Markus Staab
db34b59238
Prevent XSS in links which open a new browser window
2017-10-19 12:16:04 +02:00
Christoph Wurst
2e19c42bc5
Check whether an app archive can be extracted
...
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 14:07:17 +02:00
Joas Schilling
79d7c26b8a
Register autoloading before running migrations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-07 12:01:11 +02:00
Joas Schilling
7a3d83d630
Register autoloading before running migrations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00
Joas Schilling
183b1dbde3
Use migrations when there is no database.xml
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:01:19 +02:00
Morris Jobke
be33234266
Remove OC_App:installApp
...
* uses Installer->installApp now
* removes unused code
* fixes #4453
* added some additional checks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-15 00:03:35 -05:00
Lukas Reschke
47cd976035
Add app bundles
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:49 +02:00
Morris Jobke
c54a59d51e
Remove unused use statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Lukas Reschke
32bf8ec826
Don't use cached informations for app version
...
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:
- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)
This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.
While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-09 18:01:45 +01:00
Lukas Reschke
7cb0df28e2
Prevent downgrade attacks for apps
...
We should verify the app versions when installing a new update, otherwise this could result in downgrade attacks when an attacker just copies the old signature.
Plus it prevents the case that in case of a bug in the appstore actually an older version gets installed.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-11 18:53:26 +01:00
Joas Schilling
2f7e291101
Correctly catch the "soft errors" now
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-09 10:30:19 +01:00
Joas Schilling
224dfaf1e6
Use a better error message and point the users to the support channels
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-09 09:10:32 +01:00
Lukas Reschke
0eeef26a8e
Add tests for installer method
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 19:39:35 +01:00
Lukas Reschke
086d43f26d
Move to non-static version
...
The static version is used nowhere in the code and just decreases coverage
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 18:42:19 +01:00
Lukas Reschke
d805df7bb3
Use findAppInDirectories
...
The other function doesn't work if the appstore is disabled
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:30:02 +01:00
Lukas Reschke
8acb54aa0b
Add update support
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:47 +01:00
Lukas Reschke
3e6dd86ee4
Add support for CRL
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:46 +01:00
Lukas Reschke
0e2aee2be6
Replace with exception instead of boolean return value
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:46 +01:00
Lukas Reschke
ca7f6dec55
Make non-static
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:45 +01:00
Lukas Reschke
32cf661215
Use new appstore API
...
This change introduces the new appstore API in Nextcloud.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-31 17:17:44 +01:00
Joas Schilling
356ac5d42f
Add app name to the call
...
Regression from 69b063f4c6
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-10 16:34:14 +02:00
Arthur Schiwon
ac04ba6784
register app autoload instead of loading apps
2016-08-12 13:23:14 +02:00
Arthur Schiwon
ce6ad5de25
make sure shipped apps also setup their admin settings on a fresh install
2016-08-11 16:37:11 +02:00
Arthur Schiwon
0fc34c99f4
fix registration of admin settings and section on app install
2016-08-11 00:45:15 +02:00
Arthur Schiwon
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
Joas Schilling
0215b004da
Update with robin
2016-07-21 18:13:58 +02:00
Joas Schilling
ba87db3fcc
Fix others
2016-07-21 18:13:57 +02:00
Morris Jobke
e95c15e53a
fix more strings
2016-06-20 13:14:24 +02:00
Lukas Reschke
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
Joas Schilling
db16dc6644
Correctly register autoloading before install.php and loading commands
2016-05-11 11:18:00 +02:00
Thomas Müller
71fa0a75bf
Allow declaration of background jobs in info.xml
2016-05-03 08:58:12 +02:00
Roeland Jago Douma
c96ed5c4ce
Move OC_Archive to \OC\Archive\Archive
...
* Move out of legacy folder
* Move to proper namespace
* Fix calling code
2016-05-02 19:34:32 +02:00
Thomas Müller
5e055ca6c1
Move uninstall repair step execution to the correct place
2016-05-02 09:22:26 +02:00
Thomas Müller
f91e5f87d2
Fix installer file location
2016-05-02 09:06:19 +02:00