Fixes#7184
The SyncJob can be very resource intensive. Since it requests all users
on the system to create the system addressbook. In order to do this it
creates a vcard for every user and updates the addressbook.
There is no need for this job since the proper signals are emitted and
handled in the carddav backend to update the addressbook live.
Worst comes to worst there is always the occ command to bring the
address book in sync again.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Case: email is set to null, but the avatar is set. In the old case the
email would set $emptyValue but $noImage would still be false. This we
would set the empty string as email.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.
As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.
The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Since we now heavily use this endpoint for the contacts menu we better
set proper caching on the images. Else this gets reload over and over
again leading to slow loading menu and unneded bytes transfered.
* cache for 1 hour by default
* added ETag for validation
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Otherwise group members can remove the share for the complete group,
remove edit permissions and even single user shares for other users.
Signed-off-by: Joas Schilling <coding@schilljs.com>
* Update sabre/dav to 3.2.0
* Adjust code to work with sabre/dav 3.2.0 and it's dependencies
* Adding own CalDAV plugin to fix calendar home property
* Test if there is a user logged in when listing files home
* Update sabre version used by integration tests
* Disable unauthenticated DAV access
This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.
=====
* Fixed so cherry-pick was succesfull
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma
Tobia De Koninck
Morris Jobke
Joas Schilling
Thomas Citharel
Lukas Reschke
Georg Ehrke
Roeland Jago Douma
Bjoern Schiessle
John Molakvoæ (skjnldsv)
Thomas Müller
Olivier Mehani