Commit Graph

89 Commits

Author SHA1 Message Date
Roeland Jago Douma 3ddc68f91b
Add IMapperException
This way code using the DB mappers can have try catch blocks on this
type of exceptions if they do not care if there was non or to many.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-06 22:26:58 +01:00
Roeland Jago Douma 58345e02d2
Basic CSP no longer deprecated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-08 10:37:48 +01:00
Roeland Jago Douma 579822b6a5
Add report-uri to CSP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-21 13:38:32 +02:00
Roeland Jago Douma 5b61ef9213
Disallow unsafe-eval by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
Joas Schilling 840dd4b39c
Allow to inject/mock `new \DateTime()` similar to time()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-09 15:38:31 +02:00
Morris Jobke e45248c17a
Merge pull request #10967 from nextcloud/zipresponse
Add zip response
2018-10-02 23:34:30 +02:00
Morris Jobke bcbffdb644
Add PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-02 22:35:31 +02:00
Roeland Jago Douma 7d9052d4b9
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:17:27 +02:00
Roeland Jago Douma a891f42a5d
fixup! Add fix response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 08:16:28 +02:00
Jakob Sack a9fa220e68
Add fix response
implements #7589
2018-10-02 08:13:39 +02:00
Christoph Wurst 3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:28 +02:00
Christoph Wurst 40fdff5b80
Add QBMapper::insertOrUpdate()
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 08:09:27 +02:00
Roeland Jago Douma 8354c50911
Deprecate the childSrc functions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
Roeland Jago Douma c8fe4b4fc8
Add workerSrc to CSP
Fixes #11035

Since the child-src directive is deprecated (we should kill it at some
point) we need to have the proper worker-src available

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-04 07:35:44 +02:00
Roeland Jago Douma c21cee248c
Disallow eval on the StrictEvalCSP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-11 21:12:36 +02:00
Roeland Jago Douma 5455045a9b
Fix direct access to authen page
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:57:13 +02:00
Roeland Jago Douma 6de656e435
Update token on regeneration for public login
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:38 +02:00
Roeland Jago Douma 1bb8bc8ff9
Add AuthPublicShareControllerTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:38 +02:00
Roeland Jago Douma 61e445da88
Add PublicShareControllerTests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:38 +02:00
Roeland Jago Douma 31392c2443
Move public auth page over
Now this is in core so the basics (that 99% of the app will want to
use) looks always the same.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma f36ef8ca80
Add the new PublicShareController and PublicShareMiddleware
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:35 +02:00
Roeland Jago Douma b38fa573e1
Add stricter CSPs
* Deprecate our default CSP
* Add strict CSP that is always our strictest setting
* Add strict eval CSP (disable unsafe-eval)
* Add strict inline CSP (disables inline styles)

This is just to move forward and have a incremental improvement of our
CSP

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-13 14:47:57 +02:00
Roeland Jago Douma a34495933e
Move caching logic to response
This avoids having to do it at all the places we want cached responses.

We can't inject the ITimeFactor without breaking public API.
However we can perfectly overwrite the service (resulting in the same
testable effect).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-04 08:48:54 +02:00
Roeland Jago Douma ed7b4839d9
The column is not user input so suppress the phan warning
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-14 14:46:33 +02:00
Roeland Jago Douma 74d7f6d4ca
Add a QueryBuilder Mapper
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-10 19:47:43 +02:00
Julius Härtl 6ded1c46b7
Add since tags
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 13:18:17 +02:00
Julius Härtl 2e60f91ab1
Move external share saving to template
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 13:11:55 +02:00
Julius Härtl 30e76f9f14
Add footer to public page template
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 12:22:01 +02:00
Julius Härtl eb19899f8e
Move common menu templates to public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 11:09:19 +02:00
Roeland Jago Douma 129a608ebe
OCP\AppFramework\App strict
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-09 08:42:03 +01:00
Julius Härtl 36563d4a4b
Remove setters
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 9cf49873fa
Rework array handling to avoid phan error
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 2b6c00fc0f
Add id to list element
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 7cd0340366
Sort menu by priority
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 038aad73c7
Add missing phpdoc for public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 4f83462f67
Add phpdoc, typehints and sanitize HTML
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
Julius Härtl 4f78980fad
Add menu item abstraction
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
Julius Härtl 0655df09d6
Pass template parameters to parent template
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
Roeland Jago Douma fb41a93a95
Merge pull request #8473 from nextcloud/strict_cmr
Strict OCP\AppFramework\Utility\IControllerMethodReflector
2018-02-21 22:56:40 +01:00
Roeland Jago Douma aa060f5332
Strict OCP\AppFramework\Utility\IControllerMethodReflector
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-21 19:55:49 +01:00
Roeland Jago Douma 5825c27a12
Make sure that render always returns a string
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-21 13:28:40 +01:00
Joas Schilling 7bc9a69c3f
Remove deprecated core API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-15 17:54:50 +01:00
Roeland Jago Douma d44de92c31
Merge pull request #7838 from nextcloud/timefactory_strict
Make the ITimeFactory strict + return types
2018-01-15 09:27:37 +01:00
Roeland Jago Douma 7ffd62bf95
Make the ITimeFactory strict + return types
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-14 21:55:40 +01:00
Roeland Jago Douma 704133d732
Remove deprecated functions from DI Container
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-13 19:29:52 +01:00
Roeland Jago Douma f55732a18f
Merge pull request #7075 from nextcloud/remove-unused-variables
Remove unused variables
2017-11-07 16:18:40 +01:00
Morris Jobke 4866314ce0
Run updated license header updater
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-07 13:47:42 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Morris Jobke 5445b1ff17
Remove unused variables
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:43:45 +01:00