On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Basically we did in almost all cases did a query to much.
This resulted in an extra query for each share type.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.
Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
- Groups, which are excluded from sharing should not see local users at all
- If sharing is restricted to users own groups, he should only see contacts from his groups:
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).
With this change both variants, directory and symlinks, will be detected
correctly.
Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.
Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
PHP's json_encode only accept proper UTF-8 strings, loop over all
elements to ensure that they are properly UTF-8 compliant or convert
them manually.
Without this somebody passing an invalid User Agent may make json_encode
return false which will get logged as empty newline.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.
The easiest way to reproduce is on MySQL:
1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707
Recently there was also a bug report about a non-visible last cron execution
(#6088) - let's better remove this.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
If we have a jailed storage we must also fix the internal path on copy.
Else we pass in the wrong path.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>