The main use case here is storage provided versioning where we dont have
separate file ids for all the versions, by allowing a prefix for the
version we can store separate previews for all the versions.
Additionally, by keeping all the version previews in the same folder as the
"normal" previews they will be cleaned up properly when the file is deleted
Signed-off-by: Robin Appelman <robin@icewind.nl>
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
the main difference is passing the `File` object to the provider
instead of a `View` + path
Old providers will still continue to work as before
Signed-off-by: Robin Appelman <robin@icewind.nl>
This avoids calls to the autoloader (or chain of autoloaders) to see if
for example 'principalPrefix' class can be found. While we already know
it is a string.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If the token doesn't match (or isn't set) during the redirect. We should
properly set it. Else we might redirect to a later auth display that set
these values.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* uniqueMember was the default so we did not know whether this setting is
desired or the initial value
* autodetection of the user-group association attribute runs only when it
was not set (as far as we knew)
* the default is now empty
* thus LDAPProvider might return this value as well (in exceptional cases)
* if a group base is given (edge case), use this instead of general base
* resolves#12682
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
For #14179
By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If for whatever reason appdata got into a strange state this will at
least propegate up and not make it do boom the next run.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This for now uses the jsNonce. That way we can easily backport it.
For 17 I will fix it properly.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>