Commit Graph

9125 Commits

Author SHA1 Message Date
Morris Jobke 0c9e411f76
Merge pull request #12418 from nextcloud/bugfix/noid/do-not-show-integrity-warning-always
Remove outdated integrity warning on each page
2018-11-12 22:44:55 +01:00
Morris Jobke 3996210307
Merge pull request #12419 from nextcloud/bugfix/noid/group-creation-replace-insertIfNotExist
Fix UniqueConstraintViolationException while insert into oc_groups
2018-11-12 21:14:38 +01:00
Morris Jobke f6fed4d54b
Merge pull request #12420 from nextcloud/bugfix/noid/icons-cacher-not-found
Ignore icons if the file could not be found
2018-11-12 21:13:19 +01:00
Morris Jobke fd8eeccb15
Merge pull request #11942 from nextcloud/techdebt/noid/use-count-function
Use the defined func()->count() instead of manual counting
2018-11-12 17:43:56 +01:00
Morris Jobke 84fd81e33f
Fix UniqueConstraintViolationException while insert into oc_groups
* fixes race condition in insert
* fixes potentiaol deadlock

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 17:36:35 +01:00
Julius Härtl 4acd053e4d
Do not fail if the icon file doesn't exists
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 17:31:54 +01:00
Morris Jobke 9e1ec0cf46
Merge pull request #12413 from nextcloud/bugfix/9305/oc_file_locks-unique-constraint
Fix UniqueConstraintViolationException while insert into oc_file_locks
2018-11-12 17:27:09 +01:00
Morris Jobke 761ba1801b
Remove outdated integrity warning on each page
* integrity warning is shown during update and in the admin setup checks
* there is also the plan to retire this old way of notification

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 16:54:38 +01:00
Morris Jobke f7e3cf2085
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 15:13:10 +01:00
Morris Jobke 93c62d78db
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 14:43:28 +01:00
Morris Jobke 859dd1e742
Merge pull request #12371 from nextcloud/bugfix/12369/catch-unique-constraint-violation-exception-in-insertIfNotExist
Catch UniqueConstraintViolationException inside insertIfNotExist
2018-11-12 13:41:00 +01:00
Julius Härtl 26b160cc43
Make sure to always load the latest icons-vars.css file
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 11:00:56 +01:00
Morris Jobke 5273639d0e
Add deprecation message ofr insertIfNotExist
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 12:13:30 +01:00
Morris Jobke 230e93f575
Catch UniqueConstraintViolationException inside insertIfNotExist
This is the most common case for the usage of this method.

See also https://github.com/nextcloud/server/issues/12369 and the linked tickets.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 10:38:20 +01:00
Joas Schilling bb352fb667
Use the defined func()->count() instead of manual counting
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 15:44:45 +01:00
Roeland Jago Douma 25fe324f41
Merge pull request #12313 from nextcloud/generated-avatar-major-cleanup
Clear avatar cache with frontend repair
2018-11-08 10:28:09 +01:00
John Molakvoæ (skjnldsv) a9eef37456
Clear avatar cache with frontend repair
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-08 08:31:21 +01:00
Joas Schilling 10ba0bed8a
Match mentions when the username is wrapped in quotes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-07 12:33:44 +01:00
Morris Jobke add35c7f31
Merge pull request #12284 from nextcloud/fix/1020/search_shared_external
Properly search the root of a shared external storage
2018-11-06 18:16:12 +01:00
Morris Jobke 411d2dece5
Merge pull request #11786 from nextcloud/feature/password_confirmation_backend
Expose password confirmation capabilities in the user backend
2018-11-06 00:44:18 +01:00
Roeland Jago Douma 0277cd7158
Properly search the root of a shared external storage
Fixes #1020

When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.

Because if the jail is on the empty string. It matches all paths.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-05 16:27:43 +01:00
Morris Jobke cba3883410
Merge pull request #12185 from nextcloud/cleanup/dicontainer
Cleanup the DIContainer
2018-11-05 12:16:36 +01:00
Roeland Jago Douma 72b7c9ffa0
Merge pull request #12105 from nextcloud/using-resharing-right-to-display-shares
Shares are displayed to users with resharing rights
2018-11-04 21:08:11 +01:00
Roeland Jago Douma 9d89f8bbac
Merge pull request #12071 from nextcloud/addressbook-uid-check-migration
Addressbook uid check migration
2018-11-02 19:37:48 +01:00
Roeland Jago Douma 2452a3ec73
Properly query the methodreflector
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 0e5147f001
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma bfb5ef4b29
The identityproof manager should be in Server
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 8f833a309a
No need to register it also in the DI Container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma fbd0d0bdcf
The Encryption manager belongs in Server.php
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 9c28d2d7c4
SearchResult should be difined in Server as it is a core component
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 964ebed86c
The UserSession is constructed in the server
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma b2501dbf9a
TimeFactory is already regsitsered in the Server Container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
Roeland Jago Douma 61adb513fe
Request is already regsitered in the Server container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:36 +01:00
Roeland Jago Douma 421a40e7db
Was already registered in Server
The DIContainaer will query server anyways if it can't find it

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:35 +01:00
Roeland Jago Douma 4ba709bb71
Merge pull request #11404 from flokli/sendmail-path
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
2018-11-02 16:17:02 +01:00
Roeland Jago Douma 30a1237f81
Merge pull request #11875 from nextcloud/add-support-for-sending-the-password-for-a-link-share-by-nextcloud-talk
Add support for sending the password for a link share by Nextcloud Talk
2018-11-02 14:54:46 +01:00
Morris Jobke 337cd25187
Merge pull request #12200 from nextcloud/tech-debt/noid/cleanup-legacy-sharing
Cleanup some unused sharing methods from the old sharing code
2018-11-02 14:03:51 +01:00
Roeland Jago Douma 054056a8df
Fallback to default path is sendmail can't be found
If the sendmail binary can't be found at all we fallback to the default
path.
It most likely is not there but then at least a proper error message
pops up.

Updated the tests to also properly pass.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 14:03:11 +01:00
Florian Klink 7078a0e53e
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
`sendmail` can very well be in a path different from
`/usr/sbin/sendmail`.

We already search `$PATH` at `lib/private/Settings/Admin/Mail.php` to
detect whether we want to offer sendmail as a mail transfer method, so
let's be consistent and actually initialize `\Swift_SendmailTransport`
with this path to sendmail, instead of just hardcoding
`/usr/sbin/sendmail`.

Signed-off-by: Florian Klink <flokli@flokli.de>
2018-11-02 13:57:43 +01:00
Roeland Jago Douma 60bcae55a9
Expose the info to the JS
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Roeland Jago Douma 603b672a11
Update password confirmation middleware
If the userbackend doesn't allow validating the password for a given uid
then there is no need to perform this check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Roeland Jago Douma 1fd640b40b
Expose the backend of IUser
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
Maxence Lange 77b95ccd12
revert tests
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:10:49 +01:00
Maxence Lange 68c44bb642
shares are displayed to users with resharing rights
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:26 +01:00
Morris Jobke 248d95339d
Cleanup some unused sharing methods from the old sharing code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-02 10:49:42 +01:00
Roeland Jago Douma 2cae91904c
Merge pull request #12194 from nextcloud/fix-path-as-dashboard-is-already-imported
fix path to DashboardManager, as the class is already imported (minor)
2018-11-02 08:22:05 +01:00
Daniel Calviño Sánchez fe8a67f517 Store "sendPasswordByTalk" property of link shares in the database
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-11-02 01:57:48 +01:00
Morris Jobke f28691c26e
Merge pull request #11844 from nextcloud/multiple-link-shares
allow to create multiple link shares via share api
2018-11-01 22:36:09 +01:00
Morris Jobke 35e3d40e80
Merge pull request #12188 from nextcloud/revert/9900/revert-wait-for-cron
Revert "Wait for cron to finish before running upgrade command"
2018-11-01 21:52:20 +01:00
Maxence Lange 1e2d19ae0d fix path
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-01 19:14:58 +01:00
Morris Jobke 35a7ea869e
Merge pull request #12152 from brad2014/bugfix/12151/fix-emailtemplate-list-formatting
Fix issue #12151: fix list formatting by correcting malformed html
2018-11-01 16:30:22 +01:00
Morris Jobke f5a1f4bc1b
Revert "Wait for cron to finish before running upgrade command"
This reverts commit 18e9631810.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-01 15:23:40 +01:00
John Molakvoæ (skjnldsv) d89edb28c4
move migration
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:02:50 +01:00
John Molakvoæ (skjnldsv) 06b3ade9ee
Tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:49 +01:00
John Molakvoæ (skjnldsv) 56ad1fccc0
Repair registration and autoload bump
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:47 +01:00
John Molakvoæ (skjnldsv) 938c63e3a2
Repair Step
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 14:59:22 +01:00
Bjoern Schiessle 5e90711600 allow to update lables for public link shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:18:55 +01:00
Bjoern Schiessle f377a61f90 allow to add labels to shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:15:07 +01:00
Robin Appelman 9b3cc72f7c
fix writeStream for jail wrapper
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:57 +01:00
Robin Appelman c6a48110bf
allways fall back to fopen for encryption wrapper
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:51 +01:00
Robin Appelman 93de63777e
extend storage api to allow directly writing a stream to storage
this removes the need for temporary storages with some external storage backends.
The new method is added to a separate interface to maintain compatibility with
storage backends implementing the storage interface directly (without inheriting common)

Currently the interface is implemented for objectstorage based storages and local storage
and used by webdav uploads

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:44 +01:00
Roeland Jago Douma 3ee7597be0
Merge pull request #12166 from nextcloud/feature/limit_preview_sizes
Only generate previews in powers of 4 and set min
2018-10-31 20:25:53 +01:00
Maxence Lange feeb62a496
wrong method called
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-31 19:43:18 +01:00
Roeland Jago Douma ce10f8b8c4
Only generate previews in powers of 4 and set min
Before we'd round up all preview request to their nearest power of two.
This resulted still in a lot of possible images. Generating a lot of
server load and taking up a lot of space.

This moves it to previews to be powers of 4: 64, 256, 1024 and 4096
Also the first two powers are always skipped (4, 16) as it doesn't make
sense to generate previews for that.

We cache preview pretty agressively and I feel this is a better
tradeoff.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 19:34:42 +01:00
brad2014 3442ffeb54 Fix bug #12151: fix list formatting by correcting malformed html
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2018-10-30 15:28:55 -07:00
Roeland Jago Douma a51c8377d4
Merge pull request #12140 from nextcloud/fix/expired_token_throttler
Expired tokens should not trigger bruteforce protection
2018-10-30 20:17:03 +01:00
Roeland Jago Douma ddd39f9dc3
Merge pull request #12056 from nextcloud/interfaces-fulltextsearch-2
Public interfaces FullTextSearch
2018-10-30 19:53:01 +01:00
Roeland Jago Douma 2223d19997
Error out early on an expired token
Fixes #12131

If we hit an expired token there is no need to continue checking. Since
we know it is a token.

We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma 674930da7f
Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma 41ff001b77
Merge pull request #11899 from nextcloud/enhancement/noid/sharing-consolidation
Sharing user consolidation
2018-10-30 19:27:05 +01:00
Maxence Lange 750196aa7f public interfaces FullTextSearch
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-@return mixed

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interfaces-fulltextsearch-2' into interfaces-fulltextsearch-2

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 18:24:15 +01:00
Roeland Jago Douma abbb946bbb Propegate hide download state in share provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma bc960bae02 Extend IShare to show hide download state
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma c1698948b8
Merge pull request #12130 from nextcloud/fix/reset_bruteforce_oauth
Reset bruteforce on token refresh OAuth
2018-10-30 14:26:50 +01:00
Julius Härtl 5a73a9b9de
Fix injection to get the user id
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 11:41:56 +01:00
Roeland Jago Douma 75456b057d
Reset bruteforce on token refresh OAuth
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 11:21:27 +01:00
Morris Jobke dccfe4bf84
Merge pull request #12036 from olivermg/master
Add capability of specifying "trusted_proxies" entries in CIDR notation (IPv4)
2018-10-30 10:49:08 +01:00
Julius Härtl a0d759b324
Add uuid/name entry to Remote/MailPlugin tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
Julius Härtl cb463d73d5
Add name field to mail and remote results
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:36 +01:00
Julius Härtl 7a65779316
Add local share if remote cloud id matches a local user ones
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
Julius Härtl 61af607525
Make enhancing entries with type property optional
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:35 +01:00
Julius Härtl 870e01518d
Add type to Remote and Mail plugins
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:34 +01:00
Julius Härtl a1c6e44700
Add collaborators uuid to properly render the avatar and for later grouping
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Julius Härtl d7caf841df
Filter out generic remote result for local users
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Julius Härtl ce79e587e4
Filter out local users from address book remote searches
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 10:19:33 +01:00
Morris Jobke c9e6a99637
Merge pull request #12085 from nextcloud/add-gss-to-excluded-backends
add global site selector as user back-end which doesn't support password confirmation
2018-10-30 10:16:07 +01:00
Oliver Wegner 401ca28f07 Adding handling of CIDR notation to trusted_proxies for IPv4
Signed-off-by: Oliver Wegner <void1976@gmail.com>
2018-10-30 09:15:42 +01:00
Morris Jobke 0999f07964
Merge pull request #12052 from nextcloud/bugfix/11594/fix-setup-check-trusted-proxies
Fix setup check trusted proxies
2018-10-29 23:38:37 +01:00
Morris Jobke 963d968f06
Merge pull request #12113 from nextcloud/fileinfo-getextension
Add getExtension() to FileInfo
2018-10-29 17:23:27 +01:00
Robin Appelman e5c3e4b76f
Add getExtension() to FileInfo
this is a fairly common operation so it makes sense to prevent having
to repeatedly implement it.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-29 15:24:02 +01:00
Julius Härtl 34a71f57fc
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 13:06:55 +01:00
Julius Härtl aec0a6c096
Fix icon cacher url matching
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-29 12:09:30 +01:00
Bjoern Schiessle 85d9f06cb8
add global site selector as user back-end which doesn't support password confirmation
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-27 15:43:51 +02:00
Daniel Kesselberg 986f4df2a5
Add REMOTE_ADDR to getHeader
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-25 22:26:49 +02:00
Julius Härtl d21ded67a7
Keep list of icons in a separate file for use in the accessibility app
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 12:16:10 +02:00
Julius Härtl 0b2ef7e608
Remove default which didn't work
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Julius Härtl 152fb08288
Properly track data urls as well
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Julius Härtl 845f1b67d5
Directly embed icons into the icon-vars css file
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-25 11:58:00 +02:00
Roeland Jago Douma 0fb070b5b4
Allow chunked uploads even if your quota is not sufficient
Fixes #11485

This allows uploads to shared folders.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-24 20:29:00 +02:00
Bjoern Schiessle d76a87f3b0
skip already decrypted files on decrypt all command
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-24 16:53:39 +02:00