Commit Graph

9687 Commits

Author SHA1 Message Date
Arthur Schiwon 5bab0da935 when downloading from web, skip files that are not accessible
* avoids a 403, but enables download of resources that are not restricted
* single file downloads still cause 403

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-12-19 16:55:54 +00:00
Arthur Schiwon 61de35c70e use Nodes API for zip streaming
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-12-19 16:55:54 +00:00
Julius Härtl 4d646a75f5 Use files node API for single file downloads
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-19 16:55:53 +00:00
Roeland Jago Douma 3d02121db3 Fix Office preview generation
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-18 21:43:31 +00:00
Roeland Jago Douma 6955841c82
Fix detection of non extention types
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-12 22:23:18 +01:00
Joas Schilling 848ca71730
Try more methods
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-12 22:23:18 +01:00
Joas Schilling 1dad2ddf39
Some more fixes in detecting the mimetype from the content
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-12 22:23:17 +01:00
Joas Schilling 5c9f503146
Allow to check for the mimetype by content only
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-12 22:23:17 +01:00
Roeland Jago Douma 387d216214
Merge pull request #18355 from nextcloud/backport/17935/stable17
[stable17] adding share type circles
2019-12-12 10:49:12 +01:00
Maxence Lange d6a276c57d using IShare::
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-12-11 11:39:03 +00:00
Maxence Lange 1420cd5a7e adding share type circles
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-12-11 11:39:02 +00:00
Konrad Bucheli f914b98860 handle IPv6 addresses with an explict incoming interface at the end (e.g fe80::ae2d:d1e7:fe1e:9a8d%enp2s0)
Signed-off-by: Konrad Bucheli <konrad.bucheli@gmx.ch>
Signed-off-by: Konrad Bucheli <kb@open.ch>
2019-12-11 10:34:21 +00:00
Roeland Jago Douma e5772bdc3d
Merge pull request #18332 from nextcloud/backport/18312/stable17
[stable17] Do not disable authentication apps
2019-12-10 19:29:05 +01:00
Roeland Jago Douma ac5f77a796
Merge pull request #18306 from nextcloud/backport/18184/stable17
[stable17] Move overwritehost check to isTrustedDomain
2019-12-10 14:54:11 +01:00
Roeland Jago Douma c0becec8ad Do not disable authentication apps
For #18249

If an app encounters an error during loading of app.php the app is
normally disabled. However. We should make sure that this doesn't happen
for authentication apps (looking at your user_saml).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 13:44:51 +00:00
Roeland Jago Douma 5623dff5ef
Merge pull request #18186 from nextcloud/backport/18149/stable17
[stable17] delay creation of the cert bundle
2019-12-10 13:38:58 +01:00
Julius Härtl 419df66251 Move overwritehost check to isTrustedDomain
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-09 20:39:00 +00:00
Joas Schilling c17d86c081
Mark "Talk" active on /call/token URLs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-04 10:13:44 +01:00
Roeland Jago Douma a7f596d241 Throw an invalid token exception is token is marked outdated
This avoids hitting the backend with multiple requests for the same
token. And will help avoid quick LDAP lockouts.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-03 08:25:12 +00:00
Christoph Wurst 55b5e13e15
Handle token insert conflicts
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.

As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-02 14:20:51 +01:00
Arthur Schiwon ea3fc33beb
delay creation of the cert bundle
fixes #18148

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-12-02 12:09:01 +01:00
Daniel Kesselberg 956c459465 Add information about credentials
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-22 13:27:16 +00:00
Daniel Kesselberg 33dc7333a6 Remove objectstore credentials
Also remove the username for Swift v2 and add todo for unclear keys.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-22 13:27:16 +00:00
Daniel Kesselberg d77d94b1a0 Remove objectstore credentials
S3: key and secret
Swift v3: user.name and user.password

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-22 13:27:15 +00:00
Roeland Jago Douma 830554c1a7
Merge pull request #18036 from nextcloud/backport/18003/stable17
[stable17] Do not check for updates if we have no internet
2019-11-21 07:48:49 +01:00
Joas Schilling f3ad49b866 Fix installing with MySQL 8.0.4+
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-11-20 20:52:06 +00:00
Roeland Jago Douma d95a54b359 Do not check for updates if we have no internet
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:55:19 +00:00
Arthur Schiwon a9c61b4ed7 pass through ServerNotAvailableException on app init
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-14 21:01:02 +00:00
Thibault Coupin 4a09899ad8 Fix reshare with circle
Signed-off-by: Thibault Coupin <thibault.coupin@gmail.com>
2019-11-12 15:28:19 +00:00
Robin Appelman 8f6a11fdc0 actually return the quote when getting global storage info
prevents 'undefined' index errors when 'include external storage in quota' is enabled

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-07 22:53:54 +00:00
Arthur Schiwon 46e7787c7d switch to Files Node API for zip generation
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-07 10:04:12 +00:00
Roeland Jago Douma bc6442c46b Do not show 'Get your own free account' on services under subscription
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-30 09:55:32 +00:00
Roeland Jago Douma 16c799c9f3 Fix DAV mimetype search
Fixes #15048
Catches the case where a full mimetype is sumbitted in the where like
clause. Before we didn't catch this and it was just forwarded as is
causing invalid queries.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-29 07:35:33 +00:00
Roeland Jago Douma f3af39ec78 Make sure limit is never negative
There were some cases where a negative limit could be passed in. Which
would happily make the query explode.

This is just a quick hack to make sure it never is negative.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-28 13:00:28 +00:00
Roeland Jago Douma 7777c5ff1c Cleanup theming mess
* Do not do translations in the constructor. This gets called to early
so there is no user yet. Which means we can't obtain the locale. Which
means we store the wrong translation instance.

* Same for the theming app magic. Just use the parent call when needed.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-26 10:15:26 +00:00
Roeland Jago Douma 0449d1457c Don't pass in the locale as the language
This messes with the translation of the date names etc.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-26 10:15:24 +00:00
Julius Härtl 53f8f21cc9 Make sure the cache is only reset once at a time
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-17 09:28:11 +00:00
Julius Härtl fbe6a57866 Use a distributed cache for the isCachedCache
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-17 09:28:10 +00:00
Arthur Schiwon eb191af518 reduce adressbook change events and handling
... from four to one on avatar updates

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-10-01 10:18:20 +00:00
Roeland Jago Douma 4f54d12ff9
Merge pull request #17277 from nextcloud/backport/17264/stable17
[stable17] handle moveFromStorage within the same storage even when storage wrap…
2019-09-27 12:28:40 +02:00
Roeland Jago Douma b29bc1e593
Merge pull request #17281 from nextcloud/backport/17262/stable17
[stable17] dont delete cache entries if deleting an object from object store failed
2019-09-27 12:28:11 +02:00
Robin Appelman ffcb590583 dont delete cache entries if deleting an object from object store failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-26 14:14:44 +00:00
Robin Appelman 1048bc5102 handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that

Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-26 13:54:44 +00:00
Joas Schilling b29efda7c7 Fix user with id 0 to be able to comment
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-26 11:50:33 +00:00
Robin Appelman 186c2474b7 catch exceptions that occur during logging
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-19 16:34:40 +00:00
Christoph Wurst 4e1f7f1c59 Fix l10n in federated file sharing
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-19 13:28:09 +00:00
Roeland Jago Douma ae4d01dfb0 Use the actual password to update the tokens
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 20:53:38 +00:00
Daniel Kesselberg 4cf30c82ee Add uid to delete temp token query
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-18 16:11:55 +00:00
Arthur Schiwon 358b8bebc6 set a storage availability delay on auth issues to avoid lock out
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 14:53:01 +00:00
Julius Härtl 64fe9bc287
Return the proper jailed path when requesting the root path
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-09-04 13:25:17 +02:00