Commit Graph

9485 Commits

Author SHA1 Message Date
Julius Härtl e7920203ba Add additional check for read permissions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-29 15:00:12 +00:00
Julius Härtl f1f755740d Check the if we can actually access the storage cache for recent files
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-29 15:00:11 +00:00
Roeland Jago Douma 5959245417 Do not log all locked exceptions
This can happen for valid reasons (multiple users writing at the same
time) with for example the text app. Apps should properly handle it. No
reason to log it by default.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 08:40:00 +00:00
Arthur Schiwon a9ccac2f20 treat sensitive config keys by pattern
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:21:22 +00:00
Roeland Jago Douma 3f5ce65879 Lock SCSS so we only run 1 job at a time
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-25 13:44:06 +00:00
Joas Schilling c7322c7efd PHPStorm code cleanup
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 09:51:23 +00:00
Joas Schilling 27a6f8020b Get the topmost parent for the parent instead of doing endless recursion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 09:51:22 +00:00
Daniel Kesselberg abd714d685
Pass $configargs to openssl_pkey_export
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-22 14:37:10 +02:00
Marcel Klehr 21822512dc Fix File#putContents(string) on ObjectStorage
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2019-07-17 20:39:24 +00:00
Roeland Jago Douma 8e6ac9d678 Do not keep searching for recent
If userA has a lot of recent files. But only shares 1 file with userB
(that has no files at all). We could keep searching until we run out of
recent files for userA.

Now assume the inactive userB has 20 incomming shares like that from
different users. getRecent then basically keeps consuming huge amounts
of resources and with each iteration the load on the DB increases
(because of the offset).

This makes sure we do not get more than 3 times the limit we search for
or more than 5 queries.

This means we might miss some recent entries but we should fix that
separatly. This is just to make sure the load on the DB stays sane.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-17 05:47:57 +00:00
Morris Jobke f7a6f4527e Log RuntimeException in CleanupCardDAVPhotoCache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 06:06:01 +00:00
Daniel Kesselberg c208ea49d4 Add catch for RuntimeException
getDirectoryListing can throw a NotFoundException or a RuntimeException.
The repair step should be skipped if the cache directory is missing so
a catch for both exceptions is required.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-16 06:06:01 +00:00
Maxence Lange 89f3df067f addsubtag should push to array
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-15 06:45:58 +00:00
Roeland Jago Douma b62b835f6c Use HTTP1.1 to read S3 objects
Some of the READs otherwise use HTTP/1.0 which is not always supported
by all backends. HTTP/1.1 is there since 1999 way longer than S3 so safe
to assume it is always there IMO.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-10 13:20:38 +00:00
Morris Jobke ecf60b59ef
Merge pull request #16254 from nextcloud/backport/16208/stable16
[stable16] Always set the display name for user shares
2019-07-09 14:44:01 +02:00
Morris Jobke ac3cc7829f Try to delete the cypress folder of the viewer app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 17:19:34 +00:00
Julius Härtl 662fd359f5 Always set the display name for user shares
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-05 12:53:45 +00:00
Joas Schilling 03005dea43 Unify the permission checking in one place only
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 18:08:08 +00:00
Joas Schilling 16d1354239 Better check reshare permissions when creating a share
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 18:08:08 +00:00
Joas Schilling e19240b60b Allow apps to overwrite the maximum length when reading from database
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-01 14:39:54 +00:00
Robin Appelman 555b62a619 verify that paths are valid for recursive local move
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-27 14:37:35 +00:00
Joas Schilling 193e8a750e Allow apps to store longer messages in the comments API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-06-27 08:05:02 +00:00
Roeland Jago Douma 33663ff04e
Merge pull request #16082 from nextcloud/backport/15832/stable16
[stable16] Fix full text search for groupfolders
2019-06-26 15:49:12 +02:00
Joas Schilling 1066e4a952 Fall back to black for non-color values
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-06-26 08:18:17 +00:00
Morris Jobke 8c1ce34a03 Fix full text search for groupfolders
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-06-25 19:45:27 +00:00
Robin Appelman 42930f6fab
handle storage exceptions when trying to set mtime
not all storage backends can handle setting the mtime and they might
not always handle that error correctly.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-25 15:57:59 +02:00
Roeland Jago Douma ab13fe80e4
Revert "[stable16] Fix userid casting in notifications"
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-25 12:39:40 +02:00
Joas Schilling 92f11a646b Prevent faulty logs from nested setupFS calls
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-06-21 10:01:28 +00:00
John Molakvoæ (skjnldsv) 9346718cc2 Fix userid casting in notifications
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-11 16:31:25 +00:00
Christoph Wurst 376e570b15 Fix missing login hook wih Apache/SAML
Without this patch the hook does not transport the information whether the login is
done with an app password or not. The suspicious login app requires the parameter
to function correctly, hence adding it will make suspicious login detection also possible
with SAML users.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-11 07:42:25 +00:00
Robin Appelman 4488293d62 search files by id in shared storages last
this prevents unneeded recursion when the file is not in the share

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-29 19:57:31 +00:00
Julius Härtl 7764979281 Check for free space on touch
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-28 13:04:49 +00:00
Daniel Kesselberg 90ca099341 Don't notify admins if no potentially over exposing links found
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-05-27 09:52:20 +00:00
Roeland Jago Douma 2e567918c1 Check the actual status code for 204 and 304
The header is the full http header like: HTTP/1.1 304 Not Modified
So comparing this to an int always yields false
This also makes the 304 RFC compliant as the resulting content length
should otherwise be the length of the message and not 0.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-24 17:51:52 +00:00
Morris Jobke e643a3e8fb Allow redis cluster to use password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-22 11:48:04 +00:00
Morris Jobke ce3da21b65 Fix l10n for SettingsManager by injecting the l10n factory
Fixes #10832

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-21 22:51:26 +00:00
Julius Härtl 9ed21f521b Only show sharing section if it has content
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-21 08:33:55 +00:00
Morris Jobke 0e8829b8df
Show supported apps in app management
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 12:21:11 +02:00
Morris Jobke 0751c1f5f8 Add interfaces to interact with subscription from support app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-13 11:34:59 +00:00
Morris Jobke 3ab884a479 Use non-absolute logout URL to fix wrong URL in reverse proxy scenario
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-08 17:37:19 +00:00
Joas Schilling 8be9c9b0d9 fix class might be undefined
Co-Authored-By: blizzz <blizzz@arthur-schiwon.de>

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-05-08 13:52:11 +00:00
Arthur Schiwon b70053be25 remove args from logging of common-spelled methods dependent on class
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-05-08 13:52:11 +00:00
Arthur Schiwon 7886642979 remove setup args from logging
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-05-08 13:52:10 +00:00
Daniel Kesselberg 5f93c754b4 Set type for access column on cacheAccessForCollection
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-05-07 22:07:54 +00:00
Robin Appelman ecd29001d7 remove extra param in cache update call
param was leftover from earlier iterations of the "update event"

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-07 15:59:10 +00:00
Joas Schilling 50827582b6 Make sure all middlewares are only registered once
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-05-06 21:38:13 +00:00
Joas Schilling be5cc3a973 Remove the custom prefix from the table name length when checking on the default primary index
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-30 12:20:31 +00:00
Arthur Schiwon aa91b0ab3c take return of mkdir into account, throw exception on failure
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-04-30 07:26:41 +00:00
Arthur Schiwon 35ba5ae2a0 remove obsolete use statements
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-04-24 18:02:15 +00:00
Roeland Jago Douma b6fe0f1f9a Always use a temp file for swift writes
Apparently the if statement doesn't work in all cases (even if I could
not reproduce it). So for the time being we will just not directly
stream to swift.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-24 07:01:36 +00:00
Joas Schilling 5b89ebc3bb
Add return types
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-17 10:18:26 +02:00
Joas Schilling 6286923022
Use the querybuilder for the queries
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-17 10:18:15 +02:00
Joas Schilling e0a825658d
Allow to use Subqueries in from
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-17 10:17:59 +02:00
Roeland Jago Douma 5805a9d505
Repair step for link shares
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-17 10:17:28 +02:00
Leon Klingele 9a5ca231bf
lib/private/User: do not change user properties if value has not changed 2019-04-11 11:20:41 +02:00
Leon Klingele 3eb0d4f1a4
lib/private/User,apps/user_ldap/lib/User: always pass old value to User::triggerChange 2019-04-11 11:20:41 +02:00
Morris Jobke ccabc63a09
Merge pull request #15020 from nextcloud/bugfix/noid/fix-too-many-event-triggers
Bugfix/noid/fix too many event triggers
2019-04-11 11:19:11 +02:00
Morris Jobke 757a841d14
Merge pull request #15052 from nextcloud/fix/noid/pass-oldvalue
Pass old value to user triggerChange hook & do not update unchanged attributes
2019-04-11 11:18:41 +02:00
Leon Klingele f420647add
lib/private/User: do not change user properties if value has not changed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 10:11:05 +02:00
Morris Jobke 36618b111f
Pass old value to user triggerChange hook
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 10:03:38 +02:00
Roeland Jago Douma 7e7146db7f
Block install without CAN_INSTALL file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-11 09:32:33 +02:00
Morris Jobke 302c10b836
Merge pull request #14994 from nextcloud/feature/noid/pre-releases-for-beta-and-daily
Enable pre-releases for beta and daily channel
2019-04-10 23:02:05 +02:00
Maxence Lange 6684bf4570 +isAvailable()
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-04-10 11:46:20 -01:00
Joas Schilling ca0b70eb2f
Remove unnecessary event dispatcher
The event is already triggered in OC\User\User::triggerChange

Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-09 11:28:33 +02:00
Joas Schilling 38f8f7cbf4
Don't get the avatar when we don't operate anyway
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-09 11:23:06 +02:00
Roeland Jago Douma 3b1e16458d
Forbid eval on legacy responses
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-09 09:58:23 +02:00
Joas Schilling 8e278a2c38
Enable pre-releases for beta and daily channel
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-04-08 15:23:44 +02:00
Roeland Jago Douma 5d360bd16f
Harden appdata putcontent
If for whatever reason appdata got into a strange state this will at
least propegate up and not make it do boom the next run.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-08 13:22:00 +02:00
Daniel Kesselberg 23d7fdeef0
Skip check if CONSTANT on real object is used
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-01 14:31:29 +02:00
Joas Schilling a7c0254b45
Merge pull request #14902 from nextcloud/bugfix/noid/fix-non-default-prefix
Indeces, columns and sequences don't have the table prefix
2019-04-01 09:03:30 +02:00
Joas Schilling f557e1e214
Indeces, columns and sequences don't have the table prefix
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-28 14:51:11 +01:00
Joas Schilling cfa6c7cb71
Escape the search terms on the server
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-28 09:37:22 +01:00
Joas Schilling d4771be2c0
Make sure the recursive result is returned :-X
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-28 09:27:05 +01:00
Roeland Jago Douma a7fb71f908
Fetch proper translations
Fixes #14793

This is caused by the mess we have with OC\Settings mapping to settings
and lib/private/Settings.

Anyway this is the quick fix. Moving stuff around for 17 seems better.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-25 09:10:54 +01:00
Morris Jobke 8432583dc6
Merge pull request #14813 from nextcloud/fix/sentry/unset
Check if elements are set in installer
2019-03-25 08:57:34 +01:00
Roeland Jago Douma b04bdad65e
Merge pull request #14812 from nextcloud/bugfix/noid/collections-access-type
Force boolean type for access parameter
2019-03-23 12:32:59 +01:00
Roeland Jago Douma f021db956c
Check if elements are set in installer
Since we now have all the apps from the appstore we need to do a bit
more checking.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-22 16:54:35 +01:00
Julius Härtl 826821a7da
Force boolean type for access parameter
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-22 16:00:44 +01:00
Roeland Jago Douma 3ecdf743bb
Properly inject EventDispatched in BackgroundRepair
Else it will just be null when called

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-22 10:29:36 +01:00
Vlastimil Pecinka 1c3abda280
Store user object later in the code
Signed-off-by: Vlastimil Pecinka <pecinka@email.cz>
2019-03-21 21:57:47 +01:00
Morris Jobke f889beae7e
Fix PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-21 17:05:57 +01:00
Ole Ostergaard 0d778fcc4e Code cleanup.
Signed-off-by: Ole Ostergaard <ole.c.ostergaard@gmail.com>
2019-03-21 11:42:00 +01:00
Ole Ostergaard d62da82bf9 Add supression of SqlInjectionChecker.
Signed-off-by: Ole Ostergaard <ole.c.ostergaard@gmail.com>
2019-03-21 11:42:00 +01:00
Ole Ostergaard c9b6487393 Add PostgreSQL specific implementation for includeIgnoreConflict.
Signed-off-by: Ole Ostergaard <ole.c.ostergaard@gmail.com>
2019-03-21 11:42:00 +01:00
Ole Ostergaard a48ea8cffa Add insertIgnoreConflict to Adapter and use it for for executing the file locking.
Signed-off-by: Ole Ostergaard <ole.c.ostergaard@gmail.com>
2019-03-21 11:42:00 +01:00
Roeland Jago Douma 03dc79f665
Merge pull request #14578 from nextcloud/enh/force_enable_apps
Force enable apps
2019-03-20 19:22:38 +01:00
Roeland Jago Douma b72d270a9b
Merge pull request #14753 from nextcloud/revert-13097-feature/11319/where-is-your-data
Revert "Where is your data?"
2019-03-20 19:20:50 +01:00
Morris Jobke ab7858d1a9 Update lib/private/Share20/Manager.php
tabulator change

Co-Authored-By: aignerat <46312655+aignerat@users.noreply.github.com>
2019-03-20 15:33:35 +00:00
Morris Jobke bb367f8cdd Update lib/private/Share20/Manager.php
fixed tabulator

Co-Authored-By: aignerat <46312655+aignerat@users.noreply.github.com>
2019-03-20 15:33:35 +00:00
Christian Aigner 03ee137804 groupname like username - allow share with both
Signed-off-by: Christian Aigner <christian.aigner@huemer-it.com>
2019-03-20 15:33:34 +00:00
Roeland Jago Douma 575b3f9ff8
Revert "Where is your data?" 2019-03-20 15:17:31 +01:00
Joas Schilling 2d00e2bbe7
Do not ignore the max-version for the "update-available" check
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-20 15:16:13 +01:00
Joas Schilling 95c9e0edd2
Remove apps from the list which have no release at all
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-20 15:16:13 +01:00
Roeland Jago Douma 769cb629ae
allow enforcing apps to ignore the max version
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 15:16:11 +01:00
Roeland Jago Douma 6458dd841c
Merge pull request #14691 from nextcloud/rename-mountpoint-within-mountpoint
always allow moving mountpoints inside the same mountpoint
2019-03-20 10:58:10 +01:00
Roeland Jago Douma 2fcb6ddc22
Merge pull request #14664 from nextcloud/bugfix/noid/absolute-paths-of-images-for-linked-collaboration-resources
Replace the icon-class with an absolute link to an image
2019-03-19 19:23:29 +01:00
Robin Appelman cc29f5d719
always allow moving mountpoints inside the same mountpoint
even if that mountpoint isn't normally a valid target for moving mounts into

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-03-19 15:56:18 +01:00
Roeland Jago Douma 230dc505a1
Fix getting the access list on external storage
If a file is on external storage there is no owner. WHich means we can't
check. So just return an empty array then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-19 15:38:52 +01:00
Joas Schilling 3022ef687a
Use rich objects instead of name, link and icon
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-19 13:06:55 +01:00
Joas Schilling 403b673b93
Replace the icon-class with an absolute link to an image
Otherwise the icon can not be displayed in mobile apps

Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-19 13:06:55 +01:00