Roeland Jago Douma
bc16b05243
Fix signCoretests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
305481688b
SignApp fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
ef4b59d341
More fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
799f58391e
More fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
3aa5f105fa
Fix more tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
385ec2947d
Skip redis if not configured
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
c007ca624f
Make phpunit8 compatible
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
0532f8116d
Merge pull request #18019 from nextcloud/enhancement/password-policy-events
...
Add typed events for password_policy
2019-11-27 11:11:17 +01:00
blizzz
d2f9deba51
Merge pull request #17834 from nextcloud/enh/noid/generic-event-replacement-tk2
...
Public API's GenericEvent replacement (take 2)
2019-11-27 10:50:07 +01:00
Christoph Wurst
1a886b1472
Add typed events for password_policy
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00
Roeland Jago Douma
d09f8c7423
Merge pull request #17939 from nextcloud/fix/token-insert-conflict-handling
...
Handle token insert conflicts
2019-11-26 19:47:59 +01:00
Arthur Schiwon
fc16b09a2c
Files first to use own GenericEvent
...
* those are added to 18 only anyway :)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-26 14:48:59 +01:00
Roeland Jago Douma
b607e3e6f4
Merge pull request #17948 from nextcloud/enh/check-if-property-is-bool
...
Make isXXX available for bool properties only
2019-11-26 12:25:36 +01:00
Christoph Wurst
0299ea0a96
Handle token insert conflicts
...
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.
As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-26 12:07:12 +01:00
Robin Appelman
74c6beb603
dont set folder size to negative values during propagation
...
normally this shouldn't be a problem, but cache/storage desync might cause this
so this adds some failsafe to ensure we dont corrupt the cache further
the minimum value is set to -1 instead of 0 in order to triger a background scan
on the folder and figure out the size properly
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
Robin Appelman
9e450d727a
add LEAST and GREATER to db function builder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
blizzz
b1dffc5c2d
Merge pull request #17896 from nextcloud/fix/noid/consider-create-group-result
...
take group creation result into consideration
2019-11-25 17:16:40 +01:00
Arthur Schiwon
7b1eedb11e
take group creation result into consideration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-25 14:01:20 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes
...
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Roeland Jago Douma
3c1bcd551d
Fix the tests after #18029
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-21 22:31:45 +01:00
Roeland Jago Douma
5c4b2a2436
Merge pull request #18029 from nextcloud/feature/public-post-login-event
...
Make the post login event public
2019-11-21 12:39:42 +01:00
Roeland Jago Douma
da25ed997e
Do not check for updates if we have no internet
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:30:59 +01:00
Christoph Wurst
535000aac6
Make the post login event public
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-20 18:43:09 +01:00
Roeland Jago Douma
b367027798
Do pagination on the dummy group backend
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 08:08:01 +01:00
Roeland Jago Douma
1bd688a9d1
Use dummy backend in test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-18 11:54:26 +01:00
Daniel Kesselberg
a27c10daa6
Make isXXX available for bool properties only
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-16 00:39:48 +01:00
Robin Appelman
066faaec05
fix folder delete
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:46 +01:00
Robin Appelman
43fa746ad9
dont create empty filecache extended rows
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:43 +01:00
Robin Appelman
1b6e647b63
expose filecache extension data in FileInfo
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:32 +01:00
Robin Appelman
842da3f183
store filecache extension fields
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 11:30:44 +01:00
Daniel Calviño Sánchez
2f49806c20
Add unit tests for "getAllShares()"
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-30 14:27:41 +01:00
John Molakvoæ (skjnldsv)
ea6f423e2c
Extend data returned when searching remote shares
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma
5122629bb0
Make renewSessionToken return the new token
...
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Johannes Koenig
2df8d646c1
make TrustedDomainHelper case insensitive
...
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
blizzz
47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
...
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst
de6940352a
Move settings to an app
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
Roeland Jago Douma
cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
...
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Roeland Jago Douma
6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
...
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman
35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
...
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that
Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman
733d4b6cca
dont delete cache entries if deleting an object from object store failed
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Roeland Jago Douma
210a0554a2
Use the actual password to update the tokens
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Greta Doci
68ef242a0a
Fixed the SecurityTest error
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-15 12:04:28 +02:00
Roeland Jago Douma
2b98eea129
Harden identifyproof openssl code
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
Roeland Jago Douma
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
...
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma
41cbb05aea
Split personal security settings in code
...
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Arthur Schiwon
1cc6f34d88
adapt file hooks test to eventdispatcher utilization
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
Roeland Jago Douma
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
...
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
...
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman
8ef5a366ec
add MAX and MIN to functionbuilder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Roeland Jago Douma
0ff08810d9
Log/FileTest does not require the DB
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
Arthur Schiwon
d33e0be2f1
adjust test expectations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
Daniel Kesselberg
773778dd8c
Add default timeout to expected request options
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
Roeland Jago Douma
3f12ec95f0
SessionMiddleware: declare session property
...
* Remove request since we don't useit
* Update tests as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
Roeland Jago Douma
505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
...
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
Arthur Schiwon
4bd83c9a28
adjust tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
Joas Schilling
db968cb1d4
Cleanup the Settings class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
Roeland Jago Douma
7927aebdeb
Fix report of phpstan in Limiter
...
* unneeded arguments to constructor
* added return types
* let automatic DI do its work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Roeland Jago Douma
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Scott Shambarger
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
Roeland Jago Douma
f81817b47d
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma
cf647451e5
Update CSP test cases to handle the new form-action
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma
0ea7fbae54
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Roeland Jago Douma
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Morris Jobke
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
...
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Arthur Schiwon
78201bcb72
treat sensitive config keys by pattern
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma
0487144b26
Remove deprecated searchByTag
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Julius Härtl
3674f6fa2d
Check the if we can actually access the storage cache for recent files
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Morris Jobke
d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
...
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Daniel Kesselberg
8bed3021bd
Exclude .rnd files from integrity check
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Sam Bull
ea935f65fd
Add support for CSP_NONCE server variable
...
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.
Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
Morris Jobke
5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
...
Notifications overhaul
2019-07-17 20:22:03 +02:00
Morris Jobke
782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
...
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
Morris Jobke
99f2c82222
Properly inject the logger
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
Joas Schilling
565838da9c
Update unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
Joas Schilling
55f5bc79a1
Keep the old method as a fallback and adjust the tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
Roeland Jago Douma
f8aeef7ae9
Lock SCSS so we only run 1 job at a time
...
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
Joas Schilling
092d34d9df
Add a unit test for guests as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 10:24:27 +02:00
Christoph Wurst
d058ef2b6c
Make it possible to wipe all tokens/devices of a user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
Christoph Wurst
1c261675ad
Refactor: move remote wipe token logic to RW service
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
Roeland Jago Douma
5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
...
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
Roeland Jago Douma
5ac857bcdc
Add an event to edit the CSP
...
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
Morris Jobke
53d2d95478
Remove one time repair steps that have already run when updating to 17
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
John Molakvoæ
5a03189ce7
Mimetype list integrity check should not fail if it's changed ( #15810 )
...
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
Xheni Myrtaj
9211e34aec
Added Tests for modified mimetypelist
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
Julius Härtl
857fae288c
Always set the display name for user shares
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00
Joas Schilling
85a80b05ac
Unify the permission checking in one place only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 16:34:00 +02:00
Joas Schilling
e4addbae3e
Better check reshare permissions when creating a share
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 14:00:13 +02:00
Christoph Wurst
c50fe2a9c9
Send emails when remote wipe starts/finishes
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-02 21:59:23 +02:00
Greta Doci
5898e87e0f
Remove deleted groups from app restrictions fixes #15823
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-06-27 20:17:50 +02:00
Christoph Wurst
aa6622ccef
Decouple remote wipe notifcation channels with events
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 17:16:18 +02:00
Jan-Christoph Borchardt
b466127b1f
Merge pull request #16055 from nextcloud/design/native-fonts
...
Use native font stack
2019-06-26 00:08:16 +02:00
Roeland Jago Douma
d4a44d9b78
Merge pull request #15870 from nextcloud/preview-provider-v2
...
Add new Provider interface for preview providers
2019-06-25 15:05:54 +02:00
Roeland Jago Douma
5fbf304c2a
Merge pull request #15777 from nextcloud/feature/ocp-event-dispatcher
...
Add event dispatcher to OCP
2019-06-25 11:48:16 +02:00
Christoph Wurst
3174012adf
Add event dispatcher to OCP
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-25 10:02:27 +02:00
Jan-Christoph Borchardt
d14c0f2ed7
Move font from Nunito to Noto Sans
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2019-06-22 11:23:44 +02:00
Robin Appelman
1ad95caf24
Merge pull request #15889 from nextcloud/touch-handle-backend-exceptions
...
handle storage exceptions when trying to set mtime
2019-06-21 17:14:27 +02:00
Robin Appelman
000898d932
fix tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-21 16:23:47 +02:00
Julius Härtl
d5805df6c2
Fix subscription tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-17 16:36:24 +02:00
Robin Appelman
6150614374
Add new Provider interface for preview providers
...
the main difference is passing the `File` object to the provider
instead of a `View` + path
Old providers will still continue to work as before
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-17 14:09:09 +02:00
John Molakvoæ (skjnldsv)
e9351ef779
Add strict type on Notifications tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-13 14:58:38 +02:00
Roeland Jago Douma
357263a70b
Do not try to autoload built in types
...
This avoids calls to the autoloader (or chain of autoloaders) to see if
for example 'principalPrefix' class can be found. While we already know
it is a string.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-04 15:13:32 +02:00
Xheni Myrtaj
7cb6265378
Fix checker test
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-05-30 14:50:07 +02:00
Christoph Wurst
f88907a2d9
Fix personal security section tests
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-29 13:10:07 +02:00
Julius Härtl
67dd4b018a
Check for free space on touch
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-28 13:06:59 +02:00
Roeland Jago Douma
b0c2042a28
Merge pull request #15714 from nextcloud/fix/204_304_rfc
...
Check the actual status code for 204 and 304
2019-05-24 19:51:01 +02:00
Roeland Jago Douma
b0c030cbb5
Check the actual status code for 204 and 304
...
The header is the full http header like: HTTP/1.1 304 Not Modified
So comparing this to an int always yields false
This also makes the 304 RFC compliant as the resulting content length
should otherwise be the length of the message and not 0.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-24 15:18:32 +02:00
Christoph Wurst
22ae682823
Make it possible to show admin settings for sub admins
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-23 20:31:40 +02:00
Morris Jobke
8c3c04596e
Fix l10n for SettingsManager by injecting the l10n factory
...
Fixes #10832
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-21 22:25:13 +02:00
Roeland Jago Douma
579162d7b9
Allow 2FA to be setup on first login
...
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 10:11:53 +02:00
Morris Jobke
83b00a99fa
Add interfaces to interact with subscription from support app
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-13 11:04:47 +02:00
Christoph Wurst
d3a244f9d9
Allow crash reporters to catpture any message
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-09 14:06:44 +02:00
Morris Jobke
f095bd1642
Use non-absolute logout URL to fix wrong URL in reverse proxy scenario
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-08 18:02:00 +02:00
Christoph Wurst
170582d4f5
Add a login chain to reduce the complexity of LoginController::tryLogin
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-07 18:04:36 +02:00
Morris Jobke
582b679ca9
Deprecate legacy share code and cleanup some unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-18 17:44:14 +02:00
Morris Jobke
049d613dba
Merge pull request #15152 from nextcloud/enhancement/noid/contactsmenu-sharing-enum-settings
...
Respect sharing enumeration config in contacts menu
2019-04-18 15:00:02 +02:00
Julius Härtl
db17c14f80
Respect sharing enumeration config in contacts menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-04-18 11:39:49 +02:00
Daniel Kesselberg
6c156d81ed
Fix testGetProxyUri
...
Changed the implementation for getProxyUri with
fd1d85365c
If proxy is already null then we don't ask for proxyuserpwd. Test
failed because we expected getSystemValue to be called once with
proxyuserpwd
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-16 21:33:56 +02:00
Daniel Kesselberg
2708d26407
Set User-Agent as header without middleware
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-16 21:13:29 +02:00
Roeland Jago Douma
7276735eb4
Set empty CSP by default
...
For #14179
By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-16 14:09:39 +02:00
Morris Jobke
c1e6a5965e
Return true in the dummy backend for successful display name change
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 11:43:33 +02:00
Leon Klingele
f420647add
lib/private/User: do not change user properties if value has not changed
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 10:11:05 +02:00
Morris Jobke
c57a16bb0a
Merge pull request #14825 from marius-wieschollek/bugfix/11236
...
Set parameter type in QBMapper
2019-03-25 10:21:45 +01:00
Roeland Jago Douma
a7fb71f908
Fetch proper translations
...
Fixes #14793
This is caused by the mess we have with OC\Settings mapping to settings
and lib/private/Settings.
Anyway this is the quick fix. Moving stuff around for 17 seems better.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-25 09:10:54 +01:00
Marius David Wieschollek
5aeb8eac2b
[ #11236 ] Set parameter type in QBMapper
...
Signed-off-by: Marius David Wieschollek <git.public@mdns.eu>
2019-03-24 22:43:45 +01:00
Roeland Jago Douma
3ecdf743bb
Properly inject EventDispatched in BackgroundRepair
...
Else it will just be null when called
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-22 10:29:36 +01:00
Roeland Jago Douma
03dc79f665
Merge pull request #14578 from nextcloud/enh/force_enable_apps
...
Force enable apps
2019-03-20 19:22:38 +01:00
Roeland Jago Douma
575b3f9ff8
Revert "Where is your data?"
2019-03-20 15:17:31 +01:00
Roeland Jago Douma
769cb629ae
allow enforcing apps to ignore the max version
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 15:16:11 +01:00
Morris Jobke
772303309d
Merge pull request #14425 from cowai/fix-multiple-incomplete-folders
...
Do not calculate folder size for parent that also needs proper scan, fixes #3524
2019-03-08 09:12:33 +01:00
Marius Blüm
80937159fb
Remove "socialsharing_googleplus" from Social Sharing Bundle
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2019-03-07 14:56:16 +01:00
Ari Selseng
d16cfb519e
Avoid calculating folder size for parent that needs scan.
...
Signed-off-by: Ari Selseng <ari@selseng.net>
2019-03-06 15:23:37 +01:00
Morris Jobke
d004164fcc
Merge pull request #13327 from nextcloud/allow-bracket-notation-for-remove-ipv6-address
...
Allow bracket IPv6 address format inside IPAdress Normalizer
2019-03-06 10:34:02 +01:00
Joas Schilling
c6a69ba925
Remove the upload and memory setting
...
* Remove unneeded private method phpFileSize()
* Bump autoloader
* Remove setUploadLimit tests
* Remove integrity check hacks for upload limit
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 12:14:22 +01:00
Morris Jobke
92b5743bf4
Remove unused php5 config from .htaccess
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 11:24:10 +01:00
Christoph Wurst
102f700d96
Load auth tokens with the initial state API
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-03-01 21:24:44 +01:00
Julius Härtl
6ee7286b41
Fix tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-01 20:57:01 +01:00
Joas Schilling
01b4db62fb
Add dispatcher events to User and Group objects
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-01 20:56:59 +01:00
Roeland Jago Douma
c621da4fd6
Do not load 2fa admin settings async
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-28 11:55:58 +01:00
Morris Jobke
e5cacc0fe3
Merge pull request #14343 from nextcloud/bugfix/14052-multiple-navigation-items
...
Parse multiple navigation items
2019-02-27 16:07:57 +01:00
Christoph Wurst
e930a0ccbe
Search sharees on lookup server when explicitly requested by user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-02-26 19:44:49 +01:00
Morris Jobke
dc2798460b
Merge pull request #14198 from nextcloud/bugfix/8647-exclude-file-name-patterns
...
Exclude file name patterns; ignore gentoo webapp files
2019-02-26 00:17:25 +01:00
Robin Appelman
db750898ee
allow group backends to mark that a group should now be shown in search dialogs
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-25 16:06:09 +01:00
Daniel Kesselberg
df3d5e8509
two item => two items
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-25 14:52:14 +01:00
Daniel Kesselberg
36c51bc4f1
Parse multiple navigation items
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-22 15:57:14 +01:00
Morris Jobke
30e7d3e0e8
Merge pull request #14194 from nextcloud/bugfix/noid/correctly-determinate-owner-in-case-of-shared-external-storages
...
Correctly determinate the owner in case of shared external storages
2019-02-19 10:28:28 +01:00
Joas Schilling
f66c37bdb8
Correctly determinate the owner in case of shared external storages
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-18 10:57:12 +01:00
Roeland Jago Douma
104616c1da
Use CountWrapper instead of almost identical CountReadStream
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 13:24:58 +01:00
Roeland Jago Douma
843066b708
Fix AsyncBusTests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 20:04:17 +01:00
Roeland Jago Douma
b6d327ee47
Merge pull request #13995 from nextcloud/feature/dont-call-get-repair-steps
...
Do not run getRepairSteps in register_commands
2019-02-14 19:51:39 +01:00
Morris Jobke
cca08df976
Merge pull request #14160 from nextcloud/update-crl
...
Update CRL to contain revoked files_external_dropbox, passman & payback
2019-02-14 14:53:05 +01:00
Daniel Kesselberg
b14700c936
Use more precise regex
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 12:11:30 +01:00
Morris Jobke
c804baaec5
Update CRL to contain revoked files_external_dropbox, passman & payback
...
* see https://github.com/nextcloud/app-certificate-requests/pull/221
* see https://github.com/nextcloud/app-certificate-requests/pull/219#issuecomment-463577509
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-02-14 11:49:35 +01:00
Daniel Kesselberg
7404c10666
Apply code style fixes from owncloud, revert regex
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-14 11:48:15 +01:00
Romain Rivière
a5bc27c2a6
Fix test case
...
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:15 +01:00
Romain Rivière
abb56c72e1
Exclude file name patterns; ignore gentoo webapp files
...
Signed-off-by: Romain Rivière <lecoyote@lecoyote.org>
2019-02-14 11:48:09 +01:00
Daniel Kesselberg
e090973e64
Fix unit test
...
Null is not longer possible as value for $dispatcher.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-13 23:06:51 +01:00
Roeland Jago Douma
f1ea56b502
Fix the thorrtler whitelist bitmask
...
Before we actually didn't check each bit of the bitmask. Now we do.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-11 23:22:20 +01:00
Morris Jobke
34dc165132
Merge pull request #13097 from nextcloud/feature/11319/where-is-your-data
...
Where is your data?
2019-02-11 11:13:55 +01:00
Morris Jobke
baa6a2d52c
Merge pull request #13748 from nextcloud/cache-insert-event
...
add event for inserting cache entries
2019-02-07 16:35:02 +01:00
Morris Jobke
0e9903c420
Merge pull request #13969 from nextcloud/enh/additional_scripts_no_on_public_pages
...
No need to emit additonalscript event on public pages
2019-02-07 15:57:14 +01:00
Robin Appelman
0ccd970f9d
adjust tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-07 15:51:34 +01:00
Michael Weimann
2a8118e459
Switch guest avatars to PNG
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Michael Weimann
bf1253cb49
Implement guest avatar endpoint
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-02-07 14:23:16 +01:00
Roeland Jago Douma
b68567e9ba
Add StandaloneTemplateResponse
...
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-06 11:26:18 +01:00
Roeland Jago Douma
d88604015a
No need to emit additonalscript event on public pages
...
There already is a separate event for this. This will make it possible
to only inject code with the logged in one on default rendered pages.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-05 20:59:36 +01:00
Morris Jobke
e5d8645f00
Merge pull request #13846 from nextcloud/feature/check-if-app-exist-for-group
...
Check app path for enableAppForGroups
2019-02-01 15:23:01 +01:00
Roeland Jago Douma
d182037bce
Emit to load additionalscripts
...
Fixes #13662
This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.
This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-31 12:11:40 +01:00
Christoph Wurst
0e6cb988a1
Add a key parameter to the new initial state API
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-30 16:08:08 +01:00
Roeland Jago Douma
15abcff2a1
Expose subadmin to OCP
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 20:47:35 +01:00
Roeland Jago Douma
0fd208a83b
Merge pull request #13866 from nextcloud/s3-multipart-uploader
...
always use multipart uploader for s3 uploads
2019-01-29 11:14:05 +01:00
Robin Appelman
1d322d3b37
always use multipart uploader for s3 uploads
...
the multipart uploader handles non seekable streams while `upload` does not
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-28 14:51:19 +01:00
Daniel Kesselberg
c09ddf6c78
Check app path for enableAppForGroups
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-26 22:31:45 +01:00
Joas Schilling
abd305eff5
Remove legacy activity stuff
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-24 16:52:38 +01:00
Roeland Jago Douma
e3de4edc51
Urlencode the requesttoken
...
Followup of #13757
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 16:16:31 +01:00
Roeland Jago Douma
ebd9f30d85
Request plain logout url
...
By requesting the plain logout url we allow it to be properly cached by
the caching router. We just add the requesttoken manually.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-23 14:06:03 +01:00
Morris Jobke
90e985fe4f
Merge pull request #13739 from nextcloud/cache-cleanup-change
...
cleanup shared lock if changing to exclusive lock failed
2019-01-22 16:11:46 +01:00
Robin Appelman
f69c2d1e84
cleanup shared lock if changing to exclusive lock failed
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-01-22 15:32:48 +01:00
Joas Schilling
f8b74cf0a5
Allow resources via OCS as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-01-22 14:18:58 +01:00
Morris Jobke
5a27e54f4b
Merge pull request #13032 from nextcloud/objectstore-write-exists
...
upload new files in objectstore to a .part path first
2019-01-14 11:26:29 +01:00
Michael Weimann
2cd3fd3dc2
Move server info to theming section
...
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2019-01-14 00:08:26 +01:00
Roeland Jago Douma
ad676c0102
Set default frame-ancestors to 'self'
...
For #13042
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-08 15:36:40 +01:00
Roeland Jago Douma
64244e1a4f
CSP: Allow fonts to be provided in data
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-07 15:07:06 +01:00
Roeland Jago Douma
8b0f5e02c7
Merge pull request #12621 from nextcloud/td/12224/cleanup_middleware_registering
...
Cleanup middleware registering
2019-01-07 10:48:41 +01:00
blizzz
68952306aa
Merge pull request #10555 from nextcloud/bugfix/10518/only-check-added-items
...
Only enforce schema limits for supported apps
2019-01-03 14:18:13 +01:00
Roeland Jago Douma
54ff913de6
Cleanup middleware registering
...
Fixes #12224
Since we only use the middleware at 1 location it makes no sense to
register them in each and every container.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-03 11:50:01 +01:00
Thomas Citharel
c9b588774b
Allow bracket IPv6 address format inside IPAdress Normalizer
...
When run with php's build-in server (for instance on localhost:8080), IP provided through $this->server['REMOTE_ADDR'] is [::1], which is not an acceptable format for \inet_pton. This removes the brackets if there's any.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2019-01-03 10:03:46 +01:00
Roeland Jago Douma
03fe2b3b81
Use a case insensitive search for email
...
Fixes #7084
Now entering wrongly cased email (roeland@ instead of Roeland@) for
password reset etc. Will also work.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-20 14:19:35 +01:00
Roeland Jago Douma
a0ce0824bd
Merge pull request #13116 from nextcloud/fix/only_trust_xforwardedhost_for_trusted_proxies
...
Only trust the X-FORWARDED-HOST header for trusted proxies
2018-12-19 09:47:44 +01:00
John Molakvoæ
6f994be665
Merge pull request #12766 from stalker314314/streaming-options
...
Expose Swift Mailer streaming options in config, fixes #12702
2018-12-18 07:53:45 +01:00
Branko Kokanovic
7cef9b0248
Addressing comments, array() to []
...
Signed-off-by: Branko Kokanovic <branko@kokanovic.org>
2018-12-17 23:34:55 +01:00
Roeland Jago Douma
514426e27d
Only trust the X-FORWARDED-HOST header for trusted proxies
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-17 15:54:45 +01:00
Joas Schilling
6788e6e75c
Merge pull request #12883 from nextcloud/appdata-performance
...
try to grab the appdata folder directly without going trough the whole tree
2018-12-17 15:11:28 +01:00