Commit Graph

16495 Commits

Author SHA1 Message Date
Joas Schilling b8fcf6e9b3
Allow empty strings in getAbsoluteURL
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-20 13:36:16 +01:00
Morris Jobke 53418f2795
Merge pull request #12543 from nextcloud/fix/12498/bearer_tokens_are_apptokens
Bearer tokens are app token
2018-11-20 11:49:33 +01:00
Morris Jobke cc6c30e769
Merge pull request #12494 from nextcloud/cache-notfound-id
return the correct value when trying to get a non existing item from cache by id
2018-11-20 09:51:18 +01:00
Morris Jobke 8e65f08617
Merge pull request #12500 from nextcloud/swift-object-not-found
forward object not found error in swift as dav 404
2018-11-20 09:49:57 +01:00
Roeland Jago Douma c2beb36bfc
Bearer tokens are app token
Fixes #12498

This means that we set that it is a proper app token once it is
validated. This will allow the 2FA middleware to just run the same
check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-20 09:23:57 +01:00
Morris Jobke cef8eadf2a
Add PHPDoc for thrown exception
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-19 15:34:07 +01:00
Robin Appelman 35251928d5
forward object not found error in switch as dav 404
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-19 11:34:38 +01:00
Julius Härtl b9f2ce2796
Fix loading of .woff2 files in .htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-18 11:02:20 +01:00
Robin Appelman 5d5cfefd35
return the correct value when trying to get a non existing item from cache by id
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-16 17:26:42 +01:00
Nextcloud bot def8af3e7e
[tx-robot] updated from transifex 2018-11-16 01:12:14 +00:00
Christoph Wurst 1b85ef4bf2
Fix string doc type casing
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-11-15 11:57:05 +01:00
Morris Jobke d70b010432
Merge pull request #12447 from nextcloud/bugfix/12446/fix-oracle-install-again
Shorten index name of calendar changes table
2018-11-15 10:47:51 +01:00
Nextcloud bot 10c9b37461
[tx-robot] updated from transifex 2018-11-15 01:12:14 +00:00
Roeland Jago Douma 1783fa7176
Merge pull request #12455 from nextcloud/twofactor-backup-settings
Don't register twofactor_backup settings as "regular" settings
2018-11-14 19:35:13 +01:00
Robin Appelman 2482e8ee34
Log invalid settings class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-14 18:04:52 +01:00
Roeland Jago Douma be5c050acc
Throw exception if decryption fails
For #11868

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-14 12:47:35 +01:00
Joas Schilling aa88254f64
Shorten index name of calendar changes table
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-14 10:14:23 +01:00
Robin Appelman e1a49a223b
Fix SetVcardDatabaseUID when using postgresql
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-13 14:26:33 +01:00
Nextcloud bot 5e84824839
[tx-robot] updated from transifex 2018-11-13 01:12:40 +00:00
Morris Jobke 0c9e411f76
Merge pull request #12418 from nextcloud/bugfix/noid/do-not-show-integrity-warning-always
Remove outdated integrity warning on each page
2018-11-12 22:44:55 +01:00
Morris Jobke 3996210307
Merge pull request #12419 from nextcloud/bugfix/noid/group-creation-replace-insertIfNotExist
Fix UniqueConstraintViolationException while insert into oc_groups
2018-11-12 21:14:38 +01:00
Morris Jobke f6fed4d54b
Merge pull request #12420 from nextcloud/bugfix/noid/icons-cacher-not-found
Ignore icons if the file could not be found
2018-11-12 21:13:19 +01:00
Morris Jobke fd8eeccb15
Merge pull request #11942 from nextcloud/techdebt/noid/use-count-function
Use the defined func()->count() instead of manual counting
2018-11-12 17:43:56 +01:00
Morris Jobke 84fd81e33f
Fix UniqueConstraintViolationException while insert into oc_groups
* fixes race condition in insert
* fixes potentiaol deadlock

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 17:36:35 +01:00
Julius Härtl 4acd053e4d
Do not fail if the icon file doesn't exists
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 17:31:54 +01:00
Morris Jobke 9e1ec0cf46
Merge pull request #12413 from nextcloud/bugfix/9305/oc_file_locks-unique-constraint
Fix UniqueConstraintViolationException while insert into oc_file_locks
2018-11-12 17:27:09 +01:00
Morris Jobke 761ba1801b
Remove outdated integrity warning on each page
* integrity warning is shown during update and in the admin setup checks
* there is also the plan to retire this old way of notification

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 16:54:38 +01:00
Morris Jobke f7e3cf2085
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 15:13:10 +01:00
Morris Jobke 93c62d78db
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 14:43:28 +01:00
Morris Jobke 859dd1e742
Merge pull request #12371 from nextcloud/bugfix/12369/catch-unique-constraint-violation-exception-in-insertIfNotExist
Catch UniqueConstraintViolationException inside insertIfNotExist
2018-11-12 13:41:00 +01:00
Julius Härtl 26b160cc43
Make sure to always load the latest icons-vars.css file
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 11:00:56 +01:00
Nextcloud bot 48395baa7e
[tx-robot] updated from transifex 2018-11-12 01:12:49 +00:00
Nextcloud bot 6dc2b03ebe
[tx-robot] updated from transifex 2018-11-11 01:13:10 +00:00
Morris Jobke 5273639d0e
Add deprecation message ofr insertIfNotExist
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 12:13:30 +01:00
Morris Jobke 230e93f575
Catch UniqueConstraintViolationException inside insertIfNotExist
This is the most common case for the usage of this method.

See also https://github.com/nextcloud/server/issues/12369 and the linked tickets.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 10:38:20 +01:00
Joas Schilling bb352fb667
Use the defined func()->count() instead of manual counting
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 15:44:45 +01:00
blizzz 42121fe4d7
Merge pull request #12335 from nextcloud/fix/12319/respect-fixed-usernames
do not offer to change display name or password, if not possible.
2018-11-08 15:13:24 +01:00
Morris Jobke 78fd8ab0fd
Merge pull request #12348 from nextcloud/fix/basic_csp_no_longer_deprecated
Basic CSP no longer deprecated
2018-11-08 11:14:41 +01:00
Roeland Jago Douma 58345e02d2
Basic CSP no longer deprecated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-08 10:37:48 +01:00
Roeland Jago Douma 25fe324f41
Merge pull request #12313 from nextcloud/generated-avatar-major-cleanup
Clear avatar cache with frontend repair
2018-11-08 10:28:09 +01:00
John Molakvoæ (skjnldsv) a9eef37456
Clear avatar cache with frontend repair
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-08 08:31:21 +01:00
Arthur Schiwon 505722cc0d
do not offer to change display name or password, if not possible.
Fixes #12319

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-11-07 22:37:41 +01:00
Joas Schilling 10ba0bed8a
Match mentions when the username is wrapped in quotes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-07 12:33:44 +01:00
Morris Jobke add35c7f31
Merge pull request #12284 from nextcloud/fix/1020/search_shared_external
Properly search the root of a shared external storage
2018-11-06 18:16:12 +01:00
Nextcloud bot 54a30a4b81
[tx-robot] updated from transifex 2018-11-06 01:12:39 +00:00
Morris Jobke 411d2dece5
Merge pull request #11786 from nextcloud/feature/password_confirmation_backend
Expose password confirmation capabilities in the user backend
2018-11-06 00:44:18 +01:00
Roeland Jago Douma 0277cd7158
Properly search the root of a shared external storage
Fixes #1020

When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.

Because if the jail is on the empty string. It matches all paths.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-05 16:27:43 +01:00
Morris Jobke cba3883410
Merge pull request #12185 from nextcloud/cleanup/dicontainer
Cleanup the DIContainer
2018-11-05 12:16:36 +01:00
Nextcloud bot c28ea52155
[tx-robot] updated from transifex 2018-11-05 01:12:32 +00:00
Roeland Jago Douma 72b7c9ffa0
Merge pull request #12105 from nextcloud/using-resharing-right-to-display-shares
Shares are displayed to users with resharing rights
2018-11-04 21:08:11 +01:00
Nextcloud bot 9d7f02ec47
[tx-robot] updated from transifex 2018-11-04 01:14:02 +00:00
Roeland Jago Douma 9d89f8bbac
Merge pull request #12071 from nextcloud/addressbook-uid-check-migration
Addressbook uid check migration
2018-11-02 19:37:48 +01:00
Roeland Jago Douma 2452a3ec73
Properly query the methodreflector
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 0e5147f001
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma bfb5ef4b29
The identityproof manager should be in Server
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 8f833a309a
No need to register it also in the DI Container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma fbd0d0bdcf
The Encryption manager belongs in Server.php
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 9c28d2d7c4
SearchResult should be difined in Server as it is a core component
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 964ebed86c
The UserSession is constructed in the server
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma b2501dbf9a
TimeFactory is already regsitsered in the Server Container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 61adb513fe
Request is already regsitered in the Server container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:36 +01:00
Roeland Jago Douma 421a40e7db
Was already registered in Server
The DIContainaer will query server anyways if it can't find it

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:35 +01:00
Roeland Jago Douma 4ba709bb71
Merge pull request #11404 from flokli/sendmail-path
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
2018-11-02 16:17:02 +01:00
Roeland Jago Douma 30a1237f81
Merge pull request #11875 from nextcloud/add-support-for-sending-the-password-for-a-link-share-by-nextcloud-talk
Add support for sending the password for a link share by Nextcloud Talk
2018-11-02 14:54:46 +01:00
Morris Jobke 337cd25187
Merge pull request #12200 from nextcloud/tech-debt/noid/cleanup-legacy-sharing
Cleanup some unused sharing methods from the old sharing code
2018-11-02 14:03:51 +01:00
Roeland Jago Douma 054056a8df
Fallback to default path is sendmail can't be found
If the sendmail binary can't be found at all we fallback to the default
path.
It most likely is not there but then at least a proper error message
pops up.

Updated the tests to also properly pass.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 14:03:11 +01:00
Florian Klink 7078a0e53e
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
`sendmail` can very well be in a path different from
`/usr/sbin/sendmail`.

We already search `$PATH` at `lib/private/Settings/Admin/Mail.php` to
detect whether we want to offer sendmail as a mail transfer method, so
let's be consistent and actually initialize `\Swift_SendmailTransport`
with this path to sendmail, instead of just hardcoding
`/usr/sbin/sendmail`.

Signed-off-by: Florian Klink <flokli@flokli.de>
2018-11-02 13:57:43 +01:00
Roeland Jago Douma 90c4b7db15
Bump autoloaders
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:45:01 +01:00
Roeland Jago Douma 60bcae55a9
Expose the info to the JS
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Roeland Jago Douma 603b672a11
Update password confirmation middleware
If the userbackend doesn't allow validating the password for a given uid
then there is no need to perform this check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Roeland Jago Douma 1fd640b40b
Expose the backend of IUser
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Roeland Jago Douma df4fa2695e
New user backend interface to check if a user can confirm passwords
On some backends (saml for example) users can't revalidate their
passwords as Nextcloud has no way to do verify it.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Maxence Lange 77b95ccd12
revert tests
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:10:49 +01:00
Maxence Lange 68c44bb642
shares are displayed to users with resharing rights
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:26 +01:00
Morris Jobke 248d95339d
Cleanup some unused sharing methods from the old sharing code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-02 10:49:42 +01:00
Maxence Lange cd729b696b
Merge pull request #12193 from nextcloud/interface-fulltxtsearch-issue-00002
+infoBool / +infoInt
2018-11-02 08:38:02 +01:00
Roeland Jago Douma 2cae91904c
Merge pull request #12194 from nextcloud/fix-path-as-dashboard-is-already-imported
fix path to DashboardManager, as the class is already imported (minor)
2018-11-02 08:22:05 +01:00
Daniel Calviño Sánchez fe8a67f517 Store "sendPasswordByTalk" property of link shares in the database
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-11-02 01:57:48 +01:00
Morris Jobke 8bfbefa117
Merge pull request #11053 from nextcloud/occ-app-update-command
occ app update command
2018-11-02 00:41:59 +01:00
Morris Jobke f28691c26e
Merge pull request #11844 from nextcloud/multiple-link-shares
allow to create multiple link shares via share api
2018-11-01 22:36:09 +01:00
Morris Jobke 35e3d40e80
Merge pull request #12188 from nextcloud/revert/9900/revert-wait-for-cron
Revert "Wait for cron to finish before running upgrade command"
2018-11-01 21:52:20 +01:00
Maxence Lange 70b8c5672b init some var
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-01 21:37:59 +01:00
Maxence Lange 1e2d19ae0d fix path
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-01 19:14:58 +01:00
Maxence Lange 45285eca6a +infoBool / +infoInt
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-01 17:38:43 +01:00
Michael Gerber 020a9add07
Add occ app:update command
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-01 17:13:12 +01:00
Morris Jobke 35a7ea869e
Merge pull request #12152 from brad2014/bugfix/12151/fix-emailtemplate-list-formatting
Fix issue #12151: fix list formatting by correcting malformed html
2018-11-01 16:30:22 +01:00
Morris Jobke f5a1f4bc1b
Revert "Wait for cron to finish before running upgrade command"
This reverts commit 18e9631810.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-01 15:23:40 +01:00
John Molakvoæ (skjnldsv) d89edb28c4
move migration
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:02:50 +01:00
John Molakvoæ (skjnldsv) 06b3ade9ee
Tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:49 +01:00
John Molakvoæ (skjnldsv) 56ad1fccc0
Repair registration and autoload bump
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:47 +01:00
John Molakvoæ (skjnldsv) 938c63e3a2
Repair Step
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 14:59:22 +01:00
Bjoern Schiessle 5e90711600 allow to update lables for public link shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:18:55 +01:00
Bjoern Schiessle f377a61f90 allow to add labels to shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:15:07 +01:00
Robin Appelman 9b3cc72f7c
fix writeStream for jail wrapper
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:57 +01:00
Robin Appelman c6a48110bf
allways fall back to fopen for encryption wrapper
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:51 +01:00
Roeland Jago Douma 3477517cb7
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 21:10:48 +01:00
Robin Appelman 93de63777e
extend storage api to allow directly writing a stream to storage
this removes the need for temporary storages with some external storage backends.
The new method is added to a separate interface to maintain compatibility with
storage backends implementing the storage interface directly (without inheriting common)

Currently the interface is implemented for objectstorage based storages and local storage
and used by webdav uploads

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:44 +01:00
Roeland Jago Douma 3ee7597be0
Merge pull request #12166 from nextcloud/feature/limit_preview_sizes
Only generate previews in powers of 4 and set min
2018-10-31 20:25:53 +01:00
Maxence Lange 0c8c6ad5c7
missing type
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-31 19:43:18 +01:00
Maxence Lange feeb62a496
wrong method called
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-31 19:43:18 +01:00
Roeland Jago Douma ce10f8b8c4
Only generate previews in powers of 4 and set min
Before we'd round up all preview request to their nearest power of two.
This resulted still in a lot of possible images. Generating a lot of
server load and taking up a lot of space.

This moves it to previews to be powers of 4: 64, 256, 1024 and 4096
Also the first two powers are always skipped (4, 16) as it doesn't make
sense to generate previews for that.

We cache preview pretty agressively and I feel this is a better
tradeoff.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 19:34:42 +01:00
brad2014 3442ffeb54 Fix bug #12151: fix list formatting by correcting malformed html
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2018-10-30 15:28:55 -07:00
Roeland Jago Douma a3e9e0f8c6
Merge pull request #12047 from nextcloud/interfaces-files-fulltextsearch
Public interfaces Files_FullTextSearch
2018-10-30 21:16:13 +01:00
Roeland Jago Douma a51c8377d4
Merge pull request #12140 from nextcloud/fix/expired_token_throttler
Expired tokens should not trigger bruteforce protection
2018-10-30 20:17:03 +01:00
Maxence Lange 98c1d9e7ab +files_fulltextsearch in autoloader
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 20:07:29 +01:00
Maxence Lange 6265278728 Merge remote-tracking branch 'origin/interfaces-files-fulltextsearch' into interfaces-files-fulltextsearch
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 19:59:35 +01:00
Roeland Jago Douma ddd39f9dc3
Merge pull request #12056 from nextcloud/interfaces-fulltextsearch-2
Public interfaces FullTextSearch
2018-10-30 19:53:01 +01:00
Roeland Jago Douma 2223d19997
Error out early on an expired token
Fixes #12131

If we hit an expired token there is no need to continue checking. Since
we know it is a token.

We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma 674930da7f
Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma 41ff001b77
Merge pull request #11899 from nextcloud/enhancement/noid/sharing-consolidation
Sharing user consolidation
2018-10-30 19:27:05 +01:00
Maxence Lange 750196aa7f public interfaces FullTextSearch
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-@return mixed

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interfaces-fulltextsearch-2' into interfaces-fulltextsearch-2

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 18:24:15 +01:00
Roeland Jago Douma abbb946bbb Propegate hide download state in share provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma bc960bae02 Extend IShare to show hide download state
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma 81f37401f9 Add db column to store hide download state
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma c1698948b8
Merge pull request #12130 from nextcloud/fix/reset_bruteforce_oauth
Reset bruteforce on token refresh OAuth
2018-10-30 14:26:50 +01:00
Julius Härtl 5a73a9b9de
Fix injection to get the user id
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 11:41:56 +01:00
Roeland Jago Douma 75456b057d
Reset bruteforce on token refresh OAuth
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 11:21:27 +01:00
Morris Jobke dccfe4bf84
Merge pull request #12036 from olivermg/master
Add capability of specifying "trusted_proxies" entries in CIDR notation (IPv4)
2018-10-30 10:49:08 +01:00
Julius Härtl a0d759b324
Add uuid/name entry to Remote/MailPlugin tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
Julius Härtl cb463d73d5
Add name field to mail and remote results
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
Julius Härtl 7a65779316
Add local share if remote cloud id matches a local user ones
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
Julius Härtl 61af607525
Make enhancing entries with type property optional
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
Julius Härtl 870e01518d
Add type to Remote and Mail plugins
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:34 +01:00
Julius Härtl a1c6e44700
Add collaborators uuid to properly render the avatar and for later grouping
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Julius Härtl d7caf841df
Filter out generic remote result for local users
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Julius Härtl ce79e587e4
Filter out local users from address book remote searches
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Morris Jobke c9e6a99637
Merge pull request #12085 from nextcloud/add-gss-to-excluded-backends
add global site selector as user back-end which doesn't support password confirmation
2018-10-30 10:16:07 +01:00
Oliver Wegner 401ca28f07 Adding handling of CIDR notation to trusted_proxies for IPv4
Signed-off-by: Oliver Wegner <void1976@gmail.com>
2018-10-30 09:15:42 +01:00
Morris Jobke 13fe7b6fc1
Merge pull request #11627 from nextcloud/feature/noid/cli-remove-app
Add occ app:remove CLI command
2018-10-30 00:35:45 +01:00
Morris Jobke 0999f07964
Merge pull request #12052 from nextcloud/bugfix/11594/fix-setup-check-trusted-proxies
Fix setup check trusted proxies
2018-10-29 23:38:37 +01:00
Morris Jobke 963d968f06
Merge pull request #12113 from nextcloud/fileinfo-getextension
Add getExtension() to FileInfo
2018-10-29 17:23:27 +01:00
Robin Appelman e5c3e4b76f
Add getExtension() to FileInfo
this is a fairly common operation so it makes sense to prevent having
to repeatedly implement it.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-29 15:24:02 +01:00
Julius Härtl 34a71f57fc
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 13:06:55 +01:00
Julius Härtl aec0a6c096
Fix icon cacher url matching
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 12:09:30 +01:00
Nextcloud bot 18fef12721
[tx-robot] updated from transifex 2018-10-29 01:13:07 +00:00
Bjoern Schiessle 85d9f06cb8
add global site selector as user back-end which doesn't support password confirmation
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-27 15:43:51 +02:00
Nextcloud bot 0092e3adec
[tx-robot] updated from transifex 2018-10-27 00:12:35 +00:00
Nextcloud bot aff53d6e34
[tx-robot] updated from transifex 2018-10-26 00:12:48 +00:00
Daniel Kesselberg 986f4df2a5
Add REMOTE_ADDR to getHeader
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-25 22:26:49 +02:00
Maxence Lange ed11811dbe implementing files_fulltextsearch within core
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-25 18:17:52 +02:00
Julius Härtl d21ded67a7
Keep list of icons in a separate file for use in the accessibility app
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 12:16:10 +02:00
Julius Härtl 0b2ef7e608
Remove default which didn't work
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Julius Härtl 152fb08288
Properly track data urls as well
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Julius Härtl 845f1b67d5
Directly embed icons into the icon-vars css file
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Roeland Jago Douma 0fb070b5b4
Allow chunked uploads even if your quota is not sufficient
Fixes #11485

This allows uploads to shared folders.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-24 20:29:00 +02:00
Bjoern Schiessle d76a87f3b0
skip already decrypted files on decrypt all command
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-24 16:53:39 +02:00
Julius Härtl f47f5ad0ea
Allow property filters to be null
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:54:01 +02:00
Julius Härtl 86f29ffdbc
Register IAccountManager as a service
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:53:43 +02:00
Julius Härtl 3b3824c486
Use empty string instead of null
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:53:18 +02:00
Morris Jobke 4ad27260a9
Merge pull request #11439 from nextcloud/trash-modular-api
Modular trashbin api
2018-10-23 17:11:16 +02:00
Nextcloud bot a9fb21f9fc
[tx-robot] updated from transifex 2018-10-23 14:54:28 +00:00
Morris Jobke 39338aaa67
Merge pull request #11914 from nextcloud/csp/report-uri
Add report-uri to CSP
2018-10-23 16:42:24 +02:00
Morris Jobke 92b5b54fa6
Merge pull request #11966 from nextcloud/csp/safari12-support
Add nonce for Safari 12+
2018-10-23 16:22:58 +02:00
Morris Jobke 171fe69db7
Merge pull request #11932 from nextcloud/font-nunito
Change typeface to Nunito
2018-10-23 15:14:10 +02:00
Roeland Jago Douma a11bef25a2
Merge pull request #11964 from nextcloud/bug/11919/do_not_always_fallback
Forwarded ExpiredTokenException
2018-10-23 15:07:19 +02:00
John Molakvoæ (skjnldsv) 782927a05f
fixup! Fix comment and cap-height
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 14:30:23 +02:00
John Molakvoæ (skjnldsv) 1fb885638e
Fix comment and cap-height
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 14:22:55 +02:00
Jan-Christoph Borchardt 354b72b9d3
Use correct typeface for avatar generator
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-10-23 13:13:35 +02:00
Jan-Christoph Borchardt 3259d427ee
Use correct typeface for txt previews
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-10-23 13:13:21 +02:00
Morris Jobke 2a17281cb6
Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-22 11:02:25 +02:00
Roeland Jago Douma 0fdc65a15c
Add nonce for Safari 12+
As far as I can tell this should work now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 20:48:12 +02:00
Roeland Jago Douma 34f5f4091e
Catch more occurences where ExpiredTokenException can be thrown
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 14:37:08 +02:00
Roeland Jago Douma b3a92a4e39
Expired PK tokens should not fall back to legacy tokens
Fixes #11919

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 14:34:29 +02:00
Roeland Jago Douma 579822b6a5
Add report-uri to CSP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 13:38:32 +02:00
Christoph Wurst a1ea504edf
Merge pull request #11711 from nextcloud/feature/backgroundjobs_ocp
Add proper backgroundjobs to OCP
2018-10-19 07:40:35 +02:00
blizzz 5daa4f27e1
Merge pull request #11882 from nextcloud/feature/noid/consider-net-connection
Do not try to contact lookup server without internet connection or URL
2018-10-18 18:24:41 +02:00
Arthur Schiwon 8e4ae23c48
Do not try to contact lookup server without internet connection or URL
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-18 17:49:28 +02:00
Christoph Wurst 4f75173f11
Remove unreliable 2FA state message on personal 2FA settings page
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-18 09:51:08 +02:00
Robin Appelman 6c5ea0ceca
pass `Cache::getMoveInfo` along cache wrappers
fixes cross storage move in some cases

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:57:33 +02:00
Robin Appelman 565d830c11
expose storagefactory in server container
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:57:30 +02:00
Robin Appelman ea42474b31
use name in fileinfo if set
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:56:51 +02:00
Morris Jobke b458ed9c82
Properly escape column name in "createFunction" call
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-16 15:24:02 +02:00
Morris Jobke ad66b0f9ab
Merge pull request #11830 from nextcloud/bugfix/9326/make_sure_usermanager_getByEmail_only_returns_IUser
filter null values for UserManager::getByEmail
2018-10-16 09:14:25 +02:00
Roeland Jago Douma 5aaa8a8b58
Merge pull request #11740 from nextcloud/feature/noid/account-api
Public API to get user acocunt data
2018-10-15 21:46:09 +02:00
Maxence Lange dfd4782dfc
include dashboard into core
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interface-dashboard' into interface-dashboard

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
moving data object to OCP

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
update autoload files

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
+@since

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-15 19:59:27 +02:00
Roeland Jago Douma 6f835aff31
Merge pull request #11838 from nextcloud/bugfix/noid/fix-default-types-of-members
Fix default types of activity event member variables
2018-10-15 14:09:44 +02:00
Julius Härtl 90cdd0a12a
Update autoloader
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-15 13:30:31 +02:00
Julius Härtl d05080f56a
Add \OCP\Account public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-15 13:30:31 +02:00
Georg Ehrke 2db26d87c4
filter null values for UserManager::getByEmail
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-15 13:27:58 +02:00
Björn Schießle 1ce8672276
Merge pull request #11714 from nextcloud/lookupserver-and-global-scale
always query the lookup server in a global scale setup
2018-10-15 12:14:04 +02:00
Joas Schilling 909745acfd
Fix default types of activity event member variables
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-15 11:45:17 +02:00
Christoph Wurst 83e994c11f
Make it possible to enforce mandatory 2FA for groups
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +02:00
Roeland Jago Douma 5b61ef9213
Disallow unsafe-eval by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
Joas Schilling 16817f3743
Make activity events strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-12 12:12:12 +02:00
Roeland Jago Douma 51e96dc3f6
Normalize getUnjailedPath
Fixes #11637

If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:43:48 +02:00
Roeland Jago Douma f675698551
Allow php7.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 11:20:48 +02:00
Roeland Jago Douma 2a690db553
Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings
Add admin interface to enforce 2FA
2018-10-10 20:40:30 +02:00
Bjoern Schiessle fd5fc24da2
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:07:01 +02:00
Morris Jobke 0acae1d4aa
Merge pull request #11719 from nextcloud/techdebt/noid/allow-to-mock-new-datetime
Allow to inject/mock `new \DateTime()` similar to time()
2018-10-10 14:54:15 +02:00
Christoph Wurst 67c3730fbb
Add admin interface to enforce 2FA
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-10 14:34:52 +02:00
Roeland Jago Douma d5bf2c4523
Move normalizePath to regexes instead of looping
This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.

The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 13:23:59 +02:00
Nextcloud bot 7c26bbbd82
[tx-robot] updated from transifex 2018-10-10 00:13:11 +00:00
Roeland Jago Douma a9f4817b65
Merge pull request #11622 from nextcloud/feature/11617
Add function to generate urls for OCS routes
2018-10-09 20:50:37 +02:00
Bjoern Schiessle 9e76d4049a
adjust tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:31:33 +02:00
Bjoern Schiessle 3fa13e791e
always query the lookup server in a global scale setup and have a nicer label
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 17:47:29 +02:00
Roeland Jago Douma c97b4274cc
Add function to generate urls for OCS routes
fixes #11617

The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:41:50 +02:00
Joas Schilling 840dd4b39c
Allow to inject/mock `new \DateTime()` similar to time()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 15:38:31 +02:00
Roeland Jago Douma 7370fb37bb
fixup! Add backgroundjobs to OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:10:38 +02:00
Joas Schilling ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 14:32:14 +02:00
Roeland Jago Douma 2dbbc37852
Bump autolaoders
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:51:08 +02:00
Roeland Jago Douma ba95495857
Add backgroundjobs to OCP
This adds abstract classes to base background jobs on.
Right now almost all uses of this use the private namespace.

For most usages it will be enough to just extend the the abstract
classes QueuedJob or TimedJob.

It should be a straight forward drop in replacement.

The private jobs can then be killed off after a few releases. So we have
a nice public API.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:36:43 +02:00
Morris Jobke ea411ccec4
Merge pull request #11677 from nextcloud/feature/appdata_previews
Allow the creationg of previews of files stored in appdata
2018-10-09 11:47:14 +02:00
Morris Jobke 8e1c26b509
Merge pull request #11686 from nextcloud/deprecation/noid/ocp_util_recursiveArraySearch
Deprecate unused OCP\Util::recursiveArraySearch
2018-10-09 09:43:11 +02:00
Roeland Jago Douma ade61d8b43
Allow the creationg of previews of files stored in appdata
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-08 19:37:45 +02:00
Morris Jobke c4b1e1277b
Deprecate unused OCP\Util::recursiveArraySearch
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:33:09 +02:00
Morris Jobke db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:29:52 +02:00
Morris Jobke fe2a600823
Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation
adjust Calendar resource / room interfaces to use class implementation
2018-10-08 17:00:50 +02:00
Morris Jobke bae3ba3b25
Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section
Rename admin security section
2018-10-08 13:57:38 +02:00
Christoph Wurst f29189f200
Rename admin security settings template
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:45:28 +02:00
Morris Jobke 7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors
Switches the default logo color depending on the primary color
2018-10-08 10:33:22 +02:00
Christoph Wurst 5d2fdfe0b5
Rename admin security section
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:31:51 +02:00
Georg Ehrke 970242b6ca
RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:50:17 +02:00
Georg Ehrke 1c6f666bbf
adjust Calendar resource / room interfaces to use class implementation
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:25:20 +02:00
Roeland Jago Douma 60a34179c9
Remove deprecated publishActivity function
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-05 12:55:45 +02:00
Patrik Kernstock c73363c3ab Fixed indents
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:20:45 +02:00
Patrik Kernstock d9469a6b72 Add occ app:remove CLI command
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:08:03 +02:00
Morris Jobke e0ed64366c
Merge pull request #11613 from nextcloud/add-missing-throw-statement
add missing throw statement to doc block
2018-10-04 16:28:08 +02:00
Bjoern Schiessle 1d4a80f37d
add missing throw statement to doc block
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:23:07 +02:00
Roeland Jago Douma 0630360835
Merge pull request #11604 from nextcloud/remove-unused-code
Remove unused code in legacy classes
2018-10-04 08:07:32 +02:00
Morris Jobke ac330077d8
Merge pull request #11576 from nextcloud/feature/endpoint_for_clients_to_fetch_apppassword
Allow clients to request an apppassword if they still use the real password
2018-10-03 22:26:26 +02:00
Morris Jobke cdb3ffb293
Remove unused code in legacy classes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-03 22:07:51 +02:00
Roeland Jago Douma 78273cb1e6
Add an endppoint for clients to request an app password
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 19:05:20 +02:00
Nextcloud bot 67d04f2d57
[tx-robot] updated from transifex 2018-10-03 16:58:45 +00:00
Morris Jobke 213d43f043
Merge pull request #11568 from nextcloud/fix/11097/just_update_password_hash
Just update password hash without validating
2018-10-03 12:08:49 +02:00
Roeland Jago Douma f9e201adfe
Merge pull request #11409 from nextcloud/feature/consolidated-2fa-settings
Consolidate personal two-factor provider settings
2018-10-03 09:56:21 +02:00
Roeland Jago Douma 0c9a3de68f
Just update password hash without validating
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 00:37:20 +02:00
Christoph Wurst daa897100e Update autoloader class map
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 23:41:33 +02:00
Morris Jobke 8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work
Allow overwrite.cli.url without trailing slash
2018-10-02 23:39:30 +02:00
Morris Jobke e45248c17a
Merge pull request #10967 from nextcloud/zipresponse
Add zip response
2018-10-02 23:34:30 +02:00
Christoph Wurst 79a0ee4f4a
Consolidate personal two-factor provider settings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 22:56:33 +02:00
Morris Jobke bcbffdb644
Add PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-02 22:35:31 +02:00
Daniel Kesselberg a4eb3ee508
Validate email in occ command
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Daniel Kesselberg 13877c2d20
Use setUserValue instead setEMailAddress because latter omits an changeUser events.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Daniel Kesselberg 6c805ec9ba
Add --admin-email to cli installer
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Morris Jobke 6b730b4c47
Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3
Apptoken v3: imrpove token handling on external password change
2018-10-02 21:45:10 +02:00
Morris Jobke 19d552e00b
Merge pull request #11336 from nextcloud/bugfix/3342/database-name-prefix-sqlite
Allow --database-name and --database-table-prefix for sqlite from occ
2018-10-02 21:44:03 +02:00
Roeland Jago Douma 19f84f7b54
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma d9febae5b2
Update all the publickey tokens if needed on web login
* On weblogin check if we have invalid public key tokens
* If so update them all with the new token

This ensures that your marked as invalid tokens work again if you once
login on the web.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma 00e99af586
Mark token as invalid if the password doesn't match
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
Roeland Jago Douma efef053960
Add column to DB to store expired passwords
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
Roland Tapken d17856a1e9
Make logfile's mode configurable.
The file logger currently resets the mode of the logfile to 0640.

When the webserver is running as a different user than the cron job
(but both are in the same group) the files mode has to be 0660. The
current implementation breaks logging for the user that is not the
owner of the logfile.

This patch introduces a new config option 'logfilemode' that expects
an octal value (defaults to 0640). Unless the value is lower or equal
than 0 the logfiles mode will be resetted to this value.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-10-02 18:27:06 +02:00
Christoph Wurst d01905200a
Merge pull request #11433 from nextcloud/feature/all_lax_cookies2
Make authenticated cookies lax
2018-10-02 10:28:05 +02:00
Michael Weimann d855c38e07
Moves the logo files to logo
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
Roeland Jago Douma 7d9052d4b9
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:17:27 +02:00
Roeland Jago Douma a891f42a5d
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:16:28 +02:00
Roeland Jago Douma dc6ff14ca0
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:14:18 +02:00
Jakob Sack a9fa220e68
Add fix response
implements #7589
2018-10-02 08:13:39 +02:00
Christoph Wurst 3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:28 +02:00
Christoph Wurst 40fdff5b80
Add QBMapper::insertOrUpdate()
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:27 +02:00
Nextcloud bot 77c6e41063
[tx-robot] updated from transifex 2018-10-02 00:12:55 +00:00
Christoph Wurst 45cf2eef56 Let 2FA providers provide their custom icons (dark/light)
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-01 21:02:49 +02:00
Roeland Jago Douma a95154642d
Emit event on enablign or disabling of 2FA provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +02:00
Morris Jobke 1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths
Dont use find to lookup binaries
2018-10-01 11:47:07 +02:00
Christoph Wurst 259c0ce11d
Add mandatory 2FA service/class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
Daniel Kesselberg d4dec43f8f
Dont use find to lookup binaries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
Daniel Kesselberg c275beeceb
Allow url without / for overwrite.cli.url
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-28 22:32:19 +02:00
Roeland Jago Douma 9a7265babf
Make authenticated cookies lax
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.

It adds a small helper function.

In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-28 16:44:37 +02:00
Nextcloud bot db50e11edf
[tx-robot] updated from transifex 2018-09-28 11:14:08 +00:00
Roeland Jago Douma c9e93b8084
Compile contactmenu handlebars templates
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18

Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
Christoph Wurst f71ffc73db
Remove unused constructor argument
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Christoph Wurst 0259792614
Reduce settings manager complexity by loading sections via DI
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Nextcloud bot 2ace0df82a
[tx-robot] updated from transifex 2018-09-27 00:12:26 +00:00
blizzz ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
Nextcloud bot 2f45045c96
[tx-robot] updated from transifex 2018-09-26 00:12:23 +00:00
Morris Jobke ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
Roeland Jago Douma b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only
only catch QueryException when trying to build class
2018-09-25 16:21:55 +02:00
Christoph Wurst 7586b19e52
Only allow 2FA state changs if providers support the operation
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
Roeland Jago Douma 92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude
Copy the expiration from 480864b3e3 to …
2018-09-25 09:04:44 +02:00
Nextcloud bot bdb01064e2
[tx-robot] updated from transifex 2018-09-25 00:12:07 +00:00
blizzz 67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml
make the server ready to use global scale with SAML as auth back-end
2018-09-24 12:00:13 +02:00
Nextcloud bot 895bccd246
[tx-robot] updated from transifex 2018-09-24 00:12:14 +00:00
Daniel Kesselberg 9d7e51fd56
Use empty instead ?? because dbname is '' sometimes
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:25:48 +02:00
Daniel Kesselberg 0ee191bf44
Use const for dbname and dbtableprefix defaults
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:15:57 +02:00
Daniel Kesselberg a5f0cc6539
--database-name or --database-table-prefix are ignored for sqlite
The default implementation of initialize in AbstractDatabase writes
database information to config.php. The method is overwritten in
Sqlite but parent is never called. Database-Name and Database-Table-Prefix
are never written to config.php. But from this point setup use values
from config.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 15:52:28 +02:00
Nextcloud bot cce9f25d86
[tx-robot] updated from transifex 2018-09-23 00:12:30 +00:00
Nextcloud bot bd89af478e
[tx-robot] updated from transifex 2018-09-22 00:12:06 +00:00
Robin Appelman dccbdc8c01
only catch QueryException when trying to build class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-09-21 18:32:15 +02:00
Nextcloud bot 0211e17e3f
[tx-robot] updated from transifex 2018-09-21 00:12:08 +00:00
Joas Schilling f258e65f13
Also adjust the expiration of PublicKeyTokenProvider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:54:27 +02:00
blizzz 30dbbfbd45
Merge pull request #11292 from nextcloud/revert/9442/do-not-apcu-cache-the-autoloader
Revert "Use APCu caching of composer"
2018-09-19 19:39:00 +02:00
Joas Schilling 5e6187926f
Copy the expiration from 480864b3e3 to getTokenById
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-19 17:55:48 +02:00
Joas Schilling b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix
Use user locale as default in the template
2018-09-19 16:06:35 +02:00
John Molakvoæ (skjnldsv) 1e9ab0a367
Fix since tag
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:02:09 +02:00
Joas Schilling 40d185e928
Revert "Use APCu caching of composer"
This reverts commit 948ab8a4d0.

For details why see https://github.com/nextcloud/server/issues/11290
2018-09-19 15:47:01 +02:00
John Molakvoæ (skjnldsv) 3095ec4125 Fix icons cacher regex for compressed output
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 13:06:04 +02:00
Nextcloud bot 2a51572cc4
[tx-robot] updated from transifex 2018-09-17 00:12:30 +00:00
Daniel Kesselberg 90a9a1ecc6
Consider openssl settings from config.php
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 11:51:15 +02:00
Nextcloud bot 40bb45225a
[tx-robot] updated from transifex 2018-09-16 00:12:29 +00:00
Nextcloud bot 3771aeb584
[tx-robot] updated from transifex 2018-09-15 00:12:09 +00:00
Bjoern Schiessle bb86a8ca36
add back-end as parameter to the pre-login hook
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
Nextcloud bot 6112adfe06
[tx-robot] updated from transifex 2018-09-14 00:12:27 +00:00
Daniel Kesselberg 3b7ac0c94d
Change visibility to private
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
John Molakvoæ (skjnldsv) 92fbb6d795
Fallback to $lang if no $locale match
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-13 11:37:40 +02:00
Nextcloud bot 10351cb9da
[tx-robot] updated from transifex 2018-09-13 00:12:08 +00:00
blizzz f424fa706a
Merge pull request #11139 from nextcloud/feature/2fa-provider-activatable-deactivatable
[Mandatory 2FA] Add public interfaces for activable/deactivable 2FA providers
2018-09-11 16:36:49 +02:00
Nextcloud bot a94dc760e8
[tx-robot] updated from transifex 2018-09-11 00:12:22 +00:00
Daniel Kesselberg 603a578a1c
Change return false to throw new
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
Daniel Kesselberg 62c03beb1d
Extract logic for webroot into method and add test
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
Christoph Wurst 30c6130893
Add public interfaces for activable/deactivable 2FA providers
Fixes https://github.com/nextcloud/server/issues/11018.
Required for https://github.com/nextcloud/server/issues/11019.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-10 16:47:47 +02:00
John Molakvoæ (skjnldsv) 7d158c62ce
Typehint
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 11:17:03 +02:00