Commit Graph

8145 Commits

Author SHA1 Message Date
Robin Appelman 05d2f61a59
handle not found mounts when cleaning avatars
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-11 16:56:10 +01:00
Roeland Jago Douma 10aa287463
Remove avatar on user deletion
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-11 16:07:06 +01:00
Roeland Jago Douma 949fc50cc5
Dispatch event on User predelete
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-11 16:05:38 +01:00
Morris Jobke 07e6387b31
Merge pull request #7449 from nextcloud/fix-setup
Fix 500 on setup page
2017-12-11 16:00:11 +01:00
Roeland Jago Douma e8acf448eb
Merge pull request #6651 from nextcloud/remote-cloud-client
Add api clients for talking to remote clouds
2017-12-11 15:28:39 +01:00
Roeland Jago Douma e47137c7d4
Merge pull request #6682 from nextcloud/dav-mimetype-fallback
Fallback to filename based detection if the remote dav server doesn't…
2017-12-11 15:28:05 +01:00
Morris Jobke 7c39711798
Merge pull request #7427 from nextcloud/fix-white-color-in-emails
Fix email buttons for white theme
2017-12-11 15:16:28 +01:00
Morris Jobke ce69d9ec71
Fix 500 on setup page
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-11 15:03:55 +01:00
Morris Jobke cce4c285db
Fix email buttons for white theme
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-11 14:33:54 +01:00
Morris Jobke 52e7d05163
Fix syntax error
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-11 14:24:23 +01:00
John Molakvoæ (skjnldsv) 1ac31260ac
Fixed phpdoc and function type
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-12-11 14:24:23 +01:00
John Molakvoæ (skjnldsv) f018bfc7de
Fixed md5 generation and added fallback for scss requests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-12-11 14:24:23 +01:00
John Molakvoæ (skjnldsv) 820e7b5aba
Use apps versions to generate suffix when possible
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-12-11 14:24:23 +01:00
Morris Jobke ed7beb929e
Merge pull request #6876 from nextcloud/always_img_avatar
Always generate avatar
2017-12-08 23:58:17 +01:00
blizzz 83509b0fd3
Merge pull request #7334 from nextcloud/feature/noid/language-depending-skeleton-directory
Allow `{lang}` as a placeholder in the skeleton directory
2017-12-08 18:19:01 +01:00
Robin Appelman 5ce69e7c42
Add some more tests for ocs remote api
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:37:14 +01:00
Robin Appelman f1eb55fad7
refuse to use http if we know a remote has https
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:37:14 +01:00
Robin Appelman 78a24e3b81
validate user response
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:37:14 +01:00
Robin Appelman 8b01176f60
add more typehints
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:37:14 +01:00
Robin Appelman 5133a31d3c
Add public api for remote api
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:37:14 +01:00
Robin Appelman 74b5ce8fd4
Some tests for the remote cloud api
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:34:33 +01:00
Robin Appelman ac2c26ffcb
Add api clients for talking to remote clouds
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-08 16:34:33 +01:00
Morris Jobke 66f523e13f
Better center the letter and use semibold font type
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-08 16:24:31 +01:00
Morris Jobke 8ffd4428bb
Fallback to "default" and check if directory exists
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-08 12:28:41 +01:00
Morris Jobke c32cb6b4b7
Merge pull request #7385 from nextcloud/shared-delay-root
delay calculating the shared cache root until it's used
2017-12-06 15:14:48 +01:00
Roeland Jago Douma 6e45034745
Merge pull request #7351 from nextcloud/change-default-german-language
use formal version of German by default
2017-12-06 08:30:14 +01:00
Robin Appelman 046eb0c635
add retry wrapper when reading files from swift
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-04 16:34:53 +01:00
Robin Appelman c87d689253
delay calculating the shared cache root until it's used
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-12-04 15:16:39 +01:00
Morris Jobke 72bb7c3074
Fix PHP doc for API docs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-03 12:02:29 +01:00
Bjoern Schiessle 2c3d97cc8f
check if $defaultLanguage is a valid string before we move on
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-12-01 16:14:51 +01:00
Bjoern Schiessle 8b734347b1
use formal version of German if default_language is set to 'de_DE'
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-11-30 17:29:08 +01:00
Arthur Schiwon 1b7dfd73af
Allow to skip data dir permission checks by config
Enables installation on services that don't allow/support permission
changes.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-30 11:16:00 +01:00
Roeland Jago Douma d5496dc435
Since we update the avatar in the sync service remove the generated file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-29 14:23:15 +01:00
Roeland Jago Douma 03d9e7e963
Sinc we use AppData the regex is not needed anymore
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-29 14:23:15 +01:00
Roeland Jago Douma ba648eecdf
Move avatar code to Avatar Class
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-29 14:23:15 +01:00
Joas Schilling 8e684f76e5
Allow `{lang}` as a placeholder in the skeleton directory
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-29 10:04:53 +01:00
Joas Schilling 80b34f5f7d
Only in case of $currentAccess the array uses the id as index
Otherwise its a normal string[] with the user ids, in that
case the array_merge did it's job just fine, apart from it
not being deduplicated.
The array+array is only needed when the user id is the key,
so integer only user ids are kept as they are instead of being
reindexed.

Regression from 3820d6883d

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-28 17:17:51 +01:00
Morris Jobke 3e1860e3d6
Merge pull request #7305 from nextcloud/log-level-for-log-extending
Pass log level to log reporters
2017-11-27 17:49:46 +01:00
Morris Jobke 132764bff5
Pass log level to log reporters
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 16:46:47 +01:00
Morris Jobke 4a63727ed9
Merge pull request #7210 from nextcloud/pg10
add postgresql 10 compatibility to dbal
2017-11-27 16:40:58 +01:00
Lukas Reschke fb1a92b07d
Merge pull request #7295 from nextcloud/remove-unused-method
Remove unused mimetype detection method in OC_Image
2017-11-27 11:55:20 +01:00
Lukas Reschke 8ccb486876
Merge pull request #7264 from nextcloud/cache-fetched-apps
Cache fetched apps in update check
2017-11-27 11:48:59 +01:00
Morris Jobke 4b73ddc9ce
Merge pull request #6437 from nextcloud/support-mail-send-in-share
Add support for `\OCP\Share\IShare::getMailSend` back
2017-11-27 11:29:38 +01:00
Lukas Reschke 1c25919cf1
Proper handle null cases and default to true
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-11-27 09:38:39 +01:00
Lukas Reschke 56a2512581
Add support for `\OCP\Share\IShare::getMailSend` back
This adds back the support for `\OCP\Share\IShare::getMailSend`, one example is creating bulk shares via API which where previously blocking due to the share notification emails.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-11-27 09:38:39 +01:00
Flávio Gomes da Silva Lisboa 5ca9a7d6bc
Loss of performance on Login after upgrade from NC10 + LDAP to NC 12 + LDAP #6732
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-11-27 09:22:44 +01:00
Morris Jobke dbb034f903
Remove unused mimetype detection method in OC_Image
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 07:46:32 +01:00
Morris Jobke df61d43529
Make isUpdateAvailable non-static
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-25 12:01:02 +01:00
Morris Jobke 0e2f00ec59
Get the Installer via DI
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-25 12:00:57 +01:00
Morris Jobke a97a290fd5
Cache fetched apps in update check
The code tried to find the apps with updates and thus was called for every available app. This caused to get the full appstore content as often as apps are available. The appstore request itself was cached nevertheless in an appdata dir, but with an object storage this is still a lot of round trips to read this cached result. Thus the instantiated list is now cached in a static variable (because it's a static method call).

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-25 12:00:56 +01:00
Lukas Reschke ee4262f567
Merge pull request #7263 from nextcloud/clean-bruteforce-attempt-on-success
Reset bruteforce attempt table on successful login
2017-11-24 15:53:08 +01:00
Morris Jobke 5a270c2715
Reset bruteforce attempt table on successful login
* only clear the entries that come from the same subnet, same action and same metadata

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-24 14:58:57 +01:00
Morris Jobke 05abb9ea66
Remove unused checkCode method
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-24 10:50:50 +01:00
Morris Jobke be4e921306
Use basename() instead of self implementation
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-23 12:35:47 +01:00
blizzz 98cdd9885f
Merge pull request #7168 from nextcloud/fix-user-list
Fix accesslist when a user has an ID only containting 0-9
2017-11-23 12:17:11 +01:00
Morris Jobke 106d932e8f
Merge pull request #7137 from nextcloud/shared-jailed-source-root
Use the correct root for shared jail when the source storage is also a jail
2017-11-23 12:03:36 +01:00
Robin Appelman da3004b8f5
add postgresql10 compatibility to dbal
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-11-22 17:57:17 +01:00
Morris Jobke 6fd51426bf
Remove wrong entry in admin_settings that causes 500
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-20 20:49:03 +01:00
Roeland Jago Douma 2eb2b6e437
If there is no internet connection don't try to contact appstore
Fixes #7119

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-17 20:35:04 +01:00
Bjoern Schiessle 1ade6b0817
only create the file cache entry after the empty file was created successfully, otherwise file_exists() call on the initial file_put_content() will indicate that the file already exists
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-11-17 12:45:46 +01:00
Morris Jobke f32fbbca2e
Merge pull request #6840 from nextcloud/feature/5282/calendar_api
Calendar API for apps
2017-11-16 21:10:35 +01:00
Morris Jobke 82502b10db
Merge pull request #7169 from nextcloud/fix-user-search
Fix search in user managent when no group is selected
2017-11-14 23:30:02 +01:00
Morris Jobke 80e527d21e
Merge pull request #7172 from nextcloud/improve-error-handling-on-preview-cleanup
check if the user still exists before we try to cleanup the previews
2017-11-14 23:29:28 +01:00
Björn Schießle c225bbd021
Merge pull request #7113 from nextcloud/s3-download-stream-fix
Fix s3 download and touch
2017-11-14 20:38:50 +01:00
Bjoern Schiessle a923e755e6
check if the user still exists before we try to cleanup the previews
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-11-14 20:26:18 +01:00
Morris Jobke eb0f3ebf75
Fix search in user managent when no group is selected
* also allows to search by displayname

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-14 17:32:03 +01:00
Joas Schilling 3820d6883d
Fix accesslist when a user has an ID only containting 0-9
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-11-14 17:21:16 +01:00
Morris Jobke 16549ae5fb
Merge pull request #7166 from nextcloud/enhancement/crash-report-context
Pass the exception context to the crash reporter
2017-11-14 15:07:33 +01:00
Morris Jobke f6ef3b6464
add proper type hinting
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-14 14:49:24 +01:00
Christoph Wurst ad757805ca Pass the exception context to the crash reporter
This should allow better reports as often the app id is passed
as context. While this is not used right now, I'd like to have this
for NC13 as adding it later will break the interface for existing apps

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-11-14 14:28:04 +01:00
Morris Jobke ab0a3fbbbc
Merge pull request #7061 from kyrofa/bugfix/6028/app_path_realpath
{J,CS}SResourceLocator: account for symlinks in app path
2017-11-14 13:58:02 +01:00
Christoph Wurst 4c5593998a Add a mechanism to register crach reporters
This adds a crash reporter registry, which is meant for third party apps
to hook into the error logging/reporting chain. This way, external tools
like Sentry can be used to track and aggregate system crashes.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-11-14 12:20:05 +01:00
Kyle Fazzari d2a2793073
JSResourceLocator: re-use $app_path
Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
2017-11-12 08:08:38 -08:00
Robin Appelman 56fd462718
Use the correct root for shared jail when the source storage is also a jail
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-11-10 17:03:27 +01:00
Georg Ehrke 556b2a2b6f
implement CalendarManager
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-09 15:14:50 +01:00
Morris Jobke 5d8421135e
Merge pull request #7014 from nextcloud/rename-locks
Unlock files even if an exception occurs while renaming
2017-11-09 09:47:36 +01:00
Morris Jobke eab2b3b7ae
Merge pull request #7027 from nextcloud/Rello-patch-1
Rello patch 1
2017-11-09 09:41:01 +01:00
Lukas Reschke 989a8a3668
Merge pull request #6220 from nextcloud/cached-mount-info-filepath
Allow getting the filepath when getting cached mounts by fileid
2017-11-09 00:04:25 +01:00
Morris Jobke e0784c66ed
Merge pull request #7109 from nextcloud/fix_6898
If for some reason the json can't be decoded it is not cached
2017-11-08 23:33:02 +01:00
Lukas Reschke 8c915baa34
Merge pull request #6788 from staabm/master
Prevent XSS in links which open a new browser window
2017-11-08 18:55:35 +01:00
Robin Appelman c566b2854b
Use non empty files for object store touch
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-11-08 17:51:02 +01:00
Robin Appelman 70a4860ccb
Fix contructing headers for s3 download
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-11-08 17:50:46 +01:00
Roeland Jago Douma 448fa4f59e
If for some reason the json can't be decoded it is not cached
Should fix #6898

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-11-08 12:37:35 +01:00
Morris Jobke 732c951ae1
Revert "Only allow colons in db host for IPv6 addresses"
This reverts commit 1287d6ddb3.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-08 10:47:35 +01:00
Kyle Fazzari 06ba1a8a02
JSResourceLocator: account for symlinks in app path
Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
2017-11-07 14:54:21 -08:00
Morris Jobke 19069f2b9c
Merge pull request #6988 from starypatyk/stable12-mount-cache-performance
Improve performance of UserMountCache with external storage folders
2017-11-07 17:32:06 +01:00
Roeland Jago Douma f55732a18f
Merge pull request #7075 from nextcloud/remove-unused-variables
Remove unused variables
2017-11-07 16:18:40 +01:00
Morris Jobke 4866314ce0
Run updated license header updater
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-07 13:47:42 +01:00
Morris Jobke f9e70c2ab6
Merge pull request #7020 from Fiech/master
Extended list of sensitive configuration values (2)
2017-11-07 10:27:53 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke da6c2c9da1
Merge pull request #7083 from nextcloud/update-license-headers
Update license headers
2017-11-06 18:48:04 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Morris Jobke 5ed05219d7
Merge pull request #7076 from nextcloud/s3-valid-bucket-name
Better error message for invalid bucket names
2017-11-06 16:16:28 +01:00
Morris Jobke 5411d60b24
Merge pull request #5321 from coletivoEITA/user_ldap_plugins_structure
Implement plugins infrastructure in User_LDAP
2017-11-06 16:07:31 +01:00
Morris Jobke 6c29ce4e02
Merge pull request #6402 from nextcloud/dav-email-customization
Enhance calendar invitation emails
2017-11-06 15:14:49 +01:00
Morris Jobke 8b763ea0f7
Better error message for invalid bucket names
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:48:41 +01:00
Morris Jobke 5445b1ff17
Remove unused variables
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:43:45 +01:00
Kyle Fazzari b0d296639c
CSSResourceLocator: account for symlinks in app path
Currently, if the app path includes a symlink, the calculated webDir
will be incorrect when generating CSS and URLs will be pointing to the
wrong place, breaking CSS.

Use realpath when retrieving app path, and these issues go away.

Fix #6028

Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
2017-11-03 23:52:09 -07:00
korelstar c7482402b8 Unlock files even if an exception occurs
Signed-off-by: Kristof Hamann <korelstar@users.noreply.github.com>
2017-11-03 18:29:04 +01:00
Vinicius Cubas Brand 10ca793452 Plugins infrastructure in User_LDAP
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
2017-11-03 11:41:40 -02:00
Georg Ehrke e111da777a
Make L10N->l provide weekdayName
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-03 11:20:04 +01:00
Roeland Jago Douma 687c92bfd3
Merge pull request #6974 from nextcloud/fix-fseek-on-objectstorage
Fix seeking on object storage
2017-11-02 14:56:51 +01:00
Dariusz Olszewski 07016a1e5b Improve performance of UserMountCache with external storage folders 2017-11-01 21:11:39 +01:00
Arthur Schiwon e2805f02aa
Merge branch 'master' into autocomplete-gui 2017-11-01 15:37:29 +01:00
Joas Schilling 3e0789aa94
Merge pull request #6958 from nextcloud/improved-mimetype-detection-for-object-storage
Improve mimetype detection for object storages
2017-11-01 11:04:15 +01:00
Joas Schilling defc4bf6a8
Merge pull request #6975 from nextcloud/s3-read-object-fopen
use fopen directly when reading objects from s3
2017-11-01 10:57:56 +01:00
Joas Schilling 6ddda3d7d4
Merge pull request #6952 from nextcloud/correctly-search-for-results
Correctly search for existing collaboration results
2017-10-31 14:49:01 +01:00
Joas Schilling ba6e5bcc05
Add the return which is being used
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-31 14:06:21 +01:00
Rello c5f76785ba
Mapping of m3u, m3u8, pls to audio streams
Signed-Off-By: Rello <Rello@users.noreply.github.com>
2017-10-31 14:05:24 +01:00
Joas Schilling a0dab90fd5
Merge pull request #7021 from nextcloud/fix-oracle-indexes
Fix oracle indexes
2017-10-31 13:55:14 +01:00
Arthur Schiwon bcfac75b06
simplify registration of manager in server container
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-31 13:55:03 +01:00
Johannes S 936486413d
Merge branch 'master' into master 2017-10-31 01:34:46 +01:00
Johannes Schlichenmaier 84cc13f57b Extended list of sensitive configuration values
In accordance with the issuetemplate app issue:
https://github.com/nextcloud/issuetemplate/issues/27

Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-31 01:30:50 +01:00
Roeland Jago Douma 5672f14fd1
Merge pull request #7004 from Fiech/master
Extended list of sensitive configuration values
2017-10-30 20:01:42 +01:00
Victor Dubiniuk 9f16468789
Die NoCheckMigrator 2017-10-30 18:59:24 +01:00
Piotr Mrowczynski 6a51c1bc4f
Add foreign key support to OC 2017-10-30 18:57:19 +01:00
Jörn Friedrich Dreyer d081a1a5ad
quote index columns on oracle, handle all index changes, minor phpdoc cleanup 2017-10-30 18:54:31 +01:00
Georg Ehrke c8323f822d
Merge pull request #6867 from nextcloud/imessage-attachments
Add attachment support to emails
2017-10-30 18:33:50 +01:00
Arthur Schiwon d5f1cef642
fix comment sorter
background: we have a flat hierarchy of comments, not a tree. therefore we
can also remove again the unnecessary additions.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-30 15:59:43 +01:00
Johannes Schlichenmaier bde78decc2 Extended list of sensitive configuration values
In accordance with the issuetemplate app issue:
https://github.com/nextcloud/issuetemplate/issues/27

Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-29 23:46:59 +01:00
Joas Schilling 94f3fc63bc
Use ::class and fix missing doc
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-28 11:49:36 +02:00
Robin Appelman 3f0cb13042
Allow getting the filepath when getting cached mounts by fileid
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-27 14:35:34 +02:00
Robin Appelman f9a7294807
use fopen directly when reading objects from s3
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-27 12:58:19 +02:00
Morris Jobke de912385e0
Fix seeking on object storage
Seeking is not needed if the $from is 0, because then the pointer is already at the correct position. Additionally another fallback is added, that if the fseek fails it just uses an fread to skip the beginning of the file until it is at the correct position. This skipping is done with a chunked fread.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-27 12:16:28 +02:00
Joas Schilling 7a4c0c668b Merge pull request #6977 from Fiech/master
Added additional methods for removal of sensitive info
2017-10-27 11:46:31 +02:00
Johannes Schlichenmaier 4ae7275aeb Added additional methods for removal of sensitive info
Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-27 10:36:58 +02:00
Morris Jobke 405bbc1c61
Improve mimetype detection for object storages
Object storage instances always fall back to the content based mimetype detection, because the file name for object storage was always random due to the fact that it was temporarily storage in a generated temp file. This patch adds a check before that to make sure to use the original file name for this purpose and also remove possible other extensions like the versioning or part file extension.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-26 16:31:59 +02:00
Arthur Schiwon 7f58c41015
fix sorting
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-26 16:23:41 +02:00
Roeland Jago Douma 88cba6d882
Use local cache for the CachingRouter
There is no need to cache routes distributed. It even has the downside
that the router might return different routes then the ones in the local
routes.php files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-25 19:23:46 +02:00
Joas Schilling 43b92b8e06
Add unit tests for SearchResult
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 11:21:05 +02:00
Joas Schilling 42c84b6309
Correctly search for existing collaboration results
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 10:38:26 +02:00
Joas Schilling 6a035bd0a0
Move attachment creators to mailer class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 09:26:57 +02:00
Roeland Jago Douma a82b56b1c7 Merge pull request #6918 from nextcloud/rotate_job_by_default
Add logrote as a default background job
2017-10-24 20:38:40 +02:00
Roeland Jago Douma b88db3a389 Merge pull request #6921 from nextcloud/appmanager-securitymiddleware
Use proper DI for security middleware for app enabled check
2017-10-24 19:58:24 +02:00
Morris Jobke f368481c23 Merge pull request #6928 from nextcloud/remove-unneeded-method
Remove unused method of OC_App
2017-10-24 17:50:43 +02:00
Morris Jobke ce0c45a4ea
Use proper DI for security middleware for app enabled check
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 15:36:28 +02:00
Morris Jobke 7b7bf73670
Deprecate OC_App:isEnabled
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 14:05:46 +02:00
Morris Jobke df85b13296
Remove unused method of OC_App
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 14:04:09 +02:00
Morris Jobke 3eaf23f29f Merge pull request #6920 from nextcloud/appmanager-usage
Use appmanager instead of OC_App for check for enabled app
2017-10-24 13:53:17 +02:00
Roeland Jago Douma e2139d4b56
Add logrote as a default background job
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 08:28:06 +02:00
Morris Jobke f884e762bc
Use appmanager instead of OC_App for check for enabled app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-23 23:31:17 +02:00
Julius Härtl b3c025fd08
Revert copyright changes
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-23 23:23:56 +02:00
Julius Härtl 4cfa1c66b8
Doc: Fix phpDoc issues
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-23 23:23:56 +02:00
Arthur Schiwon 8f0a9ae51f
split walking the tree from operating on it
so walking it is reusable

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-22 14:13:37 +02:00
Arthur Schiwon fd6daf8d19
AutoCompletion backend
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-22 14:13:32 +02:00
Markus Staab db34b59238 Prevent XSS in links which open a new browser window 2017-10-19 12:16:04 +02:00
Joas Schilling 65e938c4fd
Fix docs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-19 11:18:21 +02:00
Joas Schilling dcb322a6b3
Extend the API with teh parameters from Swift
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-19 11:05:47 +02:00
Lukas Reschke f6f7b50cf0 Merge pull request #6853 from nextcloud/apps_autoloader
Allow apps to have their own autoloader
2017-10-19 11:05:23 +02:00
Joas Schilling ce27e8cf34
Add attachment support to emails
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:44:19 +02:00
Joas Schilling 3119fd41ce
Set the data from the template
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
Joas Schilling c9af36a9ab
Introduce a public interface for Message
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
Joas Schilling 8b37fe7f65
Set the subject with the email template to allow theming
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
Joas Schilling f109c1a10c
Allow templating of email subjects
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:00 +02:00
Roeland Jago Douma 3a9c24c04f
Allow apps to have their own autoloader
This will allow apps to also have a proper classmap and authorative
autoloader.

Currently if a file: <appdir>/composer/autoload.php exists we will use
it. Else we keep the current behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-17 21:35:49 +02:00
Robin Appelman 91b3536f45
propagate multipart upload exception when aborting upload
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-17 15:10:58 +02:00
blizzz c25be8d83c Merge pull request #6837 from nextcloud/timespan-check-3
Fix future time spans
2017-10-16 13:35:53 +02:00
Roeland Jago Douma a5912cbe33 Merge pull request #6812 from nextcloud/upload-cache-path
also use configured 'cache_path' for new chunking
2017-10-15 21:42:41 +02:00
dartcafe ac2a6e0f2f
Fix future time spans
Signed-off-by: dartcafe <github@dartcafe.de>
2017-10-15 08:31:11 +02:00
Robin Appelman 1a99e0dab4 Merge pull request #6602 from nextcloud/s3-multipart-upload
Add multipart upload for s3
2017-10-11 16:10:58 +02:00
Robin Appelman e393b3553e
set s3 part size to 500mb
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-11 15:59:53 +02:00
Robin Appelman d27b0b07bc
also use configured 'cache_path' for new chunking
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-11 14:18:45 +02:00
Julius Härtl ec0091d499
Do not return app names multiple times
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-10 12:34:38 +02:00
Joas Schilling 6292f665d7
Allow multiple settings and sections per app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-05 11:34:03 +02:00
blizzz 2d62f97f1b Merge pull request #6328 from nextcloud/split-sharees-api-logic
Splits off the logic from sharees endpoint thus making it available from within Nc/via PHP.
2017-10-04 15:43:44 +02:00
Robin Appelman 7525c387ce
dont run invalid path repair step when upgrading from 11.0.5.2 and later
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-03 16:27:26 +02:00
Morris Jobke 870d71689a Merge pull request #6563 from nextcloud/bigint-ids
Migrate ID columns to bigint
2017-09-29 12:23:41 +02:00
Joas Schilling a3bdb318e9
Fix bigint handling on postgres
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Morris Jobke e9aa11a1b0
Use full percentages in quota bar percentages
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-28 17:58:49 +02:00
Robin Appelman b36dd8b71f
Fallback to filename based detection if the remote dav server doesn't know the mimetype
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-28 14:22:42 +02:00
Morris Jobke 5f25dd7095 Merge pull request #6599 from nextcloud/fix_2523
Add direct preview link
2017-09-27 23:27:54 +02:00
Arthur Schiwon a579f8aa37
adapt attribute name (changed letter case style)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-27 13:22:59 +02:00
Roeland Jago Douma 90d7e8f6f4 Merge pull request #6586 from nextcloud/fix/app-install-extract-check
Check whether an app archive can be extracted
2017-09-27 10:41:21 +02:00
Morris Jobke b87914be9c Merge pull request #6645 from nextcloud/fix-6642-only-colons-for-ipv6
Only allow colons in db host for IPv6 addresses
2017-09-27 10:17:36 +02:00
Arthur Schiwon 937a80c941
reduce nesting of the required app XML
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-27 01:22:17 +02:00
Arthur Schiwon 3db3e65121
add tests for Lookup Plugin
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
Arthur Schiwon a28b1d91f9
split off former searchSharee unit test
also moves registering default plugins to Server for proper unit testing

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon 3d1d03a511
split off getEmail tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon c92f7ee767
split off getRemote unit tests
adds two small fixes → they actually work \o/

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon dd9e191d37
split off getUsers unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon f446ec83dd
minor fixes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon 9db3b04f1b
finetune the appinfo parser
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon c55583d1b4
allow more than one plugin per share type
however it does not dedupe (appears too complex/expensive while we don't
havve the issue currently)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon f7713e5f3f
make it possible to register plugins and kick out the circle one
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon 4a96e22258
don't keep result types hard coded
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Arthur Schiwon ea3ac4e656
Splits off the logic from sharees endpoint thus making it available from
within Nc/via PHP.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:17 +02:00
John Molakvoæ fc46e98fc6 Merge pull request #6647 from nextcloud/scss-no-take-only-throw
Do not stop on scss compilation failure
2017-09-26 16:26:43 +02:00
John Molakvoæ (skjnldsv) dec713fc92
Do not stop on scss compilation failure
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-26 15:29:37 +02:00
Joas Schilling fe3b2385ab
Code clean up
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:27:42 +02:00
Joas Schilling 1287d6ddb3
Only allow colons in db host for IPv6 addresses
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:20:04 +02:00
Morris Jobke 11c31e94fe
Improve exception handling
If there is an exception in the template handling then a white page is shown.
This improves the handling of this and shows text only about the internal
error.

To test this just setup redis as cache and then disable the php-redis module.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-26 13:54:51 +02:00
Morris Jobke 292a704648 Merge pull request #6544 from nextcloud/fix/duplicate-session-token
Fix duplicate session token after remembered login
2017-09-25 17:39:02 +02:00
Roeland Jago Douma 3bd4e7e541 Merge pull request #6632 from nextcloud/do_not_show_hyphen
Do not show hyphen
2017-09-25 16:34:50 +02:00
Roeland Jago Douma 29fb315ffc
Allow requesting the max preview
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:48 +02:00
Stephan Müller 86265320b8
do not show hyphen after instance name in emails if slogan does not exist
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 09:20:46 +02:00
Roeland Jago Douma c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-24 21:07:16 +02:00
John Molakvoæ (skjnldsv) 4a5eeb2ce7
Fixed webroot detection
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-22 07:20:31 +02:00
Morris Jobke 38568c362b Merge pull request #6605 from nextcloud/oc_ocs_response_is_dep
OC_OCS_Response is deprecated
2017-09-21 20:38:18 +02:00
Roeland Jago Douma 2207fdcd8c
Remove private legacy OC_OCS_Response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:56 +02:00
Roeland Jago Douma 87e10f9e6a
OC_OCS_Response is deprecated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:00 +02:00
Robin Appelman 385d6f098c
Add tests for multipart upload
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:47:34 +02:00
Robin Appelman 4ae46d8876
only do multipart upload for large files
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:06:59 +02:00
John Molakvoæ (skjnldsv) 0e17b65bcf
Avoid error undefined index classes in log
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-21 14:00:39 +02:00
Christoph Wurst 38bb6e1477
Fix duplicate session token after remembered login
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
Roeland Jago Douma 8358c63f53 Merge pull request #6573 from nextcloud/nonfound-webroot-empty-string
Fix "webroot not found" when installed to the root of the webserver
2017-09-20 20:04:27 +02:00
Robin Appelman e4e5e735db
multipart upload for s3 object storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 17:51:58 +02:00
Robin Appelman 5430d73a0e
Fix "webroot not found" when installed to the root of the webserver
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 14:19:15 +02:00
Christoph Wurst 2e19c42bc5
Check whether an app archive can be extracted
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 14:07:17 +02:00
Roeland Jago Douma 6d7ca1092d
Read appinfo from a local cache
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-19 14:34:11 +02:00
Robin Appelman d526969a68
fix path style
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:28 +02:00
Robin Appelman d70607104e
reuse object read/write/delete logic in s3 implementations
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
Robin Appelman dad18baec8
update aws sdk and move it to 3rdparty
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
Roeland Jago Douma ca5c3f839a Merge pull request #6490 from nextcloud/share_pagination_query
Improve sharing pagination
2017-09-18 14:34:15 +02:00
Morris Jobke a0132a49a6 Merge pull request #6549 from nextcloud/fix-6534
don't pass User object when uid string is expected
2017-09-18 14:28:14 +02:00
Lukas Reschke 53057f2bd0 Merge pull request #5462 from nextcloud/add-frameancestor-support
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
Arthur Schiwon 0837745477
don't pass User object when uid string is expected
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-18 13:19:47 +02:00
Roeland Jago Douma ae1fdf73c2
Improve sharing pagination
Basically we did in almost all cases did a query to much.
This resulted in an extra query for each share type.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-15 19:44:19 +02:00
Lukas Reschke 705432ca6f
Add filter for `shareapi_allow_share_dialog_user_enumeration`
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.

Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
Thomas Citharel ecf347bd1a Add CSP frame-ancestors support
Didn't set the @since annotation yet.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
Tobia De Koninck 5896176d69
Fix issue when disabling the shareapi_only_share_with_group_members option + fix findOne
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:41 +02:00
Tobia De Koninck 7dfa527da2
Improve code style
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck f0370c0244
Some code improvements
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck fa402c74d2
Add tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck 473a1ecad1
Fix tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Tobia De Koninck 92c238e0f0
Privacy enhancements for contacts menu
- Groups, which are excluded from sharing should not see local users at all
 - If sharing is restricted to users own groups, he should only see contacts from his groups:

Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
John Molakvoæ (skjnldsv) 1a0ac912b2
Fix webroot throw
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
Morris Jobke 883574974d Merge pull request #6458 from nextcloud/rethrow-correct-exception
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
Lukas Reschke 8ef4fcb4b7 Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
Roeland Jago Douma 9163cf9241
Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Axel Helmert 01d4967130 Fix undefined variable $tmpRoot
Refactoring of webroot detection left an unused variable.

Fixes: #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
Joas Schilling c4b3198ac2
Rethrow the correct exception when there was an error in an app container
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
Julius Härtl 8391ca8792
Use IAppManager instead of private API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
Julius Härtl b49ab065b7
Move theming related imagePath logic to ThemingDefaults
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
William Pain 9a63ded43b
Fix uninitialized variable $this->params
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
Morris Jobke 8a79d0cc70 Merge pull request #6414 from nextcloud/share-notification-wrong-language
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Joas Schilling 29e1aa57e1
Ask the schema whether the table and column exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling 7e625a8d22
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Lukas Reschke bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke 11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke 485e22acde Merge pull request #6329 from nextcloud/ldap-password
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage 7a33b9273e Refactor webroot detection in resource locator
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke 5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling b68609d0cf
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman 2c0efae30f
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Morris Jobke 15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Roeland Jago Douma b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst 87aeae21e3
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Joas Schilling 6dbb64c4a2
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke 4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00