750196aa7f
public interfaces FullTextSearch
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-@return mixed
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interfaces-fulltextsearch-2' into interfaces-fulltextsearch-2
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 18:24:15 +01:00
abbb946bbb
Propegate hide download state in share provider
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
bc960bae02
Extend IShare to show hide download state
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
81f37401f9
Add db column to store hide download state
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
c1698948b8
Merge pull request #12130 from nextcloud/fix/reset_bruteforce_oauth
...
Reset bruteforce on token refresh OAuth
2018-10-30 14:26:50 +01:00
5a73a9b9de
Fix injection to get the user id
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 11:41:56 +01:00
75456b057d
Reset bruteforce on token refresh OAuth
...
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.
This resets the brute force attempts for that UID on a valid refresh of
the token.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 11:21:27 +01:00
dccfe4bf84
Merge pull request #12036 from olivermg/master
...
Add capability of specifying "trusted_proxies" entries in CIDR notation (IPv4)
2018-10-30 10:49:08 +01:00
a0d759b324
Add uuid/name entry to Remote/MailPlugin tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
cb463d73d5
Add name field to mail and remote results
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
7a65779316
Add local share if remote cloud id matches a local user ones
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
61af607525
Make enhancing entries with type property optional
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
870e01518d
Add type to Remote and Mail plugins
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:34 +01:00
a1c6e44700
Add collaborators uuid to properly render the avatar and for later grouping
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
d7caf841df
Filter out generic remote result for local users
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
ce79e587e4
Filter out local users from address book remote searches
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
c9e6a99637
Merge pull request #12085 from nextcloud/add-gss-to-excluded-backends
...
add global site selector as user back-end which doesn't support password confirmation
2018-10-30 10:16:07 +01:00
401ca28f07
Adding handling of CIDR notation to trusted_proxies for IPv4
...
Signed-off-by: Oliver Wegner <void1976@gmail.com>
2018-10-30 09:15:42 +01:00
13fe7b6fc1
Merge pull request #11627 from nextcloud/feature/noid/cli-remove-app
...
Add occ app:remove CLI command
2018-10-30 00:35:45 +01:00
0999f07964
Merge pull request #12052 from nextcloud/bugfix/11594/fix-setup-check-trusted-proxies
...
Fix setup check trusted proxies
2018-10-29 23:38:37 +01:00
963d968f06
Merge pull request #12113 from nextcloud/fileinfo-getextension
...
Add getExtension() to FileInfo
2018-10-29 17:23:27 +01:00
e5c3e4b76f
Add getExtension() to FileInfo
...
this is a fairly common operation so it makes sense to prevent having
to repeatedly implement it.
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-29 15:24:02 +01:00
34a71f57fc
Fix tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 13:06:55 +01:00
aec0a6c096
Fix icon cacher url matching
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 12:09:30 +01:00
18fef12721
[tx-robot] updated from transifex
2018-10-29 01:13:07 +00:00
85d9f06cb8
add global site selector as user back-end which doesn't support password confirmation
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-27 15:43:51 +02:00
0092e3adec
[tx-robot] updated from transifex
2018-10-27 00:12:35 +00:00
aff53d6e34
[tx-robot] updated from transifex
2018-10-26 00:12:48 +00:00
986f4df2a5
Add REMOTE_ADDR to getHeader
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-25 22:26:49 +02:00
ed11811dbe
implementing files_fulltextsearch within core
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-25 18:17:52 +02:00
d21ded67a7
Keep list of icons in a separate file for use in the accessibility app
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 12:16:10 +02:00
0b2ef7e608
Remove default which didn't work
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
152fb08288
Properly track data urls as well
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
845f1b67d5
Directly embed icons into the icon-vars css file
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
0fb070b5b4
Allow chunked uploads even if your quota is not sufficient
...
Fixes #11485
This allows uploads to shared folders.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-24 20:29:00 +02:00
d76a87f3b0
skip already decrypted files on decrypt all command
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-24 16:53:39 +02:00
f47f5ad0ea
Allow property filters to be null
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:54:01 +02:00
86f29ffdbc
Register IAccountManager as a service
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:53:43 +02:00
3b3824c486
Use empty string instead of null
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-24 12:53:18 +02:00
4ad27260a9
Merge pull request #11439 from nextcloud/trash-modular-api
...
Modular trashbin api
2018-10-23 17:11:16 +02:00
a9fb21f9fc
[tx-robot] updated from transifex
2018-10-23 14:54:28 +00:00
39338aaa67
Merge pull request #11914 from nextcloud/csp/report-uri
...
Add report-uri to CSP
2018-10-23 16:42:24 +02:00
92b5b54fa6
Merge pull request #11966 from nextcloud/csp/safari12-support
...
Add nonce for Safari 12+
2018-10-23 16:22:58 +02:00
171fe69db7
Merge pull request #11932 from nextcloud/font-nunito
...
Change typeface to Nunito
2018-10-23 15:14:10 +02:00
a11bef25a2
Merge pull request #11964 from nextcloud/bug/11919/do_not_always_fallback
...
Forwarded ExpiredTokenException
2018-10-23 15:07:19 +02:00
782927a05f
fixup! Fix comment and cap-height
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 14:30:23 +02:00
1fb885638e
Fix comment and cap-height
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 14:22:55 +02:00
354b72b9d3
Use correct typeface for avatar generator
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-10-23 13:13:35 +02:00
3259d427ee
Use correct typeface for txt previews
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-10-23 13:13:21 +02:00
2a17281cb6
Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
...
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-22 11:02:25 +02:00
0fdc65a15c
Add nonce for Safari 12+
...
As far as I can tell this should work now.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 20:48:12 +02:00
34f5f4091e
Catch more occurences where ExpiredTokenException can be thrown
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 14:37:08 +02:00
b3a92a4e39
Expired PK tokens should not fall back to legacy tokens
...
Fixes #11919
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 14:34:29 +02:00
579822b6a5
Add report-uri to CSP
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 13:38:32 +02:00
a1ea504edf
Merge pull request #11711 from nextcloud/feature/backgroundjobs_ocp
...
Add proper backgroundjobs to OCP
2018-10-19 07:40:35 +02:00
5daa4f27e1
Merge pull request #11882 from nextcloud/feature/noid/consider-net-connection
...
Do not try to contact lookup server without internet connection or URL
2018-10-18 18:24:41 +02:00
8e4ae23c48
Do not try to contact lookup server without internet connection or URL
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-18 17:49:28 +02:00
4f75173f11
Remove unreliable 2FA state message on personal 2FA settings page
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-18 09:51:08 +02:00
6c5ea0ceca
pass `Cache::getMoveInfo` along cache wrappers
...
fixes cross storage move in some cases
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:57:33 +02:00
565d830c11
expose storagefactory in server container
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:57:30 +02:00
ea42474b31
use name in fileinfo if set
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-17 14:56:51 +02:00
b458ed9c82
Properly escape column name in "createFunction" call
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-16 15:24:02 +02:00
ad66b0f9ab
Merge pull request #11830 from nextcloud/bugfix/9326/make_sure_usermanager_getByEmail_only_returns_IUser
...
filter null values for UserManager::getByEmail
2018-10-16 09:14:25 +02:00
5aaa8a8b58
Merge pull request #11740 from nextcloud/feature/noid/account-api
...
Public API to get user acocunt data
2018-10-15 21:46:09 +02:00
dfd4782dfc
include dashboard into core
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interface-dashboard' into interface-dashboard
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
moving data object to OCP
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
update autoload files
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
+@since
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-15 19:59:27 +02:00
6f835aff31
Merge pull request #11838 from nextcloud/bugfix/noid/fix-default-types-of-members
...
Fix default types of activity event member variables
2018-10-15 14:09:44 +02:00
90cdd0a12a
Update autoloader
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-15 13:30:31 +02:00
d05080f56a
Add \OCP\Account public API
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-15 13:30:31 +02:00
2db26d87c4
filter null values for UserManager::getByEmail
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-15 13:27:58 +02:00
1ce8672276
Merge pull request #11714 from nextcloud/lookupserver-and-global-scale
...
always query the lookup server in a global scale setup
2018-10-15 12:14:04 +02:00
909745acfd
Fix default types of activity event member variables
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-15 11:45:17 +02:00
83e994c11f
Make it possible to enforce mandatory 2FA for groups
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +02:00
5b61ef9213
Disallow unsafe-eval by default
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
16817f3743
Make activity events strict
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-12 12:12:12 +02:00
51e96dc3f6
Normalize getUnjailedPath
...
Fixes #11637
If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:43:48 +02:00
f675698551
Allow php7.3
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 11:20:48 +02:00
2a690db553
Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings
...
Add admin interface to enforce 2FA
2018-10-10 20:40:30 +02:00
fd5fc24da2
some small fixes and improvements
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:07:01 +02:00
0acae1d4aa
Merge pull request #11719 from nextcloud/techdebt/noid/allow-to-mock-new-datetime
...
Allow to inject/mock `new \DateTime()` similar to time()
2018-10-10 14:54:15 +02:00
67c3730fbb
Add admin interface to enforce 2FA
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-10 14:34:52 +02:00
d5bf2c4523
Move normalizePath to regexes instead of looping
...
This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.
The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 13:23:59 +02:00
7c26bbbd82
[tx-robot] updated from transifex
2018-10-10 00:13:11 +00:00
a9f4817b65
Merge pull request #11622 from nextcloud/feature/11617
...
Add function to generate urls for OCS routes
2018-10-09 20:50:37 +02:00
9e76d4049a
adjust tests
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:31:33 +02:00
3fa13e791e
always query the lookup server in a global scale setup and have a nicer label
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 17:47:29 +02:00
c97b4274cc
Add function to generate urls for OCS routes
...
fixes #11617
The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:41:50 +02:00
840dd4b39c
Allow to inject/mock `new \DateTime()` similar to time()
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 15:38:31 +02:00
7370fb37bb
fixup! Add backgroundjobs to OCP
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:10:38 +02:00
ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 14:32:14 +02:00
2dbbc37852
Bump autolaoders
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:51:08 +02:00
ba95495857
Add backgroundjobs to OCP
...
This adds abstract classes to base background jobs on.
Right now almost all uses of this use the private namespace.
For most usages it will be enough to just extend the the abstract
classes QueuedJob or TimedJob.
It should be a straight forward drop in replacement.
The private jobs can then be killed off after a few releases. So we have
a nice public API.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:36:43 +02:00
ea411ccec4
Merge pull request #11677 from nextcloud/feature/appdata_previews
...
Allow the creationg of previews of files stored in appdata
2018-10-09 11:47:14 +02:00
8e1c26b509
Merge pull request #11686 from nextcloud/deprecation/noid/ocp_util_recursiveArraySearch
...
Deprecate unused OCP\Util::recursiveArraySearch
2018-10-09 09:43:11 +02:00
ade61d8b43
Allow the creationg of previews of files stored in appdata
...
To allow us to create previews of files stored in appdata we need to
construct the view differently.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-08 19:37:45 +02:00
c4b1e1277b
Deprecate unused OCP\Util::recursiveArraySearch
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:33:09 +02:00
db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:29:52 +02:00
fe2a600823
Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation
...
adjust Calendar resource / room interfaces to use class implementation
2018-10-08 17:00:50 +02:00
bae3ba3b25
Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section
...
Rename admin security section
2018-10-08 13:57:38 +02:00
f29189f200
Rename admin security settings template
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:45:28 +02:00
7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors
...
Switches the default logo color depending on the primary color
2018-10-08 10:33:22 +02:00
5d2fdfe0b5
Rename admin security section
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:31:51 +02:00
970242b6ca
RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:50:17 +02:00
1c6f666bbf
adjust Calendar resource / room interfaces to use class implementation
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:25:20 +02:00
60a34179c9
Remove deprecated publishActivity function
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-05 12:55:45 +02:00
c73363c3ab
Fixed indents
...
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:20:45 +02:00
d9469a6b72
Add occ app:remove CLI command
...
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:08:03 +02:00
e0ed64366c
Merge pull request #11613 from nextcloud/add-missing-throw-statement
...
add missing throw statement to doc block
2018-10-04 16:28:08 +02:00
1d4a80f37d
add missing throw statement to doc block
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:23:07 +02:00
0630360835
Merge pull request #11604 from nextcloud/remove-unused-code
...
Remove unused code in legacy classes
2018-10-04 08:07:32 +02:00
ac330077d8
Merge pull request #11576 from nextcloud/feature/endpoint_for_clients_to_fetch_apppassword
...
Allow clients to request an apppassword if they still use the real password
2018-10-03 22:26:26 +02:00
cdb3ffb293
Remove unused code in legacy classes
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-03 22:07:51 +02:00
78273cb1e6
Add an endppoint for clients to request an app password
...
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 19:05:20 +02:00
67d04f2d57
[tx-robot] updated from transifex
2018-10-03 16:58:45 +00:00
213d43f043
Merge pull request #11568 from nextcloud/fix/11097/just_update_password_hash
...
Just update password hash without validating
2018-10-03 12:08:49 +02:00
f9e201adfe
Merge pull request #11409 from nextcloud/feature/consolidated-2fa-settings
...
Consolidate personal two-factor provider settings
2018-10-03 09:56:21 +02:00
0c9a3de68f
Just update password hash without validating
...
Fixes #11097
If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 00:37:20 +02:00
daa897100e
Update autoloader class map
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 23:41:33 +02:00
8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work
...
Allow overwrite.cli.url without trailing slash
2018-10-02 23:39:30 +02:00
e45248c17a
Merge pull request #10967 from nextcloud/zipresponse
...
Add zip response
2018-10-02 23:34:30 +02:00
79a0ee4f4a
Consolidate personal two-factor provider settings
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 22:56:33 +02:00
bcbffdb644
Add PHPDoc
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-02 22:35:31 +02:00
a4eb3ee508
Validate email in occ command
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
13877c2d20
Use setUserValue instead setEMailAddress because latter omits an changeUser events.
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
6c805ec9ba
Add --admin-email to cli installer
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
6b730b4c47
Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3
...
Apptoken v3: imrpove token handling on external password change
2018-10-02 21:45:10 +02:00
19d552e00b
Merge pull request #11336 from nextcloud/bugfix/3342/database-name-prefix-sqlite
...
Allow --database-name and --database-table-prefix for sqlite from occ
2018-10-02 21:44:03 +02:00
19f84f7b54
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
d9febae5b2
Update all the publickey tokens if needed on web login
...
* On weblogin check if we have invalid public key tokens
* If so update them all with the new token
This ensures that your marked as invalid tokens work again if you once
login on the web.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
00e99af586
Mark token as invalid if the password doesn't match
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
efef053960
Add column to DB to store expired passwords
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
d17856a1e9
Make logfile's mode configurable.
...
The file logger currently resets the mode of the logfile to 0640.
When the webserver is running as a different user than the cron job
(but both are in the same group) the files mode has to be 0660. The
current implementation breaks logging for the user that is not the
owner of the logfile.
This patch introduces a new config option 'logfilemode' that expects
an octal value (defaults to 0640). Unless the value is lower or equal
than 0 the logfiles mode will be resetted to this value.
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-10-02 18:27:06 +02:00
d01905200a
Merge pull request #11433 from nextcloud/feature/all_lax_cookies2
...
Make authenticated cookies lax
2018-10-02 10:28:05 +02:00
d855c38e07
Moves the logo files to logo
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
7d9052d4b9
fixup! Add fix response
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:17:27 +02:00
a891f42a5d
fixup! Add fix response
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:16:28 +02:00
dc6ff14ca0
fixup! Add fix response
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:14:18 +02:00
a9fa220e68
Add fix response
...
implements #7589
2018-10-02 08:13:39 +02:00
3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:28 +02:00
40fdff5b80
Add QBMapper::insertOrUpdate()
...
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:27 +02:00
77c6e41063
[tx-robot] updated from transifex
2018-10-02 00:12:55 +00:00
45cf2eef56
Let 2FA providers provide their custom icons (dark/light)
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-01 21:02:49 +02:00
a95154642d
Emit event on enablign or disabling of 2FA provider
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +02:00
1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths
...
Dont use find to lookup binaries
2018-10-01 11:47:07 +02:00
259c0ce11d
Add mandatory 2FA service/class
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
d4dec43f8f
Dont use find to lookup binaries
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
c275beeceb
Allow url without / for overwrite.cli.url
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-28 22:32:19 +02:00
9a7265babf
Make authenticated cookies lax
...
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.
It adds a small helper function.
In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-28 16:44:37 +02:00
db50e11edf
[tx-robot] updated from transifex
2018-09-28 11:14:08 +00:00
c9e93b8084
Compile contactmenu handlebars templates
...
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18
Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
f71ffc73db
Remove unused constructor argument
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
0259792614
Reduce settings manager complexity by loading sections via DI
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
2ace0df82a
[tx-robot] updated from transifex
2018-09-27 00:12:26 +00:00
ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
...
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
2f45045c96
[tx-robot] updated from transifex
2018-09-26 00:12:23 +00:00
ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
...
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only
...
only catch QueryException when trying to build class
2018-09-25 16:21:55 +02:00
7586b19e52
Only allow 2FA state changs if providers support the operation
...
Ref https://github.com/nextcloud/server/issues/11019 .
Add `twofactorauth:cleanup` command
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude
...
Copy the expiration from 480864b3e3
2018-09-25 09:04:44 +02:00
bdb01064e2
[tx-robot] updated from transifex
2018-09-25 00:12:07 +00:00
67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml
...
make the server ready to use global scale with SAML as auth back-end
2018-09-24 12:00:13 +02:00
895bccd246
[tx-robot] updated from transifex
2018-09-24 00:12:14 +00:00
9d7e51fd56
Use empty instead ?? because dbname is '' sometimes
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:25:48 +02:00
0ee191bf44
Use const for dbname and dbtableprefix defaults
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:15:57 +02:00
a5f0cc6539
--database-name or --database-table-prefix are ignored for sqlite
...
The default implementation of initialize in AbstractDatabase writes
database information to config.php. The method is overwritten in
Sqlite but parent is never called. Database-Name and Database-Table-Prefix
are never written to config.php. But from this point setup use values
from config.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 15:52:28 +02:00
cce9f25d86
[tx-robot] updated from transifex
2018-09-23 00:12:30 +00:00
bd89af478e
[tx-robot] updated from transifex
2018-09-22 00:12:06 +00:00
dccbdc8c01
only catch QueryException when trying to build class
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-09-21 18:32:15 +02:00
0211e17e3f
[tx-robot] updated from transifex
2018-09-21 00:12:08 +00:00
f258e65f13
Also adjust the expiration of PublicKeyTokenProvider
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:54:27 +02:00
30dbbfbd45
Merge pull request #11292 from nextcloud/revert/9442/do-not-apcu-cache-the-autoloader
...
Revert "Use APCu caching of composer"
2018-09-19 19:39:00 +02:00
5e6187926f
Copy the expiration from 480864b3e3 to getTokenById
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-19 17:55:48 +02:00
b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix
...
Use user locale as default in the template
2018-09-19 16:06:35 +02:00
1e9ab0a367
Fix since tag
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:02:09 +02:00
40d185e928
Revert "Use APCu caching of composer"
...
This reverts commit 948ab8a4d0https://github.com/nextcloud/server/issues/11290
2018-09-19 15:47:01 +02:00
3095ec4125
Fix icons cacher regex for compressed output
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 13:06:04 +02:00
2a51572cc4
[tx-robot] updated from transifex
2018-09-17 00:12:30 +00:00
90a9a1ecc6
Consider openssl settings from config.php
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 11:51:15 +02:00
40bb45225a
[tx-robot] updated from transifex
2018-09-16 00:12:29 +00:00
3771aeb584
[tx-robot] updated from transifex
2018-09-15 00:12:09 +00:00
bb86a8ca36
add back-end as parameter to the pre-login hook
...
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
6112adfe06
[tx-robot] updated from transifex
2018-09-14 00:12:27 +00:00
3b7ac0c94d
Change visibility to private
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
92fbb6d795
Fallback to $lang if no $locale match
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-13 11:37:40 +02:00
10351cb9da
[tx-robot] updated from transifex
2018-09-13 00:12:08 +00:00
f424fa706a
Merge pull request #11139 from nextcloud/feature/2fa-provider-activatable-deactivatable
...
[Mandatory 2FA] Add public interfaces for activable/deactivable 2FA providers
2018-09-11 16:36:49 +02:00
a94dc760e8
[tx-robot] updated from transifex
2018-09-11 00:12:22 +00:00
603a578a1c
Change return false to throw new
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
62c03beb1d
Extract logic for webroot into method and add test
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
30c6130893
Add public interfaces for activable/deactivable 2FA providers
...
Fixes https://github.com/nextcloud/server/issues/11018 .
Required for https://github.com/nextcloud/server/issues/11019 .
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-10 16:47:47 +02:00
7d158c62ce
Typehint
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 11:17:03 +02:00
01f2fef1f5
Since requirement
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:48:53 +02:00
081dcc55ca
Fix public l10n
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:45:18 +02:00
df143cb72a
Use user locale as default in the template
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:42:08 +02:00
1fb84efedb
Fix exception class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-10 10:03:42 +02:00
3653a2c889
[tx-robot] updated from transifex
2018-09-08 00:12:33 +00:00
c44368b9a3
Merge pull request #11096 from nextcloud/bugfix/11080/set-cookie-null-argument
...
replace setcookie value with '' instead of null.
2018-09-07 19:31:30 +02:00
47b46fa69d
Expire tokens hardening
...
Just to be sure that the field is also not 0
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-07 10:01:31 +02:00
fe21b10de5
replace setcookie value with '' instead of null.
...
The php documentation states that an empty string should be used for a cookie when it has no real value.
null leads to the following error: expects parameter 2 to be string, null given
Signed-off-by: Martin Böh <mart.b@outlook.de>
2018-09-06 20:34:16 +02:00
764c912294
Update autoloader
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-05 21:00:53 +02:00
b4b095ca91
Fix @since version on new API
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
Maxence Lange
Roeland Jago Douma
Roeland Jago Douma
Julius Härtl
Morris Jobke
Oliver Wegner
Robin Appelman
Nextcloud bot
Bjoern Schiessle
Daniel Kesselberg
John Molakvoæ (skjnldsv)
Jan-Christoph Borchardt
Christoph Wurst
blizzz
Christoph Wurst
Georg Ehrke
Joas Schilling
Patrik Kernstock
Roland Tapken
Michael Weimann
Jakob Sack
Joas Schilling
MartB