Christoph Wurst
5762cd9436
Use tooltop for contact's top action title
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
d091793ceb
Contacts menu
...
* load list of contacts from the server
* show last message of each contact
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Lukas Reschke
6a16df7288
Add new auth flow
...
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:
1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.
If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)
If the user chooses to use the regular login the following happens:
1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.
This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Julius Härtl
27b19aaba1
Fix loading spinner for new app menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:25 +02:00
Julius Härtl
7548825743
Responsive app menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:24 +02:00
Roeland Jago Douma
82c9eb1c56
Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
...
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Daniel Calviño Sánchez
58cc1251be
Use "complete" callback in onPasswordEntered
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:18:52 +02:00
Daniel Calviño Sánchez
e0b0115f99
Extract common ajax call for addShare and updateShare
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:07:08 +02:00
Daniel Calviño Sánchez
3ab2958930
Document options parameter in saveLinkShare
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:05:34 +02:00
Daniel Calviño Sánchez
6e9f49f397
Add "complete" callback support for addShare
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:31:53 +02:00
Daniel Calviño Sánchez
488020cf2e
Add "complete" callback support for updateShare
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:30 +02:00
Daniel Calviño Sánchez
726c6c73f4
Add missing unit test cases and conditions
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:05 +02:00
Morris Jobke
fd7257332d
Merge pull request #4321 from nextcloud/improve-sharing-tooltip
...
change sharing tooltip with a more general description of all available share options
2017-04-24 11:12:41 -03:00
Roeland Jago Douma
7a81d46fcb
Fix link password toggle
...
We took the wrong field from the share api response. So the password was
never shown as set.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-24 14:41:41 +02:00
Roeland Jago Douma
c5617f4e8a
Merge pull request #4463 from danxuliu/fix-working-icon-placement-on-password-save
...
Fix working icon placement on password save
2017-04-24 14:34:56 +02:00
Daniel Calviño Sánchez
36f55b5867
Fix working icon placement on password save
...
Before, the icon appeared below the text input for the password. Now, it
appears inside the text input, to the right end.
The CSS was adjusted based on other icons shown in that position for
other text inputs in the Share tab view, like the information icon or
the clipboard icon.
Fixes #4135
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:50:06 +02:00
Daniel Calviño Sánchez
153d053ee7
Fix working icon not hidden when successfully setting a password
...
When a request to set the password of a shared link is sent a working
icon is shown. However, as there was no "success" callback, the icon was
never hidden again after successfully setting the password (it worked
fine if there was an error, though).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Christoph Wurst
2317d7bb49
Fix sinon.stub deprecation warnings
...
Calls to `sinon.stub(obj, 'meth', fn)` are deprecated and therefore
replaced by `sinon.stub(obj, 'meth).callsFake(fn)` as instructed by
the deprecation warning.
This makes the js unit testing output readable again.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-24 10:39:37 +02:00
Lukas Reschke
d0d34d308a
Add at most 10 password reset requests per 5 minutes and IP range
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-22 08:12:54 +02:00
Morris Jobke
9536cbf739
Merge pull request #4409 from nextcloud/socialharing_mail
...
Allow social sharing to specify if a new window is opened
2017-04-20 17:59:55 -05:00
Bjoern Schiessle
f0651cb066
allow to set a password for shares which where created without a password before the admin started to enforce the password
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Bjoern Schiessle
d8dcd72118
allow admin to enforce password on mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Roeland Jago Douma
48fd0ee9f0
Allow social sharing to specify if a new window is opened
...
For example mail shares should not open a new window because it looks
weird.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 16:32:46 +02:00
Joas Schilling
1c0bffe87f
Fix translations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Bjoern Schiessle
c6ae57ecee
simplify share placeholder
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-18 12:08:35 +02:00
Morris Jobke
ec034757fa
Merge pull request #4337 from nextcloud/fix-adblock-share-icon
...
Fix AdBlock blocking share icon, ref #866
2017-04-13 12:10:37 -05:00
Roeland Jago Douma
3eb6f88019
Move to handlebars.min.js
...
core.js is now below 1mb!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-12 22:22:38 +02:00
Roeland Jago Douma
abe887cd48
Moved to jquery-ui.custom.min.js
...
Shaves off about 200kb of the default loaded js libs
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-12 20:03:00 +02:00
Bjoern Schiessle
a3c9dcf82a
change sharing tooltip with a more general description of all available share options
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-12 16:07:42 +02:00
Jan-Christoph Borchardt
37145a275f
Fix AdBlock blocking share icon, ref #866
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-12 15:04:12 +02:00
Morris Jobke
c2686be8da
Merge pull request #4285 from nextcloud/bump-md5
...
[js] Bump blueimp-md5
2017-04-11 12:07:02 -05:00
Roeland Jago Douma
58f959864a
Show 'shared via' in share list for reshares
...
Fixes #1330
userA shares a file to userB
userB shares that file to userC
userA can see both userB and userC.
Now they can also see that userB shared it to user C
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 13:56:03 +02:00
Roeland Jago Douma
7d1745d1e7
[js] Bump blueimp-md5
...
* bumped to latest
* moved to min
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-10 20:37:07 +02:00
Morris Jobke
ca9d25169d
Merge pull request #4136 from nextcloud/expire-date-for-all-shares
...
Unified sharing options
2017-04-07 17:14:05 -05:00
Roeland Jago Douma
bf30090be5
Parse date trough moment
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-07 22:16:29 +02:00
Bjoern Schiessle
0dc13d098f
reset password field properties before we hide it
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle
c7b1a48da7
add datepicker to the popover
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle
3bce6a7a6f
allow to edit single files shared by mail. This is useful for collaborative editing documents
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle
3323d01db1
update unit tests
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
Roeland Jago Douma
efb21a948e
Merge pull request #4093 from nextcloud/endorse-password-protection
...
Endorse password protection
2017-04-04 11:04:21 +02:00
Roeland Jago Douma
7d72ae3011
Move to autosize.min.js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-03 13:42:33 +02:00
Timo Benk
868500eda4
let the user set an empty password for share link
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:19 +02:00
Timo Benk
0d7801b6ce
endorseLinkPassword changed to enableLinkPasswordByDefault
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:11 +02:00
Timo Benk
cbfe5f3c1f
feature endorse password for share links
...
works like "enforce password protection", but let the
user optionally remove the password protection after the
password is set.
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:03 +02:00
Bjoern Schiessle
5540def5e3
change permission order
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:33 +02:00
Bjoern Schiessle
99ebdc1111
make sure that variables are defined correctly
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:33 +02:00
Bjoern Schiessle
cfbabf8f2f
fix typo and capitalize cruds
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
b84fd7c361
set expire date for all share types
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
3cc0d15f92
add secure drop functionallity to mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
c191173d59
allow password protected mail shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle
0d5147bd49
add new password column to the share table in order to set passwords for share by mails
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
Bjoern Schiessle
d0eefd17d3
allow the user to set a expire date for all shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:47 +02:00
Roeland Jago Douma
2950bcbc70
Do not show social menu when there is no link share
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-31 17:29:41 +02:00
Joas Schilling
0fb7c631ce
Merge pull request #4128 from nextcloud/updateclipboard
...
Update clipboard.js
2017-03-30 14:37:03 +02:00
Roeland Jago Douma
0da04fd284
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 22:54:08 +02:00
Roeland Jago Douma
54c68519ce
Allow avatars for full numeric users
...
Fixes #4087
Because of fancy javascript if a full numeric uid was used javascript
would convert this to an int. Now we just convert everything to a string
first.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 13:39:48 +02:00
Roeland Jago Douma
b052addaca
Use minified clipboard.js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 00:27:50 +02:00
Robin Appelman
dc5ba95469
Merge pull request #4027 from nextcloud/better-spreed-call-urls
...
Better spreed call urls
2017-03-27 16:21:24 +02:00
Roeland Jago Douma
f4c9e44403
Merge pull request #4073 from nextcloud/secure-drop
...
Rename File drop to Secure drop
2017-03-27 14:39:32 +02:00
Roeland Jago Douma
16b02a0fa9
Merge pull request #4064 from nextcloud/update-moment
...
Update momentjs
2017-03-27 14:10:54 +02:00
Olivier Paroz
5a6c7877f6
Rename File drop to Secure drop
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-26 16:13:35 -06:00
Lukas Reschke
3c1d76c282
Cleanup code as suggested by @icewind1991
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 19:45:36 +02:00
Lukas Reschke
fea2108710
Make async
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 15:26:10 +02:00
Lukas Reschke
980ef89dbf
Fix callback
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:17:01 +02:00
Lukas Reschke
12a019d328
Use eval instead of $.script
...
Fixes https://github.com/nextcloud/server/issues/4067
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:12:44 +02:00
Roeland Jago Douma
62827dd1da
use moments.js min in core.js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-26 10:25:15 +02:00
Morris Jobke
2f7669179e
Merge pull request #4043 from nextcloud/merge-js-for-template-prepend
...
Merge JS for template prepend
2017-03-24 15:42:08 -06:00
Lukas Reschke
6a4fde11e6
Merge login JS
...
Removes 2 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 21:18:24 +01:00
Lukas Reschke
4f73911bab
Merge pull request #4041 from nextcloud/merge-systemtags-js
...
Merge systemtags JS
2017-03-24 21:12:42 +01:00
Lukas Reschke
6a470e5935
Merge JS for template prepend
...
Shaves off 14 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:37:13 +01:00
Lukas Reschke
4d68324ba6
Merge sharing backend JS
...
Removes 8 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:17:38 +01:00
Lukas Reschke
a9c3692a9a
Merge systemtags JS
...
Shaves off 7 requests.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:08:27 +01:00
Joas Schilling
34f0ad4ebe
Allow to push a non-query URL to the browser history
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-24 11:51:58 +01:00
Lukas Reschke
f94bc6f8bb
Merge pull request #4013 from nextcloud/bundle_vendor_js
...
Bundle vendor js
2017-03-24 10:49:57 +01:00
Roeland Jago Douma
df4d1f7b78
Merge pull request #4022 from nextcloud/downstream-27105
...
Remove auto-focus on certain input fields
2017-03-24 10:01:06 +01:00
Vincent Petry
ab37577182
Properly clear heartbeat interval
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:37:24 -06:00
Vincent Petry
46a32045d7
Update karma, use sinon from npm
...
Update karma library and use sinon JS library provided by
karma-jasmine-sinon instead of local file.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:35:41 -06:00
Felix Heidecke
a9dc3239b3
Remove auto-focus on certain input fields
...
* remove autofocus on input certain input fields if browser is msie
* Update sharedialoglinkshareview.js
* Update sharedialogview.js
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 17:34:50 -06:00
Roeland Jago Douma
eda98ed3df
Merge vendor js
...
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
Roeland Jago Douma
4518a28924
Revert "Bundle vendor js"
2017-03-22 17:01:54 +01:00
Roeland Jago Douma
ec3f5aa6e2
Merge pull request #3795 from nextcloud/bundle_vendor_js
...
Bundle vendor js
2017-03-22 13:34:21 +01:00
Roeland Jago Douma
98a14909e1
Bundle more default vendor js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:49:03 +01:00
Morris Jobke
c3f08ab151
Remove tooltip of delete button for systemtags
...
* fixes #3967
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-21 21:49:25 -06:00
Lukas Reschke
ac1aff7d92
Merge pull request #3950 from nextcloud/downstream-27149
...
Forbid to upload part files via web UI
2017-03-20 11:44:57 +01:00
Christoph Wurst
313173dd45
Merge pull request #3936 from nextcloud/downstream-27253
...
Add extensionpoint to sharedialogview
2017-03-20 08:31:01 +01:00
Felix Heidecke
11f838f9e4
Add ignore_files to config,
...
test files against ignore_files list on upload
fix typo and indentation
Move blacklist declaration to lib/public/Files/FileInfo.php,
Rename *ignored to *blacklisted
Mocked blacklist_files for testing
Mocked blacklist_files for testing
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 01:17:12 -06:00
Vincent Petry
703f2e6a61
Clear onpopstate handlers after unit tests
...
Fixes issue when running Karma tests in Firefox.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:15:21 -06:00
Felix Heidecke
f198d77388
Add extensionpoint to sharedialogview
...
Write method overriding extension
Add a list of unknowns while inputting a search term
Rename OCA.Share extension point
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 22:40:36 -06:00
Maxence Lange
69694012ab
shares-circles
...
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
Joas Schilling
0c0ce25b3c
Merge pull request #3881 from nextcloud/downstream-26842
...
Backbone Webdav Adapter MKCOL support
2017-03-17 13:53:04 +01:00
Roeland Jago Douma
7a3acff782
Merge pull request #3874 from nextcloud/harden-js-by-disabling-eval-execution
...
Harden JS by disabling jQuery eval
2017-03-17 08:31:12 +01:00
Vincent Petry
6488ed3cff
Backbone Webdav Adapter MKCOL support
...
Usually Backbone collections cannot be created and just simply exists.
But in the Webdav world they need to be creatable.
This enhancement makes it possible to use a Backbone Model to represent
such collections and when creating it, it will use MKCOL instead of PUT.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:08:48 -06:00
Lukas Reschke
39afcbd49f
Merge pull request #3679 from nextcloud/socialsharing
...
Add social sharing
2017-03-16 23:08:47 +01:00
Lukas Reschke
148e7abb51
Harden JS by disabling jQuery eval
...
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.
This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:03:02 +01:00
Morris Jobke
cd4ebe2777
Merge pull request #3008 from nextcloud/appmenu-experiment
...
Show apps in header
2017-03-16 13:03:41 -06:00
Lukas Reschke
6c8d48b0f6
Harden t() with DOMPurify
...
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 14:17:42 +01:00
Roeland Jago Douma
bb2ec51bbb
Fix unit tests of master
...
Follow up to #3802
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-16 12:46:02 +01:00
Roeland Jago Douma
57c1be8633
Merge pull request #3802 from Ko-/master
...
Check that set_time_limit is not disabled before calling it
2017-03-16 12:27:26 +01:00
Julius Haertl
f58f8f6f47
Fix popover positioning after window resize
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl
61dc78e6dc
Fix menu issues
...
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00