Commit Graph

863 Commits

Author SHA1 Message Date
Christoph Seitz 787e3d51b4
Fix functions to search for principals in the backend.
Add a "searchPrincipals" function to the NC principal backend.
Fix the "findByUri" function to respect the prefixPath.

Signed-off-by: Christoph Seitz <christoph.seitz@posteo.de>
2017-12-11 16:04:55 +01:00
blizzz 80b27fdb93
Merge pull request #7342 from nextcloud/fix_carddav_converter
CardDAV convertor check should not be to wide
2017-12-11 16:03:07 +01:00
Morris Jobke 5b20600da9
Merge pull request #7313 from nextcloud/ensure-that-x-oc-mtime-header-is-an-integer-with-chunked-uploads
Ensure that X-OC-MTime header is an integer with chunked uploads
2017-12-11 15:07:05 +01:00
Roeland Jago Douma 40633c5e54
CardDAV convertor check should not be to wide
Case: email is set to null, but the avatar is set. In the old case the
email would set $emptyValue but $noImage would still be false. This we
would set the empty string as email.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-11 11:58:02 +01:00
Lukas Reschke de8fefeb18
Merge pull request #7395 from nextcloud/remove-unused
Remove unused variables
2017-12-06 13:09:01 +01:00
Morris Jobke a73f86912f
Remove unused variables
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-05 09:58:15 +01:00
Roeland Jago Douma d2fe30d464
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-04 15:23:20 +01:00
Roeland Jago Douma c8a29ec942
A failed storage is a not available storage
We have to double check. Since getting the info of the root returns a
generic entry. But actually the stroage is not available. Else we get
very weird sync and web behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-04 15:23:11 +01:00
Morris Jobke f22e02cd79
Refactor method to check if update is needed
There was only one call, that actually needed the parameter to be set to true. So this change moved the print of the page to that location and replaces all other occurences with a direct call to the underlying OCP API.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-30 16:04:07 +01:00
Daniel Calviño Sánchez 2a7b1bae10 Reject X-OC-MTime header if given as a string with hexadecimal notation
In PHP 7.X hexadecimal notation support was removed from "is_numeric",
so "sanitizeMtime" directly rejected those values; in PHP 5.X, on the
other hand, "sanitizeMtime" returned 0 when a string with hexadecimal
notation was given (as it was the behaviour of "intval"). To provide a
consistent behaviour between PHP versions, and given that it does not
make much sense to send X-OC-MTime in hexadecimal notation, now
X-OC-MTime is always rejected if given as a string with hexadecimal
notation.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-28 01:08:52 +01:00
Thomas Müller ffe034abb0 Don't use runInSeparateProcess
Directly calling "header" in the PHPUnit process causes the "Cannot
modify header information - headers already sent by" error to be thrown.
Instead of running the test in a separate process, which is slower, this
commit wraps the call to "header" in a method that can be mocked in the
tests.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:39:45 +01:00
Daniel Calviño Sánchez 2af3d8a9b2 Make possible to provide a specific HTTP request object to File
This will be used in a following commit to test how the X-OC-MTime
header is handled.

This commit is based on the "make File::put() more testable" commit
(included in 018d45cad97e0) from ownCloud by Artur Neumann.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:39:41 +01:00
Daniel Calviño Sánchez 01e346b2ae Ensure that X-OC-MTime header is an integer also with chunked uploads
This commit extends the changes introduced in pull request #3793 also to
chunked uploads.

The "sanitizeMTime" method name is the same used in the equivalent pull
request to this one from ownCloud (28066).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:37:51 +01:00
Morris Jobke 3f7267e0e9
Merge pull request #6901 from nextcloud/bugfix/4014/catch_parsing_error
catch errors when parsing calendar data for calendar query requests
2017-11-27 17:50:37 +01:00
Morris Jobke 573551253e
Merge pull request #7308 from nextcloud/do-not-log-InvalidSyncToken
Log InvalidSyncToken on DAV in debug level
2017-11-27 17:27:41 +01:00
Georg Ehrke ea117bac31
catch errors when parsing calendar data for calendar query requests
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-27 17:14:18 +01:00
Morris Jobke 88905c6293
Log InvalidSyncToken on DAV in debug level
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 16:37:11 +01:00
Morris Jobke 26a5fff423
Log NotImplementedException on DAV in debug level
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 16:17:01 +01:00
Björn Schießle f347e2e4a6
Merge pull request #7047 from nextcloud/add-support-for-files-with-no-permissions
Add support for files with no permissions
2017-11-20 16:15:52 +01:00
Morris Jobke eeb0cfdaf5
Merge pull request #7152 from nextcloud/bugfix/noid/adjust_calendarobject_size_after_applying_class
remove cached size from shared calendar objects
2017-11-17 08:28:34 +01:00
Morris Jobke 20868e17e8
Merge pull request #7193 from nextcloud/bugfix/noid/invitation-email-refinements
refine invitation email
2017-11-16 21:11:44 +01:00
Morris Jobke f32fbbca2e
Merge pull request #6840 from nextcloud/feature/5282/calendar_api
Calendar API for apps
2017-11-16 21:10:35 +01:00
Georg Ehrke b073b13d9f
refine invitation email
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-16 13:54:19 +01:00
Georg Ehrke 072652b2af
show name of organizer in from name of invitation email
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-14 21:23:27 +01:00
Georg Ehrke 19b77039d7
remove cached size from shared calendar objects
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-12 17:30:22 +01:00
Georg Ehrke 2b51d84b98
generate birthday calendars in a background job after admin enabled them
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 16:17:18 +01:00
Georg Ehrke a87d986041
create a user's birthday calendar right after they requested it
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 11:28:34 +01:00
Georg Ehrke ef6f41a16c
respect admin / user choice about birthday calendars in corresponding hooks
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 02:15:57 +01:00
Georg Ehrke d59b3392ab
disallow users to create calendars with reserved names
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 02:15:56 +01:00
Georg Ehrke 1c106a66b1
adapt occ 'dav:sync-birthday-calendar command
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 02:15:56 +01:00
Georg Ehrke 5068d56fb0
add CalDAV interface that allows users to re-enable their birthday calendar
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-11 02:15:50 +01:00
Georg Ehrke dc34622008
remember when a user deleted their contact birthdays calendar
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-10 23:05:04 +01:00
Georg Ehrke 8b22bfea4f
Add admin checkbox to disable birthday calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-09 17:12:06 +01:00
Georg Ehrke 7784672cc0
add option to filter CalendarAPI by componenttype
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-09 15:14:58 +01:00
Georg Ehrke fa416e031b
integrate Dav app with Calendar API
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-09 15:14:58 +01:00
Lukas Reschke b754a2e385
Merge pull request #7042 from nextcloud/bugfix/noid/ensure_unique_uid_for_calendar_objects
ensure uid for calendar objects is unique
2017-11-07 21:55:09 +01:00
Roeland Jago Douma f55732a18f
Merge pull request #7075 from nextcloud/remove-unused-variables
Remove unused variables
2017-11-07 16:18:40 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Georg Ehrke 4df08f296b
ensure uid for calendar objects is unique
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-06 14:25:08 +01:00
Morris Jobke 5445b1ff17
Remove unused variables
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:43:45 +01:00
Georg Ehrke 43147aeada
fancify invitation emails
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-03 11:20:03 +01:00
Joas Schilling 1bb048d11f
Correctly use the email templating
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-03 11:20:03 +01:00
Joas Schilling b14b933062
Language depending dates
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-03 11:20:03 +01:00
Joas Schilling cf04093fa6
Fix phpStorm complaints
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-03 11:20:03 +01:00
Leon Klingele c899f35261
DAV: Initial email customization support
Signed-Off-By: Leon Klingele <leon@struktur.de>
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-03 11:19:39 +01:00
Daniel Calviño Sánchez 555d582f35 Return whether the file is readable or not in the DAV permissions
Until now it was safe to assume that every file was readable by its
owner, so there was no need to return whether the file was readable or
not. However, with the introduction of end to end encryption that is no
longer the case, and it is now necessary to explicitly provide that
information.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:00 +01:00
blizzz b3ff9a2248
Merge pull request #6849 from nextcloud/fix-missing-translation-of-personal-calendar-in-activity
Fix missing translation of "Personal" calendar in activities
2017-10-31 15:05:26 +01:00
Joas Schilling 143ff6a622
Add a doc why this should not be removed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-23 12:35:55 +02:00
Georg Ehrke 1855204ad9
remove reminders from read-only shared calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-10-22 14:19:29 +02:00
Joas Schilling bb1af9b284 Merge pull request #6811 from nextcloud/feature/noid/disable_caldav_invitations
Opt out of IMip CalDAV Plugin
2017-10-19 11:57:52 +02:00
Joas Schilling bdb0265644
Fix missing translation of "Personal" calendar in activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-16 18:41:33 +02:00
Georg Ehrke b958725f78
Make it possible to opt out of IMip Plugin for CalDAV
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-10-16 13:49:46 +02:00
Georg Ehrke 7828cf454e
add admin settings panel for dav app
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-10-16 13:49:08 +02:00
Julius Härtl 79c4538511
Dav: codestyle fixes in PluginManager
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-14 20:51:59 +02:00
Vincent Petry a829ac787a
Let apps register Sabre plugins or collections
upstream #26761

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-14 20:50:53 +02:00
Joas Schilling 7c53f921a9
Use ::class to avoid errors
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-13 12:36:20 +02:00
Joas Schilling fd5465d509
Fix class name, regression from 44cf67accd
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-13 12:35:52 +02:00
Joas Schilling 3b4ab6560b
Check if the user/group exists for dav shares
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-05 12:48:10 +02:00
Joas Schilling 155d451cf8
Fix copy paste errors
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling c65e591e88
Restore the sequencial order
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling 740d820194
Migrate ids to bigint in the dav app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling e0a4c61350 Merge pull request #6633 from nextcloud/dav-remove-like-when-not-needed
Don't add a LIKE condition when it's not needed
2017-09-25 12:12:50 +02:00
Roeland Jago Douma 4ac32223da
Add indexes to cards and cards_properties tables
Fixes #6170

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 10:27:46 +02:00
Thomas Citharel f1bfd4433e
Don't add a LIKE condition when it's not needed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-25 09:10:44 +02:00
Joas Schilling d5b5fc7fca
Fix unsigned state
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-19 12:49:42 +02:00
Joas Schilling 8768faacaa
Fix migration naming
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-19 12:44:46 +02:00
Roeland Jago Douma 32234a23da
Move DAV app to migrations
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-18 14:35:27 +02:00
Roeland Jago Douma ab63c89ab3
Fix quota calculation on new dav upload endpoint
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-13 19:28:38 +02:00
Morris Jobke 8e6d86a862 Merge pull request #5304 from nextcloud/bugfix/2855/dont_send_invitations_for_past_events
don't send invitation emails for past events
2017-09-06 22:48:46 +02:00
Morris Jobke 1724fed8c5 Merge pull request #5415 from nextcloud/search-cache-node
cache nodes from search results
2017-09-06 10:16:01 +02:00
Georg Ehrke a1df91da9d
Sabre/VObject returns DateTimeImmutable, not a simple DateTime
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Georg Ehrke 86f28669fc
don't send invitation emails for past events
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Roeland Jago Douma f0158e42e9 Merge pull request #6309 from nextcloud/new-dav-event
add a new dav event to allow apps to register their own sabredav plugins
2017-09-04 12:12:46 +02:00
nhirokinet baba99a7e6 not to backquote LIMIT on CalDavBackend.php 2017-09-03 23:51:49 +09:00
Bjoern Schiessle f8cc8e1c9e
add a new dav event to allow apps to register their own sabredav plugins
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-30 14:05:18 +02:00
Bjoern Schiessle e83e1c7c23
add propfind to detect encryption status
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-28 14:02:25 +02:00
Robin Appelman 37e8b698f7 cache nodes from search results
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 10:18:19 +02:00
Morris Jobke fc12bd0be6 Do not log WebDAV maintenance mode exception
Log the maintenance mode exception only in debug level. Fixes #6124

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 15:03:39 +02:00
Joas Schilling 231bb47ae6 Fix file size comparison
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Joas Schilling 89238164e1 Fix comparisons in the dav app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:55:07 +02:00
Roeland Jago Douma 61a6adff14
Fix sabre test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma fc369dd86e
[DAV] Fix URLUtil::splitPath usage
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma f57a3aa81b
[DAV][CalDAV] Fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:16 +02:00
Lukas Reschke e1f52fc901
Stricter phan config fixes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
Robin Appelman 89b747d066
refactor chunked assembly stream
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 12:49:39 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling 984933e586
Only use readable chars in Share Tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Morris Jobke b4deba2078 Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails
Use PNGs for icons in activity emails
2017-07-07 11:05:00 +02:00
Joas Schilling b27819785e
Don't log passwords on dav exceptions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-29 17:20:10 +02:00
Morris Jobke eb9aedf44b Enhance the logging if the part file can not be renamed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-22 17:50:14 -05:00
Joas Schilling 90fa27694a
Use PNG version of the icons for shipped activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Joas Schilling 698a7cb7f0 Merge pull request #5124 from nextcloud/allow-dirlisting-with-unreadable-items
Allow dir-listing also when one child is blocked by access control
2017-06-16 10:47:08 +02:00
Morris Jobke ca3c69c8ae Merge pull request #5298 from nextcloud/bugfix/4885/calendar_shares_url_special_char_issue
urldecode group principals in Cal- and CardDAV backend
2017-06-14 23:10:40 -05:00
Morris Jobke ac565cecad Merge pull request #5300 from nextcloud/bugfix/noid/fix_proppatch_requests_to_groupshares
allow users to send PropPatch request when calendar is group-shared with them
2017-06-14 23:00:39 -05:00
Morris Jobke f38f2baa5a Merge pull request #5295 from nextcloud/bugfix/5077/allow_proppatches_to_birthday_calendar
allow PropPatch requests to contact_birthdays
2017-06-13 18:11:13 -05:00
Lukas Reschke 633396001f
Prevent sending second WWW-Authenticate header
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.

Fixes https://github.com/nextcloud/server/issues/5088

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Georg Ehrke 35781ae45c
urldecode group principals in Cal- and CardDAV backend
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-12 21:01:30 +02:00
Georg Ehrke 0f1d47cdf3
allow users to send PropPatch request when calendar is group-shared with them
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 09:21:56 +02:00
Georg Ehrke 9563c25c69
allow PropPatch requests to contact_birthdays
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 08:00:52 +02:00