Björn Schießle
5b4cea4b36
Merge pull request #275 from nextcloud/master-sync-upstream
...
[Master] Sync upstream
2016-07-01 18:31:51 +02:00
Lukas Reschke
76c73d5ec3
Match on 405
2016-07-01 15:19:21 +02:00
Lukas Reschke
4ac9eaab03
Match for /../
2016-07-01 15:01:48 +02:00
Lukas Reschke
5b65591d84
Do not allow directory traversal using "../"
...
We should not allow directory traversals using "../" here.
To test access the following URL once with and then without this patch:
http://localhost/server/index.php/apps/files/?dir=../../This+Should+Not+Be+Here
2016-07-01 13:36:05 +02:00
Lukas Reschke
179a355b2c
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-07-01 11:36:35 +02:00
Jenkins for ownCloud
2d2d2267f7
[tx-robot] updated from transifex
2016-07-01 01:57:04 -04:00
Björn Schießle
8e002b6155
Merge pull request #255 from nextcloud/dav-permission-check
...
add some additonal permission checks to the webdav backend
2016-06-30 14:41:23 +02:00
Bjoern Schiessle
26e14529be
fix error message
2016-06-30 13:50:31 +02:00
Lukas Reschke
149218ead9
Fix tests
2016-06-30 13:46:08 +02:00
Lukas Reschke
c771368c4e
Add proper throws PHP docs
2016-06-30 13:19:50 +02:00
Lukas Reschke
1e7f0f7341
Add required $message parameter
2016-06-30 13:17:53 +02:00
Bjoern Schiessle
1b74cf72fb
check permissions before rollback
2016-06-30 11:27:25 +02:00
Bjoern Schiessle
3571207bd9
add some additonal permission checks to the webdav backend
2016-06-30 11:16:49 +02:00
Vincent Petry
5cfbb9624f
Prevent infinite loop in search auto-nextpage
...
When loading the next page of search results, make sure that the loop
can end if there are no more elements in case the total doesn't match.
Also added a check to avoid recomputing the search results whenever the
setFilter() is called with the same value. This happens when navigating
away to another folder, the search field gets cleared automatically and
it calls FileList.setFilter('').
2016-06-30 11:10:48 +02:00
Jenkins for ownCloud
1b9fa4dd5f
[tx-robot] updated from transifex
2016-06-30 01:55:56 -04:00
Morris Jobke
409672d981
Fix update notification text
...
* thanks to ungesundes_halbwissen @ transifex
2016-06-29 16:05:51 +02:00
Vincent Petry
c8fbe39801
Merge pull request #25288 from owncloud/fix-versionrevertperms
...
Hide revert button when no permission to revert
2016-06-29 12:51:39 +02:00
Björn Schießle
5ace6b53f3
get only vcards which match both the address book id and the vcard uri ( #25294 )
2016-06-29 12:13:59 +02:00
Jenkins for ownCloud
2b0f053126
[tx-robot] updated from transifex
2016-06-29 05:52:18 -04:00
Bjoern Schiessle
5f6944954b
get only vcard which match both the address book id and the vcard uri
2016-06-28 16:11:06 +02:00
Vincent Petry
f22af90c09
Hide revert button when no permission to revert
2016-06-28 13:00:58 +02:00
Morris Jobke
b6397ef73a
Merge pull request #236 from nextcloud/master-sync-upstream
...
[Master] sync upstream
2016-06-28 09:02:03 +02:00
Jenkins for ownCloud
894b7d93f6
[tx-robot] updated from transifex
2016-06-28 01:57:10 -04:00
Marius Blüm
52f6d97e4e
Merge pull request #235 from nextcloud/fix-app-code
...
Add app:check-code for already compatible apps
2016-06-27 23:02:32 +02:00
Robin Appelman
2a72eff9ee
Fix getting the certificate bundle for dav external storage ( #25274 )
...
* Fix getting the certificate bundle for dav external storages
* Log the original exception in dav external storage
2016-06-27 22:26:43 +02:00
Robin Appelman
88ef163276
handle unavailable fed shares while testing for availability ( #25277 )
...
* More explicit http status codes
* handle unavailable fed shares while testing for availability
2016-06-27 21:34:28 +02:00
Georg Ehrke
3c399be6ec
fix a ImageExportPlugin Test ( #25215 )
2016-06-27 21:26:56 +02:00
Lukas Reschke
e0445856b9
Merge pull request #59 from nextcloud/theming-app
...
Theming app
2016-06-27 21:14:40 +02:00
Lukas Reschke
cd74ad55e4
Only save when value changed or enter is pressed
2016-06-27 20:46:12 +02:00
Lukas Reschke
a08c4a2b13
Add tooltip
2016-06-27 20:36:23 +02:00
Lukas Reschke
6670d37658
Merge remote-tracking branch 'upstream/master' into master-sync-upstream
2016-06-27 18:23:00 +02:00
Morris Jobke
cee2f5dc65
Merge pull request #233 from nextcloud/allow-users-to-change-global-credentials
...
Allow regular users to specify global credentials password
2016-06-27 17:03:19 +02:00
Morris Jobke
5961d5aae4
Add app:check-code for already compatible apps
...
* admin_audit, comments, federation
* removed not needed call to OC_Util::checkAdminUser() (is already
done by the request handler before)
2016-06-27 16:50:10 +02:00
Lukas Reschke
341dabf300
Merge pull request #190 from nextcloud/add-wnd-1
...
Add "Login credentials" and "User Provided"
2016-06-27 16:15:31 +02:00
Vincent Petry
f8fa031e9f
Merge pull request #25273 from owncloud/ext-fixsessioncredentialsnolazyload
...
Quickfix: do not lazy load auth mechanisms for ext storages
2016-06-27 14:57:29 +02:00
Vincent Petry
1d4c61af47
Merge pull request #25237 from owncloud/search-filelistnextpageresults
...
Prerender file list pages to include search results
2016-06-27 13:46:25 +02:00
Lukas Reschke
1cd255af56
Allow regular users to specify global credentials password
...
While the UI is existent the feature simply doesn't work because admin privileges are required for the controller. This adds proper permission checks and also unit tests.
To test this:
1. Enable external storage
2. Login as non-admin user
3. Go to personal page and try to change global credentials
2016-06-27 12:29:27 +02:00
Vincent Petry
199c8e304c
Merge pull request #25250 from owncloud/linkshare-includedeletewithuploadperms
...
Add explicit delete permission to link shares
2016-06-27 12:14:05 +02:00
Vincent Petry
0d3de20b02
Quickfix: do not lazy load auth mechanisms for ext storages
...
Some auth mechanisms like SessionCredentials need to register hooks
early, so they cannot be lazy loaded.
2016-06-27 10:50:10 +02:00
Lukas Reschke
f7f86d61c4
Add comment to "getMailHeaderColor"
2016-06-27 10:48:28 +02:00
Lukas Reschke
51646bb3f6
Use stream instead of rename
2016-06-27 10:47:44 +02:00
Lukas Reschke
0a5c5d9b03
Replace OC_Defaults with \OC::$server->getThemingDefaults()
2016-06-27 10:34:08 +02:00
Jan-Christoph Borchardt
261396019d
design and layout fixes for Theming app
2016-06-27 10:26:24 +02:00
Bjoern Schiessle
24144b16d0
make sure that the preview gets updated every time a new image gets uploaded
2016-06-27 10:26:24 +02:00
Bjoern Schiessle
79269427d7
scale preview image
2016-06-27 10:26:24 +02:00
Lukas Reschke
433e8ea123
Disable drop zone
...
Otherwise dropping something somewhere can by mistake upload the file and make it available
2016-06-27 10:26:23 +02:00
Lukas Reschke
a0e92b5fb0
Fix indentation
2016-06-27 10:26:23 +02:00
Lukas Reschke
27b699bdbc
Migrate logic to dynamic controller
...
Also adds support for having custom login backgrounds
2016-06-27 10:26:23 +02:00
Bjoern Schiessle
cc321bc140
add some visual feedback if the operation was succesful or not
2016-06-27 10:26:22 +02:00
Bjoern Schiessle
10f6ca20bc
write theme settings to database
2016-06-27 10:26:22 +02:00