Commit Graph

11041 Commits

Author SHA1 Message Date
Lukas Reschke 12b22c2759 Regenerate CSRF token upon login
Otherwise somebody else might be able to note down the CSRF token before login on a shared computer.
2016-01-25 20:03:40 +01:00
Lukas Reschke a977465af5 Add new CSRF manager for unit testing purposes
This adds a new CSRF manager for unit testing purposes, it's interface is based upon https://github.com/symfony/security-csrf. Due to some of our required custom changes it is however not possible to use the Symfony component directly.
2016-01-25 20:03:40 +01:00
Joas Schilling 09ae160463 Replace other usages 2016-01-25 17:17:36 +01:00
Joas Schilling c5046fb2a9 Add parameters to public interface 2016-01-25 17:17:20 +01:00
Thomas Müller 728caf13f8 Adding support of -1 as size to be passed into get and getFile 2016-01-25 16:54:40 +01:00
Thomas Müller d69167caff Merge pull request #21424 from owncloud/appversions
Use appConfig to get app versions
2016-01-25 10:02:02 +01:00
Thomas Müller adf532fe4e Merge pull request #21806 from owncloud/mdusher-master
[jenkins] Added ' to characters allowed in the username
2016-01-25 10:01:43 +01:00
Thomas Müller ef4fca22d1 Merge pull request #21844 from owncloud/drop-image-path
Remove OC_Helper::imagePath and use the proper public interface
2016-01-25 10:00:21 +01:00
Morris Jobke 287e6d36bf remove unused variable 2016-01-25 09:29:44 +01:00
Jenkins for ownCloud a331979a67 [tx-robot] updated from transifex 2016-01-25 01:54:39 -05:00
Morris Jobke 75e6734ef4 Remove OC_Helper::imagePath and use the proper public interface 2016-01-24 18:04:20 +01:00
Thomas Müller 99e9c81c8b Merge pull request #21841 from owncloud/share2_deletefromself
[Share 2.0] Add deleteFromSelf method
2016-01-22 17:27:17 +01:00
Thomas Müller a203089cfd Merge pull request #21836 from RomanKreisel/master
Solves #21835 (https://github.com/owncloud/core/issues/21835)
2016-01-22 17:26:28 +01:00
Thomas Müller 7731b29136 Merge pull request #21719 from owncloud/move-notification-api-to-ocp
Move the notification API to public namespace
2016-01-22 16:20:26 +01:00
Roeland Jago Douma a6600e95dc [Share 2.0] Add deleteFromSelf method
This allows recipient to delete a share. For user shares this is the
same as deleting (at least for now).
But for group shares this means creating a new share with type 2. With
permissions set to 0.
2016-01-22 15:06:50 +01:00
Thomas Müller 9b4c9a0357 Merge pull request #18531 from owncloud/ext-user-credentials
External storage 'Login credentials' auth mechanism
2016-01-22 13:14:14 +01:00
Thomas Müller 0bccdbc959 Merge pull request #21849 from owncloud/add-custom-marker-into-htaccess
Add custom marker into htaccess and execute integrity check after installation
2016-01-22 13:13:59 +01:00
Thomas Müller e3013a99ef Merge pull request #21816 from owncloud/require-a-specific-path-instead-of-autoguessing
Use path instead of app id for occ app signing
2016-01-22 13:13:41 +01:00
Lukas Reschke bc62aa1ef5 Exclude .htaccess modifications from code checker
After the initial installation ownCloud will write some content into the .htaccess file such as the 404 or 403 directives. This adds a magic marker into the .htaccess file and only the content above this marker will be compared in the integrity checker.
2016-01-22 11:51:54 +01:00
Joas Schilling 31c5848e51 Allow automatic injection of the Manager 2016-01-22 11:02:40 +01:00
Thomas Müller 1410120758 Merge pull request #20768 from owncloud/mount-cache
cache mountpoints in the db
2016-01-22 11:01:54 +01:00
Joas Schilling 9ea7ae6f87 Adjust the since on the interface 2016-01-22 10:51:36 +01:00
Joas Schilling ee02165005 Move the notification API to public namespace 2016-01-22 10:32:42 +01:00
Thomas Müller e2e5eedb40 Merge pull request #21824 from owncloud/list-of-notifiers
Make it possible to get a list of notifiers for a potential settings …
2016-01-22 10:24:46 +01:00
Joas Schilling 3cca8498cb Make it possible to get a list of notifiers for a potential settings page 2016-01-22 08:47:21 +01:00
Morris Jobke 75ee5a9e9a Fix PHPDoc - @changed is no official tag -> use @since 2016-01-22 08:43:05 +01:00
Roman Kreisel b35aa513ab Solves # 2016-01-21 17:29:14 +01:00
Roeland Jago Douma 658959592d [Share 2.0] Fix displaying old shares proplery 2016-01-21 16:06:12 +01:00
Roeland Jago Douma 3a582e88e5 Comments from Vincent 2016-01-21 16:06:12 +01:00
Roeland Jago Douma 9b5ea18ce5 Add Unit tests for the default share provider 2016-01-21 16:06:12 +01:00
Roeland Jago Douma 0a9cd91e1d [Share 2.0] Add subfiles=x 2016-01-21 15:56:44 +01:00
Roeland Jago Douma 0c9f881e7d [Share 2.0] Resolve group shares 2016-01-21 15:56:44 +01:00
Roeland Jago Douma 3666c34a19 [Sharing 2.0] Start with getShares 2016-01-21 15:56:44 +01:00
Thomas Müller e2f231d051 Merge pull request #21761 from owncloud/share2_link
Share2 link
2016-01-21 15:43:08 +01:00
Thomas Müller 2b4532c6b9 Merge pull request #21797 from owncloud/proper-controller-in-core
Move controller in core/ to a common subfolder
2016-01-21 15:20:10 +01:00
Thomas Müller 7c7467fe42 Merge pull request #21792 from owncloud/systemtags-managerfactory
Allow custom implementation of system tag managers
2016-01-21 12:13:01 +01:00
Jenkins for ownCloud 50b303f3ad [tx-robot] updated from transifex 2016-01-21 01:55:20 -05:00
Thomas Müller 2f7dcf1a2c Merge pull request #21782 from owncloud/update-system-addressbook-on-user-change-2
Introduce IUser::setEMailAddress and add hook mechanism
2016-01-21 00:07:46 +01:00
Roeland Jago Douma e40d21673e [Share 2.0] Add fetching link shares to share manager 2016-01-20 21:12:26 +01:00
Lukas Reschke ea367b598a Use path instead of app id
This change requires the usage of a path instead of the App ID when signing code. This has the advantage that developers can also sign code under a different location to make it easier. (e.g. remove `.git`, …)

Also it adds an example command usage as well as a link to the documentation
2016-01-20 20:38:18 +01:00
Vincent Petry 899f9bd113 Allow custom implementation of system tag managers
Added config.php option to replace the default implementation of system
tag manager and system tag object mapper.

Also adjusted the comments manager factory to inject the server container
2016-01-20 16:36:10 +01:00
Robin Appelman 8a4c0829fb use insertifnotexists 2016-01-20 16:32:56 +01:00
Robin Appelman 483c6b68e2 clear mount cache when removing applicables 2016-01-20 16:32:56 +01:00
Robin Appelman bc7bd0cd05 handle changed mount points 2016-01-20 16:32:56 +01:00
Robin Appelman be380accb9 clear mount cache when deleting user 2016-01-20 16:32:56 +01:00
Robin Appelman 99415a9f7f multiple minor fies 2016-01-20 16:32:52 +01:00
Robin Appelman fd37e72ee9 use getmountmanager 2016-01-20 16:30:22 +01:00
Robin Appelman 8940429976 log duplicates 2016-01-20 16:30:22 +01:00
Robin Appelman f986fb99f2 Filter uncached mounts 2016-01-20 16:30:22 +01:00
Robin Appelman cf6ee1c866 cache mountpoints in the db 2016-01-20 16:30:22 +01:00
Thomas Müller 647d8ea5de Merge pull request #21775 from owncloud/apcu-iterator-constructor
Fix constructor arguments for APCUIterator
2016-01-20 15:23:01 +01:00
Thomas Müller 51b50bd260 Emit OC\User::changeUser on change of display name 2016-01-20 14:57:20 +01:00
Thomas Müller aeb89947a2 Introduce IUser::setEMailAddress and add hook mechanism 2016-01-20 14:57:20 +01:00
Morris Jobke 7b54bf26ea fix error message and comment 2016-01-20 14:21:54 +01:00
Michael U dbfa143e2d Added ' to characters allowed in the username 2016-01-20 14:11:27 +01:00
Morris Jobke 06fe4cabfc move setup controller to core/controller 2016-01-20 10:23:57 +01:00
Roeland Jago Douma 7a946a05f5 Properly DI the servercontainer 2016-01-20 08:33:36 +01:00
Jenkins for ownCloud f076bfac32 [tx-robot] updated from transifex 2016-01-20 01:54:54 -05:00
Thomas Müller f0f308dfbf Merge pull request #21744 from owncloud/scrutinizer-patch-1
Scrutinizer Auto-Fixes
2016-01-19 12:17:25 +01:00
Morris Jobke 930555bd5e properly use standard
* JEDEC standard - https://en.wikipedia.org/wiki/JEDEC_memory_standards#Unit_prefixes_for_semiconductor_storage_capacity
2016-01-19 10:41:12 +01:00
Roeland Jago Douma 0939520e1a [Share 2.0] Share Object creation is a fragile thing
* We can't assume that the file still exists
* We can't assume that the user/group still exists

Basically we do not always nicely cleanup shares.
2016-01-18 19:57:30 +01:00
Thomas Müller 14c98b4df7 Merge pull request #21519 from owncloud/propagate-folder-size
propagate folder size in the same query for write updates
2016-01-18 16:57:30 +01:00
Robin Appelman 58afddfaa5 allow comparing clob using expressionbuilder->eq if you explicitly say you're comparing strings 2016-01-18 16:03:41 +01:00
Robin Appelman a225fe4c96 Fix constructor arguments for APCUIterator 2016-01-18 12:20:05 +01:00
Robin Appelman ebd15fd5ed handle bool in setValue 2016-01-18 12:09:01 +01:00
Robin Appelman 895fd49fb2 also handle not null violations 2016-01-18 12:09:01 +01:00
Robin McCorkell da4127d23b Introduce CredentialsManager for storage of credentials in DB
CredentialsManager performs a simple role, of storing and retrieving
encrypted credentials from the database. Credentials are stored by user
ID (which may be null) and credentials identifier. Credentials
themselves may be of any type that can be JSON encoded.

The rationale behind this is to avoid further (mis)use of
oc_preferences, which was being used for all manner of data not related
to user preferences.
2016-01-18 11:10:41 +01:00
Robin McCorkell 88cd615214 Introduce IDBConnection::setValues()
setValues() attempts to insert a new row, or failing that, update an
existing row. The ability to set preconditions is also available.
2016-01-18 11:10:41 +01:00
Jenkins for ownCloud e4d5229940 [tx-robot] updated from transifex 2016-01-18 01:54:41 -05:00
Jenkins for ownCloud 2095a31000 [tx-robot] updated from transifex 2016-01-17 01:54:53 -05:00
Thomas Müller 807cf750b3 Merge pull request #21705 from owncloud/improve-background-job-message
Improve background job error message
2016-01-15 20:12:26 +01:00
Robin Appelman ddbbe1742f propagate folder size in the same query for write updates 2016-01-15 15:36:52 +01:00
Thomas Müller f6c4b10189 Add message key to context of logException 2016-01-15 14:55:30 +01:00
Thomas Müller fcec704174 Merge pull request #21730 from owncloud/fix-install-of-shipped-apps
Fix installation of shipped apps
2016-01-15 14:33:40 +01:00
Thomas Müller b7c0dc46be Merge pull request #21702 from owncloud/fix_emit_scanFiles_II
Fix: emit 'scanFiles' will only fire on files and not on folders (II)
2016-01-15 14:31:49 +01:00
Scrutinizer Auto-Fixer 83a8e75614 Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2016-01-15 12:54:26 +00:00
Thomas Müller 6824704699 Merge pull request #21117 from owncloud/owner-file-exists
Only return an owner if the file exists + improved getUidAndFilename
2016-01-15 13:31:56 +01:00
Thomas Müller 41106c1967 Merge pull request #21543 from owncloud/Larzenegger-master
[CI] Larzenegger master
2016-01-15 13:29:57 +01:00
Thomas Müller 416fb65605 Merge pull request #21717 from owncloud/addpublicgroupinterface
allow apps to add an OCP GroupInterface backend
2016-01-15 12:38:18 +01:00
Thomas Müller b37634a57d Merge pull request #21721 from owncloud/capped-memcache-indirect-set
Allow indirect set in CappedMemoryCache
2016-01-15 12:37:36 +01:00
Thomas Müller d8867f7692 Merge pull request #21723 from owncloud/prevent-group-enable-for-apps
Prevent group enable for apps
2016-01-15 12:26:43 +01:00
Thomas Müller 52040a3f23 Merge pull request #20898 from owncloud/cache-interfaces
Public Cache interfaces
2016-01-15 12:02:31 +01:00
Jenkins for ownCloud cd840f01ae [tx-robot] updated from transifex 2016-01-15 01:54:57 -05:00
Thomas Müller 1d0724a772 Fixing CodeChecker usage 🙈 2016-01-14 17:35:28 +01:00
Thomas Müller 7d2a6d4c1a - isolate include calls in installer.php which prevents local variables to be overwritten
- add the app to the autoloader before calling install.php
2016-01-14 17:28:00 +01:00
Thomas Müller 3f64d37f2a Merge pull request #21623 from owncloud/stricter_defaultprovider
[Share 2.0] Default share provider should only query for supported types
2016-01-14 16:12:06 +01:00
Thomas Müller 953c4bf18a Merge pull request #21714 from owncloud/groups-insertifnotexists
Groups insertifnotexists
2016-01-14 16:11:43 +01:00
Joas Schilling e3a0858444 Check whether the app can be enabled for groups 2016-01-14 15:45:48 +01:00
Robin Appelman d195584a32 Allow indirect set in CappedMemoryCache 2016-01-14 15:00:41 +01:00
Jörn Friedrich Dreyer 2ebb5726d7 add TODOs with the actual interface name 2016-01-14 14:34:35 +01:00
Jörn Friedrich Dreyer 64043e9bcc move methods to correct interface, deprecate private interface 2016-01-14 14:28:03 +01:00
Jörn Friedrich Dreyer bd77cd98c9 allow apps to add an OCP GroupInterface backend 2016-01-14 13:58:45 +01:00
Thomas Müller 5036e4527f Use IDbConnectin::insertIfNotExist 2016-01-14 13:17:26 +01:00
Joas Schilling 436ce1f4a6 Use insertIfNotExists() when creating a group 2016-01-14 13:13:27 +01:00
Robin Appelman 7530f66f52 remove unneeded public cache methods 2016-01-14 13:01:46 +01:00
Robin Appelman bdf51d9ea4 only trigger locking on lockingstorages 2016-01-14 13:01:43 +01:00
Robin Appelman 0724ac1e5e split locking related methods to their own interface 2016-01-14 12:54:42 +01:00
Robin Appelman 3deb3bd163 Add IStorage interface for consistent naming
minor phpdoc fixed
2016-01-14 12:54:42 +01:00
Robin Appelman e77e76fef4 fix object store storage 2016-01-14 12:54:42 +01:00
Robin Appelman d2c579e167 fix quota wrapper 2016-01-14 12:54:42 +01:00
Robin Appelman dcbeeced3b add since tags 2016-01-14 12:54:42 +01:00
Robin Appelman 989995a852 fix phpdoc 2016-01-14 12:54:42 +01:00
Robin Appelman a3d50ef49a add watcher interface 2016-01-14 12:54:42 +01:00
Robin Appelman c27894791e Add updater interface and expose cache interfaces from storage 2016-01-14 12:54:42 +01:00
Robin Appelman 5fae07f422 add scanner interface 2016-01-14 12:54:42 +01:00
Robin Appelman 6d321f5f6b Return a class from cache operations instead of an array 2016-01-14 12:54:42 +01:00
Robin Appelman 3ab0ccd4a2 add cache entry interface 2016-01-14 12:54:42 +01:00
Robin Appelman 2dcdc81477 propagator interface 2016-01-14 12:54:42 +01:00
Robin Appelman cdc8c40d60 Add public cache interface 2016-01-14 12:54:42 +01:00
Roeland Jago Douma 663e71e4b3 Only select elements from the database that we support 2016-01-14 10:54:40 +01:00
Roeland Jago Douma 0f454ff5aa Use namedparameter 2016-01-14 10:54:40 +01:00
Morris Jobke 86f08f59d6 use logException() to properly log the exception 2016-01-14 10:40:23 +01:00
Thomas Müller 4d037b76b4 Merge pull request #21704 from owncloud/fix-namespace-issue
Fix usage of PHP method within namespace
2016-01-14 10:25:34 +01:00
Thomas Müller 03c08bea9d Merge pull request #21703 from owncloud/fix_share_create_hooks
[Share 2.0] Fix pre_share and post_share hooks
2016-01-14 09:56:37 +01:00
Morris Jobke 64c8427d81 Improved error message for failing background job 2016-01-14 09:49:40 +01:00
Morris Jobke 73dd8c17de Fix usage of PHP method within namespace
* introduced wiht 045ea4eb
2016-01-14 09:24:21 +01:00
Jenkins for ownCloud 205fbcbfa3 [tx-robot] updated from transifex 2016-01-14 01:55:43 -05:00
Roeland Jago Douma 4cc2230c58 [Share 2.0] Fix pre_share and post_share hooks 2016-01-13 21:56:04 +01:00
Martin 06ca5cbade Fix: emit 'scanFiles' will only fire on files and not on folders (II) 2016-01-13 21:40:48 +01:00
Thomas Müller d1010696a1 Merge pull request #20497 from owncloud/bubble_up_hint_exception
Bubble up hint exceptions in hooks, so the user can see the hint
2016-01-13 17:36:42 +01:00
Roeland Jago Douma 5f5951c8cf [Share 2.0] Let the factory do the factory stuff
* Updated unit tests (bit cleaner now)
2016-01-13 16:35:15 +01:00
Roeland Jago Douma cbd3050f4c [Share 2.0] Use full share id (providerId:shareId)
Now that we support multiple managers we communicate shares to the
outside as 'providerId:shareId'. This makes sures that id's are unique
when references from the OCS API.

However, since we do not want to break the OCS API v1 we need to
somewhat hack around this.

When we switch to OCS API v2 (which we should when we support more
custom providers). We will change the id to always be the fullShareId.
2016-01-13 16:35:15 +01:00
Roeland Jago Douma 67b7ebccd1 [Share 2.0] Add share provider factory
* Add providers
* Add share manager to server container
* Use share manager from server container
* Properly get the share manager
2016-01-13 16:35:14 +01:00
Roeland Jago Douma b4de427c1e [Share 2.0] Allow registering of share providers
* Properly register the default share provider
2016-01-13 16:35:07 +01:00
Thomas Müller 3ee3d02a76 Merge pull request #20018 from owncloud/cache_group_backend
The group database backend should cache groups
2016-01-13 15:58:21 +01:00
Thomas Müller e7038a2736 Simply use logException() to log the exception - no need for custom code 2016-01-13 15:52:18 +01:00
Thomas Müller fa75866879 Fix PHPDoc 2016-01-13 15:52:18 +01:00
Jörn Friedrich Dreyer cbe995af31 Bubble up hint exceptions in hooks, so the user can see the hint 2016-01-13 15:52:18 +01:00
Thomas Müller 37e8a87d46 Merge pull request #21591 from owncloud/add-code-checking-for-apps
Verify signature of apps with level "Official" coming from the appstore
2016-01-13 10:35:00 +01:00
Thomas Müller b1ee51f255 Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
2016-01-13 10:33:58 +01:00
Thomas Müller 5565b19382 Merge pull request #21648 from owncloud/smb-statcache-cap
cap the number of entries we cache in smb's statcache
2016-01-13 10:33:43 +01:00
Thomas Müller 3fd976995a Merge pull request #21668 from owncloud/add-super-evil-and-hidden-config-switch-to-disable-integrity-checks-really-just-do-not-use-this
Add hidden config switch to disable code integrity checking
2016-01-13 10:30:02 +01:00
Thomas Müller 4129480eb0 Merge pull request #21671 from owncloud/fix-setup-on-master
Use legacy method when ownCloud is not yet installed
2016-01-13 10:29:36 +01:00
Thomas Müller e22186d234 Merge pull request #21673 from owncloud/chrsch-master
-- Fixed error where $enabled is parsed but empty
2016-01-13 10:29:21 +01:00
Thomas Müller c5a200c419 Merge pull request #21653 from owncloud/update-license-headers-2016
Update license headers 2016
2016-01-13 08:29:42 +01:00
Thomas Müller 59e9b93be6 Merge pull request #20948 from owncloud/fed-sync-contacts
Syncing system addressbooks across federated ownClouds
2016-01-13 08:27:51 +01:00
Jenkins for ownCloud eb90fa78ad [tx-robot] updated from transifex 2016-01-13 01:55:56 -05:00
Christoph Schaefer 4b3bef4dc7 -- Fixed error where $enabled is parsed but empty 2016-01-13 06:39:02 +01:00
Lukas Reschke 28049b510b Use legacy method when ownCloud is not yet installed
The new `\OCP\ICertificateManager::getAbsoluteBundlePath` API instantiiates an ownCloud view which makes the installation fail as it queries the DB before it actually is setup. This change uses the old approach again for the case that the installation is not yet setup.

The client service is required for the `.htaccess` effectivity check in the setup. In the future we could move this to a JS based one (as we have for the other setupchecks) so we can get rid of such hacks.

Fixes https://github.com/owncloud/core/issues/21669 which was a regression in master caused by https://github.com/owncloud/core/issues/21336
2016-01-12 21:47:49 +01:00
Lukas Reschke 08e73d2c8f Add hidden config switch to disable code integrity checking
This adds a hidden config flag that allows somebody to disable the code integrity check. If `integrity.check.disabled` is set to `true` in the config file:

1. The integrity check functions will return always an empty result
2. The integrity check is not performed when installing apps
3. The integrity check is not performed when updating apps
4. The integrity check is not performed when updating the core

Furthermore this adds support for a list of channels that the code checker will run on. At the moment this is only stable because I didn't want to break any build scripts that we have. Once we have a proper CA setup and updated the build process to sign the releases we can add the RC, alpha, beta as well as daily releases. So everything except "git" basically.
2016-01-12 18:48:36 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Thomas Müller dbddbb634b Use EventDispatcher to allow additional setup of auth backends - move federation auth to federation app 2016-01-12 14:24:01 +01:00
Robin Appelman d8d6368dd7 cap the number of entries we cache in smb's statcache 2016-01-12 13:26:58 +01:00
Robin Appelman c15cab7ed6 Allow admins to add system wide root certificates 2016-01-12 12:50:59 +01:00
Lukas Reschke 4d0dcd3c53 Add X-Download-Options and X-Permitted-Cross-Domain-Policies
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
2016-01-12 10:37:16 +01:00
Thomas Müller 3317dd0a8e Merge pull request #21637 from owncloud/reformat-irequest
fix identation in public/irequest.php
2016-01-12 09:13:17 +01:00
Thomas Müller 3ec8789c77 Merge pull request #21628 from owncloud/deprecated_secure_random_funcions
Replace deprecated function calls to SecureRandom
2016-01-12 09:12:13 +01:00
Morris Jobke 078cf8ae36 fix identation in public/irequest.php 2016-01-12 08:48:51 +01:00
Thomas Müller d11d9407ce Merge pull request #21624 from owncloud/l10n_deprecated_function
Remove unused deprecated function from l10n.php
2016-01-12 08:34:00 +01:00
Roeland Jago Douma 9f4b296685 Properly close cursors 2016-01-12 08:24:08 +01:00