Commit Graph

152 Commits

Author SHA1 Message Date
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Jan-Christoph Borchardt 6d384e5f7c consolidate all admin warnings and notices into one section 2015-03-24 15:21:49 +01:00
Lukas Reschke 9926cb36de Remove unused section
This section is now unused as the security configuration has to happen on the webserver layer since https://github.com/owncloud/core/pull/14651
2015-03-17 13:29:51 +01:00
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Lukas Reschke b6d8a48ce1 Add detection for invalid CLI configuration for settings page
This change will log all failures that prevent the CLI cronjob from happening to the database and display a warning to administrators when an error happened.

To test:

1. Configure some invalid CLI php.ini settings
2. Enable the CLI cronjob and run php cron.php
3. See the errors printed and also in the admin page
4. Configure the CLI settings correctly
5. Errors should be gone.

Fixes https://github.com/owncloud/core/issues/13994
2015-02-27 20:20:34 +01:00
Thomas Müller f72f9e0159 Merge pull request #14530 from owncloud/revert-14403
Revert "Updating license headers"
2015-02-27 00:39:29 -08:00
Morris Jobke 06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Lukas Reschke 06cf93e6ee Move UTF-8 check to setup
Nobody reads the warnings anyways and so we should enforce it at installation time... Also allows us to get rid of some duplicated code.

To test change the `default_charset` to something other than `utf-8` or `UTF-8`, both should work fine with that change here. An error should then get shown.

We already set those default charsets in the shipped .user.ini and .htaccess
2015-02-24 23:51:36 +01:00
Jenkins for ownCloud 6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke b701bbd8c5 Use APCu only if available in version 4.0.6 and higher
APCu before 4.0.6 is unbelievable buggy and tend to segfault the PHP process (i.e. the whole webserver)

This potentially fixes https://github.com/owncloud/core/issues/14175

Requires a backport to stable8
2015-02-17 13:28:02 +01:00
Lukas Reschke 886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Frank Karlitschek 828d7d6cf5 add a Windows warning 2015-01-20 13:37:50 +01:00
Morris Jobke 7b9343f385 fix typo - caused by 3d997e8c62 2015-01-18 22:08:11 +01:00
Morris Jobke 6a5f12beca Merge pull request #12988 from owncloud/logfile_download
Logfile download
2015-01-09 00:33:22 +01:00
Georg Ehrke f579f2bd94 add Download logfile button to admin settings
add logSettingsController

add download logfile button

move getEntries to LogSettingsController

move set log level to logsettingscontroller.php

add warning if logfile is bigger than 100MB

add unit test for set log level

fix typecasting, add new line at EoF

show log and logfile download only if log_type is set to owncloud

add unit test for getFilenameForDownload
2015-01-07 14:55:53 +01:00
Joas Schilling 3d997e8c62 Fix incorrect warning about setting the overwrite.cli.url 2015-01-07 09:02:33 +01:00
Joas Schilling 539c0aeb04 Add an option to disallow sending sharing emails to non-owncloud users
Fix #10836
2014-12-09 11:32:39 +01:00
Lukas Reschke 8b9cc5c25b Remove unexisting `htAccessWorkinght`
Partially fixes https://github.com/owncloud/core/issues/12690 - remark to myself: improve grep skills.
2014-12-08 11:25:32 +01:00
Lukas Reschke 2b76227180 Check for working .htaccess via AJAX
Fixes https://github.com/owncloud/core/issues/12650
2014-12-06 15:34:53 +01:00
Lukas Reschke 1b0bc2e099 PHP 5.4 is now required for master
🍻
2014-12-04 10:46:38 +01:00
Lukas Reschke fc116f563f Allow read-only configuration
Workaround required for IIS setups running ownCloud to prevent dataloss.

Long-term solution would be to move some configuration settings to the database
2014-11-25 16:26:47 +01:00
Joas Schilling 64421d76fd Deduplicate function by moving it to the OC_Helper 2014-11-20 12:37:59 +01:00
Joas Schilling e32968cfce Remove exec() call with invalid name on windows
Currently running unit tests prints the following message 3 times:
The command "command" is misspelt or could not be found.
Instead of trying this, we just skip this now.
2014-11-19 17:04:55 +01:00
Thomas Müller 5aaea6961c Merge pull request #12110 from owncloud/fix-12080
add 'namespace' for automatically created navigation divs, fixes #12080
2014-11-12 11:25:42 +01:00
Arthur Schiwon c5c74792d1 add 'namespace' for automatically created navigation divs, fixes #12080 2014-11-12 10:42:44 +01:00
Lukas Reschke e73ccbd4ca Migrate "setsecurity.php" to the AppFramework
Add switch to enforce SSL for subdomains

Add unit tests

Add test for boolean values

Camel-case

Fix ugly JS
2014-11-03 16:53:03 +01:00
Thomas Müller 1076a77840 fix loading of more log entries 2014-10-30 14:59:13 +01:00
Thomas Müller d9db791c67 introduce sidebar for admin page 2014-10-30 13:44:40 +01:00
Lukas Reschke 2d2a4741ce Make files non executable
There is not much sense in having these files marked executable, we should avoid that.
2014-10-24 11:14:51 +02:00
Vincent Petry e65ceb08fc Moved WebDAV and internet checks to client side JS
- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
  server
2014-09-23 11:16:14 +02:00
Vincent Petry a064536ec1 Fixed select2 for admin and apps page
Added explicit escaping.
Now internally using a pipe symbol as separator for select2, to make it
possible to use group names containing commas.
2014-09-10 14:30:02 +02:00
Vincent Petry 0d28ba0662 Added select2 on the apps page
Moved setupGroupsSelect() from admin.js to a common settings.js
as OC.Settings.setupGoupsSelect().

Now using select2 as well on the apps page.
2014-09-09 18:04:00 +02:00
Vincent Petry 4a27f4b8b5 Load select2 on admin page 2014-09-09 18:03:05 +02:00
Vincent Petry d23621536c Now using select2 for the groups excluded from sharing 2014-09-09 18:03:05 +02:00
Lukas Reschke c13a8acbb5 Don't show warning when has_internet_connection is set to false
Revert

Add disabled
2014-09-05 15:58:33 +02:00
Joas Schilling 64d64610d2 Add a note about overwritewebroot when using system cron
If the current webroot is non-empty but the webroot from the config is,
and system cron is used, the URL generator fails to build valid URLs.
So we notify the admin to set it up correctly.

Fix #9995
2014-08-18 11:10:22 +02:00
Thomas Müller 3e493501da Merge pull request #9890 from owncloud/check-php-charset-master
setting and checking default_charset in php.ini to be UTF-8
2014-08-11 22:11:11 +02:00
Thomas Müller 673a8bb2b8 only call exec() if allowed to 2014-07-29 16:59:40 +02:00
Thomas Müller 07dc0b2fdf setting and checking default_charset in php.ini to be UTF-8 2014-07-25 09:53:25 +02:00
Steffen Lindner 1b871da59e Fixes typo with sendmail detection - fixes #9203 2014-06-30 15:01:12 +02:00
Bjoern Schiessle 6578f00b4b unify share settings 2014-06-05 15:49:34 +02:00
Thomas Müller cfc1d5623e Merge pull request #8840 from owncloud/share_settings
by default don't show option to send mail notifications for shares
2014-06-03 16:42:44 +02:00
Morris Jobke 25c676f203 simplify SQLite warning 2014-06-03 12:02:23 +02:00
Morris Jobke f88482355f check for user count and files count 2014-06-03 11:39:16 +02:00
Bjoern Schiessle 8e583f55dc set "allow users to send mail notification for shared files default" setting to "no" now that we have the activity app 2014-06-03 11:29:28 +02:00
Morris Jobke 68a4fd44e6 add notification on admin page 2014-06-03 08:01:39 +02:00
Thomas Müller 555b9cc245 Merge pull request #7614 from owncloud/test_annotations_working
Check if ReflectionMethod::getDocComment is working
2014-05-30 22:17:30 +02:00
Bjoern Schiessle 12338e0ef0 allow admin to disable sharing for specific groups of users 2014-05-22 10:43:44 +02:00
Thomas Müller 30f1ec2521 Merge branch 'master' into test_annotations_working
Conflicts:
	lib/private/util.php
2014-05-19 21:42:30 +02:00
Bjoern Schiessle b6e14af861 allow admin to enforce passwords for public link shares 2014-05-16 17:41:09 +02:00
Thomas Tanghus 287c8981bc Check if ReflectionMethod::getDocComment is working 2014-05-09 22:44:55 +02:00
Bjoern Schiessle 6650be9913 add setting to set default expire date 2014-04-24 13:34:31 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Joas Schilling e79a027e77 Always define sendmail_is_available
Fix #8048
2014-04-09 10:18:46 +02:00
Thomas Müller 5fa8f7cf12 Merge pull request #7107 from owncloud/load-apps-proper-master
Load apps proper master
2014-03-28 10:33:55 +01:00
Thomas Müller f9279ac77a killing some more calls to OC_App::loadApps(); - because we load all apps in handleRequest() 2014-03-25 17:42:41 +01:00
kondou dda7129a24 Merge branch 'master' of https://github.com/owncloud/core into last_cron_log 2014-03-21 20:23:31 +01:00
kondou 547b563464 Log last cron execution
Fixes #2012
2014-03-12 15:20:51 +01:00
Joas Schilling efbca04ab4 Use command -v to check for sendmail
Fix #7559
2014-03-12 11:47:21 +01:00
Joas Schilling 0285d5b6e2 Hide QMail when not selected and hide sendmail when not available on the server
Fix #7559
2014-03-05 14:53:20 +01:00
Joas Schilling 8387cd8ae3 Add option to change email settings in admin section
Fix issue #7166
2014-02-18 14:26:03 +01:00
Frank Karlitschek 61296ed7bb lower required php version to 5.3.3 2013-12-04 10:25:22 +01:00
Bart Visscher 368342a085 Update error messages 2013-11-15 14:46:00 +01:00
Bjoern Schiessle f8563ec583 Merge branch 'master' into sharing_mail_notification_master
increased version number to trigger db update

Conflicts:
	lib/util.php
2013-09-05 13:39:45 +02:00
Bjoern Schiessle 77adaee645 enable user to inform recipients about a shared file by mail 2013-08-30 13:53:49 +02:00
kondou f1518a54df Merge branch 'master' into clean_up_util
Conflicts:
	lib/util.php
2013-08-20 17:20:30 +02:00
kondou 65d802329f Fix some naming and spacing in lib/util.php 2013-08-18 10:33:09 +02:00
Andreas Fischer d38929fb10 Fix spacing of all touched lines. 2013-08-17 23:38:26 +02:00
Bart Visscher 29b6dd53a0 Compare result are already true/false 2013-08-17 12:58:10 +02:00
kondou 9c5416fe4a Clean up \OC\Util
- Use camelCase

 - Add some phpdoc

 - Fix some indents

 - Use some more spacing
2013-08-15 15:57:32 +02:00
Thomas Müller 840e96cda3 Merge branch 'master' into disable-anon-upload-master
Conflicts:
	settings/templates/admin.php
2013-07-22 11:55:20 +02:00
kondou 05084e03a0 Use !== and === in settings. 2013-07-21 13:55:25 +02:00
Thomas Müller fc2d538311 new admin setting added which allows to turn off anonymous uploads 2013-07-12 17:03:51 +02:00
Thomas Mueller dd4a07321a fix method naming 2013-05-31 23:24:09 +02:00
Georg Ehrke 183f8c90af use false instead of 0 2013-05-27 19:26:53 +02:00
Georg Ehrke 557cc4c1ab make method names camelCase 2013-05-27 19:24:31 +02:00
Georg Ehrke 3f52393866 don't show a warning if internet connection is disabled on purpose 2013-05-27 19:19:47 +02:00
Morris Jobke e78a464002 remove log sort in admin section
doesn't work anymore, because now the datetime is saved as string (ref #2975)
2013-04-23 14:56:33 +02:00
Thomas Mueller 5788d36c8d Merge branch 'master' into fixing-1354-master
Conflicts:
	settings/admin.php
	settings/templates/admin.php
2013-02-07 10:44:28 +01:00
Thomas Mueller 84f3c8b6cc show webdav test results in admin section as well 2013-02-07 00:49:39 +01:00
Thomas Mueller 6058c2f734 we get best results regarding mime type detection if we use fileinfo - let's tell the admin about that 2013-02-04 15:04:26 +01:00
Lukas Reschke 466cdab680 Add security section to admin menu
Currently it only allows the admin to enable or disable the HTTPS
enforcement, but in the future it could be expanded to further options.

The HTTPS enforcement only allows the admin to enforce it, if he is
connected via HTTPS. (To prevent admins to enable it without a proper
SSL setup)
2013-01-11 14:18:51 +01:00
Frank Karlitschek 196f1c3786 add a check and a warning if setlocale is working 2012-12-19 15:10:33 +01:00
Frank Karlitschek 55f75c6d8e add a check and a warning if the ownClodu server is not able to establish http connections to the internet. The reason is that users complained that external filesystem support, the update checker, downloading of new apps or the nowledgebase don´t work and don´t know why. 2012-11-08 18:08:44 +01:00
Felix Moeller 30d7993e01 Checkstyle fixes: NoSpaceAfterComma 2012-11-04 11:10:46 +01:00
Felix Moeller afadf93d31 Checkstyle: many fixes 2012-11-02 19:53:02 +01:00
Bart Visscher d0bd2bbf27 Convert menu entries of settings pages to use router 2012-09-28 23:20:17 +02:00
Thomas Mueller 3829460ab8 adding space between) and { 2012-09-07 15:22:01 +02:00
Thomas Mueller ebb28412ca no more require_once() 2012-09-05 23:28:59 +02:00
Michael Gapczynski 9cd55508c3 Add Share API settings to admin page 2012-08-27 20:39:31 -04:00
Jakob Sack 7055d2aa2b Backgroundjobs: improve admin form 2012-08-10 01:36:33 +02:00
Georg Ehrke 1bccc80996 hide morelog button if there are no more log entries - bugfix for oc-1398 2012-08-04 17:38:31 +02:00
Frank Karlitschek e95055b2bd check if the data directory is accessible via http. Show a big security warning if yes 2012-06-21 14:07:04 +02:00
Bjoern Schiessle 089ae980c4 use new sanitize HTML function 2012-06-19 17:24:55 +02:00
Lukas Reschke d2a34f4b35 Fixes a issue with the log 2012-06-11 19:33:16 +02:00
Lukas Reschke 2b22c538c8 Make some apps compatible 2012-06-11 19:07:51 +02:00
Lukas Reschke c009bc4b87 Revert 2012-06-11 13:27:32 +02:00
Lukas Reschke ec4c373eaa Settings... 2012-06-11 12:48:47 +02:00
Robin Appelman 5720bd296d merge log into admin 2012-04-16 12:21:48 +02:00
Robin Appelman d9372ac766 make log level configurable 2011-10-16 21:11:03 +02:00