Commit Graph

16215 Commits

Author SHA1 Message Date
Joas Schilling 909745acfd
Fix default types of activity event member variables
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-15 11:45:17 +02:00
Christoph Wurst 83e994c11f
Make it possible to enforce mandatory 2FA for groups
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +02:00
Roeland Jago Douma 5b61ef9213
Disallow unsafe-eval by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
Joas Schilling 16817f3743
Make activity events strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-12 12:12:12 +02:00
Roeland Jago Douma 51e96dc3f6
Normalize getUnjailedPath
Fixes #11637

If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:43:48 +02:00
Roeland Jago Douma f675698551
Allow php7.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 11:20:48 +02:00
Roeland Jago Douma 2a690db553
Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings
Add admin interface to enforce 2FA
2018-10-10 20:40:30 +02:00
Bjoern Schiessle fd5fc24da2
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:07:01 +02:00
Morris Jobke 0acae1d4aa
Merge pull request #11719 from nextcloud/techdebt/noid/allow-to-mock-new-datetime
Allow to inject/mock `new \DateTime()` similar to time()
2018-10-10 14:54:15 +02:00
Christoph Wurst 67c3730fbb
Add admin interface to enforce 2FA
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-10 14:34:52 +02:00
Roeland Jago Douma d5bf2c4523
Move normalizePath to regexes instead of looping
This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.

The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 13:23:59 +02:00
Nextcloud bot 7c26bbbd82
[tx-robot] updated from transifex 2018-10-10 00:13:11 +00:00
Roeland Jago Douma a9f4817b65
Merge pull request #11622 from nextcloud/feature/11617
Add function to generate urls for OCS routes
2018-10-09 20:50:37 +02:00
Bjoern Schiessle 9e76d4049a
adjust tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:31:33 +02:00
Bjoern Schiessle 3fa13e791e
always query the lookup server in a global scale setup and have a nicer label
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 17:47:29 +02:00
Roeland Jago Douma c97b4274cc
Add function to generate urls for OCS routes
fixes #11617

The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:41:50 +02:00
Joas Schilling 840dd4b39c
Allow to inject/mock `new \DateTime()` similar to time()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 15:38:31 +02:00
Roeland Jago Douma 7370fb37bb
fixup! Add backgroundjobs to OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:10:38 +02:00
Joas Schilling ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 14:32:14 +02:00
Roeland Jago Douma 2dbbc37852
Bump autolaoders
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:51:08 +02:00
Roeland Jago Douma ba95495857
Add backgroundjobs to OCP
This adds abstract classes to base background jobs on.
Right now almost all uses of this use the private namespace.

For most usages it will be enough to just extend the the abstract
classes QueuedJob or TimedJob.

It should be a straight forward drop in replacement.

The private jobs can then be killed off after a few releases. So we have
a nice public API.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 12:36:43 +02:00
Morris Jobke ea411ccec4
Merge pull request #11677 from nextcloud/feature/appdata_previews
Allow the creationg of previews of files stored in appdata
2018-10-09 11:47:14 +02:00
Morris Jobke 8e1c26b509
Merge pull request #11686 from nextcloud/deprecation/noid/ocp_util_recursiveArraySearch
Deprecate unused OCP\Util::recursiveArraySearch
2018-10-09 09:43:11 +02:00
Roeland Jago Douma ade61d8b43
Allow the creationg of previews of files stored in appdata
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-08 19:37:45 +02:00
Morris Jobke c4b1e1277b
Deprecate unused OCP\Util::recursiveArraySearch
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:33:09 +02:00
Morris Jobke db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:29:52 +02:00
Morris Jobke fe2a600823
Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation
adjust Calendar resource / room interfaces to use class implementation
2018-10-08 17:00:50 +02:00
Morris Jobke bae3ba3b25
Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section
Rename admin security section
2018-10-08 13:57:38 +02:00
Christoph Wurst f29189f200
Rename admin security settings template
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:45:28 +02:00
Morris Jobke 7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors
Switches the default logo color depending on the primary color
2018-10-08 10:33:22 +02:00
Christoph Wurst 5d2fdfe0b5
Rename admin security section
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:31:51 +02:00
Georg Ehrke 970242b6ca
RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:50:17 +02:00
Georg Ehrke 1c6f666bbf
adjust Calendar resource / room interfaces to use class implementation
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:25:20 +02:00
Roeland Jago Douma 60a34179c9
Remove deprecated publishActivity function
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-05 12:55:45 +02:00
Patrik Kernstock c73363c3ab Fixed indents
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:20:45 +02:00
Patrik Kernstock d9469a6b72 Add occ app:remove CLI command
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-10-05 03:08:03 +02:00
Morris Jobke e0ed64366c
Merge pull request #11613 from nextcloud/add-missing-throw-statement
add missing throw statement to doc block
2018-10-04 16:28:08 +02:00
Bjoern Schiessle 1d4a80f37d
add missing throw statement to doc block
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-04 15:23:07 +02:00
Roeland Jago Douma 0630360835
Merge pull request #11604 from nextcloud/remove-unused-code
Remove unused code in legacy classes
2018-10-04 08:07:32 +02:00
Morris Jobke ac330077d8
Merge pull request #11576 from nextcloud/feature/endpoint_for_clients_to_fetch_apppassword
Allow clients to request an apppassword if they still use the real password
2018-10-03 22:26:26 +02:00
Morris Jobke cdb3ffb293
Remove unused code in legacy classes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-03 22:07:51 +02:00
Roeland Jago Douma 78273cb1e6
Add an endppoint for clients to request an app password
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 19:05:20 +02:00
Nextcloud bot 67d04f2d57
[tx-robot] updated from transifex 2018-10-03 16:58:45 +00:00
Morris Jobke 213d43f043
Merge pull request #11568 from nextcloud/fix/11097/just_update_password_hash
Just update password hash without validating
2018-10-03 12:08:49 +02:00
Roeland Jago Douma f9e201adfe
Merge pull request #11409 from nextcloud/feature/consolidated-2fa-settings
Consolidate personal two-factor provider settings
2018-10-03 09:56:21 +02:00
Roeland Jago Douma 0c9a3de68f
Just update password hash without validating
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 00:37:20 +02:00
Christoph Wurst daa897100e Update autoloader class map
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 23:41:33 +02:00
Morris Jobke 8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work
Allow overwrite.cli.url without trailing slash
2018-10-02 23:39:30 +02:00
Morris Jobke e45248c17a
Merge pull request #10967 from nextcloud/zipresponse
Add zip response
2018-10-02 23:34:30 +02:00
Christoph Wurst 79a0ee4f4a
Consolidate personal two-factor provider settings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 22:56:33 +02:00
Morris Jobke bcbffdb644
Add PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-02 22:35:31 +02:00
Daniel Kesselberg a4eb3ee508
Validate email in occ command
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Daniel Kesselberg 13877c2d20
Use setUserValue instead setEMailAddress because latter omits an changeUser events.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Daniel Kesselberg 6c805ec9ba
Add --admin-email to cli installer
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-02 22:24:30 +02:00
Morris Jobke 6b730b4c47
Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3
Apptoken v3: imrpove token handling on external password change
2018-10-02 21:45:10 +02:00
Morris Jobke 19d552e00b
Merge pull request #11336 from nextcloud/bugfix/3342/database-name-prefix-sqlite
Allow --database-name and --database-table-prefix for sqlite from occ
2018-10-02 21:44:03 +02:00
Roeland Jago Douma 19f84f7b54
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma d9febae5b2
Update all the publickey tokens if needed on web login
* On weblogin check if we have invalid public key tokens
* If so update them all with the new token

This ensures that your marked as invalid tokens work again if you once
login on the web.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma 00e99af586
Mark token as invalid if the password doesn't match
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
Roeland Jago Douma efef053960
Add column to DB to store expired passwords
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
Roland Tapken d17856a1e9
Make logfile's mode configurable.
The file logger currently resets the mode of the logfile to 0640.

When the webserver is running as a different user than the cron job
(but both are in the same group) the files mode has to be 0660. The
current implementation breaks logging for the user that is not the
owner of the logfile.

This patch introduces a new config option 'logfilemode' that expects
an octal value (defaults to 0640). Unless the value is lower or equal
than 0 the logfiles mode will be resetted to this value.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-10-02 18:27:06 +02:00
Christoph Wurst d01905200a
Merge pull request #11433 from nextcloud/feature/all_lax_cookies2
Make authenticated cookies lax
2018-10-02 10:28:05 +02:00
Michael Weimann d855c38e07
Moves the logo files to logo
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
Roeland Jago Douma 7d9052d4b9
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:17:27 +02:00
Roeland Jago Douma a891f42a5d
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:16:28 +02:00
Roeland Jago Douma dc6ff14ca0
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:14:18 +02:00
Jakob Sack a9fa220e68
Add fix response
implements #7589
2018-10-02 08:13:39 +02:00
Christoph Wurst 3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:28 +02:00
Christoph Wurst 40fdff5b80
Add QBMapper::insertOrUpdate()
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:27 +02:00
Nextcloud bot 77c6e41063
[tx-robot] updated from transifex 2018-10-02 00:12:55 +00:00
Christoph Wurst 45cf2eef56 Let 2FA providers provide their custom icons (dark/light)
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-01 21:02:49 +02:00
Roeland Jago Douma a95154642d
Emit event on enablign or disabling of 2FA provider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:24 +02:00
Morris Jobke 1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths
Dont use find to lookup binaries
2018-10-01 11:47:07 +02:00
Christoph Wurst 259c0ce11d
Add mandatory 2FA service/class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
Daniel Kesselberg d4dec43f8f
Dont use find to lookup binaries
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-29 20:25:19 +02:00
Daniel Kesselberg c275beeceb
Allow url without / for overwrite.cli.url
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-28 22:32:19 +02:00
Roeland Jago Douma 9a7265babf
Make authenticated cookies lax
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.

It adds a small helper function.

In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-28 16:44:37 +02:00
Nextcloud bot db50e11edf
[tx-robot] updated from transifex 2018-09-28 11:14:08 +00:00
Roeland Jago Douma c9e93b8084
Compile contactmenu handlebars templates
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18

Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:33:58 +02:00
Christoph Wurst f71ffc73db
Remove unused constructor argument
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Christoph Wurst 0259792614
Reduce settings manager complexity by loading sections via DI
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Nextcloud bot 2ace0df82a
[tx-robot] updated from transifex 2018-09-27 00:12:26 +00:00
blizzz ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
Nextcloud bot 2f45045c96
[tx-robot] updated from transifex 2018-09-26 00:12:23 +00:00
Morris Jobke ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
Roeland Jago Douma b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only
only catch QueryException when trying to build class
2018-09-25 16:21:55 +02:00
Christoph Wurst 7586b19e52
Only allow 2FA state changs if providers support the operation
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
Roeland Jago Douma 92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude
Copy the expiration from 480864b3e3 to …
2018-09-25 09:04:44 +02:00
Nextcloud bot bdb01064e2
[tx-robot] updated from transifex 2018-09-25 00:12:07 +00:00
blizzz 67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml
make the server ready to use global scale with SAML as auth back-end
2018-09-24 12:00:13 +02:00
Nextcloud bot 895bccd246
[tx-robot] updated from transifex 2018-09-24 00:12:14 +00:00
Daniel Kesselberg 9d7e51fd56
Use empty instead ?? because dbname is '' sometimes
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:25:48 +02:00
Daniel Kesselberg 0ee191bf44
Use const for dbname and dbtableprefix defaults
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 18:15:57 +02:00
Daniel Kesselberg a5f0cc6539
--database-name or --database-table-prefix are ignored for sqlite
The default implementation of initialize in AbstractDatabase writes
database information to config.php. The method is overwritten in
Sqlite but parent is never called. Database-Name and Database-Table-Prefix
are never written to config.php. But from this point setup use values
from config.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 15:52:28 +02:00
Nextcloud bot cce9f25d86
[tx-robot] updated from transifex 2018-09-23 00:12:30 +00:00
Nextcloud bot bd89af478e
[tx-robot] updated from transifex 2018-09-22 00:12:06 +00:00
Robin Appelman dccbdc8c01
only catch QueryException when trying to build class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-09-21 18:32:15 +02:00
Nextcloud bot 0211e17e3f
[tx-robot] updated from transifex 2018-09-21 00:12:08 +00:00
Joas Schilling f258e65f13
Also adjust the expiration of PublicKeyTokenProvider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:54:27 +02:00
blizzz 30dbbfbd45
Merge pull request #11292 from nextcloud/revert/9442/do-not-apcu-cache-the-autoloader
Revert "Use APCu caching of composer"
2018-09-19 19:39:00 +02:00
Joas Schilling 5e6187926f
Copy the expiration from 480864b3e3 to getTokenById
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-19 17:55:48 +02:00
Joas Schilling b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix
Use user locale as default in the template
2018-09-19 16:06:35 +02:00
John Molakvoæ (skjnldsv) 1e9ab0a367
Fix since tag
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:02:09 +02:00
Joas Schilling 40d185e928
Revert "Use APCu caching of composer"
This reverts commit 948ab8a4d0.

For details why see https://github.com/nextcloud/server/issues/11290
2018-09-19 15:47:01 +02:00
John Molakvoæ (skjnldsv) 3095ec4125 Fix icons cacher regex for compressed output
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 13:06:04 +02:00
Nextcloud bot 2a51572cc4
[tx-robot] updated from transifex 2018-09-17 00:12:30 +00:00
Daniel Kesselberg 90a9a1ecc6
Consider openssl settings from config.php
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 11:51:15 +02:00
Nextcloud bot 40bb45225a
[tx-robot] updated from transifex 2018-09-16 00:12:29 +00:00
Nextcloud bot 3771aeb584
[tx-robot] updated from transifex 2018-09-15 00:12:09 +00:00
Bjoern Schiessle bb86a8ca36
add back-end as parameter to the pre-login hook
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-14 17:23:06 +02:00
Nextcloud bot 6112adfe06
[tx-robot] updated from transifex 2018-09-14 00:12:27 +00:00
Daniel Kesselberg 3b7ac0c94d
Change visibility to private
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
John Molakvoæ (skjnldsv) 92fbb6d795
Fallback to $lang if no $locale match
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-13 11:37:40 +02:00
Nextcloud bot 10351cb9da
[tx-robot] updated from transifex 2018-09-13 00:12:08 +00:00
blizzz f424fa706a
Merge pull request #11139 from nextcloud/feature/2fa-provider-activatable-deactivatable
[Mandatory 2FA] Add public interfaces for activable/deactivable 2FA providers
2018-09-11 16:36:49 +02:00
Nextcloud bot a94dc760e8
[tx-robot] updated from transifex 2018-09-11 00:12:22 +00:00
Daniel Kesselberg 603a578a1c
Change return false to throw new
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
Daniel Kesselberg 62c03beb1d
Extract logic for webroot into method and add test
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
Christoph Wurst 30c6130893
Add public interfaces for activable/deactivable 2FA providers
Fixes https://github.com/nextcloud/server/issues/11018.
Required for https://github.com/nextcloud/server/issues/11019.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-10 16:47:47 +02:00
John Molakvoæ (skjnldsv) 7d158c62ce
Typehint
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 11:17:03 +02:00
John Molakvoæ (skjnldsv) 01f2fef1f5
Since requirement
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:48:53 +02:00
John Molakvoæ (skjnldsv) 081dcc55ca
Fix public l10n
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:45:18 +02:00
John Molakvoæ (skjnldsv) df143cb72a
Use user locale as default in the template
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-10 10:42:08 +02:00
Joas Schilling 1fb84efedb
Fix exception class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-10 10:03:42 +02:00
Nextcloud bot 3653a2c889
[tx-robot] updated from transifex 2018-09-08 00:12:33 +00:00
Roeland Jago Douma c44368b9a3
Merge pull request #11096 from nextcloud/bugfix/11080/set-cookie-null-argument
replace setcookie value with '' instead of null.
2018-09-07 19:31:30 +02:00
Roeland Jago Douma 47b46fa69d
Expire tokens hardening
Just to be sure that the field is also not 0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-07 10:01:31 +02:00
MartB fe21b10de5 replace setcookie value with '' instead of null.
The php documentation states that an empty string should be used for a cookie when it has no real value.
null leads to the following error: expects parameter 2 to be string, null given

Signed-off-by: Martin Böh <mart.b@outlook.de>
2018-09-06 20:34:16 +02:00
Roeland Jago Douma 764c912294
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-05 21:00:53 +02:00
Christoph Wurst b4b095ca91
Fix @since version on new API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
Christoph Wurst ff58732c0d
Add breadcrumb support to crash reporters
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
Roeland Jago Douma adbeb74dc1
Merge pull request #11046 from nextcloud/feature/10725/applogger
Add wrapper Logger in DIContainer
2018-09-04 12:15:43 +02:00
Roeland Jago Douma 9319d557a4
Add wrapper Logger in DIContainer
This makes sure that for example app for the context is always set.
We can in the future extend this to include more info.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 10:05:25 +02:00
Christoph Wurst 54b1f4df3e
Merge pull request #11044 from nextcloud/td/8.2.0-public-util
Remove deprecated methods from OCP\Util
2018-09-04 09:51:33 +02:00
Roeland Jago Douma 4f02b307b0
Remove deprecated methods from OCP\Util
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 08:43:07 +02:00
Roeland Jago Douma 8354c50911
Deprecate the childSrc functions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
Roeland Jago Douma c8fe4b4fc8
Add workerSrc to CSP
Fixes #11035

Since the child-src directive is deprecated (we should kill it at some
point) we need to have the proper worker-src available

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
Nextcloud bot 021dad53be
[tx-robot] updated from transifex 2018-09-01 00:12:17 +00:00
Christoph Wurst fb98db7da7
Fix handlng of concurrent inserts of the 2FA provider registry DAO
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-31 11:46:27 +02:00
Roeland Jago Douma 625c81bd11
Merge pull request #10906 from nextcloud/request-params-array
ensure we always return an array from `Request::getParams`
2018-08-30 21:07:49 +02:00
Julius Härtl e8938df198
Move SCSS variable fetching before the variables.scss to properly calculate color values
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-08-29 16:47:39 +02:00
Robin Appelman c0a283fefb
ensure we always return an array from `Request::getParams`
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-28 18:11:42 +02:00
Morris Jobke c6b1c21b8f
Merge pull request #10854 from nextcloud/fix-10764
Allow same section class for multiple section types (fix #10764)
2018-08-28 17:50:20 +02:00
sualko 61370549f3 Allow same section class for multiple section types (fix #10764)
Signed-off-by: Klaus Herberth <klaus@jsxc.org>
2018-08-25 17:32:19 +02:00
Nextcloud bot d644cafae7
[tx-robot] updated from transifex 2018-08-25 00:12:33 +00:00
Roeland Jago Douma ac932309a2
Merge pull request #10827 from steiny2k/HEICHEIF
HEIC previews as JPG rather than PNGs to save space.
2018-08-24 21:49:33 +02:00
Roeland Jago Douma 4758942121
Fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-24 21:27:21 +02:00
Morris Jobke 48f5cbe439
Merge pull request #10841 from nextcloud/load-app-catch-exceptions
also catch exceptions when loading apps
2018-08-24 19:29:47 +02:00
Robin Appelman be9ab8b879
also catch exceptions when loading apps
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-24 17:16:54 +02:00
Morris Jobke e8817ed3ea
Merge pull request #10724 from nextcloud/large-share-count-performance
Improve performance when dealing with large numbers of shares
2018-08-24 17:10:17 +02:00
Denis Mosolov a0b84bc0fc
Merge pull request #10334 from denismosolov/group-add
Add options to create/remove groups via occ
2018-08-24 13:46:16 +03:00
Sebastian Steinmetz ed15a6f2a2 HEIC previews as JPG rather than PNGs to save space.
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-24 08:58:28 +02:00
Morris Jobke ad5093b7a6
Show link to simple sign up page
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-23 14:41:19 +02:00
Morris Jobke bb2336f389
Merge pull request #10526 from steiny2k/HEICHEIF
Support HEIC for previews
2018-08-22 13:41:19 +02:00
Morris Jobke e27817aeda
Merge pull request #10789 from nextcloud/fix/2fa-app-multiple-providers
Fix loading providers of 2FA app with more than one provider
2018-08-22 10:50:22 +02:00
Nextcloud bot 65410ab1cb
[tx-robot] updated from transifex 2018-08-22 00:12:11 +00:00
Christoph Wurst 024a70a188
Fix loading providers of 2FA app with more than one provider
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-21 22:53:38 +02:00
Morris Jobke 383699398f
Merge pull request #10539 from nextcloud/feature-8642-memory-check
Adds a setup and cli check for the recommended memory limit
2018-08-21 09:51:33 +02:00
Morris Jobke 20839a422b
Refactor some code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-21 09:51:05 +02:00
Morris Jobke 6ad0ba0448
Merge pull request #10710 from nextcloud/fix/iusermanager-createuser-typo
Fix typo in IUserManager::createUser doc
2018-08-21 08:13:54 +02:00
Nextcloud bot be3438ca97
[tx-robot] updated from transifex 2018-08-21 00:12:16 +00:00
Michael Weimann 2bab916c53
Adds license to files. Updates the branch.
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 20:46:23 +02:00
Roeland Jago Douma ce1e213760
Bump autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-20 15:25:07 +02:00
Michael Weimann c164409ee7
Adds a memory limit warning for console commands if the limit is below the recommended value
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
Michael Weimann c2fced4463
Adds a setup check for the memory limit
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
blizzz 4b92a0986c
Merge pull request #10712 from nextcloud/fix/noid/check_if_provider_is_available_before_use
Check if a preview provider is available before using it
2018-08-20 13:21:16 +02:00
Roeland Jago Douma 5b103744c8
Check if a preview provider is available before using it
Else if a preview provider is registerd but not available (for example
missing support in some external lib). It will do 💥. This way the
providers can at least do the sanity checks required.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-17 20:51:35 +02:00
Sebastian Steinmetz 5a996b5f87 Address comments from @rullzer:
- implement isAvailable
 - run tests only if ImageMagick with HEIC support is available in the
   environment

Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-17 18:37:23 +02:00
Bjoern Schiessle 325e8bea16
add deck and mail to the groupware bundle, remove talk
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-17 13:27:48 +02:00
Robin Appelman 4c0cbdff36
tokens can't be valid local user names
this saves searching for shares on non-public link dav requests

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 21:27:57 +02:00
Robin Appelman c300516e51
more efficient way to detect added and removed mounts
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 19:56:49 +02:00
Robin Appelman f7ae235372
cache OC\Files\Mount\Manager::findIn results
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 19:02:00 +02:00
Robin Appelman f8116ad4cf
use more efficient method to find mountpoint for path
this changes the complexity from the number of mounts to the depth of
the path

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 18:55:52 +02:00
Robin Appelman 95981810c0
remove double loop for detecting changed mounts
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-16 18:24:56 +02:00
Denis Mosolov 0b18e2c75d Add an options to create and remove groups via occ
Signed-off-by: Denis Mosolov <denismosolov@gmail.com>
2018-08-16 10:31:20 +03:00
Christoph Wurst 60625de9e4
Fix typo in IUserManager::createUser doc
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-16 08:37:27 +02:00
Roeland Jago Douma ac4735a4f2
Update the scope of the lockdownmanager
We have the token anyway. So better the scope as well.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-14 09:45:52 +02:00
blizzz 8601bbc35d
Merge pull request #10621 from nextcloud/feature/noid/add-tos-to-enterprise-bundle
Add the ToS app to the enterprise bundle
2018-08-13 15:47:15 +02:00
Roeland Jago Douma 05b249844e
Merge pull request #10659 from danielkesselberg/feature/noid/remove-xcache
Drop support for xcache
2018-08-13 13:55:26 +02:00
Nextcloud bot ccb040ee01
[tx-robot] updated from transifex 2018-08-13 00:12:09 +00:00
Daniel Kesselberg 0d7f9e1b8c
Update autoloader
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-12 18:26:50 +02:00
Daniel Kesselberg bfa49410a2
Drop support for xcache
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-12 17:14:08 +02:00
Sebastian Steinmetz 6973b82e20 Develop HEIC/HEIF preview support #7406
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-11 00:13:43 +02:00
Roeland Jago Douma 90a656305b
Bump autoloaders
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-10 15:03:22 +02:00
Roeland Jago Douma 7aad5b7721
Merge pull request #10543 from nextcloud/ignore-deactivated-users
Do not show deactivated users in sharees and contacts
2018-08-10 15:01:14 +02:00
blizzz d2b9b78c70
Merge pull request #10636 from nextcloud/fix/2fa-enforced-backup-codes
Fix 2FA being enforced if only backup codes provider is active
2018-08-10 11:06:40 +02:00
Roeland Jago Douma a080c425cd
Merge pull request #10618 from nextcloud/mimetype-insert-if-not-exists
use insertIfNotExists to store new mimetypes.
2018-08-10 10:31:55 +02:00
Christoph Wurst 1124b87bc0
Fix 2FA being enforced if only backup codes provider is active
Fixes https://github.com/nextcloud/server/issues/10634.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-10 09:26:40 +02:00
Roeland Jago Douma 8c1e75e052
Do not use file as template parameter
Using file will overwrite the $file parameter in the template base.
Leading to trying to include a file that is the exception message. Which
will of course fail.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-09 16:45:25 +02:00
Joas Schilling e1d3965883
Add the ToS app to the enterprise bundle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-09 16:12:48 +02:00
Robin Appelman 5e9d6b1585
use insertIfNotExists to store new mimetypes.
Also throw an error if we can't find the mimetype after insert

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-09 15:20:55 +02:00
Christoph Wurst 8db66d5dfb
Fix double-inserts of the same provider state
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 13:56:04 +02:00
Roeland Jago Douma 0757c52980
Merge pull request #10588 from nextcloud/fix/single-2fa-provider-login-redirect
Fix login redirection if only one 2FA provider is active
2018-08-09 12:27:29 +02:00
Björn Schießle 6aa6d2186c
Merge pull request #10255 from nextcloud/add-support-for-room-shares
Add support for room shares
2018-08-09 10:44:11 +02:00
Christoph Wurst 201cbf2d33
Fix app code checker to ignore `build` directory
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 06:44:52 +02:00
Christoph Wurst d8197f2b97
Rename providerset method to get primary providers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 20:28:21 +02:00
Björn Schießle 11e99859ef
Merge pull request #10397 from nextcloud/encryption-s3-fix
make file cache updates more robust
2018-08-08 18:27:18 +02:00
Christoph Wurst c6e47e8a51
Fix login redirection if only one 2FA provider is active
Fixes https://github.com/nextcloud/server/issues/10500.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 15:25:59 +02:00
Daniel Calviño Sánchez 4b7fa4ac2e Add support for tokens in room shares
Tokens will be used to give access to a share to guests in public rooms.
Although the token itself is created in the provider of room shares and
no changes are needed for that, due to the code structure it is
necessary to explicitly call the provider from the manager when getting
a room share by token.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:44 +02:00
Daniel Calviño Sánchez d9458b303a Add support for room shares to the share manager
Room shares are implemented in an external app (Nextcloud Talk), so in
order to keep the share manager as isolated as possible from room share
specifics all the validity checks are done in the provider of room
shares. However, due to the code structure it is necessary to explicitly
check for room shares in "generalCreateChecks" to prevent an exception
from being thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:43 +02:00