Commit Graph

122 Commits

Author SHA1 Message Date
Robin Appelman 2389e0f250
read lockdown scope from token
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
Lukas Reschke bc1008ac38
Use 11.0 instead 9.2
As discussed we're changing the version from 9.2 to 11.0 to make some more sense.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-15 14:45:58 +01:00
Christoph Wurst d907666232
bring back remember-me
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
Roeland Jago Douma 92dc9e6899
Avatar migration step
* Skip move avatar if avatars disabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Christoph Wurst ddb659dd90
increase core version number to trigger db ugprade and fix app manager tests 2016-09-05 08:51:13 +02:00
Lukas Reschke 8261ccce1b
Merge branch 'master' into implement_712 2016-08-11 19:37:17 +02:00
Arthur Schiwon 1eb8b951c2
more admin page splitup improvements
* bump version to ensure tables are created
* make updatenotification app use settings api
* change IAdmin::render() to getForm() and change return type from Template to TemplateResponse
* adjust User_LDAP accordingly, as well as built-in forms
* add IDateTimeFormatter to AppFramework/DependencyInjection/DIContainer.php. This is important so that \OC::$server->query() is able to resolve the
constructor parameters. We should ensure that all OCP/* stuff that is available from \OC::$server is available here. Kudos to @LukasReschke
* make sure apps that have settings info in their info.xml are loaded before triggering adding the settings setup method
2016-08-10 15:21:25 +02:00
Lukas Reschke 9fbdb0efe8 Merge pull request #529 from nextcloud/vendor-maintenance-downgrade
Allow downgrades of maintenance accross vendors
2016-08-10 00:25:53 +02:00
Vincent Petry 0c7c9a3b95
Adjust repair version check for unmerged shares 2016-08-03 10:16:28 +02:00
Joas Schilling 5c34346479
Allow downgrades of maintenance accross vendors 2016-07-22 14:51:43 +02:00
Joas Schilling 03cb588ea9 Merge pull request #500 from nextcloud/bump_version
Bump version
2016-07-22 10:03:42 +02:00
Joas Schilling ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Roeland Jago Douma 00b78262e6
Bump version 2016-07-21 14:44:52 +02:00
Lukas Reschke 2d52cc9fe0
10.0 beta it is 2016-07-21 00:32:43 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Robin Appelman 29eeeb2273 Save the files external mount id in the mount cache table 2016-07-13 16:34:08 +02:00
Daniel Molkentin c3b600b934 fix version string 2016-06-29 15:11:48 +02:00
Daniel Molkentin 4a43fbfb5e 9.1.0 RC 1 2016-06-29 15:09:40 +02:00
Vincent Petry 0ad065cb8d Repair step to adjust link share delete permissions 2016-06-24 09:48:48 +02:00
Christoph Wurst 0c0a216f42
store last check timestamp in token instead of session 2016-06-17 15:42:28 +02:00
Daniel Molkentin e133f7e147 ownCloud 9.1.0 beta 2 2016-06-08 11:31:12 +02:00
Christoph Wurst c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Victor Dubiniuk 6c70e847dd Add bzip2 to known mimetypes 2016-05-30 18:50:14 +03:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
C Montero-Luque ea6506ac1e 9.1.0 beta 1 2016-05-25 13:16:50 -04:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Vincent Petry b40c0bad96
Increase version for DB addition 2016-05-20 17:56:02 +02:00
Christoph Wurst c28e462583
Use CLOB for auth token names to allow long user agent strings 2016-05-12 11:19:17 +02:00
Christoph Wurst 18704a9fc8
increase version number to trigger db migration 2016-05-11 13:36:46 +02:00
Joas Schilling 8885cb1eb9 Increase all versions on master which is now 9.1 2016-03-02 08:53:42 +01:00
Lukas Reschke 933f60e314 Update author information
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Arthur Schiwon b3ac81f134 exchange user_id_key for a unique one. 2016-02-26 01:02:22 +01:00
Arthur Schiwon 9250704ecb add index definitions for comments tables 2016-02-24 21:48:12 +01:00
Joas Schilling 24c7f38a00 Make sure we can store strings as per the interface 2016-02-22 15:43:20 +01:00
C Montero-Luque 99051cdbe5 9.0.0 beta 2 2016-02-18 14:39:05 -05:00
C Montero-Luque c392cc2b8f 9.0.0 beta 1 2016-02-10 17:31:16 -05:00
Faruk Uzun 6ffd8f3e0d Introduce some mimetypes for richdocuments
* application/vnd.lotus-wordpro
* application/vnd.visio
* application/vnd.wordperfect
* application/msonenote
2016-02-04 13:48:21 +02:00
Roeland Jago Douma 2035a179bc Add store/retrieve checksums
* Add extra db column to filecache
* Bump version
* Update filecache code to actually handle checksum
* Webdav code to store/retrieve checksums
2016-02-03 09:03:51 +01:00
Arthur Schiwon 01cdc70f9c introduce comments read marke tables, comes with user cleanup after deletion 2016-01-29 13:08:02 +01:00
Vincent Petry 7d1416fe12 Increase version due to new tables 2016-01-22 11:04:04 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Roeland Jago Douma 6c77d1734e [Share 2.0] Update db structure to stay backwards compatible 2016-01-06 14:53:43 +01:00
Lukas Reschke 002e719789 Set "SetEnv" within base `.htaccess` file
mod_rewrite as used by the front controller may require a `RewriteBase` in case the installation is done using an alias. Since we cannot enforce a writable `.htaccess` file this will move the `front_controller_active` environment variable into the main .htaccess file. If administrators decide to have this one not writable they can still enable this feature by setting the `front_controller_active` environment variable within the Apache config.
2015-12-01 19:06:48 +01:00
Joas Schilling 3c5a6b829e Allow DI the system tag stuff without Application class 2015-11-30 17:08:29 +01:00
Roeland Jago Douma 5e8256beb8 [Sharing 2.0] Add a new db column for the file owner
We need to store the owner of a file in the db to do efficient queries
on the owner of a file. Without this we need to construct fill paths for
each file id in the table and see who the owner of a file is. Which does
not scale.
2015-11-25 13:17:02 +01:00
Morris Jobke 3778680f3f Drop unused tables principalgroups and principals
* was removed in 3e84f170e7
2015-11-05 08:40:21 +01:00
Lukas Reschke 8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Morris Jobke ee42e9d489 increase core version and add dav version number 2015-10-21 11:36:44 +02:00
Joas Schilling 6ca58cd856 Master is now 9.0.0 development 2015-10-14 07:40:06 +02:00
C Montero-Luque 58b8571454 8.2 RC1 2015-10-06 13:17:12 -04:00