Commit Graph

602 Commits

Author SHA1 Message Date
Thomas Citharel 3b055b160e
fix typo
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2016-10-14 11:48:18 +02:00
Thomas Müller 5cd90d4116
[9.2] Sync deathdate and anniversary to birthday calendar (#25655)
* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)

* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-14 10:12:43 +02:00
Arthur Schiwon 1bcd2ca8e3
emit pre-update event for comments
* notifications can be cleaned up, no polluted DB
* updating comments will re-notify users or remove notifications, depending on the message

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 18:06:22 +02:00
Morris Jobke 6278d3bbfd Merge pull request #1144 from nextcloud/translate-default-calendar
translate default calendar & default address book displaynames & add …
2016-10-06 23:00:26 +02:00
Joas Schilling ce964f0a10
Translate the Contacts addressbook when it's default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 14:20:01 +02:00
Joas Schilling a4f82f13f3
Translate the personal calendar
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 14:19:58 +02:00
Joas Schilling f6e8da186d Merge pull request #1525 from nextcloud/newdav-tagsplugin
Newdav tagsplugin
2016-10-06 11:13:48 +02:00
Morris Jobke ff3e8c2139 Merge pull request #1518 from nextcloud/dav-fileshome-directory-properties
FilesHome now also returns DAV properties
2016-10-06 00:21:44 +02:00
Vincent Petry 5d25563634
New dav endpoint register tags plugin
This makes it possible to retrieve and PROPPATCH the favorite info

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-05 08:19:41 +02:00
Olivier Mehani 60cab0d73e Unset user PHOTO before setting new one in OCA\DAV\CardDAV\Converter::updateCard (#26243)
Signed-off-by: Olivier Mehani <shtrom@ssji.net>

#26242
2016-09-29 17:09:24 +02:00
Morris Jobke 85301df817 Merge pull request #1513 from nextcloud/fix-etag-on-move
Return ETag and OC-ETag in case of a move (#25683)
2016-09-28 21:46:51 +02:00
Morris Jobke ef0760f84f Merge pull request #1545 from nextcloud/delete-calendars-with-their-users
Delete calendars with their users
2016-09-28 21:42:55 +02:00
Thomas Müller bd96c6aa38
Return ETag and OC-ETag in case of a move (#25683)
Downstreaming of https://github.com/owncloud/core/pull/25683

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-28 21:12:50 +02:00
Thomas Citharel 6c8bcb38f1
Rename deleteAllSharesForUser() to deleteAllSharesByUser()
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2016-09-28 15:32:03 +02:00
Lukas Reschke 06e969cb74 Merge pull request #1197 from nextcloud/oc-public-sharing
CalDAV calendar public sharing
2016-09-27 18:51:40 +02:00
Thomas Citharel da1543eef7
fix deletion of calendars
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:33:56 +02:00
Thomas Citharel 5215833fe4
delete shares to an user
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:30:19 +02:00
Thomas Müller 97a47f49a1
Adjust delete logic and ann unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:30:10 +02:00
Thomas Citharel 18c07f0692
delete also addressbooks on user deletion
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:30:02 +02:00
Thomas Citharel 7db01ff805
delete calendars when users are deleted
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:29:53 +02:00
Lukas Reschke 4f4286932f Merge pull request #1457 from nextcloud/upstream-fix-birthday-calendar-component
[Upstream] fix birthday calendar component
2016-09-26 13:21:08 +02:00
Thomas Citharel dcc23114e9
fix annotations & copyright headers 2016-09-26 11:55:43 +02:00
Thomas Citharel 17d5dfdeb1
add in same request 2016-09-26 11:55:43 +02:00
Thomas Citharel 8360222554
fix public calendars 2016-09-26 11:55:42 +02:00
Thomas Müller d884370844
Use true random string as uri for public calendars - as a result we can no longer return the pre-publish-url 2016-09-26 11:55:42 +02:00
Lukas Reschke 4659e3ab59
Add new constructor args 2016-09-26 11:55:42 +02:00
Thomas Citharel 3e9a346223
add calendarserver-sharing to the list of advertised features 2016-09-26 11:55:41 +02:00
Thomas Citharel ad0eeaaf1c
use AllowedSharingModes for can-be-published & can-be-shared 2016-09-26 11:55:41 +02:00
Thomas Citharel 6378dbca7e
fix can-be-published 2016-09-26 11:55:41 +02:00
Thomas Citharel f16ea48e96
add can-be-published property 2016-09-26 11:55:40 +02:00
Thomas Citharel a4fe596a21
add space between calendarname and owner name 2016-09-26 11:55:40 +02:00
Thomas Citharel 8433c3ca31
fix getChild() 2016-09-26 11:55:40 +02:00
Thomas Citharel 691b3ab448
Add publicuri to oc_dav_shares table and start working with it 2016-09-26 11:55:39 +02:00
Thomas Citharel dd248caa09
fix some bracket positions 2016-09-26 11:55:39 +02:00
Thomas Citharel 1899116509
move getPublicCalendar inside the caldav backend 2016-09-26 11:55:39 +02:00
Thomas Citharel 762726d988
fix indent once and for all 2016-09-26 11:55:39 +02:00
Thomas Citharel 3921385ed3
fix things (indentation, tests, comments, backend custom implementation 2016-09-26 11:55:39 +02:00
Thomas Müller d0ec6b9c15
Disable OPTIONS handling - done by sabre 2016-09-26 11:55:38 +02:00
Thomas Müller e783d01da7
Allow public access to the principals/system/public 2016-09-26 11:55:37 +02:00
Thomas Citharel aadb56dfcc
Fix wrong way to get publish status 2016-09-26 11:55:37 +02:00
Thomas Citharel 2df69ec7f4
correct get published status and minor fixes 2016-09-26 11:55:37 +02:00
Thomas Citharel aca305332a
Fix DB call for MySQL databases 2016-09-26 11:55:37 +02:00
Thomas Citharel 994001c480
Dirty hack to disable dav plugins on public calendar urls 2016-09-26 11:55:36 +02:00
Thomas Müller 00dc157b19
Fix requests for browser plugin as well as for the public calendar root folder 2016-09-26 11:55:36 +02:00
Thomas Müller e7085aab38
Allow not-authenticated access to specific urls 2016-09-26 11:55:36 +02:00
Thomas Müller 90ab6e4fd9
Add new root collection public-calendars which holds all public calendars 2016-09-26 11:55:36 +02:00
Thomas Citharel 8da2100e7d
Start work on returning CalDAV published calendars 2016-09-26 11:55:35 +02:00
Thomas Citharel bd0aae8636
No need to call database twice 2016-09-26 11:55:35 +02:00
Thomas Citharel 7e5a82b968
Use urlgenerator to generate an absolute url
And pass Config the correct way too
2016-09-26 11:55:35 +02:00
Thomas Citharel 72f35f8862
Use ressource ID instead of name 2016-09-26 11:55:35 +02:00
Thomas Citharel f89961ddba
Fix annotations 2016-09-26 11:55:34 +02:00
Thomas Citharel 4a0e6e2ad0
Remove unnecessary line 2016-09-26 11:55:34 +02:00
Thomas Citharel 1652a74feb
Fix publish-url property & getPublishStatus() fct 2016-09-26 11:55:34 +02:00
Thomas Citharel 981c38f6d9
Remove unnecessary implementation 2016-09-26 11:55:34 +02:00
Thomas Citharel 5824c2493b
Make little corrections
Function getPublishedStatus) is not working atm.
2016-09-26 11:55:34 +02:00
Thomas Citharel 69d3601dcb
Proper work on Publishing 2016-09-26 11:55:33 +02:00
Vincent Petry b17e836e45
FilesHome now also returns DAV properties
The files home node must also return DAV properties like etag,
permissions, etc for the clients to work like they did with the old
endpoint.

This fix makes FilesHome extend the Sabre Directory class, this makes
the FilesPlugin and other plugins recognize it as a directory and will
retrieve the matching properties when applicable.

Downstream of https://github.com/owncloud/core/pull/26066

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-26 11:24:23 +02:00
Thomas Müller 1f825f0fe8
Adding repair step to fix component of birthday calendars 2016-09-20 11:28:00 +02:00
Thomas Müller 6eb1bc55ab
The birthday calendar can only hold VEVENT - refs https://github.com/owncloud/tasks/issues/338 2016-09-20 11:26:09 +02:00
Joas Schilling 1944d9b3ab
Use magic DI 2016-09-20 01:15:24 +02:00
Joas Schilling 44fbf6f734
Close cursors 2016-09-15 09:47:39 +02:00
Joas Schilling 08c6ca5a1a
Chunk if you have too many contacts 2016-09-14 16:29:58 +02:00
Joas Schilling 62f31d67bd
Chunk if you have too many events 2016-09-14 16:29:33 +02:00
Vincent Petry 1ab472b9ad
Improve chunk upload AssemblyStream performance 2016-09-13 09:29:02 +02:00
Roeland Jago Douma 94fb5bcbae
Cast query result to int
Else we never create the default address book
2016-09-09 19:15:27 +02:00
Morris Jobke 3fc37b2fc5 Merge pull request #1342 from nextcloud/throw-exceptions-not-printable
Don't print exception message in HTML
2016-09-09 14:57:23 +02:00
Lukas Reschke f715b5ea2e
Don't print exception message in HTML
The exception message is potentially influenced by user input and could thus be confusing (e.g. somebody could try to open a file like "Please send a mail to support@foo.com", and then the message would include that string.

It is thus reasonable to not show the exception message by default. Also for the browser view I added an `exit()` at the end, as otherwise the XML exception would be attached.
2016-09-09 13:52:34 +02:00
Lukas Reschke 67439951e6
Filter more mimetypes
There's no need to allow more than those defined mimetypes for images.
2016-09-09 12:33:10 +02:00
Joas Schilling cf69a2b7eb
UPDATE permissions qualify for renaming a node 2016-09-07 11:22:57 +02:00
Joas Schilling 4c0665b6ec
Only require CREATE permissions when the file does not exist yet 2016-09-07 11:10:48 +02:00
Robin Appelman 344945bfe9 more efficient check if addressbook and calendar exists for user 2016-08-31 15:08:29 +02:00
Joas Schilling 0c4d471c18
Correctly handle multi-values when converting VCards to array 2016-08-30 12:08:39 +02:00
Markus Goetz 0cb34c2fa5
[master] DAV: Return data-fingerprint always when asked (#25482)
For owncloud/client#5056
Users can configure arbitrary subfolders for syncing, therefore we should
always return it when asked for.
The sync client makes sure to not always ask for it to save bandwidth.
2016-08-29 14:37:14 +02:00
Lukas Reschke 4d85ffc27c Merge pull request #1054 from nextcloud/less-cache-hits
Reduce the number of cache operations for dav operations
2016-08-27 22:44:29 +02:00
Joas Schilling 89c78bbce4 Merge pull request #1031 from nextcloud/2fa-infinite-redirect-loop
prevent infinite redirect loops if the there is no 2fa provider to pass
2016-08-26 16:03:05 +02:00
Robin Appelman 7c4d9add0d reuse the userfolder's fileinfo when possible during dav setup 2016-08-25 17:22:22 +02:00
Christoph Wurst 6af2efb679
prevent infinite redirect loops if the there is no 2fa provider to pass
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
2016-08-24 10:49:23 +02:00
Joas Schilling 3fbb5de74f
Better displaynames for shared address books 2016-08-24 08:50:25 +02:00
Joas Schilling 53182fb780
Better displaynames for shared calendars 2016-08-24 08:50:25 +02:00
Roeland Jago Douma 64ff8ac6fa
Fix phpdoc in Comments 2016-08-16 20:33:09 +02:00
Thomas Müller 6f34c37cfb
Adding quota plugin to new dav endpoint (#25615)
* Adding quota plugin to new dav endpoint

* Added integrated test failing in old endpoint

* Added 0B quota test
2016-07-29 10:03:46 +02:00
Robin Appelman 1fef5d3d06 add dav property to check if a file has a preview available 2016-07-27 12:59:39 +02:00
Joas Schilling 0215b004da
Update with robin 2016-07-21 18:13:58 +02:00
Joas Schilling 813f0a0f40
Fix apps/ 2016-07-21 18:13:57 +02:00
Lukas Reschke c385423d10 Merge pull request #479 from nextcloud/add-bruteforce-throttler
Implement brute force protection
2016-07-21 00:31:02 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Lukas Reschke a17ba2f488 Merge pull request #466 from nextcloud/escape-special-characters
Escape special characters (#25429)
2016-07-20 21:24:19 +02:00
Roeland Douma 26cf51403e Merge pull request #464 from nextcloud/master-change-load-order
[master] Change load order of auth backends so that we can throw an exception …
2016-07-20 20:08:22 +02:00
Vincent Petry e5c4f53eea
Cast share id to string (#25402) 2016-07-20 15:10:10 +02:00
Aaron Wood 7c0de08cc4
Escape special characters (#25429)
* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Escape LIKE parameter

* Use correct method in the AbstractMapping class

* Change the getNamesBySearch method so that input can be properly escaped while still supporting matches

* Don't escape hardcoded wildcard
2016-07-20 14:46:47 +02:00
Thomas Müller e795f7b106
Change load order of auth backends so that we can throw an exception in OCA\DAV\Connector\Sabre\Auth - fixes #25362 (#25476) 2016-07-20 14:40:52 +02:00
Morris Jobke 0a6d95b126 Merge pull request #394 from nextcloud/tags-for-everything
SystemTags for everything not just files
2016-07-19 10:47:12 +02:00
Björn Schießle ea470f8777 Merge pull request #405 from nextcloud/theming-fixes
Theming fixes
2016-07-18 15:59:47 +02:00
Joas Schilling 7c039bcbf6
Allow apps to register SystemTags plugins 2016-07-18 10:26:42 +02:00
Joas Schilling c2b077e185
Fix doc blocks 2016-07-18 10:26:42 +02:00
Joas Schilling 8e13ff2c86
Fix TODO and bring in abstraction (similar to comments) 2016-07-18 10:26:36 +02:00
Joas Schilling 2c988ecbf4
Use the themed Defaults everywhere 2016-07-15 09:17:30 +02:00
Roeland Jago Douma 059b7435ab
PasswordLoginForbidden is not a FATAL exception
It is just a 'Sabre\DAV\Exception\NotAuthenticated' exception
with some special meaning.

So just log it as DEBUG and not as FATAL.
2016-07-14 22:53:12 +02:00
Robin Appelman 6da066e7be
Fix test using private propertries 2016-07-08 12:36:25 +02:00
Robin Appelman f98cb9efa0
Fix type hinting 2016-07-08 12:35:50 +02:00
Robin Appelman 8f84c99e3f
Fix undefined properties 2016-07-08 12:35:16 +02:00
Morris Jobke ba16fd0d33 Merge branch 'master' into sync-master 2016-07-07 11:29:46 +02:00
Thomas Citharel 7d95cde37d Add all properties while creating a subscription (#25318)
Fixes #24469
2016-07-01 13:42:35 +02:00
Lukas Reschke 179a355b2c Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-07-01 11:36:35 +02:00
Bjoern Schiessle 26e14529be fix error message 2016-06-30 13:50:31 +02:00
Lukas Reschke c771368c4e Add proper throws PHP docs 2016-06-30 13:19:50 +02:00
Lukas Reschke 1e7f0f7341 Add required $message parameter 2016-06-30 13:17:53 +02:00
Bjoern Schiessle 3571207bd9 add some additonal permission checks to the webdav backend 2016-06-30 11:16:49 +02:00
Björn Schießle 5ace6b53f3 get only vcards which match both the address book id and the vcard uri (#25294) 2016-06-29 12:13:59 +02:00
Bjoern Schiessle 5f6944954b get only vcard which match both the address book id and the vcard uri 2016-06-28 16:11:06 +02:00
Georg Ehrke 3c399be6ec fix a ImageExportPlugin Test (#25215) 2016-06-27 21:26:56 +02:00
Vincent Petry 56ad4cdfec
Show error message when posting an invalid comment
When an internal server error occurs while creating or updating a
comment, display a proper error notification in the UI.
2016-06-24 10:17:12 +02:00
Georg Ehrke 1452b74de7 Contacts API: replace raw image data with url (#25081)
* add uri to AddressBookImpl array

* Introduce ImageExportPlugin for CardDav

* add plugin to v1 routes

* replace binary contact photo with link

* update tests

* Adding unit tests
2016-06-21 15:25:44 +02:00
Vincent Petry 2340660a5b
PasswordLoginForbidden must extend NotAuthenticated
The auth code from Sabre will forward NotAuthenticated exceptions but
in the case of a generic exception, it is packaged as "service not
available".
2016-06-17 15:50:24 +02:00
Christoph Wurst 5a8cfab68f
throw PasswordLoginForbidden on DAV 2016-06-17 11:30:24 +02:00
Christoph Wurst 82b50d126c
add PasswordLoginForbiddenException 2016-06-17 11:02:07 +02:00
Thomas Müller 0b7685d326 Move birthday calendar generation to a live migration job (#25135) 2016-06-16 16:14:28 +02:00
Christoph Wurst 331d88bcab
create session token on all APIs 2016-06-13 15:38:34 +02:00
Vincent Petry 68c3b23e04 Merge pull request #24080 from owncloud/support-calendar-class-property
Extract CLASS property from calendar object and store it in the database
2016-06-10 11:22:11 +02:00
Vincent Petry 67c3a97401 Merge pull request #25046 from owncloud/fix-the-realm
Use the correct realm for basic authentication
2016-06-10 10:41:46 +02:00
Vincent Petry 543545505d Merge pull request #25043 from owncloud/webdav-download-mimetype
DAV now returns file name with Content-Disposition header
2016-06-10 09:55:59 +02:00
Vincent Petry 1399e87d57
DAV now returns file name with Content-Disposition header
Fixes issue where Chrome would append ".txt" to XML files when
downloaded in the web UI
2016-06-09 15:51:41 +02:00
Thomas Müller cf06b17df1
Use the correct realm for basic authentication - fixes #23427 2016-06-09 13:53:32 +02:00
Thomas Müller f20c617154
Allow login by email address via webdav as well - fixes #24791 2016-06-09 12:08:49 +02:00
Thomas Müller bfcd1dc49c
Filter confidential calendar objects in shared calendars
Filter private calendar objects in shared calendars
2016-06-09 11:09:14 +02:00
Thomas Müller 082f456b8b
Added unit testing for the migration step 2016-06-09 11:09:14 +02:00
Thomas Müller 369c3b5d7e
Implement classification migration as repair step 2016-06-09 11:09:14 +02:00
Thomas Müller 287e41732c
Bump dav app version and fix variable rename 2016-06-09 11:09:14 +02:00
Thomas Müller f013cfc530
Add migration step 2016-06-09 11:09:13 +02:00
Thomas Müller fbdec59f22
Extract CLASS property from calendar object and store it in the database 2016-06-09 11:09:13 +02:00
Robin Appelman f119769c26 Better handling of forbidden files in dav 2016-06-07 14:01:55 +02:00
Thomas Müller 371a07e3ab Fix checkMove() implementation for dav v2 - fixes #24776 (#24971) 2016-06-06 17:01:27 +02:00
Vincent Petry 3ff2bec5fa Merge pull request #24935 from owncloud/2fa-block-dav
block DAV if 2FA challenge needs to be solved first
2016-06-02 15:31:18 +02:00
Joas Schilling 942e946f06
Catch the ForbiddenException to make sure it gets handled 2016-06-01 16:17:57 +02:00
Christoph Wurst da03a85c3c
block DAV if 2FA challenge needs to be solved first 2016-06-01 10:42:38 +02:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Christoph Wurst 28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled 2016-05-24 17:54:02 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Vincent Petry 87fa86a69a Merge pull request #24559 from owncloud/2fa
two factor auth
2016-05-23 20:50:03 +02:00
Vincent Petry c10d8a37f7 Merge pull request #22690 from owncloud/fix-comments-href-remote.php-files
ensure comments-href returns a value also when propfind is done again…
2016-05-23 14:47:03 +02:00
Christoph Wurst dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Joas Schilling c9fda84841
Make the root collection neutral so it does not only work for files 2016-05-23 09:03:48 +02:00
Joas Schilling 3a8e537946
Remove unused UserFolder 2016-05-23 09:03:47 +02:00
Vincent Petry 5963128342
Adjust DAV SystemTagPlugin unit tests for groups 2016-05-20 17:56:02 +02:00
Vincent Petry 10fae3994a
Fix system tag update code 2016-05-20 17:56:02 +02:00
Vincent Petry d7727cdc74
Add admin-only system tag groups property
For setting/getting system tag groups
2016-05-20 17:56:02 +02:00
Vincent Petry 88740f035d
Act on effective system tag canAssign permission
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.

This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Vincent Petry 03d32bc39b
Fix system tags DAV unit tests 2016-05-20 17:56:02 +02:00
Vincent Petry bede872dbc
Bring back admin permissions to change system tag permissions 2016-05-20 17:56:02 +02:00
Vincent Petry 09b3883d9c
Updated canUser* functions in SystemTagManager to accept objects 2016-05-20 17:56:02 +02:00