d855c38e07
Moves the logo files to logo
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
a95154642d
Emit event on enablign or disabling of 2FA provider
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +02:00
1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths
...
Dont use find to lookup binaries
2018-10-01 11:47:07 +02:00
259c0ce11d
Add mandatory 2FA service/class
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
d4dec43f8f
Dont use find to lookup binaries
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
c275beeceb
Allow url without / for overwrite.cli.url
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-28 22:32:19 +02:00
9a7265babf
Make authenticated cookies lax
...
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.
It adds a small helper function.
In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-28 16:44:37 +02:00
c9e93b8084
Compile contactmenu handlebars templates
...
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18
Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
f71ffc73db
Remove unused constructor argument
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
0259792614
Reduce settings manager complexity by loading sections via DI
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
...
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
...
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only
...
only catch QueryException when trying to build class
2018-09-25 16:21:55 +02:00
7586b19e52
Only allow 2FA state changs if providers support the operation
...
Ref https://github.com/nextcloud/server/issues/11019 .
Add `twofactorauth:cleanup` command
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude
...
Copy the expiration from 480864b3e3
2018-09-25 09:04:44 +02:00
67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml
...
make the server ready to use global scale with SAML as auth back-end
2018-09-24 12:00:13 +02:00
9d7e51fd56
Use empty instead ?? because dbname is '' sometimes
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:25:48 +02:00
0ee191bf44
Use const for dbname and dbtableprefix defaults
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:15:57 +02:00
a5f0cc6539
--database-name or --database-table-prefix are ignored for sqlite
...
The default implementation of initialize in AbstractDatabase writes
database information to config.php. The method is overwritten in
Sqlite but parent is never called. Database-Name and Database-Table-Prefix
are never written to config.php. But from this point setup use values
from config.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 15:52:28 +02:00
dccbdc8c01
only catch QueryException when trying to build class
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-09-21 18:32:15 +02:00
f258e65f13
Also adjust the expiration of PublicKeyTokenProvider
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:54:27 +02:00
5e6187926f
Copy the expiration from 480864b3e3 to getTokenById
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-19 17:55:48 +02:00
b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix
...
Use user locale as default in the template
2018-09-19 16:06:35 +02:00
3095ec4125
Fix icons cacher regex for compressed output
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 13:06:04 +02:00
90a9a1ecc6
Consider openssl settings from config.php
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 11:51:15 +02:00
bb86a8ca36
add back-end as parameter to the pre-login hook
...
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
3b7ac0c94d
Change visibility to private
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
92fbb6d795
Fallback to $lang if no $locale match
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-13 11:37:40 +02:00
603a578a1c
Change return false to throw new
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
62c03beb1d
Extract logic for webroot into method and add test
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
7d158c62ce
Typehint
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 11:17:03 +02:00
df143cb72a
Use user locale as default in the template
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:42:08 +02:00
c44368b9a3
Merge pull request #11096 from nextcloud/bugfix/11080/set-cookie-null-argument
...
replace setcookie value with '' instead of null.
2018-09-07 19:31:30 +02:00
47b46fa69d
Expire tokens hardening
...
Just to be sure that the field is also not 0
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-07 10:01:31 +02:00
fe21b10de5
replace setcookie value with '' instead of null.
...
The php documentation states that an empty string should be used for a cookie when it has no real value.
null leads to the following error: expects parameter 2 to be string, null given
Signed-off-by: Martin Böh <mart.b@outlook.de>
2018-09-06 20:34:16 +02:00
b4b095ca91
Fix @since version on new API
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
ff58732c0d
Add breadcrumb support to crash reporters
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
adbeb74dc1
Merge pull request #11046 from nextcloud/feature/10725/applogger
...
Add wrapper Logger in DIContainer
2018-09-04 12:15:43 +02:00
9319d557a4
Add wrapper Logger in DIContainer
...
This makes sure that for example app for the context is always set.
We can in the future extend this to include more info.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 10:05:25 +02:00
8354c50911
Deprecate the childSrc functions
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
c8fe4b4fc8
Add workerSrc to CSP
...
Fixes #11035
Since the child-src directive is deprecated (we should kill it at some
point) we need to have the proper worker-src available
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
fb98db7da7
Fix handlng of concurrent inserts of the 2FA provider registry DAO
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-31 11:46:27 +02:00
625c81bd11
Merge pull request #10906 from nextcloud/request-params-array
...
ensure we always return an array from `Request::getParams`
2018-08-30 21:07:49 +02:00
e8938df198
Move SCSS variable fetching before the variables.scss to properly calculate color values
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-08-29 16:47:39 +02:00
c0a283fefb
ensure we always return an array from `Request::getParams`
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-28 18:11:42 +02:00
c6b1c21b8f
Merge pull request #10854 from nextcloud/fix-10764
...
Allow same section class for multiple section types (fix #10764 )
2018-08-28 17:50:20 +02:00
61370549f3
Allow same section class for multiple section types ( fix #10764 )
...
Signed-off-by: Klaus Herberth <klaus@jsxc.org>
2018-08-25 17:32:19 +02:00
ac932309a2
Merge pull request #10827 from steiny2k/HEICHEIF
...
HEIC previews as JPG rather than PNGs to save space.
2018-08-24 21:49:33 +02:00
4758942121
Fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-24 21:27:21 +02:00
48f5cbe439
Merge pull request #10841 from nextcloud/load-app-catch-exceptions
...
also catch exceptions when loading apps
2018-08-24 19:29:47 +02:00
be9ab8b879
also catch exceptions when loading apps
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-24 17:16:54 +02:00
e8817ed3ea
Merge pull request #10724 from nextcloud/large-share-count-performance
...
Improve performance when dealing with large numbers of shares
2018-08-24 17:10:17 +02:00
ed15a6f2a2
HEIC previews as JPG rather than PNGs to save space.
...
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-24 08:58:28 +02:00
ad5093b7a6
Show link to simple sign up page
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-23 14:41:19 +02:00
bb2336f389
Merge pull request #10526 from steiny2k/HEICHEIF
...
Support HEIC for previews
2018-08-22 13:41:19 +02:00
024a70a188
Fix loading providers of 2FA app with more than one provider
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-21 22:53:38 +02:00
20839a422b
Refactor some code
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-21 09:51:05 +02:00
2bab916c53
Adds license to files. Updates the branch.
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 20:46:23 +02:00
c164409ee7
Adds a memory limit warning for console commands if the limit is below the recommended value
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
c2fced4463
Adds a setup check for the memory limit
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
4b92a0986c
Merge pull request #10712 from nextcloud/fix/noid/check_if_provider_is_available_before_use
...
Check if a preview provider is available before using it
2018-08-20 13:21:16 +02:00
5b103744c8
Check if a preview provider is available before using it
...
Else if a preview provider is registerd but not available (for example
missing support in some external lib). It will do 💥 . This way the
providers can at least do the sanity checks required.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-17 20:51:35 +02:00
5a996b5f87
Address comments from @rullzer:
...
- implement isAvailable
- run tests only if ImageMagick with HEIC support is available in the
environment
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-17 18:37:23 +02:00
325e8bea16
add deck and mail to the groupware bundle, remove talk
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-17 13:27:48 +02:00
4c0cbdff36
tokens can't be valid local user names
...
this saves searching for shares on non-public link dav requests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 21:27:57 +02:00
c300516e51
more efficient way to detect added and removed mounts
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 19:56:49 +02:00
f7ae235372
cache OC\Files\Mount\Manager::findIn results
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 19:02:00 +02:00
f8116ad4cf
use more efficient method to find mountpoint for path
...
this changes the complexity from the number of mounts to the depth of
the path
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 18:55:52 +02:00
95981810c0
remove double loop for detecting changed mounts
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 18:24:56 +02:00
ac4735a4f2
Update the scope of the lockdownmanager
...
We have the token anyway. So better the scope as well.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-14 09:45:52 +02:00
8601bbc35d
Merge pull request #10621 from nextcloud/feature/noid/add-tos-to-enterprise-bundle
...
Add the ToS app to the enterprise bundle
2018-08-13 15:47:15 +02:00
bfa49410a2
Drop support for xcache
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-12 17:14:08 +02:00
6973b82e20
Develop HEIC/HEIF preview support #7406
...
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-11 00:13:43 +02:00
7aad5b7721
Merge pull request #10543 from nextcloud/ignore-deactivated-users
...
Do not show deactivated users in sharees and contacts
2018-08-10 15:01:14 +02:00
d2b9b78c70
Merge pull request #10636 from nextcloud/fix/2fa-enforced-backup-codes
...
Fix 2FA being enforced if only backup codes provider is active
2018-08-10 11:06:40 +02:00
a080c425cd
Merge pull request #10618 from nextcloud/mimetype-insert-if-not-exists
...
use insertIfNotExists to store new mimetypes.
2018-08-10 10:31:55 +02:00
1124b87bc0
Fix 2FA being enforced if only backup codes provider is active
...
Fixes https://github.com/nextcloud/server/issues/10634 .
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-10 09:26:40 +02:00
8c1e75e052
Do not use file as template parameter
...
Using file will overwrite the $file parameter in the template base.
Leading to trying to include a file that is the exception message. Which
will of course fail.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-09 16:45:25 +02:00
e1d3965883
Add the ToS app to the enterprise bundle
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-09 16:12:48 +02:00
5e9d6b1585
use insertIfNotExists to store new mimetypes.
...
Also throw an error if we can't find the mimetype after insert
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-09 15:20:55 +02:00
8db66d5dfb
Fix double-inserts of the same provider state
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 13:56:04 +02:00
0757c52980
Merge pull request #10588 from nextcloud/fix/single-2fa-provider-login-redirect
...
Fix login redirection if only one 2FA provider is active
2018-08-09 12:27:29 +02:00
6aa6d2186c
Merge pull request #10255 from nextcloud/add-support-for-room-shares
...
Add support for room shares
2018-08-09 10:44:11 +02:00
201cbf2d33
Fix app code checker to ignore `build` directory
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 06:44:52 +02:00
d8197f2b97
Rename providerset method to get primary providers
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 20:28:21 +02:00
11e99859ef
Merge pull request #10397 from nextcloud/encryption-s3-fix
...
make file cache updates more robust
2018-08-08 18:27:18 +02:00
c6e47e8a51
Fix login redirection if only one 2FA provider is active
...
Fixes https://github.com/nextcloud/server/issues/10500 .
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 15:25:59 +02:00
4b7fa4ac2e
Add support for tokens in room shares
...
Tokens will be used to give access to a share to guests in public rooms.
Although the token itself is created in the provider of room shares and
no changes are needed for that, due to the code structure it is
necessary to explicitly call the provider from the manager when getting
a room share by token.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:44 +02:00
d9458b303a
Add support for room shares to the share manager
...
Room shares are implemented in an external app (Nextcloud Talk), so in
order to keep the share manager as isolated as possible from room share
specifics all the validity checks are done in the provider of room
shares. However, due to the code structure it is necessary to explicitly
check for room shares in "generalCreateChecks" to prevent an exception
from being thrown.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
4ee839d69c
Add provider for room shares
...
The RoomShareProvider is provided by the Talk app, so it is necessary to
check whether the app is available or not, and also whether the class
itself exists or not (just in case an older version of the app that did
not have support yet for room shares is being used).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
857bb45366
Add comment with IDs of internal share types
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
7292a986a0
Add type for room shares
...
This type represents shares with a Nextcloud Talk conversation.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00
6b1ba9cdaf
Merge pull request #10553 from nextcloud/bugfix/10518/disable-oracle-enforcement-for-now
...
Disable Oracle enforcement for now until the following issues are sol…
2018-08-08 14:10:18 +02:00
e7e30ac25f
Merge pull request #10586 from nextcloud/fix/noid/check_if_ua_is_set
...
Check if HTTP_USER_AGENT is set before using it
2018-08-08 13:59:31 +02:00
c74a5250e5
Check if HTTP_USER_AGENT is set before using it
...
Sentry reported some errors regarding this. Apparently not everybody
sets a user agent. If it is not set we assume this is not IE ;)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-08 13:32:03 +02:00
d248a0bd1e
Fix 2FA provider registry population on login
...
If the 2FA provider registry has not been populated yet, we have to make
sure all available providers are loaded and queried on login. Otherwise
previously active 2FA providers aren't detected as enabled.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 06:57:52 +02:00
70dab08dc8
Merge pull request #10569 from nextcloud/custom-avatar-userconfig
...
get avatar custom status from user config
2018-08-07 20:44:40 +02:00
ec8ab83ea5
get avatar custom status from user config
...
this saves a cache operation because the user config is already cached
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-07 14:55:33 +02:00
7e6fa90fa1
Icons cacher css url fix
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-08-07 10:18:46 +02:00
f5c63d7a6e
Disable Oracle enforcement for now until the following issues are solved:
...
* Only apps should be checked which say they support oracle
* Only check newly added items, to allow forward migration from an existing database structure
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-06 17:34:40 +02:00
Michael Weimann
Roeland Jago Douma
Morris Jobke
Christoph Wurst
Daniel Kesselberg
blizzz
Roeland Jago Douma
Robin Appelman
Joas Schilling
Joas Schilling
John Molakvoæ (skjnldsv)
Bjoern Schiessle
MartB
Julius Härtl
sualko
Sebastian Steinmetz
Sebastian Steinmetz
Daniel Calviño Sánchez