Commit Graph

539 Commits

Author SHA1 Message Date
Roeland Jago Douma 0452877a67
Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +02:00
Julius Härtl 17579c6471
Add repair step to remove old dashboard app config
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-24 10:16:15 +02:00
Roeland Jago Douma 5340ab3a75
New SSE key format
* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-20 15:42:43 +02:00
Roeland Jago Douma b604d5232e
Merge pull request #22218 from nextcloud/enh/sse/make_legacy_cipher_opt_in
SSE: make legacy format opt in
2020-08-19 20:10:45 +02:00
Roeland Jago Douma 8928bbe969
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Joas Schilling 6f5f71d100
Update autoloader
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:21:02 +02:00
Morris Jobke 725fecee34
Merge pull request #21344 from nextcloud/fix/twofactor-cleanup-event
Emit an event for every disabled 2FA provider during cleanup
2020-08-13 07:25:01 +02:00
Morris Jobke 06eb230d24
Merge pull request #22135 from nextcloud/enh/noid/occ-preview-repair
Add occ preview:migrate to migrate previews from the old flat structure to a subfolder structure
2020-08-07 11:09:16 +02:00
Morris Jobke 438ac23e2a
Distribute preview folders in appdata in multibucket setup to multiple buckets
* introduces a new IRootMountProvider to register mount points inside the root storage
* adds a AppdataPreviewObjectStoreStorage to handle the split between preview folders and bucket number

Ref #22033

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:19:20 +02:00
Morris Jobke d8734b3b93
Add occ preview:migrate to migrate previews from the old flat structure to a subfolder structure
* `php occ preview:repair` - a preview migration tool that moves existing previews into the new location introduced with #19214
* moves `appdata_INSTANCEID/previews/FILEID` to `appdata_INSTANCEID/previews/0/5/8/4/c/e/5/FILEID`
* migration tool can be stopped during migration via `CTRL+C` - it then finishes the current folder (with the previews of one file) and stops gracefully
* if a PHP memory limit is set in the `php.ini` then it will stop automatically once it has less than 25 MiB memory left (this is to avoid hard crashes in the middle of a migration)
* the tool can be used during operation - possible drawbacks:
    * there is the chance of a race condition that a new preview is generated in the moment the folder is already migrated away - so the old folder with the newly cached preview is deleted and one cached preview needs to be re-generated
    * there is the chance of a race condition during access of a preview while it is migrated to the other folder - then no preview can be shown and results in a 404 (as of now this is an accepted risk)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:05:46 +02:00
Morris Jobke 3f1c48598d
Merge pull request #22112 from nextcloud/enh/noid/flow-entity-recreatable-state
Allow Flow entity state to be recreated
2020-08-06 09:36:32 +02:00
Julius Härtl 61cc356e0b
Fix php cs check
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-05 17:03:39 +02:00
Morris Jobke 6fbf8fceac
Merge pull request #22106 from nextcloud/feature/noid/user_status_api
Provide a PHP Api for UserStatus
2020-08-05 15:30:48 +02:00
Georg Ehrke 0e0e0d19e8
Provide a PHP Api for UserStatus
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-05 13:48:46 +02:00
Arthur Schiwon 6c1c9273c0
Enable Flow entities to recreate state if necessary
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-08-05 13:24:20 +02:00
John Molakvoæ (skjnldsv) 71b62c4203
Show mime icon, bump bundles, make the SearchResultEntry class non-abstract, Fix header search icon, various fixes
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-04 21:36:22 +02:00
Georg Ehrke 0fad921840
Add user-status app
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-07-31 16:45:27 +02:00
Joas Schilling 5993bd45f3
Correctly remove usergroup shares on removing group members
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-30 09:47:31 +02:00
Morris Jobke 7e28286e9d
Merge pull request #21542 from nextcloud/activity-notifications
basic settings system for activity notifications
2020-07-29 15:36:38 +02:00
Roeland Jago Douma e0cc95f3aa
Allow user backends to specify a custom logout url
* Allows SSO backends to do a global logout

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-23 10:42:40 +02:00
Robin Appelman 5eb1e75e24
build autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-21 19:26:59 +02:00
Morris Jobke 9ae75a3ca9
Merge pull request #21850 from nextcloud/techdebt/noid/register-alternative-logins
Allow to register AlternativeLogin on RegistrationContext
2020-07-20 14:20:03 +02:00
Christoph Wurst c889021334
Add a scoped PSR logger for apps
Just like for ILogger we should have a version that has the app ID
pre-set for the context (unless overwritten) so that each log entry can
be traced back to the app that produced it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-16 19:11:56 +02:00
Joas Schilling 0dfcc132ca
Allow to register AlternativeLogin on RegistrationContext
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-16 14:20:24 +02:00
Roeland Jago Douma 7d7ba61625
Add real events to load additionalscripts
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-15 14:07:18 +02:00
Julius Härtl 86a7d1641a
Update autoloader
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:24:52 +02:00
Julius Härtl 673d70dfc5
Add new dashboard public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:24:50 +02:00
Morris Jobke fb69d6d195
Merge pull request #21238 from nextcloud/techdebt/noid/deferrable-notification-apps
Allow notification apps to defer and flush the sending
2020-07-06 13:50:25 +02:00
Joas Schilling 3d559159f0
Allow notification apps to defer and flush the sending
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-03 16:44:43 +02:00
Christoph Wurst 4a3ea04baa
Callable parameter injection
This is like what we have to DI and classes, but for callables.

The motivating factor is to get rid of *service locators* in the `boot`
method of apps as a new pattern is about to emerge where we have lots of
`query` calls on the app or server container in order to fetch some
services.

With this little helper it's possible to call another (public) method
and magically have everything injected.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-03 14:37:46 +02:00
Roeland Jago Douma d53e005458
Merge pull request #21360 from nextcloud/root-storage-prevent-scanning
prevent the root storage from accidentally scanning user folders
2020-07-02 21:07:16 +02:00
Christoph Wurst 4488e846a5
Add unified search API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-24 14:20:25 +02:00
blizzz a899b4775d
Merge pull request #21475 from nextcloud/enh/noid/flow-event-dispatcher
flow to not use deprecated event dispatcher methods
2020-06-22 11:18:50 +02:00
Arthur Schiwon 3706eae777
flow to not use deprecated event dispatcher methods
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-06-19 23:03:07 +02:00
Christoph Wurst 69571fb536
Add dedicated API for apps' bootstrapping process
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 09:22:21 +02:00
Christoph Wurst 68794ebc92
Emit an event for every disabled 2FA provider during cleanup
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-16 14:38:33 +02:00
Christoph Wurst 3474afa938
Clean up auth tokens when user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-15 19:24:04 +02:00
Robin Appelman e9b5514186
prevent the root storage from accidentally scanning user folders
while this scan *should* never be triggered, it's good to have some failsafe to ensure
that the users home contents don't end up getting scanned in the root storage

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-11 15:41:33 +02:00
Roeland Jago Douma 72a8e15d3a
Merge pull request #20914 from nextcloud/enh/deprecated_event_log_usage
Log usage of a deprecated event instead of emitting
2020-06-04 19:19:02 +02:00
Roeland Jago Douma 6aa6ab3e02
Add lazy events for the Node API
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.

We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 12:35:45 +02:00
Morris Jobke e57bca31ad
Merge pull request #20005 from joeried/occ-remove-bruteforce-attempts-by-ip
Implement occ command to reset bruteforce attemps from a given IP address
2020-05-25 14:04:18 +02:00
Roeland Jago Douma 4dacbbd66d
Log usage of a deprecated event instead of emitting
This way we can track down what is being used and migrate them over. And
slowly kill the old way in a release or 2.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 14:56:35 +02:00
Roeland Jago Douma 12fa748c49
Move the notmodified check to middleware where it belongs
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-13 08:11:24 +02:00
Morris Jobke dee1d8737b
Merge pull request #20813 from nextcloud/lazy-folder
generalize the "lazy folder" concept
2020-05-12 14:25:22 +02:00
Roeland Jago Douma 203d7eb1d3
Add AppFramework GZip middleware to gzip responses
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-12 09:09:48 +02:00
Robin Appelman f7153a3d0c
generalize the "lazy folder" concept
makes it easy to use lazy intialized folder in other places

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-05-11 15:36:13 +02:00
Roeland Jago Douma 163463dea5
Add InitialState Appframework service
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-07 10:13:06 +02:00
Roeland Jago Douma 8a8623c569
Simple AppConfig wrapper for the AppFramework
9 out of 10 cases apps want to access their own appconfig. Hence it
would be nice not to have to enter the app id all the time. This simple
wrapper just passes on the appid in all calls.

Basically this allows for simpler code in the apps.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-02 15:34:28 +02:00
Morris Jobke 0bd79b96c5
Remove obsolete repair steps for logo and updater channel
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-04-24 09:57:52 +02:00
Roeland Jago Douma 6c603e8e7d
Move to subfolders for preview files
Else the number of files can grow very large very quickly in the preview
folder. Esp on large systems.

This generates the md5 of the fileid. And then creates folders of the
first 7 charts. In that folder is then a folder with the fileid. And
inside there are the previews.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-04-19 10:30:56 +02:00
Joas Schilling 5c0637bc90
Merge pull request #20138 from nextcloud/bugfix/noid/make-remote-checking-more-generic
Make remote checking more generic
2020-04-15 12:48:49 +02:00
Joas Schilling 5e402f8aae
Check all remotes for local access
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-04-14 18:56:06 +02:00
Robin Appelman c2677682c4
Return hashes of uploaded content for dav uploads
hashes are set in "X-Hash-MD5", "X-Hash-SHA1" and "X-Hash-SHA256" headers.

these headers are set for file uploads and the MOVE request at the end of a multipart upload.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-04-13 12:57:27 +02:00
Julius Härtl 6c0b6039cf
Bump autoloaders
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-04-08 16:31:20 +02:00
Christoph Wurst 547ba642c6
Merge pull request #18200 from nextcloud/enhancement/psr-logger
Add a PSR-3 logger adapter and make it injectable
2020-04-08 11:49:56 +02:00
Christoph Wurst 1e086064f5
Move legacy classes from PSR0 to PSR4
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-07 08:48:00 +02:00
Roeland Jago Douma f5919d5b83
Merge pull request #20033 from nextcloud/s3-seekable-stream
Enable fseek for files in S3 storage
2020-04-06 21:38:49 +02:00
Robin Appelman e22a28ecc2
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-04-03 16:27:20 +02:00
Joas Schilling bc6a5ef5c4
Merge pull request #19890 from nextcloud/enh/comments-reference-id
Add optional comments reference_id
2020-04-02 11:34:21 +02:00
Joas Schilling 1f5ba56235
Update autoloader
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-04-02 10:02:05 +02:00
Roeland Jago Douma 590849e4d7
Merge pull request #19858 from nextcloud/feature/webauthn
Add WebAuthn support
2020-03-31 22:55:13 +02:00
Roeland Jago Douma 53db05a1f6
Start with webauthn
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-31 22:17:07 +02:00
Roeland Jago Douma 84f3d2ddeb
[POC] Event for failed login attempts
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-03-31 21:41:02 +02:00
Christoph Wurst 1b4380aae8
Add a PSR-3 logger adapter and make it injectable
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-26 10:52:10 +01:00
Christoph Wurst b3e194f38e
Add a public event for contacts interaction
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 16:02:05 +01:00
Arne Hamann a16aa99586
Added Hook before Message is send
Signed-off-by: Arne Hamann <kontakt+github@arne.email>
2020-03-24 20:57:27 +01:00
Johannes Riedel 0c38569c83 Implement occ command security:bruteforceattemps:reset-for-ip
Signed-off-by: Johannes Riedel <joeried@users.noreply.github.com>
2020-03-19 16:20:22 +01:00
Christoph Wurst 150f39ed50
Update autoloaders for composer v1.10.1
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-19 09:48:49 +01:00
Roeland Jago Douma de34786303
Merge pull request #19493 from nextcloud/simplefile-new-lazy
Create SimpleFile only when writing the content
2020-02-28 16:07:02 +01:00
Joas Schilling 0f08acfe31
Merge pull request #19321 from nextcloud/enh/allow-to-overwrite-share-target-mountpoints
Allow to overwrite share target mountpoints
2020-02-28 13:41:13 +01:00
Roeland Jago Douma 245125d81b
Bump autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-28 12:55:35 +01:00
Daniel Kesselberg 9e699a8d21
Add event subscriber for transaction isolation level
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-02-21 09:59:08 +01:00
Joas Schilling 841f2f3b04
Allow to overwrite share target mountpoints
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-02-17 09:04:19 +01:00
Arthur Schiwon 46aaeb4561
log Flow activity
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-28 10:58:57 +01:00
Arthur Schiwon 5b18f684e7
add hub bundle for easy post-installation
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-26 21:23:42 +01:00
Christoph Wurst 60d4b45e89
Clean up 2FA provider registry when a user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-08 10:51:44 +01:00
Roeland Jago Douma 25d4f3230d
Use the new Events in Flow
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-02 16:40:49 +01:00
Roeland Jago Douma 3af63f1593
Merge pull request #18505 from nextcloud/bugfix/18481/avatars-always-return-201-status-code
Always set the generated flag to false when an avatar is being set
2019-12-22 14:26:23 +01:00
Joas Schilling e37af2d81c
Always set the generated flag to false when an avatar is being set
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-20 15:34:36 +01:00
blizzz 40684a5423
Merge pull request #18080 from nextcloud/enhancement/noid/add-timeout
adding timeout param
2019-12-20 12:16:32 +01:00
Roeland Jago Douma 3b8fbf129e
Merge pull request #18384 from nextcloud/fix/18255/global_config_to_always_accept
config.php setting to always accept internal shares
2019-12-16 09:50:45 +01:00
Roeland Jago Douma bb4264c565
config.php setting to always accept internal shares
Part of #18255

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-16 09:07:25 +01:00
Christoph Wurst b81b824da1
Add typed events for the filesystem/scanner
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 09:41:05 +01:00
Maxence Lange 9bdc5823ce +ManuallyLockedException
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-12-12 09:19:40 -01:00
Christoph Wurst 302558cfd2
Add a dedicated page for the recommended apps installation
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-12-12 08:13:01 +01:00
Roeland Jago Douma c71e9de5ff
Merge pull request #18350 from nextcloud/enhancement/typed-group-events-II
Add typed events for all group hooks and legacy events
2019-12-11 12:28:03 +01:00
Christoph Wurst 917f1807fd
Merge pull request #18348 from nextcloud/enhancement/typed-user-events-II
Add typed events for all user hooks and legacy events
2019-12-11 12:02:32 +01:00
Roeland Jago Douma 9a40ccfbf0
Merge pull request #18224 from nextcloud/bugfix/noid/direct-editing-path
Use file path for direct editing
2019-12-11 11:17:26 +01:00
Christoph Wurst 73fdb8e016
Add typed events for all group hooks and legacy events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-11 10:22:21 +01:00
Christoph Wurst d808f9c053
Add typed events for all user hooks and legacy events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-11 10:00:24 +01:00
Roeland Jago Douma 2b581814f3
Add interface for notification handler for dimissed events
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 10:02:24 +01:00
Daniel Kesselberg 0016480370
Decouple resource provider registration
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-07 22:04:07 +01:00
Julius Härtl e29a76bc79
Use file path for direct editing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-05 09:54:58 +01:00
Roeland Jago Douma 9fce87b2df
Merge pull request #17443 from nextcloud/enh/expired_token_on_invalid_pass
Throw an invalid token exception is token is marked outdated
2019-12-03 08:59:11 +01:00
Christoph Wurst cc80339b39
Add typed create user events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-03 08:03:57 +01:00
Roeland Jago Douma b371e735cf
Throw an invalid token exception is token is marked outdated
This avoids hitting the backend with multiple requests for the same
token. And will help avoid quick LDAP lockouts.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-02 18:57:13 +01:00
Arthur Schiwon b3749fbe16
add convenience interfaces so entities can provide presentable details
the File entity starts with a display text (used by talk)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-28 13:51:21 +01:00
Julius Härtl e52793c69e
Direct editing API to allow file editing using a one-time token for
mobile apps

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 14:36:20 +01:00
Roeland Jago Douma 0532f8116d
Merge pull request #18019 from nextcloud/enhancement/password-policy-events
Add typed events for password_policy
2019-11-27 11:11:17 +01:00
Christoph Wurst 1a886b1472
Add typed events for password_policy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00