Commit Graph

17857 Commits

Author SHA1 Message Date
Daniel Calviño Sánchez 45de42a6b8 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez a426f84dbe Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez 7569590514 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Roeland Jago Douma 6aa6ab3e02
Add lazy events for the Node API
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.

We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 12:35:45 +02:00
Christoph Wurst 5b92f35fe2
Log why a token is not valid during password check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:58:44 +02:00
Christoph Wurst 2006a6dd0e
Improve traces of invalid token exceptions
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:21:47 +02:00
Nextcloud bot b9d17cfdec
[tx-robot] updated from transifex 2020-05-27 02:16:10 +00:00
Roeland Jago Douma 4bada5c732
Merge pull request #21092 from nextcloud/enh/noid/recommended-apps
Update recommended apps
2020-05-25 20:47:20 +02:00
Roeland Jago Douma a6b0bed585
Merge pull request #21090 from nextcloud/bug/noid/do-not-read-cert-from-datadir-by-default
Do not read certificate bundle from data dir by default
2020-05-25 19:48:00 +02:00
Morris Jobke 18b0d753f2
Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 16:57:56 +02:00
Julius Härtl bde5b9577b
Update hub bundle and add proxy rule to htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-05-25 16:04:54 +02:00
Morris Jobke e57bca31ad
Merge pull request #20005 from joeried/occ-remove-bruteforce-attempts-by-ip
Implement occ command to reset bruteforce attemps from a given IP address
2020-05-25 14:04:18 +02:00
Morris Jobke bd997a105c
Fix code style
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 14:03:21 +02:00
Nextcloud bot cbde1d102c
[tx-robot] updated from transifex 2020-05-25 02:16:22 +00:00
Roeland Jago Douma 5e35594cb6
Merge pull request #20989 from nextcloud/td/js/move_core_files_webpack
Move core/js/files to webpack
2020-05-23 09:47:53 +02:00
Roeland Jago Douma 533cb6992b
Merge pull request #21065 from nextcloud/fix/cleanstatscache_before_fetching_metadata
Clear the statscache before fetching the metadata
2020-05-23 09:46:27 +02:00
Nextcloud bot 23080fcd9c
[tx-robot] updated from transifex 2020-05-23 02:16:22 +00:00
Roeland Jago Douma 44d05bf356
Move core/js/files to webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-22 20:28:31 +02:00
Roeland Jago Douma fd805a0388
Merge pull request #20776 from nextcloud/enh/limit_group_queries
Improve group queries
2020-05-22 14:19:28 +02:00
Roeland Jago Douma 6b26744787
Clear the statscache before fetching the metadata
Else if a lot of writes happen. It might happen that an old stat result
is used. Resulting in a wrong file size for the file. For example the
text app when a lot of people edit at the same time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 09:21:53 +02:00
Nextcloud bot 3b519f776a
[tx-robot] updated from transifex 2020-05-22 02:17:20 +00:00
Roeland Jago Douma cac844d915
Merge pull request #20814 from nextcloud/group-id-only
dont get the group details if we only ask for the id
2020-05-21 09:53:45 +02:00
Roeland Jago Douma 1c1b349473
Merge pull request #21018 from nextcloud/bug/20498/add-defaults-on-empty
Create account structure also for empty record
2020-05-21 09:47:19 +02:00
Nextcloud bot d870e9ece5
[tx-robot] updated from transifex 2020-05-21 02:17:26 +00:00
Morris Jobke 8123737a40
Revert "Compress the appstore requests by default"
This reverts commit 6ffde128ad.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 13:37:28 +02:00
Morris Jobke 8bcd1c31da
Allow gzip encoded requests by default
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 13:37:28 +02:00
Morris Jobke 526905cfc2
Merge pull request #21050 from nextcloud/bug/noid/caching-and-gzipping-of-appstore-requests
Caching and compression for app store requests
2020-05-20 11:05:34 +02:00
Morris Jobke 6ffde128ad
Compress the appstore requests by default
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:51:07 +02:00
Morris Jobke 3e0d8df036
Cache appstore requests for 60 instead of 5 minutes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:51:06 +02:00
Nextcloud bot 74e577876c
[tx-robot] updated from transifex 2020-05-20 02:16:28 +00:00
Morris Jobke d26169838e
Merge pull request #21041 from nextcloud/enh/dataresponse_etag_lastmod
Copy over the ETag and LastModified when formatting a Dataresponse
2020-05-19 14:48:27 +02:00
Christoph Wurst 0556fe351a
Add a message to the log entry of an app being disabled
As an admin, it's always a surprise to see that an app got disabled. On
a busy server with many log entries, it's hard to locate the entry that
explains why Nextcloud disabled an app. Adding a message will make it
more obvious, allowing admins and developers to grep for the string.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-19 11:44:51 +02:00
Roeland Jago Douma c92c378a9c
Copy over the ETag and LastModified when formatting a Dataresponse
This way the ETag checks etc are all working.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-19 09:39:51 +02:00
Nextcloud bot 1b55119c85
[tx-robot] updated from transifex 2020-05-19 02:17:09 +00:00
Morris Jobke 3e65cc1bba
Merge pull request #21033 from nextcloud/enh/capabilities_initialstate
Provide capabilities via initialstate
2020-05-18 19:44:28 +02:00
Roeland Jago Douma e822c33a90
Provide capabilities via initialstate
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-18 16:20:25 +02:00
Morris Jobke 1bba7de28f
Merge pull request #21017 from nextcloud/enh/noid/clean-excluded-groups-list
Remove group from excluded_groups_list after delete
2020-05-18 14:24:18 +02:00
Nextcloud bot a8ac6df1d0
[tx-robot] updated from transifex 2020-05-18 02:16:22 +00:00
Daniel Kesselberg c6f770ea59
Create account structure also for empty record
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-05-17 15:30:36 +02:00
Daniel Kesselberg 16da29caba
Remove group from excluded_groups_list after delete
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-05-17 15:15:06 +02:00
Nextcloud bot bf2e3c4619
[tx-robot] updated from transifex 2020-05-17 02:16:59 +00:00
Nextcloud bot a84eec88e8
[tx-robot] updated from transifex 2020-05-16 02:17:14 +00:00
Roeland Jago Douma d23c7fff2a
Merge pull request #20957 from nextcloud/Valdnet-patch-5
l10n: Adding "The" before "Following"
2020-05-15 19:44:04 +02:00
Morris Jobke 4e49e1da16
Allow TemplateResponse to be compressed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-15 08:38:39 +02:00
Valdnet 8e3de41b4b l10n: Add "The" before "Following" 2020-05-15 14:26:50 +08:00
Nextcloud bot d132f81d28
[tx-robot] updated from transifex 2020-05-15 02:17:17 +00:00
Nextcloud bot 75d50a55b8
[tx-robot] updated from transifex 2020-05-14 02:16:36 +00:00
Morris Jobke 23253daa2f
Merge pull request #20958 from nextcloud/bugfix/talk-3523/allow-links-to-conversations
Allow links to conversations
2020-05-13 22:12:34 +02:00
Joas Schilling 787c2a17e3
Allow links to conversations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-13 16:05:55 +02:00
Morris Jobke e0d2cd40e7
Fix return code of AppConfig::deleteUserValue
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-13 14:55:00 +02:00