Tobia De Koninck
fa402c74d2
Add tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck
473a1ecad1
Fix tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Tobia De Koninck
92c238e0f0
Privacy enhancements for contacts menu
...
- Groups, which are excluded from sharing should not see local users at all
- If sharing is restricted to users own groups, he should only see contacts from his groups:
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Nextcloud bot
113fd47f30
[tx-robot] updated from transifex
2017-09-15 00:08:08 +00:00
John Molakvoæ (skjnldsv)
1a0ac912b2
Fix webroot throw
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
Nextcloud bot
7698781a1e
[tx-robot] updated from transifex
2017-09-14 00:08:12 +00:00
Morris Jobke
883574974d
Merge pull request #6458 from nextcloud/rethrow-correct-exception
...
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
Lukas Reschke
8ef4fcb4b7
Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
...
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
Nextcloud bot
5ce3c7003b
[tx-robot] updated from transifex
2017-09-13 00:08:12 +00:00
Roeland Jago Douma
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Axel Helmert
01d4967130
Fix undefined variable $tmpRoot
...
Refactoring of webroot detection left an unused variable.
Fixes : #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
Joas Schilling
c4b3198ac2
Rethrow the correct exception when there was an error in an app container
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
Julius Härtl
8391ca8792
Use IAppManager instead of private API
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
Julius Härtl
b49ab065b7
Move theming related imagePath logic to ThemingDefaults
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
Lukas Reschke
88731848c6
Merge pull request #6435 from nextcloud/add-exception-to-phpdoc
...
Add exceptions to PHPDoc of interface
2017-09-11 13:01:41 +02:00
William Pain
9a63ded43b
Fix uninitialized variable $this->params
...
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
Lukas Reschke
b97f48f1af
Add exceptions to PHPDoc of interface
...
Improves static code analysis here and also keeps expectations proper.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-10 20:01:36 +02:00
Nextcloud bot
3f6692ee24
[tx-robot] updated from transifex
2017-09-10 00:08:23 +00:00
Morris Jobke
8a79d0cc70
Merge pull request #6414 from nextcloud/share-notification-wrong-language
...
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Morris Jobke
75c38d5d98
Merge pull request #6416 from nextcloud/make-sure-sqlite-works-without-content
...
Ask the schema whether the table and column exist
2017-09-08 19:09:38 +02:00
Morris Jobke
e9c713902e
Merge pull request #6417 from nextcloud/proper-english-nowhave
...
Improve text: 'you have now' -> 'you now have'
2017-09-08 18:29:22 +02:00
Leon Klingele
8e46e6b827
Improve text: 'you have now' -> 'you now have'
...
Signed-off-by: Leon Klingele <leon@struktur.de>
2017-09-08 13:47:11 +02:00
Joas Schilling
29e1aa57e1
Ask the schema whether the table and column exist
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling
7e625a8d22
Use the language of the recipient for the share notification
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Nextcloud bot
194f880073
[tx-robot] updated from transifex
2017-09-08 00:08:16 +00:00
Lukas Reschke
bab313da5d
Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
...
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke
11c7a98a2a
Merge pull request #6380 from nextcloud/cleanup-oci-setup
...
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke
485e22acde
Merge pull request #6329 from nextcloud/ldap-password
...
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage
7a33b9273e
Refactor webroot detection in resource locator
...
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).
With this change both variants, directory and symlinks, will be detected
correctly.
Fixes : #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke
a10c4517cb
Merge pull request #5571 from Luzifer/5570_backend_admin
...
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke
5d4540f179
Merge pull request #6364 from nextcloud/fix_login_loop
...
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling
b68609d0cf
Don't log LDAP password when server is not available
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman
2c0efae30f
cleanup oci setup code
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Nextcloud bot
9d930210ee
[tx-robot] updated from transifex
2017-09-06 00:08:21 +00:00
Morris Jobke
15cd21d252
Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
...
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Knut Ahlers
586cefc4f1
Add @since tag to constant
...
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-09-05 15:49:13 +02:00
Roeland Jago Douma
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst
87aeae21e3
Fix failing csp/nonce check due to timed out session
...
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Morris Jobke
e0c92c2da3
Update autoloader
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 15:42:34 +02:00
Joas Schilling
6dbb64c4a2
Merge setMetaData into constructor
...
This ensures that the meta data is set in the beginning
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke
4fd3240b5f
Merge pull request #6254 from nextcloud/async-bus-split
...
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke
1ebf91ec16
Add proper EOL
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Morris Jobke
c04a494ea7
Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
...
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
Roeland Jago Douma
c4f175d079
Merge pull request #6326 from nextcloud/fix_4654_3375
...
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
Morris Jobke
139f9bd3ca
Merge pull request #6331 from nextcloud/update-repair-step
...
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
Bjoern Schiessle
e195021926
update autoloader
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-04 11:59:00 +02:00
Morris Jobke
e33aa460f1
Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
...
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
Julius Härtl
b09ce70117
Rebuild SCSS files if frontend controller value changes
...
fixes #6271
2017-09-03 17:32:41 +02:00
Nextcloud bot
27c6dc9657
[tx-robot] updated from transifex
2017-09-02 00:08:29 +00:00
Bjoern Schiessle
e039a4c191
move repair step to stable12
...
because we decided to backport it the repair step needs to be executed
already on stable12
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
Roeland Jago Douma
ffe1429c4f
Pass new value to triggerChange
...
it is not used. but pass in the empty string (on delete) and the new
file (on create)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
Thomas Ebert
93d539b0cf
Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
...
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00
Roeland Jago Douma
84ea66dca8
Merge pull request #6296 from nextcloud/improve_2fa
...
Improve 2FA
2017-08-31 10:52:40 +02:00
Nextcloud bot
99dcf5036d
[tx-robot] updated from transifex
2017-08-31 00:08:31 +00:00
Nextcloud bot
1e24fe858a
[tx-robot] updated from transifex
2017-08-30 00:08:26 +00:00
Roeland Jago Douma
84b7022118
Improve 2FA
...
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
Morris Jobke
3cfe91bf0f
Add shareWith to email template metadata
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-29 16:09:25 +02:00
Morris Jobke
8c917cbfe0
Merge pull request #6288 from nextcloud/master-6287
...
Allow the expiration date to be set to null
2017-08-29 11:32:11 +02:00
Nextcloud bot
daf2d6cb96
[tx-robot] updated from transifex
2017-08-29 00:08:27 +00:00
Morris Jobke
be23f7e1de
Allow the expiration date to be set to null
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-28 17:49:16 +02:00
Nextcloud bot
8e4085526d
[tx-robot] updated from transifex
2017-08-28 00:08:24 +00:00
Robin Appelman
804d97d6ff
unlock file when an exception occurs during scanning
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Robin Appelman
18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Morris Jobke
2bf15eda26
Merge pull request #6255 from nextcloud/email-meta-data
...
Add meta information to emails for better customisation
2017-08-26 18:53:52 +02:00
Morris Jobke
0b652648cc
Merge pull request #6177 from nextcloud/properly-add-slo-url
...
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
Morris Jobke
92292dc06a
Merge pull request #6189 from nextcloud/circle-token
...
link to getShareByToken
2017-08-26 18:26:12 +02:00
Roeland Jago Douma
6c6253ff6f
Bump autoloader
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-26 13:48:18 +02:00
Christoph Wurst
6676232a56
Allow 2FA providers to specify their custom CSP
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-08-26 13:48:08 +02:00
Nextcloud bot
ca490bafb9
[tx-robot] updated from transifex
2017-08-26 00:08:26 +00:00
Nextcloud bot
7b8bd8188e
[tx-robot] updated from transifex
2017-08-25 00:08:59 +00:00
Björn Schießle
60ee450809
Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
...
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
Joas Schilling
09747b296a
Add meta information to emails for better customisation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-24 17:54:22 +02:00
Robin Appelman
5431b8bfc2
allow configuring the command bus
2017-08-24 16:21:50 +02:00
Robin Appelman
9731350ace
split async test bus for easier subclassing
2017-08-24 16:06:37 +02:00
Nextcloud bot
a7f2dc6dd6
[tx-robot] updated from transifex
2017-08-24 00:08:50 +00:00
Roeland Jago Douma
9357cf735a
Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
...
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
Nextcloud bot
782f6e9454
[tx-robot] updated from transifex
2017-08-23 00:08:55 +00:00
Nextcloud bot
ae0789ef43
[tx-robot] updated from transifex
2017-08-22 00:08:20 +00:00
Lukas Reschke
223265b369
Merge pull request #6169 from nextcloud/check-encoding-log
...
Ensure log message is UTF-8 encoded
2017-08-21 10:20:52 +02:00
Nextcloud bot
9e1884b27c
[tx-robot] updated from transifex
2017-08-21 00:08:13 +00:00
Maxence Lange
0459c03696
link to getShareByToken
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2017-08-20 15:21:58 +02:00
Nextcloud bot
8c458de4c2
[tx-robot] updated from transifex
2017-08-20 00:08:15 +00:00
Nextcloud bot
6b978ebd29
[tx-robot] updated from transifex
2017-08-19 00:08:26 +00:00
Lukas Reschke
2e4cd44556
Inject \OCP\IURLGenerator to make tests work
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
Lukas Reschke
a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
...
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5
inside the navigation manager where one cannot simply inject attributes.
Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112 ,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
Nextcloud bot
231cffffb9
[tx-robot] updated from transifex
2017-08-18 00:08:15 +00:00
Lukas Reschke
c016b01bf9
Ensure log message is UTF-8 encoded
...
PHP's json_encode only accept proper UTF-8 strings, loop over all
elements to ensure that they are properly UTF-8 compliant or convert
them manually.
Without this somebody passing an invalid User Agent may make json_encode
return false which will get logged as empty newline.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 15:01:50 +02:00
Lukas Reschke
ed8a98eaa1
Prevent SQL error message in case of error
...
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.
The easiest way to reproduce is on MySQL:
1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
Lukas Reschke
e37cf2d6f0
Merge pull request #6158 from nextcloud/always-log-cron-execution
...
Always log cron execution
2017-08-17 11:14:12 +02:00
Morris Jobke
1c38a83927
Always log cron execution
...
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707
Recently there was also a bug report about a non-visible last cron execution
(#6088 ) - let's better remove this.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
Nextcloud bot
0ceb06fde5
[tx-robot] updated from transifex
2017-08-17 00:08:14 +00:00
Morris Jobke
4c558c99f3
Merge pull request #6130 from nextcloud/cleanup-unused-methods
...
Cleanup unused methods
2017-08-16 08:55:06 +02:00
Nextcloud bot
d7406e5159
[tx-robot] updated from transifex
2017-08-16 00:08:33 +00:00
Lukas Reschke
422c3e302a
Merge pull request #6099 from nextcloud/issue-3457-no-exception-on-sharee-error
...
Catch exceptions on error of cloud id resolution
2017-08-15 17:04:42 +02:00
Morris Jobke
a55e794bfd
Cleanup unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 14:29:26 +02:00
Morris Jobke
cf7c4a4439
Merge pull request #6123 from nextcloud/cleanup-shareItem
...
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
Morris Jobke
c5f14ac884
Merge pull request #6121 from nextcloud/cleanup-registerBackend
...
Use proper methods for registerBackend
2017-08-15 13:52:49 +02:00
Morris Jobke
8366dfa50b
Cleanup usage of shareItem in internal code base
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
Morris Jobke
895b9c2309
Use proper methods for registerBackend
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:29:15 +02:00
Morris Jobke
3e13e94254
Use proper methods for checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00