Commit Graph

5183 Commits

Author SHA1 Message Date
Roeland Jago Douma e819e97829
Login flow V2
This adds the new login flow. The desktop client will open up a browser
and poll a returned endpoint at regular intervals to check if the flow
is done.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-25 07:24:50 +01:00
Daniel Kesselberg 36c51bc4f1
Parse multiple navigation items
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-22 15:57:14 +01:00
Joas Schilling 2cc4118629
Merge pull request #14066 from nextcloud/feature/noid/casted-system-values
Get typed system values
2019-02-22 11:54:20 +01:00
Joas Schilling b4902369fb
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-22 09:08:53 +01:00
Daniel Kesselberg bb2d8bafc9
Use contacts instead of logreader
Logreader is not distributed by app store because shipped by default.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:07 +01:00
Daniel Kesselberg 75b7d6ae4e
Add install logic for enable command
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:06 +01:00
Daniel Kesselberg 76b5f44f05
Strict Types, Return Types
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:06 +01:00
Daniel Kesselberg 03d3192638
Disable multiple apps at once
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:05 +01:00
Daniel Kesselberg 08907ee3e9
Enable multiple apps at once
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-19 21:03:00 +01:00
Roeland Jago Douma e7f0e8ba03
Merge pull request #14263 from nextcloud/publish-activity-app-token
Publish activity if app password created by ocs api or client login flow
2019-02-19 15:08:43 +01:00
Morris Jobke e20292f174
Merge pull request #14261 from nextcloud/show-warning-if-x-forwarded-set-with-empty-trusted-proxies
Warning if x-forwarded-host present but trusted_proxies empty
2019-02-19 10:31:57 +01:00
Morris Jobke 30e7d3e0e8
Merge pull request #14194 from nextcloud/bugfix/noid/correctly-determinate-owner-in-case-of-shared-external-storages
Correctly determinate the owner in case of shared external storages
2019-02-19 10:28:28 +01:00
Roeland Jago Douma d43095e17b
Merge pull request #14218 from nextcloud/enh/files_sharing_to_webpack
Move files_sharing additionalscripts over to webpack
2019-02-19 08:20:16 +01:00
Daniel Kesselberg c583c5e7e2
Emit event if app password created
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-18 17:47:43 +01:00
Joas Schilling f66c37bdb8
Correctly determinate the owner in case of shared external storages
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-18 10:57:12 +01:00
Daniel Kesselberg 600bc22297
Warning if x-forwarded-host present but trusted_proxies empty
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:53:06 +01:00
Daniel Kesselberg 149a98edf6
Publish activity for app token created by client login flow
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:49:54 +01:00
Daniel Kesselberg 2ade2bef8c
Publish activity for app token created by ocs api
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-17 23:37:22 +01:00
Roeland Jago Douma 104616c1da
Use CountWrapper instead of almost identical CountReadStream
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 13:24:58 +01:00
Roeland Jago Douma 0a4569dff7
Move files_sharing additionalscripts over to webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 12:33:04 +01:00
Roeland Jago Douma ea3fa78a85
Merge pull request #14167 from nextcloud/techdebt/noid/update-php-parser-for-7.1-compat
Update PHP-Parser for 7.1 compatibility
2019-02-14 21:23:42 +01:00
Roeland Jago Douma fc39b28549
Merge pull request #14186 from nextcloud/enh/systemtags_to_webpack
Move systemtags (app) to webpack
2019-02-14 21:17:50 +01:00
Roeland Jago Douma 843066b708
Fix AsyncBusTests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 20:04:17 +01:00
Roeland Jago Douma b6d327ee47
Merge pull request #13995 from nextcloud/feature/dont-call-get-repair-steps
Do not run getRepairSteps in register_commands
2019-02-14 19:51:39 +01:00
Morris Jobke cca08df976
Merge pull request #14160 from nextcloud/update-crl
Update CRL to contain revoked files_external_dropbox, passman & payback
2019-02-14 14:53:05 +01:00
Roeland Jago Douma fb1eb96730
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 12:17:57 +01:00
Daniel Kesselberg b14700c936
Use more precise regex
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 12:11:30 +01:00
Morris Jobke c804baaec5
Update CRL to contain revoked files_external_dropbox, passman & payback
* see https://github.com/nextcloud/app-certificate-requests/pull/221
* see https://github.com/nextcloud/app-certificate-requests/pull/219#issuecomment-463577509

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-14 11:49:35 +01:00
Daniel Kesselberg 7404c10666
Apply code style fixes from owncloud, revert regex
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 11:48:15 +01:00
Romain Rivière a5bc27c2a6
Fix test case
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:15 +01:00
Romain Rivière abb56c72e1
Exclude file name patterns; ignore gentoo webapp files
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:09 +01:00
Daniel Kesselberg e090973e64
Fix unit test
Null is not longer possible as value for $dispatcher.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-13 23:06:51 +01:00
Roeland Jago Douma d7495f89ab
Merge pull request #14170 from nextcloud/feature/update-app-password-activity
Show more information on app password update
2019-02-13 22:45:12 +01:00
Roeland Jago Douma 7f88654147
Move of files_versions to webpack
* Move CSS into bundle
* Old merged.json no longer needed!
* No need to load the style still

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-13 22:20:07 +01:00
Daniel Kesselberg 825200be07
Add test cases for rename / grant / revoke
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-13 20:57:54 +01:00
Roeland Jago Douma f1ea56b502
Fix the thorrtler whitelist bitmask
Before we actually didn't check each bit of the bitmask. Now we do.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-11 23:22:20 +01:00
Morris Jobke 34dc165132
Merge pull request #13097 from nextcloud/feature/11319/where-is-your-data
Where is your data?
2019-02-11 11:13:55 +01:00
Roeland Jago Douma b40603d250
Merge pull request #13702 from nextcloud/feature/6717/rename-app-passwords
Make it possible to rename app passwords
2019-02-08 08:34:54 +01:00
Morris Jobke baa6a2d52c
Merge pull request #13748 from nextcloud/cache-insert-event
add event for inserting cache entries
2019-02-07 16:35:02 +01:00
Morris Jobke 0e9903c420
Merge pull request #13969 from nextcloud/enh/additional_scripts_no_on_public_pages
No need to emit additonalscript event on public pages
2019-02-07 15:57:14 +01:00
Robin Appelman 0ccd970f9d
adjust tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-07 15:51:34 +01:00
Morris Jobke 94b1b1593b
Remove public interface that was only needed for testing
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-07 14:23:16 +01:00
Michael Weimann 2a8118e459
Switch guest avatars to PNG
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Michael Weimann bf1253cb49
Implement guest avatar endpoint
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Roeland Jago Douma b68567e9ba
Add StandaloneTemplateResponse
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-06 11:26:18 +01:00
Roeland Jago Douma d88604015a
No need to emit additonalscript event on public pages
There already is a separate event for this. This will make it possible
to only inject code with the logged in one on default rendered pages.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-05 20:59:36 +01:00
Daniel Kesselberg 850e67dea9
Don't update token if current session token
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-02 20:21:58 +01:00
Daniel Kesselberg db49e0fdae
Add canRename & name to tests
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-02 20:21:50 +01:00
Morris Jobke e5d8645f00
Merge pull request #13846 from nextcloud/feature/check-if-app-exist-for-group
Check app path for enableAppForGroups
2019-02-01 15:23:01 +01:00
Roeland Jago Douma ba03c1a84c
Merge pull request #13548 from nextcloud/feature/10964/app_tokens_activity
Publish event for app token create/update/delete
2019-02-01 14:56:45 +01:00
Roeland Jago Douma d182037bce
Emit to load additionalscripts
Fixes #13662

This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.

This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-31 12:11:40 +01:00
Daniel Kesselberg a687a657e8
Add test for destroy with invalid user
Some code cleanup
- willReturn instead of will(returnValue)
- Annotation for mocked objects

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 19:10:59 +01:00
Daniel Kesselberg f24fa2051d
Publish event for app token create/update/delete
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-30 19:10:53 +01:00
Christoph Wurst 0e6cb988a1
Add a key parameter to the new initial state API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-30 16:08:08 +01:00
Roeland Jago Douma 139055c1dd
Merge pull request #13880 from nextcloud/enh/expose_subadmin_to_ocp
Expose subadmin to OCP
2019-01-29 22:13:41 +01:00
Roeland Jago Douma 15abcff2a1
Expose subadmin to OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 20:47:35 +01:00
Roeland Jago Douma deb7d2364f
Merge pull request #13869 from nextcloud/enh/clean_pending_2fa_session_on_password_change
Clean pending 2FA authentication on password reset
2019-01-29 19:50:15 +01:00
Roeland Jago Douma ac8a6e2244
Clean pending 2FA authentication on password reset
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.

The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 13:08:56 +01:00
Roeland Jago Douma 0fd208a83b
Merge pull request #13866 from nextcloud/s3-multipart-uploader
always use multipart uploader for s3 uploads
2019-01-29 11:14:05 +01:00
Robin Appelman 1d322d3b37
always use multipart uploader for s3 uploads
the multipart uploader handles non seekable streams while `upload` does not

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-28 14:51:19 +01:00
Daniel Kesselberg c09ddf6c78
Check app path for enableAppForGroups
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-26 22:31:45 +01:00
Joas Schilling abd305eff5
Remove legacy activity stuff
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-24 16:52:38 +01:00
Morris Jobke ae25fd2389
Merge pull request #13217 from nextcloud/add-acceptance-tests-for-moving-and-copying-files
Add acceptance tests for moving and copying files
2019-01-23 18:48:21 +01:00
Roeland Jago Douma e3de4edc51
Urlencode the requesttoken
Followup of #13757

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 16:16:31 +01:00
Roeland Jago Douma ebd9f30d85
Request plain logout url
By requesting the plain logout url we allow it to be properly cached by
the caching router. We just add the requesttoken manually.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 14:06:03 +01:00
Roeland Jago Douma f2b118a256
Merge pull request #13747 from nextcloud/fix/honor_session_lifetime_if_remember_cookie_is_disabled
Honor remember_login_cookie_lifetime
2019-01-23 10:12:01 +01:00
Roeland Jago Douma e6333c8fe3
Honor remember_login_cookie_lifetime
If the remember_login_cookie_lifetime is set to 0 this means we do not
want to use remember me at all. In that case we should also not creatae
a remember me cookie and should create a proper temp token.

Further this specifies that is not 0 the remember me time should always
be larger than the session timeout. Because else the behavior is not
really defined.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 08:46:24 +01:00
Morris Jobke 90e985fe4f
Merge pull request #13739 from nextcloud/cache-cleanup-change
cleanup shared lock if changing to exclusive lock failed
2019-01-22 16:11:46 +01:00
Robin Appelman f69c2d1e84
cleanup shared lock if changing to exclusive lock failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-22 15:32:48 +01:00
Joas Schilling f8b74cf0a5
Allow resources via OCS as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-22 14:18:58 +01:00
Daniel Calviño Sánchez 374b02c7bc Add acceptance tests for copying files to the same folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:51:53 +01:00
Daniel Calviño Sánchez 42457c8b23 Add acceptance tests for moving and copying selections to another folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:36:13 +01:00
Daniel Calviño Sánchez 4fcabf167e Add acceptance tests for moving and copying files to another folder
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-01-22 12:27:06 +01:00
Roeland Jago Douma 66367797df
Fix template paramter
Else we get shown an error page instead of the correct 403.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-18 15:30:38 +01:00
Roeland Jago Douma f42115d6bb
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-15 15:53:44 +01:00
Morris Jobke 5a27e54f4b
Merge pull request #13032 from nextcloud/objectstore-write-exists
upload new files in objectstore to a .part path first
2019-01-14 11:26:29 +01:00
Michael Weimann 2cd3fd3dc2
Move server info to theming section
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-01-14 00:08:26 +01:00
Michael Weimann 813ff430f1
Implement storing and loading the server info
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-01-14 00:08:24 +01:00
Robin Appelman 615fb8cd77
Cache tokens when using swift's v2 authentication
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-13 19:59:48 +01:00
Christoph Wurst 01a6181d9f
Don't load old vendor files during jsunit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-09 15:02:00 +01:00
Roeland Jago Douma ad676c0102
Set default frame-ancestors to 'self'
For #13042

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-08 15:36:40 +01:00
Roeland Jago Douma 64244e1a4f
CSP: Allow fonts to be provided in data
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-07 15:07:06 +01:00
Roeland Jago Douma 8b0f5e02c7
Merge pull request #12621 from nextcloud/td/12224/cleanup_middleware_registering
Cleanup middleware registering
2019-01-07 10:48:41 +01:00
Roeland Jago Douma fe3d8ffc90
Merge pull request #13172 from nextcloud/fix-can-change-password-check
fix can change password check in case of encryption is enabled
2019-01-04 09:53:10 +01:00
Roeland Jago Douma 2d22633568
Merge pull request #13313 from nextcloud/feature/remove-outdated-caches
Remove check for outdated caches
2019-01-04 09:18:31 +01:00
blizzz 68952306aa
Merge pull request #10555 from nextcloud/bugfix/10518/only-check-added-items
Only enforce schema limits for supported apps
2019-01-03 14:18:13 +01:00
Roeland Jago Douma 54ff913de6
Cleanup middleware registering
Fixes #12224

Since we only use the middleware at 1 location it makes no sense to
register them in each and every container.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-03 11:50:01 +01:00
Thomas Citharel c9b588774b
Allow bracket IPv6 address format inside IPAdress Normalizer
When run with php's build-in server (for instance on localhost:8080), IP provided through $this->server['REMOTE_ADDR'] is [::1], which is not an acceptable format for \inet_pton. This removes the brackets if there's any.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-01-03 10:03:46 +01:00
Daniel Kesselberg 248e824f48
Remove check for outdated caches
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-02 10:46:14 +01:00
Daniel Calviño Sánchez 4566670fa3 Add acceptance tests for opening search results for comments
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-12-21 20:14:38 +01:00
Daniel Calviño Sánchez 1a887aaad0 Add acceptance tests for searching comments
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-12-21 20:14:16 +01:00
Roeland Jago Douma 03fe2b3b81
Use a case insensitive search for email
Fixes #7084
Now entering wrongly cased email (roeland@ instead of Roeland@) for
password reset etc. Will also work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-20 14:19:35 +01:00
Bjoern Schiessle 4b3308bf3f
fix can change password check in case of encryption is enabled
Admin should _not_ be able to change password when:
- if an encryption module is loaded and it uses per-user keys
- if encryption is enabled but no encryption modules are loaded

Admin should be able to change the password when:
- no encryption module is loaded and encryption is disabled
- encryption module is loaded but it doesn't require per user keys

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-12-20 12:28:40 +01:00
Roeland Jago Douma a0ce0824bd
Merge pull request #13116 from nextcloud/fix/only_trust_xforwardedhost_for_trusted_proxies
Only trust the X-FORWARDED-HOST header for trusted proxies
2018-12-19 09:47:44 +01:00
John Molakvoæ 6f994be665
Merge pull request #12766 from stalker314314/streaming-options
Expose Swift Mailer streaming options in config, fixes #12702
2018-12-18 07:53:45 +01:00
Branko Kokanovic 7cef9b0248 Addressing comments, array() to []
Signed-off-by: Branko Kokanovic <branko@kokanovic.org>
2018-12-17 23:34:55 +01:00
Roeland Jago Douma 514426e27d
Only trust the X-FORWARDED-HOST header for trusted proxies
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-17 15:54:45 +01:00
Joas Schilling 6788e6e75c
Merge pull request #12883 from nextcloud/appdata-performance
try to grab the appdata folder directly without going trough the whole tree
2018-12-17 15:11:28 +01:00
Joas Schilling 85a0e10b4f
Update the tests to the comparison logic
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-12-17 13:52:09 +01:00
Robin Appelman d6bf5d4384
upload new files in objectstore to a .part path first
This prevent the object store and cache from getting out of sync
when an objectstore silently fails or the php process get's killed
during the upload without giving us the chance to cleanup

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-12-12 15:24:40 +01:00