Commit Graph

12645 Commits

Author SHA1 Message Date
Thomas Müller e3a67d0505 Merge pull request #22320 from owncloud/files_external-crypt
encrypt passwords for files_external
2016-02-11 17:19:29 +01:00
Thomas Müller 4d24929e05 Merge pull request #22307 from owncloud/remove-notification-on-unshare-and-on-errors
Remove notification on unshare and on errors
2016-02-11 14:02:44 +01:00
Thomas Müller 26939a2873 Merge pull request #22290 from owncloud/dav-upload-scan-in-lock
scan the file in the write lock when uploading over dav
2016-02-11 14:02:08 +01:00
Robin Appelman 80eb1aada5 encrypt passwords for files_external 2016-02-11 14:00:08 +01:00
Thomas Müller 06af9b817e Merge pull request #22281 from owncloud/activity-100-unshare-activities
Add translations of unshare activities
2016-02-11 11:01:47 +01:00
Joas Schilling 31c9e047a8 Delete the notification when the owner unshares the remote before the user did anything 2016-02-11 10:41:55 +01:00
Joas Schilling 2263b8b693 Remove the notification if accepting/declining failed because of 404 2016-02-11 10:41:55 +01:00
Jenkins for ownCloud 5165998723 [tx-robot] updated from transifex 2016-02-11 01:55:35 -05:00
Vincent Petry f79fafcf06 Revert back to non-webdav download link for public URLs
Fixes issues with browsers not happy with the token.
Fixes activities which were not sent.
2016-02-10 19:09:52 +01:00
Thomas Müller 6b836325cf Merge pull request #22276 from owncloud/harden-updater-auth
Harden updater authentication
2016-02-10 17:31:38 +01:00
Thomas Müller 6ffb83ae19 Merge pull request #22269 from owncloud/issue-22243-avoid-deadlock-with-lots-of-entries-to-cleanup
Chunk the cleanup queries to make sure they don't time out
2016-02-10 17:26:11 +01:00
Thomas Müller 10613f7265 Merge pull request #22273 from owncloud/versions-fixpathasrecipient
Fix versions path as share recipient when different than owner path
2016-02-10 17:25:14 +01:00
Robin Appelman bef70e9448 also fix lock order for chunked dav uploads 2016-02-10 16:31:32 +01:00
Lukas Reschke 5680743c2b Harden updater authentication
- Reset tokens after 2 hours as discussed at https://github.com/owncloud/updater/issues/220#issuecomment-182033453
- Used BCrypt for storing the password in the config.php. This makes it substantially harder in case of a leakage of the token to bruteforce it. In the future we can evaluate also an HMAC including the IP. That's a bit tricker though at the moment considering that we support reverse proxies. Didn't feel brave enough to touch that dragon now as well ;)
2016-02-10 16:31:11 +01:00
Robin Appelman 65554ec333 scan the file in the write lock when uploading over dav 2016-02-10 16:21:13 +01:00
Joas Schilling 5dc63e34b4 Add translations of unshare activities 2016-02-10 15:42:48 +01:00
Thomas Müller 5c89cf9565 Merge pull request #22267 from owncloud/fix_encryption2
calculate and update the version of the encryption signature correctly
2016-02-10 15:14:52 +01:00
Thomas Müller 159a0eb597 Merge pull request #20073 from owncloud/files-should-add-download-disposition
Serve files with an attachment disposition for new DAV endpoint
2016-02-10 14:35:50 +01:00
Thomas Müller c4d2f6bb25 Merge pull request #22270 from owncloud/use-cache-directly
Use cache directly instead of QueryBuilder
2016-02-10 14:23:04 +01:00
Thomas Müller c1d21cf873 Merge pull request #22263 from owncloud/fix-group-principals
Fix group principal
2016-02-10 14:22:18 +01:00
Vincent Petry 1b9e291913 Use full path of known file when handling versions
Instead of relying on the versions API response, use the known file path
when populating version models.
2016-02-10 13:39:25 +01:00
Vincent Petry a6f997ddae Remove path from versions response
The path attribute contains the path relative to the owner's home
folder, not the one from the recipient, which is useless for the client
and needlessly discloses the owner's original path.

The requested already has access to the full path of the file, so no
need to add it to the response.
2016-02-10 13:38:38 +01:00
Bjoern Schiessle 9dc759b4dc remember signature version and only set it on update to make sure that other
apps like files_versions still get the old signature version
2016-02-10 13:27:32 +01:00
Joas Schilling 0ebb205010 Chunk the queries to make sure they don't time out 2016-02-10 13:04:37 +01:00
Lukas Reschke 762636efcd Use cache directly instead of QB
In case somebody does not use oc_filecache
2016-02-10 12:30:39 +01:00
Bjoern Schiessle 43ed86313c use the version of the original file if we write the part file to have a proper version if we move the file over to the original location 2016-02-10 11:08:03 +01:00
Thomas Müller 2e94d34dfd Fix group principal 2016-02-10 10:43:32 +01:00
Joas Schilling fa893762a2 Fix oracle by using less quotes 2016-02-10 08:40:45 +01:00
Joas Schilling 75d552b29e Listen to the notification event to reload the file list 2016-02-10 08:40:45 +01:00
Joas Schilling 65e1e4a202 Mark the accept button as primary 2016-02-10 08:40:45 +01:00
Joas Schilling c769f5775d Create the actions with the correct ID 2016-02-10 08:40:45 +01:00
Joas Schilling 31cf3b8288 Make sure the share ID is an integer 2016-02-10 08:40:45 +01:00
Joas Schilling cb8024ca14 Fix action paths 2016-02-10 08:40:45 +01:00
Joas Schilling 49dd693d8f Bring the messages inline 2016-02-10 08:40:45 +01:00
Joas Schilling a4a7cf40a1 Fix the notification API usage 2016-02-10 08:40:45 +01:00
Joas Schilling 3ff88c8c84 Revert "Disable the remote sharing notifications until they work properly"
This reverts commit 6bc93c7401.

Conflicts:
	apps/files_sharing/lib/external/manager.php
2016-02-10 08:40:44 +01:00
Jenkins for ownCloud 9ebcc4ce31 [tx-robot] updated from transifex 2016-02-10 01:56:05 -05:00
Lukas Reschke ca350294a6 Add tests for setVersion 2016-02-09 23:43:28 +01:00
Vincent Petry 45c78476f5 Use cache update instead of put for encryption version
Saves a call to fetch the file id which didn't even work for a reason.

This fix properly sets the version in the database.
2016-02-09 23:43:28 +01:00
Lukas Reschke 6724f76573 Use cache and add tests 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 377d7fb8a8 don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value 2016-02-09 23:43:27 +01:00
Bjoern Schiessle 966eb4b084 realPath should contain the path to the file we want to read, e.g. the version and not the original file 2016-02-09 23:43:27 +01:00
Lukas Reschke 5ccb9dfa7e Use database for keeping track of the version 2016-02-09 23:43:27 +01:00
Lukas Reschke 3badf5caf5 Use number of chunk for HMAC as well
Prevents switching single blocks within the encrypted file.
2016-02-09 23:43:26 +01:00
Lukas Reschke b5824f024a Keep track of file version
This way it is not possible anymore for an external storage admin to put up old versions of the file.
2016-02-09 23:43:26 +01:00
Lukas Reschke d5c1596887 Clarify documentation 2016-02-09 23:43:26 +01:00
Lukas Reschke 3b62459c41 Use hash with appended "a" of the original password for the authentication 2016-02-09 23:43:26 +01:00
Björn Schießle 9bb97c714b fixing unit tests 2016-02-09 23:43:26 +01:00
Lukas Reschke b9ff16498b Use random_bytes instead OpenSSL 2016-02-09 23:43:26 +01:00
Björn Schießle 61dd191253 meta data are at the end of the file 2016-02-09 23:43:25 +01:00