Thomas Müller
b594aa18ee
Merge pull request #22110 from owncloud/comment-types-always-plural
...
types shall always be plural
2016-02-04 10:55:49 +01:00
Arthur Schiwon
9370491822
types shall always be plural
2016-02-03 19:28:15 +01:00
Vincent Chan
cc17ac9ff9
move whitspace check to user manager
2016-02-03 14:09:15 +01:00
Arthur Schiwon
01cdc70f9c
introduce comments read marke tables, comes with user cleanup after deletion
2016-01-29 13:08:02 +01:00
Thomas Müller
f165ad8864
Changing the avatar of the user emits the changeUser event which triggers update of the system addressbook
2016-01-25 20:05:11 +01:00
Thomas Müller
adf532fe4e
Merge pull request #21806 from owncloud/mdusher-master
...
[jenkins] Added ' to characters allowed in the username
2016-01-25 10:01:43 +01:00
Thomas Müller
51b50bd260
Emit OC\User::changeUser on change of display name
2016-01-20 14:57:20 +01:00
Thomas Müller
aeb89947a2
Introduce IUser::setEMailAddress and add hook mechanism
2016-01-20 14:57:20 +01:00
Morris Jobke
7b54bf26ea
fix error message and comment
2016-01-20 14:21:54 +01:00
Michael U
dbfa143e2d
Added ' to characters allowed in the username
2016-01-20 14:11:27 +01:00
Jörn Friedrich Dreyer
64043e9bcc
move methods to correct interface, deprecate private interface
2016-01-14 14:28:03 +01:00
Thomas Müller
682821c71e
Happy new year!
2016-01-12 15:02:18 +01:00
Roeland Jago Douma
876fb83ddc
getMediumStrengthGenerator is deprecated and does not do anything anymore
2016-01-11 20:06:30 +01:00
Morris Jobke
3917d888bd
Remove OC_DB::isError
2016-01-07 14:54:55 +01:00
Lukas Reschke
fec41e7539
Move regeneration of session ID into session classes
...
There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
2016-01-04 15:09:01 +01:00
Arthur Schiwon
e3dbc3d40c
different strategy in cleaning up after user was deleted
...
we do not listen to deletion hooks anymore, because there is no guarantee that they
will be heard - requires that something fetches the CommentsManager first.
Instead, in the user deletion routine the clean up method will be called directly. Same way
as it happens for files, group memberships, config values.
2015-12-09 14:34:23 +01:00
Morris Jobke
c60c793cf2
More cleanups of OC_Config usage
2015-12-03 16:41:23 +01:00
Thomas Müller
eebe2b9c23
User IUser::getEMailAddress() all over the place
2015-12-02 21:25:05 +01:00
Thomas Müller
28ceab2f61
Fix endless recursion
2015-12-02 14:44:41 +01:00
Thomas Müller
4c695e63c0
Fix comments
2015-12-02 09:20:58 +01:00
Thomas Müller
0391cc0451
Fix getCloudId
2015-12-02 09:14:41 +01:00
Thomas Müller
6abc02cb88
Proposal: add enumeration function to IUserManager which simply calls a callbask for each user in all backends
2015-12-02 09:14:41 +01:00
Thomas Müller
df6fc6cc70
Add the user's cloud id to the vCard
2015-12-02 09:14:41 +01:00
Thomas Müller
dad6470baa
Add IUser::getAvatarImage() for easy access
2015-12-02 09:14:41 +01:00
Thomas Müller
b799e42b4e
Introduce \OCP\IUser::getEMailAddress()
2015-11-25 22:23:34 +01:00
Joas Schilling
13dd62f7b0
Make sure that remote shares use the correct uid casing
2015-10-06 15:16:19 +02:00
Morris Jobke
b945d71384
update licence headers via script
2015-10-05 21:15:52 +02:00
Lukas Reschke
36ce254ffd
Move dummy backend to Tests namespace
2015-09-22 11:01:11 +02:00
Lukas Reschke
3d2ee95f1e
Remove last occurence of `forcessl`
...
This shoudl have been adjusted as well, now it's consistent with `setMagicInCookie`. While it does not have a security impact directly some automated scanners reported this all the time.
2015-08-26 14:29:36 +02:00
RealRancor
e62c375749
Fixed "Remote IP:" syntax on failed logins
2015-07-09 10:04:51 +02:00
Thomas Müller
d3ac73c0c9
Remove OC_Log
2015-07-03 18:00:16 +02:00
Lukas Reschke
a793b98fd0
Fix indentation
2015-06-27 20:37:07 +02:00
Lukas Reschke
af01958f3e
Add missing annotations for parameters
2015-06-27 20:35:47 +02:00
Morris Jobke
f63915d0c8
update license headers and authors
2015-06-25 14:13:49 +02:00
Robin Appelman
0497534a6e
more type hints
2015-06-02 14:07:55 +02:00
Joas Schilling
8efc8c0a96
Reduce the complexity of the search queries in the backends to a minimum
2015-05-18 16:39:21 +02:00
Morris Jobke
e837927ad5
fix followup issues with unneeded parameters
2015-04-18 17:02:39 +02:00
Jörn Friedrich Dreyer
b069f33a72
throw exception when backends don't provide a user instead of creating legacy local storages
2015-04-10 09:12:37 +02:00
Jenkins for ownCloud
b585d87d9d
Update license headers
2015-03-26 11:44:36 +01:00
Lukas Reschke
e77d2ff2b4
Remove outdated comment
2015-03-13 16:19:52 +01:00
Lukas Reschke
bf9030e874
Drop example user backend
...
We already provide an interface for application developers, this file is outdated and thus should get removed.
Addresses No. 3 from https://github.com/owncloud/core/issues/14847
2015-03-13 16:12:32 +01:00
Morris Jobke
0d9f149dd9
Merge pull request #14867 from owncloud/drop-OC_User_HTTP
...
Remove OC_User_HTTP
2015-03-13 15:53:22 +01:00
Lukas Reschke
38fec9b095
Can also be null
...
If the user does not exist this returns null and can lead to nasty bugs since the IDE is not indicating this...
2015-03-13 14:01:24 +01:00
Lukas Reschke
93a303970f
Remove OC_User_HTTP
...
Addresses No. 1 from https://github.com/owncloud/core/issues/14847
2015-03-13 12:26:33 +01:00
Lukas Reschke
bbd5f28415
Let users configure security headers in their Webserver
...
Doing this in the PHP code is not the right approach for multiple reasons:
1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.
This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Morris Jobke
06aef4e8b1
Revert "Updating license headers"
...
This reverts commit 6a1a4880f0
.
2015-02-26 11:37:37 +01:00
Robin McCorkell
695f43a1ed
Merge pull request #10735 from owncloud/use_remote_addr
...
Use getRemoteAddress which supports reverse proxies
2015-02-25 13:24:39 +00:00
Lukas Reschke
276824299c
Merge pull request #13340 from owncloud/use-http-only
...
Use "HTTPOnly" for cookies when logging out
2015-02-24 13:50:49 +01:00
Lukas Reschke
165afb004b
Use getRemoteAddress which supports reverse proxies
...
Breaking change for 8.1 wiki (Security > Administrators):
The log format for failed logins has changed and uses now the remote address and is considering reverse proxies for such scenarios when configured correctly.
2015-02-24 11:49:40 +01:00
Jenkins for ownCloud
6a1a4880f0
Updating license headers
2015-02-23 12:13:59 +01:00