On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The serialized data in 19 has one property less and this was not
considered in the code. Hence adding a fallback. Moreover I'm changing
the deserialization into an array instead of object, as that is the
safer option.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
The menu button and the menu of a share are no longer direct childs of
the actions of the share row. The menu button is now a child of a
".trigger" element, while the menu is a direct child of the body and has
an id defined in the "aria-describedby" attribute of the ".trigger"
element.
In XPath 1.0 it does not seem possible to "backreference" a value or
create variables, so when the share menu or one of its item is needed
now the ".trigger" element is first found and then its XPath expression
is used to compose its "aria-describedby" attribute in the XPath
expression for the menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
IMipPlugin.php Removed blank lines to make php-cs-fixer happy.
Minor cleanup: bugs found by Psalm static checker
IEMailTemplate: The public interface to addBodyListItem also needs to include the new plainIndent parameter.
IMipPlugin: Fixes an undefined variable for events that do not have DTEND. Also use explicit string conversion for parameters and properties in several places.
The new email template adds an additional blank line before "button" links in plain text, so the tests were fixed to include that additional blank line.
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
When a row is added to the file list the opacity of the file row is
animated from transparent to fully opaque. As the file actions menu is a
descendant of the row but overflows it when the row is not fully opaque
clicks on the menu entries "fall-through" and are received instead by
the rows behind.
The opacity animation is a CSS animation, and it is not possible to know
if a row is appearing or not except from its opacity (the row will have
the "appear" CSS class even after the animation ended). Therefore it
should be waited until the row of the file is fully opaque before using
the menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
I removed the tests completely because they just test that the constructor assigns the values to the internal properties. Nothing that should be cared about from the outside.
See https://github.com/sebastianbergmann/phpunit/issues/3339#issuecomment-428843322
It is seen as bad practice to test internal stuff of objects instead of the actual input and output of mathod calls.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
The (old) Firefox version used in the acceptance tests does not properly
render the share link menu. As the menu is taller than it should
sometimes it covers the copy link button, so it is not possible to click
it without hiding the share link menu. Moreover, in those cases the
share menu button is also covered by the share menu, so the menu needs
to be closed by pressing the "Esc" key.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Keep the registration context
* Expose the context object for other components
* Ensure registration is only run once
Search providers are migrated for demonstration.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This will allow to do lazy registration here which should allow for
loading less (or at least only when needed!).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If we use the owners mount point this results in null. And then the rest
of the checks get called with null. Which doesn't work.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This is not required and doesn't allow us to be properly lazy. On top of
it this doesnt allow us to cache the routes (since closures/objects
can't be cached).
This is the first small step into cleaning up the routing we have
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
OC::$WEBROOT can be empty in case if your nextcloud installation has no url prefix. This will result in an empty Location Header.
in other areas OC::$WEBROOT is always used together with an /
The old sharing mechanism isn't working anymore, because it was replaced by Share 2.0. Also it was nowhere used so this removes the code paths and reduces complexity.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This is like what we have to DI and classes, but for callables.
The motivating factor is to get rid of *service locators* in the `boot`
method of apps as a new pattern is about to emerge where we have lots of
`query` calls on the app or server container in order to fetch some
services.
With this little helper it's possible to call another (public) method
and magically have everything injected.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.
Helps with #21474
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
while this scan *should* never be triggered, it's good to have some failsafe to ensure
that the users home contents don't end up getting scanned in the root storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).
However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".
Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.
We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.
This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
currenty when getting the groups for a user, the full group object is always created (and cached)
even if only the groupid is required
Signed-off-by: Robin Appelman <robin@icewind.nl>
The minimum for memory cost is 8 KiB per thread. Threads must be checked and set first to allow checking against the correct memory cost mimimum.
Options are now applied the following way:
- If config.php contains the setting with an integer higher or equal to the minimum, it is applied.
- If config.php contains the setting with an integer lower than the minimum, the minimum is applied.
- If config.php does not contain the setting or with no integer value, the PHP default is applied.
Signed-off-by: MichaIng <micha@dietpi.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Previous implementation assumes the app path is always a child \OC::$SERVERROOT. That's not always true.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Also prefix resources
Unify the prefix handling
Handle urls with and without slash
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Else the number of files can grow very large very quickly in the preview
folder. Esp on large systems.
This generates the md5 of the fileid. And then creates folders of the
first 7 charts. In that folder is then a folder with the fileid. And
inside there are the previews.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
these are actually expected to FAIL, because NULL as a userid is not
allowed in the schema, but documented to be used on the source
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
JSUnit tests are failing for some reason. It seems to be related to a new karma-coverage version published a few hours ago.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
hashes are set in "X-Hash-MD5", "X-Hash-SHA1" and "X-Hash-SHA256" headers.
these headers are set for file uploads and the MOVE request at the end of a multipart upload.
Signed-off-by: Robin Appelman <robin@icewind.nl>
Bump p-limit from 2.2.2 to 2.3.0, @nextcloud/auth from 1.2.2 to 1.2.3, @babel/preset-env from 7.8.7 to 7.9.5, @nextcloud/event-bus from 1.1.3 to 1.1.4, @nextcloud/password-confirmation from 1.0.0 to 1.0.1, @nextcloud/l10n from 1.2.2 to 1.2.3, @nextcloud/initial-state from 1.1.1 to 1.1.2, core-js from 3.6.4 to 3.6.5 …
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
If the value was never enabled or disabled, the settings show "Restrict
username enumeration to groups" as disabled. However, in some components
it was enabled by default, which caused an inconsistency in the
behaviour with respect to the settings, for example in the contacts
menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This reverts commit f402e23448.
Since eb4c42d3d1 now shares are accepted
by default, so no notification is shown to accept them.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
behat/mink 1.8 and behat/mink-selenium2-driver 1.4 introduced behaviour
changes that broke the acceptance tests. Until the tests are updated to
work with the newer versions the last known versions are forced.
Note that some acceptance tests still fail after enforcing the
compatible versions, although that is caused by changes in the Nextcloud
server itself.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
The custom config allows to setup a proxy URI that is passed to
GuzzleHTTP client as request options. Guzzle has the option to receive
an array of proxies for each URI scheme as well as 'no' key value pair
to provide a list of host names that should not be proxied to.
Guzzle would automatically populate these options with HTTPS_PROXY
and NO_PROXY environment variables. However, when providing a 'proxy'
request option, default values will be overriden and it is required to
explicitly provide the 'no' value if needed.
More info:
http://docs.guzzlephp.org/en/stable/request-options.html#proxy
This commit will add support for a new config 'proxyexclude', which
takes a list of host names to be excluded.
It will also provide 'proxy' request option as an array instead of a
string to Guzzle, and populate 'http' and 'https' URI schemes with
proxy URI, and 'no' with 'proxyexclude' list.
Also, if no 'proxy' is configured, it will leave out 'proxy' request
option, so it won't override Guzzle default values.
Sample config file includes a hint on how to explicitly sync
'proxyexclude' with NO_PROXY, and a note about default values.
Signed-off-by: Mohammed Abdellatif <m.latief@gmail.com>