mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
35,898 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

1713 Commits

Author SHA1 Message Date
Roeland Jago Douma df215625f1 Merge pull request #1972 from nextcloud/invalid-files-from-scanner 
Make sure we don't scan files that can not be accessed
 2016-11-22 12:55:54 +01:00
Morris Jobke a02d0975dd Merge pull request #2154 from nextcloud/comments-activities-update 
Move comments activities to the new API
 2016-11-22 09:56:22 +01:00
Joas Schilling 558f169671
Move the validation into one place only 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-21 09:23:37 +01:00
Morris Jobke 46768e71d9 Merge pull request #2076 from nextcloud/log_preview_access 
Dispatch event on preview request
 2016-11-18 20:45:29 +01:00
Robin Appelman 8b9ad46ba3 Merge pull request #768 from nextcloud/s3-objectstore 
Add S3 objectstore backend
 2016-11-18 14:55:07 +01:00
Morris Jobke ccdf387041 Merge pull request #2184 from nextcloud/share-join-cache 
Get the share root info directly when querying for shares
 2016-11-18 11:33:33 +01:00
Julius Haertl caacb6c261
Expose getAppPath to public API 
Signed-off-by: Julius Haertl <jus@bitgrid.net>
 2016-11-17 19:24:24 +01:00
Robin Appelman 2f03fcab4a
let the share backend get the node cacheentry to save queries 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-17 18:48:38 +01:00
Robin Appelman 4235b18a88
allow passing a stream to StreamResponse 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:30:36 +01:00
Robin Appelman c5df58ec69
phpdoc 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-16 15:24:28 +01:00
Robin Appelman b56f2c9ed0
basic lockdown logic 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-11-16 15:24:23 +01:00
Joas Schilling a845f7bc01
Fix wrong copyright headers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 12:20:04 +01:00
Joas Schilling 6b88d56e3a
Update the since version to 11.0.0 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:29:27 +01:00
Joas Schilling b8958ee937
Fix activity manager tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:45 +01:00
Joas Schilling c2a5c1f2c6
Allow combining events 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:45 +01:00
Joas Schilling b2248efd75
Allow to register Providers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:45 +01:00
Joas Schilling 72f0d9981e
Add ROS and icon support to the events 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:45 +01:00
Joas Schilling a366602961
Validate the input into Event already 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:44 +01:00
Joas Schilling 13ff56bfc5
Allow to register settings/types via info.xml 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:44 +01:00
Joas Schilling 280d5325c7
Allow to register activity filters via info.xml 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-16 09:25:40 +01:00
Morris Jobke cb97cf559b Merge pull request #2144 from nextcloud/fix_1303 
Do not cache version info in the session
 2016-11-15 23:13:53 +01:00
Roeland Jago Douma f07d75a4dd
@since 9.2.0 to @since 11.0.0 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-15 18:51:52 +01:00
Roeland Jago Douma 7a8bf6ea26
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-15 18:10:17 +01:00
Roeland Jago Douma 99ada40df4
Dispatch event on preview request 
Fixes: #73

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-10 14:28:09 +01:00
Robin Appelman 74024c8f28
fix phpdoc 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-09 16:59:03 +01:00
Joas Schilling 706b5c3fb6
Use a php class for the definitions to avoid loading problems 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-09 08:52:07 +01:00
Björn Schießle 1ad3043e4f Merge pull request #1998 from nextcloud/share-by-mail-notification 
add share by mail activity
 2016-11-08 17:37:46 +01:00
Bjoern Schiessle 3bc643ec23
add new definition 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-08 15:42:07 +01:00
Bjoern Schiessle 087dab85b4
add activity for share by mail 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-08 15:42:07 +01:00
Donquixote 537d588726
refactoring code to reduce cyclomatic complexit 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-07 08:18:16 +01:00
Roeland Jago Douma d720a2fb57
Moved over files_versions 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-03 14:00:33 +01:00
Roeland Jago Douma 5466fbf761
Move Ipreview to more of DI thingy 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-03 14:00:33 +01:00
Lukas Reschke 6920e609c0
Adjust tests and DI for Share.php 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-02 23:26:49 +01:00
Christoph Wurst d907666232
bring back remember-me 
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-02 13:39:16 +01:00
Bjoern Schiessle 318160647a
add method to check if a share provider for a given type is loaded 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-01 19:54:39 +01:00
Roeland Jago Douma 5a00870a2b
Stricter signature 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-31 20:19:14 +01:00
Robin Appelman 3692769b0a
Add getShareTypesInFolder to optimize folder listening 
Signed-off-by: Robin Appelman <icewind@owncloud.com>
 2016-10-31 15:55:40 +01:00
Roeland Jago Douma e416ee7b74 Merge pull request #1937 from nextcloud/ros-for-notification-message 
Allow rich object strings in messages as well
 2016-10-31 11:51:02 +01:00
Joas Schilling 2c0b5dee19
Allow rich object strings in messages as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-10-31 10:37:37 +01:00
Roeland Jago Douma d5159423cd
Removed depreacted functions (since 6.0) 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-29 14:27:12 +02:00
Roeland Jago Douma 740659a04c
Move away from OC_L10N 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-28 21:46:28 +02:00
Roeland Jago Douma f722640a32
Proper DI of config 
* Fixed comments

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-28 10:13:35 +02:00
Jörn Friedrich Dreyer f8352fcb8d
introduce callForSeenUsers and countSeenUsers (#26361) 
* introduce callForSeenUsers and countSeenUsers

* add tests

* oracle should support not null on clob

* since 9.2.0
 2016-10-28 08:44:05 +02:00
Morris Jobke d4969abc9d Merge pull request #1800 from nextcloud/nextcloud-rich-object-strings 
Nextcloud rich object strings
 2016-10-27 15:30:58 +02:00
Morris Jobke cde7f535bd Merge pull request #1738 from nextcloud/comments-provide-displaynames-with-mentions 
comment mentions: show displayname not uid
 2016-10-26 14:02:49 +02:00
Morris Jobke 89574367bc Merge pull request #1871 from nextcloud/use-csp-nonces 
Use CSP nonces
 2016-10-25 14:46:00 +02:00
Vincent Petry 44cf67accd
Storage 503 message improvements 
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
 2016-10-24 15:43:15 +02:00
Lukas Reschke 9e6634814e
Add support for CSP nonces 
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.

At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)

IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.

Implementing this offers the following advantages:

1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.

If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-10-24 12:27:50 +02:00
Robin Appelman 3a8e75a814
Allow 4byte unicode filenames on supported platforms 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-10-20 14:26:09 +02:00
Joas Schilling cf2d1b2427
Move federated share notifications to ROS 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-10-20 12:14:59 +02:00