mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
38,613 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

7291 Commits

Author SHA1 Message Date
Lukas Reschke bae64e810e
Add instance name to default sender 
Otherwise your mail program shows "foo@mail.com" instead of "Nextcloud" or whatever your instance name is.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-18 21:44:37 +02:00
Joas Schilling a5b4308a51
Don't put the SMTP password into the HTML code 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 15:44:20 +02:00
Joas Schilling a3922bbcdc
Better validation of allowed user names 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 14:29:34 +02:00
Morris Jobke 10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager 
Access list to share manager
 2017-04-15 13:06:24 -05:00
Roeland Jago Douma f40b9fa9bd Merge pull request #4330 from nextcloud/activities-for-password-mail-change 
Add activities when email or password is changed
 2017-04-14 08:16:43 +02:00
Lukas Reschke 8149945a91
Make BruteForceProtection annotation more clever 
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 23:05:33 +02:00
Morris Jobke d0c0f6cfc1 Merge pull request #4326 from nextcloud/downstream-27562 
Reorder the entries of the log for easier reading
 2017-04-13 13:11:47 -05:00
Lukas Reschke 81d3732bf5 Merge pull request #4308 from nextcloud/lost-password-email 
Update email template for lost password email
 2017-04-13 20:02:15 +02:00
Morris Jobke d36751ee38 Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login 
Fix login controller test and consolidate login
 2017-04-13 12:16:38 -05:00
Morris Jobke ac05d6dd67
Improve PHPDoc 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-13 12:16:12 -05:00
Joas Schilling 695696a4a6
Use constants 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:04:32 -05:00
Roeland Jago Douma 0f5682321e
Fix server container registration 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 14:52:09 +02:00
Roeland Jago Douma aef95b9b7d
Not needed in the DIContainer anymore 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 13:37:39 +02:00
Roeland Jago Douma b96297e9cc
Do not set full path if not currentAccess 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:53 +02:00
Joas Schilling f57ef55249
Add samples to the docs 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:53 +02:00
Joas Schilling 29f2088a7b
Catch exceptions and use as many results as possible 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:53 +02:00
Joas Schilling 629b7c0fc3
Adjust docs and make !$currentAccess simpler 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 5b57bb955b
Fix default share provider 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 2fcf334c6a
Fix tests for ShareHelper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:52 +02:00
Joas Schilling 3c1365c0d1
Fix returned paths for remote shares 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:51 +02:00
Joas Schilling 4bcb7d88b5
Return the token as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:51 +02:00
Joas Schilling cf7c320949
Also return the token 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:51 +02:00
Joas Schilling 91e650791d
Return the paths for the users without setting them all up 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 0c2dc3bc8c
Fix comments 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 12afd7d1d5
Add mail element to access list 
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 2cbac3357b
Offload acceslist creation to providers 
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:50 +02:00
Roeland Jago Douma 97f8ca6595
Added ShareHelper 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma a1edcc8ecf
Port Encryption/file to new getAccessList 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma 88299ec27c
Added to public interface 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma 7dcc98eb20
Add owner to access list 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:49 +02:00
Roeland Jago Douma d84df15590
Add getAccessList to ShareManager 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-13 12:58:48 +02:00
Joas Schilling 1110b51aa3
Allow to read the old email on the hook as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 12:34:02 +02:00
Lukas Reschke e39e6d0605
Remove expired attempts 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:18 +02:00
Lukas Reschke a1ae5275f9
Move to dedicated MiddleWare 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:17 +02:00
Lukas Reschke 511524c668
Add isset() as it can be an empty result 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:17 +02:00
Lukas Reschke d729bde98c
Register in ServerContainer 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:16 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations 
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:16 +02:00
Joas Schilling f23a36b0a6
Add activities when email or password is changed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-13 11:13:19 +02:00
Lukas Reschke 01f3698175 Merge pull request #3966 from nextcloud/downstream-26570 
Override config.php values through environment variables
 2017-04-13 10:51:09 +02:00
Morris Jobke 7cb6038fca Merge pull request #3043 from nextcloud/issue-3038-no-logentry-on-email-login 
Dont create a log entry on email login
 2017-04-13 01:04:11 -05:00
Morris Jobke 1f962f9115
Update email template for lost password email 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 15:19:53 -05:00
Roeland Jago Douma b3b24172e4 Merge pull request #4307 from nextcloud/sharing-emails 
New emails for sharebymail
 2017-04-12 21:23:11 +02:00
Morris Jobke a7da2ef977 Merge pull request #4282 from nextcloud/oci-connect-string 
use the same oci connectstring in all code paths
 2017-04-12 13:11:00 -05:00
Morris Jobke 124fdf8062 Merge pull request #4331 from nextcloud/query-builder-sum 
Add sum() to the query function builder
 2017-04-12 12:55:09 -05:00
Morris Jobke 31024b7700 Merge pull request #4329 from nextcloud/move-out-shared-folder 
Fix moving files out of a shared folder
 2017-04-12 11:44:26 -05:00
Joas Schilling 4b639e2763
No newlines when heading is empty 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 17:16:27 +02:00
Bjoern Schiessle 0a464dfb61
make the plain text footer standard compliant and add a space after '--'. It also adds a line break in front so that there is some spacing between the mail body and the footer 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-04-12 17:16:27 +02:00
Joas Schilling 1c8c62272c
Use instance name as alt-text 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 17:16:26 +02:00
Joas Schilling 506c7731a6
Don't duplicate the sentence with the header 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 17:16:26 +02:00
Morris Jobke 33e077c1c1
Properly escape heading, body and button text 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 17:16:26 +02:00
Morris Jobke 050ce1d40b
Add addBodyButton to add a single button to email templates 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 17:16:26 +02:00
Robin Appelman ac45af68cd
Add sub() to the query function builder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-12 16:09:35 +02:00
Roeland Jago Douma dccb8928a1 Merge pull request #4325 from nextcloud/downstream-27522 
Optimize put - Dont try to fetch filecache for not existing filecache…
 2017-04-12 16:04:03 +02:00
Björn Schießle b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints 
Discover federatedsharing endpoints
 2017-04-12 16:01:07 +02:00
Robin Appelman 8500debe79
use unjailed path when moving files out of a shared storage 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-12 14:56:51 +02:00
Robin Appelman 2f949f4515
rename Jail::getSourcePath to getUnjailedPath to fix conflict with Local::getSourcePath 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-12 14:55:47 +02:00
Juan Pablo Villafáñez 38e5135cb9
Reorder the entries of the log for easier reading 2017-04-12 13:03:19 +02:00
Piotr M dc78f1251e
Optimize put - Dont try to fetch filecache for not existing filecache in encription 2017-04-12 12:54:20 +02:00
Joas Schilling bd37021587
Fix casing of same origin frame option 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 12:37:32 +02:00
Lukas Reschke b5d31e4e65 Merge pull request #4309 from nextcloud/remove-unused-code 
Removes unused code for link share emails
 2017-04-12 10:15:59 +02:00
Morris Jobke be9a514dff
Allow to set text versions for the plain text email 
* allows different texts for HTML and text version of the email

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-11 17:50:06 -05:00
Morris Jobke 8fa5141aaa
Removes unused code for link share emails 
* now handled by sharebymail app
* see https://github.com/nextcloud/server/pull/657

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-11 17:32:48 -05:00
Lukas Reschke 3600dd4f52
Add IEMailTemplate to public OCP API 
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-11 16:35:46 +02:00
Roeland Jago Douma 53bca14a27
Do proper DI 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-04-11 15:04:01 +02:00
Bjoern Schiessle 449011dae7
remove discovery manager in favour of the OCSDiscoveryService 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-04-11 15:04:01 +02:00
Bjoern Schiessle 0dea31d48b
add tests for discovery service 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-04-11 15:04:01 +02:00
Bjoern Schiessle 45aee2e479
provide public discovery service to discover OCS end-points on another server 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-04-11 15:03:59 +02:00
Lukas Reschke afb5d45705 Merge pull request #4256 from nextcloud/theming 
Move OC_Defaults to OCP\Defaults
 2017-04-11 14:39:46 +02:00
Morris Jobke 11d6fe1023 Merge pull request #4283 from nextcloud/shares-by-folder-quote 
properly quota table names in getSharesInFolder
 2017-04-10 19:39:19 -05:00
Morris Jobke a045f3c4d7 Merge pull request #4146 from nextcloud/unread-comments-folder 
Allow getting the unread comment count for an entire folder at once
 2017-04-10 13:21:39 -05:00
Robin Appelman a555672f21
properly quota table names in getSharesInFolder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-10 17:59:40 +02:00
Robin Appelman 421ca6439f
use the same oci connectstring in all code paths 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-10 17:58:52 +02:00
Björn Schießle 18580395d4 Merge pull request #4277 from nextcloud/permissions-mask-scanner 
Dont use the permissions mask while scanning
 2017-04-10 16:04:12 +02:00
Roeland Jago Douma e9c6fe2fd8 Merge pull request #4222 from nextcloud/dav-search-fileid 
Allow searching file by fileid
 2017-04-10 15:57:56 +02:00
Robin Appelman a7c611039d
Dont use the permissions mask while scanning 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-10 15:19:21 +02:00
Roeland Jago Douma afea05d296 Merge pull request #4210 from nextcloud/downstream-26643 
Removed path to datadir in exception
 2017-04-10 12:43:46 +02:00
Joas Schilling 9e3a3eebf9
Lowercase "data" correctly 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-10 11:13:46 +02:00
Joas Schilling bc217cdf87
Also send the new account data with the event 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-10 10:22:57 +02:00
Morris Jobke 5b4adf66e5
Move OC_Defaults to OCP\Defaults 
* currently there are two ways to access default values:
  OCP\Defaults or OC_Defaults (which is extended by
  OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
  it hard to work on theme values
* this extended the public interface with the missing
  methods and uses them everywhere to only rely on the
  public interface

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-09 21:43:01 -05:00
Morris Jobke ca9d25169d Merge pull request #4136 from nextcloud/expire-date-for-all-shares 
Unified sharing options
 2017-04-07 17:14:05 -05:00
Roeland Jago Douma 6c0cafb10f Merge pull request #4253 from nextcloud/downstream-27599 
make JobList::next() lock free
 2017-04-07 22:18:40 +02:00
Jörn Friedrich Dreyer c993c363e0
make JobList::next() lock free 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-07 13:07:09 -05:00
Lukas Reschke 281ad406e8
Add support for theming 
Add support for theming in generated emails and simplify API

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-07 12:03:47 -05:00
Morris Jobke 0560e69913
New layout for welcome email 
* thanks to @espina2 for make this nice design
* the button says "Set password" if the admin didn't specified a password

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-07 12:03:32 -05:00
Bjoern Schiessle 3323d01db1
update unit tests 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-04-07 15:43:59 +02:00
Joas Schilling 9f3d9b5b23
Don't force the use of Accept-Language anymore 
This is not intended anymore, since it falls back to force english
when the header is not set. Also 0228bc6e66
makes clear that the order should be:

1. User setting
2. Accept language
3. Admin default

This is the case since the commit from above, unless via OCS and DAV.
Both forced to accept-language falling back to english.
By removing the force, it now also matches the w3 priority list:
https://www.w3.org/International/questions/qa-lang-priorities

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-07 11:10:04 +02:00
Joas Schilling 7ad791efb4
Dont create a log entry on email login 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-07 10:15:20 +02:00
Arthur Schiwon fbadb37b9b
use known LockdownManager 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-06 15:27:30 +02:00
Arthur Schiwon 0a463e55ae
Save correct login name 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-06 15:22:43 +02:00
Morris Jobke 4eddb95fc4
Add method to $methodsWithSensitiveParameters 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-06 15:22:43 +02:00
Arthur Schiwon daf9d23547
don't regenerate Session ID twice, also fixes tests 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-06 15:22:43 +02:00
Arthur Schiwon 50844e8c47
regenerate session id on successful login, fixes integration test 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-06 15:22:43 +02:00
Arthur Schiwon 7b3fdfeeaa
do login routine only once when done via LoginController 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-06 15:22:42 +02:00
Robin Appelman baec42e80a
Save the scope of an auth token in the session 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-05 17:58:33 +02:00
Robin Appelman bb7e236e74
Allow searching file by fileid 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-05 15:22:53 +02:00
Kawohl bee0a3699e
removed path to datadir 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-04 19:07:59 -05:00
Morris Jobke 95a21e2f2a
Check for boolean false and add tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-04 15:56:50 -05:00
Morris Jobke 0fcb37adcb
OC_ -> NC_ 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-04 15:56:50 -05:00
Philipp Schaffrath 695a17804e
Override config.php values through ENV variables (#26570) 
* added functionality to override config.php values with 'OC_' prefixed environment variables

* use getenv to read environment variables since apache does not set $_ENV variables, fixed test

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-04 15:56:50 -05:00
Morris Jobke fa4107893d Merge pull request #4138 from nextcloud/resources_match_fullid 
Match slashes in ../{id} resource routes
 2017-04-04 15:52:53 -05:00