Commit Graph

35217 Commits

Author SHA1 Message Date
Roeland Jago Douma e73a11d106
Fix permision mask
If we move a file from the temp part file to the original file we don't
need update permissions.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry f374eb5f1d
More fixes to file upload
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry f72ffa2f11
Fix js unit tests for webdav put upload changes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 786e858d23
Add support for chunked upload
Hacked around Blueimp's jquery.fileupload to make it work with our new
chunking API.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry c68e273664
Goodbye Iframe transport !
Not needed any more in IE >= 11

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 25d9dce067
JS utility function to compare paths
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 59c5be1cc5
Use Webdav PUT for uploads in the web browser
- uses PUT method with jquery.fileupload for regular and public file
  lists
- for IE and browsers that don't support it, use POST with iframe
  transport
- implemented Sabre plugin to handle iframe transport and redirect the
  embedded PUT request to the proper handler
- added RFC5995 POST to file collection with "add-member" property to
  make it possible to auto-rename conflicting file names
- remove obsolete ajax/upload.php and obsolete ajax routes

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Morris Jobke 8a231a4223 Merge pull request #1829 from nextcloud/downstream-26256
Fix login page handling for disabled users
2016-10-24 21:35:53 +02:00
Morris Jobke 567e28b01a Merge pull request #1885 from nextcloud/downstream-26295
App dependencies are now analysed on app enable as well - not only on…
2016-10-24 21:26:50 +02:00
Roeland Jago Douma 72b5206c44 Merge pull request #1886 from nextcloud/downstream-26385
Remove checks about running on Windows
2016-10-24 21:15:54 +02:00
Roeland Jago Douma 112641236b Merge pull request #1881 from nextcloud/downstream-26354
log error when setting timezone to UTC fails
2016-10-24 21:14:59 +02:00
Morris Jobke f920153f16
Throw exception because the logger causes session issues anyway that early in the request cycle
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 21:14:44 +02:00
Jörn Friedrich Dreyer 2e0e68b57f
log error when setting timezone to UTC fails (#26354)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:14:40 +02:00
Roeland Jago Douma 4d01f23978 Merge pull request #1879 from nextcloud/fix-missing-import
Import the used classes
2016-10-24 21:12:24 +02:00
Morris Jobke 0bfd530b24 Merge pull request #1892 from nextcloud/refactor-readme
Refactor README
2016-10-24 19:17:06 +02:00
ryanwr 3e96f33995 Sort favorite files first Issue #1802
Signed-off-by: Ryan Welch <ryantwr@gmail.com>
2016-10-24 17:55:47 +01:00
Marius Blüm a48c7316e2
Refactor README
Signed-off-by: Marius Blüm <marius@lineone.io>
2016-10-24 18:29:21 +02:00
Jörn Friedrich Dreyer 817729dc3f
add upgrade command before repair, handle NeedsUpgradeExcaption better 2016-10-24 17:52:49 +02:00
Lukas Reschke 38b3ac8213
Add ContentSecurityPolicyNonceManager
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
Morris Jobke cfae91ab64 Merge pull request #1828 from nextcloud/avatar-picker-improvements
Avatar picker improvements
2016-10-24 16:33:18 +02:00
RealRancor 14b1d946a8
Remove checks whether OC is running on Windows pt. 2 2016-10-24 16:12:17 +02:00
Thomas Müller 03ec052b4e
App dependencies are now analysed on app enable as well - not only on app install. 2016-10-24 15:59:46 +02:00
Vincent Petry 44cf67accd
Storage 503 message improvements
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
Roeland Jago Douma a28528a254
Add ShareesAPI E-mail search
* Allow to search for SHARE_TYPE_EMAIL (4)
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 14:59:32 +02:00
Joas Schilling b130267e58
Import the used classes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-24 14:33:54 +02:00
Thomas Müller 0c637c8d73
[9.2] Add missing unit tests (#25936)
* Adjust unit test execution after folder rename

* Adjust login controller tests to match current behavior

* Fix broken unit tests
2016-10-24 14:25:52 +02:00
Roeland Jago Douma 729c06548f Merge pull request #1873 from nextcloud/files_sharing_singular
Move files_sharing Controllers => Controller
2016-10-24 14:16:02 +02:00
Lukas Reschke bd8b3f52f0 Merge pull request #1830 from nextcloud/downstream-26250
Improved exception messages
2016-10-24 13:58:29 +02:00
Robin Appelman 0aec8647c2
use smaller cropper on small screens
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-24 13:56:21 +02:00
Robin Appelman ad902d6bea
center cropper vertically
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-24 13:54:56 +02:00
Morris Jobke 24786d5c51 Merge pull request #1872 from nextcloud/ds-26447-misleading-ssl-config
Fix misleading SSL/TLS SMTP email configuration
2016-10-24 13:30:54 +02:00
Roeland Jago Douma b4ebf03bef
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 13:25:59 +02:00
Lukas Reschke 9e6634814e
Add support for CSP nonces
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.

At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)

IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.

Implementing this offers the following advantages:

1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.

If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Roeland Jago Douma f589f1a1d6
Move files_sharing Controllers => Controller
lib/Controller is the default location for controllers. So lets put them
all in there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 11:46:25 +02:00
Morris Jobke 169faf8c32
Remove sensible information from exception message
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 11:42:04 +02:00
Joas Schilling d0d7767366
Fix misleading SSL/TLS SMTP email configuration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-24 11:34:30 +02:00
Olivier Mehani 19ad058d06
Add message to NotSquareException thrown from Avatar
This prevents cryptic messages such as the following, from `user_ldap`:

     Could not set avatar for uid=user,ou=People,dc=example,dc=net, because:

Signed-off-by: Olivier Mehani <shtrom@ssji.net>

Add message to NotPermittedException thrown from Files\Nodes\Folder

Ditto.

Don't use translation macros here as this seems to be pretty low-level
errors that generally get caught and prettified, and I don't want to
unduly clog down the lower layers.

Signed-off-by: Olivier Mehani <shtrom@ssji.net>

fixup! Add message to NotPermittedException thrown from Files\Nodes\Folder
2016-10-24 11:27:27 +02:00
Morris Jobke f054adb429 Merge pull request #1866 from xcellardoor/master
Modified the SQLite warning of server/settings/templates/admin/tiptri…
2016-10-24 11:21:56 +02:00
Morris Jobke 57a5551c3d Merge pull request #1853 from nextcloud/fix_di_share_api
Moved Share20OCS to proper Controller location
2016-10-24 10:57:47 +02:00
Roeland Jago Douma ab91fa2660 Merge pull request #1820 from nextcloud/4byte-filenames
Allow 4byte unicode filenames on supported platforms
2016-10-24 10:38:25 +02:00
Sam Cater f19d4ec29b
Modified the SQLite warning of server/settings/templates/admin/tiptricks.php to be more understandable and legible
Signed-off-by: Sam Cater <sam@samcater.com>

Added sign off of commit
2016-10-24 09:02:56 +01:00
Roeland Jago Douma 6604e76e94
Fix middleware tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:52:34 +02:00
Roeland Jago Douma ea07bbc562
Move Share20OCS to ShareAPIController
It was already a controller just still residing in its old location.

* Moved ShareAPIController to user plain userID instead of user object
* Moved Share20OCS to ShareAPIController
* Removed initisation of class from Application.php and leave it to the
AppFramework
* Fixed tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:52:34 +02:00
Roeland Jago Douma 7998689bc9
Added method to DB and fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:45:04 +02:00
Joas Schilling 2aca56f207
Fix missing semicolon
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-24 09:26:30 +02:00
Lukas Reschke 598c145430 Merge pull request #1849 from nextcloud/oc_26368
Adding capability about new chunking - refs #25682 (#26368)
2016-10-22 15:11:49 +02:00
Lukas Reschke 1be6213ba4 Merge pull request #1832 from nextcloud/select2-into-core
Select2 into core
2016-10-22 14:35:07 +02:00
Lukas Reschke 169e889890
Add unit test
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-22 14:05:53 +02:00
Lukas Reschke 038d02a27d Merge pull request #1852 from nextcloud/downstream-25579
Adding Open Graph Support for public shares
2016-10-22 14:01:19 +02:00
Lukas Reschke 2b22a5fafd Merge pull request #1841 from nextcloud/oc_26359
Bumo zxcvbn && Fix zxcvbn path in setup page (26359)
2016-10-22 13:54:19 +02:00