Commit Graph

262 Commits

Author SHA1 Message Date
Roeland Jago Douma 72b7c9ffa0
Merge pull request #12105 from nextcloud/using-resharing-right-to-display-shares
Shares are displayed to users with resharing rights
2018-11-04 21:08:11 +01:00
Maxence Lange 0fc8a0f58e
user can have his resharing rights revoked, yet seeing created shares
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:10:49 +01:00
Maxence Lange 236a293f6a
check parents resharing rights
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:10:48 +01:00
Maxence Lange 275cea5d9c
limit to circles moderator
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:28 +01:00
Maxence Lange 72ad2d60b5
display shares to circles moderator
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:28 +01:00
Maxence Lange 68c44bb642
shares are displayed to users with resharing rights
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:26 +01:00
Daniel Calviño Sánchez adf80aa8b3 Add sending the password by Talk for a link share to ShareAPIController
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-11-02 01:57:48 +01:00
Bjoern Schiessle 5e90711600 allow to update lables for public link shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:18:55 +01:00
Bjoern Schiessle f377a61f90 allow to add labels to shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:15:07 +01:00
Bjoern Schiessle d0411b2369
allow to create multiple link shares via share api
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-31 06:55:52 +01:00
Daniel Calviño Sánchez bfb2a914d2 Honour "hide download" in the public share page
When the "hide download" property of a share is set the public share
page will not show the download button nor the menu with the download,
direct link and "Add to your Nextcloud" actions; the "downloadURL"
hidden field will not be included either in the generated HTML.

Despite that, note that the "downloadURL" parameter is still set and
passed to the template, as this could be needed anyway to generate
previews (for example, of audio files).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma c237a3f003 Expose hide download to public page
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma abbb946bbb Propegate hide download state in share provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
John Molakvoæ (skjnldsv) b6981dcecb
Merge branch 'master' of https://github.com/nextcloud/server into gridview-table
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 16:44:20 +02:00
John Molakvoæ (skjnldsv) e0dde083d0
Public fixes, request & default to grid
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 08:43:02 +02:00
Joas Schilling 3febeb6ca7
Use lax CSP when the share is a talk share
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-22 10:57:55 +02:00
Roeland Jago Douma bee5bbbf0e
Move files_drop to compiled handlebars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-16 08:27:06 +02:00
Joas Schilling ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 14:32:14 +02:00
Roeland Jago Douma 13b1cd5cb8
Allow userId to be null
Fixes #10852

A quick hack. Still ensures some type safety however now also accepts
null. Else we'd need to add a whole new layer of middlewares.

This can only happen when a guest user wants to access a controller that
requries the user_id.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-04 13:04:58 +02:00
Roeland Jago Douma 335efcc43b
Move to 1 template file for files
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 17:15:07 +02:00
Roeland Jago Douma ae1250f422
Compile filesummary handlebars
Fixes #11030
For https://github.com/orgs/nextcloud/projects/18

This template is now compiled so this no longer has to happen in the
browser. Another step towards a stricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:16:08 +02:00
Morris Jobke 8761856a71
Merge pull request #10838 from nextcloud/header-fixes-and-public-note
Header fixes and public note
2018-08-24 22:21:55 +02:00
Daniel Calviño Sánchez 5c07f9c2ec
Add rooms in the default candidate types to look for when sharing
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-24 18:06:46 +02:00
John Molakvoæ (skjnldsv) ac2c925231
Fix mobile view and add public share note view
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-08-24 16:45:40 +02:00
Björn Schießle 6aa6d2186c
Merge pull request #10255 from nextcloud/add-support-for-room-shares
Add support for room shares
2018-08-09 10:44:11 +02:00
Daniel Calviño Sánchez e2e6f23b67 Suppress Phan warnings about calling undeclared class methods
The DeletedShareAPIController and ShareAPIController helpers for room
shares are defined in Talk, so the classes do not exist when Talk is not
installed. Due to this when the object returned by "getRoomShareHelper"
is used Phan complains that the class is not declared.

This is not a problem, though, because when the class is not available
"getRoomShareHelper" throws an exception, which is then caught where
that method was called. Therefore now those warnings from Phan are
suppressed (it would be better to use "@phan-suppress-next-line"
instead, but it is not yet available in our Phan version).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:44 +02:00
Daniel Calviño Sánchez 382b27d035 Add support for room shares to DeletedShareAPIController
In some cases, the DeletedShareAPIController requires explicit handling
of each type of share (for example, to format a share for a
DataResponse). Room shares are implemented in an external app (Nextcloud
Talk), so in order to keep the controller as isolated as possible from
room share specifics all that explicit handling is done in a helper
class provided by the Talk app.

In other cases it is just enough to call the share manager specifying a
room share type; note that the share manager is guarded against share
types for which there is no provider, so it is not necessary to
explicitly check that before passing room shares to the share manager.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
Daniel Calviño Sánchez 4ed7131e26 Add support for room shares to ShareAPIController
In some cases, the ShareAPIController requires explicit handling of each
type of share (for example, to format a share for a DataResponse). Room
shares are implemented in an external app (Nextcloud Talk), so in order
to keep the controller as isolated as possible from room share specifics
all that explicit handling is done in a helper class provided by the
Talk app.

In other cases it is just enough to call the share manager specifying a
room share type; note that the share manager is guarded against share
types for which there is no provider, so it is not necessary to
explicitly check that before passing room shares to the share manager.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
MartB 5109743383 Fix multiSelectMenu for public shares #10536
Signed-off-by: Martin Böh (MartB) <mart.b@outlook.de>
2018-08-06 12:42:13 +02:00
Daniel Calviño Sánchez 96108ab858 Add event to load additional scripts in the auth page for public shares
Before the public share authentication page is rendered now an event to
load additional scripts is dispatched. Thanks to this any app can load
its own scripts that, when run on the browser, adjust as needed the page
generated by the server.

Note, however, that during the handling of the event apps are only able
to add scripts or styles to be loaded; they can not render arbitrary
content on the page, or change how the content is rendered by the
original template; all those changes have to be done by the scripts at
run-time.

This implies that the scripts of the apps can use only those parameters,
like the token of the share, added to the page when it is generated by
the "publicshareauth" template. Due to this, and given that the event is
being introduced to be used by Talk to inject the UI needed to request
the password for a share, the token of the share is now provided in the
generated page, just like done in the public share page.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-07-24 14:04:22 +02:00
Daniel Calviño Sánchez 7849630cef Add support for sending the password by Talk to ShareAPIController
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-07-24 14:04:17 +02:00
Bjoern Schiessle 72d2455577
return the as well note if we fetch a share
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-21 15:02:19 +02:00
Bjoern Schiessle 4f59c8e8ae
show note on public link page
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-21 15:02:18 +02:00
Bjoern Schiessle a93f2a648b
allow to add a personal note to a share
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-21 15:02:18 +02:00
Morris Jobke 82021b2b1b
Merge pull request #5280 from nextcloud/shared-with-display-name
sharedWithDisplayName & sharedWithAvatar
2018-07-13 17:29:57 +02:00
Daniel Calviño Sánchez 243df99fcf Fix formatting of email and circle shares
Due to a misplaced "||" instead of "===" the condition was always met,
so every share type in the conditional chain after the remote and remote
group shares was formatted as a remote/remote group share.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-07-12 21:24:55 +02:00
Bjoern Schiessle 3942d731d2
update unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-11 10:11:48 +02:00
Bjoern Schiessle 2abc705632
start to get fed group shares into the share dialog
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-11 10:11:47 +02:00
Bjoern Schiessle b23032e4c5
implement federated group shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-11 10:11:44 +02:00
Roeland Jago Douma b49bc11fb3
Fix exception
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-05 12:43:57 +02:00
John Molakvoæ (skjnldsv) d86c1e9503
Disable sidebar on deleted share
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-05 12:43:57 +02:00
John Molakvoæ (skjnldsv) 3b835d8076
Js magic for deleted shares
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-05 12:43:57 +02:00
John Molakvoæ (skjnldsv) 6a0552224d
getDeletedSharedWith method
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-07-05 12:43:57 +02:00
Roeland Jago Douma d805959e81
Add API to undelete delete group shares
When a group share is deleted we keep track of this in the DB.
Right now it is only possible for a recipient to get back the share by
asking the sharer to delete it and to share it again. This doesn't
scale.

This endpoint makes it possible to get back the share.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-05 12:43:56 +02:00
Daniel Calviño Sánchez 6cb2cb33ac Fix getting the information of group share as a sharee
When the receiver of a group share modifies it (for example, by moving
it to a different folder) the original share is not modified, but a
"ghost" share that keeps track of the changes made by that specific user
is used instead.

By default, the method "getShareById" in the share provider returns the
share from the point of view of the sharer, but it can be used too to
get the share from the point of view of a sharee by providing the
"recipient" parameter (and if the sharee is not found then the share is
returned from the point of view of the sharer).

The "ShareAPIController" always formats the share from the point of view
of the current user, but when getting the information of a specific
share the "recipient" parameter was not given, so it was always returned
from the point of view of the sharer, even if the current user was a
sharee. Now the "recipient" parameter is set to the current user, and
thus the information of the share is returned from the point of view of
the current user, be it the sharer or a sharee.

Note that this special behaviour of "getShareById" happens only with
group shares; with other types of shares the share is the same for the
sharer and the sharee, and thus the parameter is ignored; it was added
for them too just for consistency.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-06-29 08:20:19 +02:00
Roeland Jago Douma 9f658febca
Fix ShareControllerTest
* Removed tests that are now handled by the middleware
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 31392c2443
Move public auth page over
Now this is in core so the basics (that 99% of the app will want to
use) looks always the same.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 366981fba6
Move public preview endpoint over
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 53a1b9a84e
Quick hack to make the files sharing app work with this properly
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 8c47a632e0
Allow updating the token on session regeneration
Sometimes when we force a session regeneration we want to update the
current token for this session.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-14 08:09:36 +02:00
Maxence Lange 0009adae80 SharedWithDisplayName + SharedWithAvatar
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-05-21 01:24:45 +02:00
Roeland Jago Douma d6d0e60136
Regenerate session id after public share auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-17 22:07:20 +02:00
Morris Jobke c907b68842
Merge pull request #9284 from nextcloud/bugfix/9279/strict_sharee_api
Make ShareesAPIController strict
2018-04-25 11:53:52 +02:00
Roeland Jago Douma 4d5a2cce8d
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-24 08:07:25 +02:00
Roeland Jago Douma 3b3ff39431
Make ShareesAPIController strict
Fixes #9279

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-23 22:05:21 +02:00
Roeland Jago Douma 3b34a77c58
Make the ShareAPIController strict
Fixes #9279

With types we can force php to not cast a full nummeric user to an int.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-23 20:31:57 +02:00
Julius Härtl eb19899f8e
Move common menu templates to public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 11:09:19 +02:00
Roeland Jago Douma d6cda3f2a6
When formatting a share node an Empty target is invalid
Fixes #9028

For federated shares the share table holds no target information (since
it is on the other server). So when a node is actually invalid and not
found we should not display it anymore in the shared with sections etc
and thus throw the proper exceptions.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-04-04 11:33:05 +02:00
Daniel Calviño Sánchez 2c073dc53d Set "share_with" field to the ID of the circle
When a share is shared with a circle the "share_with" field returned by
the API endpoint was always set to the name of the circle. However, the
name is not enough to identify a circle. The Circles app now provides
the ID of the circle in the "shared with" field of a Share, so this
commit modifies the API endpoint to set the "share_with" field to the ID
of the circle when provided by the Circles app.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-03-16 04:58:00 +01:00
John Molakvoæ (skjnldsv) 4c2aff0807
fixup! Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-03-01 13:12:24 +01:00
John Molakvoæ (skjnldsv) 8c69d783e0
Fixed tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:35:42 +01:00
John Molakvoæ (skjnldsv) a0641e43dc
fixup! Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:08:25 +01:00
John Molakvoæ (skjnldsv) fb890807c0
Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:05:55 +01:00
Morris Jobke 7bc3c2e057
Merge pull request #7363 from nextcloud/default-share-perms
Let the admin configure the default share permissions
2018-02-27 13:44:34 +01:00
Bjoern Schiessle ebb15283a6
share api: use default permission of no permission is given
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-02-27 12:29:25 +01:00
Julius Härtl 4a1cbefc90
Fix files_sharing tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 8a13851da8
Use PublicTemplateResponse for files_sharing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
Morris Jobke d3d045dd5c
Remove unused import statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-14 16:55:43 +01:00
Roeland Jago Douma 20844c828a
Show open graph preview in WhatsApp
Whatsapp is picky about the size of the open graph images.
So we do some special handling.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-12 10:42:18 +01:00
Morris Jobke eb51f06a3b
Use ::class statement instead of string
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-29 12:03:47 +01:00
Morris Jobke 6bbea33133
Simplify ternary operator statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 12:36:25 +01:00
Morris Jobke 0a56d2185e
Return value immediately instead of assigning to a one-time variable
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 00:02:03 +01:00
Morris Jobke 2a38605545
Properly log the full exception instead of only the message
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-23 10:57:21 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Roeland Jago Douma 2e443c97af
Use the new direct endpoint for the og:image
Some providers had issues when using the preview link (since it was
double encoded).

Now we actually serve the max size preview so it looks better

The image isn't cropped anymore so supporting platforms can just embed
the whole image.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-31 21:00:36 +01:00
Roeland Jago Douma 638be96232
Do not error when downloading from a numeric public subfolder
Fixes #6820

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-30 21:06:35 +01:00
Sascha Sambale 30460b52df
Updated OpenGraph title to display folder name instead of a nextcloud standard text
When sharing a folder via Facebook, WhatsApp or any other platform that makes use of OpenGraph, the display title was "Nextcloud - a safe home for all your data" and the description was the actual name of the folder. This should not be the case, so the display title has been changed to display the folder name and the description now displays the former OpenGraph title.

Signed-off-by: Sascha Sambale <mastixmc@gmail.com>

Fixing whitespaces and empty line.
2017-10-25 18:33:27 +02:00
blizzz 2d62f97f1b Merge pull request #6328 from nextcloud/split-sharees-api-logic
Splits off the logic from sharees endpoint thus making it available from within Nc/via PHP.
2017-10-04 15:43:44 +02:00
Arthur Schiwon c43685e6fc
shareeAPIController unit test clean up and last fixes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
Arthur Schiwon f2c8e1ed2f
remove unused method
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
Arthur Schiwon 38ff7eaece
adjust ShareeAPIController search test
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon c55583d1b4
allow more than one plugin per share type
however it does not dedupe (appears too complex/expensive while we don't
havve the issue currently)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon 4a96e22258
don't keep result types hard coded
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon ea3ac4e656
Splits off the logic from sharees endpoint thus making it available from
within Nc/via PHP.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:17 +02:00
Roeland Jago Douma 4077f684e1
Only have direct preview urls for image files
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 21:47:09 +02:00
Roeland Jago Douma c3491e3f14
Add annotation
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:50 +02:00
Roeland Jago Douma 894958e3e2
For images we have a preview for use the preview link
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:50 +02:00
Roeland Jago Douma 7d8c5f73f5
Add direct preview link to single shared image files
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:50 +02:00
blizzz 2060ff591b Merge pull request #6120 from nextcloud/public_upload_share_api_fix
Public upload share permission handling
2017-09-04 12:43:02 +02:00
Roeland Jago Douma eea7de4c9f
Correctly format OCS response with favorites
The helper funtion did not handle the response correctly and basically
only returned the last share with tags.

This is a simple rewrite. That is still understandable. Loops maybe more
than strictly required. But preformance is not the issue here.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 12:03:13 +02:00
Roeland Jago Douma 82791b7b06
Public upload share permission handling
If you set the permissions on a public share the SHARE permission makes
no sense. So instead of throwing a warning. Just filter out the share
permission.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-16 21:17:26 +02:00
Morris Jobke 4c558c99f3 Merge pull request #6130 from nextcloud/cleanup-unused-methods
Cleanup unused methods
2017-08-16 08:55:06 +02:00
Morris Jobke a55e794bfd Cleanup unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 14:29:26 +02:00
Joas Schilling 2e73112256 Catch exceptions on error of cloud id resolution
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-14 22:20:57 +02:00
Roeland Jago Douma 685f272212
Add unit tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-10 16:25:58 +02:00
Roeland Jago Douma c9d2e31d52
Remove old code + add Middleware
* Add proper middleware for shareinfo
* Remove old shareinfo routes

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-10 13:49:09 +02:00
Roeland Jago Douma 8a539ec0f6
Move shareinfo over to proper controller
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-10 13:49:06 +02:00
Joas Schilling 80febeae21 Fix comparisons in the sharing app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Bjoern Schiessle e78040d250
improved error handling
check if table was updated successfully and only then send a notification
mail and return "true".

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-21 12:07:32 +02:00
Lukas Reschke d8ec399454
Run phan over code base
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:11 +02:00
Stephan Müller 7cf3dc4e29 do not show hyphen in og:title if slogan does not exist 2017-07-14 15:26:44 +02:00
Maxence Lange 6e7be6acfd upstream
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-07-11 13:21:24 +02:00
Joas Schilling 4f98852f52
Make sure to only add system users once
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-14 15:07:21 +02:00
Joas Schilling ae693129db
Allow to find local users by their email address
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-13 18:07:47 +02:00
Morris Jobke 23cc309606
Handle more error cases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 13:43:48 +02:00
Bjoern Schiessle 9a366dbe2e
add missing translation and other small fixes
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Bjoern Schiessle 866e5d6d05
use configured lookup server
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Lukas Reschke 727688ebd9
Adjust existing bruteforce protection code
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Michael Jobst 81b1dc4930
share api expanded by tags (#26583)
* share api expanded by tags

* Modified files_sharing JS Unit tests

* modified tests. renamed request parameter. refactoring

* Update Share20OCS.php

Added missing function description

* Update Helper.php

Added missing function description

* Update Helper.php

implicit boolean conversion to !empty()

* Update Share20OCSTest.php

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 11:54:13 -05:00
Morris Jobke 5b4adf66e5
Move OC_Defaults to OCP\Defaults
* currently there are two ways to access default values:
  OCP\Defaults or OC_Defaults (which is extended by
  OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
  it hard to work on theme values
* this extended the public interface with the missing
  methods and uses them everywhere to only rely on the
  public interface

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
Bjoern Schiessle 3323d01db1
update unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
Bjoern Schiessle b84fd7c361
set expire date for all share types
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle c191173d59
allow password protected mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle 0d5147bd49
add new password column to the share table in order to set passwords for share by mails
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
Lukas Reschke 5c7ad6d3ec
Merge some CSS files using our SCSS compiler
This saves around 4 requests on the average page load.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-21 16:35:31 +01:00
Joas Schilling 35f6b8716e Merge pull request #3884 from nextcloud/downstream-26956
Skip null groups in group manager
2017-03-20 12:27:38 +01:00
Maxence Lange 69694012ab shares-circles
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
Vincent Petry 377fdf3860
Skip null groups in group manager (#26871) (#26956)
* Skip null groups in group manager (#26871)

* Skip null groups in group manager

* Also skip null groups in group manager's search function

* Add more group null checks in sharing code

* Add unit tests for null group safety in group manager

* Add unit tests for sharing code null group checks

* Added tests for null groups handling in sharing code

* Ignore moveShare optional repair in mount provider

In some cases, data is inconsistent in the oc_share table due to legacy
data. The mount provider might attempt to make it consistent but if the
target group does not exist any more it cannot work. In such case we
simply ignore the exception as it is not critical. Keeping the
exception would break user accounts as they would be unable to use
their filesystem.

* Adjust null group handing + tests

* Fix new group manager tests

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:07:03 -06:00
Bjoern Schiessle fe46c6f743
use (int) instead of intval for performance reasons
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-02-22 15:14:36 +01:00
Morris Jobke 02ea84f50f
properly include class
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:24:40 -06:00
Morris Jobke 8e3d0fecd2
Use intval() for validation of config options
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:22:06 -06:00
Bjoern Schiessle 869ea38ffe
allow to configure a min-length of search strings for auto-compeltion and a max number for of results returned
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-02-21 18:31:20 +01:00
Robin Appelman fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
Bjoern Schiessle ed55b87b65
add brute force protection for public link authentication
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-25 18:17:08 +01:00
Bjoern Schiessle 92d7dd4781
allow editing single files shared as public link
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-24 13:41:27 +01:00
Vincent Petry 14256d631c
Use group display name in sharing API + UI 2016-12-22 18:35:32 +01:00
Maxence Lange 43374292b1 update phpdoc
Signed-off-by: Maxence Lange <maxence@pontapreta.net>
2016-12-12 16:15:13 -01:00
Maxence Lange 9ef8d25e46 Download a file in a subfolder in a sharedlink is not working
the $node created using the path (GET) parameter is not used when executing fileListDownloaded()
2016-12-11 18:32:28 -01:00
Lukas Reschke 9def8225c0
Fix image_src link
The link in the image_src link (used for previews on Social Media such as Facebook) was still using the old route. This changes it to use the new route.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-28 16:20:57 +01:00
Roeland Jago Douma 08ef7356f6 Merge pull request #2165 from nextcloud/sharing-activities-update
Move file sharing activities to the new API
2016-11-22 10:19:15 +01:00
Lukas Reschke 7b3855a375
Add config switch
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:02 +01:00
Roeland Jago Douma 15c075eba8
Fix lookup url
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:30:01 +01:00
Roeland Jago Douma f7f70028d1
Search on lookup server
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:30:00 +01:00
Joas Schilling bdaf334c53
Move file sharing activities to the new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 16:45:08 +01:00
Roeland Jago Douma 965981486f
Fixes not allowed increasing of link share permissions
Fixes the following:

1. user0 shares folder with user1 (RO but with sharing permissions)
2. user1 shares by link
3. user1 send 'publicUpload=true' OCS request to the link share

before this increased the permissions of the link share. Which should
not happen.

now: API reponds with an error that the permissions can't be increased.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-13 20:29:34 +01:00
Joas Schilling cbc6118f51
Only check the sharing backends for file/folder items
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-10 16:46:01 +01:00
Bjoern Schiessle 087dab85b4
add activity for share by mail
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
Roeland Jago Douma 55af6b45f7
More tests
* PreviewController test
* PublicPreview test
* Versions Preview test
* Trash Preview test

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
Roeland Jago Douma 3822bceea2
Move publicpreview over
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
Vincent Petry 7e701504be
Remove upload_limit in files app as it is not needed with PUT upload (#26069)
The web UI now uses for PUT uploads which aren't restricted by PHP's
upload_max_filesize and post_max_size

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 20:43:35 +01:00
Morris Jobke ffebc050d0 Merge pull request #1887 from nextcloud/downstream-26370
Added functions to check etag of elements - integration tests
2016-11-02 14:57:45 +01:00
Roeland Jago Douma e5bc45c349
Fix OCS API to be able to remove group shares from self as recipient
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-02 08:49:58 +01:00
Bjoern Schiessle 6e52091c8e
remove unused variable
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 20:11:30 +01:00
Bjoern Schiessle 6d7520b1e2
unit tests updated and new added
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
Bjoern Schiessle 561dd80d57
don't show 'notify by mail' option or permissions not available for mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
Bjoern Schiessle 7436e45c91
if we have a exact match, either for the federated cloud id or for the
email address we only return the exact match. It is highly unlikely
that the exact same email address and federated cloud id exists

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
Bjoern Schiessle 392c8a115f
unified way to display remote shares and mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
Bjoern Schiessle 8c8a019b7e
show correct display name if we have the user in one of our address books
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00