732c951ae1
Revert "Only allow colons in db host for IPv6 addresses"
...
This reverts commit 1287d6ddb3
2017-11-08 10:47:35 +01:00
06ba1a8a02
JSResourceLocator: account for symlinks in app path
...
Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
2017-11-07 14:54:21 -08:00
19069f2b9c
Merge pull request #6988 from starypatyk/stable12-mount-cache-performance
...
Improve performance of UserMountCache with external storage folders
2017-11-07 17:32:06 +01:00
f55732a18f
Merge pull request #7075 from nextcloud/remove-unused-variables
...
Remove unused variables
2017-11-07 16:18:40 +01:00
4866314ce0
Run updated license header updater
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-07 13:47:42 +01:00
f9e70c2ab6
Merge pull request #7020 from Fiech/master
...
Extended list of sensitive configuration values (2)
2017-11-07 10:27:53 +01:00
31c5c2a592
Change @georgehrke's email
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
da6c2c9da1
Merge pull request #7083 from nextcloud/update-license-headers
...
Update license headers
2017-11-06 18:48:04 +01:00
0eebff152a
Update license headers
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
5ed05219d7
Merge pull request #7076 from nextcloud/s3-valid-bucket-name
...
Better error message for invalid bucket names
2017-11-06 16:16:28 +01:00
5411d60b24
Merge pull request #5321 from coletivoEITA/user_ldap_plugins_structure
...
Implement plugins infrastructure in User_LDAP
2017-11-06 16:07:31 +01:00
6c29ce4e02
Merge pull request #6402 from nextcloud/dav-email-customization
...
Enhance calendar invitation emails
2017-11-06 15:14:49 +01:00
8b763ea0f7
Better error message for invalid bucket names
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:48:41 +01:00
5445b1ff17
Remove unused variables
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:43:45 +01:00
b0d296639c
CSSResourceLocator: account for symlinks in app path
...
Currently, if the app path includes a symlink, the calculated webDir
will be incorrect when generating CSS and URLs will be pointing to the
wrong place, breaking CSS.
Use realpath when retrieving app path, and these issues go away.
Fix #6028
Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
2017-11-03 23:52:09 -07:00
c7482402b8
Unlock files even if an exception occurs
...
Signed-off-by: Kristof Hamann <korelstar@users.noreply.github.com>
2017-11-03 18:29:04 +01:00
10ca793452
Plugins infrastructure in User_LDAP
...
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
2017-11-03 11:41:40 -02:00
e111da777a
Make L10N->l provide weekdayName
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-11-03 11:20:04 +01:00
687c92bfd3
Merge pull request #6974 from nextcloud/fix-fseek-on-objectstorage
...
Fix seeking on object storage
2017-11-02 14:56:51 +01:00
07016a1e5b
Improve performance of UserMountCache with external storage folders
2017-11-01 21:11:39 +01:00
e2805f02aa
Merge branch 'master' into autocomplete-gui
2017-11-01 15:37:29 +01:00
3e0789aa94
Merge pull request #6958 from nextcloud/improved-mimetype-detection-for-object-storage
...
Improve mimetype detection for object storages
2017-11-01 11:04:15 +01:00
defc4bf6a8
Merge pull request #6975 from nextcloud/s3-read-object-fopen
...
use fopen directly when reading objects from s3
2017-11-01 10:57:56 +01:00
6ddda3d7d4
Merge pull request #6952 from nextcloud/correctly-search-for-results
...
Correctly search for existing collaboration results
2017-10-31 14:49:01 +01:00
ba6e5bcc05
Add the return which is being used
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-31 14:06:21 +01:00
c5f76785ba
Mapping of m3u, m3u8, pls to audio streams
...
Signed-Off-By: Rello <Rello@users.noreply.github.com>
2017-10-31 14:05:24 +01:00
a0dab90fd5
Merge pull request #7021 from nextcloud/fix-oracle-indexes
...
Fix oracle indexes
2017-10-31 13:55:14 +01:00
bcfac75b06
simplify registration of manager in server container
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-31 13:55:03 +01:00
936486413d
Merge branch 'master' into master
2017-10-31 01:34:46 +01:00
84cc13f57b
Extended list of sensitive configuration values
...
In accordance with the issuetemplate app issue:
https://github.com/nextcloud/issuetemplate/issues/27
Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-31 01:30:50 +01:00
5672f14fd1
Merge pull request #7004 from Fiech/master
...
Extended list of sensitive configuration values
2017-10-30 20:01:42 +01:00
9f16468789
Die NoCheckMigrator
2017-10-30 18:59:24 +01:00
6a51c1bc4f
Add foreign key support to OC
2017-10-30 18:57:19 +01:00
d081a1a5ad
quote index columns on oracle, handle all index changes, minor phpdoc cleanup
2017-10-30 18:54:31 +01:00
c8323f822d
Merge pull request #6867 from nextcloud/imessage-attachments
...
Add attachment support to emails
2017-10-30 18:33:50 +01:00
d5f1cef642
fix comment sorter
...
background: we have a flat hierarchy of comments, not a tree. therefore we
can also remove again the unnecessary additions.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-30 15:59:43 +01:00
bde78decc2
Extended list of sensitive configuration values
...
In accordance with the issuetemplate app issue:
https://github.com/nextcloud/issuetemplate/issues/27
Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-29 23:46:59 +01:00
94f3fc63bc
Use ::class and fix missing doc
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-28 11:49:36 +02:00
3f0cb13042
Allow getting the filepath when getting cached mounts by fileid
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-27 14:35:34 +02:00
f9a7294807
use fopen directly when reading objects from s3
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-27 12:58:19 +02:00
de912385e0
Fix seeking on object storage
...
Seeking is not needed if the $from is 0, because then the pointer is already at the correct position. Additionally another fallback is added, that if the fseek fails it just uses an fread to skip the beginning of the file until it is at the correct position. This skipping is done with a chunked fread.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-27 12:16:28 +02:00
7a4c0c668b
Merge pull request #6977 from Fiech/master
...
Added additional methods for removal of sensitive info
2017-10-27 11:46:31 +02:00
4ae7275aeb
Added additional methods for removal of sensitive info
...
Signed-off-by: Johannes Schlichenmaier <johannes@schlichenmaier.info>
2017-10-27 10:36:58 +02:00
405bbc1c61
Improve mimetype detection for object storages
...
Object storage instances always fall back to the content based mimetype detection, because the file name for object storage was always random due to the fact that it was temporarily storage in a generated temp file. This patch adds a check before that to make sure to use the original file name for this purpose and also remove possible other extensions like the versioning or part file extension.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-26 16:31:59 +02:00
7f58c41015
fix sorting
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-26 16:23:41 +02:00
88cba6d882
Use local cache for the CachingRouter
...
There is no need to cache routes distributed. It even has the downside
that the router might return different routes then the ones in the local
routes.php files.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-25 19:23:46 +02:00
43b92b8e06
Add unit tests for SearchResult
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 11:21:05 +02:00
42c84b6309
Correctly search for existing collaboration results
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 10:38:26 +02:00
6a035bd0a0
Move attachment creators to mailer class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-25 09:26:57 +02:00
a82b56b1c7
Merge pull request #6918 from nextcloud/rotate_job_by_default
...
Add logrote as a default background job
2017-10-24 20:38:40 +02:00
b88db3a389
Merge pull request #6921 from nextcloud/appmanager-securitymiddleware
...
Use proper DI for security middleware for app enabled check
2017-10-24 19:58:24 +02:00
f368481c23
Merge pull request #6928 from nextcloud/remove-unneeded-method
...
Remove unused method of OC_App
2017-10-24 17:50:43 +02:00
ce0c45a4ea
Use proper DI for security middleware for app enabled check
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 15:36:28 +02:00
7b7bf73670
Deprecate OC_App:isEnabled
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 14:05:46 +02:00
df85b13296
Remove unused method of OC_App
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 14:04:09 +02:00
3eaf23f29f
Merge pull request #6920 from nextcloud/appmanager-usage
...
Use appmanager instead of OC_App for check for enabled app
2017-10-24 13:53:17 +02:00
e2139d4b56
Add logrote as a default background job
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 08:28:06 +02:00
f884e762bc
Use appmanager instead of OC_App for check for enabled app
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-23 23:31:17 +02:00
b3c025fd08
Revert copyright changes
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-23 23:23:56 +02:00
4cfa1c66b8
Doc: Fix phpDoc issues
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-23 23:23:56 +02:00
8f0a9ae51f
split walking the tree from operating on it
...
so walking it is reusable
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-22 14:13:37 +02:00
fd6daf8d19
AutoCompletion backend
...
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-22 14:13:32 +02:00
db34b59238
Prevent XSS in links which open a new browser window
2017-10-19 12:16:04 +02:00
65e938c4fd
Fix docs
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-19 11:18:21 +02:00
dcb322a6b3
Extend the API with teh parameters from Swift
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-19 11:05:47 +02:00
f6f7b50cf0
Merge pull request #6853 from nextcloud/apps_autoloader
...
Allow apps to have their own autoloader
2017-10-19 11:05:23 +02:00
ce27e8cf34
Add attachment support to emails
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:44:19 +02:00
3119fd41ce
Set the data from the template
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
c9af36a9ab
Introduce a public interface for Message
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
8b37fe7f65
Set the subject with the email template to allow theming
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:03 +02:00
f109c1a10c
Allow templating of email subjects
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-18 15:12:00 +02:00
3a9c24c04f
Allow apps to have their own autoloader
...
This will allow apps to also have a proper classmap and authorative
autoloader.
Currently if a file: <appdir>/composer/autoload.php exists we will use
it. Else we keep the current behavior.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-17 21:35:49 +02:00
91b3536f45
propagate multipart upload exception when aborting upload
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-17 15:10:58 +02:00
c25be8d83c
Merge pull request #6837 from nextcloud/timespan-check-3
...
Fix future time spans
2017-10-16 13:35:53 +02:00
a5912cbe33
Merge pull request #6812 from nextcloud/upload-cache-path
...
also use configured 'cache_path' for new chunking
2017-10-15 21:42:41 +02:00
ac2a6e0f2f
Fix future time spans
...
Signed-off-by: dartcafe <github@dartcafe.de>
2017-10-15 08:31:11 +02:00
1a99e0dab4
Merge pull request #6602 from nextcloud/s3-multipart-upload
...
Add multipart upload for s3
2017-10-11 16:10:58 +02:00
e393b3553e
set s3 part size to 500mb
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-11 15:59:53 +02:00
d27b0b07bc
also use configured 'cache_path' for new chunking
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-11 14:18:45 +02:00
ec0091d499
Do not return app names multiple times
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-10-10 12:34:38 +02:00
6292f665d7
Allow multiple settings and sections per app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-05 11:34:03 +02:00
2d62f97f1b
Merge pull request #6328 from nextcloud/split-sharees-api-logic
...
Splits off the logic from sharees endpoint thus making it available from within Nc/via PHP.
2017-10-04 15:43:44 +02:00
7525c387ce
dont run invalid path repair step when upgrading from 11.0.5.2 and later
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-03 16:27:26 +02:00
870d71689a
Merge pull request #6563 from nextcloud/bigint-ids
...
Migrate ID columns to bigint
2017-09-29 12:23:41 +02:00
a3bdb318e9
Fix bigint handling on postgres
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
e9aa11a1b0
Use full percentages in quota bar percentages
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-28 17:58:49 +02:00
b36dd8b71f
Fallback to filename based detection if the remote dav server doesn't know the mimetype
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-28 14:22:42 +02:00
5f25dd7095
Merge pull request #6599 from nextcloud/fix_2523
...
Add direct preview link
2017-09-27 23:27:54 +02:00
a579f8aa37
adapt attribute name (changed letter case style)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-27 13:22:59 +02:00
90d7e8f6f4
Merge pull request #6586 from nextcloud/fix/app-install-extract-check
...
Check whether an app archive can be extracted
2017-09-27 10:41:21 +02:00
b87914be9c
Merge pull request #6645 from nextcloud/fix-6642-only-colons-for-ipv6
...
Only allow colons in db host for IPv6 addresses
2017-09-27 10:17:36 +02:00
937a80c941
reduce nesting of the required app XML
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-27 01:22:17 +02:00
3db3e65121
add tests for Lookup Plugin
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
a28b1d91f9
split off former searchSharee unit test
...
also moves registering default plugins to Server for proper unit testing
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
3d1d03a511
split off getEmail tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
c92f7ee767
split off getRemote unit tests
...
adds two small fixes → they actually work \o/
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
dd9e191d37
split off getUsers unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
f446ec83dd
minor fixes
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
9db3b04f1b
finetune the appinfo parser
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
c55583d1b4
allow more than one plugin per share type
...
however it does not dedupe (appears too complex/expensive while we don't
havve the issue currently)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
f7713e5f3f
make it possible to register plugins and kick out the circle one
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
4a96e22258
don't keep result types hard coded
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
ea3ac4e656
Splits off the logic from sharees endpoint thus making it available from
...
within Nc/via PHP.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:17 +02:00
fc46e98fc6
Merge pull request #6647 from nextcloud/scss-no-take-only-throw
...
Do not stop on scss compilation failure
2017-09-26 16:26:43 +02:00
dec713fc92
Do not stop on scss compilation failure
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-26 15:29:37 +02:00
fe3b2385ab
Code clean up
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:27:42 +02:00
1287d6ddb3
Only allow colons in db host for IPv6 addresses
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:20:04 +02:00
11c31e94fe
Improve exception handling
...
If there is an exception in the template handling then a white page is shown.
This improves the handling of this and shows text only about the internal
error.
To test this just setup redis as cache and then disable the php-redis module.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-26 13:54:51 +02:00
292a704648
Merge pull request #6544 from nextcloud/fix/duplicate-session-token
...
Fix duplicate session token after remembered login
2017-09-25 17:39:02 +02:00
3bd4e7e541
Merge pull request #6632 from nextcloud/do_not_show_hyphen
...
Do not show hyphen
2017-09-25 16:34:50 +02:00
29fb315ffc
Allow requesting the max preview
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:48 +02:00
86265320b8
do not show hyphen after instance name in emails if slogan does not exist
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 09:20:46 +02:00
c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-24 21:07:16 +02:00
4a5eeb2ce7
Fixed webroot detection
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-22 07:20:31 +02:00
38568c362b
Merge pull request #6605 from nextcloud/oc_ocs_response_is_dep
...
OC_OCS_Response is deprecated
2017-09-21 20:38:18 +02:00
2207fdcd8c
Remove private legacy OC_OCS_Response
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:56 +02:00
87e10f9e6a
OC_OCS_Response is deprecated
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:00 +02:00
385d6f098c
Add tests for multipart upload
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:47:34 +02:00
4ae46d8876
only do multipart upload for large files
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:06:59 +02:00
0e17b65bcf
Avoid error undefined index classes in log
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-21 14:00:39 +02:00
38bb6e1477
Fix duplicate session token after remembered login
...
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
8358c63f53
Merge pull request #6573 from nextcloud/nonfound-webroot-empty-string
...
Fix "webroot not found" when installed to the root of the webserver
2017-09-20 20:04:27 +02:00
e4e5e735db
multipart upload for s3 object storage
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 17:51:58 +02:00
5430d73a0e
Fix "webroot not found" when installed to the root of the webserver
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 14:19:15 +02:00
2e19c42bc5
Check whether an app archive can be extracted
...
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 14:07:17 +02:00
6d7ca1092d
Read appinfo from a local cache
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-19 14:34:11 +02:00
d526969a68
fix path style
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:28 +02:00
d70607104e
reuse object read/write/delete logic in s3 implementations
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
dad18baec8
update aws sdk and move it to 3rdparty
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
ca5c3f839a
Merge pull request #6490 from nextcloud/share_pagination_query
...
Improve sharing pagination
2017-09-18 14:34:15 +02:00
a0132a49a6
Merge pull request #6549 from nextcloud/fix-6534
...
don't pass User object when uid string is expected
2017-09-18 14:28:14 +02:00
53057f2bd0
Merge pull request #5462 from nextcloud/add-frameancestor-support
...
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
0837745477
don't pass User object when uid string is expected
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-18 13:19:47 +02:00
ae1fdf73c2
Improve sharing pagination
...
Basically we did in almost all cases did a query to much.
This resulted in an extra query for each share type.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-15 19:44:19 +02:00
705432ca6f
Add filter for `shareapi_allow_share_dialog_user_enumeration`
...
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.
Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
ecf347bd1a
Add CSP frame-ancestors support
...
Didn't set the @since annotation yet.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
5896176d69
Fix issue when disabling the shareapi_only_share_with_group_members option + fix findOne
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:41 +02:00
7dfa527da2
Improve code style
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
f0370c0244
Some code improvements
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
fa402c74d2
Add tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
473a1ecad1
Fix tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
92c238e0f0
Privacy enhancements for contacts menu
...
- Groups, which are excluded from sharing should not see local users at all
- If sharing is restricted to users own groups, he should only see contacts from his groups:
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
1a0ac912b2
Fix webroot throw
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
883574974d
Merge pull request #6458 from nextcloud/rethrow-correct-exception
...
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
8ef4fcb4b7
Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
...
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
01d4967130
Fix undefined variable $tmpRoot
...
Refactoring of webroot detection left an unused variable.
Fixes : #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
c4b3198ac2
Rethrow the correct exception when there was an error in an app container
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
8391ca8792
Use IAppManager instead of private API
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
b49ab065b7
Move theming related imagePath logic to ThemingDefaults
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
9a63ded43b
Fix uninitialized variable $this->params
...
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
8a79d0cc70
Merge pull request #6414 from nextcloud/share-notification-wrong-language
...
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
29e1aa57e1
Ask the schema whether the table and column exist
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
7e625a8d22
Use the language of the recipient for the share notification
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
bab313da5d
Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
...
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
11c7a98a2a
Merge pull request #6380 from nextcloud/cleanup-oci-setup
...
cleanup oci setup code
2017-09-07 14:11:55 +02:00
485e22acde
Merge pull request #6329 from nextcloud/ldap-password
...
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
7a33b9273e
Refactor webroot detection in resource locator
...
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).
With this change both variants, directory and symlinks, will be detected
correctly.
Fixes : #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
a10c4517cb
Merge pull request #5571 from Luzifer/5570_backend_admin
...
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
5d4540f179
Merge pull request #6364 from nextcloud/fix_login_loop
...
Fix login with basic auth
2017-09-06 17:04:00 +02:00
b68609d0cf
Don't log LDAP password when server is not available
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
2c0efae30f
cleanup oci setup code
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
15cd21d252
Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
...
Set the meta data before everything
2017-09-05 16:08:57 +02:00
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
87aeae21e3
Fix failing csp/nonce check due to timed out session
...
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
6dbb64c4a2
Merge setMetaData into constructor
...
This ensures that the meta data is set in the beginning
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
4fd3240b5f
Merge pull request #6254 from nextcloud/async-bus-split
...
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
1ebf91ec16
Add proper EOL
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
c04a494ea7
Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
...
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
c4f175d079
Merge pull request #6326 from nextcloud/fix_4654_3375
...
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
139f9bd3ca
Merge pull request #6331 from nextcloud/update-repair-step
...
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
e33aa460f1
Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
...
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
b09ce70117
Rebuild SCSS files if frontend controller value changes
...
fixes #6271
2017-09-03 17:32:41 +02:00
e039a4c191
move repair step to stable12
...
because we decided to backport it the repair step needs to be executed
already on stable12
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
ffe1429c4f
Pass new value to triggerChange
...
it is not used. but pass in the empty string (on delete) and the new
file (on create)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
93d539b0cf
Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
...
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00
84ea66dca8
Merge pull request #6296 from nextcloud/improve_2fa
...
Improve 2FA
2017-08-31 10:52:40 +02:00
84b7022118
Improve 2FA
...
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
3cfe91bf0f
Add shareWith to email template metadata
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-29 16:09:25 +02:00
be23f7e1de
Allow the expiration date to be set to null
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-28 17:49:16 +02:00
804d97d6ff
unlock file when an exception occurs during scanning
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
2bf15eda26
Merge pull request #6255 from nextcloud/email-meta-data
...
Add meta information to emails for better customisation
2017-08-26 18:53:52 +02:00
0b652648cc
Merge pull request #6177 from nextcloud/properly-add-slo-url
...
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
92292dc06a
Merge pull request #6189 from nextcloud/circle-token
...
link to getShareByToken
2017-08-26 18:26:12 +02:00
60ee450809
Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
...
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
09747b296a
Add meta information to emails for better customisation
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-24 17:54:22 +02:00
5431b8bfc2
allow configuring the command bus
2017-08-24 16:21:50 +02:00
9731350ace
split async test bus for easier subclassing
2017-08-24 16:06:37 +02:00
9357cf735a
Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
...
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
0459c03696
link to getShareByToken
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2017-08-20 15:21:58 +02:00
2e4cd44556
Inject \OCP\IURLGenerator to make tests work
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
...
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5nextcloud/user_saml#112 ,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
c016b01bf9
Ensure log message is UTF-8 encoded
...
PHP's json_encode only accept proper UTF-8 strings, loop over all
elements to ensure that they are properly UTF-8 compliant or convert
them manually.
Without this somebody passing an invalid User Agent may make json_encode
return false which will get logged as empty newline.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 15:01:50 +02:00
ed8a98eaa1
Prevent SQL error message in case of error
...
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.
The easiest way to reproduce is on MySQL:
1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
1c38a83927
Always log cron execution
...
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707
Recently there was also a bug report about a non-visible last cron execution
(#6088 ) - let's better remove this.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
cf7c4a4439
Merge pull request #6123 from nextcloud/cleanup-shareItem
...
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
8366dfa50b
Cleanup usage of shareItem in internal code base
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
3e13e94254
Use proper methods for checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00
f640b56bfa
Cleanup unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 10:09:47 +02:00
Morris Jobke
Kyle Fazzari
Roeland Jago Douma
korelstar
Vinicius Cubas Brand
Georg Ehrke
Dariusz Olszewski
Arthur Schiwon
Joas Schilling
Rello
Johannes S
Victor Dubiniuk
Piotr Mrowczynski
Jörn Friedrich Dreyer
Georg Ehrke
Robin Appelman
Roeland Jago Douma
Julius Härtl
Markus Staab
Lukas Reschke
dartcafe
John Molakvoæ
John Molakvoæ (skjnldsv)
Stephan Müller
Christoph Wurst
Thomas Citharel
Tobia De Koninck
Axel Helmert
William Pain
tux-rampage
Bjoern Schiessle
Thomas Ebert
Maxence Lange