Morris Jobke
407a500745
Merge pull request #5803 from nextcloud/fix-public-links
...
fix preview for public links
2017-07-21 09:34:36 +02:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
...
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.
As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.
The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Bjoern Schiessle
ae8a3ce085
fix preview for public links
...
in case a user is already logged in on the same server from
which the public link comes from, we need to setup the owners
file system in order to show the preview
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-20 11:24:52 +02:00
Joas Schilling
3ff3c338c9
Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens
...
Only use readable chars in Share Tokens
2017-07-19 16:40:18 +02:00
Joas Schilling
984933e586
Only use readable chars in Share Tokens
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Nextcloud bot
a23cdd04bb
[tx-robot] updated from transifex
2017-07-15 00:08:54 +00:00
Nextcloud bot
261513b04a
[tx-robot] updated from transifex
2017-07-13 00:08:31 +00:00
Nextcloud bot
13295c2d1d
[tx-robot] updated from transifex
2017-07-12 00:08:43 +00:00
Morris Jobke
b4deba2078
Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails
...
Use PNGs for icons in activity emails
2017-07-07 11:05:00 +02:00
Bjoern Schiessle
f186a5cfb1
fix and extend dav test to also test the master-key setup
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-06 11:47:11 +02:00
Joas Schilling
b27819785e
Don't log passwords on dav exceptions
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-29 17:20:10 +02:00
Nextcloud bot
6e52c8a794
[tx-robot] updated from transifex
2017-06-26 00:08:31 +00:00
Morris Jobke
eb9aedf44b
Enhance the logging if the part file can not be renamed
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-22 17:50:14 -05:00
Joas Schilling
90fa27694a
Use PNG version of the icons for shipped activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Nextcloud bot
26d6c4a64a
[tx-robot] updated from transifex
2017-06-17 00:08:26 +00:00
Joas Schilling
698a7cb7f0
Merge pull request #5124 from nextcloud/allow-dirlisting-with-unreadable-items
...
Allow dir-listing also when one child is blocked by access control
2017-06-16 10:47:08 +02:00
Morris Jobke
ca3c69c8ae
Merge pull request #5298 from nextcloud/bugfix/4885/calendar_shares_url_special_char_issue
...
urldecode group principals in Cal- and CardDAV backend
2017-06-14 23:10:40 -05:00
Morris Jobke
ac565cecad
Merge pull request #5300 from nextcloud/bugfix/noid/fix_proppatch_requests_to_groupshares
...
allow users to send PropPatch request when calendar is group-shared with them
2017-06-14 23:00:39 -05:00
Nextcloud bot
7a269ae872
[tx-robot] updated from transifex
2017-06-15 00:08:40 +00:00
Morris Jobke
f38f2baa5a
Merge pull request #5295 from nextcloud/bugfix/5077/allow_proppatches_to_birthday_calendar
...
allow PropPatch requests to contact_birthdays
2017-06-13 18:11:13 -05:00
Lukas Reschke
633396001f
Prevent sending second WWW-Authenticate header
...
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.
Fixes https://github.com/nextcloud/server/issues/5088
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Georg Ehrke
35781ae45c
urldecode group principals in Cal- and CardDAV backend
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-12 21:01:30 +02:00
Georg Ehrke
a0c2e6e922
add missing parent::setUp that broke any other dav app test
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 19:26:36 +02:00
Georg Ehrke
0f1d47cdf3
allow users to send PropPatch request when calendar is group-shared with them
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 09:21:56 +02:00
Georg Ehrke
9563c25c69
allow PropPatch requests to contact_birthdays
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 08:00:52 +02:00
Joas Schilling
b6d6f3c521
Fix unit test
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-07 11:24:00 +02:00
Nextcloud bot
a3c5d43cd5
[tx-robot] updated from transifex
2017-06-07 00:09:00 +00:00
Nextcloud bot
f03d6f225e
[tx-robot] updated from transifex
2017-06-04 00:08:29 +00:00
Nextcloud bot
5d39f700e4
[tx-robot] updated from transifex
2017-06-03 00:09:00 +00:00
Nextcloud bot
8801b68d45
[tx-robot] updated from transifex
2017-06-01 00:08:38 +00:00
Nextcloud bot
b9b7f8bede
[tx-robot] updated from transifex
2017-05-30 00:08:44 +00:00
Nextcloud bot
e3e3e8edf2
[tx-robot] updated from transifex
2017-05-27 00:08:32 +00:00
Joas Schilling
d0c614a322
Allow dir-listing also when one child is blocked by access control
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-26 15:54:39 +02:00
Nextcloud bot
a46d2f1d39
[tx-robot] updated from transifex
2017-05-25 00:08:04 +00:00
Roeland Jago Douma
30ac7ec2bf
Merge pull request #5004 from nextcloud/bugfix/fix_replacing_4mbunicode_for_calendar_properties_table
...
fix replacing of 4MB Unicode Chars in cal props table
2017-05-23 13:26:10 +02:00
Nextcloud bot
9c8a838624
[tx-robot] updated from transifex
2017-05-23 00:08:29 +00:00
Joas Schilling
bc8fbc1a67
Bump app versions as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-22 10:35:25 +02:00
Joas Schilling
fdfe8f7f15
Adjust version requirement
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-22 10:32:05 +02:00
Georg Ehrke
4b5379309e
fix replacing of 4MB Unicode Chars in cal props table
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-21 13:26:46 +02:00
Nextcloud bot
e24105feba
[tx-robot] updated from transifex
2017-05-19 00:08:26 +00:00
Lukas Reschke
639ba526d0
Adjust realm from SabreDAV to Nextcloud
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:38:55 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
df3909a7c3
Use Bearer backend for SabreDAV
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Nextcloud bot
d41fd7471c
[tx-robot] updated from transifex
2017-05-18 00:07:48 +00:00
Nextcloud bot
11e04e394d
[tx-robot] updated from transifex
2017-05-17 15:56:32 +00:00
Nextcloud bot
443cbdc739
[tx-robot] updated from transifex
2017-05-17 00:08:09 +00:00
Nextcloud bot
7d1f362aa0
[tx-robot] updated from transifex
2017-05-16 00:08:08 +00:00
Roeland Jago Douma
cef2110263
Revert "fix objectstore rename"
...
This reverts commit 5334a3dc33
.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-15 13:59:18 +02:00
Nextcloud bot
6e3a914f4a
[tx-robot] updated from transifex
2017-05-13 00:08:00 +00:00