Commit Graph

53880 Commits

Author SHA1 Message Date
Daniel Calviño Sánchez 7817f8578b Generalize integration test steps to download last share
Note that the "last link share can be downloaded" step was kept as it
tests the "url" property specific of link shares.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 6e49d3bb94 Remove unused variables
The step names were adjusted accordingly.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 45de42a6b8 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 37f231333f Fix reference to wrong class name
\OCP\IShare does not exist; the right name is \OCP\Share\IShare,
although it is already imported as IShare.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 01:41:06 +02:00
Morris Jobke 077c1a9b9f
Merge pull request #21140 from nextcloud/enhancement/oc-get-all-apps-return-type-doc
Document \OC_App::getAllApps return type
2020-05-28 22:37:35 +02:00
Daniel Calviño Sánchez a426f84dbe Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez 7569590514 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez e59e283cc2 Fix creating a mail share with a password
When a mail share was created with a password the given password was not
hashed, so it was not possible to open the share with that password.
Moreover, if passwords were enforced the given password was ignored and
a new one was set (although in this case it was hashed so it worked as
expected). Now the given password is properly hashed and not overriden.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:22 +02:00
Daniel Calviño Sánchez a2b0a7c30e Extend mail shares unit tests to check the password and mail template
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:50:08 +02:00
Roeland Jago Douma 28f8a445e4 Move the systemtags to core/src
* Move to the handlebar loader from webpack

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-28 19:05:09 +00:00
Christoph Wurst adf7d17cb2
List ext-pdo as hard requirement for composer
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-28 20:43:50 +02:00
Christoph Wurst 97e9823787
Document \OC_App::getAllApps return type
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-28 20:37:24 +02:00
Roeland Jago Douma b638c6ee09
Merge pull request #20597 from nextcloud/enh/lazy_node_events
Add lazy events for the Node API
2020-05-28 14:15:59 +02:00
Roeland Jago Douma 77c1aeb84e
Merge pull request #21124 from nextcloud/feature/20612/add-capability-for-file-comments
Add a capability when file comments are enabled
2020-05-28 14:13:48 +02:00
Joas Schilling ff381dda08
Add a capability when file comments are enabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-28 12:43:53 +02:00
Roeland Jago Douma 6aa6ab3e02
Add lazy events for the Node API
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.

We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 12:35:45 +02:00
Nextcloud bot 1d469fc06e
[tx-robot] updated from transifex 2020-05-28 02:16:38 +00:00
Roeland Jago Douma 3ee2dbeff9
Merge pull request #21122 from nextcloud/enhancement/auth-token-exception-reporting
Improve traces of invalid token exceptions
2020-05-27 19:37:22 +02:00
Roeland Jago Douma 778ef84ee2
Merge pull request #21123 from nextcloud/fix/noid/fix-retrieval-of-groups
simplify getGroups, fixing wrong chunking logic
2020-05-27 19:36:49 +02:00
Robin Appelman 41fdfc9966
update icewind/smb to 3.2.5
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-05-27 17:44:54 +02:00
Joas Schilling 675ec93e25
Merge pull request #21112 from nextcloud/techdebt/noid/remove-db-prefix
Remove db prefix option from cli install command
2020-05-27 16:19:38 +02:00
Christoph Wurst 052ddc3c10
Merge pull request #20976 from nextcloud/fix/make-translation-sanitization-optional
Make the translation sanitization optional
2020-05-27 15:47:28 +02:00
Christoph Wurst 069d02aaec
Fix devices & sessions sanitization
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 15:06:56 +02:00
Christoph Wurst 74db91910c
Make the translation sanitization optional
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 15:06:54 +02:00
Arthur Schiwon aed6f0f71e
simplify getGroups, fixing wrong chunking logic
pagination is taken care of properly in the search logic in Access class

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-27 14:41:10 +02:00
Roeland Jago Douma a0771a389a
Merge pull request #21079 from nextcloud/dependabot/npm_and_yarn/moment-2.26.0
Bump moment from 2.25.3 to 2.26.0
2020-05-27 12:55:50 +02:00
Morris Jobke b9222ff596
Merge pull request #21117 from nextcloud/design/text-variables-simplify
Simplify text variables from 4 to 2, map -lighter to -maxcontrast
2020-05-27 10:50:43 +02:00
Christoph Wurst 5b92f35fe2
Log why a token is not valid during password check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:58:44 +02:00
Christoph Wurst 2006a6dd0e
Improve traces of invalid token exceptions
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:21:47 +02:00
Nextcloud bot b9d17cfdec
[tx-robot] updated from transifex 2020-05-27 02:16:10 +00:00
Jan-Christoph Borchardt 9aff5355e6
Simplify text variables from 4 to 2, map -lighter to -maxcontrast
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-05-26 21:42:11 +02:00
dependabot-preview[bot] 3535204ce8 Bump moment from 2.25.3 to 2.26.0
Bumps [moment](https://github.com/moment/moment) from 2.25.3 to 2.26.0.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.25.3...2.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-26 19:40:18 +00:00
Roeland Jago Douma 9bb07d3fbd
Merge pull request #21106 from nextcloud/fix/10809/user-pwd-change-loginname
use the loginname to verify the old password in user password changes
2020-05-26 21:18:57 +02:00
Joas Schilling 027808c019
Remove the prefix setting attempt from our CI
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-26 16:56:41 +02:00
Arthur Schiwon 653162a709
use the loginname to verify the old password in user password changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-26 16:53:25 +02:00
Joas Schilling 5f88380c44
Remove db prefix option from cli install command
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-26 14:10:39 +02:00
Roeland Jago Douma 69e2aa029b
Merge pull request #21108 from nextcloud/fix/20745/eor-old-php-api
fixes infinitely repeating LDPA search results with PHP <= 7.2
2020-05-26 11:54:20 +02:00
Nextcloud bot fda71a9979
[tx-robot] updated from transifex 2020-05-26 02:16:03 +00:00
Arthur Schiwon 15008a1798
fixes infinitely repeating LDPA search results with PHP <= 7.2
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-26 00:37:46 +02:00
Roeland Jago Douma 4bada5c732
Merge pull request #21092 from nextcloud/enh/noid/recommended-apps
Update recommended apps
2020-05-25 20:47:20 +02:00
Roeland Jago Douma a6b0bed585
Merge pull request #21090 from nextcloud/bug/noid/do-not-read-cert-from-datadir-by-default
Do not read certificate bundle from data dir by default
2020-05-25 19:48:00 +02:00
Roeland Jago Douma d695bad205
Merge pull request #21078 from nextcloud/dependabot/npm_and_yarn/vue-router-3.2.0
Bump vue-router from 3.1.6 to 3.2.0
2020-05-25 19:45:53 +02:00
Julius Härtl 3f9856bc7c
Bump bundles
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-05-25 17:13:34 +02:00
Morris Jobke 18b0d753f2
Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 16:57:56 +02:00
Julius Härtl bde5b9577b
Update hub bundle and add proxy rule to htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-05-25 16:04:54 +02:00
Robin Appelman 6f2e920a5b
normalize sftp path in read and write stream
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-05-25 15:26:04 +02:00
dependabot-preview[bot] 421b7ea254 Bump vue-router from 3.1.6 to 3.2.0
Bumps [vue-router](https://github.com/vuejs/vue-router) from 3.1.6 to 3.2.0.
- [Release notes](https://github.com/vuejs/vue-router/releases)
- [Changelog](https://github.com/vuejs/vue-router/blob/dev/CHANGELOG.md)
- [Commits](https://github.com/vuejs/vue-router/compare/v3.1.6...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-25 13:19:33 +00:00
Morris Jobke e57bca31ad
Merge pull request #20005 from joeried/occ-remove-bruteforce-attempts-by-ip
Implement occ command to reset bruteforce attemps from a given IP address
2020-05-25 14:04:18 +02:00
Morris Jobke bd997a105c
Fix code style
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 14:03:21 +02:00
Nextcloud bot cbde1d102c
[tx-robot] updated from transifex 2020-05-25 02:16:22 +00:00