b8c2a8ae36
Don't show contacts an entry for themselves
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
d091793ceb
Contacts menu
...
* load list of contacts from the server
* show last message of each contact
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
1b1f403a5d
Add duration of last job execution to the table
2017-04-25 17:39:58 +02:00
f1ffb728b9
Allow meta info and icons
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 14:31:21 +02:00
35414884d3
Add lists to HTML emails
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-24 13:48:27 +02:00
c54a59d51e
Remove unused use statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
d46b155916
Merge pull request #4428 from nextcloud/file-by-id-limit-user
...
limit the user when searching for a file by id if we know the user already
2017-04-21 19:43:53 +02:00
6fbe991afb
limit the user when searching for a file by id if we know the user already
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-21 17:11:26 +02:00
8c703c954d
Fix theming tests
...
Trying to configure method "shouldReplaceIcons" which cannot be configured
because it does not exist, has not been specified, is final, or is static
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:10:34 +02:00
16c4755e03
Rename renderHTML to renderHtml
...
* fixes #4383
* improves consistency
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-19 15:46:41 -05:00
1c0bffe87f
Fix translations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
10290eb006
Merge pull request #2834 from nextcloud/accesListToShareManager
...
Access list to share manager
2017-04-15 13:06:24 -05:00
8149945a91
Make BruteForceProtection annotation more clever
...
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.
Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
629b7c0fc3
Adjust docs and make !$currentAccess simpler
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
3c1365c0d1
Fix returned paths for remote shares
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:51 +02:00
91e650791d
Return the paths for the users without setting them all up
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:50 +02:00
0c2dc3bc8c
Fix comments
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
2cbac3357b
Offload acceslist creation to providers
...
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
88299ec27c
Added to public interface
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
1f962f9115
Update email template for lost password email
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 15:19:53 -05:00
b3b24172e4
Merge pull request #4307 from nextcloud/sharing-emails
...
New emails for sharebymail
2017-04-12 21:23:11 +02:00
124fdf8062
Merge pull request #4331 from nextcloud/query-builder-sum
...
Add sum() to the query function builder
2017-04-12 12:55:09 -05:00
4b639e2763
No newlines when heading is empty
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 17:16:27 +02:00
506c7731a6
Don't duplicate the sentence with the header
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 17:16:26 +02:00
33e077c1c1
Properly escape heading, body and button text
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 17:16:26 +02:00
050ce1d40b
Add addBodyButton to add a single button to email templates
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 17:16:26 +02:00
ac45af68cd
Add sub() to the query function builder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-12 16:09:35 +02:00
b90e91144b
Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints
...
Discover federatedsharing endpoints
2017-04-12 16:01:07 +02:00
be9a514dff
Allow to set text versions for the plain text email
...
* allows different texts for HTML and text version of the email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 17:50:06 -05:00
f3a78ee39d
Remove constructor from interface
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 21:22:39 +02:00
3600dd4f52
Add IEMailTemplate to public OCP API
...
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 16:35:46 +02:00
53bca14a27
Do proper DI
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 15:04:01 +02:00
449011dae7
remove discovery manager in favour of the OCSDiscoveryService
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-11 15:04:01 +02:00
45aee2e479
provide public discovery service to discover OCS end-points on another server
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-11 15:03:59 +02:00
afb5d45705
Merge pull request #4256 from nextcloud/theming
...
Move OC_Defaults to OCP\Defaults
2017-04-11 14:39:46 +02:00
a045f3c4d7
Merge pull request #4146 from nextcloud/unread-comments-folder
...
Allow getting the unread comment count for an entire folder at once
2017-04-10 13:21:39 -05:00
5b4adf66e5
Move OC_Defaults to OCP\Defaults
...
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
ca9d25169d
Merge pull request #4136 from nextcloud/expire-date-for-all-shares
...
Unified sharing options
2017-04-07 17:14:05 -05:00
3323d01db1
update unit tests
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
9f3d9b5b23
Don't force the use of Accept-Language anymore
...
This is not intended anymore, since it falls back to force english
when the header is not set. Also 0228bc6e66https://www.w3.org/International/questions/qa-lang-priorities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-07 11:10:04 +02:00
429f8ae011
Allow getting the unread comment count for an entire folder at once
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 12:48:24 +02:00
d4a7cfec7c
rename fun to func
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 11:15:06 +02:00
4125bdeb93
fix licence headers
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 11:14:52 +02:00
4279b13270
Add function builder to the query builder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 11:09:26 +02:00
19d3133ccf
Web app manifest
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-03-28 18:39:57 -06:00
88015bc51f
Fix type hints and doc blocks
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-23 17:52:47 +01:00
5695a4ec92
Don't do a recursive search
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-22 10:44:13 +01:00
03a92eaf74
Merge pull request #3957 from nextcloud/downstream-27307
...
Follow up to #3949 (app exists on enable)
2017-03-20 18:10:05 +01:00
591e75df5c
Don't use a generic exception
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 10:33:16 +01:00
11f838f9e4
Add ignore_files to config,
...
test files against ignore_files list on upload
fix typo and indentation
Move blacklist declaration to lib/public/Files/FileInfo.php,
Rename *ignored to *blacklisted
Mocked blacklist_files for testing
Mocked blacklist_files for testing
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 01:17:12 -06:00
edd55b0ea9
Use SystemConfig instead of AllConfig for DB stuff
...
* preparation for followup PRs to clean up the DB bootstrapping
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 15:53:49 -06:00
adfd1e63f6
Add base-uri to CSP policy
...
As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 15:16:20 +01:00
6565533d3b
Merge pull request #3600 from coletivoEITA/master
...
added method needsPartFile() in Storage
2017-03-14 15:14:59 +01:00
13e50cbcd7
added method needsPartFile() in Storage
...
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
2017-03-14 10:06:50 -03:00
e61606a767
Allow searching for favorites
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-08 16:30:55 +01:00
2a8e922d67
Merge pull request #3360 from nextcloud/dav-search
...
Implement webdav SEARCH
2017-03-08 13:09:19 +01:00
e399097e3a
Remove deprecated OC_User::isLoggedIn
...
Signed-off-by: Sebastian Wessalowski <sebastian@wessalowski.org>
2017-03-02 22:59:39 +01:00
e6a896f2f0
add tests for searchQuery
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-01 14:06:40 +01:00
df2063ee7b
Implement webdav SEARCH
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-01 14:06:39 +01:00
706131b394
add icewind/searchdav
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-28 14:24:18 +01:00
cb322d84e4
IServerContainer is effectively an IContainer
...
This relation was not explicitly declared in the class description.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-02-20 11:44:40 +01:00
7f73ee0764
Add missing PHPDoc and properly throw exception
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 18:03:35 -06:00
33fb86f68b
Fix detection of the new iOS app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-10 10:10:21 +01:00
0d8d658b7e
fix copyright headers
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-09 13:32:36 +01:00
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
5bad417e57
Merge pull request #2044 from nextcloud/login-credential-store
...
Login credential store
2017-01-30 19:30:04 -06:00
76f8247516
Add since
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-27 10:44:48 +01:00
269747985e
Add a more powerful notify mechanism
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-27 10:44:33 +01:00
933fd9c94d
Merge pull request #3240 from nextcloud/storage-interface-tweaks
...
minor storage interface tweaks
2017-01-25 08:52:32 +01:00
f73527c42f
minor storage interface tweaks
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-24 16:58:04 +01:00
8c8354399a
Allow apps to specify an icon with the sections via the API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-19 10:42:21 +01:00
35b8f03c07
Merge pull request #3106 from nextcloud/spreed-calls-are-objects
...
Define spreed calls
2017-01-17 11:42:13 +01:00
012708e1ba
Merge pull request #3023 from nextcloud/issue-2915-filter-out-sensitive-appconfigs
...
Filter out sensitive appconfig values
2017-01-17 11:01:42 +01:00
377e536417
Add call-type in case the information shall be used for styling or something else in the future
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-17 10:08:02 +01:00
745b707cd9
Define spreed calls
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-16 18:41:00 +01:00
622101f2dd
Merge pull request #2918 from nextcloud/encryption-recovery-improvements
...
create new encryption keys on password reset and backup the old one
2017-01-13 11:28:43 +01:00
3316a9d294
fix @since annotations (9.1->12)
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:11 +01:00
730442cd8f
add @since annotations and document methods
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:10 +01:00
a6dca9e7a0
add login credential store
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:09 +01:00
ce7836378c
Filter out sensitive appconfig values
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-11 11:42:36 +01:00
243c9c0941
fix coding style and increase code coverage
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 11:01:54 +01:00
ee8c617a6d
Update TwoFactorException.php
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-01-11 11:01:54 +01:00
e077e01bf2
Add a TwoFactorException
...
A Two Factor third party App may throw a TwoFactorException()
with a more detailed error message in case the authentication fails.
The 2FA Controller will then display the message of this Exception
to the user.
Working on #26593
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-01-11 11:01:52 +01:00
fcda3a20f4
create new encryption keys on password reset and backup the old one
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-10 17:04:32 +01:00
aee11009bd
Merge pull request #3000 from nextcloud/cache-no-store
...
set 'no-store' cache header if we do not want FF to cache
2017-01-10 14:07:13 +01:00
4dd2a1e679
Merge pull request #2943 from nextcloud/kill_old_preview_code
...
Cleanup old preview code
2017-01-10 13:50:14 +01:00
fe6416072d
set 'no-store' cache header if we do not want FF to cache
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-09 21:29:59 +01:00
4a2fbe9a5b
Merge pull request #2930 from nextcloud/kill-group-restriction-when-not-applicable
...
Remove group restrictions when those are not allowed anymore
2017-01-06 15:38:13 +01:00
4128a08333
Add bitwise AND and OR to the expression builder
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 14:30:25 +01:00
9bbfb5ffeb
Rewrite old preview endpoint for PreviewManager
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-04 16:51:44 +01:00
ec4b0d1e84
Remove group restrictions when those are not allowed anymore
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-04 10:40:14 +01:00
453f3beffa
Adding group display name support
2016-12-22 18:34:45 +01:00
d5ad642d18
Activities IManager throws an BadMethodCallException
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 14:15:19 +01:00
6de0eb0b74
Remove leading slash from sharing activity
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-15 15:53:48 +01:00
bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 11:42:16 +01:00
2bc931dd10
Merge pull request #2437 from nextcloud/update-notification-icons
...
Use an icon for the update notifications
2016-12-02 20:05:50 +01:00
01f4c75505
Update versions to 11.0.0
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-01 15:36:22 +01:00
1aefbed55f
Highlight the app name in the notification
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-01 15:36:22 +01:00
23a525a74b
Add language to the parse method for emails
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-01 11:34:56 +01:00
72a54ff9de
prevent warning in StreamResponse
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-29 15:29:02 +01:00
734dd3a2e6
Use correct channel information
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-29 11:29:43 +01:00
da9468522b
Add an event merger and use it for the files activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-25 15:36:11 +01:00
df215625f1
Merge pull request #1972 from nextcloud/invalid-files-from-scanner
...
Make sure we don't scan files that can not be accessed
2016-11-22 12:55:54 +01:00
a02d0975dd
Merge pull request #2154 from nextcloud/comments-activities-update
...
Move comments activities to the new API
2016-11-22 09:56:22 +01:00
558f169671
Move the validation into one place only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-21 09:23:37 +01:00
46768e71d9
Merge pull request #2076 from nextcloud/log_preview_access
...
Dispatch event on preview request
2016-11-18 20:45:29 +01:00
8b9ad46ba3
Merge pull request #768 from nextcloud/s3-objectstore
...
Add S3 objectstore backend
2016-11-18 14:55:07 +01:00
ccdf387041
Merge pull request #2184 from nextcloud/share-join-cache
...
Get the share root info directly when querying for shares
2016-11-18 11:33:33 +01:00
caacb6c261
Expose getAppPath to public API
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-17 19:24:24 +01:00
2f03fcab4a
let the share backend get the node cacheentry to save queries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-17 18:48:38 +01:00
4235b18a88
allow passing a stream to StreamResponse
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:30:36 +01:00
c5df58ec69
phpdoc
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:28 +01:00
b56f2c9ed0
basic lockdown logic
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:23 +01:00
a845f7bc01
Fix wrong copyright headers
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 12:20:04 +01:00
6b88d56e3a
Update the since version to 11.0.0
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:29:27 +01:00
b8958ee937
Fix activity manager tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:45 +01:00
c2a5c1f2c6
Allow combining events
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:45 +01:00
b2248efd75
Allow to register Providers
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:45 +01:00
72f0d9981e
Add ROS and icon support to the events
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:45 +01:00
a366602961
Validate the input into Event already
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:44 +01:00
13ff56bfc5
Allow to register settings/types via info.xml
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:44 +01:00
280d5325c7
Allow to register activity filters via info.xml
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:40 +01:00
cb97cf559b
Merge pull request #2144 from nextcloud/fix_1303
...
Do not cache version info in the session
2016-11-15 23:13:53 +01:00
f07d75a4dd
@since 9.2.0 to @since 11.0.0
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 18:51:52 +01:00
7a8bf6ea26
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 18:10:17 +01:00
99ada40df4
Dispatch event on preview request
...
Fixes : #73
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-10 14:28:09 +01:00
74024c8f28
fix phpdoc
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-09 16:59:03 +01:00
706b5c3fb6
Use a php class for the definitions to avoid loading problems
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-09 08:52:07 +01:00
1ad3043e4f
Merge pull request #1998 from nextcloud/share-by-mail-notification
...
add share by mail activity
2016-11-08 17:37:46 +01:00
3bc643ec23
add new definition
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
087dab85b4
add activity for share by mail
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
537d588726
refactoring code to reduce cyclomatic complexit
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-07 08:18:16 +01:00
d720a2fb57
Moved over files_versions
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
5466fbf761
Move Ipreview to more of DI thingy
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
6920e609c0
Adjust tests and DI for Share.php
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 23:26:49 +01:00
d907666232
bring back remember-me
...
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
318160647a
add method to check if a share provider for a given type is loaded
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:39 +01:00
5a00870a2b
Stricter signature
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-31 20:19:14 +01:00
3692769b0a
Add getShareTypesInFolder to optimize folder listening
...
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-10-31 15:55:40 +01:00
e416ee7b74
Merge pull request #1937 from nextcloud/ros-for-notification-message
...
Allow rich object strings in messages as well
2016-10-31 11:51:02 +01:00
2c0b5dee19
Allow rich object strings in messages as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-31 10:37:37 +01:00
d5159423cd
Removed depreacted functions (since 6.0)
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-29 14:27:12 +02:00
740659a04c
Move away from OC_L10N
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
f722640a32
Proper DI of config
...
* Fixed comments
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 10:13:35 +02:00
f8352fcb8d
introduce callForSeenUsers and countSeenUsers ( #26361 )
...
* introduce callForSeenUsers and countSeenUsers
* add tests
* oracle should support not null on clob
* since 9.2.0
2016-10-28 08:44:05 +02:00
d4969abc9d
Merge pull request #1800 from nextcloud/nextcloud-rich-object-strings
...
Nextcloud rich object strings
2016-10-27 15:30:58 +02:00
cde7f535bd
Merge pull request #1738 from nextcloud/comments-provide-displaynames-with-mentions
...
comment mentions: show displayname not uid
2016-10-26 14:02:49 +02:00
89574367bc
Merge pull request #1871 from nextcloud/use-csp-nonces
...
Use CSP nonces
2016-10-25 14:46:00 +02:00
44cf67accd
Storage 503 message improvements
...
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Christoph Wurst
Noveen Sachdeva
Joas Schilling
Morris Jobke
Roeland Jago Douma
Robin Appelman
Lukas Reschke
Roeland Jago Douma
Björn Schießle
Pierre Rudloff
Christoph Wurst
Felix Heidecke
Vinicius Cubas Brand
Sebastian Wessalowski
Cornelius Kölbel
Vincent Petry
Julius Haertl
Robin Appelman
Donquixote
Jörn Friedrich Dreyer