Commit Graph

14663 Commits

Author SHA1 Message Date
Morris Jobke cde7f535bd Merge pull request #1738 from nextcloud/comments-provide-displaynames-with-mentions
comment mentions: show displayname not uid
2016-10-26 14:02:49 +02:00
Morris Jobke ffb0e91b60 Merge pull request #1907 from nextcloud/downstream-26164
Highlight files and update storage stats at end of upload (#26164)
2016-10-26 13:17:35 +02:00
Nextcloud bot a973c1bfb9
[tx-robot] updated from transifex 2016-10-26 00:07:12 +00:00
Roeland Jago Douma 1b6ba5ad32 Merge pull request #1911 from nextcloud/downstream-26477
Fix malformed attribute in files app
2016-10-25 22:04:43 +02:00
Roeland Jago Douma d89c1a49c1 Merge pull request #1913 from nextcloud/downstream-26441
Require to use at least desktop client 2.0 by default
2016-10-25 22:04:15 +02:00
Arthur Schiwon b12b52b73b
fix JS test and introduce tests for rendering mentions to displaynames
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-25 18:33:59 +02:00
Thomas Müller 9df3869bfc
Fix unit tests for BlockLegacyClientPlugin 2016-10-25 18:03:10 +02:00
Thomas Müller 1c39b30d50
Require to use at least desktop client 2.0 by default 2016-10-25 18:01:25 +02:00
Morris Jobke fa4bf7b0b0 Merge pull request #1906 from nextcloud/downstream-26460
Remove any detailed information about the exception in the browser er…
2016-10-25 17:58:19 +02:00
Vincent Petry e456df14ab
Fix malformed attribute in files app 2016-10-25 17:32:59 +02:00
Vincent Petry 50b8221255
Highlight files and update storage stats at end of upload (#26164)
Properly trigger the "stop" even from the uploader.
Also update storage stats at the end of all uploads instead of for each
upload.
2016-10-25 14:51:44 +02:00
Thomas Müller 726994ecae
Remove any detailed information about the exception in the browser error plugin 2016-10-25 14:47:33 +02:00
Morris Jobke 89574367bc Merge pull request #1871 from nextcloud/use-csp-nonces
Use CSP nonces
2016-10-25 14:46:00 +02:00
Morris Jobke 01a85a98f2 Merge pull request #1876 from nextcloud/shareesAPI_email
Add ShareesAPI E-mail search
2016-10-25 13:53:59 +02:00
Morris Jobke c0adc3c2cf Merge pull request #1883 from nextcloud/downstream-26145
Storage 503 message improvements
2016-10-25 13:19:46 +02:00
Nextcloud bot e23a298a81
[tx-robot] updated from transifex 2016-10-25 09:36:09 +00:00
Morris Jobke e8c359d86e Merge pull request #1897 from nextcloud/fix-public-button
fix button on public upload page for mobile
2016-10-25 11:03:21 +02:00
Joas Schilling 890f752a6b Merge pull request #1452 from nextcloud/appconfig-endpoint
Appconfig endpoint
2016-10-25 10:57:48 +02:00
Lukas Reschke 79706e0ddc Merge pull request #1283 from nextcloud/us_files-ui-webdav-upload
Use Webdav PUT for uploads
2016-10-25 10:31:03 +02:00
Roeland Jago Douma 60fa82d92f Merge pull request #1860 from ryanwr/feature-sort-favorite
Sort favorite files first
2016-10-25 08:22:33 +02:00
Jan-Christoph Borchardt d4515ae603 fix button on public upload page
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2016-10-24 23:26:56 +02:00
Roeland Jago Douma c8a13f644e
Only enable files_drop plugin when we actuall do files_drop
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma 0abcc630a5
Fix public files_drop page
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma 7a6dbeb398
Make files_drop work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Roeland Jago Douma e73a11d106
Fix permision mask
If we move a file from the temp part file to the original file we don't
need update permissions.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry f374eb5f1d
More fixes to file upload
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry f72ffa2f11
Fix js unit tests for webdav put upload changes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 786e858d23
Add support for chunked upload
Hacked around Blueimp's jquery.fileupload to make it work with our new
chunking API.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry c68e273664
Goodbye Iframe transport !
Not needed any more in IE >= 11

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 59c5be1cc5
Use Webdav PUT for uploads in the web browser
- uses PUT method with jquery.fileupload for regular and public file
  lists
- for IE and browsers that don't support it, use POST with iframe
  transport
- implemented Sabre plugin to handle iframe transport and redirect the
  embedded PUT request to the proper handler
- added RFC5995 POST to file collection with "add-member" property to
  make it possible to auto-rename conflicting file names
- remove obsolete ajax/upload.php and obsolete ajax routes

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
ryanwr 3e96f33995 Sort favorite files first Issue #1802
Signed-off-by: Ryan Welch <ryantwr@gmail.com>
2016-10-24 17:55:47 +01:00
Lukas Reschke 38b3ac8213
Add ContentSecurityPolicyNonceManager
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
Vincent Petry 44cf67accd
Storage 503 message improvements
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
Roeland Jago Douma a28528a254
Add ShareesAPI E-mail search
* Allow to search for SHARE_TYPE_EMAIL (4)
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 14:59:32 +02:00
Joas Schilling b130267e58
Import the used classes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-24 14:33:54 +02:00
Roeland Jago Douma b4ebf03bef
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 13:25:59 +02:00
Lukas Reschke 9e6634814e
Add support for CSP nonces
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.

At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)

IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.

Implementing this offers the following advantages:

1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.

If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Roeland Jago Douma f589f1a1d6
Move files_sharing Controllers => Controller
lib/Controller is the default location for controllers. So lets put them
all in there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 11:46:25 +02:00
Roeland Jago Douma 6604e76e94
Fix middleware tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:52:34 +02:00
Roeland Jago Douma ea07bbc562
Move Share20OCS to ShareAPIController
It was already a controller just still residing in its old location.

* Moved ShareAPIController to user plain userID instead of user object
* Moved Share20OCS to ShareAPIController
* Removed initisation of class from Application.php and leave it to the
AppFramework
* Fixed tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:52:34 +02:00
Lukas Reschke 598c145430 Merge pull request #1849 from nextcloud/oc_26368
Adding capability about new chunking - refs #25682 (#26368)
2016-10-22 15:11:49 +02:00
Lukas Reschke 1be6213ba4 Merge pull request #1832 from nextcloud/select2-into-core
Select2 into core
2016-10-22 14:35:07 +02:00
Lukas Reschke 169e889890
Add unit test
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-22 14:05:53 +02:00
Arthur Schiwon ab3954745c
avoid that all avatars are copied to the author row when editing comments
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-21 22:57:06 +02:00
Roeland Jago Douma 7792902808
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-21 21:43:15 +02:00
Thomas Müller e0d919bbfc
Adding Open Graph Support for public shares http://ogp.me/
In case no preview is available we display the ownCloud logo

Fix unit test
2016-10-21 21:42:40 +02:00
John Molakvoæ 3e5e07aa64
Template css order
Select2 systemtags removal
Settings again
Fix Script

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-10-21 16:56:31 +02:00
Thomas Müller bf85139f53
Adding capability about new chunking - refs #25682 (#26368)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-21 16:33:37 +02:00
Joas Schilling 0d878f94e6
Add unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:59:34 +02:00
Morris Jobke 2b76d14330 Merge pull request #1834 from nextcloud/downstream-26186
Add more files plugins to new DAV endpoint
2016-10-21 09:44:15 +02:00