Introduces the basic password authentication mechanism, along with a
mechanism based on ownCloud credentials stored in the user session.
Change to lib/private is an extension of PermissionsMask, as
isSharable() override was missing.
Session credentials auth mechanism now disables sharing on applied
storages, as credentials will not be available.
The following functions have been removed:
- addMountPoint()
- removeMountPoint()
- movePersonalMountPoint()
registerBackend() has been rewritten as a shim around BackendService,
allowing legacy code to interact with the new API seamlessly
addMountPoint() was already disconnected from all production code, so
this commit completes the job and removes the function itself, along
with disconnecting and removing related functions. Unit tests have
likewise been removed.
getAbsoluteMountPoints(), getSystemMountPoints() and
getPersonalMountPoints() have been rewritten to use the StoragesServices
A backend can now specify generic authentication schemes that it
supports, instead of specifying the parameters for its authentication
method directly. This allows multiple authentication mechanisms to be
implemented for a single scheme, providing altered functionality.
This commit introduces the backend framework for this feature, and so at
this point the UI will be broken as the frontend does not specify the
required information.
Terminology:
- authentication scheme
Parameter interface for the authentication method. A backend
supporting the 'password' scheme accepts two parameters, 'user' and
'password'.
- authentication mechanism
Specific mechanism implementing a scheme. Basic mechanisms may
forward configuration options directly to the backend, more advanced
ones may lookup parameters or retrieve them from the session
New dropdown selector for external storage configurations to select the
authentication mechanism to be used.
Authentication mechanisms can have visibilities, just like backends.
The API was extended too to make it easier to add/remove visibilities.
In addition, the concept of 'allowed visibility' has been introduced, so
a backend/auth mechanism can force a maximum visibility level (e.g.
Local storage type) that cannot be overridden by configuration in the
web UI.
An authentication mechanism is a fully instantiated implementation. This
allows an implementation to have dependencies injected into it, e.g. an
\OCP\IDB for database operations.
When a StorageConfig is being prepared for mounting, the authentication
mechanism implementation has manipulateStorage() called,
which inserts the relevant authentication method options into the
storage ready for mounting.
Backends are registered to the BackendService through new data
structures:
Backends are concrete classes, deriving from
\OCA\Files_External\Lib\Backend\Backend. During construction, the
various configuration parameters of the Backend can be set, in a design
similar to Symfony Console.
DefinitionParameter stores a parameter configuration for an external
storage: name of parameter, human-readable name, type of parameter
(text, password, hidden, checkbox), flags (optional or not).
Storages in the StoragesController now get their parameters validated
server-side (fixes a TODO).
- Added StorageConfig class to replace ugly arrays
- Implemented StorageService and StorageController for Global and User
storages
- Async status checking for storages (from Xenopathic)
- Auto-generate id for external storage configs (not the same as
storage_id)
- Refactor JS classes for external storage settings, this mostly
moves/encapsulated existing global event handlers into the
MountConfigListView class.
- Added some JS unit tests for the external storage UI
Add support for external files accessed via SFTP using public key exchange authentication.
Keys are generated automatically when the configuration is added, or can be regenerated on demand if a key is compromised.
Creation of a new configuration row now triggers focus on that row. This is used to trigger auto-configuration for SFTP keys.
Generated public keys are saved in user's data directory for easy retrieval by an external application.
Add controller for SFTP key generation AJAX
SFTP class initialisation no longer produces a warning if the password field is missing.
Add unit tests for SFTP with key authentication backend
Added addTranslations and fixed de.js file
Fixed de.js to use OC.L10N.register() and use to correct expected
format.
Added JS unit tests for OC.L10N class
Include translations JS script for all apps
folder size and mtime is always unknown in s3
more s3 fixes
make rescanDelay of root dir configurable, add on the fly update of legacy storage ids, !isset -> empty when checking strings
reduce number of http calls on remove and rmdir
fix typo
* Highlight fields that need to be filled
* Remove (required) and (optional) strings where possible
* Focus first configuration field when creating new external storage
* Add ability to force external storage re-check
* Various jQuery improvements
* Prevent wrapping of checkboxes in configuration
remove minified select2 js
show avatars for users, simpler results
remove unneeded users and groups from settings template
fix css, escape user and group names
Each storage backend has a default priority, assigned to any system mounts
created in ownCloud. mount.json can be manually modified to change these
priorities.
The priority order is as follows:
* Personal
* User
* Group
* Global
Within each mount type, the mount with the highest priority is active.
The storage backend defaults were chosen to be the following:
* Local - 150
* Remote storage - 100
* SMB / CIFS with OC login - 90
Added check for backend's checkDependencies method to OC_Mount_Config::getBackends() when backend is configured to have some instead of blindly calling it and crashing
Conflicts:
apps/files_external/lib/config.php
apps/files_external/lib/google.php
Moved dependency check to the individual backends instead of the config
Conflicts:
apps/files_external/appinfo/app.php
apps/files_external/lib/config.php
Selecting 'SMB/CIFS Auto' in the mounts configuration allows an SMB/CIFS
mount to be configured that uses the credentials of the user logging in to
authenticate to the server.
Optionally, the username can be used as the share name, permitting home shares
to be dynamically mounted.