37e8a87d46
Merge pull request #21591 from owncloud/add-code-checking-for-apps
...
Verify signature of apps with level "Official" coming from the appstore
2016-01-13 10:35:00 +01:00
b1ee51f255
Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening
...
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
2016-01-13 10:33:58 +01:00
5565b19382
Merge pull request #21648 from owncloud/smb-statcache-cap
...
cap the number of entries we cache in smb's statcache
2016-01-13 10:33:43 +01:00
3fd976995a
Merge pull request #21668 from owncloud/add-super-evil-and-hidden-config-switch-to-disable-integrity-checks-really-just-do-not-use-this
...
Add hidden config switch to disable code integrity checking
2016-01-13 10:30:02 +01:00
4129480eb0
Merge pull request #21671 from owncloud/fix-setup-on-master
...
Use legacy method when ownCloud is not yet installed
2016-01-13 10:29:36 +01:00
e22186d234
Merge pull request #21673 from owncloud/chrsch-master
...
-- Fixed error where $enabled is parsed but empty
2016-01-13 10:29:21 +01:00
c5a200c419
Merge pull request #21653 from owncloud/update-license-headers-2016
...
Update license headers 2016
2016-01-13 08:29:42 +01:00
4b3bef4dc7
-- Fixed error where $enabled is parsed but empty
2016-01-13 06:39:02 +01:00
28049b510b
Use legacy method when ownCloud is not yet installed
...
The new `\OCP\ICertificateManager::getAbsoluteBundlePath` API instantiiates an ownCloud view which makes the installation fail as it queries the DB before it actually is setup. This change uses the old approach again for the case that the installation is not yet setup.
The client service is required for the `.htaccess` effectivity check in the setup. In the future we could move this to a JS based one (as we have for the other setupchecks) so we can get rid of such hacks.
Fixes https://github.com/owncloud/core/issues/21669 which was a regression in master caused by https://github.com/owncloud/core/issues/21336
2016-01-12 21:47:49 +01:00
08e73d2c8f
Add hidden config switch to disable code integrity checking
...
This adds a hidden config flag that allows somebody to disable the code integrity check. If `integrity.check.disabled` is set to `true` in the config file:
1. The integrity check functions will return always an empty result
2. The integrity check is not performed when installing apps
3. The integrity check is not performed when updating apps
4. The integrity check is not performed when updating the core
Furthermore this adds support for a list of channels that the code checker will run on. At the moment this is only stable because I didn't want to break any build scripts that we have. Once we have a proper CA setup and updated the build process to sign the releases we can add the RC, alpha, beta as well as daily releases. So everything except "git" basically.
2016-01-12 18:48:36 +01:00
682821c71e
Happy new year!
2016-01-12 15:02:18 +01:00
d8d6368dd7
cap the number of entries we cache in smb's statcache
2016-01-12 13:26:58 +01:00
c15cab7ed6
Allow admins to add system wide root certificates
2016-01-12 12:50:59 +01:00
4d0dcd3c53
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
...
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
2016-01-12 10:37:16 +01:00
3ec8789c77
Merge pull request #21628 from owncloud/deprecated_secure_random_funcions
...
Replace deprecated function calls to SecureRandom
2016-01-12 09:12:13 +01:00
d11d9407ce
Merge pull request #21624 from owncloud/l10n_deprecated_function
...
Remove unused deprecated function from l10n.php
2016-01-12 08:34:00 +01:00
9f4b296685
Properly close cursors
2016-01-12 08:24:08 +01:00
9e322828f2
Cache if a group exists
2016-01-12 08:24:08 +01:00
3c8f4784e9
Inject DBConnection
...
* Use query builder
* Minor unit tests additions
2016-01-12 08:24:08 +01:00
53e37804ec
The group database backend should cache groups
...
This avoids duplicated queries like first checking the group_users db
and then just doing a select on the group db. Those enries are linked
(and should be using foreign keys!)
This commit makes sure we cache those entries.
If a user is part of N groups this saves N queries on webdav access
2016-01-12 08:24:08 +01:00
876fb83ddc
getMediumStrengthGenerator is deprecated and does not do anything anymore
2016-01-11 20:06:30 +01:00
98c4951f45
getLowStrengthGenerator does not do anything anymore
2016-01-11 19:59:15 +01:00
eccd9ca1cb
Remove unused deprecated function
2016-01-11 16:41:46 +01:00
43dbe1cebf
Revert "Remove unneeded check if htaccess test file already exists"
2016-01-11 15:37:08 +01:00
3a5087ccdf
tempnam accepts a directory as its first parameter, not a full path and filename.
...
tempnam falls back to creating a file in the system's temp directory. On systems with open_basedir restrictions, this may trigger an error message. By moving this below the checkTemporaryDirectory-loop, tempnam will only be tested if all alternatives fail and the error message is most likely avoided.
2016-01-11 11:50:31 +01:00
3e8a5f8a53
Typo in error message
2016-01-11 11:40:58 +01:00
300eb54c87
de-deplicate getUidAndFilename
2016-01-11 11:40:58 +01:00
fd2e1086c6
dont return an owner for files that don't exist
2016-01-11 11:40:58 +01:00
939cd43b58
Merge pull request #21586 from owncloud/fix-no-minimum-version
...
Assume apps from the appstore are compatible with the current version
2016-01-11 11:23:36 +01:00
e01a488b31
Remove generateRandomBytes from OC_Util
2016-01-10 22:07:33 +01:00
c009d5dcc1
Verify signature of apps with level "Official" coming from the appstore
...
This change will verify the signature of all apps with the level "Official" coming from the appstore or if they have been signed before.
2016-01-10 19:40:28 +01:00
e43bf54503
Assume apps from the appstore are compatible with the current version
...
Filtering is done server-side already so only compatible apps are delivered. Otherwise this leads to a ton of error messages as the info.xml cannot be read at that state.
Fixes https://github.com/owncloud/core/issues/21556
2016-01-10 17:02:50 +01:00
3d4cf2e598
Use proper class name
...
This has never worked before. Introduced with https://github.com/owncloud/core/pull/18658
2016-01-09 23:43:12 +01:00
77c611d339
Just query the securerandom from the container
2016-01-09 19:57:03 +01:00
17a066c18e
Properly close db cursors
2016-01-08 20:27:01 +01:00
629bac22fd
Make sure to respect deleted group shares by user
2016-01-08 20:27:01 +01:00
c882d46e5f
Moved to the query builder
...
Anything to keep Lukas happy
2016-01-08 20:27:01 +01:00
066e3770bb
Make sure that permissions stay in sync for share_type 2
...
When a file/folder is shared with a group and one of the group members
moves this file/folder an extra entry is created in the share table.
When the permission of the group share is updated we used to only
sometimes update the shares for individual users.
* Added intergration tests
2016-01-08 20:27:01 +01:00
6ab5ad0593
Merge pull request #21447 from owncloud/leave-disabled-apps-off
...
Only enable apps that are not intentionally disabled
2016-01-08 18:17:15 +01:00
3de81be692
Merge pull request #21494 from owncloud/underscores-in-class-names
...
Remove underscores from class names - part 1
2016-01-08 18:11:25 +01:00
0f281cdd30
Merge pull request #21286 from owncloud/use-owncloud-mail-when-sending-caldav-schedule-mails
...
Adding IMip scheduling which uses ownClouds mail delivery
2016-01-08 17:58:33 +01:00
e60dddf57d
Merge pull request #21479 from owncloud/fix-broken-state-in-htaccess-test
...
Remove unneeded check if htaccess test file already exists
2016-01-08 15:53:16 +01:00
0f5132552c
Merge pull request #21292 from owncloud/checkAppEnabled-not-needed-anymore
...
core will handle invalid URLs and redirects properly
2016-01-08 13:36:11 +01:00
71999ef820
Merge pull request #21139 from owncloud/makeswifturltypeconfigurable
...
make url type configurable
2016-01-08 12:34:58 +01:00
b3550db02d
Adding IMip scheduling which uses ownClouds mail delivery
2016-01-08 12:21:41 +01:00
a0345b9465
Merge pull request #21032 from owncloud/router-error-handling
...
Router error handling + Base.php
2016-01-08 10:06:54 +01:00
a1a8a06042
Merge pull request #21527 from owncloud/remove_all_avatars
...
Remove all cache avatars on avatar deletion
2016-01-08 09:41:25 +01:00
9bf01283e7
Cleanup router code
...
- Some functions are entirely broken
- PHPDoc etc...
2016-01-07 21:29:51 +01:00
4e6f6518ff
Remove all cache avatars on avatar deletion
...
Fixes #21513
Since we cache the generated avatars. We should also delete the
generated sizes when we remove the avatar.
2016-01-07 20:51:18 +01:00
1cc6fddead
Merge pull request #21498 from owncloud/cleanup-OC_DB
...
Cleanup OC_DB methods
2016-01-07 20:13:16 +01:00
46107f82d4
Merge pull request #21506 from owncloud/issue-20218-min-max-owncloud-version-warning
...
Issue 20218 min max owncloud version warning
2016-01-07 16:51:00 +01:00
f6f492ba4e
Merge pull request #21502 from owncloud/di_mimetypedetector
...
Add 'OCP\Files\IMimeTypeDetector' to DI container
2016-01-07 16:18:55 +01:00
9ca670f94f
Merge pull request #21505 from owncloud/allow-downgrades-for-brave-developers
...
Allow downgrades for our brave developers, that switch between branches
2016-01-07 16:03:36 +01:00
c55da1fc8d
Add a warning to the app:check-code if the version is missing
2016-01-07 15:04:36 +01:00
601457d221
Merge pull request #20773 from owncloud/share2.0_create
...
[Sharing 2.0] create share
2016-01-07 14:57:05 +01:00
190cc2bb67
Remove OC_DB::getConnection
2016-01-07 14:54:55 +01:00
fddece9552
Remove OC_DB::insertid
2016-01-07 14:54:55 +01:00
0a41cfefe3
Remove beginTransaction, commit, rollback from OC_DB
2016-01-07 14:54:55 +01:00
3917d888bd
Remove OC_DB::isError
2016-01-07 14:54:55 +01:00
547fbfdb76
Remove OC_DB::dropTable
2016-01-07 14:54:54 +01:00
fd7ed93937
Allow downgrades for our brave developers, that switch between branches
2016-01-07 14:18:33 +01:00
cd35ad6aaa
Add 'OCP\Files\IMimeTypeDetector' to DI container
...
* Added test to server container as well
2016-01-07 13:20:43 +01:00
fa97e3a5a3
OC_TemplateLayout -> OC\TemplateLayout
2016-01-07 09:31:11 +01:00
c464b32738
OC_DB_MDB2SchemaManager -> OC\DB\MDB2SchemaManager
2016-01-07 09:29:21 +01:00
604897945b
Move lib/repair to lib/private/repair
2016-01-07 09:14:35 +01:00
002161857c
Merge pull request #21398 from owncloud/sharing-disabled-cache
...
Cache isSharingDisabledForUser
2016-01-06 17:23:14 +01:00
b6bc17d014
Merge pull request #21443 from owncloud/fix-container-lookup
...
Lookup the App name instead of OCA
2016-01-06 17:22:41 +01:00
a2c19d3d1a
Merge pull request #21444 from owncloud/move-regenerate-below
...
Move regeneration of session ID into session classes
2016-01-06 17:21:43 +01:00
1358e5dcd9
[Sharing 2.0] Some error cases report 404 instead of 403
2016-01-06 15:25:29 +01:00
26280e1f19
[Sharing 2.0] Add L10N instance to manager for translated errors
2016-01-06 14:53:43 +01:00
b15be8f96f
[Share 2.0] Make the share manager ready for share creation
2016-01-06 14:53:43 +01:00
a08c497808
[Share 2.0] Make share provider ready for create shares
2016-01-06 14:53:43 +01:00
4f2e84a0ec
[Share 2.0] Update share class
...
More getters and setters are required to properly create shares
2016-01-06 14:53:43 +01:00
516a6d7441
Remove unneeded check if htaccess test file already exists
...
* fixes #20199
2016-01-06 13:45:36 +01:00
88c7face07
Inject OCSClient
...
Fixes https://github.com/owncloud/core/issues/21451
2016-01-06 11:40:22 +01:00
a86e067154
Merge pull request #21442 from owncloud/annotate-type
...
Annotate type
2016-01-05 12:36:31 +01:00
3f101039b9
add isset for optional params
2016-01-04 16:38:45 +01:00
761000624d
Only enable apps that are not intentionally disabled
2016-01-04 16:24:52 +01:00
fec41e7539
Move regeneration of session ID into session classes
...
There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
2016-01-04 15:09:01 +01:00
70ff90b1ec
Merge pull request #21393 from owncloud/fix-urlgenerator-call
...
No more deprecation messages in error log
2016-01-04 15:00:06 +01:00
2cf4e144cc
Lookup the App name instead of OCA
2016-01-04 14:47:49 +01:00
26c3fa7911
Annotate type
...
Otherwise static code scanners will complain about this.
2016-01-04 14:18:01 +01:00
42897ac5cb
Merge pull request #21402 from owncloud/view-getuserobject-cache
...
Cache usermanager instance in view
2015-12-30 20:04:51 +01:00
45d0396404
Cache sharing disabled in the view
2015-12-30 14:42:22 +01:00
2d9d0aedf8
Cache usermanager instance in view
2015-12-30 14:28:53 +01:00
9e39e8f1c7
No more deprecation messages in error log
2015-12-29 17:31:28 +01:00
9392a555ae
Merge pull request #21331 from switch-ch/fix_ms_log
...
Fix owncloud logging with ms precision
2015-12-29 16:32:52 +01:00
edd051dc02
Merge pull request #21291 from owncloud/refactor-call-check
...
Refactor OC_Util::callCheck
2015-12-28 10:21:44 +01:00
23c754aed3
prefer scalar type hints over phpdoc annotation
...
use method exists lookup to be safe and not break on old hhvm versions
add test that checks if type hint is preferred over annotation
2015-12-24 09:20:26 +01:00
7fce06b3f3
When microtime(true) returns a whole number, then the parsing fails.
...
This patch makes sure, that the value can always be parsed correctly.
2015-12-22 15:06:32 +01:00
6f00729124
Refactor OC_Util::callCheck
2015-12-22 09:32:14 +01:00
0b913f00c7
Merge pull request #21289 from owncloud/issue-20399-keep-periodic-background-jobs
...
Do not delete background jobs, in case an exception occured
2015-12-21 09:47:07 +01:00
2c4b9e03e0
Use new APCu API
...
This one is available since APCu 4.0, since we require APCu 4.0.6 this works fine. Also it brings us PHP 7 compatibility and thus fixes https://github.com/owncloud/core/issues/21095
2015-12-20 11:09:09 +01:00
95a255b0d4
Merge pull request #21281 from owncloud/allow-di-for-background-jobs
...
Allow background jobs to be service names for DI
2015-12-18 16:34:42 +01:00
6cdaf754b2
Merge pull request #21290 from owncloud/public-api-usage-getversion
...
Use OCP\Util::getVersion instead of the internal private implementation
2015-12-18 16:07:01 +01:00
2f98f64241
core will handle invalid URLs and redirects properly
2015-12-18 15:51:03 +01:00
ed98cdf532
Use OCP\Util::getVersion instead of the internal private implementation
2015-12-18 15:26:54 +01:00
36cc0528e3
Merge pull request #21288 from owncloud/deprecated_helper_mimetypes
...
Remove deprecated OC_Helper mimetype functions
2015-12-18 15:23:05 +01:00
a743047e82
Merge pull request #21283 from owncloud/cleanup_config
...
Cleanup OC_Config mess
2015-12-18 14:54:38 +01:00
50e8773307
Merge pull request #21280 from owncloud/drop-unused-methods
...
OC_Helper::makeURLAbsolute is not used anymore
2015-12-18 14:49:55 +01:00
Thomas Müller
Christoph Schaefer
Lukas Reschke
Robin Appelman
Roeland Jago Douma
Roeland Jago Douma
Lars
Joas Schilling
Morris Jobke
Jörn Friedrich Dreyer
Bernhard Posselt
Christian Schnidrig