Commit Graph

3852 Commits

Author SHA1 Message Date
Lukas Reschke 4b9e034968 Remove hard-dependency on disabled output_buffering
This removes the hard-dependency on output buffering as requested at https://github.com/owncloud/core/issues/16013 since a lot of distributions such as Debian and Ubuntu decided to use `4096` instead of the PHP recommended and documented default value of `off`.

However, we still should encourage disabling this setting for improved performance and reliability thus the setting switches in `.user.ini` and `.htaccess` are remaining there. It is very likely that we in other cases also should disable the output buffering but aren't doing it everywhere and thus causing memory problems.

Fixes https://github.com/owncloud/core/issues/16013
2015-05-04 14:15:15 +02:00
Thomas Müller 4de45b5e61 Merge pull request #15958 from owncloud/usage-of-public-log-interface
Use internally \OCP\ILogger instead of \OC\Log
2015-05-04 09:13:26 +02:00
Morris Jobke cd516eedcd Use OC.Notification for update notifications
* instead of a static rendering inside PHP use the
  JS OC.Notification.showTemporary to hide the
  notification after 7 seconds automatically
* fixes #14811
2015-05-03 17:26:03 +02:00
Lukas Reschke 6738c17cb5 Add proper versioning for doc URL
As per 8.1 we have docs for minor versions as well so we need to link to `8.1` here instead to `8.0`.

Fixes https://github.com/owncloud/core/issues/16002
2015-05-02 21:05:11 +02:00
Thomas Müller 6b691e3840 Merge pull request #15937 from owncloud/file-locking
Add memcache based shared/exclusive locking
2015-05-01 17:47:23 +02:00
jknockaert f5415653fd fix #15973
Rework of stream_seek handling; there where basically two bugs: 1. seeking to the end of the current file would fail (with SEEK_SET); and 2. if seeking to an undefined position (outside 0,unencryptedSize) then newPosition was not defined. I used the opportunity to simplify the code.
2015-04-30 17:10:18 +02:00
Robin Appelman ba7d221cff allow getting the path from the lockedexception 2015-04-30 14:48:42 +02:00
Robin Appelman a40a237441 use trait for cas polyfill for xcache 2015-04-30 14:48:39 +02:00
Robin Appelman 96f9573a4b add memcache based shared/exclusive locking 2015-04-30 14:48:39 +02:00
Robin Appelman acf30ede95 add compare and swap to memcache 2015-04-30 14:48:39 +02:00
Robin Appelman 29213b6136 extends memcache with add, inc and dec 2015-04-30 14:48:36 +02:00
Bernhard Posselt 360d0e3e5e fix #15962 2015-04-30 12:44:45 +02:00
Morris Jobke fbba7a61cb Use internally \OCP\ILogger instead of \OC\Log
* this is the preparation for some upcoming logger related changes
* also fixes an issue in the public interface where we request
  an internal class as parameter
2015-04-30 11:52:30 +02:00
Thomas Müller d308ec4f0e Merge pull request #15949 from owncloud/l10n-string-json
Implement json serialize for l10n string
2015-04-30 11:11:16 +02:00
Bernhard Posselt 1e58538f0e add aliases to pascal case constructor paramters to make it possible to auto assemble controllers 2015-04-29 22:29:45 +02:00
Bernhard Posselt 5b857a6eab implement json serialize for l10n string 2015-04-29 21:22:42 +02:00
Joas Schilling f524ae261a Ignore "parent" shares when the sharee is the owner of the reshare-source 2015-04-29 14:18:46 +02:00
Joas Schilling 3c37cbdfe7 Correctly select file cache values also when checking group shares 2015-04-29 14:12:12 +02:00
Morris Jobke 8c7db2536d Merge pull request #15596 from owncloud/issue/15589
Correctly generate the feedback URL for remote share
2015-04-29 10:52:43 +02:00
Morris Jobke 7df7a3b360 Merge pull request #15906 from rullzer/fix_15777
Password set via OCS API should not be double escaped
2015-04-29 10:44:25 +02:00
Lukas Reschke 34d0e610cc Filter potential dangerous filenames for avatars
We don't want to have users misusing this API resulting in a potential file disclosure of "avatar.(jpg|png)" files.
2015-04-28 16:57:23 +02:00
Joas Schilling 2eecfcbb80 Fix scrutinizer complains and return type doc 2015-04-28 11:28:55 +02:00
Joas Schilling 9fb7d0bca9 Correctly remove the protocol before prepeding it 2015-04-28 11:28:54 +02:00
Joas Schilling 8f7c64253e Correctly generate the feedback URL for remote share
The trailing slash was added in c78e3c4a7f
to correctly generate the encryption keys
2015-04-28 11:28:54 +02:00
Morris Jobke de8c15e1a4 Merge pull request #14764 from owncloud/shared-etag-propagate
Propagate etags across shared storages
2015-04-28 10:58:50 +02:00
Morris Jobke b4a15db046 Merge pull request #15901 from owncloud/fix-share-docs
fix several issues with doc blocks on share.php
2015-04-28 10:41:04 +02:00
Roeland Jago Douma 73bb3a22f6 Password set via OCS API should not be double escaped 2015-04-28 10:33:19 +02:00
Joas Schilling 7c65448377 Fix return type of the getRootFolder() method 2015-04-28 09:36:29 +02:00
Joas Schilling 46083006e1 fix several issues with doc blocks on share.php 2015-04-28 08:40:47 +02:00
Thomas Müller eb0e9e5646 Merge pull request #15890 from owncloud/fix-helper-docs
Fix several type(hint) errors in private/helper.php
2015-04-27 15:28:50 +02:00
Thomas Müller 7d0eba7a41 Merge pull request #15886 from owncloud/fix-15848-master
Adjust isLocal() on encryption wrapper
2015-04-27 15:06:26 +02:00
Joas Schilling db6395ae20 Fix several type(hint) errors in private/helper.php 2015-04-27 14:45:05 +02:00
Thomas Müller 678b7d7e4d Merge pull request #15860 from owncloud/enc_fallback_old_encryption
[encryption] handle encrypted files correctly which where encrypted with a old version of ownCloud (<=oc6)
2015-04-27 14:32:19 +02:00
Thomas Müller 936d564058 fixes #15848 2015-04-27 14:26:05 +02:00
Morris Jobke 93c25a1f4a Merge pull request #15882 from owncloud/fix-type-annotation
Fix type annotation
2015-04-27 14:17:59 +02:00
Robin Appelman 2e897f05b1 triger propagation for webdav uploads
use post hooks for share etag propagator
2015-04-27 14:07:16 +02:00
Robin Appelman 45784f213f fix propagation when renaming a directly reshared folder 2015-04-27 14:07:16 +02:00
Robin Appelman 30ad56813a propagate etags for all user of a share 2015-04-27 14:07:15 +02:00
Robin Appelman 518d5aadf5 Allow getting *all* share entries owned by a user 2015-04-27 14:07:15 +02:00
Robin Appelman 849e5521de Make the change propagator an emitter 2015-04-27 14:07:15 +02:00
Thomas Müller cc331609bf Merge pull request #15411 from mmattel/fix_for_15375_better_message_text
Improve error messge text for app upgrade try (#15375)
2015-04-27 13:38:16 +02:00
Lukas Reschke d0363fe396 Fix type annotation
Obviously should be an int
2015-04-27 13:31:18 +02:00
Bjoern Schiessle 27683f9442 fall back to the ownCloud default encryption module and aes128 if we read a encrypted file without a header 2015-04-27 13:01:18 +02:00
Joas Schilling d600955a51 Make getDefaultModuleId public and get module protected 2015-04-27 11:03:51 +02:00
Joas Schilling a09df6d453 Verify that the encryption module exists before setting it 2015-04-27 11:03:50 +02:00
Lukas Reschke 4dfdaf741c Merge pull request #15834 from owncloud/make-temporary-file-really-unique
Fix collision on temporary files + adjust permissions
2015-04-25 23:18:26 +02:00
Lukas Reschke b9df932e3c Merge pull request #15683 from owncloud/block-legacy-clients
Block old legacy clients
2015-04-24 18:21:10 +02:00
Bjoern Schiessle 9a5783b284 fix unit tests 2015-04-24 16:47:27 +02:00
jknockaert 49df8ef525 Update encryption.php 2015-04-24 16:44:00 +02:00
jknockaert 238302ee7d fixed name 2015-04-24 16:44:00 +02:00
jknockaert 1756562501 Update encryption.php 2015-04-24 16:44:00 +02:00
jknockaert 735f6cc037 fix encryption header error
When moving back the pointer to position 0 (using stream_seek), the pointer on the encrypted stream will be moved to the position immediately after the header. Reading the header again (invoked by stream_read) will cause an error, writing the header again (invoked by stream_write) will corrupt the file. Reading/writing the header should therefore happen when opening the file rather than upon read or write. Note that a side-effect of this PR is that empty files will still get an encryption header; I think that is OK, but it is different from how it was originally implemented.
2015-04-24 16:43:16 +02:00
Joas Schilling 4334e77035 Merge pull request #15839 from owncloud/enc_fix_moving_shared_files
[encryption] fix moving files to a shared folder
2015-04-24 15:07:36 +02:00
Joas Schilling 1592be117a Use public interfaces for type hinting 2015-04-24 13:06:03 +02:00
Bjoern Schiessle 24128d1384 only update share keys if the file was encrypted 2015-04-24 10:19:09 +02:00
Bjoern Schiessle 2646bccb83 update share keys if file gets copied 2015-04-23 17:18:48 +02:00
Bjoern Schiessle 2990b0e07e update share keys if a file is moved to a shared folder 2015-04-23 17:18:48 +02:00
Thomas Müller b1bb6a3d36 Ignore test folders when checking the code for compliance 2015-04-23 16:59:26 +02:00
Lukas Reschke ab9ea97d3a Catch not existing User-Agent header
In case of an not sent UA header consider the client as valid
2015-04-23 16:33:51 +02:00
Lukas Reschke 155ae44bc6 Fix collision on temporary files + adjust permissions
This changeset hardens the temporary file and directory creation to address multiple problems that may lead to exposure of files to other users, data loss or other unexpected behaviour that is impossible to debug.

**[CWE-668: Exposure of Resource to Wrong Sphere](https://cwe.mitre.org/data/definitions/668.html)**
The temporary file and folder handling as implemented in ownCloud is performed using a MD5 hash over `time()` concatenated with `rand()`. This is insufficiently and leads to the following security problems:
The generated filename could already be used by another user. It is not verified whether the file is already used and thus temporary files might be used for another user as well resulting in all possible stuff such as "user has file of other user".

Effectively this leaves us with:

1. A timestamp based on seconds (no entropy at all)
2. `rand()` which returns usually a number between 0 and 2,147,483,647

Considering the birthday paradox and that we use this method quite often (especially when handling external storage) this is quite error prone and needs to get addressed.

This behaviour has been fixed by using `tempnam` instead for single temporary files. For creating temporary directories an additional postfix will be appended, the solution is for directories still not absolutely bulletproof but the best I can think about at the moment. Improvement suggestions are welcome.

**[CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html)**

Files were created using `touch()` which defaults to a permission of 0644. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0600.

**[CWE-379: Creation of Temporary File in Directory with Incorrect Permissions](https://cwe.mitre.org/data/definitions/379.html)**

Files were created using `mkdir()` which defaults to a permission of 0777. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0700.Please enter the commit message for your changes.
2015-04-23 15:07:54 +02:00
Martin 676e86b314 Improve error messge text for app upgrade try (#15375) 2015-04-22 13:24:11 +02:00
Morris Jobke 3e8f6cdba9 Merge pull request #15635 from owncloud/issue/15634-empty-txt-previews
Scale up the font on larger previews
2015-04-20 15:55:32 +02:00
Morris Jobke ce2c8533d9 Merge pull request #15735 from owncloud/fix-visibility
Fix visibility of interfaces in \OCP
2015-04-20 14:39:15 +02:00
Lukas Reschke 3959f8ac4e Merge pull request #15637 from owncloud/migrate-certificate-stuff
Migrate personal certificate handling to AppFramework controllers
2015-04-20 13:56:35 +02:00
Lukas Reschke e9d6807c5c Merge pull request #15733 from owncloud/remove-oc_backgroundjob
Removed OC_BackgroundJob - reduce class overhead
2015-04-20 13:17:58 +02:00
Lukas Reschke 1cc2aefa46 Proper return types 2015-04-20 13:00:02 +02:00
Lukas Reschke 9f61cf60d4 Verify if returned object is an array
The error has to be thrown at this point as otherwise errors and notices are thrown since the time cannot be parsed in L60 and L61
2015-04-20 12:58:57 +02:00
Lukas Reschke ed0b465cf9 Use 403 instead a 50x response 2015-04-20 12:53:40 +02:00
Joas Schilling 6da9e1a742 Fix visibility of public API methods 2015-04-20 12:52:40 +02:00
Lukas Reschke 4ea205e262 Block old legacy clients
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.

This has multiple reasons:

1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy

In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Lukas Reschke a98b819366 Add version to deprecation notice
As requested by @MorrisJobke
2015-04-20 10:30:16 +02:00
Lukas Reschke f672e120fc Deprecate unused `\OCP\Response::sendFile`
This function is unused in our own code and can be better achieved using the AppFramework. Also very easy to do grave mistaked using this function.
2015-04-20 10:02:34 +02:00
Morris Jobke 9cb260d310 Merge pull request #15717 from owncloud/issue/15716-fixing-ocp-api-namespace-usage
Fixing OCS API namespace usage
2015-04-20 09:43:19 +02:00
Morris Jobke d4ac7ac723 Merge pull request #15739 from DavidPrevot/symfony-2.7
Replace `_method` requirement by {g,s}etMethods()
2015-04-19 23:46:21 +02:00
Georg Ehrke 8f51efc49e get rid of OC_Geo 2015-04-19 20:16:56 +02:00
David Prévot 7f2f92847b Replace `_method` requirement by {g,s}etMethods()
Make the call compatible with future Symfony version, and avoid
E_USER_DEPRECATED as thrown by the current 2.7.0-beta1:

The "_method" requirement is deprecated since version 2.2 and will be
removed in 3.0. Use getMethods() instead. at
…/Symfony/Component/Routing/Route.php#554

The "_method" requirement is deprecated since version 2.2 and will be
removed in 3.0. Use the setMethods() method instead or the "methods"
option in the route definition. at
…/Symfony/Component/Routing/Route.php#662
2015-04-19 12:08:29 -04:00
Robin McCorkell 80b892e7ed Merge pull request #15729 from owncloud/remove-unused-variables
Remove unused variables
2015-04-19 12:38:29 +01:00
Morris Jobke 60b8aa2a83 Removed OC_BackgroundJob - reduce class overhead
* method code is now in the static public namespace (5 sloc)
2015-04-18 23:37:32 +02:00
Thomas Müller cdf82909b8 Merge pull request #15718 from owncloud/issue/15694-display-name-of-encryption-modules
Issue/15694 display name of encryption modules
2015-04-18 22:51:15 +02:00
Thomas Müller d2a31bcd93 Merge pull request #15727 from owncloud/cleanup-db-interface
DB: remove unused parameter - was forgotten during the migration to doct...
2015-04-18 22:47:40 +02:00
Morris Jobke e837927ad5 fix followup issues with unneeded parameters 2015-04-18 17:02:39 +02:00
Morris Jobke ccf47f40aa Remove unused variables
* should make scrutinizer a lot more happy
* reduces maybe memory footprint
2015-04-18 16:35:19 +02:00
Morris Jobke 47ecfd98a3 DB: remove unused parameter - was forgotten during the migration to doctrine
* 377e9a8677 <- doctrine merge
2015-04-18 15:57:13 +02:00
Morris Jobke 11f29f6d95 add visibility of methods in server container and interface 2015-04-18 14:19:22 +02:00
Joas Schilling 3f3f8c2f99 Fix usage of deprecated private constants 2015-04-18 10:30:02 +02:00
Joas Schilling 4d238c3949 Fix display name of encryption modules 2015-04-18 10:18:58 +02:00
Joas Schilling 6ce1abfa5c Deprecate the OC_API constants in favor of the OCP ones 2015-04-18 09:29:52 +02:00
Morris Jobke 7ab1f807fb Merge pull request #15691 from owncloud/vobject-sabre2.1
Get rid of the obsolete OC_VObject class
2015-04-17 22:33:00 +02:00
Thomas Müller d9990c2b4e Delay initialization of the OC\Encryption\Update - introducing 'OC\Encryption\HookManager' 2015-04-17 13:55:31 +02:00
Vincent Petry b7e5884b54 Get rid of the obsolete OC_VObject class
The class isn't needed any more since the update to Sabre 2.1
2015-04-17 12:55:31 +02:00
Bjoern Schiessle 7d4b1b52d0 always create a new instance of the encryption module 2015-04-17 10:31:33 +02:00
Clark Tomlinson 1174ad0681 Merge pull request #15445 from owncloud/enc2_migration
add migration script from old encryption to new one
2015-04-16 09:34:47 -04:00
Joas Schilling c7e5e30b86 Merge pull request #15674 from owncloud/fix-console-check-output
Convert error and hint to string before writing to the output
2015-04-16 14:51:29 +02:00
Bjoern Schiessle b25c06f576 detect system wide mount points correctly 2015-04-16 14:15:04 +02:00
Bjoern Schiessle 67500d5f2f if we start writing a file from the beginning, size should start by zero; result of floor needs to be casted to int in order to compare it with ->size 2015-04-16 14:15:04 +02:00
Bjoern Schiessle e3d77c4b01 add migration script from old encryption to new one 2015-04-16 14:15:04 +02:00
Thomas Müller 07243f0482 Convert error and hint to string before writing to the output - fixes https://mailman.owncloud.org/pipermail/devel/2015-April/001184.html 2015-04-16 12:32:17 +02:00
Thomas Müller bcf65d9c13 Using TRANSACTION_READ_COMMITTED 2015-04-16 11:49:12 +02:00
Jörn Friedrich Dreyer 2e06cf49a5 Merge pull request #15623 from t3chguy/master
Redis DB Index via Select
2015-04-16 09:30:07 +02:00
Vincent Petry 903d52d45f Merge pull request #15809 from owncloud/view-null-root
dont allow using null as view root
2015-04-22 18:10:26 +02:00
Robin Appelman bd57902d1d typo 2015-04-22 16:24:37 +02:00
Thomas Müller 750f0bc489 Merge pull request #15799 from owncloud/fix-enc-folder-move
Fix enc folder move
2015-04-22 16:04:29 +02:00
Robin Appelman f391f88d7f dont allow using null as view root 2015-04-22 14:51:02 +02:00
Morris Jobke 42d9ba0f83 Merge pull request #15787 from owncloud/trash-partfiles
Do not trash part files, delete directly
2015-04-22 14:10:26 +02:00
Morris Jobke a971fa8a90 Merge pull request #15549 from owncloud/jcf-fix-cache-update
don't update identical values
2015-04-22 13:34:08 +02:00
Thomas Müller 0042bdd2e7 fix PHPDoc 2015-04-22 13:12:52 +02:00
Thomas Müller 225cde2183 pass KeyStorage via ctor 2015-04-22 13:09:42 +02:00
Thomas Müller 987bc138df calling renameKeys() on directory level as well - fixes #15778 2015-04-22 12:12:27 +02:00
Thomas Müller fc4127dd62 add $encryptionModuleId to methods of Keys/IStorage 2015-04-22 11:53:05 +02:00
Björn Schießle 570718fb6b Merge pull request #15757 from owncloud/enc-fixfeofforlastblock
Fix encryption feof to not return too early
2015-04-22 11:32:21 +02:00
Vincent Petry ffc796edcb Do not trash part files, delete directly 2015-04-21 18:28:15 +02:00
Bjoern Schiessle 19e8c4fcb1 get dirname from sharePath 2015-04-21 14:58:01 +02:00
Björn Schießle b0fcf0fa0e Merge pull request #15636 from owncloud/enc2_performance_improvement
[encryption2] set size and unencrypted size to zero at the beginning of a write operation
2015-04-21 11:01:33 +02:00
Vincent Petry a13088818a Merge pull request #15748 from owncloud/fixing-enc-filesize-once-more
Introduce Storage::getData() to allow storage implementations more contr...
2015-04-20 18:36:23 +02:00
Vincent Petry 76dad297ff Fix encryption feof to not return too early
This is because stream_read will pre-cache the next block which causes
feof($this->source) to return true prematurely. So we cannot rely on it.

Fixed encryption stream wrapper unit tests to actually simulate 6k/8k
blocks to make sure we cover the matching logic.

Added two data files with 8192 and 8193 bytes.
2015-04-20 18:32:40 +02:00
Lukas Reschke fe2cbc3795 Merge pull request #15744 from owncloud/fix-inverted-path-in-resourcenotfound
Fix wrong path generation
2015-04-20 16:55:36 +02:00
Thomas Müller 32995ace1c move permission related code into getMetaData() 2015-04-20 16:50:12 +02:00
Thomas Müller 23f1bdc3d4 Introduce Storage::getMetaData() to allow storage implementations more control over the data array 2015-04-20 14:54:54 +02:00
Thomas Müller 92b60e36de Introduce Storage::getData() to allow storage implementations more control over the data array 2015-04-20 14:25:39 +02:00
Bjoern Schiessle 7fe0e09d14 set size and unencrypted size to zero on fopen 2015-04-20 11:06:13 +02:00
Morris Jobke 80be3b0c47 Fix wrong path generation
* fixes #15742
2015-04-20 11:01:33 +02:00
Michael Telatynski 8ebf9de3f8 Memcache\Redis Add DB Select Functionality 2015-04-15 21:24:38 +01:00
Joas Schilling 1592f25ed0 Scale up the font on larger previews 2015-04-15 14:03:40 +02:00
Morris Jobke e33e5b425a Merge pull request #12006 from owncloud/dav-put-storage
Work directly on the storage when uploading over webdav
2015-04-15 03:08:52 +02:00
Thomas Müller 70480423ff Merge pull request #15597 from oparoz/another-fallback-for-findbinarypath
Adding a final fallback for findBinaryPath
2015-04-15 00:16:56 +02:00
Thomas Müller 1aa368effe Merge pull request #15592 from owncloud/fix-15590-master
Avoid php message "Invalid argument supplied for foreach()"
2015-04-15 00:14:08 +02:00
Björn Schießle 4f0437fbde Merge pull request #15598 from owncloud/fix-enc-file-size-master
Fix file size of encrypted files
2015-04-14 16:48:04 +02:00
Robin Appelman eeecca04e6 Keep phpdoc updated. 2015-04-14 16:25:52 +02:00
Robin Appelman 308af8b909 pass a stream to the tests 2015-04-14 15:25:52 +02:00
Morris Jobke 82cab25762 Merge pull request #13360 from owncloud/cross-storage-move
Proper copy/move between multiple local storages
2015-04-14 14:35:08 +02:00
Olivier Paroz bb0c09e994 Adding a final fallback for findBinaryPath 2015-04-14 14:06:58 +02:00
Thomas Müller 967e882757 return size from cache in case the cache entry is marked as encrypted 2015-04-14 13:08:59 +02:00
Thomas Müller 387984a0d5 preserve filesize on rename after upload 2015-04-14 12:27:12 +02:00
Thomas Müller 88cc52c408 Avoid php message "Invalid argument supplied for foreach()" - refs #15590 2015-04-14 11:00:20 +02:00
Morris Jobke 5f66f867b6 Merge pull request #15581 from owncloud/deduplicate-oc-repair-namespace
Fix namespace duplication and other issues in repairlegacystorages
2015-04-13 21:51:38 +02:00
Morris Jobke 9eff199a17 Merge pull request #15360 from owncloud/cross-storage-move-cache
Preserve cache data when doing a cross storage move
2015-04-13 21:48:30 +02:00
Robin Appelman f605c98531 Fix cross storage move with shared storages 2015-04-13 17:10:05 +02:00
Robin Appelman addfafd9da Fix moving mount points 2015-04-13 17:10:02 +02:00
Robin Appelman caadc8cdd9 reuse cache move logic 2015-04-13 17:10:01 +02:00
Robin Appelman d7b3a1a35a preserve cache data when doing a cross storage move 2015-04-13 17:10:01 +02:00
Joas Schilling 71de1d58cd Fix namespace duplication and other issues in repairlegacystorages 2015-04-13 16:34:10 +02:00
Thomas Müller 660aa7ff1e Merge pull request #15568 from owncloud/cache_user_folder_for_file_search_results
cach user folder for file search results
2015-04-13 15:16:07 +02:00
Robin Appelman c29419e6d7 fix rebase issue 2015-04-13 15:13:03 +02:00
Robin Appelman 0772e3b4c1 Properly handle copy/move failures in cross storage copy/move 2015-04-13 15:13:03 +02:00
Robin Appelman 404773940d Detect storage full when doing cross storage copy/move 2015-04-13 15:13:03 +02:00
Robin Appelman d26c6cab90 properly return false if we cant delete the source file 2015-04-13 15:13:03 +02:00
Robin Appelman c4ec8fbeff Make getSourcePath accessible for storage wrappers 2015-04-13 15:13:03 +02:00
Robin Appelman 31e94708f8 Improve cross storage copy between local storages 2015-04-13 15:13:02 +02:00
Robin Appelman 8575bb2cb9 Move cross storage copy logic to the storage 2015-04-13 15:13:02 +02:00
Robin Appelman b302592a64 Small cleanup of rename code 2015-04-13 15:11:03 +02:00
Robin Appelman 2fd44dbde4 rewind and update error message 2015-04-13 14:14:48 +02:00
Robin Appelman dcfe014103 use our own stream copy instead 2015-04-13 14:13:21 +02:00
Vincent Petry 2822d0579e Properly add trailing slash to mount point
Fixes resolving mount points when shared mount point's target name has
the same prefix as the source name
2015-04-13 12:36:47 +02:00
Jörn Friedrich Dreyer b717681e3a cach user folder for file search results 2015-04-13 11:29:10 +02:00
Morris Jobke c3fbc2b6fd Merge pull request #15563 from owncloud/fix-try-getting-propert-of-non-object-ocsclient
Prevent php message: "Trying to get property of non-object at /xxx/lib/p...
2015-04-13 10:30:31 +02:00
Thomas Müller 906b6b7337 Prevent php message: "Trying to get property of non-object at /xxx/lib/private/ocsclient.php#282" 2015-04-13 09:43:45 +02:00
Thomas Müller 8450b6aa2d Properly import used classes 2015-04-13 09:26:30 +02:00
Lukas Reschke 84041a4fa2 Merge pull request #15541 from owncloud/add-reply-to-support
Add "Reply-To" support for sharing mails as well as refactor code and add unit-tests
2015-04-12 22:30:35 +02:00
Jens-Christian Fischer 9c95315a9e clarify the duplication of the $params array 2015-04-12 14:49:18 +02:00
Jens-Christian Fischer 22c6216f5c don't update identical values
The UPDATE oc_filecache statement blindly overwrites identical data.
Databases like Postgres that create a new row on an update
and mark the old one as dead will suffer from the previous
behaviour, as millions of "new" rows are created in the database.

This patch changes the WHERE clause to test for identical
values and not updating if the values in the DB are identical
to the ones being passed.
2015-04-11 18:06:21 +02:00
Lukas Reschke e3ad99d252 Add "Reply-To" support to sharing mails and refactor code 2015-04-10 17:30:07 +02:00
Lukas Reschke 77afef328d Merge pull request #15458 from owncloud/web-shell-master
Move console application to it's own class - allows reuse in the web shell
2015-04-10 16:33:01 +02:00
Vincent Petry e512a69a59 Merge pull request #15395 from owncloud/fix-imagepath
Fix UrlGenerator::imagePath() for app paths
2015-04-10 16:11:57 +02:00
Thomas Müller 7b2d53603c Merge pull request #15489 from owncloud/dont_hide_exceptions_master
Dont hide exceptions master
2015-04-10 15:49:45 +02:00
Lukas Reschke a881218fc2 Add "Reply-To" support for mails 2015-04-10 15:05:34 +02:00
Morris Jobke 25dd4ec767 Throw ServerNotAvailableException always 2015-04-10 14:51:21 +02:00
Thomas Müller a163243e31 Merge pull request #15510 from owncloud/cron-singleuser
block cron when in single user mode
2015-04-10 14:38:50 +02:00
Vincent Petry 73afca6207 Catch more exceptions when connecting to remote DAV server
Added InvalidArgumentException to catch HTML parsing errors when XML was
expected.
Made convertSabreException more generic to be able to handle more
exception cases.
2015-04-10 12:02:06 +02:00
Jörn Friedrich Dreyer fafecd1c05 fix cherrypicking 2015-04-10 11:08:24 +02:00
Jörn Friedrich Dreyer b069f33a72 throw exception when backends don't provide a user instead of creating legacy local storages 2015-04-10 09:12:37 +02:00
Morris Jobke 5626a02d69 throw exception if setup is incomplete 2015-04-10 09:12:37 +02:00
Thomas Müller 5abbf6d5b0 Merge pull request #13920 from owncloud/sharing_no_user_entry_for_group_shares
only create a db entry for the user in case of a name conflict on group share
2015-04-09 23:37:02 +02:00
Morris Jobke de4a81f462 Merge pull request #15517 from owncloud/fixRenameFailDeleteTargetKeepSource
fixes #15326
2015-04-09 18:41:18 +02:00
Thomas Müller f7c906902a Throw an exception in case checkServer() returns errors 2015-04-09 16:42:34 +02:00
Lukas Reschke b60d5d3d6f Merge pull request #14540 from owncloud/windows-setup-check
Disallow Windows Server in Server Check
2015-04-09 16:38:11 +02:00
Thomas Müller 890a18e1a6 Introduce own console application class 2015-04-09 16:28:53 +02:00
Robin Appelman 8af106cc75 block webdav in single user mode 2015-04-09 15:56:41 +02:00
Lukas Reschke 0abce86b31 Disallow Windows Server in Server Check
Will prevent users from use ownCloud on Windows Server 🙈
2015-04-09 15:56:37 +02:00
Jörn Friedrich Dreyer 8af52e3876 fixes #15326 2015-04-09 15:37:00 +02:00
Björn Schießle 0710db77bc Merge pull request #13896 from owncloud/share-generatetarget-remove-exclude
Dont create exclude list for generating the share target
2015-04-09 14:51:15 +02:00
Robin Appelman cbcee34eb0 update tests 2015-04-09 14:46:25 +02:00
Thomas Müller 1d9bd3d31e Merge pull request #15496 from owncloud/enc-check-if-key-exists-before-deleting
Check if the key exists, before trying to delete it
2015-04-09 14:45:40 +02:00
Bjoern Schiessle 332ea77865 only create a db entry for the user in case of a name conflict on group share 2015-04-09 11:16:08 +02:00
Joas Schilling 45575d0135 Check if the key exists, before trying to delete it 2015-04-09 10:28:02 +02:00
Lukas Reschke ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Morris Jobke 9c76d068c3 Merge pull request #15196 from owncloud/limit-file-activities-to-favorites
Limit file activities to favorites
2015-04-09 00:18:31 +02:00
Morris Jobke f3ef17a963 Merge pull request #15490 from owncloud/remove-debug-logging
remove unessesary logging of methods instantiation
2015-04-08 21:42:47 +02:00
Morris Jobke 4e60b81264 Merge pull request #14120 from owncloud/dav-statcache
Stat cache for DAV storage, improves s2s performance a little bit
2015-04-08 21:09:28 +02:00
Clark Tomlinson 3ffb2d8abd remove unessesary logging of methods instantiation 2015-04-08 14:46:01 -04:00
Bjoern Schiessle c379557e1d don't throw exception if a file gets uploaded and encryption is disabled 2015-04-08 16:41:20 +02:00
Morris Jobke 103d451459 Merge pull request #14987 from rullzer/ocs_password_fix2
OCS Fixes to allow setting of password without removing additional settings
2015-04-08 14:44:17 +02:00
Robin Appelman 6a59502759 Work directly on the storage when uploading over webdav 2015-04-08 14:04:58 +02:00
Morris Jobke 59322a5037 Merge pull request #15333 from owncloud/copy-cross-device
fix copying folder across devices
2015-04-08 12:35:15 +02:00
Morris Jobke 6c327f8331 Merge pull request #14879 from oparoz/fix-preview-caching
Introducing the maximum size preview
2015-04-07 18:16:24 +02:00
Thomas Müller a4483243ac fixing license headers - encryption code related 2015-04-07 17:02:49 +02:00
Olivier Paroz 74bf9806b0 Introducing the maximum size preview
The first time we're asked to generate a preview we'll generate one of the maximum dimension indicated in the configuration and all future resizing requests will be done on that preview in order to not waste time converting the same file over and over.

One of the fixes required for #12465
2015-04-07 16:45:59 +02:00
Thomas Müller 161d80da5b In case of encryption exceptions we return 503 - this will allow the client to retry 2015-04-07 14:17:42 +02:00
Lukas Reschke dd7c491bff Fix PHPDoc 2015-04-07 13:49:16 +02:00
Lukas Reschke a2182cde90 Deduplicate code 2015-04-07 13:48:33 +02:00
Thomas Müller 4a70ca665c respect mount option while encrypting 2015-04-07 13:30:31 +02:00
Thomas Müller 111fbabfb4 PHPDoc cleanup - clean code \o/ 2015-04-07 13:30:31 +02:00
Thomas Müller 69e95531f8 comment change as it broke unit tests 2015-04-07 13:30:31 +02:00
Thomas Müller ba9a797eaa Encryption storage wrapper is enabled by default - necessary to detect encrypted files even if encryption was disabled after files have been encrypted - prevents data corruption 2015-04-07 13:30:31 +02:00
Bjoern Schiessle 3d7404fe68 add unit tests to the keystorage 2015-04-07 13:30:31 +02:00
Bjoern Schiessle fe74a0cb4f implement webdav copy 2015-04-07 13:30:31 +02:00
Thomas Müller 8991272269 Using stream_get_contents in file_get_contents implementation + close handle 2015-04-07 13:30:31 +02:00
jknockaert ff16e3dbff Adjusting count on read 2015-04-07 13:30:31 +02:00
jknockaert 02404a6a8c Fixing encryption stream wrapper seek - thanks @jknockaert 2015-04-07 13:30:30 +02:00
Thomas Müller 104d11ec4c Fixing encryption storage wrapper tests 2015-04-07 13:30:30 +02:00
Thomas Müller d9c41b00ab Introducing trait LocalTempFileTrait 2015-04-07 13:30:30 +02:00
Bjoern Schiessle fac7ec3fc4 fix re-shares with encryption 2015-04-07 13:30:30 +02:00
Thomas Müller 8ffa6db110 fixing unit tests for stream wrapper 2015-04-07 13:30:30 +02:00
Thomas Müller 9d8c07850d fixing unencrypted file size 2015-04-07 13:30:30 +02:00
Bjoern Schiessle a74ee67476 don't wrap share storages 2015-04-07 13:30:30 +02:00
Thomas Müller 664b2bb7af cleaning up exception mess 2015-04-07 13:30:30 +02:00
Thomas Müller c9d6ed3d7d in case the file exists we require the explicit module as specified in the file header - otherwise we need to fail hard to prevent data loss on client side 2015-04-07 13:30:30 +02:00
Bjoern Schiessle 51302d5812 getUidAndFilename() always get uid from path 2015-04-07 13:30:30 +02:00
Thomas Müller cac83642f2 Finally fixing encryption with public share 2015-04-07 13:30:30 +02:00
Thomas Müller a57918fb10 Hook: fixing error message in exception case 2015-04-07 13:30:30 +02:00
Thomas Müller 137c135664 file_put_contents has to return the number of written bytes 2015-04-07 13:30:30 +02:00
Thomas Müller f20844ac89 PHPDoc 2015-04-07 13:30:30 +02:00
Bjoern Schiessle 83cb382b3f pass file helper to encryption wrapper 2015-04-07 13:30:29 +02:00
Bjoern Schiessle e4895bda01 add helper class accessible for encryption modules to ask for a list of users with access to a file, needed to apply the recovery key to all files 2015-04-07 13:30:29 +02:00
Thomas Müller a98b7dbf6f Fix double registration of encryption module 2015-04-07 13:30:29 +02:00
Thomas Müller 4db75e3407 Setting up the encryption wrapper in a setup hook - temporarily fixes the wrapping order 2015-04-07 13:30:29 +02:00
Thomas Müller bf809ac85a Removing left overs from old encryption app 2015-04-07 13:30:29 +02:00
Thomas Müller 6ccd3ffa23 adding function getSecureRandom(); to IServerContainer 2015-04-07 13:30:29 +02:00
Bjoern Schiessle 0f28d538a0 add session class to handle all session operations 2015-04-07 13:30:28 +02:00
Thomas Müller 1b42b492dc kill OC_FileProxy 💥 2015-04-07 13:30:28 +02:00
Thomas Müller dbdd754c3f Further cleanup of files_encryption 2015-04-07 13:30:28 +02:00
Thomas Müller 00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Thomas Müller 99255ff3a9 Fix - public sharing: in case on user is available - get it from the path 2015-04-07 13:30:28 +02:00
Bjoern Schiessle 0eee3a2618 remove unencrypted_size from the cache, size will contain the unencrypted size 2015-04-07 13:30:28 +02:00
Thomas Müller d185761d31 initializing some variables + update size after writing the headers 2015-04-07 13:30:28 +02:00
Thomas Müller 4441835d18 https://github.com/owncloud/core/pull/15305#discussion_r27382305
Conflicts:
	lib/private/files/stream/encryption.php
2015-04-07 13:30:28 +02:00
Thomas Müller 90487384f7 initializing some variables 2015-04-07 13:30:28 +02:00
Bjoern Schiessle 0c48b069ba call end() before closing the file 2015-04-07 13:30:28 +02:00
Thomas Müller 498625ea3a adding unit tests for stream wrapper 2015-04-07 13:30:28 +02:00
Thomas Müller a905f641b3 various fixes & start to unit test the encryption storage wrapper 2015-04-07 13:30:28 +02:00
jknockaert 3e6eb28ee3 Applying diff as of https://github.com/owncloud/core/pull/15303 2015-04-07 13:30:28 +02:00
Bjoern Schiessle a85e2e0bfd make recovery settings work 2015-04-07 13:30:28 +02:00
Bjoern Schiessle 937efe856d fix lib/private/encryption/util.php call 2015-04-07 13:30:28 +02:00
Bjoern Schiessle c266b3b5b7 remove debug code from core 2015-04-07 13:30:28 +02:00
Bjoern Schiessle c64e0af4fb check if recovery key exists and encrypt the file with the recovery key if needed 2015-04-07 13:30:28 +02:00
Bjoern Schiessle 2244ea998d core: documentation fixes 2015-04-07 13:30:27 +02:00
Bjoern Schiessle cb9980823d core: small fixes 2015-04-07 13:30:27 +02:00
Bjoern Schiessle 810ca9105c implement rename and delete of encryption keys 2015-04-07 13:30:27 +02:00
Clark Tomlinson 0c2f9ca849 Updating keystorage movement and fixing hooks 2015-04-07 13:30:27 +02:00
Bjoern Schiessle 506222567e add deleteKey methods to key storage 2015-04-07 13:30:27 +02:00
Bjoern Schiessle e2f714263f fix encryption manager to handle more than one encryption module 2015-04-07 13:30:27 +02:00
Bjoern Schiessle 5bc9ababeb fix keystorage and add unit tests 2015-04-07 13:30:27 +02:00
Clark Tomlinson 39733c8da1 Initial commit 2015-04-07 13:30:27 +02:00
Bjoern Schiessle 63e7fe608a create basic interfaces and wrapper to make encryption more modular 2015-04-07 13:30:27 +02:00
Joas Schilling 3bde7c2f67 When guessing the timezone, the offset might only be valid on a given timestamp 2015-04-07 10:13:06 +02:00
Robin McCorkell fbb84a518f Fix UrlGenerator::imagePath() for app paths 2015-04-03 23:42:18 +01:00
Thomas Müller 3bf269e565 Merge pull request #15229 from owncloud/response-setContentLengthHeader
Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround...
2015-04-03 22:51:36 +02:00
Thomas Müller b2b3e1ac94 Merge pull request #15391 from owncloud/fix-language-caching
fix caching of preferred language
2015-04-03 22:51:13 +02:00
Thomas Müller 3d2116dfe7 Merge pull request #15386 from oparoz/yaml-cnf-mediatype
Introducing media types for yml, yaml, cnf, conf
2015-04-03 22:49:41 +02:00
Robin Appelman 712e478cb2 fix caching of preferred language 2015-04-03 15:36:24 +02:00
Lukas Reschke 25531bad88 Make user names clickable 2015-04-03 13:36:03 +02:00
Lukas Reschke 0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Morris Jobke a2087f30d1 Merge pull request #15383 from owncloud/fix-exception-message
Update exception messages to better reflect and describe the problem
2015-04-03 10:15:23 +02:00
Olivier Paroz 70ec74e88b Introducing media types for yml, yaml, cnf, conf 2015-04-02 21:37:57 +02:00
Lukas Reschke fa079a5959 Merge pull request #12314 from oparoz/patch-3
Make findBinaryPath compatible with open_basedir
2015-04-02 18:54:03 +02:00
Joas Schilling a8d1ede347 Fix the exception messages 2015-04-02 18:40:06 +02:00
Thomas Müller 9f58097e4d Merge pull request #14113 from owncloud/chunking-chunkpartfiles
Added part files for when writing chunks
2015-04-02 18:15:27 +02:00
Thomas Müller 4082436419 Merge pull request #15367 from owncloud/pre-setup-hook
setup storage wrappers before setting up the filesystem
2015-04-02 17:40:23 +02:00
Morris Jobke 1720fdf5f4 Merge pull request #15346 from oparoz/split-image-provider
Split image provider in one sub-class per media type
2015-04-02 13:40:09 +02:00
Robin Appelman f585994c4b setup mount manager before wrappers 2015-04-02 13:28:36 +02:00
Olivier Paroz 8ec6dfdbf8 Split image provider in one sub-class per media type 2015-04-02 10:31:24 +02:00
Morris Jobke 82f91c50c7 Merge pull request #15349 from oparoz/limit-bitmap-previews-2
The bitmap preview class now takes maxX and maxY into consideration
2015-04-02 10:23:55 +02:00
Thomas Müller 9e5b319ed4 Merge pull request #15362 from owncloud/issue/15359-purge-memcache-console-app-disable
Correctly purge the cache when an app is disabled via cli
2015-04-02 09:26:15 +02:00
Joas Schilling 696c750cfe Fix docs and line breaks 2015-04-02 08:28:42 +02:00
Robin Appelman 3cb53b7756 setup storage wrappers before setting up the filesystem 2015-04-01 17:12:06 +02:00
Olivier Paroz 1525ecd3dd The bitmap preview class now takes maxX and maxY into consideration
This is a fix for owncloud#13607 and is part of the global programme: owncloud#13609

The image aspect ratio is kept intact.
2015-04-01 15:54:22 +02:00
Joas Schilling d01cfde982 Correctly purge the cache when an app is disabled via cli 2015-04-01 15:43:38 +02:00
Roeland Jago Douma 288da619b1 Deprecate functions that only call the urlgenerator anyway 2015-04-01 14:32:49 +02:00
Joas Schilling 730efe25a4 Make scrutinizer happy 2015-04-01 12:13:49 +02:00
Pierre Jochem a1828ff034 More secure proposal 2015-04-01 11:28:53 +02:00
Olivier Paroz 0f01de9f7e Use getenv to get the paths for `find` 2015-03-31 23:49:21 +02:00
Olivier Paroz 7c41c0c13f use ExecutableFinder and find in findBinaryPath
When using open_basedir, commands such as `which`or `command`can fail
because they might try to look outside of the restricted perimeter.
Symfony's ExecutableFinder can be used instead to look in standard
locations and we can use `find` as a last resort

A better solution would be to adopt a mechanism similar to what has
been done for office documents where a configuration parameter is used
to indicate the path where the executable is to be found.
2015-03-31 23:49:16 +02:00
Robin Appelman 068c624b0d fix copying folder across devices 2015-03-31 13:50:11 +02:00
Roeland Jago Douma 0bf06d6691 No injections 2015-03-30 20:07:12 +02:00
Morris Jobke bf17ac929d Merge pull request #15169 from rullzer/fix_displayNamesInGroup
Groupmanagers displayNamesInGroup should actually search in displaynames
2015-03-30 17:04:09 +02:00
Joas Schilling b95d12700c Add logic for getting the user from the rss token to the Manager 2015-03-30 15:23:09 +02:00
Roeland Jago Douma b0aa17b13f OCS Fixes to allow setting of password without removing additional settings
- Added setPassword to share.php
- Fixed OCS API call
- Added unit tests
2015-03-30 14:00:50 +02:00
Lukas Reschke 65202d2a18 Add check for activated local memcache
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.

Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Vincent Petry d3752ca1e9 Merge pull request #15289 from owncloud/min-upload-limit
Require minimum 1 MiB upload limit
2015-03-28 11:34:11 +01:00
Robin McCorkell ab991458ad Require minimum 1 MiB upload limit 2015-03-27 23:43:35 +00:00
Robin McCorkell 1511a42da7 Check for relative datadirectory path 2015-03-27 23:29:46 +00:00
Vincent Petry a32c71d25e Revert "Deprecated \OCP\IAppConfig - add missing methods to IConfig"
This reverts commit 012016d331.
2015-03-27 18:50:11 +01:00
Morris Jobke f4dc9e6bf3 Merge pull request #15155 from owncloud/share-donotreturntrashedfiles
Do not return shares for files outside "files"
2015-03-27 17:05:14 +01:00
Thomas Müller 4d12c4a38b Merge pull request #13938 from owncloud/deprecate-iappconfig
Deprecated \OCP\IAppConfig - add missing methods to IConfig
2015-03-27 16:07:41 +01:00
Thomas Müller 722e50a112 Merge pull request #15240 from owncloud/storage-wrapper-priority
add priority to storage wrappers
2015-03-27 15:18:44 +01:00
Thomas Müller 98bc1ad70a Merge pull request #15265 from owncloud/enc2_fixes
core improvements for Encryption 2.0
2015-03-27 14:58:33 +01:00
Morris Jobke e918bcf212 Merge pull request #15247 from owncloud/fix_group_share_master_backport
also call generateTarget for group shares
2015-03-27 14:40:52 +01:00
Vincent Petry 80f83ab5e0 Do not return shares for files outside "files" 2015-03-27 13:25:23 +01:00
Vincent Petry 7ad4dfa201 Merge pull request #15227 from owncloud/ocetag-header
Copy Etag header to OC-Etag for sabre calls
2015-03-27 13:10:27 +01:00
Bjoern Schiessle b5fad75e57 add deleteAllFileKeys to public interface and add "uid" as parameter for the
update call
2015-03-27 11:51:53 +01:00
Bjoern Schiessle c6be1ba8d3 fix check if a file is excluded from encryption or not 2015-03-27 11:51:50 +01:00
Morris Jobke a62f38a18b Merge pull request #15225 from owncloud/make-setups-for-users-that-tend-to-use-owncloud-on-not-proper-machines-a-little-bit-more-secure
Add some generic default headers as well via PHP
2015-03-27 09:54:40 +01:00
Lukas Reschke 9622fbdf29 Filter potential dangerous characters in path name
We should not allow / or \ in the postfix here.
2015-03-26 23:17:18 +01:00
Vincent Petry 670ca68453 Added stat cache for DAV storage
The stat cache stored known states of files/folders to avoid requerying
the DAV server multiple times.
2015-03-26 23:15:53 +01:00
Vincent Petry 746be98e03 Merge pull request #13654 from oparoz/tmpfile-with-extension
Keep the extension in temp files
2015-03-26 23:08:08 +01:00
Robin McCorkell c2909355bf Merge pull request #14925 from owncloud/ext-mountoptions-ui
Mount options GUI for external storage
2015-03-26 21:36:34 +00:00
Lukas Reschke 9d1ce53cb1 Add some generic default headers as well via PHP 2015-03-26 22:32:57 +01:00
Bjoern Schiessle 223cca2a07 also call generateTarget for group share to add the correct prefix if share_folder is defined in config.php 2015-03-26 22:31:45 +01:00
Morris Jobke e8109f0bc3 Merge pull request #13802 from owncloud/share-partfilepermissions
Fix share permission checks
2015-03-26 22:01:05 +01:00
Morris Jobke 4c00be4961 Merge pull request #14488 from owncloud/enhancement/security/inline-disposition
Serve all files with a Content-Disposition of 'attachment' via WebDAV
2015-03-26 21:45:30 +01:00
Robin Appelman cb9ead7dde add priority to storage wrappers 2015-03-26 21:26:38 +01:00
Thomas Müller 232518ac54 Merge pull request #15234 from owncloud/encryption2_core
core part of encryption 2.0
2015-03-26 21:14:59 +01:00
Bjoern Schiessle ff9c85ce60 implement basic encryption functionallity in core to enable multiple encryption modules 2015-03-26 20:56:51 +01:00
Lukas Reschke 8ebe667202 Remove unneeded argument 2015-03-26 20:45:39 +01:00
Lukas Reschke 74a9fc29b4 Merge pull request #14399 from owncloud/ignore-empty-plurals
Ignore empty plurals just like with singulars
2015-03-26 20:15:33 +01:00
Lukas Reschke 55fd0082aa Serve all files with a Content-Disposition of 'attachment' via WebDAV
As an additional security hardening it's sensible to serve these files with a Content-Disposition of 'attachment'. Currently they are served 'inline' and get a "secure mimetype" assigned in case of potential dangerous files.

To test this change ensure that:

- [ ] Syncing with the Desktop client still works
- [ ] Syncing with the Android client still works
- [ ] Syncing with the iOS client still works

I verified that the 1.8 OS X and iOS client still work with this change.
2015-03-26 20:01:05 +01:00
Lukas Reschke c8c722bc6d Merge pull request #15129 from owncloud/version-command-bus
expire versions in a background command
2015-03-26 19:55:13 +01:00
Morris Jobke 70e64822b9 Merge pull request #14665 from owncloud/fileid-increment
SQLite autoincrement test
2015-03-26 19:36:18 +01:00
Vincent Petry 58b4c2c0e5 Make sure mountOptions keep their data type
str_replace for $user substitution was converting the data type of
mountOptions to string. This fix prevents this to happen by making sure
only strings are processed by substitution.

Also added a int conversion when reading the watcher policy
2015-03-26 19:24:37 +01:00
Thomas Müller a8b756154a Merge pull request #14495 from owncloud/update-mailmap-01
Updating .mailmap
2015-03-26 17:17:18 +01:00
Robin Appelman 8c903c100f check limit of serialized command in unit tests 2015-03-26 17:07:02 +01:00
Robin Appelman 268f249e8d ensure commands can be serialized in unit tests 2015-03-26 17:07:02 +01:00
Robin Appelman ddd6a67d2a Handle exceptions thrown during hooks when running unit tests 2015-03-26 17:07:02 +01:00
Robin Appelman 3ed6ed3c36 Force test cases using background commands to handle setting up the filesystem 2015-03-26 17:07:02 +01:00
Andreas Fischer 0f58315543 Add OC_Response::setContentLengthHeader() for Apache PHP SAPI workaround.
Do not send Content-Length headers with a value larger than PHP_INT_MAX
(2147483647) on Apache PHP SAPI 32-bit. PHP will eat them and send 2147483647
instead.

When X-Sendfile is enabled, Apache will send a correct Content-Length header,
even for files larger than 2147483647 bytes. When X-Sendfile is not enabled,
ownCloud will not send a Content-Length header. This prevents progress bars
from working, but allows the actual transfer to work properly.
2015-03-26 16:37:38 +01:00
Joas Schilling 39dbf9509b Merge pull request #15224 from owncloud/issue/15191-app-code-checker-error-list
Correctly only send the errors of the current file to the event
2015-03-26 16:35:46 +01:00
Vincent Petry 70acd58336 Copy Etag header to OC-Etag for sabre calls 2015-03-26 16:06:43 +01:00
Joas Schilling db763027bb Correctly only send the errors of the current file to the event 2015-03-26 15:33:31 +01:00
Vincent Petry a84ade5f32 Revert "adding OC-ETag header"
This reverts commit 30ee8b6f99.
2015-03-26 15:04:41 +01:00
Vincent Petry daceb1a9ac Revert "adding unit tests"
This reverts commit 8d327c94a8.
2015-03-26 15:04:36 +01:00
Vincent Petry cda7f7fd61 Merge pull request #15168 from owncloud/oc-etag-master
adding OC-ETag header
2015-03-26 13:52:43 +01:00
Lukas Reschke 468456e168 Merge pull request #14125 from dratini0/master
[nginx] Extending X-Accel-Redirect support
2015-03-26 13:35:00 +01:00
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Morris Jobke 20f5290462 Merge pull request #15195 from owncloud/reanimate-add-guzzle
Add wrapper for Guzzle
2015-03-26 11:06:48 +01:00
Vincent Petry f056558b72 Add repair step to fix SQLite autoincrement
Force Doctrine to generate alter table SQL statements for SQLite to make
sure the code from OCSqlitePlatform is triggered.
2015-03-26 11:00:22 +01:00
Thomas Müller 8d327c94a8 adding unit tests 2015-03-26 10:49:26 +01:00
Robin Appelman ac8254de6a Rename platform 2015-03-25 18:33:21 +01:00
Robin Appelman 24a30c10d7 Add custom sqlite platform to set auto increment 2015-03-25 18:33:21 +01:00
Lukas Reschke 5f044ebf1b Add wrapper for Guzzle 2015-03-25 16:04:41 +01:00
Andreas Fischer 630b7edc54 Do not use APCu when apc.enabled is Off. 2015-03-25 14:52:01 +01:00
Thomas Müller 43beaba0dc Merge pull request #15171 from owncloud/sabre-logforbiddenasdebug
Log forbidden in debug level
2015-03-24 23:31:35 +01:00
Lukas Reschke ec12f5e019 Merge pull request #14949 from owncloud/sabre-2.1.3
Update sabre-2.1.3 thirdparty submodule
2015-03-24 23:16:57 +01:00
Vincent Petry 72c1c89bcd Log forbidden in debug level 2015-03-24 22:08:11 +01:00
Thomas Müller 30ee8b6f99 adding OC-ETag header 2015-03-24 21:36:46 +01:00
Roeland Jago Douma abfb524b29 When searching for displayname then search for displayname 2015-03-24 21:35:44 +01:00
Lukas Reschke 5a9c9b86f8 Merge pull request #15153 from owncloud/uniquename-node
Add `getNonExistingName()` to the node api
2015-03-24 15:51:12 +01:00
Robin Appelman d11f01fa0f Add `getNonExistingName()` to the node api 2015-03-24 15:00:36 +01:00
Vincent Petry 331f0196e0 Merge pull request #15150 from owncloud/sabre-removerangeexceptionforencryption
Remove range header exception for encryption
2015-03-24 14:29:01 +01:00
Morris Jobke 92791bb8ba Merge pull request #15126 from owncloud/sabre-storagenotavailable
Soft fail in CustomPropertiesBackend whenever storage not available
2015-03-24 14:01:47 +01:00
Joas Schilling 5e71d1558a Merge pull request #15149 from owncloud/fix-enable-for-group
Correctly get array of groups and send OCP\IGroup objects to enable meth...
2015-03-24 13:50:56 +01:00
Vincent Petry 46475bf580 Merge pull request #15003 from owncloud/issue/14859-speed-up-favorite-list
Do not walk over the users directory, but over the list of tagged objects
2015-03-24 13:26:59 +01:00
jknockaert a1b68b5a48 Remove range header exception for encryption
revert #10422
2015-03-24 13:19:49 +01:00
Joas Schilling b262c30fa9 Correctly get array of groups and send OCP\IGroup objects to enable method 2015-03-24 12:56:42 +01:00
dratini0 d4e5ef4f38 Removed simplified X-accel-redirect even further 2015-03-23 17:51:12 +01:00
Vincent Petry eb894e6625 Soft fail in CustomPropertiesBackend whenever storage not available
When a storage is not available, it will not fail the whole call any
more but still return a usable file list.
2015-03-23 17:41:32 +01:00
Morris Jobke 0adcb99110 Merge pull request #14862 from owncloud/introduce-shipped.json-master
shipped apps are now defined in core/shipped.json - the shipped tag in i...
2015-03-23 17:17:33 +01:00
dratini0 c432b52c74 Changed the disputed while loop to a single if. 2015-03-23 16:12:03 +01:00
Joas Schilling 1a26263123 Do not walk over the users directory, but over the list of tagged objects
Way quicker
2015-03-23 15:10:58 +01:00
Olivier Paroz f3fe46685b Introducing 3D images support (media type)
So that people with 3D images can at least see a 2D picture
Full 3D support is possible via an app
2015-03-20 22:11:42 +01:00
Thomas Müller afa8872955 Merge pull request #14857 from owncloud/preview-provider-registration-in-manager
Preview provider registration in manager
2015-03-20 16:34:22 +01:00
Morris Jobke a45e45df1e Merge pull request #14941 from AdamWill/pipeline-apps
fall back to absolute path for pipelined assets (#14940)
2015-03-20 14:56:02 +01:00
Thomas Müller 0b1c4bfc3b Merge pull request #15062 from owncloud/fix-15053-master
Handle session initialization errors and display error page
2015-03-20 14:07:15 +01:00
Vincent Petry 67160e0861 Do not automatically add "update" permission to shared mounts
In the past it seems the update permission was needed to be able to
rename shared mounts, but it doesn't seem to be the case any more.

Removing the "update" permission that used to be added automatically
fixes the read-only permission check when trying to overwrite a
read-only file over WebDAV.
2015-03-20 12:33:59 +01:00
Thomas Müller 843fef0490 Handle session initialization errors and display error page - fixes #15053 2015-03-20 12:21:03 +01:00
Thomas Müller cce303ff5c Merge pull request #15047 from owncloud/connect-failed-exception-message
be a little more verbose in the exception message when we cant connect to...
2015-03-20 10:06:06 +01:00
Robin Appelman faa4918355 be a little more verbose in the exception message when we cant connect to the db 2015-03-20 03:56:38 +01:00
Robin Appelman 2df20aaffb show exception type in debug mode 2015-03-20 03:51:21 +01:00
Vincent Petry 5ba508b346 Fix permission checks in Sabre connector
This fixes moving files in and out of shared folders with some exotic
permission combinations.
2015-03-19 21:18:48 +01:00
Thomas Müller 857b22c61b Merge pull request #15025 from rullzer/ocs_respect_enforced_date
Ocs respect enforced date
2015-03-19 17:06:04 +01:00
Robin Appelman 73874ca27f Merge pull request #14704 from owncloud/storage-wrapper-mount
pass mountpoint to storage wrapper callback
2015-03-19 16:20:38 +01:00
Olivier Paroz f890c3ffb1 Make the method compatible with all types of extensions
Fix existing tests
2015-03-19 16:09:16 +01:00
Olivier Paroz 60b1643f02 Fix the office class
The office converter already replaces the original extension with '.pdf', so we need to switch the extensions of the tmp file instead of appending '.pdf' to it
2015-03-19 16:09:09 +01:00
Olivier Paroz 8d6b2b8867 Keep the extension in temp files
The file extension helps some applications like ImageMagick to properly
process files
2015-03-19 16:09:02 +01:00
Thomas Müller 0868e49663 Merge pull request #14980 from owncloud/fix-fileglobalgc
Fix fileglobalgc unlink parameter warnings
2015-03-19 14:17:20 +01:00
Roeland Jago Douma 3c39658a1c When the expiration date is enforced respect this
Make sure that we do not allow removing of the expiration date when this
is enforced in the settings.
2015-03-19 10:07:17 +01:00
Vincent Petry fe8002a7db Merge pull request #14995 from owncloud/remove-unrequired-backtick-removal
Remove unrequired backtick removal
2015-03-18 19:34:49 +01:00
Robin McCorkell 693ca9a92f Add unit tests for gc() for \OC\Cache\FileGlobalGC 2015-03-18 16:19:04 +00:00
Robin Appelman e2e16249a1 Merge pull request #14999 from owncloud/kill-fileoperations-proxy
kill fileoperations proxy
2015-03-18 15:42:00 +01:00
Lukas Reschke 7310575f07 Merge pull request #14994 from owncloud/sabre-customprops-softfail
Soft fail in custom properties backend
2015-03-18 15:39:35 +01:00
Robin Appelman 8f9ddef435 kill fileoperations proxy
check is now handled by storage backends
2015-03-18 15:04:28 +01:00
Morris Jobke 378eef7eb4 migrate share helper method to IConfig 2015-03-18 13:07:39 +01:00
Lukas Reschke bb5c5a3691 Remove unreqired backtick removal
Without this files with a ` (backtick) in the beginning of the filenames where simply not correctly referenced as the ` got removed. This can lead to all possible havoc situations.

Should get backported to stable8 and in future we might consider if it is really worth to backport such changes when it is just for SQLite 🙈

Regression of https://github.com/owncloud/core/pull/14734
2015-03-18 12:38:19 +01:00
Vincent Petry 50194c31b4 Soft fail in custom properties backend
This makes it possible for clients to still receive a file list (minus
the broken files) instead of getting no list at all
2015-03-18 12:36:37 +01:00
Lukas Reschke 917cb66a5b Use ArrayCache if ownCloud is not installed
If ownCloud has not been installed yet the prefix might otherwise change at this point quite some time and thus the cache runs havoc.

This made installing ownCloud impossible on systems where APCu or so was available. However, I was not able to reproduce the same problem for application upgrades so this patch seems to work fine for this situation as well.

Fixes itself.
2015-03-18 11:47:16 +01:00
Robin McCorkell 42fcd0e8b7 Fix fileglobalgc unlink parameter warnings 2015-03-18 00:07:18 +00:00
Thomas Müller c69cd28a73 Merge pull request #14968 from owncloud/files-reallowsinglequote
Reallow single quote in file names
2015-03-17 23:50:16 +01:00
Thomas Müller a4d2c7810e Merge pull request #14975 from owncloud/add-smtp-debug-mode
Add debug mode back to mailer
2015-03-17 23:49:19 +01:00
Lukas Reschke f13216d275 Use `FILTER_UNSAFE_RAW` instead of `FILTER_SANITIZE_STRING`
`FILTER_SANITIZE_STRING` will still encode everything else.
2015-03-17 21:56:16 +01:00
Bernhard Posselt 087117d87d Merge pull request #14961 from owncloud/onlyrequireinfo
Only hard depend on the info.xml and not the app.php
2015-03-17 21:27:51 +01:00
Robin McCorkell 760f5fc5e5 Merge pull request #14954 from owncloud/cache-image-path
Cache \OC\URLGenerator::imagePath
2015-03-17 19:36:23 +00:00
Lukas Reschke aea4b3166b Add debug mode back to mailer
This re-adds the debug mode for the mailer which will log the whole SMTP traffic within the log file if enabled.
2015-03-17 19:41:13 +01:00
Morris Jobke 012016d331 Deprecated \OCP\IAppConfig - add missing methods to IConfig 2015-03-17 17:19:33 +01:00
Bernhard Posselt 57ceed590a only hard depend on the info.xml and not the app.php
fix comment
2015-03-17 15:43:48 +01:00
Thomas Müller 6d5f52484e Merge pull request #14948 from owncloud/prefix-memcache
Add version and path to cache prefix
2015-03-17 13:39:22 +01:00
Lukas Reschke 1f4aa5350a Reuse cache result 2015-03-17 13:15:52 +01:00
Lukas Reschke 4f9b76d821 Read theme only if required 2015-03-17 12:47:46 +01:00
Lukas Reschke c233f2c90b Add version and path to cache prefix
Prevents to have the cache reused by other instances on the server which have possible the same instance ID and also invalidates older cache entries after an upgrade which can cause unwanted side-effects.

Impact for deployment: The same cache will only get used if ownCloud is installed with the same version and under the same path. But this should be a basic requirement anyways.
2015-03-17 12:39:49 +01:00
Lukas Reschke 9e2ebf2dce Cache \OC\URLGenerator::imagePath
\OC\URLGenerator::imagePath is a really expensive operation due to all the I/O handling and can really benefit from caching.
2015-03-17 12:35:47 +01:00
Vincent Petry 5ea8ab3bb0 Fix Principal connector override 2015-03-17 12:22:29 +01:00
Joas Schilling 9c45ab49a1 Use a closure for the files app entry and deprecate old methods 2015-03-17 12:17:09 +01:00
Thomas Müller 98a42dbccc Merge pull request #14927 from oparoz/raw-mimetypes
Introducing the Raw media types
2015-03-17 11:32:09 +01:00