Roeland Jago Douma
b2aec1d816
Merge pull request #17206 from nextcloud/logger-catch-exceptions
...
catch exceptions that occur during logging
2019-09-19 18:33:45 +02:00
Robin Appelman
2943c18548
catch exceptions that occur during logging
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-19 13:39:40 +02:00
Christoph Wurst
a5869be60f
Fix l10n in federated file sharing
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-19 12:57:45 +02:00
Roeland Jago Douma
210a0554a2
Use the actual password to update the tokens
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Daniel Kesselberg
ee76b0fbd2
Add uid to delete temp token query
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-18 16:52:42 +02:00
Joas Schilling
a4ba2113b2
Fix getById for files in appdata and the root mount
...
In case the path we are currently in is inside the appdata_* folder,
the original getById method does not work, because it can only look inside
the user's mount points. But the user has no mount point for the root storage.
So in that case we directly check the mount of the root if it contains
the id. If it does we check if the path is inside the path we are working
in.
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-17 11:15:59 +02:00
Joas Schilling
ad7d13a87c
Print the error pages as error so we load less scripts and might be able to view it
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-16 19:38:43 +02:00
Roeland Jago Douma
978d312e69
Merge pull request #17151 from nextcloud/td/remove/createPreview
...
Remove deprecated function createPreview
2019-09-15 19:36:18 +02:00
Greta Doci
0a874c51af
Disable app token creation for impersonated people, ref #15539
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-09-15 12:04:27 +02:00
Roeland Jago Douma
98f91982be
Remove deprecated function createPreview
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-15 10:52:34 +02:00
Roeland Jago Douma
2b98eea129
Harden identifyproof openssl code
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
blizzz
ac48a9ba61
Merge pull request #17106 from nextcloud/feature/dispatch-typed-event
...
Add Symfony inspired typed event dispatcher method
2019-09-12 09:25:26 +02:00
Roeland Jago Douma
1b8d6df6cd
Merge pull request #17084 from nextcloud/refactor/symfony-dispatcher-signature
...
Use the new Symfony event dispatcher signature
2019-09-11 22:08:38 +02:00
Christoph Wurst
b9e14d5972
Add Symfony inspired typed event dispatcher method
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-11 20:02:50 +02:00
Joas Schilling
15d39c48e6
Merge pull request #17021 from nextcloud/bye-spreed-hello-talk
...
Bye Spreed namespace, hello Talk!
2019-09-11 14:59:37 +02:00
Roeland Jago Douma
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
...
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma
41cbb05aea
Split personal security settings in code
...
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Christoph Wurst
222b458280
Use the new Symfony event dispatcher signature
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-10 11:26:55 +02:00
Arthur Schiwon
20901c59d4
emit file events via Dispatcher, too
...
another step to get rid of hooks and emitters
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 22:56:04 +02:00
Roeland Jago Douma
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
...
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma
b3f663b8aa
Merge pull request #16859 from PhrozenByte/patch-1
...
Add IAppManager::getAppWebPath()
2019-09-09 12:20:27 +02:00
Roeland Jago Douma
ac19017461
Merge pull request #16962 from nextcloud/keep-cypress-git
...
Kill repair step for cypress
2019-09-08 21:29:01 +02:00
Roeland Jago Douma
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
...
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman
8ef5a366ec
add MAX and MIN to functionbuilder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Daniel Rudolf
2d56664e35
Improve usage of IAppManager::getAppWebPath()
...
Deprecate \OC_App::getAppWebPath() and \OC_App::getAppPath()
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2019-09-05 18:35:40 +02:00
Joas Schilling
858b18e34a
Bye Spreed namespace, hello Talk!
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-05 15:32:58 +02:00
Arthur Schiwon
3ce5d4e545
reduce adressbook change events and handling
...
... from four to one on avatar updates
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:25 +02:00
Julius Härtl
64fe9bc287
Return the proper jailed path when requesting the root path
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-09-04 13:25:17 +02:00
Roeland Jago Douma
b7301f40dd
Merge pull request #16972 from nextcloud/enh/default_client_timeout
...
Set a default request timeout
2019-09-04 08:08:48 +02:00
Roeland Jago Douma
ca2623e6ad
Set a default request timeout
...
This to avoid endless running processes.
A default timeout of 30 seconds should cover the 99% case. If a job need
specific longer time it should set that.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-02 15:42:48 +02:00
Daniel Kesselberg
62ded4ad50
Kill repair step for cypress tests
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-02 11:50:23 +02:00
Samuel CHEMLA
94eb77a535
Fix sanity checks #16963
...
Signed-off-by: Samuel CHEMLA <chemla.samuel@gmail.com>
2019-09-01 22:27:08 +02:00
Daniel Kesselberg
2d04be27df
Keep cypress if git
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-01 20:46:13 +02:00
Julius Härtl
299759b836
Handle throwables in the http dispatcher
...
Co-authored-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-29 17:19:14 +02:00
Roeland Jago Douma
130fdf5006
Merge pull request #16913 from nextcloud/fix/declare_members
...
SessionMiddleware: declare session property
2019-08-29 09:54:45 +02:00
Roeland Jago Douma
3f12ec95f0
SessionMiddleware: declare session property
...
* Remove request since we don't useit
* Update tests as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
Roeland Jago Douma
c73b4f25c3
Make sure they keys are unique
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 12:55:07 +02:00
Joas Schilling
b1a0d464ba
Merge pull request #16723 from nextcloud/fix/sharing/unshare-message
...
Add expiration event for shares
2019-08-26 12:58:51 +02:00
John Molakvoæ
40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
...
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
Daniel Rudolf
34919d3ebc
Add IAppManager::getAppWebPath()
...
Implements a public API for \OC_App::getAppWebPath()
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2019-08-25 15:27:04 +02:00
blizzz
f515da4f3c
Merge pull request #16845 from nextcloud/bugfix/noid/public-constants
...
Make the sharing constants publicly available
2019-08-23 23:15:15 +02:00
Joas Schilling
92862c51f5
Always check via http and https whether htaccess is working
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-23 14:33:58 +02:00
Joas Schilling
b130a4c8fb
Make the sharing constants publicly available
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-23 13:54:19 +02:00
Arthur Schiwon
43bc31bacb
set a storage availability delay on auth issues to avoid lock out
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-22 12:40:15 +02:00
Roeland Jago Douma
1e74ffd46b
Merge pull request #16820 from nextcloud/bugfix/noid/access-handling-of-projects
...
Change access handling of projects
2019-08-21 22:02:50 +02:00
blizzz
9ac15bc4e9
Merge pull request #16813 from compagnon/fix/noid/AutoloadNotAllowedException-theming-off
...
autoloader.php could raise Not AllowedException
2019-08-21 16:04:32 +02:00
Joas Schilling
69f2974706
Only trigger the events with tags that where actually assigned
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 11:58:27 +02:00
Joas Schilling
23bd4c127d
Add a repair step to clear the projects access cache
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 09:16:14 +02:00
Joas Schilling
b53283fcb7
Change the logic so projects are only shown when you can access all resources
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 09:16:14 +02:00
John Molakvoæ (skjnldsv)
b557f52c22
Add expiration event for shares
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-08-21 08:30:17 +02:00
Roeland Jago Douma
dd02920aed
Merge pull request #16811 from nextcloud/bugfix/16771/correctly-remove-apps-without-any-releases
...
Correctly remove apps without any releases
2019-08-20 22:29:20 +02:00
Roeland Jago Douma
1dda6fb05b
Merge pull request #16812 from nextcloud/bugfix/noid/previewv1-returntype
...
Explicit cast for ProviderV1Adapter
2019-08-20 22:28:43 +02:00
Guillaume COMPAGNON
0516675a5c
autoloader.php could raise Not AllowedException
...
when theming is off
Signed-off-by: Guillaume Compagnon <gcompagnon@outlook.com>
modified: lib/private/TemplateLayout.php
2019-08-20 17:11:40 +02:00
Julius Härtl
d3d37aa19d
Explicit cast for ProviderV1Adapter
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-20 15:47:59 +02:00
Joas Schilling
17096adff9
Correctly remove apps without any releases
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-20 14:47:46 +02:00
Joas Schilling
323642454a
Undefined variable response when server is no nextcloud anymore
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-20 12:54:58 +02:00
Joas Schilling
650e4f9f4c
Merge pull request #16793 from nextcloud/bugfix/noid/filter-more-configs
...
Filter more configs
2019-08-20 09:01:20 +02:00
Roeland Jago Douma
1614dee6dc
Codechecker: removed unused use
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:41:46 +02:00
Roeland Jago Douma
7927aebdeb
Fix report of phpstan in Limiter
...
* unneeded arguments to constructor
* added return types
* let automatic DI do its work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Joas Schilling
b6c78eb9d4
Filter more configs
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-19 16:32:20 +02:00
Joas Schilling
810ee7d811
Make the auto-disabled list more broad
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-15 11:12:45 +02:00
Georg Ehrke
f6c3424039
Fix tracking of auto disabled apps in Updater
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2019-08-15 11:12:43 +02:00
Roeland Jago Douma
d14aed1048
Merge pull request #15946 from martink-p/bugxfix/9792/encrypted-external-webdav
...
Update Encryption.php
2019-08-15 10:22:50 +02:00
Roeland Jago Douma
f7152cccb2
Merge pull request #16572 from nextcloud/fix/15613/bring-back-psql9-compat
...
instead of upsert query, fallback to default on PSQL <= 9.4
2019-08-14 10:10:37 +02:00
blizzz
2ac01c0203
Merge pull request #16725 from nextcloud/bugfix/noid/syslog-di
...
Fix loading of the syslog logging class
2019-08-14 09:46:48 +02:00
Arthur Schiwon
d0409548c6
instead of upsert, fallback to default query on PgSQL <= 9.4
...
because there is no upsert yet
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-14 09:05:11 +02:00
Julius Härtl
2efb9a7d90
Make sure SystemConfig class can be injected and syslog_tag is fetched properly
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-13 16:26:18 +02:00
Roeland Jago Douma
145eee91fe
Get the proper UID
...
Some user backends (like the database backend) allow us to obtain a user
case insensitive. However the UID itself is case sensitive.
Example:
* create a user User1
* login as User1
- This results the data/User1 folder to be created etc
* now have some code somewhere that obtains the userFolder (from
IRootFolder) but pas in 'uSER1' as uid
- The code will check if that is a valid user. And in this case it is
since User1 and uSER1 both map to the same user
- However the the UID in the user object is used for the folder a new
folder fill be create data/uSER1
With this PR this is avoided now. Since we obtain the real UID casing in
the backend before creating the user object.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-13 09:33:46 +02:00
Roeland Jago Douma
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Roeland Jago Douma
9d6eb2daf7
Merge pull request #16179 from J0WI/mv-frameoptions
...
Add X-Frame-Options header to .htaccess
2019-08-11 21:30:51 +02:00
Scott Shambarger
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
J0WI
1b074f48d8
Remove duplicated spaces
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
3f2932c75a
Sort headers
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
76cbd7db6e
Add X-Frame-Options header to .htaccess
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:49 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma
5d94590cee
Have the OCSBaseResponse call the parent constructor
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-08 09:52:20 +02:00
Roeland Jago Douma
b42b26eceb
Merge pull request #15187 from vitormattos/bugfix-create-database-user
...
Bugfix: user is not allowed
2019-08-08 09:03:48 +02:00
Roeland Jago Douma
650927a822
Properly return an int in the getId function of the cache
...
fixes #16684
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-07 20:38:42 +02:00
Roeland Jago Douma
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma
f94ee72507
Add form-action CSP element
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma
417fbb5d60
setting unsafe-eval is deprecated
...
This will be removed in a future version of Nextcloud.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-30 16:27:38 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma
ba60fafb9a
Add proper PostLoginEvent
...
This can be used by othr mechanisms to listen for this event in a lazy
fashion.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Morris Jobke
e45fb5fa3e
Fix typo in comment
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 14:55:43 +02:00
Roeland Jago Douma
51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
...
Split up security middleware
2019-07-29 12:13:55 +02:00
Roeland Jago Douma
fb78cd3ed8
Merge pull request #16570 from nextcloud/enh/supress_touch_error
...
Supress warnings touch can generate
2019-07-29 10:39:46 +02:00
Roeland Jago Douma
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Roeland Jago Douma
9ef23e2362
Merge pull request #16558 from nextcloud/enh/less_verbose_locked_logging
...
Do not log all locked exceptions
2019-07-27 10:39:11 +02:00
Roeland Jago Douma
1cc8a2f5d2
Supress warnings touch can generate
...
We already catch the result value. Having the warning being logged
explicitly doesn't help and polutes the log.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 17:26:59 +02:00
Morris Jobke
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
...
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Roeland Jago Douma
cdc43cd39b
Merge pull request #16456 from nextcloud/dep/searchByTag
...
Remove deprecated searchByTag
2019-07-26 15:07:04 +02:00
Roeland Jago Douma
4cc41cb4c7
Do not log all locked exceptions
...
This can happen for valid reasons (multiple users writing at the same
time) with for example the text app. Apps should properly handle it. No
reason to log it by default.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 14:55:13 +02:00
Arthur Schiwon
78201bcb72
treat sensitive config keys by pattern
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma
323f40a493
Merge pull request #16461 from nextcloud/fix/noid/pgsql-version
...
fixes the check for postgresql
2019-07-26 12:32:04 +02:00
Roeland Jago Douma
0487144b26
Remove deprecated searchByTag
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00