Commit Graph

54797 Commits

Author SHA1 Message Date
Roeland Jago Douma 9f8d16b6f1
Merge pull request #26772 from nextcloud/backport/26763/stable19
[stable19] Improve federated permission handling
2021-04-26 21:26:58 +02:00
Julius Härtl d5a2eafedc
Merge pull request #26769 from nextcloud/backport/26762/stable19 2021-04-26 16:16:22 -01:00
Roeland Jago Douma 3f6be3d791 Improve federated permission handling
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-26 15:29:04 +00:00
Joas Schilling 59ab20972d Log deprecation only as debug
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-26 15:17:12 +00:00
Joas Schilling e3e4bfb163 Respect the error level when logging
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-26 15:17:11 +00:00
Nextcloud bot 7028094ece
[tx-robot] updated from transifex 2021-04-26 02:25:07 +00:00
Nextcloud bot 44e37f211a
[tx-robot] updated from transifex 2021-04-25 02:25:23 +00:00
Nextcloud bot 354176e123
[tx-robot] updated from transifex 2021-04-24 02:27:06 +00:00
Daniel Calviño Sánchez 184a7cadab Handle corrupted scope values
Due to a bug (fixed some commits ago) in the UsersController of the
settings app the scope of the properties can be null (for example, if
lookup server upload was disabled and the user then changed the display
name in the profile information). In that case now the scope menu icon
shows an error to inform the user.

The scope value will not change when other properties are modified until
the user chooses an explicit value from the menu. Note that until a
scope is explicitly set the property will behave as if it is private.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:14 +02:00
Daniel Calviño Sánchez 828865a508 Fix settings scope menu hidden when lookup server upload is disabled
When upload to the lookup server is disabled the scope menu was hidden
in the personal information settings. However, even if the lookup server
upload is disabled the personal information is still accesible from the
local server as well as trusted servers. Users should be able to still
set if their information is available to other users or if it is
private, so now the scope menu is always show (although the "Public"
option is hidden if the lookup server upload is disabled).

If the user set the information as public before the upload to the
lookup server was disabled the menu will also show the "Public" option
as active, although disabled. Setting the visibility to any of the other
options will hide the "Public" option from the menu (until the lookup
server upload is enabled again).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:13 +02:00
Daniel Calviño Sánchez 60b8ede80a Add integration tests for searching users in contacts menu
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:13 +02:00
Daniel Calviño Sánchez bc9b213b7b Make possible to set body in requesttoken requests in integration tests
"sendingAToWithRequesttoken" needs to be used to test some non OCS
endpoints which require the request token to be sent in the request. Now
it is possible to specify the body (or, rather, additional contents
beside the cookies and the request token) for those requests, as it will
be needed for example to update the user profile.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:12 +02:00
Daniel Calviño Sánchez d2f1225b34 Fix deleting properties of user settings when not given explicitly
The controller can receive an optional subset of the properties of the
user settings; values not given are set to "null" by default. However,
those null values overwrote the previously existing values, so in
practice any value not given was deleted from the user settings. Now
only non null values overwrite the previous values.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:11 +02:00
Daniel Calviño Sánchez 3304d33e3b Fix TypeError when "email" is not given in the controller request
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:11 +02:00
Daniel Calviño Sánchez e30271be4f Respect additional user settings not covered by the controller
"AccountManager::updateUser()" wipes previous user data with whichever
user data is given (except for some adjustments, like resetting the
verified status when needed). As the controller overrode the properties
those properties would lose some of their attributes even if they are
not affected by the changes made by the controller. Now the controller
only modifies the attributes set ("value" and "scope") to prevent that.

Note that with this change the controller no longer removes the
"verified" status, but this is not a problem because, as mentioned,
"AccountManager::updateUser()" resets them when needed (for example,
when the value of the website property changes).

This change is a previous step to fix overwritting properties with null
values, and it will prevent the controller from making unexpected
changes if more attributes are added in the future.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:10 +02:00
Daniel Calviño Sánchez c130b88004 Add more unit tests for setting user settings
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:09 +02:00
Daniel Calviño Sánchez f2e40238a6 Change default test data to values less similar to empty values
Right now it makes no difference, but this should make future tests
clearer, specially in case of failure.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:08 +02:00
Daniel Calviño Sánchez 5a497841be Extract default test data to a helper getter
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:07 +02:00
Daniel Calviño Sánchez eaedf5fcd9 Use constants from interface rather than class
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2021-04-23 16:53:07 +02:00
Nextcloud bot 739504bd10
[tx-robot] updated from transifex 2021-04-23 02:26:44 +00:00
Nextcloud bot f43c25dfe3
[tx-robot] updated from transifex 2021-04-22 02:26:53 +00:00
Morris Jobke d11ded9ef9
Merge pull request #26676 from nextcloud/backport/26658/stable19
[stable19] Do not stop directory listing when ACL is blocking access
2021-04-21 14:20:39 +02:00
Julius Härtl 5262bb97f7 Continue iterating over diretory contents and just hide file if denied by acl
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-04-21 07:24:13 +00:00
Nextcloud bot e73034b95b
[tx-robot] updated from transifex 2021-04-21 02:26:35 +00:00
Roeland Jago Douma 418dab9b98
Merge pull request #26646 from nextcloud/backport/26625/stable19
[stable19] Fix empty password check for mail shares
2021-04-20 20:47:52 +02:00
Roeland Jago Douma 489ddb4d04
Merge pull request #26644 from nextcloud/backport/26639/stable19
[stable19] ensure redis returns bool for hasKey
2021-04-20 16:22:00 +02:00
Roeland Jago Douma 2cb71972b7
Merge pull request #26619 from nextcloud/backport/26614/stable19
[stable19] Update root.crl due to revoked news.crt
2021-04-20 15:10:00 +02:00
Morris Jobke d6c3fce82b
Merge pull request #26645 from nextcloud/backport/26633/stable19
[stable19] Make lookup search explicit
2021-04-20 14:08:40 +02:00
Roeland Jago Douma 3dac09a9d7 Make lookup search explicit
Speedsup sharee lookup quite a bit.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 08:39:32 +00:00
Arthur Schiwon 9d4a52e07c ensure redis returns bool for hasKey
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-04-20 08:39:30 +00:00
Vincent Petry 4b5a05cfee
Fix empty password check for mail shares
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-04-20 10:35:58 +02:00
Morris Jobke 6259ba779e
Merge pull request #26638 from nextcloud/backport/26615/stable19
[stable19] Require read permissions for federated shares
2021-04-20 09:06:46 +02:00
Nextcloud bot 16eed4a1ba
[tx-robot] updated from transifex 2021-04-20 02:26:29 +00:00
Roeland Jago Douma 46823e8f68 Require read permissions for federated shares
Else they end up as weird shares that can't be properly utilized by
other parties anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-19 19:56:14 +00:00
Roeland Jago Douma 19fb6d7651
Merge pull request #26623 from nextcloud/backport/26613/stable19
[stable19] Do not allow adding file drop shares to your own cloud
2021-04-19 21:48:33 +02:00
Robin Appelman d9f06c1792 cast ints
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-19 14:49:05 +00:00
Robin Appelman f8346f43f1 handle the cache where a cache entry with the correct path has already been recreated
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-19 14:49:04 +00:00
Robin Appelman 0e790dad31 also repair storage id
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-19 14:49:02 +00:00
Robin Appelman de2ad46c3c add command to repair broken filesystem trees
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-19 14:49:01 +00:00
Roeland Jago Douma 95c65f756e Do not allow adding file drop shares to your own cloud
There is no reason for this and you can't create such shares normally
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-19 13:03:04 +00:00
Morris Jobke 804431ec93 Update root.crl due to revoked news.crt
See https://github.com/nextcloud/app-certificate-requests/pull/382

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-04-19 12:13:56 +00:00
Roeland Jago Douma 9b86f5f674
Merge pull request #26603 from nextcloud/dependabot/npm_and_yarn/stable19/ssri-6.0.2
[Security] Bump ssri from 6.0.1 to 6.0.2
2021-04-19 12:43:47 +02:00
Nextcloud bot 69d60cbcaa
[tx-robot] updated from transifex 2021-04-19 02:26:35 +00:00
Nextcloud bot 6b7f09eacb
[tx-robot] updated from transifex 2021-04-18 02:24:37 +00:00
Nextcloud bot e5b67bfdb7
[tx-robot] updated from transifex 2021-04-17 02:24:35 +00:00
dependabot-preview[bot] 42df5ff9d5
[Security] Bump ssri from 6.0.1 to 6.0.2
Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2. **This update includes a security fix.**
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-04-16 22:10:29 +00:00
Nextcloud bot 09a5cb1495
[tx-robot] updated from transifex 2021-04-16 02:26:22 +00:00
Nextcloud bot 46686de607
[tx-robot] updated from transifex 2021-04-15 02:25:40 +00:00
Nextcloud bot f988edd5f7
[tx-robot] updated from transifex 2021-04-14 02:27:20 +00:00
Nextcloud bot cd76cc773d
[tx-robot] updated from transifex 2021-04-13 02:25:25 +00:00