mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
38,357 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

3996 Commits

Author SHA1 Message Date
Joas Schilling 38c901fadf
Delete the correct config value 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-20 12:23:12 +02:00
Joas Schilling 140580f9d8 Merge pull request #4398 from nextcloud/fix_accesslistcode 
Get proper accesslist for userFolder
 2017-04-20 11:03:22 +02:00
Joas Schilling b469882595 Merge pull request #4212 from individual-it/master 
validate file name before uploading in upload only folder
 2017-04-20 10:50:56 +02:00
Roeland Jago Douma ae2db5e60d
Get proper accesslist for userFolder 
If the accesslist is requested for a users root folder we should
properly construct the path

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-20 10:28:32 +02:00
Morris Jobke 16c4755e03
Rename renderHTML to renderHtml 
* fixes #4383
* improves consistency

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-19 15:46:41 -05:00
Roeland Jago Douma ad24b86013 Merge pull request #4350 from nextcloud/adjust-old-bruteforce-protection-annotations 
Adjust existing bruteforce protection code
 2017-04-19 09:27:23 +02:00
Morris Jobke f1ddb939a0 Merge pull request #4371 from nextcloud/dont-allow-dot-usernames 
Better validation of allowed user names
 2017-04-18 20:04:32 -05:00
Morris Jobke 269600a04f Merge pull request #4369 from nextcloud/fix-translations 
Fix translations
 2017-04-18 18:01:50 -05:00
Joas Schilling 1c0bffe87f
Fix translations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 16:40:53 -05:00
Lukas Reschke 0a54d5a5dd
Beautify test email 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-18 16:18:00 -05:00
Morris Jobke d379ac7545 Merge pull request #4372 from nextcloud/smtp-password 
Don't put the SMTP password into the HTML code
 2017-04-18 16:13:31 -05:00
Morris Jobke d2c4440ed6
Fix unit tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-18 15:08:38 -05:00
Lukas Reschke 805419bb95
Add bruteforce protection to changePersonalPassword 
While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-18 17:55:51 +02:00
Artur Neumann 88f02f27a3 JS tests for upload only function 
Signed-off-by: Artur Neumann <info@individual-it.net>
 2017-04-18 20:43:25 +05:45
Joas Schilling fcaa315c96
Fix some more stuff 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 16:11:29 +02:00
Joas Schilling dfca672378
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 16:08:29 +02:00
Joas Schilling a3922bbcdc
Better validation of allowed user names 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 14:29:34 +02:00
Morris Jobke 10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager 
Access list to share manager
 2017-04-15 13:06:24 -05:00
Lukas Reschke 727688ebd9
Adjust existing bruteforce protection code 
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-14 13:42:40 +02:00
Lukas Reschke 8149945a91
Make BruteForceProtection annotation more clever 
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 23:05:33 +02:00
Lukas Reschke 81d3732bf5 Merge pull request #4308 from nextcloud/lost-password-email 
Update email template for lost password email
 2017-04-13 20:02:15 +02:00
Morris Jobke d36751ee38 Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login 
Fix login controller test and consolidate login
 2017-04-13 12:16:38 -05:00
Joas Schilling e1d54e3b48
Add more tests for the share helper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:53 +02:00
Joas Schilling 7d416ac1dd
Activate the test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:53 +02:00
Joas Schilling 629b7c0fc3
Adjust docs and make !$currentAccess simpler 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 4eeb194ae5
Fix share manager test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 5b57bb955b
Fix default share provider 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 2fcf334c6a
Fix tests for ShareHelper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Roeland Jago Douma 4437e00f16
Add shareHelper test 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 12afd7d1d5
Add mail element to access list 
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 2cbac3357b
Offload acceslist creation to providers 
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 553b3b2928
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma 7dcc98eb20
Add owner to access list 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma d84df15590
Add getAccessList to ShareManager 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:48 +02:00
Lukas Reschke e39e6d0605
Remove expired attempts 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:18 +02:00
Lukas Reschke 31ae39c569
Add tests for multiple parameters 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:18 +02:00
Lukas Reschke a1ae5275f9
Move to dedicated MiddleWare 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:17 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations 
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:16 +02:00
Lukas Reschke 01f3698175 Merge pull request #3966 from nextcloud/downstream-26570 
Override config.php values through environment variables
 2017-04-13 10:51:09 +02:00
Morris Jobke 7cb6038fca Merge pull request #3043 from nextcloud/issue-3038-no-logentry-on-email-login 
Dont create a log entry on email login
 2017-04-13 01:04:11 -05:00
Morris Jobke 1f962f9115
Update email template for lost password email 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 15:19:53 -05:00
Roeland Jago Douma b3b24172e4 Merge pull request #4307 from nextcloud/sharing-emails 
New emails for sharebymail
 2017-04-12 21:23:11 +02:00
Morris Jobke ae4c2893a2
Fix unit tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 12:42:23 -05:00
Joas Schilling 1c8c62272c
Use instance name as alt-text 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 17:16:26 +02:00
Morris Jobke 050ce1d40b
Add addBodyButton to add a single button to email templates 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 17:16:26 +02:00
Roeland Jago Douma dccb8928a1 Merge pull request #4325 from nextcloud/downstream-27522 
Optimize put - Dont try to fetch filecache for not existing filecache…
 2017-04-12 16:04:03 +02:00
Björn Schießle b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints 
Discover federatedsharing endpoints
 2017-04-12 16:01:07 +02:00
Joas Schilling 30817fa319
Simplify the test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 13:23:55 +02:00
Piotr M dc78f1251e
Optimize put - Dont try to fetch filecache for not existing filecache in encription 2017-04-12 12:54:20 +02:00
Lukas Reschke b5d31e4e65 Merge pull request #4309 from nextcloud/remove-unused-code 
Removes unused code for link share emails
 2017-04-12 10:15:59 +02:00