Commit Graph

38626 Commits

Author SHA1 Message Date
Vincent Petry 211a76eff3
Add comment 2017-04-27 09:29:20 +02:00
Vincent Petry 614bd5c294
Properly handle missing READ permission 2017-04-27 09:29:02 +02:00
Joas Schilling 53deb26778
Fix duplicate name of class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 09:15:50 +02:00
Vincent Petry d379b197d5
Fix forbidden backslash DAV integration tests 2017-04-26 15:47:59 +02:00
Vincent Petry 7b6e4d0dd2
Fix FutureFile MOVE to keep destination node
Sabre usually deletes the target node on MOVE before proceeding with the
actual move operation. This fix prevents this to happen in case the
source node is a FutureFile.
2017-04-26 15:46:38 +02:00
Vincent Petry ec8d7010e5
Accept moving FutureFile into a Directory 2017-04-26 15:43:01 +02:00
Vincent Petry 642b4331a6
Moved unit tests from ObjectTree::move to Directory 2017-04-26 15:42:29 +02:00
Vincent Petry 82b967d3f9
Remove ObjectTree::move and let is use the IMoveTarget approach instead
This removes the duplicated code
2017-04-26 15:35:08 +02:00
Vincent Petry 0a9f7730d0
Ported ObjectTree::move to IMoveTarget in new DAV endpoint 2017-04-26 15:33:20 +02:00
Sergio Bertolin a761d4cce7
Added test cases from core 16825 2017-04-26 15:29:01 +02:00
Vincent Petry 9bff66e68d
Simplified new endpoint move test 2017-04-26 15:27:02 +02:00
Vincent Petry c30feafaa2
Added case when final chunk move must not change file id 2017-04-26 15:26:15 +02:00
Sergio Bertolin 9ab17c95c0
Added test about checking file id after a move 2017-04-26 15:24:19 +02:00
Roeland Jago Douma 5b5c3a1773 Merge pull request #4430 from nextcloud/refactor-auth
Improve readability of login logic
2017-04-26 10:41:53 +02:00
Joas Schilling bec9f18a0f Merge pull request #4478 from nextcloud/improve_settings_help
adding some documentation hints and some smaller cleanup
2017-04-26 09:45:01 +02:00
Roeland Jago Douma 7386bea23f Merge pull request #4467 from nextcloud/lists-for-html-mails
Add lists to HTML emails
2017-04-26 08:30:30 +02:00
Roeland Jago Douma 752b219970 Merge pull request #4061 from nextcloud/downstream-26407
Redis cluster support
2017-04-26 08:27:30 +02:00
Morris Jobke 527369be9c Merge pull request #4500 from nextcloud/downstream-27118
Restrict proppatch to the proper nodes
2017-04-26 01:28:16 -03:00
Morris Jobke 4c2c08f376 Merge pull request #4416 from gvmura/avoid-duplicate-files-google
Avoid duplicate files in google with the same name
2017-04-26 01:26:04 -03:00
Morris Jobke d4329f3355 Merge pull request #4449 from stweil/mimetypes
Add mimetypes for jp2 and webp
2017-04-26 01:22:49 -03:00
Jörn Friedrich Dreyer fff6d6e3e8
Refactor auth methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-26 01:08:53 -03:00
Morris Jobke 215573fe3c Merge pull request #4486 from nextcloud/fix-js-unit
Remove DOMPurify from srcFiles
2017-04-25 22:39:55 -03:00
Morris Jobke 8a004ac41f Merge pull request #4489 from nextcloud/ldap-gidnumber-sprt-xuanwo
user_ldap: Add support for gidNumber
2017-04-25 22:34:30 -03:00
Nextcloud bot e5fe41e16b
[tx-robot] updated from transifex 2017-04-26 00:07:43 +00:00
Jan-Christoph Borchardt 6db6911a13 Merge pull request #3233 from nextcloud/contactsmenu
Contacts menu
2017-04-26 01:31:11 +02:00
Jan-Christoph Borchardt 241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Jan-Christoph Borchardt 0f0b04b7d9 Fix test
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:06:56 +02:00
Morris Jobke 255c7df3bd Merge pull request #4499 from nextcloud/downstream-26984
Trigger change when a user is enabled/disabled
2017-04-25 18:27:38 -03:00
Morris Jobke 417bc606e4 Merge pull request #4508 from nextcloud/fix/remove-js-debug-logging
Remove js debug logging
2017-04-25 18:26:53 -03:00
Morris Jobke 859bc245b1 Merge pull request #4479 from nextcloud/auth-flow
Add new auth flow basics
2017-04-25 18:26:15 -03:00
Roeland Jago Douma c59652dbc3 Merge pull request #4495 from nextcloud/downstream-27638
Catch session already closed exception in destructor
2017-04-25 22:24:50 +02:00
Christoph Wurst fd74ad452a Remove js debug logging
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 21:42:38 +02:00
Jan-Christoph Borchardt 2ccaae8968 Fix emptycontent HTML and wording
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-25 20:47:18 +02:00
Jan-Christoph Borchardt 4ae5340814 Fix spinner position of Contacts menu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-25 20:47:18 +02:00
Christoph Wurst 945420baaf Use HTTP POST to retrieve the list of contacts
We do not want to have sensitive information in the URL and
therefore also not in the access log. Thus the GET request is
replaced by a POST request.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst 5c29fb16c0 Update composer autoloader
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst 98f02fad60 Adjust entry unit test to newly added avatar property
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst 5c61852c25 Fix failing contacts menu js test data
When we test wheter action menus in the contacts menu close
when clicking other ones, we have to provide test data
that actually causes the view to render the menu.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst ecd408d524 Fix icon of second action
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 2c2e1f7988 Use absolute URI for action icons
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst b8c2a8ae36 Don't show contacts an entry for themselves
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 36cee1f386 Let apps register contact menu provider via info.xml
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 5762cd9436 Use tooltop for contact's top action title
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst e3efc4979b Show mail address in popover menu
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Jan-Christoph Borchardt 61af3f41f0
Fix auth flow background color and redirect view layout
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-25 20:18:49 +02:00
Roeland Jago Douma aae079aa29
AppToken to 72 chars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
Roeland Jago Douma bb5e5efa6d
Do not remove the state token to early
we should check the stateToken before we remove it. Else the check will
always fail.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
Roeland Jago Douma 05e1092c44
Correctly case the stateToken
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
Lukas Reschke 6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00