Commit Graph

10911 Commits

Author SHA1 Message Date
Christoph Wurst 99d525eb36
Convert 2FA token type to string
The IConfig service is documented to handle its data as strings, hence
this changes the code a bit to ensure we store keys as string and
convert them back when reading.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 14:09:37 +01:00
Morris Jobke 10214fbee0
Merge pull request #25214 from nextcloud/dependabot/composer/phpseclib/phpseclib-2.0.30
Bump phpseclib/phpseclib from 2.0.25 to 2.0.30
2021-01-21 10:25:02 +01:00
Robin Appelman d182043e83
explicitly set permissions on newly created folders
this works around any `umask` that might be set and limiting the folder permissions

Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-20 17:15:57 +01:00
Morris Jobke 4c81f5c4ad
Merge pull request #25212 from nextcloud/enh/preview-markdown
Enhance markdown file preview rendering
2021-01-20 15:02:41 +01:00
Morris Jobke 01f013661a
Fix typo in comment
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-20 15:02:32 +01:00
Julius Härtl aed1fde6fd
Enhance markdown file preview rendering
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-20 11:07:55 +01:00
Roeland Jago Douma fcbbcacab4 Also load CA properly in integrity check
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-20 10:57:41 +01:00
Roeland Jago Douma d751fedffb phpsec lib can't parse multiple certs in one go
So we have to split it manually and do it ourselves

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-20 10:57:41 +01:00
Joas Schilling 6c1e294edd
Compare and store the login name via the event
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-20 08:50:17 +01:00
Roeland Jago Douma 6d4afca7ac Add support for webp
Including handling in OC_Image
But also a preview provider

Of course only works if your php actually supports webp

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-19 20:17:10 +01:00
Roeland Jago Douma 0893bba369
Merge pull request #25153 from nextcloud/bugfix/noid/force-signature-verification-on-occ
Force signature verification of apps on occ
2021-01-19 09:35:52 +01:00
Joas Schilling 847aa08ebd
Don't log keys on checkSignature
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 16:09:06 +01:00
Joas Schilling 76c7356af9
Only use alphanumeric chars for mysql password
/ and + can cause problems with other tools that you might want to run on your Nextcloud database.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 12:03:52 +01:00
Joas Schilling 90c3013d40
Cleanup the constructor
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 11:32:50 +01:00
Joas Schilling f319660f60
Force run the verification of the signature on occ
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 11:32:50 +01:00
Damien Goutte-Gattat bedd9acf78 Fix comparison of PHP versions
Use the builtin function `version_compare` to check an app's
compatibility with the available PHP version, instead of reusing
the `OC\App\CompareVersion::isCompatible` method which is intended
to compare Nextcloud versions. PHP version strings do not always
necessarily follow the simple Major.Minor.Patch format used by
Nextcloud and therefore cannot be properly compared by that method.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2021-01-14 23:03:20 +00:00
Christoph Wurst b9287f9780
Merge pull request #25091 from nextcloud/enhancement/ocp-db-exception-abstraction
Add our own DB exception abstraction
2021-01-14 12:27:23 +01:00
blizzz f9ab7575e7
Merge pull request #25036 from nextcloud/fix/noid/limitied-allowed-items-db-in_2
respect DB restrictions on number of arguments in statements and queries
2021-01-14 11:36:42 +01:00
Christoph Wurst 2c9cdc1cdb
Add our own DB exception abstraction
Right now our API exports the Doctrine/dbal exception. As we've seen
with the dbal 3 upgrade, the leakage of 3rdparty types is problematic as
a dependency update means lots of work in apps, due to the direct
dependency of what Nextcloud ships. This breaks this dependency so that
apps only need to depend on our public API. That API can then be vendor
(db lib) agnostic and we can work around future deprecations/removals in
dbal more easily.

Right now the type of exception thrown is transported as "reason". For
the more popular types of errors we can extend the new exception class
and allow apps to catch specific errors only. Right now they have to
catch-check-rethrow. This is not ideal, but better than the dependnecy
on dbal.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-12 16:38:23 +01:00
Roeland Jago Douma e44f275cfe
Merge pull request #25088 from nextcloud/fix/allow_app_updates_again
Allow installing/updating of apps again
2021-01-12 14:34:21 +01:00
Roeland Jago Douma 41c80d6c19
Fix option in the client code itself as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-12 12:36:21 +01:00
Roeland Jago Douma 9b58a027e3
Allow installing/updating of apps again
The Guzzle API changed. We shall now use sink

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-12 10:51:41 +01:00
Johannes Leuker ac88bcbd5f Add 'allow Symlinks' as an option to config.php
Signed-off-by: Johannes Leuker <j.leuker@hosting.de>
2021-01-12 10:38:39 +01:00
blizzz 7cdc7adf59
Merge pull request #25038 from nextcloud/bugfix/noid/install-mysql8-with-php8
Don't try a transaction for the migrator on MySQL
2021-01-11 18:07:11 +01:00
Roeland Jago Douma fdd111924f
Merge pull request #25039 from nextcloud/fix/libxml-use-internal-errors-deprecated
Only use libxml_disable_entity_loader on php older than 8
2021-01-11 16:14:38 +01:00
Morris Jobke 8f614acade
Merge pull request #25034 from nextcloud/bugfix/noid/load-authentication-for-app-upgrades
Make sure to do priority app upgrades first
2021-01-11 14:44:10 +01:00
Morris Jobke 5ed673e5eb
Merge pull request #25073 from nextcloud/psalm/24521/remove-unneeded-casts
Remove unneeded casts that were found by Psalm
2021-01-11 14:15:16 +01:00
Arthur Schiwon f9484d15cb
DB: warn on parameter number constraints
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-11 13:43:34 +01:00
Morris Jobke 24d436cb60
Remove unneeded casts that were found by Psalm
In preparation of the update of Psalm from 4.2.1 to 4.3.1+ (see https://github.com/nextcloud/server/pull/24521)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-11 13:14:41 +01:00
Christoph Wurst c3cb288268
Bump scssphp/scssphp from 1.0.3 to 1.4.0
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-11 12:41:25 +01:00
Christoph Wurst f8efab7c85
Only use libxml_disable_entity_loader on php older than 8
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 16:33:46 +01:00
Joas Schilling 3cdfe7b0f4
Don't try a transaction for the migrator on MySQL
As per https://dev.mysql.com/doc/refman/8.0/en/implicit-commit.html
CREATE TABLE statements automatically commit always. The only reason
this worked in the past was that PHPs PDO connection didn't check the
actual state on commit, but only checked their internal state.
But in PHP8 this was fixed:
https://github.com/php/php-src/blob/PHP-8.0/UPGRADING#L446-L450
So now commit() fails because the internal PDO connection implicitly
commited already.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-08 16:25:40 +01:00
Christoph Wurst 81302f78e5
Merge pull request #24948 from nextcloud/dependabot/composer/doctrine/dbal-3.0.0
Bump doctrine/dbal from 2.12.0 to 3.0.0
2021-01-08 14:58:43 +01:00
Morris Jobke aeb32e1bc8
Merge pull request #22992 from nextcloud/password-urlencode
allow authenticating using urlencoded passwords
2021-01-08 14:34:01 +01:00
Julius Härtl f31edf1544
Make sure to do priority app upgrades first
Otherwise those apps might not be loaded when the others app migrations
are running. The previous loading of authentication apps in the upgrade
step never worked as it just returns in maintenance mode

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-08 12:27:54 +01:00
Morris Jobke dc00c8ac31
Remove "primary" option from schema builder argument $options as it is not used anymore and triggers an exception
See 138eb85234 (diff-300f55366adb50a32a40882ebdc95c163b141f64cba5f45f20bda04a907b3eb3L82)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-08 11:45:19 +01:00
Christoph Wurst 8b64e92b92
Bump doctrine/dbal from 2.12.0 to 3.0.0
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 11:45:19 +01:00
Roeland Jago Douma d13f2d984f
Merge pull request #25015 from nextcloud/fix/no-double-intl-polyfill
Replace patchwork/utf8 with symfony-polyfill-*
2021-01-08 08:25:31 +01:00
Roeland Jago Douma 645e3e6d7e
Merge pull request #25021 from nextcloud/enhancement/occ-install-exception-trace
Print an exception trace for setup exceptions
2021-01-08 08:22:50 +01:00
Morris Jobke 1e3c071aa5
Merge pull request #24892 from nextcloud/fix/use-symfony-dispatcher-correctly
Use the Symfony dispatcher correctly
2021-01-07 21:42:44 +01:00
Christoph Wurst 287c26bda3
Replace patchwork/utf8 with symfony-polyfill-*
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-07 21:22:41 +01:00
Morris Jobke 171373a944
Merge pull request #24989 from nextcloud/scanner-ignore-non-readable
ignore files that have no read permissions during scanning
2021-01-07 21:10:53 +01:00
Morris Jobke d0ac76a77c
Add more previous exceptions to database setup code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-07 21:04:11 +01:00
Christoph Wurst f1921364d6
Print an exception trace for setup exceptions
Right now any setup error will just result in the exception message
being printed. In some cases this doesn't give any insights into what
went wrong. This adds some dedicated logic to print the exception trace
and any previous exceptions to the CLI.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-07 20:11:25 +01:00
Roeland Jago Douma 317118ef79
Catch throwable instead of exception
The error that gets thrown can also be a type error etc. So we should
properly catch the Throwable.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-07 14:32:26 +01:00
Roeland Jago Douma f552f23e43
Merge pull request #25003 from nextcloud/psalm/noid/phpdoc-fix-return-type
Fix return types for Archive::getStream
2021-01-07 13:31:24 +01:00
Morris Jobke 59ae722087
Fix warning in PHP 8 about optional parameter before mandatory one
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-07 12:43:56 +01:00
Morris Jobke a39bd18654
Fix return types for Archive::getStream
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-07 12:38:41 +01:00
Robin Appelman c374bbf14d
allow authenticating using urlencoded passwords
this allows authenticating with passwords that contain non ascii-characters in contexts that otherwise do not allow it (http basic)

Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-07 10:43:43 +01:00
Robin Appelman 205386b24e
ignore files that have no read permissions during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-06 17:27:31 +01:00