 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma
53330ce1fc
Merge pull request #16599 from nextcloud/fix/xss/on-favorite-file
...
Fix/xss/on favorite file
2019-07-30 09:51:45 +02:00
Roeland Jago Douma
a3bf8ac339
Merge pull request #16593 from nextcloud/fix/noid/more-precise-error-message
...
More precise error message when expected filesize does not match
2019-07-30 08:55:28 +02:00
Roeland Jago Douma
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Roeland Jago Douma
fc497eb871
Merge pull request #16596 from nextcloud/bugfix/noid/vtooltip-defaults
...
Set proper defaults for v-tooltip usages
2019-07-30 08:43:10 +02:00
Roeland Jago Douma
e341e6946b
Merge pull request #16595 from nextcloud/tech-debt/noid/no-need-to-document-the-obvious
...
Do not document the obvious
2019-07-30 08:42:31 +02:00
Nextcloud bot
74eb2894a7
[tx-robot] updated from transifex
2019-07-30 02:14:45 +00:00
Julius Härtl
09b5df42ab
Bump bundles
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-29 20:38:23 +02:00
Julius Härtl
3d6e49aa6c
Force defaultHtml setting of v-tooltip to be disabled
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-29 20:38:22 +02:00
Max Fichtelmann
4977f235f6
prevent potential XSS via unchecked use innerHTML
...
Signed-off-by: Max Fichtelmann <max.fichtelmann@procilon.de>
2019-07-29 18:16:37 +02:00
Max Fichtelmann
1d29636008
fix XSS when adding a file with a malicious name to favorites
...
Signed-off-by: Max Fichtelmann <max.fichtelmann@procilon.de>
2019-07-29 18:16:37 +02:00
Morris Jobke
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Morris Jobke
8d8766d5a7
Merge pull request #16591 from nextcloud/fix/noid/typo-in-comment
...
Fix typo in comment
2019-07-29 16:54:29 +02:00
Roeland Jago Douma
0ea7fbae54
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Roeland Jago Douma
ba60fafb9a
Add proper PostLoginEvent
...
This can be used by othr mechanisms to listen for this event in a lazy
fashion.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke
5f6c7ba9a8
Do not document the obvious
...
This removes PHPDoc that is already available as source code type hints.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:25:54 +02:00
Morris Jobke
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Morris Jobke
13fd89575d
More precise error message when expected filesize does not match - could be on reading or writing side
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:03:01 +02:00
Morris Jobke
e45fb5fa3e
Fix typo in comment
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 14:55:43 +02:00
Roeland Jago Douma
51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
...
Split up security middleware
2019-07-29 12:13:55 +02:00
Morris Jobke
ec7e837d6a
Merge pull request #16563 from nextcloud/enh/lostcontroller/better_exceptions
...
Use proper exception in lostController
2019-07-29 10:42:36 +02:00
Roeland Jago Douma
173d95c904
Merge pull request #16581 from nextcloud/dep/strict_csps_can_go
...
No need to have these classes we tighten the default CSP from time to time
2019-07-29 10:40:38 +02:00
Roeland Jago Douma
fb78cd3ed8
Merge pull request #16570 from nextcloud/enh/supress_touch_error
...
Supress warnings touch can generate
2019-07-29 10:39:46 +02:00
Morris Jobke
ef86346886
Merge pull request #16571 from nextcloud/enh/update_preview_controller
...
Update PreviewController
2019-07-29 10:35:08 +02:00
Nextcloud bot
57f2ea22c7
[tx-robot] updated from transifex
2019-07-29 02:14:59 +00:00
Roeland Jago Douma
d6bb26140d
Merge pull request #16573 from nextcloud/fix-default-timeouts-in-oc-notification
...
Fix default timeouts in OC.Notification
2019-07-28 20:57:31 +02:00
Roeland Jago Douma
99081daa4c
Merge pull request #16583 from nextcloud/dependabot/npm_and_yarn/webpack-4.38.0
...
Bump webpack from 4.36.1 to 4.38.0
2019-07-28 10:49:02 +02:00
Nextcloud bot
b481750d00
[tx-robot] updated from transifex
2019-07-28 02:15:26 +00:00
dependabot-preview[bot]
774da99d94
Bump webpack from 4.36.1 to 4.38.0
...
Bumps [webpack](https://github.com/webpack/webpack ) from 4.36.1 to 4.38.0.
- [Release notes](https://github.com/webpack/webpack/releases )
- [Commits](https://github.com/webpack/webpack/compare/v4.36.1...v4.38.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-28 01:13:42 +00:00
Roeland Jago Douma
b6dd2ebd39
Use proper exception in lostController
...
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
Roeland Jago Douma
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Roeland Jago Douma
cd243b0876
No need to have these classes we tighten the default CSP from time to
...
time
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 14:59:48 +02:00
Roeland Jago Douma
1ec98af3e0
Merge pull request #16560 from nextcloud/bugfix/noid/fix_cutype_reporting
...
fix calendar-user-type reporting
2019-07-27 12:23:25 +02:00
Roeland Jago Douma
9ef23e2362
Merge pull request #16558 from nextcloud/enh/less_verbose_locked_logging
...
Do not log all locked exceptions
2019-07-27 10:39:11 +02:00
Nextcloud bot
2827b0ba31
[tx-robot] updated from transifex
2019-07-27 02:14:37 +00:00
Daniel Calviño Sánchez
abd5d10253
Add unit tests for "OC.Notification.hide()"
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-07-26 18:46:59 +02:00
Daniel Calviño Sánchez
03f2e8a10e
Fix default timeouts in OC.Notification
...
When no timeout was given "show()" used the default timeout of
"OCP.Toast", which is 7 seconds instead of indefinitely as stated in the
documentation of "show()". "showHtml()" should also indefinitely show
the notification if no timeout is given, but due to the strict
comparison the notification was indefinitely shown only when a timeout
of 0 was explicitly given. Now both methods show the notification
indefinitely (or until it is explicitly hidden) when no timeout is
given.
The unit tests did not catch this error because "showHtml()" had no
tests (as before the move to Toastify it was called from "show()" and
thus implicitly tested), and because "show()" verified that "hide()" was
not called after some time; "hide()" is no longer called from "show()"
since "OCP.Toast" is used internally, so the test always passed even if
the notification was indeed hidden. Now the test is based on whether the
element is found or not, and explicit tests were added too for
"showHtml()".
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-07-26 18:46:59 +02:00
Daniel Calviño Sánchez
14006b548e
Fix mixed test for "show" and "showTemporary"
...
"showTemporary()" when a timeout was given was being tested along with
the "show()" tests; now there are two separate tests when a timeout is
given, one for "showTemporary()" and one for "show()".
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-07-26 18:46:58 +02:00