Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
...
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.
As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.
The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling
984933e586
Only use readable chars in Share Tokens
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Joas Schilling
90fa27694a
Use PNG version of the icons for shipped activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Morris Jobke
ca3c69c8ae
Merge pull request #5298 from nextcloud/bugfix/4885/calendar_shares_url_special_char_issue
...
urldecode group principals in Cal- and CardDAV backend
2017-06-14 23:10:40 -05:00
Morris Jobke
ac565cecad
Merge pull request #5300 from nextcloud/bugfix/noid/fix_proppatch_requests_to_groupshares
...
allow users to send PropPatch request when calendar is group-shared with them
2017-06-14 23:00:39 -05:00
Georg Ehrke
35781ae45c
urldecode group principals in Cal- and CardDAV backend
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-12 21:01:30 +02:00
Georg Ehrke
0f1d47cdf3
allow users to send PropPatch request when calendar is group-shared with them
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 09:21:56 +02:00
Georg Ehrke
9563c25c69
allow PropPatch requests to contact_birthdays
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 08:00:52 +02:00
Georg Ehrke
4b5379309e
fix replacing of 4MB Unicode Chars in cal props table
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-21 13:26:46 +02:00
Georg Ehrke
255442f281
fix PROPPATCH requests to read-only shared calendars
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-08 12:09:15 +02:00
Georg Ehrke
0f8a9514de
rename calendarobjects_properties -> calendarobjects_props
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-28 20:21:46 +02:00
Georg Ehrke
8d00458b56
unit test custom calendar search
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-28 20:21:36 +02:00
Georg Ehrke
c76633bb8a
require at least one param or prop filter element
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 18:20:32 +02:00
Georg Ehrke
ac3cc5211b
updateProperties: catch exception when reading calendar data
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 16:42:41 +02:00
Georg Ehrke
dd424fcb7b
unit test CalDAV Search Plugin
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 16:39:17 +02:00
Georg Ehrke
40eec1e63c
add repairstep with backgroundjob to index calendar data
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-25 11:55:31 +02:00
Georg Ehrke
e760cda96f
remove unused CalendarSearchValidator
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-24 22:38:21 +02:00
Georg Ehrke
57b543a918
add Nextcloud Search extension to CalDAV
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-24 22:38:20 +02:00
Joas Schilling
3d671cc536
Merge pull request #4443 from nextcloud/cleanup-unused-imports
...
Remove unused use statements
2017-04-24 11:47:37 +02:00
Georg Ehrke
c89e057d27
add owner-displayname property to calendars and addressbooks
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-23 11:26:49 +02:00
Morris Jobke
c54a59d51e
Remove unused use statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Joas Schilling
088f4422f9
Fix remaining "PHP Inspection" warnings
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Joas Schilling
62ef59616d
Add public access modifier to all methods
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Joas Schilling
c2d1e6e7ff
Restrict share handling to the owner only
...
Otherwise group members can remove the share for the complete group,
remove edit permissions and even single user shares for other users.
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 10:44:11 +02:00
Georg Ehrke
c99bdc9eb4
don't remove owner property for public calendars
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-09 21:20:59 +02:00
Lukas Reschke
63288ebc50
Don't list on public calendar endpoints
...
There is no need to allow listing here.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 22:43:05 +02:00
Morris Jobke
51bcb0bbe1
Merge pull request #3620 from nextcloud/feature/1463/editable_color_name_for_shared_calendars
...
allow sharees to edit certain calendar properties for themselves
2017-04-03 13:12:56 -05:00
Joas Schilling
43143e170e
Make sure transparency is an integer when saving a calendar
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-30 17:58:33 +02:00
Georg Ehrke
b887adf386
allow sharees to edit certain calendar properties for themselves
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-03-27 17:21:57 +02:00
Georg Ehrke
896dd76ab5
fix bug with shared_by for own calendars if shared
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-03-25 23:07:09 +01:00
Joas Schilling
2eb27c636d
Make sure shares use read-write when available
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-02 12:28:57 +01:00
Joas Schilling
6dbdca0721
Don't waste energy unless necessary
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-02 12:28:56 +01:00
Georg Ehrke
97d3020027
fix shared-as-busy events for owner
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-01-26 12:06:07 +01:00
Joas Schilling
a70a081fff
Make sure the used event type and the setting/filter are the same
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-10 12:28:55 +01:00
Thomas Müller
d5d726fc24
Fix generation of birthday, deathdate and anniversary in case where no year is set - which is allowed as per https://tools.ietf.org/html/rfc6350#section-6.2.5 ( #26756 )
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-05 09:00:33 +01:00
Roeland Jago Douma
db3c918adb
Fix legacy caldav endpoints
...
* CaldavBackend is now endpoint aware (use old style principals on old
endpoint and new onces on new).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-02 15:02:18 +01:00
Lukas Reschke
3c34b8577c
Add test execution against legacy DAV backend
...
Since the tests to quite hugely rely on sync tokens being present I also included those in the legacy backend.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-02 15:02:18 +01:00
Joas Schilling
89ba394c89
Fix the Todos filter
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-12 15:26:28 +01:00
Joas Schilling
474720ff1c
Overwrite the schedule target calendar with the personal one and create it if missing
...
Otherwise this leads to problems like events being added to the birthday calendar,
if that one is the first calendar which was created for the user. See:
https://github.com/nextcloud/server/pull/2274
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-09 09:34:25 +01:00
Joas Schilling
b2f46bfa04
Adjust all implementations in the server repo
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-01 11:35:23 +01:00
Joas Schilling
b4d76b16b4
Add tests for the base provider
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-30 12:04:19 +01:00
Joas Schilling
ad10c5c4b4
Deduplicate the provider code
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-30 11:39:38 +01:00
Joas Schilling
4c0263b78a
Move event and todo parsing to new API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 16:27:12 +01:00
Joas Schilling
8d87e39146
Deduplicate icon assignment
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 16:08:58 +01:00
Joas Schilling
ddc82b4ca2
Move calendar activity parsing to new API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:47:43 +01:00
Joas Schilling
a16fd3991a
Move CalDAV activity settings to new API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:06:54 +01:00
Joas Schilling
253a75e5ae
Move CalDAV activity filters to new API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-29 15:04:08 +01:00
Lukas Reschke
d0c3c5cee3
Merge pull request #2225 from nextcloud/fix_caldav_proppatch_requests
...
fix PropPatch requests on calendars
2016-11-21 22:54:17 +01:00
Georg Ehrke
3a8c4230be
fix PropPatch requests on calendars
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2016-11-21 22:10:51 +01:00
Georg Ehrke
44f55fe415
BirthdayCalendar: fix issue with birthyear to high when birthday on Dec 31st
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2016-11-17 15:28:15 +01:00
Joas Schilling
6047493b6d
Fix integration tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 09:25:46 +01:00
Roeland Jago Douma
1e6175dfcb
Fix CalendarTest
...
* Made sure delete from self works again (and is tested)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:40:59 +01:00
Roeland Jago Douma
c016d947e2
Fix plugin
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:10:38 +01:00
Roeland Jago Douma
6d1c0be47d
Minor fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 15:10:15 +01:00
Thomas Müller
c778b1bade
Update sabre dav to 3.2 ( #26115 )
...
* Update sabre/dav to 3.2.0
* Adjust code to work with sabre/dav 3.2.0 and it's dependencies
* Adding own CalDAV plugin to fix calendar home property
* Test if there is a user logged in when listing files home
* Update sabre version used by integration tests
* Disable unauthenticated DAV access
This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.
=====
* Fixed so cherry-pick was succesfull
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 13:35:10 +01:00
Joas Schilling
52dd27892b
Use the event dispatcher
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:59 +01:00
Joas Schilling
d3e8463de2
Use a different type for events and todos
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:59 +01:00
Joas Schilling
43b46bcc6a
Activities for events and todos
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling
07f6747305
Move the methods into a new class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling
776622f3de
Add activities for shares
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling
35ce4c772c
Fix unshare actions for author != owner
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling
9a7c522cc6
Add activity for unshare from group
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:58 +01:00
Joas Schilling
83d51afab1
Unshare user activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:57 +01:00
Joas Schilling
90578327d5
Start working on calendar activities
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-03 12:07:57 +01:00
Thomas Müller
5cd90d4116
[9.2] Sync deathdate and anniversary to birthday calendar ( #25655 )
...
* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)
* Sync deathdate and anniversary to birthday calendar (which should be renamed maybe)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-14 10:12:43 +02:00
Joas Schilling
a4f82f13f3
Translate the personal calendar
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 14:19:58 +02:00
Morris Jobke
ef0760f84f
Merge pull request #1545 from nextcloud/delete-calendars-with-their-users
...
Delete calendars with their users
2016-09-28 21:42:55 +02:00
Thomas Citharel
6c8bcb38f1
Rename deleteAllSharesForUser() to deleteAllSharesByUser()
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2016-09-28 15:32:03 +02:00
Lukas Reschke
06e969cb74
Merge pull request #1197 from nextcloud/oc-public-sharing
...
CalDAV calendar public sharing
2016-09-27 18:51:40 +02:00
Thomas Citharel
da1543eef7
fix deletion of calendars
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:33:56 +02:00
Thomas Citharel
5215833fe4
delete shares to an user
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:30:19 +02:00
Lukas Reschke
4f4286932f
Merge pull request #1457 from nextcloud/upstream-fix-birthday-calendar-component
...
[Upstream] fix birthday calendar component
2016-09-26 13:21:08 +02:00
Thomas Citharel
dcc23114e9
fix annotations & copyright headers
2016-09-26 11:55:43 +02:00
Thomas Citharel
17d5dfdeb1
add in same request
2016-09-26 11:55:43 +02:00
Thomas Citharel
8360222554
fix public calendars
2016-09-26 11:55:42 +02:00
Thomas Müller
d884370844
Use true random string as uri for public calendars - as a result we can no longer return the pre-publish-url
2016-09-26 11:55:42 +02:00
Lukas Reschke
4659e3ab59
Add new constructor args
2016-09-26 11:55:42 +02:00
Thomas Citharel
3e9a346223
add calendarserver-sharing to the list of advertised features
2016-09-26 11:55:41 +02:00
Thomas Citharel
ad0eeaaf1c
use AllowedSharingModes for can-be-published & can-be-shared
2016-09-26 11:55:41 +02:00
Thomas Citharel
6378dbca7e
fix can-be-published
2016-09-26 11:55:41 +02:00
Thomas Citharel
f16ea48e96
add can-be-published property
2016-09-26 11:55:40 +02:00
Thomas Citharel
a4fe596a21
add space between calendarname and owner name
2016-09-26 11:55:40 +02:00
Thomas Citharel
8433c3ca31
fix getChild()
2016-09-26 11:55:40 +02:00
Thomas Citharel
691b3ab448
Add publicuri to oc_dav_shares table and start working with it
2016-09-26 11:55:39 +02:00
Thomas Citharel
dd248caa09
fix some bracket positions
2016-09-26 11:55:39 +02:00
Thomas Citharel
1899116509
move getPublicCalendar inside the caldav backend
2016-09-26 11:55:39 +02:00
Thomas Citharel
762726d988
fix indent once and for all
2016-09-26 11:55:39 +02:00
Thomas Citharel
3921385ed3
fix things (indentation, tests, comments, backend custom implementation
2016-09-26 11:55:39 +02:00
Thomas Müller
d0ec6b9c15
Disable OPTIONS handling - done by sabre
2016-09-26 11:55:38 +02:00
Thomas Citharel
aadb56dfcc
Fix wrong way to get publish status
2016-09-26 11:55:37 +02:00
Thomas Citharel
2df69ec7f4
correct get published status and minor fixes
2016-09-26 11:55:37 +02:00
Thomas Citharel
aca305332a
Fix DB call for MySQL databases
2016-09-26 11:55:37 +02:00
Thomas Citharel
994001c480
Dirty hack to disable dav plugins on public calendar urls
2016-09-26 11:55:36 +02:00
Thomas Müller
00dc157b19
Fix requests for browser plugin as well as for the public calendar root folder
2016-09-26 11:55:36 +02:00
Thomas Müller
e7085aab38
Allow not-authenticated access to specific urls
2016-09-26 11:55:36 +02:00
Thomas Müller
90ab6e4fd9
Add new root collection public-calendars which holds all public calendars
2016-09-26 11:55:36 +02:00
Thomas Citharel
8da2100e7d
Start work on returning CalDAV published calendars
2016-09-26 11:55:35 +02:00
Thomas Citharel
bd0aae8636
No need to call database twice
2016-09-26 11:55:35 +02:00
Thomas Citharel
7e5a82b968
Use urlgenerator to generate an absolute url
...
And pass Config the correct way too
2016-09-26 11:55:35 +02:00
Thomas Citharel
72f35f8862
Use ressource ID instead of name
2016-09-26 11:55:35 +02:00