f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
f81817b47d
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
cf647451e5
Update CSP test cases to handle the new form-action
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
0ea7fbae54
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
...
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
78201bcb72
treat sensitive config keys by pattern
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
0487144b26
Remove deprecated searchByTag
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
3674f6fa2d
Check the if we can actually access the storage cache for recent files
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
...
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
8bed3021bd
Exclude .rnd files from integrity check
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
ea935f65fd
Add support for CSP_NONCE server variable
...
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.
Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
...
Notifications overhaul
2019-07-17 20:22:03 +02:00
782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
...
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
99f2c82222
Properly inject the logger
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
565838da9c
Update unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
55f5bc79a1
Keep the old method as a fallback and adjust the tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
f8aeef7ae9
Lock SCSS so we only run 1 job at a time
...
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
092d34d9df
Add a unit test for guests as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 10:24:27 +02:00
d058ef2b6c
Make it possible to wipe all tokens/devices of a user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
1c261675ad
Refactor: move remote wipe token logic to RW service
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
...
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
5ac857bcdc
Add an event to edit the CSP
...
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
53d2d95478
Remove one time repair steps that have already run when updating to 17
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
5a03189ce7
Mimetype list integrity check should not fail if it's changed ( #15810 )
...
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
9211e34aec
Added Tests for modified mimetypelist
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
857fae288c
Always set the display name for user shares
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00
85a80b05ac
Unify the permission checking in one place only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 16:34:00 +02:00
e4addbae3e
Better check reshare permissions when creating a share
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 14:00:13 +02:00
c50fe2a9c9
Send emails when remote wipe starts/finishes
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-02 21:59:23 +02:00
5898e87e0f
Remove deleted groups from app restrictions fixes #15823
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-06-27 20:17:50 +02:00
aa6622ccef
Decouple remote wipe notifcation channels with events
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 17:16:18 +02:00
b466127b1f
Merge pull request #16055 from nextcloud/design/native-fonts
...
Use native font stack
2019-06-26 00:08:16 +02:00
d4a44d9b78
Merge pull request #15870 from nextcloud/preview-provider-v2
...
Add new Provider interface for preview providers
2019-06-25 15:05:54 +02:00
5fbf304c2a
Merge pull request #15777 from nextcloud/feature/ocp-event-dispatcher
...
Add event dispatcher to OCP
2019-06-25 11:48:16 +02:00
3174012adf
Add event dispatcher to OCP
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-25 10:02:27 +02:00
d14c0f2ed7
Move font from Nunito to Noto Sans
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2019-06-22 11:23:44 +02:00
1ad95caf24
Merge pull request #15889 from nextcloud/touch-handle-backend-exceptions
...
handle storage exceptions when trying to set mtime
2019-06-21 17:14:27 +02:00
000898d932
fix tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-21 16:23:47 +02:00
d5805df6c2
Fix subscription tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-17 16:36:24 +02:00
6150614374
Add new Provider interface for preview providers
...
the main difference is passing the `File` object to the provider
instead of a `View` + path
Old providers will still continue to work as before
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-17 14:09:09 +02:00
e9351ef779
Add strict type on Notifications tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-13 14:58:38 +02:00
357263a70b
Do not try to autoload built in types
...
This avoids calls to the autoloader (or chain of autoloaders) to see if
for example 'principalPrefix' class can be found. While we already know
it is a string.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-04 15:13:32 +02:00
7cb6265378
Fix checker test
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-05-30 14:50:07 +02:00
f88907a2d9
Fix personal security section tests
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-29 13:10:07 +02:00
67dd4b018a
Check for free space on touch
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-28 13:06:59 +02:00
b0c2042a28
Merge pull request #15714 from nextcloud/fix/204_304_rfc
...
Check the actual status code for 204 and 304
2019-05-24 19:51:01 +02:00
b0c030cbb5
Check the actual status code for 204 and 304
...
The header is the full http header like: HTTP/1.1 304 Not Modified
So comparing this to an int always yields false
This also makes the 304 RFC compliant as the resulting content length
should otherwise be the length of the message and not 0.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-24 15:18:32 +02:00
22ae682823
Make it possible to show admin settings for sub admins
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-23 20:31:40 +02:00
8c3c04596e
Fix l10n for SettingsManager by injecting the l10n factory
...
Fixes #10832
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-21 22:25:13 +02:00
579162d7b9
Allow 2FA to be setup on first login
...
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 10:11:53 +02:00
83b00a99fa
Add interfaces to interact with subscription from support app
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-13 11:04:47 +02:00
d3a244f9d9
Allow crash reporters to catpture any message
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-09 14:06:44 +02:00
f095bd1642
Use non-absolute logout URL to fix wrong URL in reverse proxy scenario
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-08 18:02:00 +02:00
170582d4f5
Add a login chain to reduce the complexity of LoginController::tryLogin
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-07 18:04:36 +02:00
582b679ca9
Deprecate legacy share code and cleanup some unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-18 17:44:14 +02:00
049d613dba
Merge pull request #15152 from nextcloud/enhancement/noid/contactsmenu-sharing-enum-settings
...
Respect sharing enumeration config in contacts menu
2019-04-18 15:00:02 +02:00
db17c14f80
Respect sharing enumeration config in contacts menu
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-04-18 11:39:49 +02:00
6c156d81ed
Fix testGetProxyUri
...
Changed the implementation for getProxyUri with
fd1d85365c
2019-04-16 21:33:56 +02:00
2708d26407
Set User-Agent as header without middleware
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-04-16 21:13:29 +02:00
7276735eb4
Set empty CSP by default
...
For #14179
By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-16 14:09:39 +02:00
c1e6a5965e
Return true in the dummy backend for successful display name change
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 11:43:33 +02:00
f420647add
lib/private/User: do not change user properties if value has not changed
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-04-11 10:11:05 +02:00
c57a16bb0a
Merge pull request #14825 from marius-wieschollek/bugfix/11236
...
Set parameter type in QBMapper
2019-03-25 10:21:45 +01:00
a7fb71f908
Fetch proper translations
...
Fixes #14793
This is caused by the mess we have with OC\Settings mapping to settings
and lib/private/Settings.
Anyway this is the quick fix. Moving stuff around for 17 seems better.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-25 09:10:54 +01:00
5aeb8eac2b
[ #11236 ] Set parameter type in QBMapper
...
Signed-off-by: Marius David Wieschollek <git.public@mdns.eu>
2019-03-24 22:43:45 +01:00
3ecdf743bb
Properly inject EventDispatched in BackgroundRepair
...
Else it will just be null when called
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-22 10:29:36 +01:00
03dc79f665
Merge pull request #14578 from nextcloud/enh/force_enable_apps
...
Force enable apps
2019-03-20 19:22:38 +01:00
575b3f9ff8
Revert "Where is your data?"
2019-03-20 15:17:31 +01:00
769cb629ae
allow enforcing apps to ignore the max version
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-20 15:16:11 +01:00
772303309d
Merge pull request #14425 from cowai/fix-multiple-incomplete-folders
...
Do not calculate folder size for parent that also needs proper scan, fixes #3524
2019-03-08 09:12:33 +01:00
80937159fb
Remove "socialsharing_googleplus" from Social Sharing Bundle
...
Signed-off-by: Marius Blüm <marius@lineone.io>
2019-03-07 14:56:16 +01:00
d16cfb519e
Avoid calculating folder size for parent that needs scan.
...
Signed-off-by: Ari Selseng <ari@selseng.net>
2019-03-06 15:23:37 +01:00
d004164fcc
Merge pull request #13327 from nextcloud/allow-bracket-notation-for-remove-ipv6-address
...
Allow bracket IPv6 address format inside IPAdress Normalizer
2019-03-06 10:34:02 +01:00
c6a69ba925
Remove the upload and memory setting
...
* Remove unneeded private method phpFileSize()
* Bump autoloader
* Remove setUploadLimit tests
* Remove integrity check hacks for upload limit
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 12:14:22 +01:00
92b5743bf4
Remove unused php5 config from .htaccess
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-03-04 11:24:10 +01:00
102f700d96
Load auth tokens with the initial state API
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-03-01 21:24:44 +01:00
6ee7286b41
Fix tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-03-01 20:57:01 +01:00
01b4db62fb
Add dispatcher events to User and Group objects
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-03-01 20:56:59 +01:00
c621da4fd6
Do not load 2fa admin settings async
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-28 11:55:58 +01:00
e5cacc0fe3
Merge pull request #14343 from nextcloud/bugfix/14052-multiple-navigation-items
...
Parse multiple navigation items
2019-02-27 16:07:57 +01:00
e930a0ccbe
Search sharees on lookup server when explicitly requested by user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-02-26 19:44:49 +01:00
dc2798460b
Merge pull request #14198 from nextcloud/bugfix/8647-exclude-file-name-patterns
...
Exclude file name patterns; ignore gentoo webapp files
2019-02-26 00:17:25 +01:00
db750898ee
allow group backends to mark that a group should now be shown in search dialogs
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-02-25 16:06:09 +01:00
df3d5e8509
two item => two items
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-25 14:52:14 +01:00
36c51bc4f1
Parse multiple navigation items
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-02-22 15:57:14 +01:00
30e7d3e0e8
Merge pull request #14194 from nextcloud/bugfix/noid/correctly-determinate-owner-in-case-of-shared-external-storages
...
Correctly determinate the owner in case of shared external storages
2019-02-19 10:28:28 +01:00
f66c37bdb8
Correctly determinate the owner in case of shared external storages
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-18 10:57:12 +01:00
104616c1da
Use CountWrapper instead of almost identical CountReadStream
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-15 13:24:58 +01:00
843066b708
Fix AsyncBusTests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-02-14 20:04:17 +01:00
b6d327ee47
Merge pull request #13995 from nextcloud/feature/dont-call-get-repair-steps
...
Do not run getRepairSteps in register_commands
2019-02-14 19:51:39 +01:00
cca08df976
Merge pull request #14160 from nextcloud/update-crl
...
Update CRL to contain revoked files_external_dropbox, passman & payback
2019-02-14 14:53:05 +01:00
Roeland Jago Douma
Scott Shambarger
Roeland Jago Douma
Julius Härtl
Joas Schilling
Morris Jobke
Arthur Schiwon
Daniel Kesselberg
Sam Bull
Joas Schilling
Christoph Wurst
John Molakvoæ
Xheni Myrtaj
Greta Doci
Jan-Christoph Borchardt
Robin Appelman
John Molakvoæ (skjnldsv)
Leon Klingele
Marius David Wieschollek
Marius Blüm
Ari Selseng