Commit Graph

1695 Commits

Author SHA1 Message Date
Joas Schilling a366602961
Validate the input into Event already
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:44 +01:00
Joas Schilling 13ff56bfc5
Allow to register settings/types via info.xml
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:44 +01:00
Joas Schilling 280d5325c7
Allow to register activity filters via info.xml
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:40 +01:00
Morris Jobke cb97cf559b Merge pull request #2144 from nextcloud/fix_1303
Do not cache version info in the session
2016-11-15 23:13:53 +01:00
Roeland Jago Douma f07d75a4dd
@since 9.2.0 to @since 11.0.0
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 18:51:52 +01:00
Roeland Jago Douma 7a8bf6ea26
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-15 18:10:17 +01:00
Robin Appelman 74024c8f28
fix phpdoc
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-09 16:59:03 +01:00
Joas Schilling 706b5c3fb6
Use a php class for the definitions to avoid loading problems
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-09 08:52:07 +01:00
Björn Schießle 1ad3043e4f Merge pull request #1998 from nextcloud/share-by-mail-notification
add share by mail activity
2016-11-08 17:37:46 +01:00
Bjoern Schiessle 3bc643ec23
add new definition
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
Bjoern Schiessle 087dab85b4
add activity for share by mail
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
Donquixote 537d588726
refactoring code to reduce cyclomatic complexit
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-07 08:18:16 +01:00
Roeland Jago Douma d720a2fb57
Moved over files_versions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
Roeland Jago Douma 5466fbf761
Move Ipreview to more of DI thingy
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-03 14:00:33 +01:00
Lukas Reschke 6920e609c0
Adjust tests and DI for Share.php
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 23:26:49 +01:00
Christoph Wurst d907666232
bring back remember-me
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
Bjoern Schiessle 318160647a
add method to check if a share provider for a given type is loaded
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-01 19:54:39 +01:00
Roeland Jago Douma 5a00870a2b
Stricter signature
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-31 20:19:14 +01:00
Robin Appelman 3692769b0a
Add getShareTypesInFolder to optimize folder listening
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-10-31 15:55:40 +01:00
Roeland Jago Douma e416ee7b74 Merge pull request #1937 from nextcloud/ros-for-notification-message
Allow rich object strings in messages as well
2016-10-31 11:51:02 +01:00
Joas Schilling 2c0b5dee19
Allow rich object strings in messages as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-31 10:37:37 +01:00
Roeland Jago Douma d5159423cd
Removed depreacted functions (since 6.0)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-29 14:27:12 +02:00
Roeland Jago Douma 740659a04c
Move away from OC_L10N
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 21:46:28 +02:00
Roeland Jago Douma f722640a32
Proper DI of config
* Fixed comments

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-28 10:13:35 +02:00
Jörn Friedrich Dreyer f8352fcb8d
introduce callForSeenUsers and countSeenUsers (#26361)
* introduce callForSeenUsers and countSeenUsers

* add tests

* oracle should support not null on clob

* since 9.2.0
2016-10-28 08:44:05 +02:00
Morris Jobke d4969abc9d Merge pull request #1800 from nextcloud/nextcloud-rich-object-strings
Nextcloud rich object strings
2016-10-27 15:30:58 +02:00
Morris Jobke cde7f535bd Merge pull request #1738 from nextcloud/comments-provide-displaynames-with-mentions
comment mentions: show displayname not uid
2016-10-26 14:02:49 +02:00
Morris Jobke 89574367bc Merge pull request #1871 from nextcloud/use-csp-nonces
Use CSP nonces
2016-10-25 14:46:00 +02:00
Vincent Petry 44cf67accd
Storage 503 message improvements
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
Lukas Reschke 9e6634814e
Add support for CSP nonces
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.

At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)

IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.

Implementing this offers the following advantages:

1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.

If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Robin Appelman 3a8e75a814
Allow 4byte unicode filenames on supported platforms
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-20 14:26:09 +02:00
Joas Schilling cf2d1b2427
Move federated share notifications to ROS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:59 +02:00
Joas Schilling b35d2fd8f2
Allow rich object subjects for Notifications
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:59 +02:00
Joas Schilling 2098648850
Add Rich Object Definitions and a validator
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:51 +02:00
Arthur Schiwon 5d98ab83e9
resolve displayname via manager and registerable resolvers
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:34:00 +02:00
Arthur Schiwon fea3e20a80
move mention extraction to (I)Comment and report mentions via DAV
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:33:55 +02:00
Morris Jobke 96f8f209b9 Merge pull request #1449 from nextcloud/comments-user-mention
Notifications for simple @-mentioning in comments
2016-10-17 09:30:47 +02:00
Arthur Schiwon 1bcd2ca8e3
emit pre-update event for comments
* notifications can be cleaned up, no polluted DB
* updating comments will re-notify users or remove notifications, depending on the message

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 18:06:22 +02:00
Robin Appelman 0d842e0550
optimize Folder::getById to use less queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:28 +02:00
Arthur Schiwon e1073cf442
Notificacations for simple @-mentioning in comments
(WIP) notify user when mentioned in comments

Fix doc, and create absolute URL for as notification link.

PSR-4 compatibility changes

also move notification creation to comments app

Do not notify yourself

unit test for controller and application

smaller fixes

- translatable app name
- remove doubles in mention array
- micro perf optimization
- display name: special label for deleted users, keep user id for users that could not be fetched from userManager

Comment Notification-Listener Unit Test

fix email adresses

remove notification when triggering comment was deleted

add and adjust tests

add missing @license tags

simplify NotificationsController registration

appinfo simplification, php docs

make string easier to translate

adjust test

replace dispatcher-based listeners with a registration method and interface

safer to not pass optional data parameter to setSubject for marking as processed. ID and mention suffices

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

update comment

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 17:11:19 +02:00
Joas Schilling c77933ca22
Add an icon to the notification API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-07 17:00:24 +02:00
Morris Jobke 316db0a97b add proper exception documentation for ISimpleFS interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-05 23:47:00 +02:00
Roeland Jago Douma 851769adc8
Deprecate old app folder
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma 6807cb684f
avatar to appdata
* Fix AvatarTest

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma 5d8b941fea
Initial AppData
* Introduce simpleFS
* Introduce IAppData
* Introduce AppData Factory to get your AppData folder
* Update FileDisplayResponse

* AppData implements a ISimpleRoot but lazy. So only if an apps starts
  to access data will stuff get initialized

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:14 +02:00
Morris Jobke afe40ac996
write channel to config file when changed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-09-26 13:44:56 +02:00
Roeland Jago Douma 7c078a81b4
Add trict CSP to OCS responses
If a repsonse now explicitly has the Empty CSP set then the middleware
won't touch it.
2016-09-15 13:11:36 +02:00
Roeland Jago Douma 3c55fe6bab
Split OCS version handling
This cleans up a bit the OCSController/Middleware. Since the 2 versions
of OCS differ a bit. Moved a lot of stuff internal since it is of no
concern to the outside.
2016-09-06 11:57:39 +02:00
Roeland Jago Douma 777c3ee325
Add FileDisplayResponse
A lazy implementation of the DisplayResponse that only hits the
filesystem if the etag and mtime do not match.
2016-09-05 15:09:54 +02:00
Lukas Reschke 06fa486706 Merge pull request #1158 from nextcloud/cache_avatars
Cache avatars
2016-09-05 15:08:43 +02:00