+ Set "Satisfy All" whenever available, as well on Apache 2.4+. This is required to override possible "Satisfy Any" on parent dir, which otherwise would allow direct access to data, regardless of "Require" directive.
+ Set "Deny from all" as well whenever available, to block access regardless of which access control directive takes priority.
+ Assume Apache 2.2 only, if mod_authz_core and mod_access_compat are both not available, to avoid doubled directives. In this case set "Deny from all" directive only if the providing mod_authz_host module is available. "Satisfy" is a core directive on Apache 2.2.
+ Update Apache version strings. Regarding the used directives/modules, Apache 2.4 and 2.5 behave the same.
+ Add ordering spaces to better reflect the nested directives and to match style of other .htaccess files.
Fixes: #6449 (for the config directory)
Signed-off-by: Micha Felle <micha@dietpi.com>
+ Set "Satisfy All" whenever available, as well on Apache 2.4+. This is required to override possible "Satisfy Any" on parent dir, which otherwise would allow direct access to data, regardless of "Require" directive.
+ Set "Deny from all" as well whenever available, to block access regardless of which access control directive takes priority.
+ Assume Apache 2.2 only, if mod_authz_core and mod_access_compat are both not available, to avoid doubled directives. In this case set "Deny from all" directive only if the providing mod_authz_host module is available. "Satisfy" is a core directive on Apache 2.2.
+ Update Apache version strings. Regarding the used directives/modules, Apache 2.4 and 2.5 behave the same.
+ Add ordering spaces to better reflect the nested directives and to match style of other .htaccess files.
Fixes: https://github.com/nextcloud/server/issues/6449
Signed-off-by: Micha Felle <micha@dietpi.com>
Although uncommon, in some cases a Context may need to be extended (for
example, to override a step defined in the server with a specific
behaviour in the acceptance tests of an app); in those cases the
subclass should be able to access the actor attribute defined in the
Context it is extending.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup add owner_id and proxy_id as db index, since we use it for querying
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup don't add ACL for each individual proxy, just use calendar-proxy groups
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup allow delegation of resources / rooms
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup fix addIndex call in migration
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup fix remaining constructor calls of Principal
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
!fixup minor fixes and unit tests
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
MichaIng
Roeland Jago Douma
Julius Härtl
Daniel Kesselberg
Nextcloud bot
dependabot-preview[bot]
Georg Ehrke
Roeland Jago Douma
Daniel Calviño Sánchez
Thomas Citharel
Joas Schilling
John Molakvoæ
John Molakvoæ (skjnldsv)