Commit Graph

10499 Commits

Author SHA1 Message Date
Joas Schilling e690f0e7e3
Merge pull request #22550 from nextcloud/bugfix/13556/use-correct-root-when-compiling-scss
Use the correct root to determinate the webroot for the resource
2020-09-04 08:58:07 +02:00
Roeland Jago Douma 0452877a67
Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +02:00
Joas Schilling 87aa9b187e
Use the correct root to determinate the webroot for the resource
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-02 17:13:24 +02:00
Roeland Jago Douma 6bda2c26c7
Merge pull request #22423 from nextcloud/bugfix/noid/direct-editing-encryption
Do not expose direct editing if no master key is available
2020-09-01 20:32:21 +02:00
Roeland Jago Douma ab6bd79c02
Only disable zip64 if the size is known
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-01 15:01:12 +02:00
Julius Härtl e0ae37745a
Do not expose direct editing if no master key is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-01 11:40:27 +02:00
Roeland Jago Douma d0a7f833cc
Merge pull request #22116 from nextcloud/bugfix/noid/transfer-ownership-share-root
Fix share transfer of single files and on the transfered node
2020-09-01 08:50:22 +02:00
Roeland Jago Douma e0d767d3e1
Merge pull request #16632 from nextcloud/bugfix/external-reshare
Set proper root path for single file shares originating from other storages
2020-09-01 08:48:31 +02:00
Roeland Jago Douma 8dd249937f
Merge pull request #22514 from nextcloud/fix/s3/only_delete_new_failed
Fix S3 error handling
2020-08-31 19:03:24 +02:00
Robin Appelman 81c5aa9819
set the mount id before calling storage wrapper
this allows the storage wrapper to use the mount id for it's own logic

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 16:38:47 +02:00
Julius Härtl ac2999a26a
Transfer shares of the transferred root node
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-31 14:23:34 +02:00
Roeland Jago Douma 789b33aba4
Only update the filecache entry once the file has been written to S3
If we already update before we have no way to revert if the upload
fails.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:28:04 +02:00
Roeland Jago Douma 6ffd7173f9
Don't lose filecache entry on s3 overwrite error
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:25:20 +02:00
Roeland Jago Douma c43189beae
Merge pull request #22476 from nextcloud/setting-sections-unique
ignore duplicate setting sections
2020-08-30 21:15:50 +02:00
Robin Appelman eb4154cee0
ignore duplicate setting sections
this prevents some 'Section with the same ID already registered' errors in the log

also includes an improvement of the error message to make other cases easier to find

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 17:06:48 +02:00
Roeland Jago Douma 7b8364e001
Merge pull request #21288 from lmamane/master
Return correct loginname in credentials
2020-08-28 16:11:46 +02:00
Robin Appelman 2879472f81
trim slashes
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 11:14:50 +02:00
Julius Härtl 7512dc2b34
Set proper root path for single file shares originating from other storages
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-28 10:50:15 +02:00
Robin Appelman c077c15875
show better quota warning for group folders and external storage
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-25 16:05:16 +02:00
Roeland Jago Douma 7e6f04490e
Merge pull request #22393 from nextcloud/fix/license-headers-20
Update the license headers for Nextcloud 20
2020-08-24 22:03:00 +02:00
Joas Schilling df857604d5
Merge pull request #21894 from nextcloud/fix-file-quota
fix: file quota was not applied in all cases
2020-08-24 15:48:48 +02:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-24 14:54:25 +02:00
John Molakvoæ dd054f0bdb
Merge pull request #22382 from nextcloud/bugfix/22380
Add repair step to remove old dashboard app config
2020-08-24 14:00:41 +02:00
Julius Härtl 17579c6471
Add repair step to remove old dashboard app config
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-24 10:16:15 +02:00
Roeland Jago Douma 51922caa5f
Properly search for users when limittogroups is enabled
Searching just for the uid is not enough.
This makes sure this done properly again now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-21 13:14:32 +02:00
Roeland Jago Douma 6e4b089265
Merge pull request #20891 from cuppett/cuppett/issue#19790
Resolves #19790, Provides Support for IAM Credentials
2020-08-20 20:28:05 +02:00
Roeland Jago Douma 987f621173
Merge pull request #22331 from nextcloud/bugfix/noid/dont-use-deprecated-inigetwrapper
Don't use deprecated getIniWrapper() anymore
2020-08-20 19:45:47 +02:00
Morris Jobke 65b5e65185
Merge pull request #21529 from nextcloud/enh/encryption/improve_key_format
New SSE key format
2020-08-20 17:41:18 +02:00
Joas Schilling b09620651c
Don't use deprecated getIniWrapper() anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 16:35:38 +02:00
korelstar d8a80cd45c
fix: file quota was not applied in all cases 2020-08-20 16:11:50 +02:00
Lionel Elie Mamane ac8b40b8b1
Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-08-20 16:02:22 +02:00
Stephen Cuppett 5ef0f86ce7
Resolves #19790, Provides Support for IAM Credentials
Includes support for either leveraging environment variables
passed to the PHP runtime or IAM instance profile present
on the host being used. The default and first choice is
still the parameter file as documented.

See also: https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_provider.html#chaining-providers

Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2020-08-20 15:54:33 +02:00
Roeland Jago Douma 5340ab3a75
New SSE key format
* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-20 15:42:43 +02:00
Robin Appelman 5af7d921a9
Make Cache::removeChildren non recursive
Currently the "add new files during scanning" call stack is smaller than
the "remove deleted files during scanning" call stack. This can lead to
the scanner adding folders in the folder tree that are to deep to be
removed.

This changes the `removeChildren` logic to be non recursive so there is
no limit to the depth of the folder tree during removal

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-20 15:37:02 +02:00
Morris Jobke 6cdaadbc57
Merge pull request #13712 from nextcloud/bugfix/noid/do-not-load-all-routes
Only load routes of the app which is requested
2020-08-20 14:32:25 +02:00
Joas Schilling 2e4b3cebc6
Exclude the Bridge Bot password as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 10:28:35 +02:00
Roeland Jago Douma af3a59fab5
Merge pull request #22237 from nextcloud/bugfix/noid/allow_putContent_empty_string
Allow writing empty content to new file
2020-08-20 09:03:06 +02:00
Morris Jobke d8bdb439a4
Merge pull request #22289 from nextcloud/techdebt/noid/fix-encryption-stream-invalid-scalar-arguments
Cast float to int to avoid invalid scalar argument warning
2020-08-19 22:08:15 +02:00
Morris Jobke 387cac4c5f
Properly inject IRouter into URLGenerator to properly encapsulate tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 22:00:47 +02:00
Morris Jobke 053ee7b386
Only load routes of the app which is requested
* Add fallback to load all routes if needed
* Move partial loaded routes test to proper place

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 21:58:20 +02:00
Roeland Jago Douma b604d5232e
Merge pull request #22218 from nextcloud/enh/sse/make_legacy_cipher_opt_in
SSE: make legacy format opt in
2020-08-19 20:10:45 +02:00
Morris Jobke c449d54204
Merge pull request #22304 from nextcloud/techdebt/noid/matching-param-names
Use matching parameter names form interfaces and implementations
2020-08-19 19:34:02 +02:00
Morris Jobke 4c6eb96471
Merge pull request #22280 from nextcloud/bugfix/noid/429-on-brute-force-maximum
Send "429 Too Many Requests" in case of brute force protection
2020-08-19 18:21:01 +02:00
Morris Jobke fedf9c69d9
Use matching parameter names form interfaces and implementations
Found by Psalm 3.14.1

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 18:16:35 +02:00
Morris Jobke 60be722ee8
Merge pull request #22288 from nextcloud/techdebt/noid/fix-oc_image-invalid-scalar-arguments
Cast float/char to int to avoid invalid scalar argument warning
2020-08-19 17:55:56 +02:00
Morris Jobke e93bf71369
Fix the return type of OC_Template->fetchPage() to be string only
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 16:48:06 +02:00
Roeland Jago Douma 2bbb848c31
Add legacy scanning command
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Roeland Jago Douma 8928bbe969
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Joas Schilling 35a8519591
Fix CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 770381c0c6
Correctly return ms delay when at max
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00