Commit Graph

696 Commits

Author SHA1 Message Date
Lukas Reschke d4bdcb7a9b Merge pull request #9047 from owncloud/fix_preload_fundamental_apps
Load fundamental apps, before any possible customizing app may follow
2014-06-18 07:29:04 +02:00
Lukas Reschke f2fc214ce0 Add deprecation notice to load* functions
This functions are deprecated and/or removed since ownCloud 7. Additionally a issubdirectory check has been added here to prevent developers to use this function in a potentially insecure way.

Port of https://github.com/owncloud/core/pull/9033
2014-06-16 20:33:04 +02:00
Arthur Schiwon 7b704eeb5e Load fundamental apps, before any possible customizing app may follow 2014-06-16 13:12:21 +02:00
Morris Jobke 63c5c7bd21 set logger before registrate to an error handler 2014-06-09 10:02:23 +02:00
Thomas Müller 289accc31b Merge pull request #8159 from owncloud/mobile-sidebar-swipe
Mobile sidebar swipe
2014-06-06 11:27:04 +02:00
Jan-Christoph Borchardt 9e56acbdc9 add snap.js script 2014-06-05 11:52:17 +02:00
Lukas Reschke 7c4abce373 Move authentication to it's own call 2014-06-05 11:45:45 +02:00
Lukas Reschke ac7fb1b23e Remove legacy routing code
The getfile routing code was absolutely legacy and not needed anymore. Additionally \OC::$REQUESTEDAPP was never set to the actually accessed application.

This commit removes the legacy routing code and ensures that $REQUESTEDAPP is always set so that other applications (e.g. the firewall or a two-factor authentication) can intercept the currently accessed app.

Testplan:
[x] Installation works
[x] Login with DB works
[x] Logout works
[x] Login with alternate backend works (tested with user_webdavauth)
[x] Other apps are accessible
[x] Redirect on login works (e.g. index.php?redirect_url=%2Fcore%2Findex.php%2Fsettings%2Fapps%3Finstalled)
[x] Personal settings are accessible
[x] Admin settings are accessible
[x] Sharing files works
[x] DAV works
[x] OC::$REQUESTEDAPP contains the requested application and can be intercepted by other applications
2014-06-05 11:45:45 +02:00
Thomas Müller 1c20c72efe Merge pull request #8620 from owncloud/design-navigation-two
Toggle app navigation not only on mobile, but on desktop as well
2014-06-05 10:53:22 +02:00
Vincent Petry 95fda3c17c Do not load apps when upgrade is needed
This prevents routes like "core/js/oc.js" to automatically load apps and
trigger their update prematurely.
2014-06-04 18:52:52 +02:00
Jan-Christoph Borchardt 35308f5b09 hide navigation by default, not only on small screens, first step 2014-06-04 14:29:46 +02:00
Bernhard Posselt ade6ed3797 Merge pull request #8701 from owncloud/slide-up-toggle
Create reusable data attribute for apps setting slideup
2014-06-04 11:31:04 +02:00
Jan-Christoph Borchardt a244172219 Merge pull request #8853 from owncloud/design-typeface
Use Open Sans as typeface
2014-06-04 11:16:03 +02:00
Jan-Christoph Borchardt 6b2b903ea6 Merge pull request #8468 from owncloud/remove-infieldlabels
Remove infieldlabels
2014-06-04 09:28:20 +02:00
Morris Jobke 3a1994d001 Merge pull request #8686 from owncloud/session-early
Make the session available as early as possible
2014-06-03 19:23:30 +02:00
Jan-Christoph Borchardt 80627dfd2c use Open Sans as typeface 2014-06-03 19:07:08 +02:00
Morris Jobke cea7d4961e move to updated version of placeholder 2014-06-03 16:18:06 +02:00
Jan-Christoph Borchardt 7177d3a496 first step of infield label removal, fix login screen 2014-06-03 15:28:59 +02:00
Robin Appelman 3e14affa9b Add some comments 2014-06-03 10:57:18 +02:00
Vincent Petry 4e957c7b18 Merge pull request #8443 from owncloud/csrf-on-login-and-logout
Add CSRF check on login and logout
2014-06-02 11:27:20 +02:00
Lukas Reschke 705242d390 Merge pull request #8727 from owncloud/upgrade-overview
Added update overview page
2014-05-29 21:28:47 +02:00
Lukas Reschke ce9d5df6df Merge pull request #8681 from owncloud/logintimestamp
Record login timestamp per user. Required for new user managament.
2014-05-28 19:06:47 +02:00
Thomas Müller f03a3d9d05 remove legacy OC_Filesystem being used in a hook callback 2014-05-28 00:13:54 +02:00
Vincent Petry 02f682b156 Now showing disabled apps as upgrade status line
- Added app id in update overview.
- Added status message for disabled app for CLI upgrade and web upgrade
2014-05-27 15:20:33 +02:00
Vincent Petry 146583a98d Added update overview page 2014-05-27 14:53:08 +02:00
Bernhard Posselt c2330e558e rename to apps.js 2014-05-26 17:31:41 +02:00
Lukas Reschke c03e7fcfa9 Clarify comment 2014-05-24 10:24:42 +02:00
Bernhard Posselt db1511a11d add a slideup mechanism 2014-05-23 18:49:16 +02:00
Robin Appelman 8b56d52398 Make the session available as early as possible 2014-05-23 13:27:27 +02:00
Arthur Schiwon 2c89962919 clean up tryRememberLogin and save the timestamp of users last login 2014-05-21 18:03:37 +02:00
scolebrook 954d5b27ff use custom logfile path if defined, otherwise use default of owncloud.log in data directory 2014-05-20 11:29:59 -04:00
Thomas Müller f8cb8f4803 Merge branch 'master' into csrf-on-login-and-logout
Conflicts:
	core/templates/login.php
2014-05-19 20:40:55 +02:00
Morris Jobke dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Thomas Müller 04e6c12fe2 Merge pull request #8557 from owncloud/custom_session_handling
Allow apps to create custom session handlers.
2014-05-19 15:58:30 +02:00
Robin McCorkell bd3bf4b507 Change parameter order of implode 2014-05-13 19:08:14 +01:00
ringmaster 75bc25f906 Allow apps to create custom session handlers. 2014-05-12 11:08:28 -04:00
Thomas Müller 3cd32dcb7c adding X-Robots-Tag to all responses of ownCloud + move addSecurityHeaders() to OC_Response, which seems to be a more reasonable place 2014-05-12 15:14:01 +02:00
Lukas Reschke fd5b2d11d6 Rename issubdirectory to isSubDirectory 2014-05-11 15:50:59 +02:00
Lukas Reschke e1e1009ccc Redirect to index if the logout link is accessed without valid session
This is needed to prevent "Token expired" messages while login if a session is expired
@see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
2014-05-11 13:09:46 +02:00
Lukas Reschke 73b914ddbc Add CSRF check on login and logout
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
Bernhard Posselt 906061a07b Merge pull request #8171 from owncloud/fix-import
be nice and use a relative import so people can use the class without fi...
2014-05-02 22:43:19 +02:00
Thomas Müller 7c0340c63c Merge pull request #7852 from josh4trunks/basic_auth_fix
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-28 21:46:52 +02:00
Thomas Müller 6935364b33 add class Pimple to autloader 2014-04-28 20:57:44 +02:00
Lukas Reschke 1d9ac38da6 Remove an added t by the github webeditor
Notice to myself: Stick to my IDE.
2014-04-27 16:41:09 +02:00
Lukas Reschke 7a8bfeae6e Grammatical fixes 2014-04-27 16:31:04 +02:00
Lukas Reschke b6612ef04a Clarify the trusted_domain error page 2014-04-26 23:11:29 +02:00
Volkan Gezer ff0dab6e92 This adds one more missing untranslated text from lib/share
Also displays the untrusted domain warning in English
2014-04-24 01:42:18 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Lukas Reschke c123dc7de4 Fix typo
Thanks @DeepDiver1975
2014-04-14 10:15:31 +02:00
Lukas Reschke 387d46cb98 Typo + Line breaks 2014-04-13 12:54:26 +02:00
Lukas Reschke df67a04385 Move security headers to base.php
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
Thomas Müller 647abe512b reduce code duplication, fix parse error, prevent page reload on hitting enter while changing the display name - refs #8085 2014-04-07 14:04:16 +02:00
josh4trunks 5b402aa846 Fixed Typo 2014-04-03 22:12:57 -07:00
josh4trunks a266144750 Don't always $cookie_path, only set it when needed 2014-04-03 22:12:57 -07:00
josh4trunks d1106f1749 cookie would be useless if value is not set 2014-04-03 22:12:57 -07:00
josh4trunks 63df8354da Don't to set the cookie it wasn't needed. 2014-04-03 22:12:57 -07:00
josh4trunks 4ddf5d92f2 Fixes login / logout when HTTP Basic Headers are avilable. 2014-04-03 22:12:57 -07:00
Vincent Petry d0012e729a Merge pull request #7879 from owncloud/sharing_cleanup_public_api
sharing api cleanup, first step
2014-03-28 12:23:11 +01:00
Thomas Müller 5fa8f7cf12 Merge pull request #7107 from owncloud/load-apps-proper-master
Load apps proper master
2014-03-28 10:33:55 +01:00
Bjoern Schiessle b602662578 add a "helper" and a "hooks" class. Move constants needed by multiple classes
to a "constants" class
2014-03-25 17:47:24 +01:00
icewind1991 4c8a83e82f Merge pull request #7714 from owncloud/phpunit-config
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-24 13:01:37 +01:00
Thomas Müller 96e6cb3db4 all authentication apps are loaded at first - everything else relies on these apps 2014-03-21 15:00:25 +01:00
Thomas Müller 6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Vincent Petry 36c0f08ec0 Merge pull request #7732 from owncloud/datafolderexistence
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
Thomas Müller 756bbe8786 Merge pull request #7649 from owncloud/routing-public
Move routing classes to an interface and expose it in the public api
2014-03-17 21:07:05 +01:00
Vincent Petry b619ff6076 Return 503 when a config/data dir error exists 2014-03-14 21:05:15 +01:00
Robin Appelman a8eb7a5092 Allow setting the config dir to use as enviroment variable for phpunit 2014-03-13 13:33:09 +01:00
Georg Ehrke 8048868bd7 use preDelete instead of postDelete hook 2014-03-13 03:14:42 +01:00
Robin Appelman 26793e1f94 switch OC::getRouter usages to OC::$server->getRouter 2014-03-10 14:06:47 +01:00
Robin Appelman 8ab7d18a6a Move the router classes to a namespace and expose it with a public interface 2014-03-10 14:04:58 +01:00
Vincent Petry ba3f5fe53a Merge pull request #7583 from owncloud/trusteddomainerrorpage
[master] Show warning page when accessing server from an untrusted domain
2014-03-07 10:37:16 +01:00
Vincent Petry 421cff00bd Show warning page when accessing server from an untrusted domain
Added early check for the requested domain host and show a warning
page if the domain is not trusted.
2014-03-06 11:51:08 +01:00
Thomas Müller 32b29c9d73 Merge branch 'master' into fix-7307
Conflicts:
	core/js/router.js
	settings/js/admin.js
2014-03-06 00:15:08 +01:00
Thomas Müller 1291303c5a Replace OC.Router.generate() with OC.generateUrl() 2014-03-02 22:30:24 +01:00
kondou da19109f40 Config to disable basic_auth username chacking
This can be confusing and/or annoying
2014-02-26 18:06:13 +01:00
Bart Visscher 7f05c23231 Merge pull request #3760 from IMM0rtalis/remove_logout_redirect_slash
- removed slash-adding for logout-header-redirect
2014-02-26 16:05:09 +01:00
Thomas Müller 27ad69eea5 Merge branch 'master' into no-css-js-delivery-via-php 2014-02-21 14:01:24 +01:00
Thomas Müller fbea02bebb kill $coreStyles and $coreScripts 2014-02-20 14:18:01 +01:00
Thomas Müller bf22ed7bdb kill old minimizer code 2014-02-20 13:10:56 +01:00
Jan-Christoph Borchardt 3e2c56157b reduce width of searchbox on mobile, fix overlap, fix #7282 2014-02-20 11:33:46 +01:00
Jörn Friedrich Dreyer 2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Thomas Müller 79fc4f3126 Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging 2014-02-06 11:34:27 +01:00
Thomas Müller 0db5fead8e remove some more global variable $RUNTIME_NOAPPS 2014-02-06 10:04:18 +01:00
Thomas Müller afbe50d09c remove global variable $RUNTIME_NOAPPS - it's just superfluous 2014-02-06 09:44:13 +01:00
Morris Jobke 3c80071807 Merge pull request #4795 from owncloud/setup
Move core setup code to controller class
2014-02-04 06:04:21 -08:00
Bjoern Schiessle cf5277b558 also load error handler if debugging is enabled 2014-02-03 12:08:28 +01:00
Bart Visscher bca725dc32 Merge branch 'master' into setup
Conflicts:
	core/setup.php
2014-01-31 16:43:12 +01:00
Morris Jobke 0a1708ba11 Merge pull request #6912 from owncloud/replace-webroot-in-css
Remove %webroot% from CSS
2014-01-27 04:11:15 -08:00
Thomas Müller 9fa788c452 Merge pull request #6736 from owncloud/tests-jsunittests
Added Javascript unit tests
2014-01-23 12:43:05 -08:00
Jan-Christoph Borchardt 25e9b7a742 add icons.css file, first step to get rid of %webroot% 2014-01-23 12:55:39 +01:00
Robin Appelman 164915a3f8 Move test config folder to tests/config 2014-01-20 13:41:52 +01:00
Robin Appelman 6b4c3df087 Load a separate config (if present) when running unit tests 2014-01-17 14:40:48 +01:00
Vincent Petry 350214c609 Added Javascript unit tests
- added karma utility to run jasmine unit tests
- added Sinon library (for stubs/mocks/fakeserver)
- added a few unit tests for core and files
- added autotest-js.sh script
2014-01-16 17:12:29 +01:00
Thomas Müller c3829dfa61 rename user-id to loginname to stay consistent 2014-01-09 10:29:21 +01:00
Thomas Müller e0bd7e145c Remove @ in order to get proper error handling 2014-01-07 16:24:05 +01:00
Thomas Müller 214aecac78 require composer's autoload.php if present 2014-01-05 21:49:08 +01:00
Robin Appelman 4c45c6f418 dont try to register background jobs if we haven't upgraded yet 2013-12-13 17:15:18 +01:00
Arthur Schiwon f26ba5846d coding style 2013-12-13 16:58:16 +01:00
Arthur Schiwon dcfda5c2a9 coding style 2013-12-13 16:58:09 +01:00
Arthur Schiwon 91d6a6dd7c On webdav sesssions, loginname was compared to username which does not need to match necessarily 2013-12-13 16:58:03 +01:00