An incomming federated share is just a mount point. Therefor if we
request the permissions on the mountpoint DELETE permissions will be
returned (among others). Since we can always remove a mountpoint, update
a mount point.
However now when trying to reshare we will try to reshare with DELETE
permissions. Which is false.
This PR removes the delete permissions if it is a shared storage.
Basically a quick hack.
Fixes#22587
Using the Guzzle stream directly here will only return 1739 characters for `fread` instead of all data. This leads to the problem that the stream is read incorrectly and thus the data cannot be properly decrypted => 💣
This approach copies the data into a local temporary file, as done before in all stable releases as well as other storage connectors.
While this approach will load the whole file into memory, this is already was has happened before in any stable release as well. See d608c37c90 for the breaking change.
To test this enable Google Drive as external storage and upload some files with encryption enabled. Reading the file should fail now.
Fixes https://github.com/owncloud/core/issues/22590
The current logic is checking whether:
1. The returned value is a boolen
2. The returned value is a string and then matches for "true"
Since the config is now written to the database the data is now a string with the value "1" if HTTPS is set to true. Effectively this option was thus always disabled at the moment, falling back to plain HTTP.
This change casts the data to a boolean if it is defined as boolean.
Fixes https://github.com/owncloud/core/issues/22605
Fixes https://github.com/owncloud/core/issues/22016
Recent refactorings have resulted in the header being added twice, this makes browsers ignore the header which removes any security gains.
This changeset adds the header only once and adds integration tests ensuring the correct header in future.
https://github.com/owncloud/core/issues/22577
The notification tests were not restoring the clock properly, but
indirectly helped other tests pass.
Since now we're restoring the clock properly, the other tests were fixed
to still work.
This check will skip the background scan for the root storage
because there is nothing in the root storage that isn't already
in another (mostly user-) storage.
Fixes#22501
Roeland Jago Douma
Vincent Petry
Lukas Reschke
Morris Jobke
Jenkins for ownCloud
Arthur Schiwon
Victor Dubiniuk
Thomas Müller
Joas Schilling
Bjoern Schiessle
Robin McCorkell