Aaron Wood
7c0de08cc4
Escape special characters ( #25429 )
...
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Escape LIKE parameter
* Use correct method in the AbstractMapping class
* Change the getNamesBySearch method so that input can be properly escaped while still supporting matches
* Don't escape hardcoded wildcard
2016-07-20 14:46:47 +02:00
Björn Schießle
ea470f8777
Merge pull request #405 from nextcloud/theming-fixes
...
Theming fixes
2016-07-18 15:59:47 +02:00
Joas Schilling
2c988ecbf4
Use the themed Defaults everywhere
2016-07-15 09:17:30 +02:00
Roeland Jago Douma
059b7435ab
PasswordLoginForbidden is not a FATAL exception
...
It is just a 'Sabre\DAV\Exception\NotAuthenticated' exception
with some special meaning.
So just log it as DEBUG and not as FATAL.
2016-07-14 22:53:12 +02:00
Bjoern Schiessle
26e14529be
fix error message
2016-06-30 13:50:31 +02:00
Lukas Reschke
c771368c4e
Add proper throws PHP docs
2016-06-30 13:19:50 +02:00
Lukas Reschke
1e7f0f7341
Add required $message parameter
2016-06-30 13:17:53 +02:00
Bjoern Schiessle
3571207bd9
add some additonal permission checks to the webdav backend
2016-06-30 11:16:49 +02:00
Vincent Petry
2340660a5b
PasswordLoginForbidden must extend NotAuthenticated
...
The auth code from Sabre will forward NotAuthenticated exceptions but
in the case of a generic exception, it is packaged as "service not
available".
2016-06-17 15:50:24 +02:00
Christoph Wurst
5a8cfab68f
throw PasswordLoginForbidden on DAV
2016-06-17 11:30:24 +02:00
Christoph Wurst
82b50d126c
add PasswordLoginForbiddenException
2016-06-17 11:02:07 +02:00
Christoph Wurst
331d88bcab
create session token on all APIs
2016-06-13 15:38:34 +02:00
Vincent Petry
67c3a97401
Merge pull request #25046 from owncloud/fix-the-realm
...
Use the correct realm for basic authentication
2016-06-10 10:41:46 +02:00
Vincent Petry
543545505d
Merge pull request #25043 from owncloud/webdav-download-mimetype
...
DAV now returns file name with Content-Disposition header
2016-06-10 09:55:59 +02:00
Vincent Petry
1399e87d57
DAV now returns file name with Content-Disposition header
...
Fixes issue where Chrome would append ".txt" to XML files when
downloaded in the web UI
2016-06-09 15:51:41 +02:00
Thomas Müller
cf06b17df1
Use the correct realm for basic authentication - fixes #23427
2016-06-09 13:53:32 +02:00
Thomas Müller
f20c617154
Allow login by email address via webdav as well - fixes #24791
2016-06-09 12:08:49 +02:00
Robin Appelman
f119769c26
Better handling of forbidden files in dav
2016-06-07 14:01:55 +02:00
Thomas Müller
371a07e3ab
Fix checkMove() implementation for dav v2 - fixes #24776 ( #24971 )
2016-06-06 17:01:27 +02:00
Vincent Petry
3ff2bec5fa
Merge pull request #24935 from owncloud/2fa-block-dav
...
block DAV if 2FA challenge needs to be solved first
2016-06-02 15:31:18 +02:00
Joas Schilling
942e946f06
Catch the ForbiddenException to make sure it gets handled
2016-06-01 16:17:57 +02:00
Christoph Wurst
da03a85c3c
block DAV if 2FA challenge needs to be solved first
2016-06-01 10:42:38 +02:00
Lukas Reschke
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
Christoph Wurst
28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled
2016-05-24 17:54:02 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
Vincent Petry
87fa86a69a
Merge pull request #24559 from owncloud/2fa
...
two factor auth
2016-05-23 20:50:03 +02:00
Christoph Wurst
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
Arthur Schiwon
2b30136ae9
ensure comments-href returns a value also when propfind is done against remote.php/files
2016-05-20 16:22:13 +02:00
Joas Schilling
dd9ee10bc0
Move dav app to PSR-4 ( #24527 )
...
* Move Application to correct namespace and PSR-4 it
* Move dav app to PSR-4
2016-05-12 09:42:40 +02:00