Commit Graph

330 Commits

Author SHA1 Message Date
Morris Jobke 8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Thomas Müller 71999ef820 Merge pull request #21139 from owncloud/makeswifturltypeconfigurable
make url type configurable
2016-01-08 12:34:58 +01:00
Robin Appelman 32fe3a7d5e remove mention of 'filesystem_check_changes' => 2 from the config sample 2016-01-07 08:57:15 +01:00
JohannesKleine c95d1b2625 Update config.sample.php
I corrected the word order.
2015-12-31 14:48:19 +01:00
blizzz 99e25cded9 enforce_home_folder_naming_rule cannot be configured in config.php 2015-12-16 21:50:47 +01:00
Jörn Friedrich Dreyer eae8500a86 make url type configurable 2015-12-11 10:19:28 +01:00
Arthur Schiwon 2ce2de0ae5 add icommentsmanger and icomment implementation
register CommentsManager service, allow override, document in config.sample.php

don't insert autoincrement ids in tests, because of dislikes from oracle and pgsql

specify timezone in null date

only accepts strings for ID parameter that can be converted to int

replace forgotten hardcoded IDs in tests

react on deleted users

react on file deletion

Postgresql compatibility

lastInsertId needs *PREFIX* with the table name

do not listen for file deletion, because it is not reliable (trashbin, external storages)

add runtime cache for comments
2015-12-09 14:34:23 +01:00
Joas Schilling 87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Lukas Reschke 78cad94ff4 Add support for Redis password auth
For enhanced security it is recommended to configure Redis to only accept connections with a password. (http://redis.io/topics/security)

This is especially critical since Redis supports the LUA scripting language and thus a simple SSRF vulnerability (as proven in http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ for example) may lead to a remote code execution.
2015-10-30 20:19:23 +01:00
Morris Jobke 3b249f1967 Revert "setting to skip migration tests by default"
This reverts commit 7cbdd9b90b.
2015-10-27 21:25:11 +01:00
Steffen Lindner 7bbf586b9b Add syslog_tag docu to sample config 2015-10-23 13:43:41 +02:00
RealRancor b2ae4cab52 Restructure config.sample.php of master 2015-10-13 09:38:28 +02:00
Thomas Müller bb4246c9a8 Merge pull request #19207 from RealRancor/fix_mount.json_dir
Path to mount.json needs to be absolute in config.sample.php
2015-10-06 15:31:49 +02:00
Lukas Reschke 94f2121980 Add notice about X-Forwarded-For 2015-10-05 09:10:07 +02:00
Morris Jobke 7cbdd9b90b setting to skip migration tests by default
* if you install owncloud via package it is not
  possible to skip migration tests
* this also allows to disable migration tests for
  an instance by default
2015-10-01 14:23:25 +02:00
Carla Schroder 4e1923816c Markup fixes to trash bin section 2015-09-30 08:50:32 -07:00
RealRancor a4ceb5fafe Path to mount.json needs to be absolute in config.sample.php 2015-09-29 17:05:25 +02:00
Morris Jobke 60b87048c1 Add doc to config.sample for enforce LDAP home folder naming rule
* ref #16891
2015-09-25 14:32:05 +02:00
Carla Schroder 4410ca5035 add example for 3rdparty configuration 2015-09-23 10:38:46 +02:00
Phil Davis a165710e99 Minor text typos
that I noticed while looking at some code.
2015-09-21 23:04:25 +05:45
Thomas Müller c9c4626750 Merge pull request #19059 from owncloud/logginglevels
correction to logging levels
2015-09-16 09:20:47 +02:00
Carla Schroder 11555a9c06 correction to logging levels 2015-09-15 09:17:59 -07:00
Victor Dubiniuk d57f3bf9cc Update options description 2015-09-15 17:08:54 +03:00
Victor Dubiniuk c3e055549e Improvements 2015-09-15 17:08:54 +03:00
Victor Dubiniuk 7ef937d8ad Add versions obligation 2015-09-15 17:08:54 +03:00
Frank Karlitschek 7562e4959b Merge pull request #18658 from owncloud/configurable-temp
Configurable temporary directory
2015-09-12 22:04:41 +02:00
Robin McCorkell c3a327dc38 Add config.sample.php parameter for tempdirectory 2015-09-06 18:11:34 +01:00
Robin Appelman 389c8077b0 update config sample 2015-09-02 17:31:02 +02:00
Morris Jobke e88b380973 Remove DEBUG constant and use config value
* introduces config.php option 'debug' that defaults to false
* migrate DEBUG constant to config value
2015-08-24 15:14:05 +02:00
Morris Jobke c7b0d50cb2 Merge pull request #18369 from owncloud/occ-log
occ commands to manage logging
2015-08-20 12:57:05 +02:00
Robin McCorkell 2663f12dc7 config.sample.php logging documentation clarification 2015-08-19 12:55:39 +01:00
Carla Schroder 05b738ac01 clean up typos in config.sample.php 2015-08-17 10:38:42 -07:00
Thomas Müller 326de6f9b4 Merge pull request #18065 from owncloud/new-trashbin-retention
New trashbin retention
2015-08-12 13:13:45 +02:00
Robin McCorkell 8944af57cb Set default `forwarded_for_headers` to 'HTTP_X_FORWARDED_FOR' 2015-08-10 23:04:52 +02:00
Victor Dubiniuk 4ef2615788 Enhance trashbin expiration settings 2015-08-10 20:40:43 +02:00
Vincent Petry 7c9405a921 Disable filesystem_check_changes by default
This will prevent detecting remote changes done in the data folder /
root storage by default. In the rare cases where the data folder is
shared with other apps/users outside ownCloud and change detection is
needed, the admin will have to set the option explicitly from now on.

Note that this doesn't affect external storages which have their own
setting in the mount options.
2015-07-29 12:01:12 +02:00
Morris Jobke d68b48d86f [config sample] improve RST markup and wording 2015-07-07 15:57:38 +02:00
Morris Jobke 6fac36b589 [config sample] Update info about appstore 2015-07-07 09:13:57 +02:00
Morris Jobke 44c3fa9108 refine sample config text 2015-07-06 09:11:05 +02:00
Morris Jobke 8359ca43db [config sample] merge Miscellaneous & All other options 2015-07-06 09:07:35 +02:00
Vincent Petry eadf789519 Rename experimental to transactional file locking 2015-06-26 11:10:10 +02:00
Morris Jobke fc064212b9 [config.sample.php] set correct default value for skeletondirectory 2015-06-19 11:08:34 +02:00
Lukas Reschke 9e48f7f3ba Remove MSSQL completely from list 2015-06-17 19:22:14 +02:00
Carla Schroder ea9c21f94e remove mssql from supported dbs 2015-06-17 07:33:57 -07:00
Lukas Reschke b806502cdb Properly quote memcache.locking 2015-06-02 21:46:57 +02:00
Robin Appelman 6b965d71d1 add seperate config option for locking memcache backend 2015-06-01 13:22:56 +02:00
Vincent Petry 2f4f468399 Added config switch for file locking 2015-06-01 13:22:56 +02:00
Carla Schroder 155150cad3 fix formatting error 2015-05-28 11:55:19 -07:00
Morris Jobke e79c255cab Conditional logging
* Log condition for log level increase based on conditions. Once one of these
   conditions is met, the required log level is set to debug. This allows to
   debug specific requests, users or apps

 * Supported conditions (setting `log_condition` in `config.php`):
    - `shared_secret`: if a request parameter with the name `log_secret` is set to
                this value the condition is met
    - `users`:  if the current request is done by one of the specified users,
                this condition is met
    - `apps`:   if the log message is invoked by one of the specified apps,
                this condition is met
 * fix unit test and add app log condition test
2015-05-08 15:58:33 +02:00
Lukas Reschke 21ad4400af Reword configuration text 2015-04-20 21:08:45 +02:00
Lukas Reschke 6b31d325d6 Wording 2015-04-20 11:13:05 +02:00
Lukas Reschke 4ea205e262 Block old legacy clients
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.

This has multiple reasons:

1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy

In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Michael Telatynski 8ebf9de3f8 Memcache\Redis Add DB Select Functionality 2015-04-15 21:24:38 +01:00
Lukas Reschke ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Lukas Reschke 0cd29e00d1 Fix wording 2015-04-08 21:24:03 +02:00
Olivier Paroz 74bf9806b0 Introducing the maximum size preview
The first time we're asked to generate a preview we'll generate one of the maximum dimension indicated in the configuration and all future resizing requests will be done on that preview in order to not waste time converting the same file over and over.

One of the fixes required for #12465
2015-04-07 16:45:59 +02:00
Lukas Reschke 0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Olivier Paroz 8ec6dfdbf8 Split image provider in one sub-class per media type 2015-04-02 10:31:24 +02:00
Morris Jobke bd57fcb539 fix typo in config.sample.php 2015-03-18 17:08:54 +01:00
Morris Jobke 04eef93b25 Merge pull request #13648 from oparoz/sfnt-fonts-preview
Add support for font previews
2015-03-11 15:56:32 +01:00
Robin McCorkell 0e4933e6d2 Refactor \OC\Memcache\Factory
Caches divided up into two groups: distributed and local. 'Low latency' is an
alias for local caches, while the standard `create()` call tries to get
distributed caches first, then local caches.

Memcache backend is set in `config.php`, with the keys `memcache.local` and
`memcache.distributed`. If not set, `memcache.distributed` defaults to the value
of `memcache.local`.
2015-03-05 11:36:34 +00:00
Morris Jobke f1d74e8803 Merge pull request #14651 from owncloud/add-some-headers-to-htaccess-for-my-best-friend-jenkins
Let users configure security headers in their Webserver
2015-03-04 09:36:01 +01:00
Thomas Müller 0af2ea8b28 Merge pull request #14586 from owncloud/proper-appcodechecker-docu
proper description of appcodechecker in config sample
2015-03-03 12:59:51 +01:00
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Morris Jobke 8cf61c09c8 fix link for Preview documentation 2015-03-02 10:45:22 +01:00
Morris Jobke 297285249a fix line breaks in config.sample.php 2015-03-02 10:44:18 +01:00
Morris Jobke 7452d0434a proper description of appcodechecker in config sample 2015-02-27 20:02:07 +01:00
Olivier Paroz f49805eea5 Add support for font previews 2015-02-24 22:00:54 +01:00
Bernhard Posselt 5b506ab518 use flock instead of just checking if there is a file to prevent deadlocks when the process crashed or the unlink wasnt done
move cron.lock into top directory to prevent external storage issues

use tmp directory lock file

use new config interface

incorporate #13770

add dots
2015-02-24 15:41:20 +01:00
Lukas Reschke b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00
RealRancor 840ad708d6 Removed anchor in config.sample.php 2015-02-12 22:00:24 +01:00
RealRancor c5c632f8ff Add hint for troubleshooting MS Word previews 2015-02-10 22:35:16 +01:00
RealRancor 04d6f3e1fb external user app: Add note to enable it first 2015-02-07 14:01:38 +01:00
Thomas Müller 5776bfec05 Merge pull request #13449 from owncloud/image_preview_limit
add config-option for an image's maximum filesize when generating previews
2015-01-22 23:02:38 +01:00
Georg Ehrke 3af8bde949 add config-option for an image's maximum filesize when generating previews 2015-01-22 20:21:37 +01:00
Georg Ehrke 374ddbff55 show animated gifs on public sharing page 2015-01-19 16:20:06 +01:00
Carla Schroder 2a5cbd7eca Note in config.sample.php that certain previews are not available in ms windows 2015-01-15 11:07:14 +01:00
Lukas Reschke a5099b01f9 Merge pull request #12984 from owncloud/ldap-user-cleanup-master
Ldap user cleanup master
2015-01-09 10:47:02 +01:00
Adam Williamson bb79aac78a allow css/js asset directory to be relocated (#13053)
This allows the directory where CSS/JS asset collections are
written to be changed, in case SERVERROOT is not writeable. Note
it does *not* allow the expected URL to be changed: whatever
directory is used, the server must be configured to serve it
at WEBROOT/assets. It may be possible to add another config
parameter to allow the admin to specify a custom asset URL,
but I thought I'd keep the first implementation simple.
2015-01-05 15:24:23 -08:00
Arthur Schiwon 4fa39250e7 LDAP User Cleanup: Port from stable7 without further adjustements
LDAP User Cleanup

background job for user clean up

adjust user backend for clean up

register background job

remove dead code

dependency injection

make Helper non-static for proper testing

check whether it is OK to run clean up job. Do not forget to pass arguments.

use correct method to get the config from server

methods can be private, proper indirect testing is given

no automatic user deletion

make limit readable for test purposes

make method less complex

add first tests

let preferences accept limit and offset for getUsersForValue

DI via constructor does not work for background jobs

after detecting, now we have retrieving deleted users and their details

we need this method to be public for now

finalize export method, add missing getter

clean up namespaces and get rid of unnecessary files

helper is not static anymore

cleanup according to scrutinizer

add cli tool to show deleted users

uses are necessary after recent namespace change

also remove user from mappings table on deletion

add occ command to delete users

fix use statement

improve output

big fixes / improvements

PHP doc

return true in userExists early for cleaning up deleted users

bump version

control state and interval with one config.php setting, now ldapUserCleanupInterval. 0 will disable it. enabled by default.

improve doc

rename cli method to be consistent with  others

introduce ldapUserCleanupInterval in sample config

don't show last login as unix epoche start when no  login happend

less log output

consistent namespace for OfflineUser

rename GarbageCollector to DeletedUsersIndex and move it to user subdir

fix unit tests

add tests for deleteUser

more test adjustements

Conflicts:
	apps/user_ldap/ajax/clearMappings.php
	apps/user_ldap/appinfo/app.php
	apps/user_ldap/lib/access.php
	apps/user_ldap/lib/helper.php
	apps/user_ldap/tests/helper.php
	core/register_command.php
	lib/private/preferences.php
	lib/private/user.php

add ldap:check-user to check user existance on the fly

Conflicts:
	apps/user_ldap/lib/helper.php

forgotten file

PHPdoc fixes, no code change

and don't forget to adjust tests
2014-12-19 19:47:54 +01:00
Jörn Friedrich Dreyer 363e9667ec Add Redis cache implementation, prefer over memcached, tests & config sample 2014-12-10 12:24:20 +01:00
Lukas Reschke 726626b439 Officially deprecated passwordsalt
Hopefully this prevents people from using it in the future.
2014-12-03 15:02:33 +01:00
Morris Jobke 98b28c68a3 add proper description what database is supported by CE and EE 2014-12-03 08:52:59 +01:00
Thomas Müller e9029f94cb Merge pull request #12310 from kampka/master
Implement a logger to log to error_log
2014-12-02 09:19:12 +01:00
Christian Kampka 553ce946d3 Implement a logger to log to error_log 2014-12-01 21:20:57 +01:00
Thomas Müller 0769556989 Merge pull request #12419 from owncloud/read-only-config
Allow read-only configuration
2014-12-01 16:37:29 +01:00
Lukas Reschke 18b6fc9332 Adjust sample config 2014-11-28 16:58:09 +01:00
Vincent Petry 154628daf4 Merge pull request #12432 from owncloud/nosqlite
Add notes that SQLite is CE only
2014-11-28 10:19:15 +01:00
Carla Schroder 06041e3323 added comment that App Store is disabled for EE 2014-11-25 16:31:02 -08:00
Morris Jobke e9696a8c9a Merge pull request #12420 from owncloud/sqlite-wal-2
adding new config parameter for sqlite to specify the journal mode
2014-11-26 00:47:22 +01:00
Carla Schroder 770eea7b56 Markup corrections 2014-11-25 15:01:05 -08:00
Carla Schroder a9ad77fc29 Add notes that SQLite is CE only 2014-11-25 14:57:17 -08:00
Thomas Müller a6c088a1ef adding new config parameter for sqlite to specify the journal mode 2014-11-25 16:29:06 +01:00
Lukas Reschke fc116f563f Allow read-only configuration
Workaround required for IIS setups running ownCloud to prevent dataloss.

Long-term solution would be to move some configuration settings to the database
2014-11-25 16:26:47 +01:00
Olivier Paroz 93a6cc17a5 The class name is Movie NOT Movies 2014-11-25 11:35:38 +01:00
Lukas Reschke d0a30b0e55 Ignore port for trusted domains
This lead to a lot of confusion in the past and did not really offer any value. Let's remove the port check therefore. (it's anyways not really a part of the domain)

Fixes https://github.com/owncloud/core/issues/12150 and https://github.com/owncloud/core/issues/12123 and also a problem reported by @DeepDiver1975.

Conflicts:
	lib/private/request.php
2014-11-18 12:36:03 +01:00
Thomas Müller 4c1244f50c Merge pull request #11917 from owncloud/fix-11909
Add checkbox to enforce SSL for subdomains
2014-11-11 20:37:50 +01:00
Lukas Reschke 24ca2d858f Add OCP\Security\IHasher
Public interface for hashing which also works with legacy ownCloud hashes and supports updating the legacy hash via a passed reference.

Follow-up of https://github.com/owncloud/core/pull/10219#issuecomment-61624662
Requires https://github.com/owncloud/3rdparty/pull/136
2014-11-06 15:16:14 +01:00
Morris Jobke 6f0c814164 fix config.sample.php linebreak 2014-11-04 09:23:38 +01:00