Commit Graph

18020 Commits

Author SHA1 Message Date
Julius Härtl 7a4a0dca22 Use user mount with matching shared storage only
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-10 14:20:59 +00:00
Arthur Schiwon 51fa743c7a
makes LDAP's group updater dispatch type events
* fixes group share updates on added users

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-09-10 15:18:47 +02:00
Julius Härtl 407fb28cb6 Annotate that writeStream can throw a GenericFileException
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-10 13:18:11 +00:00
Roeland Jago Douma 24b69b2402 Fix reading empty files from objectstorage
Since we try to do range requests this will fail hard.
However since empty files are not that interesting to read anyways we
just read from an emptry memory stream.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-09 19:47:23 +00:00
Morris Jobke b6c04b35c8
Merge pull request #22742 from nextcloud/backport/22589/stable19
[stable19] Allow additional personal settings via normal registration
2020-09-09 15:32:08 +02:00
Morris Jobke 968a756067
Merge pull request #22745 from nextcloud/backport/22646/stable19
[stable19] Fix detecting text/x-php mimetype and secure mimetype mapping
2020-09-09 15:31:46 +02:00
Julius Härtl 554fab45aa Properly add both mimetypes to secure mimetype mapping
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-09 12:17:26 +00:00
Joas Schilling 9e9ed6c251 Allow additional personal settings via normal registration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-09 11:25:40 +00:00
Joas Schilling 1031170f35 Warn about adding NotNull columns with nullable default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-07 18:57:56 +00:00
Nextcloud bot c3a6f50206
[tx-robot] updated from transifex 2020-09-07 02:16:49 +00:00
Nextcloud bot 55bad53353
[tx-robot] updated from transifex 2020-09-06 02:17:02 +00:00
Roeland Jago Douma dc60a81284
Merge pull request #22515 from nextcloud/backport/22472/stable19
[stable19] Fix writing BLOBs to postgres with recent contacts interaction
2020-09-04 12:38:16 +02:00
Roeland Jago Douma c1b971ec63
Merge pull request #22579 from nextcloud/backport/22550/stable19
[stable19] Use the correct root to determinate the webroot for the resource
2020-09-04 12:35:21 +02:00
Roeland Jago Douma 757a35bd01
Merge pull request #22442 from nextcloud/backport/22421/stable19
[stable19] show better quota warning for group folders and external storage
2020-09-04 12:34:15 +02:00
Roeland Jago Douma 6117a82ae3
Merge pull request #22569 from nextcloud/backport/22524/stable19
[stable19] Fix app password updating out of bounds
2020-09-04 09:04:15 +02:00
Joas Schilling fc0cdbb4a0 Use the correct root to determinate the webroot for the resource
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 07:01:26 +00:00
Nextcloud bot 4c7db572fd
[tx-robot] updated from transifex 2020-09-04 02:17:28 +00:00
Roeland Jago Douma ebd2b0d3dd Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 20:03:47 +00:00
Roeland Jago Douma 2b4bc5b6df Only disable zip64 if the size is known
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-01 13:42:49 +00:00
Julius Härtl 568f68856f
Merge pull request #22519 from nextcloud/backport/22517/stable19
[stable19] set the mount id before calling storage wrapper
2020-08-31 21:51:59 +02:00
Roeland Jago Douma 952ec3370e Only update the filecache entry once the file has been written to S3
If we already update before we have no way to revert if the upload
fails.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 17:08:27 +00:00
Roeland Jago Douma 704f515175 Don't lose filecache entry on s3 overwrite error
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 17:08:27 +00:00
Robin Appelman fc8c5965fa set the mount id before calling storage wrapper
this allows the storage wrapper to use the mount id for it's own logic

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 15:23:13 +00:00
Christoph Wurst 7ada6e5ab0 Fix writing BLOBs to postgres with recent contacts interaction
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-31 13:09:40 +00:00
Nextcloud bot fba73a5c39
[tx-robot] updated from transifex 2020-08-28 02:16:32 +00:00
Julius Härtl 1d25b9972f
Remove @package annotations from public namespace
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-27 09:16:52 +02:00
Julius Härtl 6ae83a72cd
Remove wrongly annotated package names
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-27 09:16:52 +02:00
Nextcloud bot 348525426c
[tx-robot] updated from transifex 2020-08-27 02:16:52 +00:00
Robin Appelman 4025b95e03 show better quota warning for group folders and external storage
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-26 19:17:43 +00:00
Roeland Jago Douma c9a1379bdf
Merge pull request #22410 from nextcloud/backport/22359/stable19
[stable19] fix possible leaking scope in Flow
2020-08-26 20:22:37 +02:00
Nextcloud bot d3efe74f12
[tx-robot] updated from transifex 2020-08-26 02:16:39 +00:00
Arthur Schiwon f8417cca0f
adjust since for 19
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-08-25 13:05:15 +02:00
Arthur Schiwon 7f6e2c5953 fix possible leaking scope in Flow
- a configured flow can be brought into consideration, despite its event
  was not fired
- it could either run through
- or run into a RuntimeException and killing processing of valid flows

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-08-25 08:42:24 +00:00
Roeland Jago Douma d8c958907f
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-24 11:50:04 +02:00
Roeland Jago Douma 9aac6d9251
Merge pull request #22355 from nextcloud/backport/20772/stable19
[stable19] Properly search for users when limittogroups is enabled
2020-08-24 09:12:13 +02:00
Nextcloud bot 0ed1d67c7f
[tx-robot] updated from transifex 2020-08-23 02:16:53 +00:00
Roeland Jago Douma 556440471a Properly search for users when limittogroups is enabled
Searching just for the uid is not enough.
This makes sure this done properly again now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-21 11:23:15 +00:00
Nextcloud bot db324278b5
[tx-robot] updated from transifex 2020-08-20 02:17:50 +00:00
Morris Jobke d7aa1c00ed
Merge pull request #21983 from nextcloud/backport/21628/stable19
[stable19] fix moving files from external storage to object store trashbin
2020-08-19 21:29:01 +02:00
Joas Schilling 16021c93ed
Allow to disable share emails
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:04:29 +02:00
Nextcloud bot fd9ebeefa2
[tx-robot] updated from transifex 2020-08-19 02:17:21 +00:00
Nextcloud bot 6bcb656c5d
[tx-robot] updated from transifex 2020-08-18 02:17:38 +00:00
Nextcloud bot 6bdafb1aa9
[tx-robot] updated from transifex 2020-08-17 02:16:48 +00:00
Roeland Jago Douma a6760c2b1c Silence duplicate session warnings
Fixes #20490

Basically restroring the old behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-14 07:24:53 +00:00
Roeland Jago Douma 10ee9791ff
Merge pull request #21975 from nextcloud/backport/21658/stable19
[stable19] allow admin to configure the max trashbin size
2020-08-14 05:58:57 +02:00
Roeland Jago Douma 92d0f5e7a3
Merge pull request #22121 from nextcloud/backport/22008/stable19
[stable19] Ensured large image is unloaded from memory when generating previews
2020-08-13 05:23:01 +02:00
Roeland Jago Douma fe8ea5390f
Merge pull request #22208 from nextcloud/backport/21676/stable19
[stable19] Fix chmod on file descriptor
2020-08-13 05:17:13 +02:00
Roeland Jago Douma baa64827d3
Merge pull request #22209 from nextcloud/backport/21677/stable19
[stable19] Do clearstatcache() on rmdir
2020-08-13 05:07:36 +02:00
Nextcloud bot 6327b8a6fb
[tx-robot] updated from transifex 2020-08-13 02:16:48 +00:00
Nextcloud bot 659fb3cf06
[tx-robot] updated from transifex 2020-08-12 02:16:59 +00:00
J0WI be73fd90fc Only clear the realpath cache
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:33 +00:00
J0WI 6f72871ca5 clearstatcache() on rmdir
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:32 +00:00
J0WI 9b028a619a Fix chmod on file descriptor
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-08-12 01:26:10 +00:00
Morris Jobke 9aff51eb52 Use class that actually has the destroy() method in preview generator
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 20:41:25 +00:00
Elijah Martin-Merrill 66bb6fdbb0 fix memory leak caused by not destroying image in Preview/Generate.php
Signed-off-by: Elijah Martin-Merrill <elijah@nyp-itsours.com>
2020-08-05 20:41:25 +00:00
Morris Jobke 74e98940ef Search also the email and displayname in user mangement for groups
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 14:11:41 +00:00
Arthur Schiwon dc98aaa224 contactsmanager shall limit number of results early
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-08-03 13:18:14 +00:00
Robin Appelman 4e6719b28c
dont update mimetype when moving to trash
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-31 17:21:02 +02:00
Joas Schilling e2fa284bd9
Merge pull request #22053 from nextcloud/backport/22015/stable19
[stable19] Correctly remove usergroup shares on removing group members
2020-07-31 15:31:33 +02:00
Morris Jobke 29d41ba061
Use old IServerContainer methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-30 10:03:59 +02:00
Joas Schilling c69a709f21 Correctly remove usergroup shares on removing group members
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-30 07:51:10 +00:00
Joas Schilling cf0bdfd8c1 parse_url returns null in case a parameter is not found
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-29 16:13:32 +00:00
Nextcloud bot 73132b56d4
[tx-robot] updated from transifex 2020-07-29 02:17:02 +00:00
Nextcloud bot 4ceda884ac
[tx-robot] updated from transifex 2020-07-27 02:16:42 +00:00
Nextcloud bot 46715762ce
[tx-robot] updated from transifex 2020-07-25 02:16:45 +00:00
onehappycat 288ca45938 Ignore whitespace in sharing by mail
Signed-off-by: onehappycat <one.happy.cat@gmx.com>
2020-07-24 11:43:24 +00:00
Nextcloud bot a05efb5217
[tx-robot] updated from transifex 2020-07-24 02:17:02 +00:00
Robin Appelman 142b6eb08f fix renameFromStorage messing with folder mimetype
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:23 +00:00
Robin Appelman 7ac4d57fd5 use exceptions for error signaling in writeStream
this remove the ambiguity when writing zero length files

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:23 +00:00
Robin Appelman c567b1d6b2 fix moving files from external storage to object store trashbin
having the "cache rename" after the "storage move" caused the target
to get the fileid from the source file, without taking care that the object
is stored under the original file id.

By doing the "cache rename" first, we trigger the "update existing file"
logic while moving the file to the object store and the object gets stored for the
correct file id

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 21:01:22 +00:00
Robin Appelman 38db847164 allow admin to configure the max trashbin size
this allows an admin to configure the max trashbin size instead of always relying on the users quota.

The trashbin size can be configured using the `occ trash:size` command and can be set both globally and per-user

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 14:30:07 +00:00
Nextcloud bot 7246ffff9b
[tx-robot] updated from transifex 2020-07-23 02:17:13 +00:00
Roeland Jago Douma 45108b087e Discourage webauthn user interaction
Else people might have the feeling this is also doing 2FA. And since it
is only prefered it can be ignored and hacked around.

Once we have proper 2FA with webauthn in one go this probably needs to
be revisted.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-20 07:31:37 +00:00
Nextcloud bot ec69ab4ed4
[tx-robot] updated from transifex 2020-07-19 02:17:16 +00:00
Nextcloud bot 95093e4f27
[tx-robot] updated from transifex 2020-07-17 02:17:21 +00:00
Nextcloud bot 1822eec68f
[tx-robot] updated from transifex 2020-07-16 02:19:41 +00:00
Nextcloud bot 6c8cc35b28
[tx-robot] updated from transifex 2020-07-10 02:17:02 +00:00
Roeland Jago Douma b3c9b166a3
Merge pull request #21779 from nextcloud/backport/21499/stable19
[stable19] fix #21285 as oneliner
2020-07-09 19:27:21 +02:00
Lionel Elie Mamane 2f75ba1adb Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-07-09 14:37:05 +00:00
Robin Appelman 157f619812 ensure home storage is initialized on first setup
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-09 12:33:20 +00:00
Roeland Jago Douma f174fb91e0 Use the correct mountpoint to calculate
If we use the owners mount point this results in null. And then the rest
of the checks get called with null. Which doesn't work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-09 12:33:19 +00:00
Nextcloud bot b19525ebbc
[tx-robot] updated from transifex 2020-07-09 02:17:46 +00:00
Nextcloud bot 667ca8dcb0
[tx-robot] updated from transifex 2020-07-08 02:17:07 +00:00
Jaakko Salo 392df2eaf4 Fix releasing a shared lock multiple times
Signed-off-by: Jaakko Salo <jaakkos@gmail.com>
2020-07-06 12:11:46 +00:00
Roeland Jago Douma 4513342478
Merge pull request #21671 from nextcloud/revert-21095-backport/21090/stable19
Revert "[stable19] Do not read certificate bundle from data dir by default"
2020-07-06 10:39:02 +02:00
Nextcloud bot 4e21bc608c
[tx-robot] updated from transifex 2020-07-04 02:16:25 +00:00
Roeland Jago Douma 905fab3356
Revert "[stable19] Do not read certificate bundle from data dir by default" 2020-07-03 14:21:38 +02:00
Christoph Wurst 3201e7674f Fix static method call for s3 bucket compat check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-03 08:26:00 +00:00
Joas Schilling d203f8f985
Merge pull request #21387 from nextcloud/backport/21380/stable19
[stable19] Increase timeout of the appstore requests
2020-07-03 10:04:55 +02:00
Nextcloud bot a5b279a488
[tx-robot] updated from transifex 2020-07-03 02:17:21 +00:00
Morris Jobke f70b2dba18
Merge pull request #21573 from nextcloud/backport/21558/stable19
[stable19] relax permissions mask check for detecting part file rename
2020-07-02 23:51:03 +02:00
Joas Schilling 9d541ccfd1
Increase timeout of the appstore requests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-02 23:36:24 +02:00
Joas Schilling a471dba6e1 Fix IPv6 remote addresses from X_FORWARDED_FOR headers before validating
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-02 10:09:45 +00:00
Roeland Jago Douma c88402db47
Log deprecated events as debug
Since this can spam the log quite agressively we should log it as debug
and not info.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-02 10:49:11 +02:00
Roeland Jago Douma 7fd34d5d64
Merge pull request #21638 from nextcloud/backport/21588/stable19
[stable19] Update presign method to match with interface again.
2020-07-02 09:06:53 +02:00
Joas Schilling 9e9e74736d
Merge pull request #21538 from nextcloud/backport/21452/stable19
[stable19] Fix autocomplete for LDAP with `shareapi_only_share_with_group_members` on
2020-07-01 10:13:19 +02:00
Nextcloud bot c0b3cd90a6
[tx-robot] updated from transifex 2020-07-01 02:16:24 +00:00
Daniel Kesselberg 4397e57201 Update presign method to match with interface again.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-30 18:39:08 +00:00
Nextcloud bot b7bab49eb8
[tx-robot] updated from transifex 2020-06-30 02:16:20 +00:00
Robin Appelman 654f5a2109 relax permissions mask check for detecting part file rename
with files drop uploads the original file name isn't always used for the '.ocTransferId' source path

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-24 19:11:18 +00:00
Joas Schilling 407e3df585 Fix language in share notes email for users
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 21:29:49 +00:00
Roeland Jago Douma 6b5db20fc9
Merge pull request #21526 from nextcloud/backport/21479/stable19
[stable19] Allow to specify the cookie type for appframework responses
2020-06-23 14:04:53 +02:00
Joas Schilling d1df66f7af Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:50 +00:00
Joas Schilling 9ce288163c Fix PHP CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:50 +00:00
Joas Schilling 7a36a4b99c Move back to IGroupManager::displayNamesInGroup()
The problem is that despite it's name IGroup::searchDisplayName()
only searches by userid and this is less fixable than changing back to this method here

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 12:04:49 +00:00
Roeland Jago Douma 286f79c388
Merge pull request #21447 from nextcloud/backport/21406/stable19
[stable19] Disable Client-Side Monitoring on AWS storage
2020-06-22 16:29:05 +02:00
Arthur Schiwon 002e1f1ed2
available since 19.0.1
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-06-22 13:43:18 +02:00
Roeland Jago Douma c21a976bc4 Allow to specify the cookie type for appframework responses
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.

Helps with #21474

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-22 11:02:50 +00:00
Roeland Jago Douma adb5a80674
Merge pull request #21485 from nextcloud/backport/21482/stable19
[stable19] Don't log Keys
2020-06-21 09:19:35 +02:00
Roeland Jago Douma c62000c0bb
Merge pull request #21495 from nextcloud/backport/21483/stable19
[stable19] Give up after 10 seconds in SCSS timeout
2020-06-20 16:00:27 +02:00
Nextcloud bot b9c7865045
[tx-robot] updated from transifex 2020-06-20 02:16:46 +00:00
Roeland Jago Douma 88e121d684 Give up after 10 seconds in SCSS timeout
Else we keep idling for ages which leads to bad UX

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-19 19:29:56 +00:00
Joas Schilling 0ebbabebe8 Don't log Keys
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-19 13:11:18 +00:00
Nextcloud bot 085b076d84
[tx-robot] updated from transifex 2020-06-18 02:16:45 +00:00
Christoph Wurst 60a3bf8572 Disable Client-Side Monitoring on AWS storage
The S3 client enables this by default and then tries to read
`.aws/config`. This causes `open_basedir` restriction related error for
some setups. So this patch disables the CSM because it's most likely
unused anyway.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 09:00:28 +00:00
Christoph Wurst 1022db87db Clean up auth tokens when user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-16 08:03:45 +00:00
Julius Härtl 21bc4b3cad Avoid duplicate matches in wide and exact results
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-06-15 17:52:59 +00:00
Florent 6280d09765 Upload part size as S3 parameter instead of constant value
Some S3 providers need a custom upload part size (500 MB static value in Nextcloud).
Here is a commit to change this value via S3 configuration, instead of using S3_UPLOAD_PART_SIZE constant.
A new parameter is added for an S3 connection : uploadPartSize

Signed-off-by: Florent <florent@coppint.com>
2020-06-15 08:40:02 +00:00
Roeland Jago Douma f37be3af96
Merge pull request #21352 from nextcloud/backport/21311/stable19
[stable19] Always sort shares in a reliable way
2020-06-11 13:23:07 +02:00
Nextcloud bot e146a2b7e6
[tx-robot] updated from transifex 2020-06-11 02:15:59 +00:00
Joas Schilling c63039bb83 Always sort shares in a reliable way
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-10 06:55:29 +00:00
Nextcloud bot f40f7abbaf
[tx-robot] updated from transifex 2020-06-10 02:16:16 +00:00
Nextcloud bot d753435452
[tx-robot] updated from transifex 2020-06-09 02:16:05 +00:00
Nextcloud bot bcc63c0c2b
[tx-robot] updated from transifex 2020-06-06 02:16:09 +00:00
Nextcloud bot dfe70692d7
[tx-robot] updated from transifex 2020-06-05 02:16:44 +00:00
Joas Schilling 982f2fc21a Prevent harder to share your root
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-04 09:01:40 +00:00
Daniel Calviño Sánchez 6ca312eec9 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Daniel Calviño Sánchez 8e5aa03834 Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Daniel Calviño Sánchez 9df3ea94b8 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 11:37:43 +00:00
Roeland Jago Douma 9d2d3c4809 Clear the statscache before fetching the metadata
Else if a lot of writes happen. It might happen that an old stat result
is used. Resulting in a wrong file size for the file. For example the
text app when a lot of people edit at the same time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 10:30:35 +00:00
Roeland Jago Douma 24e97c1a7c
Merge pull request #21095 from nextcloud/backport/21090/stable19
[stable19] Do not read certificate bundle from data dir by default
2020-05-26 11:43:46 +02:00
Morris Jobke 3bf0285840
Merge pull request #21068 from nextcloud/backport/20776/stable19
[stable19] Improve group queries
2020-05-26 10:38:17 +02:00
Julius Härtl abecd5696b Update hub bundle and add proxy rule to htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-25 19:52:22 +00:00
Morris Jobke ebbdd2de33 Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 17:51:03 +00:00
Roeland Jago Douma 444b28adf6 Improve group queries
Before we'd also get the diplayname for each group in the backend. In a
separate query. This is of course not ideal as this information is
obtained on each and every query. Now this is queried once and properly
cached.

Also added more caching to the manager.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 12:22:03 +00:00
Morris Jobke 745667e426 Compress the appstore requests by default
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:07:35 +00:00
Morris Jobke 5c0f06b259 Cache appstore requests for 60 instead of 5 minutes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:07:35 +00:00
Roeland Jago Douma b9cb5a74cc Copy over the ETag and LastModified when formatting a Dataresponse
This way the ETag checks etc are all working.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-19 12:51:06 +00:00
Joas Schilling e2357d5df1 Allow links to conversations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-13 20:14:39 +00:00
Clement Wong 203d85f045 Add public argument to Http cacheFor()
Signed-off-by: Clement Wong <git@clement.hk>
2020-05-13 06:34:22 +00:00
Clement Wong 1331eb1fb8 Proxy server could cache http response when it is not private
Signed-off-by: Clement Wong <git@clement.hk>
2020-05-13 06:34:22 +00:00
Roeland Jago Douma 8e9433aee9 Remember the webauthn name of devices
Fixes #20289
we should not reset to default once we have logged in with the device.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-12 12:08:38 +00:00
Roeland Jago Douma c37bb7745b
Merge pull request #20923 from nextcloud/backport/20915/stable19
[stable19] Use random_bytes
2020-05-11 21:00:16 +02:00
Roeland Jago Douma 387af7eb60 Use random_bytes
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-11 12:23:02 +00:00
GretaD adbdecb1d6 Fix languages empty array
Signed-off-by: GretaD <gretadoci@gmail.com>
2020-05-08 09:25:59 +00:00
Roeland Jago Douma d5850eb28f
Merge pull request #18955 from adrb/swift_upload_large_objects
Large Object support for OpenStack Swift
2020-05-06 13:03:24 +02:00
Morris Jobke e102264299
Merge pull request #20787 from nextcloud/fix/resize_wrong_mime
Fix OC_Image new resize functions
2020-05-04 10:06:16 +02:00
Joas Schilling afc5966558
Merge pull request #20749 from nextcloud/bug/noid/is-not-setup-via-query-false-positive
PHP 7.4 excludes the arguments from stack traces by default.
2020-05-04 09:49:50 +02:00
Roeland Jago Douma 0c35aaba29
Fix OC_Image new resize functions
Else the wrong mimetype might be set. Resulting in continious
regeneration of previews when browsing.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-02 21:57:34 +02:00
Roeland Jago Douma 8c023a6579
Merge pull request #20767 from nextcloud/enh/argon2id-options
Apply Argon2 options for Argon2id hashing as well
2020-05-01 15:39:13 +02:00