Commit Graph

49 Commits

Author SHA1 Message Date
Lukas Reschke fe7d9a7ca0 Add REST route for user & group management
First step of a somewhat testable user management. - I know, the JSON returns are in an ugly format but the JS expects it that way. So let's keep it that way until we have time to fix the JS in the future.
2014-12-08 12:11:01 +01:00
Craig Morrissey 541344d880 logging changes 2014-11-07 12:45:42 -05:00
Robin Appelman 1eefc21329 Remove confusingly names \OC\User\Manager::delete and fix the automatic cache cleanup instead 2014-11-05 15:45:58 +01:00
Arthur Schiwon 993376fb6f better variable name 2014-10-22 13:36:57 +02:00
Arthur Schiwon e0342db47c set up FS by username, not login name\! 2014-10-22 13:28:08 +02:00
Lukas Reschke d0d3b7457b Move BasicAuth check to "isLoggedIn()"
Ensures that Basic Auth works properly for APIs and removes the need for some even uglier lines of code.
2014-09-18 16:14:07 +02:00
Lukas Reschke 63a90a129b Use proper RNG generator
OC_Util::generateRandomBytes() only returns lowercase alphanumeric values.
We should use the new RNG which has a broader characterset.
2014-09-03 17:46:48 +02:00
Robin Appelman a9a37b5363 Don't automatically setup the filesystem the moment we load OC\Files\FileSystem 2014-09-02 16:15:42 +02:00
Jörn Friedrich Dreyer f551917a3c kill OC::$session
maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession

restore order os OC::$session and OC::$CLI

remove unneded initialization of dummy session

write back session when $useCustomSession is true

log warning when deprecated app is used
2014-08-29 10:22:21 +02:00
Jörn Friedrich Dreyer fd798fd982 update deprecation docs 2014-08-14 12:22:34 +02:00
Thomas Müller a72dae6842 Merge pull request #10144 from owncloud/issue/9972
Issue/9972 Fix issues with group and username `0`
2014-08-06 09:53:13 +02:00
Joas Schilling 4865c52aa6 Fix isLoggedIn() check for user '0'
Fix #9972
2014-08-04 15:53:55 +02:00
Vincent Petry 4e957c7b18 Merge pull request #8443 from owncloud/csrf-on-login-and-logout
Add CSRF check on login and logout
2014-06-02 11:27:20 +02:00
Arthur Schiwon 2c89962919 clean up tryRememberLogin and save the timestamp of users last login 2014-05-21 18:03:37 +02:00
Thomas Müller f8cb8f4803 Merge branch 'master' into csrf-on-login-and-logout
Conflicts:
	core/templates/login.php
2014-05-19 20:40:55 +02:00
Morris Jobke dc36d30953 Remove all occurences of @brief and @returns from PHPDoc
* test case added to avoid adding them later
2014-05-19 17:50:53 +02:00
Robin McCorkell 3bed3d2a23 Change parameter type for useBackend 2014-05-13 19:08:14 +01:00
Robin McCorkell a7ae2e874a Squash 'a | b' into 'a|b', in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell b5bc37d2e4 Fix @return array PHPDocs, in /lib 2014-05-13 19:08:14 +01:00
Robin McCorkell b653ad164b Replace @returns with @return, in /lib 2014-05-13 19:08:14 +01:00
Lukas Reschke 73b914ddbc Add CSRF check on login and logout
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
Lukas Reschke e88731a477 Some more PHPDoc fixes 2014-04-21 15:44:54 +02:00
Thomas Müller 6ff96b34ad Merge branch 'master' into load-apps-proper-master
Conflicts:
	apps/files/ajax/rawlist.php
	cron.php
	ocs/v1.php
2014-03-21 14:05:08 +01:00
Lukas Reschke 69325c5eeb Move session_regenerate_id to `login()` 2014-02-21 08:11:07 +01:00
Lukas Reschke 0241ddc759 Merge pull request #6519 from nhirokinet/master
Security Update: session fixation
2014-02-20 14:28:26 +01:00
Scrutinizer Auto-Fixer adaee6a5a1 Scrutinizer Auto-Fixes
This patch was automatically generated as part of the following inspection:
https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720

Enabled analysis tools:
 - PHP Analyzer
 - JSHint
 - PHP Copy/Paste Detector
 - PHP PDepend
2014-02-19 09:31:54 +01:00
Thomas Müller 9fac95c2ab Merge branch 'master' into scrutinizer_documentation_patches
Conflicts:
	lib/private/appconfig.php
2014-02-14 23:03:27 +01:00
Jörn Friedrich Dreyer 2a6a9a8cef polish documentation based on scrutinizer patches 2014-02-06 17:02:21 +01:00
Thomas Müller 79fc4f3126 Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging 2014-02-06 11:34:27 +01:00
Robin Appelman 8d6a3a00b4 Revert "Use Cache->clear to cleanup the filecache for removed users"
This reverts commit 5a5b6f187e.
2014-02-03 16:29:04 +01:00
Robin Appelman 5a5b6f187e Use Cache->clear to cleanup the filecache for removed users 2014-01-22 13:00:45 +01:00
Robin Appelman 374e3475c9 Also remove the user's home storage from the storage table when deleting a user 2014-01-21 23:58:48 +01:00
Thomas Müller 22bd69f75c set login name within apache auth backend 2014-01-09 10:28:24 +01:00
nhirokinet c2e2c59ca7 Update user.php to fix duplicate session-duplicate 2013-12-22 01:31:04 +09:00
Bjoern Schiessle 6deda1b9f6 return false if user is in incognito mode 2013-11-27 16:52:30 +01:00
blizzz 4f15282bc9 Merge pull request #6058 from owncloud/ldap2avatar
Set Avatar for LDAP users automatically (if a picture is available)
2013-11-26 12:05:32 -08:00
Bjoern Schiessle 7e4f50d4e3 add incognito mode, allows to hide my user ID. For example, this is useful to access public resources while a user is still logged in 2013-11-22 13:55:38 +01:00
Arthur Schiwon 8ccac86c98 Enable user backends to provide avatar images 2013-11-22 13:25:20 +01:00
Bjoern Schiessle db0fa6c529 use getHome() to delete users data 2013-10-29 18:01:37 +01:00
Bjoern Schiessle f021dad204 remove user from cache if he was deleted successfully 2013-10-29 15:50:33 +01:00
Andreas Fischer 06f9b7b862 Fix logout link HTML.
<a id="logout" href=/projects/owncloud/core/index.php?logout=true>
2013-10-14 22:31:13 +02:00
Victor Dubiniuk 77f43c357c User::delete should return bool 2013-10-07 22:30:15 +03:00
Andreas Fischer 47ed6a5135 Move backend finding into its own method. 2013-10-07 12:26:25 +02:00
Thomas Müller 131d82e41e move call to print_unescaped() to template 2013-10-07 11:49:43 +02:00
Andreas Fischer aa34438d06 Also replace ApacheBackend with Authentication\IApacheBackend in user. 2013-10-02 15:11:49 +02:00
Thomas Müller 621ab1c7ee fixing various PHPDoc comments 2013-10-02 15:04:42 +02:00
Thomas Müller 4cecede13d code cleanup - remove special case for webdav in handleApacheAuth() 2013-10-02 00:55:35 +02:00
Thomas Müller 7e9e23f210 Merge branch 'master' into apache-auth-master 2013-10-02 00:21:11 +02:00
Thomas Müller 9c9dc276b7 move the private namespace OC into lib/private - OCP will stay in lib/public
Conflicts:
	lib/private/vcategories.php
2013-09-30 16:36:59 +02:00