Christoph Wurst
2c2e1f7988
Use absolute URI for action icons
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
b8c2a8ae36
Don't show contacts an entry for themselves
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
36cee1f386
Let apps register contact menu provider via info.xml
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
e3efc4979b
Show mail address in popover menu
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
d091793ceb
Contacts menu
...
* load list of contacts from the server
* show last message of each contact
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Lukas Reschke
6a16df7288
Add new auth flow
...
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:
1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.
If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)
If the user chooses to use the regular login the following happens:
1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.
This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Stefan Weil
c9e08a6445
Add repair steps for new image mime types
...
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-04-25 18:56:23 +02:00
Noveen Sachdeva
1b1f403a5d
Add duration of last job execution to the table
2017-04-25 17:39:58 +02:00
Julius Härtl
7548825743
Responsive app menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:24 +02:00
Joas Schilling
ac0c21f4a7
Trigger change when a user is enabled/disabled
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 17:20:35 +02:00
Victor Dubiniuk
131df248ef
Catch session already closed exception in destructor
2017-04-25 16:28:52 +02:00
Morris Jobke
5a9224fb4c
Merge pull request #3531 from nextcloud/theming-scss
...
Theming using SCSS variables
2017-04-25 10:56:13 -03:00
Joas Schilling
f1ffb728b9
Allow meta info and icons
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 14:31:21 +02:00
Roeland Jago Douma
82c9eb1c56
Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
...
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Julius Härtl
1c54463853
Use theming cachebuster for server resources
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 11:39:49 +02:00
Julius Haertl
68a63ad3f3
Implement scss variable injection by OC_Defaults
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
Add Scss variables to example theme and theming app
Signed-off-by: Julius Haertl <jus@bitgrid.net>
Use SCSSCacher to build theming css
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Update theming.scss
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Code cleanup
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Inject SCSSCacher for easier testing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Fix typehint
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Generate absolute URLs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Fix tests to always use absolute urls for theming images
Signed-off-by: Julius Härtl <jus@bitgrid.net>
MailheaderColor -> ColorPrimary
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 11:39:45 +02:00
Joas Schilling
35414884d3
Add lists to HTML emails
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-24 13:48:27 +02:00
Daniel Calviño Sánchez
faea890b87
Extract updateSharePasswordIfNeeded function
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 13:38:36 +02:00
Daniel Calviño Sánchez
51e658da2a
Join if block to preceding if chain
...
If getShareType() returns "email" it can not also return "user", "group"
nor "link", so the if block can be added to the preceding if chain.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 13:17:46 +02:00
Joas Schilling
3d671cc536
Merge pull request #4443 from nextcloud/cleanup-unused-imports
...
Remove unused use statements
2017-04-24 11:47:37 +02:00
Daniel Calviño Sánchez
dcc8cce28b
Fix double hashing of shared link passwords
...
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Roeland Jago Douma
1c2cdc9d3a
Merge pull request #4444 from nextcloud/remove-unused-variables
...
Remove unused variables
2017-04-24 08:09:01 +02:00
Nextcloud bot
a01f946c56
[tx-robot] updated from transifex
2017-04-24 00:07:28 +00:00
Morris Jobke
c54a59d51e
Remove unused use statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Nextcloud bot
11c7953888
[tx-robot] updated from transifex
2017-04-23 00:07:31 +00:00
Morris Jobke
2b6f6dac00
Remove unused variables
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 18:20:51 -05:00
Nextcloud bot
363d1c69dd
[tx-robot] updated from transifex
2017-04-22 00:07:36 +00:00
Roeland Jago Douma
867b3ee234
Merge pull request #4396 from nextcloud/scan-non-existing
...
show error when trying to scan non existing path
2017-04-21 19:47:33 +02:00
Roeland Jago Douma
d46b155916
Merge pull request #4428 from nextcloud/file-by-id-limit-user
...
limit the user when searching for a file by id if we know the user already
2017-04-21 19:43:53 +02:00
Robin Appelman
6fbe991afb
limit the user when searching for a file by id if we know the user already
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-21 17:11:26 +02:00
Roeland Jago Douma
e9b00f84b8
Merge pull request #4406 from nextcloud/fix-unit-test-problems
...
Fix unit test problems
2017-04-21 09:35:01 +02:00
Nextcloud bot
fb7663cefe
[tx-robot] updated from transifex
2017-04-21 00:07:37 +00:00
Bjoern Schiessle
972b4c04e2
respect password policy for auto generated passwords
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Bjoern Schiessle
d8dcd72118
allow admin to enforce password on mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Robin Appelman
a0e5107c0b
check for existence before we start the db transaction
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-20 13:25:49 +02:00
Joas Schilling
8c703c954d
Fix theming tests
...
Trying to configure method "shouldReplaceIcons" which cannot be configured
because it does not exist, has not been specified, is final, or is static
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:10:34 +02:00
Joas Schilling
9871e4eaee
Kill dead code
...
> No tests found in class "Test\Share\MailNotificationsTest".
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:43:19 +02:00
Joas Schilling
140580f9d8
Merge pull request #4398 from nextcloud/fix_accesslistcode
...
Get proper accesslist for userFolder
2017-04-20 11:03:22 +02:00
Roeland Jago Douma
ae2db5e60d
Get proper accesslist for userFolder
...
If the accesslist is requested for a users root folder we should
properly construct the path
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 10:28:32 +02:00
Joas Schilling
799b229a68
Merge pull request #4381 from nextcloud/2954_take_2
...
Fix group settings routes and fix route regression
2017-04-20 10:25:16 +02:00
Nextcloud bot
adf316c3af
[tx-robot] updated from transifex
2017-04-20 00:07:36 +00:00
Morris Jobke
fbedea0807
Add PHPDoc and handle exception in ScanAppData as well
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-19 17:04:16 -05:00
Morris Jobke
16c4755e03
Rename renderHTML to renderHtml
...
* fixes #4383
* improves consistency
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-19 15:46:41 -05:00
Robin Appelman
ce2dba0796
show error when trying to scan non existing path
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-19 14:36:38 +02:00
Lukas Reschke
a3569a1452
Merge pull request #4382 from nextcloud/use-proper-reply-to
...
Add "Reply-To" on ShareByMailProvider mails
2017-04-19 12:04:18 +02:00
Morris Jobke
f1ddb939a0
Merge pull request #4371 from nextcloud/dont-allow-dot-usernames
...
Better validation of allowed user names
2017-04-18 20:04:32 -05:00
Nextcloud bot
febe01f571
[tx-robot] updated from transifex
2017-04-19 00:07:40 +00:00
Nextcloud bot
6b490f45fd
[tx-robot] updated from transifex
2017-04-18 23:08:43 +00:00
Morris Jobke
269600a04f
Merge pull request #4369 from nextcloud/fix-translations
...
Fix translations
2017-04-18 18:01:50 -05:00
Joas Schilling
1c0bffe87f
Fix translations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Morris Jobke
47fe5e8f41
Merge pull request #4380 from nextcloud/show-instance-name-in-from
...
Add instance name to default sender
2017-04-18 16:22:56 -05:00
Lukas Reschke
203ef88509
Add "Reply-To" on ShareByMailProvider mails
...
Fixes https://github.com/nextcloud/server/issues/4209
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 22:23:07 +02:00
Roeland Jago Douma
d12ec7cff1
Revert "Match slashes in ../{id} resource routes"
...
This reverts commit 31f9be7a75
.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-18 21:50:36 +02:00
Lukas Reschke
bae64e810e
Add instance name to default sender
...
Otherwise your mail program shows "foo@mail.com" instead of "Nextcloud" or whatever your instance name is.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 21:44:37 +02:00
Joas Schilling
a5b4308a51
Don't put the SMTP password into the HTML code
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 15:44:20 +02:00
Joas Schilling
a3922bbcdc
Better validation of allowed user names
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 14:29:34 +02:00
Nextcloud bot
b072d2c49d
[tx-robot] updated from transifex
2017-04-18 00:07:25 +00:00
Nextcloud bot
df2235c71f
[tx-robot] updated from transifex
2017-04-17 00:07:33 +00:00
Nextcloud bot
69e0e2420c
[tx-robot] updated from transifex
2017-04-16 00:07:23 +00:00
Morris Jobke
10290eb006
Merge pull request #2834 from nextcloud/accesListToShareManager
...
Access list to share manager
2017-04-15 13:06:24 -05:00
Nextcloud bot
dafa9c740a
[tx-robot] updated from transifex
2017-04-15 00:07:36 +00:00
Roeland Jago Douma
f40b9fa9bd
Merge pull request #4330 from nextcloud/activities-for-password-mail-change
...
Add activities when email or password is changed
2017-04-14 08:16:43 +02:00
Roeland Jago Douma
6b79bf0960
Merge pull request #4346 from nextcloud/properly-do-bruteforce-protection-via-annotation
...
Make BruteForceProtection annotation more clever
2017-04-14 08:15:55 +02:00
Nextcloud bot
0f96d5a641
[tx-robot] updated from transifex
2017-04-14 00:07:36 +00:00
Morris Jobke
8e8b345fbd
Fix autoloader
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-13 16:28:07 -05:00
Lukas Reschke
8149945a91
Make BruteForceProtection annotation more clever
...
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.
Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
Morris Jobke
d0c0f6cfc1
Merge pull request #4326 from nextcloud/downstream-27562
...
Reorder the entries of the log for easier reading
2017-04-13 13:11:47 -05:00
Lukas Reschke
81d3732bf5
Merge pull request #4308 from nextcloud/lost-password-email
...
Update email template for lost password email
2017-04-13 20:02:15 +02:00
Morris Jobke
d36751ee38
Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login
...
Fix login controller test and consolidate login
2017-04-13 12:16:38 -05:00
Morris Jobke
ac05d6dd67
Improve PHPDoc
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-13 12:16:12 -05:00
Joas Schilling
695696a4a6
Use constants
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:04:32 -05:00
Roeland Jago Douma
6a519abde8
Update autoloader
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 14:56:05 +02:00
Roeland Jago Douma
0f5682321e
Fix server container registration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 14:52:09 +02:00
Roeland Jago Douma
aef95b9b7d
Not needed in the DIContainer anymore
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 13:37:39 +02:00
Roeland Jago Douma
b96297e9cc
Do not set full path if not currentAccess
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:53 +02:00
Joas Schilling
f57ef55249
Add samples to the docs
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
29f2088a7b
Catch exceptions and use as many results as possible
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
629b7c0fc3
Adjust docs and make !$currentAccess simpler
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
5b57bb955b
Fix default share provider
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
2fcf334c6a
Fix tests for ShareHelper
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
3c1365c0d1
Fix returned paths for remote shares
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
Joas Schilling
4bcb7d88b5
Return the token as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
Joas Schilling
cf7c320949
Also return the token
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
Joas Schilling
91e650791d
Return the paths for the users without setting them all up
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
0c2dc3bc8c
Fix comments
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
12afd7d1d5
Add mail element to access list
...
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
2cbac3357b
Offload acceslist creation to providers
...
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
97f8ca6595
Added ShareHelper
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
a1edcc8ecf
Port Encryption/file to new getAccessList
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
88299ec27c
Added to public interface
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
7dcc98eb20
Add owner to access list
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
d84df15590
Add getAccessList to ShareManager
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:48 +02:00
Joas Schilling
1110b51aa3
Allow to read the old email on the hook as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:34:02 +02:00
Lukas Reschke
e39e6d0605
Remove expired attempts
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:18 +02:00
Lukas Reschke
54930ac926
Update static autoloadermap
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Lukas Reschke
a1ae5275f9
Move to dedicated MiddleWare
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Lukas Reschke
511524c668
Add isset() as it can be an empty result
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Lukas Reschke
d729bde98c
Register in ServerContainer
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Lukas Reschke
66835476b5
Add support for ratelimiting via annotations
...
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Joas Schilling
f23a36b0a6
Add activities when email or password is changed
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 11:13:19 +02:00