bd37021587
Fix casing of same origin frame option
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 12:37:32 +02:00
afb5d45705
Merge pull request #4256 from nextcloud/theming
...
Move OC_Defaults to OCP\Defaults
2017-04-11 14:39:46 +02:00
9e3a3eebf9
Lowercase "data" correctly
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-10 11:13:46 +02:00
5b4adf66e5
Move OC_Defaults to OCP\Defaults
...
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
bee0a3699e
removed path to datadir
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-04 19:07:59 -05:00
a7cc8c86ab
Redirect to 2FA selection screen
...
Apps like 'rainloop' use \OCP\Util::isLoggedIn() to check whether the
current request is authenticated. Since we redirected to the index
page before, it resulted in an infinite redirection loop. This change
sets the redirection URL to the 2FA selection page, which is the only
allowed page in that authentication state.
Fixes https://github.com/nextcloud/server/issues/3702
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-03 14:31:57 +02:00
354a24e0aa
also rename defaultMailHeaderColor to defaultColorPrimary
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-29 18:23:23 +02:00
698396a927
Add fallback to getMailHeaderColor so we don't break existing themes
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-03-29 18:23:23 +02:00
9a75714c22
rename confusing getMailHeaderColor to getColorPrimary, ref #3491
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-29 18:23:23 +02:00
dbf6b7ff86
Merge pull request #4127 from nextcloud/update-legacy-csp-policy
...
Update legacy CSP policy
2017-03-28 17:47:32 -06:00
3a90ab7e0a
Update legacy CSP policy
...
Aligns it with the one enforced by the AppFramework
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-28 23:55:31 +02:00
da11931815
Merge pull request #4084 from nextcloud/fix-log-spam-with-too-few-navigation-items
...
Don't spam the log with "Undefined index showInHeader"
2017-03-27 15:53:08 -06:00
fc044caab1
Merge pull request #4072 from nextcloud/move-x-frame-options-into-php
...
Move X-Frame-Options into PHP
2017-03-27 15:05:22 +02:00
81d87b01fe
Don't spam the log with "Undefined index showInHeader"
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-27 10:24:10 +02:00
0229c16e5f
Don't use the dropdown for one item only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-26 21:23:18 +02:00
054e161eb5
Manage the right side menu via the navigation manager as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-26 19:40:41 +02:00
ec330c7ac4
Register the app management in the normal way
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-26 19:08:51 +02:00
bff6c8aafc
Move X-Frame-Options into PHP
...
The public calendar view should be embeddable and we can't do that if the .htaccess sets a global X-Frame-Options.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 17:26:11 +02:00
6a470e5935
Merge JS for template prepend
...
Shaves off 14 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:37:13 +01:00
eda98ed3df
Merge vendor js
...
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
e4d4fb5352
Only initialize backbone once
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 22:48:58 +01:00
4518a28924
Revert "Bundle vendor js"
2017-03-22 17:01:54 +01:00
0b5e1814be
Merge pull request #3977 from nextcloud/di_ng2
...
Make DI work for all apps
2017-03-22 15:36:52 +01:00
9667ac2b8e
Register the namespace with the autoloading to allow reverse recovery
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-22 11:55:04 +01:00
a427e130ae
When debug don't load the bundled file
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:58:28 +01:00
98a14909e1
Bundle more default vendor js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:49:03 +01:00
7195a9323d
Merge vendor js
...
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:48:10 +01:00
450a899f01
Merge pull request #3945 from nextcloud/downstream-27298
...
Adding file, line, class and function to the query logger (#27298 )
2017-03-20 13:16:10 +01:00
45567572c8
Adding file, line, class and function to the query logger ( #27298 )
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:39:51 -06:00
8c27437ac0
HTTP 1.1 used when giving 403 and 404 errors while attempting to download non-existent file
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:14:26 -06:00
edd55b0ea9
Use SystemConfig instead of AllConfig for DB stuff
...
* preparation for followup PRs to clean up the DB bootstrapping
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 15:53:49 -06:00
cd4ebe2777
Merge pull request #3008 from nextcloud/appmenu-experiment
...
Show apps in header
2017-03-16 13:03:41 -06:00
57c1be8633
Merge pull request #3802 from Ko-/master
...
Check that set_time_limit is not disabled before calling it
2017-03-16 12:27:26 +01:00
7eae6690ad
Make app management icon act like a normal app icon
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
61dc78e6dc
Fix menu issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
a630e4629f
Generate seperate menu list for header bar
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
e3e4cb3e67
Move active app to the first slot
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
252858ec5e
Do not double cherck app update
...
In base.php the apps are already checked for an update. No need to
repeat this during loading of the app.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-13 18:07:41 -06:00
0024b67aaf
Check that set_time_limit is not disabled before calling it
...
Signed-off-by: Ko- <k.stoffelen@cs.ru.nl>
2017-03-11 17:04:21 +01:00
42ee401376
Merge pull request #3778 from nextcloud/verify_jpg_files
...
Test if a file is a valid jpg file
2017-03-10 18:17:51 +01:00
a5ba1f7803
Remove legacy class OC_Group and OC_User
...
* basically a straight replacement of the wrapped code at the calling code parts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 17:35:09 -06:00
0c22a66967
Add more styles to the server.scss
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 15:36:03 -06:00
f2cf85fad2
[PoC] combine 2 scss files!
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-09 20:42:34 +01:00
7dd760d737
Test is a file is a valid jpg file
...
During preview generation if we provide an invalid JPG file the system
errors out with a PHP Fatal Error. Now we can't catch Fatal Errors (in
5.6). I suspect that exif_imagetype to fall back to the extention.
However a valid jpg file has a size. So we request the size of the image
and just drop out if that returns false.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-08 21:48:30 +01:00
9f82bb9b4f
Merge pull request #3689 from nextcloud/cleanup-legacy-classes
...
Cleanup not used legacy classes
2017-03-03 12:04:27 +01:00
6174a514b7
Get rid of static OCS::notFound()
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-03 00:41:21 -06:00
d85a351e77
Cleanup not used legacy classes
...
* Person was removed via #2170
* other lcasses/interfaces are not used at all
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-03 00:31:33 -06:00
e399097e3a
Remove deprecated OC_User::isLoggedIn
...
Signed-off-by: Sebastian Wessalowski <sebastian@wessalowski.org>
2017-03-02 22:59:39 +01:00
079888f918
Fix code quality a bit
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-22 14:53:15 +01:00
1e281bc616
Use 90% JPEG quality for thumbnails and previews by default
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-22 14:53:15 +01:00
2b898bd82c
Revert "cache the storage info for 5 min"
2017-02-16 11:58:45 -06:00
cf582a6d14
Merge pull request #3439 from nextcloud/oc-26963
...
Make sure invalid images don't flood the log file
2017-02-16 16:34:18 +01:00
92c74d2f9a
Don't force displayname if backend already provides one
...
`\OC_User::loginWithApache` is used in combination with backend mechanisms like our SSO / SAML integration. Those can optionally already provide a displayname using other means. For example by mapping SAML attributes.
The current approach makes it however impossible for backends using `\OCP\Authentication\IApacheBackend` to set a displayname on their own. Because the display name will simply be overwritten with the loginname.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-02-16 13:55:48 +01:00
200a28255e
Always enable avatars
...
* we introduced this setting in the begining because our
avatar support caused some performance issues, but we
fixed them and should only provide one way how Nextcloud
looks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 17:53:33 -06:00
2585f195da
Check if color exists in palette before using it
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-02-10 16:27:51 +01:00
69046c6662
Make sure invalid images don't flood the log file
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-10 13:44:16 +01:00
5bad417e57
Merge pull request #2044 from nextcloud/login-credential-store
...
Login credential store
2017-01-30 19:30:04 -06:00
f55260bc83
Merge pull request #3214 from nextcloud/cache-storage-info
...
cache the storage info for 5 min
2017-01-24 13:49:45 +01:00
cbc18b7c8b
hash the path used for the cache key to prevent key length problems
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-24 11:18:05 +01:00
e38a978623
cache the storage info for 5 min
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-23 14:52:50 +01:00
0aaf209c66
Prevent PHP request to get killed when using fclose callback ( #26775 )
...
* Prevent PHP request to get killed when using fclose callback
* Add ignore_user_abort everywhere where the time limit is set to 0
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-23 12:33:20 +01:00
fcfb4205bc
Fix tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-13 18:33:43 +01:00
587eca3ccd
Remove the magic parsing of the description
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-13 18:33:42 +01:00
140555b786
always allow remembered login
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
ec4b0d1e84
Remove group restrictions when those are not allowed anymore
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-04 10:40:14 +01:00
91c87d3a7a
Merge pull request #2820 from nextcloud/testing-md5home
...
Testing md5home (#26854 )
2016-12-23 12:22:15 +01:00
44052210a2
Only show version in settings - do not list channel
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-22 14:19:29 +01:00
b32e252fb0
Testing md5home ( #26854 )
...
* Allow clearing default user backends in config.php
When specifying "user_backends" in config.php, a new option "default"
when set to false will prevent the default user backend to be
registered. The default one is the database backend.
This makes it possible to select exclusive user backends from apps.
* Testing app provides test user backend for alternative homes
The backend provide md5 result to getHome()
* Only md5 the user home when it's not the admin
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-22 11:03:42 +01:00
32bf8ec826
Don't use cached informations for app version
...
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:
- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)
This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.
While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-09 18:01:45 +01:00
98bdef8d83
Cahnge URL for desktop clients directly to pop-up
...
by adding `/#install-clients` to the URL
Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-12-08 12:40:52 +01:00
a2867c0664
Properly check the data dir
...
* fixes #1364
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-05 23:35:35 +01:00
d86b29b42b
Merge pull request #2066 from nextcloud/fix-redirect-double-encoding
...
do not double encode the redirect url
2016-11-29 17:21:43 +01:00
734dd3a2e6
Use correct channel information
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-29 11:29:43 +01:00
d2ff6c569e
Keep the filemtime for files when downloading them in a zip/tar
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-28 11:36:10 +01:00
9528045178
Add jquery ui fixes js file
...
+ fix autocomplete width (fix #2324 )
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-11-25 16:44:51 +01:00
7eaaffeee0
Update link to the docs to 11
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-22 13:29:24 +01:00
58685413d2
fix white screen of death in maintenance mode when theming is disabled
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-21 13:10:55 +01:00
1614b310ef
Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
...
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.
Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-11-16 22:28:49 +01:00
43e22f4da4
Add autoloader path for newly installed apps too
...
* followup to https://github.com/nextcloud/server/pull/2148
* problem noticed in https://github.com/nextcloud/files_antivirus/pull/11
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-16 12:55:34 +01:00
d03446a0ae
Merge pull request #2148 from nextcloud/add_autoloader_before_enabling
...
Add autoloader before enabling apps
2016-11-16 12:09:39 +01:00
b2248efd75
Allow to register Providers
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:45 +01:00
13ff56bfc5
Allow to register settings/types via info.xml
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:44 +01:00
280d5325c7
Allow to register activity filters via info.xml
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:40 +01:00
3c00ff2616
Merge pull request #2145 from nextcloud/docs_to_com
...
docs are on nc.com
2016-11-16 00:57:35 +01:00
d826e04757
Add autoloader before enabling apps
...
Else apps that require already autoloading in the installer
(files_antivius) die hard!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 22:28:57 +01:00
39f336035b
docs are on nc.com
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 19:17:42 +01:00
7a8bf6ea26
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 18:10:17 +01:00
028c668293
Do not cache version info in the sessions
...
If the session is cleared and closed for whatever reason the loadVersion
will write to the session anyways. This will lead to an exception.
This should fix #1303
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 17:53:12 +01:00
895b638a2c
We need to ensure that the app holding the objectstore implementation is loaded - fixes owncloud/objectstore#38
2016-11-14 15:00:45 +01:00
0ebffa4a5f
do not double encode the redirect url
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-09 16:14:46 +01:00
9296038d78
Fix preview URLs
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-08 16:39:13 +01:00
e6b52ef4cd
Merge pull request #1347 from nextcloud/bring-back-remember-me
...
fix remember me login
2016-11-02 18:32:38 +01:00
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
d805df7bb3
Use findAppInDirectories
...
The other function doesn't work if the appstore is disabled
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:30:02 +01:00
8acb54aa0b
Add update support
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:47 +01:00
df7fd2b57c
Query the timefactory instead of creating it
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:46 +01:00
0e2aee2be6
Replace with exception instead of boolean return value
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:46 +01:00
32cf661215
Use new appstore API
...
This change introduces the new appstore API in Nextcloud.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:44 +01:00
94d09141f8
Remove legacy l10n
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 22:16:33 +02:00
83e7cfd13a
Fix more tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 22:16:28 +02:00
740659a04c
Move away from OC_L10N
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
b05fe45d52
Fix avatar on exif rotated images
...
Fixes #1928
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 21:37:11 +02:00
fdcb8edd78
Add nonce also to legacy CSP
...
Pages that do not use the AppFramework have its CSP inherited from `\OC_Response::addSecurityHeaders`. While those are not many anymore, there are some examples such as the "Help" page.
To stay completely backwards-compatible we should also add the nonce to the legacy CSP response.
To test that open your browser console and open the help page. Without this you will get a JS error. With this you won't.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-26 09:41:18 +02:00
890f752a6b
Merge pull request #1452 from nextcloud/appconfig-endpoint
...
Appconfig endpoint
2016-10-25 10:57:48 +02:00
8a231a4223
Merge pull request #1829 from nextcloud/downstream-26256
...
Fix login page handling for disabled users
2016-10-24 21:35:53 +02:00
567e28b01a
Merge pull request #1885 from nextcloud/downstream-26295
...
App dependencies are now analysed on app enable as well - not only on…
2016-10-24 21:26:50 +02:00
14b1d946a8
Remove checks whether OC is running on Windows pt. 2
2016-10-24 16:12:17 +02:00
03ec052b4e
App dependencies are now analysed on app enable as well - not only on app install.
2016-10-24 15:59:46 +02:00
1be6213ba4
Merge pull request #1832 from nextcloud/select2-into-core
...
Select2 into core
2016-10-22 14:35:07 +02:00
3e5e07aa64
Template css order
...
Select2 systemtags removal
Settings again
Fix Script
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-10-21 16:56:31 +02:00
0b1fb180a5
Make AppConfig part of the public API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:23 +02:00
246bb9f33d
Move OC\Files\Storage\Shared to the right namespace
2016-10-20 20:27:44 +02:00
0417cbafd0
Changed request to not add a prefix to the url ( #26256 )
...
* Changed request to not add a prefix to the url
* Expecting forbidden instead of service unavailable
* Handling login exceptions
2016-10-20 17:21:08 +02:00
f7ca3ec201
Remove unneeded compatibility polyfills
...
- `Object.create` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/create#Browser_compatibility
- `Object.keys` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/keys#Browser_compatibility
- `Array.prototype.filter` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/filter#Browser_compatibility
- `Array.prototype.indexOf` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf#Browser_compatibility
- `Array.prototype.map` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/map#Browser_compatibility
- `Function.prototype.bind` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/bind#Browser_compatibility
- `String.prototype.trim` supported with IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/Trim#Browser_compatibility
- `outerHTML` supported with Firefox 11+: https://developer.mozilla.org/en-US/docs/Web/API/Element/outerHTML#Browser_compatibility
- `window.devicePixelRatio` supported in IE11+: http://caniuse.com/#feat=devicepixelratio
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 10:17:18 +02:00
a8cf110ec6
Remove unneeded placeholder polyfill
...
* placeholders are supported in IE11+
* http://caniuse.com/#feat=input-placeholder
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 00:00:25 +02:00
195fc041da
Merge pull request #1663 from nextcloud/dont-reparse-info-xml
...
Dont reparse info xml + cache AppInfo XML
2016-10-10 09:22:43 +02:00
0245dd7221
Simplify isSubDirectory check
...
Shaves off another 9ms per request as can be seen at https://blackfire.io/profiles/compare/dd54cef3-e58d-4a22-b8f4-c7c4b70697be/graph
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:56:43 +02:00
0c2b17c80f
Cache AppInfo in Memory Cache if configured
...
This saves around 20ms on a bare-bone instance, on bigger ones more (depending on the number of installed apps).
See https://blackfire.io/profiles/compare/fc326ad3-100d-49b8-8ea9-8343240f53f3/graph
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:29:23 +02:00
67d3574bdf
Don't parse info.xml but reuse already cached app infos - fixes #25603 ( #25968 )
...
* Don't parse info.xml but reuse already cached app infos - fixes #25603
* Use === in InfoParser. Fixes test
* InfoParser should not depend on UrlGenerator - fixes issue with session being closed too early
2016-10-07 20:58:22 +02:00
ea9b1cc340
Merge pull request #1306 from nextcloud/simplefs
...
Introducing AppData
2016-10-06 09:25:15 +02:00
f23390ed02
Kill users with the reserved name on login
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
53ed3da052
Fallback from "de" to "de_DE" and the other way around
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-04 13:29:54 +02:00
3a5022ad5b
Allow multiple names and description
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 11:00:58 +02:00
da0cea404d
Kill update simulation
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:43:53 +02:00
6a3e0f33b3
Merge pull request #1489 from nextcloud/fix-status-code-when-app-is-disabled
...
Return 404 on v2.php when the app is disabled
2016-09-27 11:04:57 +02:00
19ad11cce4
Graceful error handling and logging
...
Right now a failed "copyr" will result in the error log being spammed with not really helpful error messages. Also situations such as `$dir` returning `false` are not really caught.
This adds more error handling and logging to make debugging such situations easier.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-25 19:03:42 +02:00
78210c8300
Return 404 on v2.php when the app is disabled
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-22 12:18:40 +02:00
7c0951244a
Deprecate getEditionString()
2016-09-06 16:05:28 +02:00
b072c6c943
Move navigation entries without order to the end
2016-09-02 09:11:58 +02:00
df1cc94c23
Some cleanup within OC_Image ( #25875 )
2016-08-29 14:31:59 +02:00
25f1fdb275
Merge pull request #847 from nextcloud/quota-mount-in-homefolder
...
fix quota calculation when a filesystem is mounted in a user home
2016-08-28 15:05:46 +02:00
9dc23592c3
Merge pull request #1105 from nextcloud/usermenu-ordering
...
fix ordering of user menu entries
2016-08-28 10:30:16 +02:00
4d85ffc27c
Merge pull request #1054 from nextcloud/less-cache-hits
...
Reduce the number of cache operations for dav operations
2016-08-27 22:44:29 +02:00
0517f41b3f
fix ordering of user menu entries
2016-08-27 22:42:08 +02:00
2693ae870e
cache user folders
2016-08-25 17:22:25 +02:00
6af2efb679
prevent infinite redirect loops if the there is no 2fa provider to pass
...
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
2016-08-24 10:49:23 +02:00
0747e96b9c
Cache registered autoloaders
...
This saves more than 20ms (!) on every request, the previous problem was that `\OC_App::registerAutoloading` calls `\OC\AppFramework\App::buildAppNamespace` which parses the appinfo.xml. Since that was also called multiple times (e.g. on cloud.nextcloud.com over 200 times) that had a significant performance impact. Also on simple PROPFIND requests.
https://blackfire.io/profiles/compare/65a53e6e-7f35-4974-b559-4c81abd01c3b/graph shows the difference nicely.
2016-08-22 23:49:46 +02:00
3a17fabd04
Remove unused private classes
2016-08-18 09:37:11 +02:00
5aaa065d6d
Merge pull request #848 from nextcloud/public-link-quota
...
fix getting quota for public links with quota_include_external_storage
2016-08-17 20:13:56 +02:00
5a599d5c4e
Merge pull request #899 from nextcloud/nfd-default
...
[us] Disable NFD encoding wrapper by default
2016-08-17 14:46:52 +02:00
9f523518f3
Disable NFD encoding wrapper by default
...
Seems I forgot to set it back to false after testing.
Will give a performance boost for all storages.
2016-08-17 11:54:33 +02:00
717e22267a
Merge branch 'master' into implement_712
2016-08-16 18:31:59 +02:00
208e551216
check registered sections and settings after an app got updated to garbage collect orphaned classes
2016-08-16 00:56:17 +02:00
264aaf9ffa
use $userId instead of $user
2016-08-14 19:50:19 +02:00
26342061b9
Ensure the user exists before calling a method on it - fixes #24751
2016-08-14 19:50:03 +02:00
85d3fb76d7
fix getting quota for public links with quota_include_external_storage
2016-08-12 15:59:19 +02:00
ef2116a17a
fix quota calculation when a filesystem is mounted in a user home
2016-08-12 15:41:37 +02:00
ac04ba6784
register app autoload instead of loading apps
2016-08-12 13:23:14 +02:00
8261ccce1b
Merge branch 'master' into implement_712
2016-08-11 19:37:17 +02:00
f3b15a9ab9
fixes, improvements, and another app:
...
* setupSettings now also triggered on enable
* fixes detection of present admin section or settings in the DB
* add update routine in such cases
* encryption app migrated
2016-08-11 01:41:18 +02:00
0fc34c99f4
fix registration of admin settings and section on app install
2016-08-11 00:45:15 +02:00
1eb8b951c2
more admin page splitup improvements
...
* bump version to ensure tables are created
* make updatenotification app use settings api
* change IAdmin::render() to getForm() and change return type from Template to TemplateResponse
* adjust User_LDAP accordingly, as well as built-in forms
* add IDateTimeFormatter to AppFramework/DependencyInjection/DIContainer.php. This is important so that \OC::$server->query() is able to resolve the
constructor parameters. We should ensure that all OCP/* stuff that is available from \OC::$server is available here. Kudos to @LukasReschke
* make sure apps that have settings info in their info.xml are loaded before triggering adding the settings setup method
2016-08-10 15:21:25 +02:00
93047f5e4d
Merge pull request #777 from nextcloud/ocs_capabilities
...
Move /cloud/capabilities and /cloud/user to Core
2016-08-10 00:43:13 +02:00
9fbdb0efe8
Merge pull request #529 from nextcloud/vendor-maintenance-downgrade
...
Allow downgrades of maintenance accross vendors
2016-08-10 00:25:53 +02:00
e2f54559d6
Remove OC_OCS_Cloud and OC\OCS\Cloud
2016-08-09 20:56:31 +02:00
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
740349fda3
libxml - compare against loaded version
...
* if the compiled in version is older than the loaded version Nextcloud doesn't work
* uses the loaded libxml version to check against
fixes #205
2016-07-28 08:30:33 +02:00
686cb599b6
fix autoloading in LPAP integration tests, resolves #544
2016-07-25 11:05:59 +02:00
5c34346479
Allow downgrades of maintenance accross vendors
2016-07-22 14:51:43 +02:00
0215b004da
Update with robin
2016-07-21 18:13:58 +02:00
ba87db3fcc
Fix others
2016-07-21 18:13:57 +02:00
4f42c3d725
Revert "Remove "Help" link from personal sidebar"
...
This reverts commit deef15a3c7
2016-07-21 02:25:00 +02:00
7c6896f091
Link to proper clients
2016-07-21 01:56:47 +02:00
9a1ff29351
Use proper documentation links
...
Since it is just faking the 10 we need to hardcode this here...
2016-07-21 00:36:52 +02:00
c385423d10
Merge pull request #479 from nextcloud/add-bruteforce-throttler
...
Implement brute force protection
2016-07-21 00:31:02 +02:00
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
020a2a6958
Merge pull request #476 from nextcloud/port-same-site-cookies
...
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
a299fa38a9
[master] Port Same-Site Cookies to master
...
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
e9c85e02ac
Merge pull request #462 from nextcloud/master-explode
...
[master] Use explode() instead of split()
2016-07-20 18:31:11 +02:00
99316ec02c
Show app name in error message if app could not be loaded. ( #25441 )
2016-07-20 15:16:16 +02:00
4f90447150
[master] Use explode() instead of split()
...
Sync from https://github.com/owncloud/core/pull/25488
2016-07-20 14:36:39 +02:00
ea470f8777
Merge pull request #405 from nextcloud/theming-fixes
...
Theming fixes
2016-07-18 15:59:47 +02:00
72464f1ce4
Remove asset pipelin
...
Fixes #215
The asset pipeline has shown to do more harm than good. Some apps fail
hard with it. Also it makes sure that you download a huge file on each
unvisited page.
2016-07-15 20:14:11 +02:00
2c988ecbf4
Use the themed Defaults everywhere
2016-07-15 09:17:30 +02:00
c2d88a08b7
Remove unneeded checks if it runs on a Windows machine
...
* the setup check is still there
2016-07-08 15:55:17 +02:00
27b699bdbc
Migrate logic to dynamic controller
...
Also adds support for having custom login backgrounds
2016-06-27 10:26:23 +02:00
10f6ca20bc
write theme settings to database
2016-06-27 10:26:22 +02:00
7a9d60d87e
Merge remote-tracking branch 'upstream/master' into master-upstream-sync
2016-06-26 12:55:05 +02:00
7f22aeb5d6
redirect to new login route ( #25099 )
...
* redirect to new login route
* encode anchor in url and restore it client-side
2016-06-21 16:14:51 +02:00
e95c15e53a
fix more strings
2016-06-20 13:14:24 +02:00
42c66efea5
Merge branch 'master' of https://github.com/owncloud/core into downstream-160611
2016-06-11 15:34:43 +02:00
7b3dc806eb
Check 2FA state for raw php files too
2016-06-10 09:52:52 +02:00
a636e4ff28
Downstream 2016-06-09
...
Merge branch 'master' of https://github.com/owncloud/core into downstream-160609
2016-06-09 18:45:12 +02:00
51fd2602a7
Revert "Downstream 2016-06-08"
2016-06-09 17:41:57 +02:00
6ba18934e6
Merge pull request #25000 from owncloud/fix-email-login-dav
...
Allow login by email address via webdav as well
2016-06-09 16:28:06 +02:00
bee918693a
dissalow symlinks in local storages that point outside the datadir
2016-06-09 14:00:01 +02:00
f20c617154
Allow login by email address via webdav as well - fixes #24791
2016-06-09 12:08:49 +02:00
90c1ec1c49
Merge pull request #25014 from owncloud/admin-datadircheck-fix
...
Use temporary htaccesstest.txt for data dir security check
2016-06-09 11:58:28 +02:00
81145ee57c
THIS IS NEXTCLOUD! adjusting the design
2016-06-08 17:02:18 +02:00
fb087a0261
Use temporary htaccesstest.txt for data dir security check
2016-06-07 18:36:13 +02:00
7b1b723e5b
dissalow symlinks in local storages that point outside the datadir
2016-06-07 14:01:53 +02:00
deef15a3c7
Remove "Help" link from personal sidebar
...
At the moment we want to hide the help link from the personal sidebar as it contains the original ownCloud documentation.
Once we have our own documentation with our proper branding and so on we can reenable this.
2016-06-06 18:40:15 +02:00
7d31ae9909
Fix second check for quota size ( #24989 )
2016-06-06 13:47:53 +02:00
53398b5146
Merge pull request #24936 from owncloud/2fa-block-ocs
...
block OCS if 2FA challenge needs to be solved first
2016-06-02 14:55:34 +02:00
f37d519d0d
Merge pull request #24946 from owncloud/issue-24943-duplicate-downgrade-unsupported-message
...
Do not show the hint when it's the same as the message
2016-06-02 10:40:53 +02:00
1d2cdfb9fd
Fix URL for client downloads
2016-06-01 16:58:57 +02:00
13892417c4
Do not show the hint when it's the same as the message
2016-06-01 13:34:57 +02:00
3ec6f4e165
block OCS if 2FA challenge needs to be solved first
2016-06-01 11:19:49 +02:00
7b4459d28d
Merge pull request #24912 from owncloud/session-tokens-apache-auth
...
Create session tokens for apache auth users
2016-06-01 10:56:10 +02:00
c58d8159d7
Create session tokens for apache auth users
2016-05-31 17:07:49 +02:00
a23df94af1
Properly check for mbstring extension
...
mb_detect_encoding is in the fallback we ship in the polyfill library, mb_strcut is not. Thus this lead to a false positive and ownCloud would just break.
2016-05-31 08:12:36 +02:00
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
51b0036d8f
Changed labels of chunk TTL to mention chunks
2016-05-24 15:18:56 +02:00
c9b26d065b
Move cache chunk TTL value to FileChunking class
...
This makes it less generic and only used for actual file chunking
2016-05-24 14:58:27 +02:00
adcf942901
Merge pull request #24750 from owncloud/lenz1111-share_download_range_requests_support
...
Http Range requests support in downloads
2016-05-23 21:01:26 +02:00
6577bbe887
Code style and doc fix
2016-05-23 15:17:00 +02:00
9999e05660
Http Range requests support in downloads
...
Http range requests support is required for video preview
2016-05-20 18:16:44 +02:00
db4c7fe743
Add encoding wrapper as opt-in mount option
...
The encoding wrapper is now only applied when the mount option is set,
disabled by default.
2016-05-20 09:33:59 +02:00
63bbbf29f4
Add wrapper for NFD encoding workaround
2016-05-20 09:33:59 +02:00
5c9103287f
Group fixup ( #24621 )
...
* Move used OC_Group_xx to \OC\Group
* Add (deprecated) legacy wrapper in legacy, OC_Group_xx
* Replace deprecated use of OC_Group_xx with \OC\Group\xx
2016-05-17 16:06:44 +02:00
eb79b83831
Move functions.php to legacy
...
This file should really be properly namespaced etc!
2016-05-13 08:54:07 +02:00
9b05f37fad
lib/private/ocs to PSR-4 ( #24558 )
...
* Move OC_OCS_XX to legacy
* Move \OC\OCS to PSR-4
* OC_OCS_xx to \OC\OCS\xx
* Moved OC_OCS_xx to proper namespace
* OC_OCS_xx is still there for legacy reasons as a wrapper
* No calls to OC_OCS_xx in \OC\OCS\
2016-05-12 09:43:53 +02:00
8729415880
Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands
...
Correctly register PSR-4 autoloading before install.php and loading commands
2016-05-11 13:53:16 +02:00
46bdf6ea2b
fix PHPDoc and other minor issues
2016-05-11 13:36:46 +02:00
699289cd26
pass in $request on OCS api
2016-05-11 13:36:46 +02:00
7aa16e1559
fix setup
2016-05-11 13:36:46 +02:00
fdc2cd7554
Add token auth for OCS APIs
2016-05-11 13:36:46 +02:00
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
db16dc6644
Correctly register autoloading before install.php and loading commands
2016-05-11 11:18:00 +02:00
9eea062004
Merge pull request #24433 from owncloud/user_psr4
...
lib/private/user to PSR-4
2016-05-11 11:16:56 +02:00
4a05e9ce76
Merge pull request #24379 from owncloud/remove-unneeded-code
...
Remove unneeded private wrapper methods
2016-05-10 20:19:48 +02:00
f6ee738ba8
Add \OC\User\Backend
...
Since some apps (ldap et al) still depend on OC_User_Backend this seemed
like the cleanest approach.
2016-05-10 19:53:36 +02:00
9e1d9871a8
Move OC_User_Database to \OC\User\Database
2016-05-10 19:53:36 +02:00
c51ebb02fa
Move OC_User_XX to legacy folder
2016-05-10 19:53:36 +02:00
61be98f554
Merge pull request #24410 from owncloud/fix_24182
...
first call the post_login hooks, before we call getUserFolder.
2016-05-04 10:23:38 +02:00
4b2544925f
Merge pull request #23844 from owncloud/disable-user
...
Add occ commands to enable and disable a user + a disabled user can n…
2016-05-03 15:22:41 +02:00
df2eb96cc4
Merge pull request #24389 from owncloud/login-by-email
...
Allow login by email address
2016-05-03 13:44:38 +02:00
8c0984d605
first call the post_login hooks, before we call getUserFolder.
...
The login process needs to be completed before we can safely create
the users home folder. For example we need to give encryption a chance
to initialize the users encryption keys in order to copy the skeleton
files correctly
2016-05-03 10:46:05 +02:00
71fa0a75bf
Allow declaration of background jobs in info.xml
2016-05-03 08:58:12 +02:00
adf7e7295e
Merge pull request #24375 from owncloud/archive_move
...
Move OC_Archive to \OC\Archive and PSR-4
2016-05-03 08:37:01 +02:00
a72e6a2dac
Merge pull request #24386 from owncloud/psr4-for-apps
...
PSR-4 for apps
2016-05-03 08:24:22 +02:00
c96ed5c4ce
Move OC_Archive to \OC\Archive\Archive
...
* Move out of legacy folder
* Move to proper namespace
* Fix calling code
2016-05-02 19:34:32 +02:00
0cb434686c
Move OC_Archive_XX to PSR-4
...
* Fix code
* Fix tests
2016-05-02 19:32:51 +02:00
d879354ccb
Use lib/ instead of src/ because that is what people are used to
2016-05-02 15:45:52 +02:00
ee3457aec0
Register the PSR-4 path on loadApp
2016-05-02 15:17:14 +02:00
7aca13f14c
Allow login by email address
2016-05-02 14:51:01 +02:00
5595e038ae
Remove unneeded private wrapper methods
2016-05-02 11:23:14 +02:00
9b875db8b8
OCS API should catch LoginExceptions
...
Catching the login exception and returning false (login failed). Makes
the OCS API properly return data instead of printing the exception page.
2016-05-02 09:31:22 +02:00
9c9fec36dd
Add occ commands to enable and disable a user + a disabled user can no longer login - fixes #23838
2016-05-02 09:31:22 +02:00
5e055ca6c1
Move uninstall repair step execution to the correct place
2016-05-02 09:22:26 +02:00
f91e5f87d2
Fix installer file location
2016-05-02 09:06:19 +02:00
e049953d1a
OC_Installer -> \OC\Installer
2016-05-02 08:52:06 +02:00
54f45f95f5
Adding repair steps for install and uninstall - fixes #24306
2016-05-02 08:52:06 +02:00
d89b533fa5
Move old classes to legacy
2016-05-01 13:09:28 +02:00
368be8894c
Move non PSR-4 files from lib/private root to legacy
...
As discussed we move all old style classes (OC_FOO_BAR) to legacy.
Then from there we can evaluate the need to convert them back or if they
can be fully deprecated/deleted.
2016-04-30 11:32:22 +02:00
20020abff4
Move OC_L10N_String to legacy folder
2016-04-27 20:23:25 +02:00
d09f835dca
Move \OC\DB to PSR-4
...
Besides the statement wrapper that is moved to the legacy folder
(namepsace of shame folder)
2016-04-15 19:46:34 +02:00
c353d51810
Remove Scrutinizer Auto Fixer
2016-03-01 17:48:23 +01:00
933f60e314
Update author information
...
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Joas Schilling
Lukas Reschke
Morris Jobke
Kawohl
Christoph Wurst
Jan-Christoph Borchardt
Julius Härtl
Georg Ehrke
Roeland Jago Douma
Roeland Jago Douma
blizzz
Thomas Müller
noveens
Ko-
Sebastian Wessalowski
Victor Dubiniuk
Robin Appelman
Vincent Petry
Felix A. Epp
John Molakvoæ (skjnldsv)
Thomas Müller
RealRancor
John Molakvoæ
Joas Schilling
Sergio Bertolín
Raghu Nayyar
Jörn Friedrich Dreyer
Klaas Freitag
Björn Schießle
Lukas Reschke
Christoph Wurst
Christoph Wurst
Robin Appelman
Joas Schilling
Piotr Filiciak
Roeland Jago Douma
Björn Schießle