Commit Graph

658 Commits

Author SHA1 Message Date
Lukas Reschke e1e1009ccc Redirect to index if the logout link is accessed without valid session
This is needed to prevent "Token expired" messages while login if a session is expired
@see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
2014-05-11 13:09:46 +02:00
Lukas Reschke 73b914ddbc Add CSRF check on login and logout
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
Bernhard Posselt 906061a07b Merge pull request #8171 from owncloud/fix-import
be nice and use a relative import so people can use the class without fi...
2014-05-02 22:43:19 +02:00
Thomas Müller 7c0340c63c Merge pull request #7852 from josh4trunks/basic_auth_fix
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-28 21:46:52 +02:00
Thomas Müller 6935364b33 add class Pimple to autloader 2014-04-28 20:57:44 +02:00
Lukas Reschke 1d9ac38da6 Remove an added t by the github webeditor
Notice to myself: Stick to my IDE.
2014-04-27 16:41:09 +02:00
Lukas Reschke 7a8bfeae6e Grammatical fixes 2014-04-27 16:31:04 +02:00
Lukas Reschke b6612ef04a Clarify the trusted_domain error page 2014-04-26 23:11:29 +02:00
Volkan Gezer ff0dab6e92 This adds one more missing untranslated text from lib/share
Also displays the untrusted domain warning in English
2014-04-24 01:42:18 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Lukas Reschke c123dc7de4 Fix typo
Thanks @DeepDiver1975
2014-04-14 10:15:31 +02:00
Lukas Reschke 387d46cb98 Typo + Line breaks 2014-04-13 12:54:26 +02:00
Lukas Reschke df67a04385 Move security headers to base.php
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
Thomas Müller 647abe512b reduce code duplication, fix parse error, prevent page reload on hitting enter while changing the display name - refs #8085 2014-04-07 14:04:16 +02:00
josh4trunks 5b402aa846 Fixed Typo 2014-04-03 22:12:57 -07:00
josh4trunks a266144750 Don't always $cookie_path, only set it when needed 2014-04-03 22:12:57 -07:00
josh4trunks d1106f1749 cookie would be useless if value is not set 2014-04-03 22:12:57 -07:00
josh4trunks 63df8354da Don't to set the cookie it wasn't needed. 2014-04-03 22:12:57 -07:00
josh4trunks 4ddf5d92f2 Fixes login / logout when HTTP Basic Headers are avilable. 2014-04-03 22:12:57 -07:00
Vincent Petry d0012e729a Merge pull request #7879 from owncloud/sharing_cleanup_public_api
sharing api cleanup, first step
2014-03-28 12:23:11 +01:00
Thomas Müller 5fa8f7cf12 Merge pull request #7107 from owncloud/load-apps-proper-master
Load apps proper master
2014-03-28 10:33:55 +01:00
Bjoern Schiessle b602662578 add a "helper" and a "hooks" class. Move constants needed by multiple classes
to a "constants" class
2014-03-25 17:47:24 +01:00
icewind1991 4c8a83e82f Merge pull request #7714 from owncloud/phpunit-config
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-24 13:01:37 +01:00
Thomas Müller 96e6cb3db4 all authentication apps are loaded at first - everything else relies on these apps 2014-03-21 15:00:25 +01:00
Thomas Müller 6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Vincent Petry 36c0f08ec0 Merge pull request #7732 from owncloud/datafolderexistence
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
Thomas Müller 756bbe8786 Merge pull request #7649 from owncloud/routing-public
Move routing classes to an interface and expose it in the public api
2014-03-17 21:07:05 +01:00
Vincent Petry b619ff6076 Return 503 when a config/data dir error exists 2014-03-14 21:05:15 +01:00
Robin Appelman a8eb7a5092 Allow setting the config dir to use as enviroment variable for phpunit 2014-03-13 13:33:09 +01:00
Georg Ehrke 8048868bd7 use preDelete instead of postDelete hook 2014-03-13 03:14:42 +01:00
Robin Appelman 26793e1f94 switch OC::getRouter usages to OC::$server->getRouter 2014-03-10 14:06:47 +01:00
Robin Appelman 8ab7d18a6a Move the router classes to a namespace and expose it with a public interface 2014-03-10 14:04:58 +01:00
Vincent Petry ba3f5fe53a Merge pull request #7583 from owncloud/trusteddomainerrorpage
[master] Show warning page when accessing server from an untrusted domain
2014-03-07 10:37:16 +01:00
Vincent Petry 421cff00bd Show warning page when accessing server from an untrusted domain
Added early check for the requested domain host and show a warning
page if the domain is not trusted.
2014-03-06 11:51:08 +01:00
Thomas Müller 32b29c9d73 Merge branch 'master' into fix-7307
Conflicts:
	core/js/router.js
	settings/js/admin.js
2014-03-06 00:15:08 +01:00
Thomas Müller 1291303c5a Replace OC.Router.generate() with OC.generateUrl() 2014-03-02 22:30:24 +01:00
kondou da19109f40 Config to disable basic_auth username chacking
This can be confusing and/or annoying
2014-02-26 18:06:13 +01:00
Bart Visscher 7f05c23231 Merge pull request #3760 from IMM0rtalis/remove_logout_redirect_slash
- removed slash-adding for logout-header-redirect
2014-02-26 16:05:09 +01:00
Thomas Müller 27ad69eea5 Merge branch 'master' into no-css-js-delivery-via-php 2014-02-21 14:01:24 +01:00
Thomas Müller fbea02bebb kill $coreStyles and $coreScripts 2014-02-20 14:18:01 +01:00
Thomas Müller bf22ed7bdb kill old minimizer code 2014-02-20 13:10:56 +01:00
Jan-Christoph Borchardt 3e2c56157b reduce width of searchbox on mobile, fix overlap, fix #7282 2014-02-20 11:33:46 +01:00
Jörn Friedrich Dreyer 2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Thomas Müller 79fc4f3126 Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging 2014-02-06 11:34:27 +01:00
Thomas Müller 0db5fead8e remove some more global variable $RUNTIME_NOAPPS 2014-02-06 10:04:18 +01:00
Thomas Müller afbe50d09c remove global variable $RUNTIME_NOAPPS - it's just superfluous 2014-02-06 09:44:13 +01:00
Morris Jobke 3c80071807 Merge pull request #4795 from owncloud/setup
Move core setup code to controller class
2014-02-04 06:04:21 -08:00
Bjoern Schiessle cf5277b558 also load error handler if debugging is enabled 2014-02-03 12:08:28 +01:00
Bart Visscher bca725dc32 Merge branch 'master' into setup
Conflicts:
	core/setup.php
2014-01-31 16:43:12 +01:00
Morris Jobke 0a1708ba11 Merge pull request #6912 from owncloud/replace-webroot-in-css
Remove %webroot% from CSS
2014-01-27 04:11:15 -08:00
Thomas Müller 9fa788c452 Merge pull request #6736 from owncloud/tests-jsunittests
Added Javascript unit tests
2014-01-23 12:43:05 -08:00
Jan-Christoph Borchardt 25e9b7a742 add icons.css file, first step to get rid of %webroot% 2014-01-23 12:55:39 +01:00
Robin Appelman 164915a3f8 Move test config folder to tests/config 2014-01-20 13:41:52 +01:00
Robin Appelman 6b4c3df087 Load a separate config (if present) when running unit tests 2014-01-17 14:40:48 +01:00
Vincent Petry 350214c609 Added Javascript unit tests
- added karma utility to run jasmine unit tests
- added Sinon library (for stubs/mocks/fakeserver)
- added a few unit tests for core and files
- added autotest-js.sh script
2014-01-16 17:12:29 +01:00
Thomas Müller c3829dfa61 rename user-id to loginname to stay consistent 2014-01-09 10:29:21 +01:00
Thomas Müller e0bd7e145c Remove @ in order to get proper error handling 2014-01-07 16:24:05 +01:00
Thomas Müller 214aecac78 require composer's autoload.php if present 2014-01-05 21:49:08 +01:00
Robin Appelman 4c45c6f418 dont try to register background jobs if we haven't upgraded yet 2013-12-13 17:15:18 +01:00
Arthur Schiwon f26ba5846d coding style 2013-12-13 16:58:16 +01:00
Arthur Schiwon dcfda5c2a9 coding style 2013-12-13 16:58:09 +01:00
Arthur Schiwon 91d6a6dd7c On webdav sesssions, loginname was compared to username which does not need to match necessarily 2013-12-13 16:58:03 +01:00
Vincent Petry df1a404466 Fix webroot for update page
On the update page, config.js was missing which caused oc_webroot to not
be available. That would trigger the faulty oc_webroot fallback that
didn't take URLs like "/owncloud/index.php/files/apps" into account.

This fix adds config.js in the update page and also a fix for the
oc_webroot fallback, in case it is used elsewhere.
2013-12-13 12:56:48 +01:00
Morris Jobke 9c4bbf9ad7 Revert "Revert "Fix user's displayName being overwritten by (old) cookie""
This reverts commit eba35d28cd.
2013-12-05 20:53:11 +01:00
Morris Jobke eba35d28cd Revert "Fix user's displayName being overwritten by (old) cookie"
This reverts commit 2a7380cc21.
2013-12-05 16:12:46 +01:00
Nico Kaiser 2a7380cc21 Fix user's displayName being overwritten by (old) cookie 2013-12-05 14:18:32 +01:00
Robin Appelman 9fbccc83e3 merge master into single-user-mode 2013-11-25 21:25:04 +01:00
Robin Appelman 71c1327691 Add "single user mode" which restricts access to users in the admin group
This can be enabled by setting 'singleuser' to true in config.php
2013-11-25 15:08:24 +01:00
Robin Appelman 317d421874 provide more cli friendly error messages 2013-11-25 13:04:23 +01:00
Thomas Müller 4a2f9636cf Merge pull request #5773 from owncloud/fix-2152-master
Make working en_US.UTF-8 locale a hard requirement
2013-11-21 08:03:21 -08:00
Georg Ehrke 49cd5dad24 add trash bin and file versions delete hooks in OC::registerPreviewHooks 2013-11-12 14:08:55 +01:00
Bart Visscher a6d8854d2a Make working en_US.UTF-8 locale a hard requirement 2013-11-08 14:30:08 +01:00
Thomas Müller 4f24d4ba01 display the exception instead of meaningless message 2013-11-04 21:55:55 +01:00
Thomas Mueller eb3c5070c0 replace template function link_to_docs() with \OC_Helper::linkToDocs() 2013-11-02 19:11:46 +01:00
Bart Visscher 06b42f9788 Merge pull request #5443 from owncloud/fix-autoloader-caching
Remove Autoloader Cache Hack. Do not use Cache on Install.
2013-11-01 05:35:34 -07:00
Andreas Fischer b6bb2b26dd Make "Please contact your system administrator" a full sentence. 2013-11-01 11:35:02 +01:00
Morris Jobke c61d328ab9 Merge pull request #3889 from owncloud/apps_preload
Don't load the apps when we need to upgrade
2013-10-28 03:17:52 -07:00
Thomas Müller 3917d18980 Merge pull request #5528 from frisco82/changeUpadateNotification
Changed update message to be more instructive
2013-10-24 10:28:17 -07:00
Ramiro Aparicio 3a81c8e3af Changed update message to be more instructive, changed update style to be less aggresive
Fix br tags

Improve english messages
2013-10-24 19:21:40 +02:00
Thomas Müller 54e9d8c306 Merge pull request #5507 from owncloud/webdav-removeredirectfromindex
Remove WebDAV redirect from the root path
2013-10-24 10:05:21 -07:00
Vincent Petry c186f33428 Remove WebDAV redirect from the root path
This will prevent people mounting the root path.
They should use the full webdav path instead.

Fixes #4923
2013-10-24 10:34:09 +02:00
Vincent Petry 086b82bd69 Fixed sharing dropdown placeholders in IE8/9
Added jquery.placeholder shim to handle input field placeholders in IE8/9
2013-10-23 18:51:25 +02:00
Andreas Fischer f5e2b92688 Only use autoloader cache when 'instanceid' is available. 2013-10-22 11:17:15 +02:00
Andreas Fischer eb6637682e Inject memoryCache into Autoloader. Remove recursion-prevention hack. 2013-10-22 11:17:15 +02:00
Thomas Müller 148d2616e5 introduce link_to_docs() and migrate links 2013-10-21 21:29:45 +02:00
Arthur Schiwon 33c4747fdf Use display name from magic cookie, fixes #4884 2013-10-18 13:36:33 +02:00
Thomas Müller fdeef5e874 Merge branch 'master' into fixing-appframework-master
Conflicts:
	lib/private/appframework/middleware/security/securitymiddleware.php
	tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php
2013-10-16 15:45:55 +02:00
Tom Needham 6f8dd54788 Include exception message in log entry when session fails to start 2013-10-12 09:15:08 +01:00
Tom Needham cf7ea4bec5 Handle ownCloud logging when data dir not created 2013-10-11 17:16:37 +01:00
Tom Needham cb110c0679 Log the session exception when ownCloud is not installed 2013-10-11 16:45:58 +01:00
Morris Jobke 0641365a10 Merge pull request #4780 from AxelRb/master
On an auth failure the uid and the IP address should be logged to the st...
2013-10-10 07:21:36 -07:00
Axel Roenn 9b0454380c changed the argument to false for getValue , reformated else statement 2013-10-10 14:15:13 +02:00
Thomas Müller 053b55721d Merge branch 'master' into fixing-appframework-master 2013-10-08 12:13:24 +02:00
Thomas Müller fda37ea09c PHPDoc added 2013-10-07 00:32:08 +02:00
Bart Visscher a90ea2c069 Merge remote-tracking branch 'origin/master' into setup 2013-10-02 18:23:59 +02:00
Thomas Müller 621ab1c7ee fixing various PHPDoc comments 2013-10-02 15:04:42 +02:00
Thomas Müller 8c77cd1901 remove obsolete function login() 2013-10-02 14:49:14 +02:00
Thomas Müller 4cecede13d code cleanup - remove special case for webdav in handleApacheAuth() 2013-10-02 00:55:35 +02:00
Thomas Müller 7e9e23f210 Merge branch 'master' into apache-auth-master 2013-10-02 00:21:11 +02:00
Thomas Müller d8ada370d7 Squashed commit of the following:
commit ae1f68ac54cf2878d265b2bbce13bd600d2d0719
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date:   Thu Aug 22 11:45:27 2013 +0200

    fixing undefined variable

commit 982f327ca10eea0a2222eae3e74210648591fd8a
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date:   Wed Aug 7 12:00:14 2013 +0200

    adding login.php as alternative for index.php/login

commit da0d7e1d096fb80789524b01f0f96fe08d147943
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date:   Wed Aug 7 11:36:12 2013 +0200

    adding a route for web login

commit 8e2a01160485cf7e9a2eb8bf46f06fae73956e8e
Author: Karl Beecher <karl@endocode.com>
Date:   Tue Aug 6 17:00:28 2013 +0200

    Login attempt returns true instead of exiting immediately

commit fd89d55de9e71e986e03a0de9aad9407b632e22f
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Aug 5 15:31:30 2013 +0200

    Further abstraction.

    This change introduces the ApacheBackend interface for backends that
    depend on Apache authentication and session management. There are no
    longer references to specific backends in OC_User.

commit 469cfd98aea5a37985722cf5f9e00ece0ce38178
Author: Karl Beecher <karl@endocode.com>
Date:   Thu Aug 1 15:46:36 2013 +0200

    Make login attempt function protected.

commit d803515f19ff086e2028fcaa51afae579685e596
Author: Karl Beecher <karl@endocode.com>
Date:   Wed Jul 31 16:00:22 2013 +0200

    Amends the login link

    When using a Shibboleth login, clicking logout displays a message to the
    user instead of ending the session.

commit aa8c1fcea05c8268f26a10b21c4e0bc547c3414f
Author: Karl Beecher <karl@endocode.com>
Date:   Tue Jul 30 13:15:59 2013 +0200

    Abstract Shibboleth authentication into an Apache authentication method

commit 69082f2ebcab267f6e8eceb1a252f84c52236546
Author: Karl Beecher <karl@endocode.com>
Date:   Tue Jul 30 11:22:26 2013 +0200

    Convert spaces -> tabs

commit 5a80861d86855eec5906fd5e235ac4ff12efb0f2
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 17:40:48 2013 +0200

    Separate the authentication methods

    SABRE authentication and base authentication have slightly different
    workings right now. They should be refactored into a common method
    later, but time pressure requires us to reinvent the wheel slightly.

commit dc20a9f8764b103b7d8c5b713f2bcdae18708b65
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 17:07:07 2013 +0200

    Authenicate calls to WebDAV against Shibboleth.

    When using WebDAV, the OC_Connector_Sabre_Auth::authenticate method is
    normally called without trying the Shibboleth authentication... thus the
    session is not established.

    The method now tries Shib authentication, setting up a session if the
    user has already authenticated.

commit 091e4861b2246c4084c9b30e232289fde4ba1abf
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 14:04:54 2013 +0200

    Sets up the Shibboleth login attempt.

commit bae710ec0579ef99b23022cc12f6876c5fe6b0d5
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 12:36:44 2013 +0200

    Add a method for attempting shibboleth login.

    If the PHP_AUTH_USER and EPPN environment variables are set, attempt a
    Shibboleth (passwordless) login.

commit 667d0710a7854e58fb109201d9cee6ec064e793a
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 11:38:04 2013 +0200

    Revert "Adds the apps2 folder with user_shibboleth backend."

    This reverts commit 7abbdb64676d667b0c69aca37becdc47e56dc7ef.

commit 7abbdb64676d667b0c69aca37becdc47e56dc7ef
Author: Karl Beecher <karl@endocode.com>
Date:   Mon Jul 29 11:28:06 2013 +0200

    Adds the apps2 folder with user_shibboleth backend.

Conflicts:
	core/templates/layout.user.php
	lib/base.php
2013-10-01 14:29:01 +02:00