727688ebd9
Adjust existing bruteforce protection code
...
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
66835476b5
Add support for ratelimiting via annotations
...
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
81b1dc4930
share api expanded by tags ( #26583 )
...
* share api expanded by tags
* Modified files_sharing JS Unit tests
* modified tests. renamed request parameter. refactoring
* Update Share20OCS.php
Added missing function description
* Update Helper.php
Added missing function description
* Update Helper.php
implicit boolean conversion to !empty()
* Update Share20OCSTest.php
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 11:54:13 -05:00
5b4adf66e5
Move OC_Defaults to OCP\Defaults
...
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
3323d01db1
update unit tests
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
b84fd7c361
set expire date for all share types
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
c191173d59
allow password protected mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
0d5147bd49
add new password column to the share table in order to set passwords for share by mails
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
5c7ad6d3ec
Merge some CSS files using our SCSS compiler
...
This saves around 4 requests on the average page load.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-21 16:35:31 +01:00
35f6b8716e
Merge pull request #3884 from nextcloud/downstream-26956
...
Skip null groups in group manager
2017-03-20 12:27:38 +01:00
69694012ab
shares-circles
...
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
377fdf3860
Skip null groups in group manager ( #26871 ) ( #26956 )
...
* Skip null groups in group manager (#26871 )
* Skip null groups in group manager
* Also skip null groups in group manager's search function
* Add more group null checks in sharing code
* Add unit tests for null group safety in group manager
* Add unit tests for sharing code null group checks
* Added tests for null groups handling in sharing code
* Ignore moveShare optional repair in mount provider
In some cases, data is inconsistent in the oc_share table due to legacy
data. The mount provider might attempt to make it consistent but if the
target group does not exist any more it cannot work. In such case we
simply ignore the exception as it is not critical. Keeping the
exception would break user accounts as they would be unable to use
their filesystem.
* Adjust null group handing + tests
* Fix new group manager tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:07:03 -06:00
fe46c6f743
use (int) instead of intval for performance reasons
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-02-22 15:14:36 +01:00
02ea84f50f
properly include class
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:24:40 -06:00
8e3d0fecd2
Use intval() for validation of config options
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:22:06 -06:00
869ea38ffe
allow to configure a min-length of search strings for auto-compeltion and a max number for of results returned
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-02-21 18:31:20 +01:00
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
ed55b87b65
add brute force protection for public link authentication
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-25 18:17:08 +01:00
92d7dd4781
allow editing single files shared as public link
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-24 13:41:27 +01:00
14256d631c
Use group display name in sharing API + UI
2016-12-22 18:35:32 +01:00
43374292b1
update phpdoc
...
Signed-off-by: Maxence Lange <maxence@pontapreta.net>
2016-12-12 16:15:13 -01:00
9ef8d25e46
Download a file in a subfolder in a sharedlink is not working
...
the $node created using the path (GET) parameter is not used when executing fileListDownloaded()
2016-12-11 18:32:28 -01:00
9def8225c0
Fix image_src link
...
The link in the image_src link (used for previews on Social Media such as Facebook) was still using the old route. This changes it to use the new route.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-28 16:20:57 +01:00
08ef7356f6
Merge pull request #2165 from nextcloud/sharing-activities-update
...
Move file sharing activities to the new API
2016-11-22 10:19:15 +01:00
7b3855a375
Add config switch
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:02 +01:00
15c075eba8
Fix lookup url
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:30:01 +01:00
f7f70028d1
Search on lookup server
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:30:00 +01:00
bdaf334c53
Move file sharing activities to the new API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 16:45:08 +01:00
965981486f
Fixes not allowed increasing of link share permissions
...
Fixes the following:
1. user0 shares folder with user1 (RO but with sharing permissions)
2. user1 shares by link
3. user1 send 'publicUpload=true' OCS request to the link share
before this increased the permissions of the link share. Which should
not happen.
now: API reponds with an error that the permissions can't be increased.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-13 20:29:34 +01:00
cbc6118f51
Only check the sharing backends for file/folder items
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-10 16:46:01 +01:00
087dab85b4
add activity for share by mail
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
55af6b45f7
More tests
...
* PreviewController test
* PublicPreview test
* Versions Preview test
* Trash Preview test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
3822bceea2
Move publicpreview over
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
7e701504be
Remove upload_limit in files app as it is not needed with PUT upload ( #26069 )
...
The web UI now uses for PUT uploads which aren't restricted by PHP's
upload_max_filesize and post_max_size
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 20:43:35 +01:00
ffebc050d0
Merge pull request #1887 from nextcloud/downstream-26370
...
Added functions to check etag of elements - integration tests
2016-11-02 14:57:45 +01:00
e5bc45c349
Fix OCS API to be able to remove group shares from self as recipient
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-02 08:49:58 +01:00
6e52091c8e
remove unused variable
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 20:11:30 +01:00
6d7520b1e2
unit tests updated and new added
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
561dd80d57
don't show 'notify by mail' option or permissions not available for mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:41 +01:00
7436e45c91
if we have a exact match, either for the federated cloud id or for the
...
email address we only return the exact match. It is highly unlikely
that the exact same email address and federated cloud id exists
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
392c8a115f
unified way to display remote shares and mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
8c8a019b7e
show correct display name if we have the user in one of our address books
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
60a3893ca8
improve search for federated cloud ids and email adresses
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
77f74b9780
handle case if no share-by-mail share provider is loaded
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:40 +01:00
96c40d14a1
update permissions
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
a17c6a485d
add share by mail share provider
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
0a6f02801f
introduce share by mail, ui part
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:51:11 +01:00
01a85a98f2
Merge pull request #1876 from nextcloud/shareesAPI_email
...
Add ShareesAPI E-mail search
2016-10-25 13:53:59 +02:00
a28528a254
Add ShareesAPI E-mail search
...
* Allow to search for SHARE_TYPE_EMAIL (4)
* Added tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 14:59:32 +02:00
f589f1a1d6
Move files_sharing Controllers => Controller
...
lib/Controller is the default location for controllers. So lets put them
all in there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 11:46:25 +02:00
Lukas Reschke
Michael Jobst
Morris Jobke
Bjoern Schiessle
Joas Schilling
Maxence Lange
Vincent Petry
Robin Appelman
Maxence Lange
Roeland Jago Douma
Roeland Jago Douma