Roeland Jago Douma
ea47974a08
Add OCSMiddleware to catch OCS exceptions
...
* OCSException
* OCSBadRequestException
* OCSForbiddenException
* OCSNotFoundException
2016-07-20 20:03:49 +02:00
Lukas Reschke
a299fa38a9
[master] Port Same-Site Cookies to master
...
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
Morris Jobke
e9c85e02ac
Merge pull request #462 from nextcloud/master-explode
...
[master] Use explode() instead of split()
2016-07-20 18:31:11 +02:00
Björn Schießle
7cdf6402ff
Merge pull request #472 from nextcloud/show-app-name-in-errormsg
...
Show app name in error message if app could not be loaded. (#25441 )
2016-07-20 18:20:49 +02:00
Morris Jobke
1264e9644f
Merge pull request #402 from nextcloud/smb-notifications
...
smb update notifications
2016-07-20 16:19:21 +02:00
Klaas Freitag
99316ec02c
Show app name in error message if app could not be loaded. ( #25441 )
2016-07-20 15:16:16 +02:00
Aaron Wood
7c0de08cc4
Escape special characters ( #25429 )
...
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Use correct method in the AbstractMapping class
* Change the getNamesBySearch method so that input can be properly escaped while still supporting matches
* Don't escape hardcoded wildcard
2016-07-20 14:46:47 +02:00
Lukas Reschke
4f90447150
[master] Use explode() instead of split()
...
Sync from https://github.com/owncloud/core/pull/25488
2016-07-20 14:36:39 +02:00
Björn Schießle
8735a05d93
Merge pull request #441 from nextcloud/fix-maintenance-mode
...
Fix maintenance mode
2016-07-19 16:59:24 +02:00
Roeland Douma
13a25535d2
Merge pull request #400 from nextcloud/ocs_appframework
...
OCS routes use AppFramework
2016-07-19 12:21:14 +02:00
Morris Jobke
544c3c1565
Merge pull request #436 from nextcloud/public-regex-to-match-our-clients
...
Copy the regexes to the public interface
2016-07-19 11:35:10 +02:00
Joas Schilling
80168613be
Fix maintenance mode
...
When the server is in maintenance mode, apps are not loaded.
That means apps/theming/ is not in the allowed paths. So we
need to check without autoloading, whether the class exists.
2016-07-19 09:54:42 +02:00
Björn Schießle
ea470f8777
Merge pull request #405 from nextcloud/theming-fixes
...
Theming fixes
2016-07-18 15:59:47 +02:00
Joas Schilling
b1d652e8b0
Copy the regexes to the public interface
2016-07-18 15:11:44 +02:00
Joas Schilling
9781312648
Prevent syntax error when creating user or changing password
2016-07-18 11:44:10 +02:00
Roeland Jago Douma
0bda09236e
Add route tests
2016-07-18 11:09:49 +02:00
Roeland Jago Douma
94cd83ca00
Make the router handle OCS AppFramework Routes
2016-07-18 11:09:04 +02:00
Roeland Jago Douma
1ff4b7f63d
Allow registering of OCS routes with the appframework
2016-07-18 11:09:04 +02:00
Morris Jobke
5157c5a9c4
Merge pull request #418 from nextcloud/remove_asset_pipeline
...
Remove asset pipelin
2016-07-18 09:44:35 +02:00
Roeland Jago Douma
72464f1ce4
Remove asset pipelin
...
Fixes #215
The asset pipeline has shown to do more harm than good. Some apps fail
hard with it. Also it makes sure that you download a huge file on each
unvisited page.
2016-07-15 20:14:11 +02:00
Joas Schilling
2c988ecbf4
Use the themed Defaults everywhere
2016-07-15 09:17:30 +02:00
Robin Appelman
29eeeb2273
Save the files external mount id in the mount cache table
2016-07-13 16:34:08 +02:00
Robin Appelman
e5d7612a19
dont check for pgsql extension during setup
2016-07-12 14:38:24 +02:00
Robin Appelman
7ffda5d10f
use pdo for postgres setup
2016-07-12 14:38:24 +02:00
Robin Appelman
8a79d314cf
Remove duplicate database connect logic in mysql setup
2016-07-12 14:38:24 +02:00
Bjoern Schiessle
7c64e1973f
add test for needsRebundling() check
2016-07-11 15:51:48 +02:00
Lukas Reschke
0c1cf5f7eb
Merge pull request #347 from nextcloud/drop-windows-foo
...
Remove unneeded checks if it runs on a Windows machine
2016-07-11 13:16:03 +02:00
Joas Schilling
103417fd9c
Merge pull request #350 from nextcloud/fix-check-certificate-bundles
...
fix check if the certificate bundle needs to be updated
2016-07-11 11:04:49 +02:00
Bjoern Schiessle
49cad153af
always check the mtime of the system bundle and additionally the user specific certificate bundle if a user is given
2016-07-08 18:24:37 +02:00
Morris Jobke
c2d88a08b7
Remove unneeded checks if it runs on a Windows machine
...
* the setup check is still there
2016-07-08 15:55:17 +02:00
Morris Jobke
390a996297
Sanitize more config options and stack traces
2016-07-08 14:13:16 +02:00
Lukas Reschke
c8ba8f637e
Merge pull request #314 from jernst/master
...
Allow wildcard * to be used in trusted domains
2016-07-07 19:34:11 +02:00
Morris Jobke
2791b8f00d
Revert "occ web executor ( #24957 )"
...
This reverts commit 854352d9a0
.
2016-07-07 12:14:45 +02:00
Morris Jobke
ba16fd0d33
Merge branch 'master' into sync-master
2016-07-07 11:29:46 +02:00
Johannes Ernst
66a134e69e
Disallow certain malformed domain names even if they match the trusted domain expression
...
Stricter checking for valid domain names
2016-07-06 23:51:04 +00:00
Johannes Ernst
2b4ceae620
Trusted domain wildcard checking made shorter, supporting multiple *
...
Added test cases
2016-07-06 23:38:30 +00:00
Vincent Petry
dc21a38a85
Use named parameter instead of direct value for system tags search param ( #25380 )
2016-07-06 22:39:34 +02:00
Thomas Pulzer
0638937ada
Changed the input option for database-port to required when parameter was provided.
...
Added casting database port to int for input sanitation in pgsql and oci connections.
2016-07-06 11:31:28 +02:00
Thomas Pulzer
d367318088
Added occ install option for database-port.
...
Extended the database setup to store the database port.
Changed the PostgreSQL connection error message for clarification.
2016-07-06 09:58:38 +02:00
Johannes Ernst
3516b58be6
Duh, no 'next' in PHP.
...
Use === instead of == for extra paranoia.
2016-07-06 04:51:49 +00:00
Johannes Ernst
b1867dc8d1
Allow wildcard * to be used in trusted domains, to support setups where no reliable DNS entry is available (e.g. mDNS) or for simple-to-setup aliasing (e.g. *.example.com)
2016-07-05 18:49:18 +00:00
Thomas Müller
d2d99a91a0
fix swift primary object store test ( #25281 )
...
* Wait for socket to be open
* Fix call on null
* Allow DB access for MountProviderTest
Makes unit tests pass when using object store, since their FS access is
actually oc_filecache DB access. It is currently not possible to mock
or bypass the logic from "SharedMount::verifyMountPoint()" triggered by
this test.
2016-07-05 08:54:51 +02:00
Thomas Pulzer
bca4f42e14
Merge branch 'master' of https://github.com/nextcloud/server
2016-07-04 12:06:52 +02:00
Thomas Pulzer
90b7f74da7
Changed name of default logfile from owncloud.log to nextcloud.log.
2016-07-04 11:50:32 +02:00
Lukas Reschke
dc5fea504b
[master] Use paramterized parameter for \OC\SystemTag\SystemTagManager
...
$nameSearchPattern was passed in and directly appended to the SQL query. Luckily the code path isn't reached anywhere in Nextcloud or the included apps.
2016-07-03 16:54:41 +02:00
Hendrik Leppelsack
11be3d6276
remove png references in core
2016-07-01 16:36:37 +02:00
Lukas Reschke
179a355b2c
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-07-01 11:36:35 +02:00
Thomas Müller
b55ab6d22a
Various database migration fixes ( #25209 )
...
* String columns with a length higher then 4000 are converted into a CLOB columns automagically - we have to respect this when migrating
* Adding schema migration tests to prevent unnecessary and non-sense migration steps
Fix Oracle autoincrement and unsigned handling
* Fix sqlite integer type for autoincrement
* Use lower case table names - fixes pg
* Fix postgres with default -1 - this only affect pg 9.4 servers - 9.5 seems to work fine
2016-06-29 14:54:41 +02:00
Morris Jobke
b6397ef73a
Merge pull request #236 from nextcloud/master-sync-upstream
...
[Master] sync upstream
2016-06-28 09:02:03 +02:00
Robin Appelman
2a72eff9ee
Fix getting the certificate bundle for dav external storage ( #25274 )
...
* Fix getting the certificate bundle for dav external storages
* Log the original exception in dav external storage
2016-06-27 22:26:43 +02:00
Christoph Wurst
1710de8afb
Login hooks ( #25260 )
...
* fix login hooks
* adjust user session tests
* fix login return value of successful token logins
* trigger preLogin hook earlier; extract method 'loginWithPassword'
* call postLogin hook earlier; add PHPDoc
2016-06-27 22:16:22 +02:00
Robin Appelman
88ef163276
handle unavailable fed shares while testing for availability ( #25277 )
...
* More explicit http status codes
* handle unavailable fed shares while testing for availability
2016-06-27 21:34:28 +02:00
Lukas Reschke
e0445856b9
Merge pull request #59 from nextcloud/theming-app
...
Theming app
2016-06-27 21:14:40 +02:00
Lukas Reschke
6670d37658
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-06-27 18:23:00 +02:00
Bjoern Schiessle
2a990a0db5
verify user password on change
2016-06-27 14:08:11 +02:00
Bjoern Schiessle
d4989c8037
remove old hook, no longer needed
2016-06-27 14:05:27 +02:00
Bjoern Schiessle
630e4b1b46
check password for link shares
2016-06-27 14:05:27 +02:00
Vincent Petry
199c8e304c
Merge pull request #25250 from owncloud/linkshare-includedeletewithuploadperms
...
Add explicit delete permission to link shares
2016-06-27 12:14:05 +02:00
Vincent Petry
7269611722
Merge pull request #25258 from owncloud/integritycheck-whennotinstalled
...
Make code integrity check work when OC is not installed yet
2016-06-27 11:58:35 +02:00
Lukas Reschke
89e889c832
Check if server is installed
...
AppManager has a dependency on Nc being installed
2016-06-27 10:26:23 +02:00
Lukas Reschke
27b699bdbc
Migrate logic to dynamic controller
...
Also adds support for having custom login backgrounds
2016-06-27 10:26:23 +02:00
Bjoern Schiessle
10f6ca20bc
write theme settings to database
2016-06-27 10:26:22 +02:00
Lukas Reschke
7a9d60d87e
Merge remote-tracking branch 'upstream/master' into master-upstream-sync
2016-06-26 12:55:05 +02:00
Christoph Wurst
89198e62e8
check login name when authenticating with client token
2016-06-24 13:57:09 +02:00
Vincent Petry
e677ad56fd
Make code integrity check work when OC is not installed yet
2016-06-24 10:24:41 +02:00
Vincent Petry
0ad065cb8d
Repair step to adjust link share delete permissions
2016-06-24 09:48:48 +02:00
Vincent Petry
955635c7aa
Add explicit delete permission to link shares
...
Link shares always allowed deletion, however internally the permissions
were stored as 7 which lacked delete permissions. This created an
inconsistency in the Webdav permissions.
This fix makes sure we include delete permissions in the share
permissions, which now become 15.
In case a client is still passing 7 for legacy reasons, it gets
converted automatically to 15.
2016-06-24 09:48:48 +02:00
Vincent Petry
3db5de95bd
Merge pull request #25172 from owncloud/token-login-validation
...
Token login validation
2016-06-22 13:58:56 +02:00
VicDeo
854352d9a0
occ web executor ( #24957 )
...
* Initial web executor
* Fix PHPDoc
Fix broken integration test
OccControllerTests do not require database access - moch them all!
Kill unused sprintf
2016-06-22 13:12:36 +02:00
Vincent Petry
c49ff83f18
Merge pull request #25208 from owncloud/uploadfolder-firemkdirhooksforparents
...
Fire hooks for mkdir for folder upload
2016-06-22 10:21:00 +02:00
karakayasemi
c8b7a059b4
Fire hooks for mkdir for folder upload
...
fromTmpFile function, usual mkdir call is only working for file's parent
directory. Does not care upper parent folders. I added a recursive
function that creates parent non-existing folders with usual mkdir.
2016-06-21 17:10:52 +02:00
Christoph Wurst
7f22aeb5d6
redirect to new login route ( #25099 )
...
* redirect to new login route
* encode anchor in url and restore it client-side
2016-06-21 16:14:51 +02:00
Lukas Reschke
097cba8b38
Merge pull request #185 from nextcloud/fix-permission-issue
...
Show error message if config file is not readable
2016-06-21 12:14:24 +02:00
Morris Jobke
191a6c65d9
Show error message if config file is not readable
...
* when the config file is not writable there is a error message shown
* same happens now if the config file is not readable
* fixes #180
2016-06-21 11:25:38 +02:00
Lukas Reschke
2b493e2f9d
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-06-21 11:18:22 +02:00
Christoph Wurst
b805908dca
update session token password on user password change
2016-06-21 10:24:25 +02:00
Vincent Petry
88b9f5a357
Merge pull request #25162 from owncloud/password-login-forbidden-hint
...
Password login forbidden hint
2016-06-20 17:05:20 +02:00
Morris Jobke
e95c15e53a
fix more strings
2016-06-20 13:14:24 +02:00
Thomas Müller
2951a70fcb
Update ExcludeFileByNameFilterIterator.php ( #25184 )
...
Gentoo & derivatives use a tool named webapp-config which places two files in a webapp-config manager web application:
1: .webapp tag with more detailed info on the configuration done by webapp-config
2: .webapp-appname with the list of files installed by the tool to be able to later only delete stuff that was installed (in case of upgrade) and updated configurations.
2016-06-20 12:02:23 +02:00
Christoph Wurst
56199eba37
fix unit test warning/errors
2016-06-20 10:41:23 +02:00
Vincent Petry
e2b0a0f18f
Merge pull request #25174 from owncloud/tokenmapper-close-cursor
...
close cursor after loading a token
2016-06-20 09:54:15 +02:00
Vincent Petry
01041045da
Merge pull request #25168 from owncloud/capped-user-cache
...
Capped cache for user config
2016-06-20 09:53:58 +02:00
Christoph Wurst
9d74ff02a4
fix nitpick
2016-06-20 09:13:47 +02:00
Florian Preinstorfer
f6e9322f1e
Remove obsolete contacts_cards_properties table
...
The table contacts_cards_properties was part of the contacts app until
ownCloud 8.2. It got replaced with cards_properties (part of dav).
See also: ownCloud/core #21889
2016-06-19 15:40:37 +02:00
Florian Preinstorfer
217144dd95
Drop obsolete tables: gallery_albums and gallery_photos
...
Commit 34a21a63ce
renamed gallery_albums
to pictures_images_cache and removed gallery_photos entirely.
2016-06-19 14:01:42 +02:00
Christoph Wurst
b0f2878f6e
close cursor after loading a token
2016-06-17 16:13:28 +02:00
Christoph Wurst
1889df5c7c
dont create a session token for clients, validate the app password instead
2016-06-17 15:42:28 +02:00
Christoph Wurst
0c0a216f42
store last check timestamp in token instead of session
2016-06-17 15:42:28 +02:00
Christoph Wurst
c4149c59c2
use token last_activity instead of session value
2016-06-17 15:42:28 +02:00
Jörn Friedrich Dreyer
66560b8ed9
Capped cache for user config
2016-06-17 12:58:55 +02:00
Vincent Petry
73e284e1e1
Use getLazyRootFolder from RemoveRootShares repair step
...
This prevents the command registration to setup the FS too early when
FS-related apps might need upgrading.
2016-06-17 11:09:12 +02:00
Christoph Wurst
82b50d126c
add PasswordLoginForbiddenException
2016-06-17 11:02:07 +02:00
Vincent Petry
82beee57e4
Merge pull request #25132 from owncloud/2fa-load-apps-before-query
...
load 2FA provider apps before querying classes
2016-06-16 17:04:19 +02:00
Jörn Friedrich Dreyer
592ac6f7da
emit correct signal when disabling an app
2016-06-16 14:17:06 +02:00
Christoph Wurst
a40d64ff7f
load 2FA provider apps before querying classes
2016-06-16 10:12:16 +02:00
Vincent Petry
9c328de4ab
Merge pull request #24415 from owncloud/optimize_sharingdisabled_for_user
...
Optimize isSharingDisabledForUser
2016-06-16 09:27:48 +02:00
Vincent Petry
1251df3e17
Merge pull request #25075 from owncloud/fix_23265
...
Remove shares of the root folder
2016-06-16 09:27:06 +02:00
Vincent Petry
5de6432441
Merge pull request #25056 from owncloud/fs-usermountcache-capped
...
Capped cache for cache info in UserMountCache
2016-06-15 13:01:28 +02:00
Vincent Petry
05967a6904
Merge pull request #25093 from owncloud/issue-12816-clean-tags-from-deleted-users
...
Clean up tags of deleted users
2016-06-15 12:20:29 +02:00
Vincent Petry
f163eedfa2
Merge pull request #25102 from owncloud/preview-delete-performance
...
Preview delete performance
2016-06-15 11:58:50 +02:00