Commit Graph

15995 Commits

Author SHA1 Message Date
Christoph Wurst d01905200a
Merge pull request #11433 from nextcloud/feature/all_lax_cookies2
Make authenticated cookies lax
2018-10-02 10:28:05 +02:00
Christoph Wurst 3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:28 +02:00
Christoph Wurst 40fdff5b80
Add QBMapper::insertOrUpdate()
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:27 +02:00
Nextcloud bot 77c6e41063
[tx-robot] updated from transifex 2018-10-02 00:12:55 +00:00
Christoph Wurst 45cf2eef56 Let 2FA providers provide their custom icons (dark/light)
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-01 21:02:49 +02:00
Roeland Jago Douma a95154642d
Emit event on enablign or disabling of 2FA provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +02:00
Morris Jobke 1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths
Dont use find to lookup binaries
2018-10-01 11:47:07 +02:00
Christoph Wurst 259c0ce11d
Add mandatory 2FA service/class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
Daniel Kesselberg d4dec43f8f
Dont use find to lookup binaries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
Roeland Jago Douma 9a7265babf
Make authenticated cookies lax
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.

It adds a small helper function.

In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-28 16:44:37 +02:00
Nextcloud bot db50e11edf
[tx-robot] updated from transifex 2018-09-28 11:14:08 +00:00
Roeland Jago Douma c9e93b8084
Compile contactmenu handlebars templates
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18

Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
Christoph Wurst f71ffc73db
Remove unused constructor argument
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Christoph Wurst 0259792614
Reduce settings manager complexity by loading sections via DI
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Nextcloud bot 2ace0df82a
[tx-robot] updated from transifex 2018-09-27 00:12:26 +00:00
blizzz ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
Nextcloud bot 2f45045c96
[tx-robot] updated from transifex 2018-09-26 00:12:23 +00:00
Morris Jobke ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
Roeland Jago Douma b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only
only catch QueryException when trying to build class
2018-09-25 16:21:55 +02:00
Christoph Wurst 7586b19e52
Only allow 2FA state changs if providers support the operation
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
Roeland Jago Douma 92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude
Copy the expiration from 480864b3e3 to …
2018-09-25 09:04:44 +02:00
Nextcloud bot bdb01064e2
[tx-robot] updated from transifex 2018-09-25 00:12:07 +00:00
blizzz 67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml
make the server ready to use global scale with SAML as auth back-end
2018-09-24 12:00:13 +02:00
Nextcloud bot 895bccd246
[tx-robot] updated from transifex 2018-09-24 00:12:14 +00:00
Nextcloud bot cce9f25d86
[tx-robot] updated from transifex 2018-09-23 00:12:30 +00:00
Nextcloud bot bd89af478e
[tx-robot] updated from transifex 2018-09-22 00:12:06 +00:00
Robin Appelman dccbdc8c01
only catch QueryException when trying to build class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-09-21 18:32:15 +02:00
Nextcloud bot 0211e17e3f
[tx-robot] updated from transifex 2018-09-21 00:12:08 +00:00
Joas Schilling f258e65f13
Also adjust the expiration of PublicKeyTokenProvider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:54:27 +02:00
blizzz 30dbbfbd45
Merge pull request #11292 from nextcloud/revert/9442/do-not-apcu-cache-the-autoloader
Revert "Use APCu caching of composer"
2018-09-19 19:39:00 +02:00
Joas Schilling 5e6187926f
Copy the expiration from 480864b3e3 to getTokenById
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-19 17:55:48 +02:00
Joas Schilling b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix
Use user locale as default in the template
2018-09-19 16:06:35 +02:00
John Molakvoæ (skjnldsv) 1e9ab0a367
Fix since tag
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:02:09 +02:00
Joas Schilling 40d185e928
Revert "Use APCu caching of composer"
This reverts commit 948ab8a4d0.

For details why see https://github.com/nextcloud/server/issues/11290
2018-09-19 15:47:01 +02:00
John Molakvoæ (skjnldsv) 3095ec4125 Fix icons cacher regex for compressed output
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 13:06:04 +02:00
Nextcloud bot 2a51572cc4
[tx-robot] updated from transifex 2018-09-17 00:12:30 +00:00
Daniel Kesselberg 90a9a1ecc6
Consider openssl settings from config.php
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 11:51:15 +02:00
Nextcloud bot 40bb45225a
[tx-robot] updated from transifex 2018-09-16 00:12:29 +00:00
Nextcloud bot 3771aeb584
[tx-robot] updated from transifex 2018-09-15 00:12:09 +00:00
Bjoern Schiessle bb86a8ca36
add back-end as parameter to the pre-login hook
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
Nextcloud bot 6112adfe06
[tx-robot] updated from transifex 2018-09-14 00:12:27 +00:00
Daniel Kesselberg 3b7ac0c94d
Change visibility to private
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
John Molakvoæ (skjnldsv) 92fbb6d795
Fallback to $lang if no $locale match
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-13 11:37:40 +02:00
Nextcloud bot 10351cb9da
[tx-robot] updated from transifex 2018-09-13 00:12:08 +00:00
blizzz f424fa706a
Merge pull request #11139 from nextcloud/feature/2fa-provider-activatable-deactivatable
[Mandatory 2FA] Add public interfaces for activable/deactivable 2FA providers
2018-09-11 16:36:49 +02:00
Nextcloud bot a94dc760e8
[tx-robot] updated from transifex 2018-09-11 00:12:22 +00:00
Daniel Kesselberg 603a578a1c
Change return false to throw new
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
Daniel Kesselberg 62c03beb1d
Extract logic for webroot into method and add test
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
Christoph Wurst 30c6130893
Add public interfaces for activable/deactivable 2FA providers
Fixes https://github.com/nextcloud/server/issues/11018.
Required for https://github.com/nextcloud/server/issues/11019.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-10 16:47:47 +02:00
John Molakvoæ (skjnldsv) 7d158c62ce
Typehint
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 11:17:03 +02:00