Commit Graph

494 Commits

Author SHA1 Message Date
Thomas Müller cd850dc325 Merge pull request #23568 from owncloud/finally-fix-23328-now-for-addressbooks-as-well
Handle group shares of addressbooks on v1 as well ... now FINALLY ....
2016-03-29 18:41:40 +02:00
Achim Königs 596a8416c2 Merge branch 'master' into alarms_for_birthdayevents 2016-03-26 14:27:38 +01:00
Thomas Müller ab0db65b23 Merge pull request #23549 from owncloud/dav-sharetypes-remote
Return remote shares in oc:share-types Webdav property
2016-03-24 22:44:19 +01:00
Lukas Reschke 95820fbd5b Add magical regex to catch browsers 2016-03-24 19:02:16 +01:00
Thomas Müller c46f480031 In case of exception we return an html page in case the client is a browser 2016-03-24 19:02:16 +01:00
Thomas Müller 89cd6e228d Handle group shares of addressbooks on v1 as well ... now FINALLY .... 2016-03-24 17:11:07 +01:00
Thomas Müller 3d51682440 Merge pull request #23342 from owncloud/fix-group-sharing-for-v1-caldav-and-carddav
Fix group shares on v1 caldav and carddav
2016-03-24 12:47:18 +01:00
Vincent Petry 9ee1f506f2 Return remote shares in oc:share-types Webdav property
Fixes web UI to properly display the share status icon when an outgoing
remote share exists
2016-03-24 12:16:57 +01:00
Thomas Müller 06e8c70400 Fix acls for calendar objects and cards - fixes #23273 2016-03-24 09:53:36 +01:00
Thomas Müller 8c2b19d2bc Return proper current-user-principal on v1 endpoints - fixes #23306 2016-03-24 09:53:36 +01:00
Thomas Müller 4c738ea9c4 Fix group shares on v1 caldav and carddav - fixes #23328 2016-03-24 09:53:36 +01:00
Lukas Reschke cc8c0b6a90 Check if request is sent from official ownCloud client
There are authentication backends such as Shibboleth that do send no Basic Auth credentials for DAV requests. This means that the ownCloud DAV backend would consider these requests coming from an untrusted source and require higher levels of security checks. (e.g. a CSRF check)

While an elegant solution would rely on authenticating via token (so that one can properly ensure that the request came indeed from a trusted client) this is a okay'ish workaround for this problem until we have something more reliable in the authentication code.
2016-03-24 08:59:56 +01:00
Achim Königs 4b2f9e4027 add VALARM for birthday events
ACTION=DISPLAY *should* prevents audible alarms.
2016-03-23 23:21:10 +01:00
Thomas Müller 765cff49fa Merge pull request #23507 from owncloud/fix-23496-master
Avoid fatal php error dring cron execution
2016-03-23 17:21:49 +01:00
Thomas Müller c8d6a9594a Propagate birthday to group shares as well 2016-03-23 14:12:50 +01:00
Thomas Müller e979b9c735 Propagate birthdays of shared addressbooks to the sharee's birthday calendar as well 2016-03-23 12:29:45 +01:00
Thomas Müller 1da18a8ceb Text columns should really have a length 🙈 2016-03-23 12:03:54 +01:00
Thomas Müller 765c64c73e fixes #23496 2016-03-23 11:37:00 +01:00
Thomas Müller 24331be991 Merge pull request #23431 from owncloud/use-dav-sabre-plugin-for-browser-2
Fix display of vcard and calendar object details page in browser plugin
2016-03-23 11:03:55 +01:00
Thomas Müller 164282c72e Fix display of vcard and calendar object details page in browser plugin 2016-03-23 10:35:21 +01:00
Thomas Müller 48ec8ab3d3 Merge pull request #23404 from owncloud/fix-22988
adjust PrincipalUri as returned from Sabre to effective username
2016-03-22 14:49:54 +01:00
Thomas Müller 9fc371e436 Merge pull request #23320 from owncloud/early-creation-of-birthday-calendar
Create the contact birthday calendar right away as soon as the comman…
2016-03-22 10:31:01 +01:00
Arthur Schiwon be572de7f0 fix unittest 2016-03-21 21:53:16 +01:00
Thomas Müller beef371398 Merge pull request #23292 from owncloud/dav-chunking-onlyfirehooksonce
Do not fire pre/post hooks twice on chunk upload
2016-03-21 18:02:30 +01:00
Thomas Müller 492a1ded1c Merge pull request #23083 from owncloud/generate-birthdays-on-upgrade
Birthday events are generated on upgrade
2016-03-21 17:48:02 +01:00
Vincent Petry f28f538029 Do not fire pre/post hooks twice on chunk upload 2016-03-21 15:14:58 +01:00
Thomas Müller 8852fdaee3 Merge pull request #22789 from owncloud/dav-sharesproperty
Add webdav property for share info in PROPFIND response
2016-03-21 11:15:00 +01:00
Thomas Müller e983bd7db0 Merge pull request #23368 from owncloud/use-dav-sabre-plugin-for-browser
In debugging mode we enable Sabre's browser plugin since it helps a l…
2016-03-21 10:13:27 +01:00
Arthur Schiwon 117c1bffa7 adjust PrincipilUri as returned from Sabre to effective username 2016-03-18 23:31:11 +01:00
Roeland Jago Douma 6e6e002280 Remove duplicated copyright 2016-03-17 19:24:25 +01:00
Thomas Müller 520724d757 Necessary code changes to make browser plugin properly work 2016-03-17 18:00:06 +01:00
Thomas Müller 7d638fdb34 In debugging mode we enable Sabre's browser plugin since it helps a lot when debugging 2016-03-17 16:51:19 +01:00
Vincent Petry f778e48ee5 Add webdav property for share info in PROPFIND response 2016-03-17 15:35:21 +01:00
Roeland Jago Douma 533fdb4075 Set proper public webdav permissions when public upload disabled
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
2016-03-17 11:35:31 +01:00
Thomas Müller fdb7c59e6c Create the contact birthday calendar right away as soon as the command is executed once - fixes #23203 2016-03-16 17:23:02 +01:00
Thomas Müller d188ed938c Merge pull request #23082 from owncloud/contacts_calendar_name_color
add title and color to birthday calendar
2016-03-16 17:17:21 +01:00
Lukas Reschke 7183854509 Close session for publicwebdav
We need to close the session otherwise streaming will lead to a blocked ownCloud.
2016-03-15 16:08:55 +01:00
Thomas Müller e9eeb3607f Merge pull request #23074 from owncloud/issue-22835-correctly-use-querybuilder-api
Correctly escape join statements and use selectAlias
2016-03-15 12:14:17 +01:00
Thomas Müller 750ec93394 Merge pull request #23080 from owncloud/use-non-localized-birthday-title
Use a birthday title which does not require translation because we ha…
2016-03-11 11:49:13 +01:00
Thomas Müller 07a1313114 Merge pull request #23119 from owncloud/fix-getOwner-on-fileshome-master
getOwner is not available on FileHome
2016-03-10 23:12:51 +01:00
Thomas Müller e0210058ef Merge pull request #23094 from owncloud/fake-lock-for-windows-7-8-10
Fake LOCK statement for Windows 7, 8 and 10 network mounts
2016-03-10 23:07:45 +01:00
Georg Ehrke 856ca641d1 add title and color to birthday calendar 2016-03-10 21:02:54 +01:00
Thomas Müller b7adf371c6 getOwner is not available on FileHome - fixes #23116 2016-03-10 20:53:56 +01:00
Thomas Müller 7f16aaefc8 Merge pull request #23048 from owncloud/no-fatal-error-if-DSTART-is-not-set
No fatal error if dstart is not set
2016-03-10 17:58:01 +01:00
Thomas Müller ad61c552ea Merge pull request #23087 from owncloud/allow-migrating-all-calendars
Allow to migrate calendars of all users
2016-03-10 17:44:23 +01:00
Morris Jobke 48e03e0c49 Fake LOCK statement for Windows 7, 8 and 10 network mounts
* fixes #22596
2016-03-10 15:02:37 +01:00
Thomas Müller 5fc859f7ea Generate birthdays on upgrade from 8.2 as well 2016-03-10 14:17:21 +01:00
Joas Schilling 94915e39db Allow to migrate calendars of all users 2016-03-10 13:42:09 +01:00
Thomas Müller b021c8c475 Birthday events are generated on upgrade 2016-03-10 13:04:50 +01:00
Thomas Müller 85521879cd The birthday_calendar is read-only 2016-03-10 12:50:07 +01:00
Thomas Müller fe7103506b Use a birthday title which does not require translation because we have no idea about the target device language and forcing English upon all users is kind of bad 2016-03-10 12:41:37 +01:00
Joas Schilling 6b4117df34 Correctly escape join statements and use selectAlias 2016-03-10 10:24:08 +01:00
Thomas Müller 6133253a2c fixes #23004 2016-03-10 09:20:53 +01:00
Thomas Müller bc434b252c fixes #23020 2016-03-09 18:12:39 +01:00
Joas Schilling 8c4af74ce7 Fix syncing of all birthday calendars in one go 2016-03-09 16:14:33 +01:00
Thomas Müller 20db92c71a Fix group sharing and sharing permissions - fixes #22932 2016-03-08 11:22:07 +01:00
Thomas Müller deca1979aa Calendar and addressbook migration commands are always available 2016-03-07 15:04:19 +01:00
Thomas Müller 3b25ccef65 Handle addressbook migration issue by writing the faulty event to the log and continue 2016-03-07 15:04:19 +01:00
Thomas Müller d32b35fc7f Handle calendar migration issue by writing the faulty event to the log and continue 2016-03-07 15:04:19 +01:00
Thomas Müller bd4b61f52b Merge pull request #22896 from owncloud/fix-v1-carddav-endpoint
Correctly default to null and add type hint
2016-03-07 13:50:53 +01:00
Thomas Müller 296a46cc38 Merge pull request #22244 from owncloud/dont-update-shared-resource-properties
For 9.0 we don't have the possibility to store calendar and addressbo…
2016-03-07 12:42:52 +01:00
Joas Schilling c99ae62c33 Correctly default to null and add type hint 2016-03-07 10:48:16 +01:00
Lukas Reschke b302ec8381 Use CLOB for timezone
TEXT defaults to a length of 255 which is going to fail in some cases as the timezone can be rather long.

This changes it back to a CLOB as it has been before as well: 8d8bb68b01. I'm not super convinced that CLOB is the best choice here but at least it seems to work.

Fixes https://github.com/owncloud/core/issues/22876
2016-03-04 21:59:08 +01:00
Roeland Jago Douma 3bdafc2122 Rename and move permissions are set when a file is updatable
* Fix unit tests
2016-03-03 20:03:06 +01:00
Joas Schilling 8885cb1eb9 Increase all versions on master which is now 9.1 2016-03-02 08:53:42 +01:00
C. Montero Luque 4d69e562a0 Merge pull request #22757 from owncloud/apply-license
Update copyright information and author file
2016-03-01 15:36:37 -05:00
Lukas Reschke c353d51810 Remove Scrutinizer Auto Fixer 2016-03-01 17:48:23 +01:00
Lukas Reschke c430f5ba53 Map Maci 2016-03-01 17:45:05 +01:00
Lukas Reschke 933f60e314 Update author information
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Robin Appelman 37f1206818 allow putting the part file in the view root 2016-03-01 15:21:24 +01:00
Thomas Müller 900dcf6594 Merge pull request #22699 from owncloud/checksum_int_test
Checksum intergration tests and fixes
2016-03-01 14:47:09 +01:00
Thomas Müller a83af96dd3 Merge pull request #22686 from owncloud/cleanup_remote_address_books
remove remote address book if access was revoked
2016-03-01 14:46:51 +01:00
Vincent Petry 57babe032b Save some calls to refreshInfo during upload 2016-03-01 11:44:49 +01:00
Roeland Jago Douma ac392457f2 Fix unit tests 2016-03-01 11:37:16 +01:00
Roeland Jago Douma ec140fa2ec Checksums on chunked files
We should also store checksums on chunked files.
We do not checksum individual chunks but only the final file.
2016-03-01 11:37:16 +01:00
Roeland Jago Douma 3e88a5067f Remove checksum on upload of non checksumed file
When we overwrite a checksumed file with a file without a checksum we
should remove the checksum from the server.

This is done by setting the column to empty.
2016-03-01 11:37:16 +01:00
Thomas Müller a66899c528 Handle null case 2016-03-01 10:41:05 +01:00
Thomas Müller 25a4571dcd Merge pull request #22731 from owncloud/hide-nodes-from-listening
Hides nodes from listing that the user has no access to
2016-03-01 09:22:08 +01:00
Thomas Müller fd4742d430 Merge pull request #22613 from owncloud/quota-changedavreturnvaluewhennoquotaset
Don't return quota when none set
2016-03-01 08:30:58 +01:00
Lukas Reschke d04edfaf0d Hides nodes from listing that the user has no access to 2016-02-29 20:53:38 +01:00
Joas Schilling 7a46b30c94 Allow to change properties of readonly calendars 2016-02-29 17:17:57 +01:00
Bjoern Schiessle 87e47afed8 remove synced remote address book if the remote server revoked access to his system address book 2016-02-29 16:50:34 +01:00
Bjoern Schiessle 7189c72c33 remove remote address book if the admin removes the server from the trusted servers list 2016-02-29 16:50:33 +01:00
Joas Schilling 6f22784d3d Allow to hide a shared calendar 2016-02-29 16:49:55 +01:00
Thomas Müller 95e218b00c For 9.0 we don't have the possibility to store calendar and addressbook properties on a per-user basis and therefore we simple don't allow this for now 2016-02-29 16:49:55 +01:00
Vincent Petry 11215f4e27 Return -3 for unlimited quota
Returns -3 for unlimited quota in Webdav response.
Also adjusted personal page to show unlimited quota when set.
2016-02-29 14:36:20 +01:00
Joas Schilling 2a0cda74d4 Use IQueryBuilder::PARAM_* instead of \PDO::PARAM_* 2016-02-29 09:44:40 +01:00
Thomas Müller 473cd97a45 Merge pull request #22592 from owncloud/fix-response-header
Add header for attachment disposition only once
2016-02-24 12:15:32 +01:00
Thomas Müller 9a0950f10b Merge pull request #22569 from owncloud/issue-22566-too-much-mapping-entries
Allow defining a limit and offset for getObjectIdsForTags
2016-02-23 15:02:08 +01:00
Morris Jobke 403f11633c Drop unneeded use statements 2016-02-23 14:53:12 +01:00
Lukas Reschke fc2c5fe414 Add header for attachment disposition only once
Recent refactorings have resulted in the header being added twice, this makes browsers ignore the header which removes any security gains.

This changeset adds the header only once and adds integration tests ensuring the correct header in future.

https://github.com/owncloud/core/issues/22577
2016-02-23 12:23:41 +01:00
Joas Schilling 3a65bdf4d5 Fix dav unit tests 2016-02-23 09:04:15 +01:00
Thomas Müller 4dfdb2720c Case insensitive search in contacts - fixes #22575 2016-02-22 19:47:10 +01:00
Joas Schilling a0d0edc754 Make non-public-method protected 2016-02-22 15:26:59 +01:00
Thomas Müller f3b13c7656 Merge pull request #22536 from owncloud/add-integration-tests-for-tags
Add integration tests for tags plus fix permissions
2016-02-22 14:14:51 +01:00
Pierre Jochem 1a8a667863 Solution for Proposal #19974
Show username when writing into owncloud.log
2016-02-22 10:02:45 +01:00
Lukas Reschke 3bd95cca6b Check if user has permission to create such a tag
Fixes https://github.com/owncloud/core/issues/22512
2016-02-19 20:45:20 +01:00
Thomas Müller 5b3a79a28b Merge pull request #22509 from owncloud/add-filesplugin-to-new-webdav-endpoint
Add FilesPlugin
2016-02-19 14:44:02 +01:00
Thomas Müller 66f0ba837f Merge pull request #22348 from owncloud/issue-21812-calendar-old-caldav-url
Fix old calendar dav urls
2016-02-19 13:33:16 +01:00
Thomas Müller e987d8cd47 Add FilesPlugin - fixes #22507 2016-02-19 12:37:24 +01:00
Thomas Müller 1106c354ac Merge pull request #22515 from owncloud/webdav_checksum_only_for_files
Only add checksum headers for 'real' files
2016-02-19 12:36:56 +01:00
Joas Schilling b216be8cca Add correct principals for the current user before ACL check 2016-02-19 12:35:33 +01:00
Joas Schilling 4e2f9ce05b Convert the old principal to the new principal before getting calendars 2016-02-19 12:35:33 +01:00
Thomas Müller ffc2950393 Merge pull request #22198 from owncloud/birthday-calendar
Sync a users contacts birthday to the users birthday calendar
2016-02-19 12:33:19 +01:00
Roeland Jago Douma 751d3df469 Only add checksum headers for files
We can only add the checksum header for real ownCloud files (so we have
a fileinfo object etc).
2016-02-19 10:56:43 +01:00
Thomas Müller f6e61a296f Merge pull request #22424 from owncloud/add-generic-csrf-protection-to-webdav
Require CSRF token for non WebDAV authenticated requests
2016-02-19 09:13:00 +01:00
Thomas Müller d8de7d1e73 Adding cli command to sync birthday calendar 2016-02-18 14:49:45 +01:00
Thomas Müller 981c73000c Prevent deletion of birthday calendar 2016-02-18 11:49:16 +01:00
Thomas Müller c9187cc820 Sync a users contacts birthday to the users birthday calendar 2016-02-18 11:48:34 +01:00
Lukas Reschke 9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Vincent Petry 53eff9792f Check the quota on the actual file's storage in dav quota plugin
Fix quota plugin to use the correct file name when chunking

When chunking, the file name is the compound name, so need to convert it
to the correct final file name before doing the free space check.
This ensures that in the case of shared files, the correct storage is
used for the quota check.
2016-02-17 11:52:49 +01:00
Thomas Müller 1cb3583a9a Merge pull request #22398 from owncloud/fix-card-properties
Queries on the cards table by uri require the addressbook as well
2016-02-16 10:19:51 +01:00
Thomas Müller f850871415 Merge pull request #22385 from owncloud/issue-22384-invalid-content-location-on-commenting
Posting a comment replies with invalid location URL
2016-02-16 08:30:11 +01:00
Thomas Müller 722809c2bd On login we create a default calendar and a default addressbook for the user - fixes #22360 2016-02-15 14:41:54 +01:00
Thomas Müller df7280a3c7 Queries on the cards table by uri require the addressbook as well - fixes #22284 2016-02-15 14:29:24 +01:00
Joas Schilling cb836158f0 Deduplicate slashes 2016-02-15 10:54:56 +01:00
Thomas Müller 248c571c56 Merge pull request #22331 from owncloud/dav-nonexisting-part
fix getNodeForPath for non existing part files
2016-02-13 18:24:00 +01:00
Thomas Müller b3323a51c9 Merge pull request #22294 from owncloud/carddav-report-list-groups-2
Adding a custom webdav property which holds the list of contacts groups
2016-02-12 13:22:05 +01:00
Robin Appelman c3e4ced64a fix getNodeForPath for non existing part files 2016-02-11 17:22:40 +01:00
Thomas Müller 26939a2873 Merge pull request #22290 from owncloud/dav-upload-scan-in-lock
scan the file in the write lock when uploading over dav
2016-02-11 14:02:08 +01:00
Thomas Müller c919b41395 Adding a custom webdav property which holds the list of contacts groups 2016-02-10 17:06:13 +01:00
Robin Appelman bef70e9448 also fix lock order for chunked dav uploads 2016-02-10 16:31:32 +01:00
Robin Appelman 65554ec333 scan the file in the write lock when uploading over dav 2016-02-10 16:21:13 +01:00
Thomas Müller 159a0eb597 Merge pull request #20073 from owncloud/files-should-add-download-disposition
Serve files with an attachment disposition for new DAV endpoint
2016-02-10 14:35:50 +01:00
Thomas Müller c1d21cf873 Merge pull request #22263 from owncloud/fix-group-principals
Fix group principal
2016-02-10 14:22:18 +01:00
Thomas Müller 2e94d34dfd Fix group principal 2016-02-10 10:43:32 +01:00
C. Montero Luque f64dbc67c6 Merge pull request #20928 from owncloud/publicdav-check-permissions
Check that the owner of a link share still has share permissions on access
2016-02-09 22:01:08 +01:00
Thomas Müller 2982017682 Merge pull request #22228 from owncloud/comments-limit-message
Limit comment message to 1k chars
2016-02-09 16:35:23 +01:00
Thomas Müller 4659bf9b4a Merge pull request #22234 from owncloud/systemtags-filter-intersect-empty
Fix system tag filter AND condition
2016-02-09 15:34:06 +01:00
Robin Appelman fd9166488b Check that the owner of a link share still has share permissions on access 2016-02-09 15:02:34 +01:00
Arthur Schiwon bbc86e0756 on DAV throw Bad Request if provided message is too long 2016-02-09 13:59:13 +01:00
Joas Schilling e8d9c288bc Stop when a mid result is empty 2016-02-09 12:07:30 +01:00
Joas Schilling 178914104c Add a test for empty mid-result 2016-02-09 12:07:17 +01:00
Vincent Petry 3028684d89 Fix system tag filter AND condition
If one of the results is empty, no need to do array_intersect and return
an empty result directly.
2016-02-09 11:39:22 +01:00
Thomas Müller bf3a843e89 Migration of calendars 2016-02-09 11:20:31 +01:00
Thomas Müller 98497aa423 Merge pull request #22199 from owncloud/multiple_checksums
Make checksum propfind future proof
2016-02-09 09:10:32 +01:00
Vincent Petry 2f1a60a64d Add REPORT on files endpoint for filtering
For now only supports filtering by system tags
2016-02-08 21:04:53 +01:00
Thomas Müller 703f3551dc Only set the header if the node exists and in case the request is a GET 2016-02-08 17:49:25 +01:00
Lukas Reschke 2cad9d2b8c Serve files with an attachment disposition for new DAV endpoint
This adds a `Content-Disposition: attachment` header to all files served via the DAV endpoint.
2016-02-08 17:08:34 +01:00
Thomas Müller 33eed35ae4 Merge pull request #21817 from owncloud/support-old-carddav-endpoint
Adding pre oc 9.0 CardDAV endpoint for migration of old clients
2016-02-08 15:46:38 +01:00
Roeland Jago Douma 5486a2b149 For possible future usage allow multiple checksums
Instead of returning

<oc:checksum>TYPE:CHECKSUM</oc:checksum>

Return

<oc:checksums>
  <oc:checksum>TYPE:CHECKSUM</oc:checksum>
</oc:checksums>

This will allow us to expand in the future to multiple checksums.
Without doing just string concatenation.

And even for a single checksum it is now correct.
2016-02-08 11:55:07 +01:00
Lukas Reschke 7199ea2f5e Fix PHPDoc 2016-02-08 11:36:58 +01:00
Thomas Müller c1ae8b0d81 Adding common name to sharee 2016-02-08 11:36:57 +01:00
Thomas Müller 5b86148d3a Original resources should not be overwritten by shared resources 2016-02-08 11:36:57 +01:00
Thomas Müller 6a550d44e9 Fix path 2016-02-08 10:52:30 +01:00
Thomas Müller 0c9a469f74 Adding pre oc 9.0 CalDAV endpoint for migration of old clients 2016-02-08 10:52:30 +01:00
Thomas Müller a67f7ad1f3 Remove calendar-proxy support - did this ever work? 2016-02-08 10:52:30 +01:00
Thomas Müller cca2ade199 Adding pre oc 9.0 CardDAV endpoint for migration of old clients 2016-02-08 10:52:30 +01:00
Vincent Petry d2a495f190 Mark own comments as read after posting 2016-02-05 16:30:37 +01:00
Arthur Schiwon a480b2261b Check for authorship on edit and delete attempts 2016-02-04 12:57:48 +01:00