Commit Graph

16990 Commits

Author SHA1 Message Date
Julius Härtl 22b81ac1e4
Fix permission check on incoming federated shares
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma 1d8b09aa86
Merge pull request #16616 from nextcloud/dep/setEvalScript
setting unsafe-eval is deprecated
2019-07-31 11:01:38 +02:00
Nextcloud bot 3f8f0f7609
[tx-robot] updated from transifex 2019-07-31 02:16:00 +00:00
Roeland Jago Douma 417fbb5d60
setting unsafe-eval is deprecated
This will be removed in a future version of Nextcloud.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-30 16:27:38 +02:00
Joas Schilling d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma 135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Nextcloud bot 74eb2894a7
[tx-robot] updated from transifex 2019-07-30 02:14:45 +00:00
Morris Jobke e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma ba60fafb9a
Add proper PostLoginEvent
This can be used by othr mechanisms to listen for this event in a lazy
fashion.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke 98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Morris Jobke e45fb5fa3e
Fix typo in comment
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 14:55:43 +02:00
Roeland Jago Douma 51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
Split up security middleware
2019-07-29 12:13:55 +02:00
Morris Jobke ec7e837d6a
Merge pull request #16563 from nextcloud/enh/lostcontroller/better_exceptions
Use proper exception in lostController
2019-07-29 10:42:36 +02:00
Roeland Jago Douma 173d95c904
Merge pull request #16581 from nextcloud/dep/strict_csps_can_go
No need to have these classes we tighten the default CSP from time to time
2019-07-29 10:40:38 +02:00
Roeland Jago Douma fb78cd3ed8
Merge pull request #16570 from nextcloud/enh/supress_touch_error
Supress warnings touch can generate
2019-07-29 10:39:46 +02:00
Nextcloud bot 57f2ea22c7
[tx-robot] updated from transifex 2019-07-29 02:14:59 +00:00
Nextcloud bot b481750d00
[tx-robot] updated from transifex 2019-07-28 02:15:26 +00:00
Roeland Jago Douma b6dd2ebd39
Use proper exception in lostController
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.

This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
Roeland Jago Douma 37a4282c7a
Split up security middleware
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.

I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Roeland Jago Douma cd243b0876
No need to have these classes we tighten the default CSP from time to
time

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 14:59:48 +02:00
Roeland Jago Douma 9ef23e2362
Merge pull request #16558 from nextcloud/enh/less_verbose_locked_logging
Do not log all locked exceptions
2019-07-27 10:39:11 +02:00
Nextcloud bot 2827b0ba31
[tx-robot] updated from transifex 2019-07-27 02:14:37 +00:00
Roeland Jago Douma 1cc8a2f5d2
Supress warnings touch can generate
We already catch the result value. Having the warning being logged
explicitly doesn't help and polutes the log.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 17:26:59 +02:00
Morris Jobke 2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Roeland Jago Douma cdc43cd39b
Merge pull request #16456 from nextcloud/dep/searchByTag
Remove deprecated searchByTag
2019-07-26 15:07:04 +02:00
Roeland Jago Douma 4cc41cb4c7
Do not log all locked exceptions
This can happen for valid reasons (multiple users writing at the same
time) with for example the text app. Apps should properly handle it. No
reason to log it by default.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 14:55:13 +02:00
Arthur Schiwon 78201bcb72
treat sensitive config keys by pattern
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma 323f40a493
Merge pull request #16461 from nextcloud/fix/noid/pgsql-version
fixes the check for postgresql
2019-07-26 12:32:04 +02:00
Roeland Jago Douma 0487144b26
Remove deprecated searchByTag
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Nextcloud bot 0e54f59b24
[tx-robot] updated from transifex 2019-07-26 02:14:42 +00:00
Nextcloud bot 569cf31cd6
[tx-robot] updated from transifex 2019-07-25 02:14:40 +00:00
Julius Härtl e43b341b04
Add additional check for read permissions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Julius Härtl 3674f6fa2d
Check the if we can actually access the storage cache for recent files
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Joas Schilling 7d3a349d8f
PHPStorm code cleanup
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 10:39:57 +02:00
Joas Schilling 3b334169a8
Get the topmost parent for the parent instead of doing endless recursion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 10:39:22 +02:00
Roeland Jago Douma 41f97411ac
Merge pull request #16505 from nextcloud/enh/nitpicks-14954
Dont assign $options to $options and cleanup doc
2019-07-23 19:57:10 +02:00
Morris Jobke d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Nextcloud bot 9a61d5fb72
[tx-robot] updated from transifex 2019-07-23 02:15:28 +00:00
Daniel Kesselberg 77c09252d5
Dont assign $options to $options and cleanup doc
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-22 18:48:47 +02:00
Morris Jobke 3a6d8174a9
Merge pull request #16450 from nextcloud/tech-debt/noid/cleanup-unused-OC_API-methods
Removes unused OC_API::register
2019-07-22 16:04:01 +02:00
Morris Jobke 9563c78674
Merge pull request #16495 from nextcloud/fix/16378-cannot-get-key-from-parameter
Pass $configargs to openssl_pkey_export
2019-07-22 13:22:53 +02:00
Morris Jobke 54bcd86db7
Adjust deprecation tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-22 12:06:16 +02:00
Nextcloud bot a024dcfc81
[tx-robot] updated from transifex 2019-07-22 02:15:59 +00:00
Daniel Kesselberg 608f4d3ee9
Pass $configargs to openssl_pkey_export
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 22:21:59 +02:00
Daniel Kesselberg 8bed3021bd
Exclude .rnd files from integrity check
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Nextcloud bot 9249a810fb
[tx-robot] updated from transifex 2019-07-21 02:15:10 +00:00
Nextcloud bot 602a48c411
[tx-robot] updated from transifex 2019-07-20 02:14:33 +00:00
Morris Jobke a085a88205
Merge pull request #14954 from tacruc/searchPatterns
Allow to search for real pattern in contacts
2019-07-19 18:03:37 +02:00
Nextcloud bot d35f4a7645
[tx-robot] updated from transifex 2019-07-19 02:14:56 +00:00
Morris Jobke baff2ccdba
Merge pull request #16452 from nextcloud/bug/noid/error-with-exception-on-ssl-error
Error with exception on SSL error
2019-07-18 20:51:30 +02:00
Morris Jobke 4ae17427c5
Error with exception on SSL error
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 18:50:44 +02:00
Arthur Schiwon 8b1126e6d2
fixes the check for postgresql
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-18 18:34:10 +02:00
Roeland Jago Douma 057e88e9e7
Merge pull request #16380 from Dreamsorcerer/patch-1
Allow use of server var for CSP nonce
2019-07-18 15:33:15 +02:00
Sam Bull ea935f65fd
Add support for CSP_NONCE server variable
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.

Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
Morris Jobke 55d8c3db3e
Reduce indirection in AppManager
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 11:33:58 +02:00
Morris Jobke 605d0874a4
Removes unused OC_API::register
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 11:27:09 +02:00
Morris Jobke 48653d1a27
Merge pull request #16440 from marcelklehr/fix/objectstorage-put-contents
Fix File#putContents(string) on ObjectStorage
2019-07-17 22:38:41 +02:00
Morris Jobke 5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
Notifications overhaul
2019-07-17 20:22:03 +02:00
Morris Jobke 782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
Marcel Klehr d46744e2f1 Fix File#putContents(string) on ObjectStorage
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2019-07-17 14:58:56 +02:00
Morris Jobke 223a91d5ef
Merge pull request #16416 from nextcloud/enh/log-details
Move log detail aggregation and reuse it in syslog/systemd logger
2019-07-17 11:43:32 +02:00
Julius Härtl 07bbec3355
Move log detail aggregation to separate class and reuse it in syslog/systemd logger
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-17 08:45:55 +02:00
Roeland Jago Douma 4a52d933b6
Merge pull request #16424 from nextcloud/fix/do_not_keep_searching
Do not keep searching for recent
2019-07-17 07:46:47 +02:00
Morris Jobke 99f2c82222
Properly inject the logger
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
Roeland Jago Douma 8ca2b31804
Do not keep searching for recent
If userA has a lot of recent files. But only shares 1 file with userB
(that has no files at all). We could keep searching until we run out of
recent files for userA.

Now assume the inactive userB has 20 incomming shares like that from
different users. getRecent then basically keeps consuming huge amounts
of resources and with each iteration the load on the DB increases
(because of the offset).

This makes sure we do not get more than 3 times the limit we search for
or more than 5 queries.

This means we might miss some recent entries but we should fix that
separatly. This is just to make sure the load on the DB stays sane.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-16 19:14:55 +02:00
Joas Schilling 594efca1e3
Update since to the correct version
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 16:58:38 +02:00
Maxence Lange 462c293111 fix phpdoc
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-16 13:47:58 -01:00
Maxence Lange 8bafd67c1f set and complete the searched string
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-16 11:22:33 -01:00
Joas Schilling 565838da9c
Update unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
Joas Schilling c3ef1cd90d
Update autoloader
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:17:51 +02:00
Joas Schilling 55f5bc79a1
Keep the old method as a fallback and adjust the tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
Oliver Salzburg 392a4dd68a
Use specific privileges when creating admin
Using the ALL shorthand can cause problems when not all privileges are available to the user.
For example, AWS RDS MariaDB/MySQL will not grant the initial user account on an instance the SUPER privilege.
While the user account is still valid for pretty much any task on the DB instance, it can not use the ALL shorthand when granting privileges to new users.
By supplying a specific set of privileges, we work around this limitation without sacrificing functionality.

Closes #16139

Signed-off-by: Oliver Salzburg <oliver.salzburg@gmail.com>
2019-07-16 10:26:25 +02:00
Roeland Jago Douma d0e1bcc1d0
Merge pull request #15606 from nextcloud/fix/15605/add-catch-for-runtime-exception
Add catch for RuntimeException
2019-07-16 08:05:11 +02:00
Morris Jobke cbecc1f8cf
Log RuntimeException in CleanupCardDAVPhotoCache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-15 22:26:08 +02:00
Morris Jobke 03ad858841
Merge pull request #14228 from nextcloud/feature/noid/add-metadata-etag
Add DB table to extend filecache with metadata etag, creation  and upload time
2019-07-15 21:37:25 +02:00
Roeland Jago Douma a3deb21bf4
Merge pull request #16334 from nextcloud/feature/noid/enterprise-logo
Add enterprise logo
2019-07-15 20:31:06 +02:00
Morris Jobke 60dcb1800c
Add DB table to extend filecache with metadata etag, creation time and upload time
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-15 16:58:44 +02:00
Morris Jobke b732f51c10
Add enterprise logo
Also set it as theming logo if the subscription is valid.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-15 16:45:53 +02:00
Joas Schilling 64f67818bc
Fix new core notifier
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:14:58 +02:00
Joas Schilling 865c12aa0e
Fix detection of Notifiers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:43 +02:00
Joas Schilling f376b9fea7
Fix creation of the Manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:42 +02:00
Joas Schilling 9690b3153a
Change how Notifiers and Apps are registered
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:42 +02:00
Joas Schilling 9b288cda6d
Make all interfaces strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:40 +02:00
Morris Jobke 1e5fadcdf1
Merge pull request #16399 from nextcloud/improvement/noid/fulltextsearch-simple-queries
[nc17] add SimpleQueries to FullTextSearch
2019-07-15 10:18:04 +02:00
Maxence Lange cb91b3ce3e addsubtag should push to array
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-14 19:17:55 -01:00
Maxence Lange 1e2518d7f9 new model to manage some simple queries
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fixing issue in addSubTag()

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fix const

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
autoload

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Revert "fixing issue in addSubTag()"

This reverts commit a9ab2ab91b98133c69272f27ea1b51594719e241.

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
syntax

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-14 19:07:28 -01:00
Roeland Jago Douma f8aeef7ae9
Lock SCSS so we only run 1 job at a time
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
Roeland Jago Douma c193c0d466
Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentions
Allow guest mentions of talk to be parsed
2019-07-12 10:35:54 +02:00
Nextcloud bot 951f16da65
[tx-robot] updated from transifex 2019-07-12 02:15:00 +00:00
Roeland Jago Douma 74be0cf982
Merge pull request #16361 from nextcloud/bugfix/noid/drop-foreignkey-on-owncloud-migration
Drop foreignkey on owncloud migration
2019-07-11 19:40:04 +02:00
Morris Jobke 79e0b5c4ce
Merge pull request #15514 from nextcloud/feature/noid/add-enterprise-channel
Update channels for updater server
2019-07-11 12:42:34 +02:00
Joas Schilling 0d4ca0e754
Drop foreign key before trying to drop the accounts table
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 12:14:25 +02:00
Morris Jobke 39c28bd05b
Enterprise update channel
Allows to select the enterprise update channel for instances that have a valid subscription.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-10 16:19:34 +02:00
Joas Schilling 77918356d6
Allow guest mentions of talk to be parsed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-10 15:33:10 +02:00
Roeland Jago Douma e953205908
Use HTTP1.1 to read S3 objects
Some of the READs otherwise use HTTP/1.0 which is not always supported
by all backends. HTTP/1.1 is there since 1999 way longer than S3 so safe
to assume it is always there IMO.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-10 11:42:22 +02:00
Christoph Wurst d058ef2b6c
Make it possible to wipe all tokens/devices of a user
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
Christoph Wurst 1c261675ad
Refactor: move remote wipe token logic to RW service
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
Roeland Jago Douma 761c961b52
Merge pull request #16307 from nextcloud/bugfix/noid/previewv1adapter-isAvailable
Fix ProviderV1Adapter isAvailable wrapper
2019-07-09 13:37:07 +02:00
Roeland Jago Douma 027486e27d
Merge pull request #15867 from nextcloud/preview-versioning
allow keeping multiple preview "versions" of the same file
2019-07-09 11:06:44 +02:00
Julius Härtl 5030d15e25
Fix ProviderV1Adapter isAvailable wrapper
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-09 11:02:20 +02:00