Commit Graph

6049 Commits

Author SHA1 Message Date
Joas Schilling 4f27c2c433
Allow to decrypt user '0' files only 2016-06-09 14:00:00 +02:00
Christoph Wurst 60e15e934c
do not generate device token if 2FA is enable for user 2016-06-09 14:00:00 +02:00
Joas Schilling 0041d89dc2
Do not allow to store boolean configs, they behave unexpected on postgres 2016-06-09 13:59:58 +02:00
Robin Appelman 18f7cede51
Fix warnings when trying to get mtime of non existing files 2016-06-09 13:59:58 +02:00
Robin Appelman f4831f4074
return success when deleting ghost files 2016-06-09 13:59:58 +02:00
Robin Appelman 67c2c85b05
allow deleting "ghost files" trough the View and Node api 2016-06-09 13:59:58 +02:00
Thomas Müller f20c617154
Allow login by email address via webdav as well - fixes #24791 2016-06-09 12:08:49 +02:00
Vincent Petry 90c1ec1c49 Merge pull request #25014 from owncloud/admin-datadircheck-fix
Use temporary htaccesstest.txt for data dir security check
2016-06-09 11:58:28 +02:00
Vincent Petry 826e276a79 Merge pull request #24973 from owncloud/token-password-session-token
When creating a session token, make sure it's the login password and …
2016-06-09 11:58:04 +02:00
Vincent Petry aca4ea12c1 Merge pull request #24826 from owncloud/cors-client-login
use client login method on CORS routes
2016-06-09 10:31:14 +02:00
Vincent Petry 0e3737ffe1 Merge pull request #25028 from owncloud/scanner-user-not-setup
skip scanning for a user when the user is not setup yet
2016-06-09 10:29:46 +02:00
Jan-Christoph Borchardt 81145ee57c THIS IS NEXTCLOUD! adjusting the design 2016-06-08 17:02:18 +02:00
Joas Schilling e49307014c Do not log token or challenge with exception stacktrace (#25026)
* Make the filtering better readable

* Add some more methods to the sensitive list
2016-06-08 16:32:58 +02:00
Christoph Wurst 9997c431c3
use client login method on CORS routes 2016-06-08 15:18:53 +02:00
Christoph Wurst 46e26f6b49
catch sessionnotavailable exception if memory session is used 2016-06-08 15:03:15 +02:00
Robin Appelman 808438efc0 skip scanning for a user when the user is not setup yet 2016-06-08 14:19:42 +02:00
Christoph Wurst ec929f07f2
When creating a session token, make sure it's the login password and not a device token 2016-06-08 13:31:55 +02:00
Vincent Petry 8d0948977e Merge pull request #24899 from owncloud/local-storage-symlinks
dissalow symlinks in local storages that point outside the datadir
2016-06-08 10:19:24 +02:00
Vincent Petry ed92f4c427 Merge pull request #24983 from owncloud/issue-23776-do-not-allow-boolean-user-config
Do not allow to store boolean configs, they behave unexpected on postgres
2016-06-08 10:14:08 +02:00
Vincent Petry 12683b786d Merge pull request #24991 from owncloud/2fa-do-not-generate-token
do not generate device token if 2FA is enable for user
2016-06-08 10:13:04 +02:00
Vincent Petry b7935dcebd Merge pull request #24998 from owncloud/issue-24994-allow-decrypting-user-0-only
Allow to decrypt user '0' files only
2016-06-08 10:12:28 +02:00
Vincent Petry fb087a0261
Use temporary htaccesstest.txt for data dir security check 2016-06-07 18:36:13 +02:00
Robin Appelman 2cf7ad8c55 make sure $data['mtime'] is always a timestamp 2016-06-07 17:09:24 +02:00
Robin Appelman 6822689e38 don't update storage mtime if we can't get the modified date 2016-06-07 15:04:24 +02:00
Robin Appelman 73547f29be Ignore forbidden files while scanning 2016-06-07 14:01:55 +02:00
Robin Appelman 7b1b723e5b dissalow symlinks in local storages that point outside the datadir 2016-06-07 14:01:53 +02:00
Vincent Petry bf917d7063 Merge pull request #24813 from owncloud/delete-ghost-files
allow deleting "ghost files" trough the View and Node api
2016-06-07 09:34:16 +02:00
Joas Schilling d4ba982131
Allow to decrypt user '0' files only 2016-06-07 09:13:11 +02:00
Christoph Wurst 8f7a4aaa4d
do not generate device token if 2FA is enable for user 2016-06-07 09:09:51 +02:00
Lukas Reschke deef15a3c7
Remove "Help" link from personal sidebar
At the moment we want to hide the help link from the personal sidebar as it contains the original ownCloud documentation.

Once we have our own documentation with our proper branding and so on we can reenable this.
2016-06-06 18:40:15 +02:00
Joas Schilling 7d31ae9909 Fix second check for quota size (#24989) 2016-06-06 13:47:53 +02:00
Joas Schilling 911fd3ead4
Do not allow to store boolean configs, they behave unexpected on postgres 2016-06-06 12:38:20 +02:00
Robin Appelman 6bc8305edd Fix warnings when trying to get mtime of non existing files 2016-06-03 13:35:27 +02:00
Robin Appelman 14f96f86e7 return success when deleting ghost files 2016-06-03 13:34:54 +02:00
Robin Appelman 63408fa6ef allow deleting "ghost files" trough the View and Node api 2016-06-03 13:30:59 +02:00
Georg Ehrke 89a10fdb2d
normalize path in getInternalPath 2016-06-02 19:11:35 +02:00
Robin Appelman fce19d22d9 fix mtime propagation on sqlite 2016-06-02 15:43:43 +02:00
Vincent Petry 1ab7ee5e23 Merge pull request #24940 from owncloud/fix-normalizedcachekey-keepunicode
Add keepUnicode value in the cache key of normalizedPathCache
2016-06-02 15:18:13 +02:00
Robin Appelman cc67ad4dda use propagator batching in the scanner 2016-06-02 15:07:50 +02:00
Robin Appelman 9fb44e34af add propagator batching 2016-06-02 15:07:47 +02:00
Vincent Petry 53398b5146 Merge pull request #24936 from owncloud/2fa-block-ocs
block OCS if 2FA challenge needs to be solved first
2016-06-02 14:55:34 +02:00
Vincent Petry f37d519d0d Merge pull request #24946 from owncloud/issue-24943-duplicate-downgrade-unsupported-message
Do not show the hint when it's the same as the message
2016-06-02 10:40:53 +02:00
Vincent Petry 6b1422929d Merge pull request #24947 from owncloud/2fa-remember-redirect-url
remember redirect_url when solving the 2FA challenge
2016-06-02 10:40:32 +02:00
Joas Schilling 1d2cdfb9fd
Fix URL for client downloads 2016-06-01 16:58:57 +02:00
Christoph Wurst 5e71d23ded
remember redirect_url when solving the 2FA challenge 2016-06-01 14:43:47 +02:00
Vincent Petry 5ad8fa7675
Add keepUnicode value in the cache key of normalizedPathCache 2016-06-01 14:28:59 +02:00
Joas Schilling 13892417c4
Do not show the hint when it's the same as the message 2016-06-01 13:34:57 +02:00
Christoph Wurst 3ec6f4e165
block OCS if 2FA challenge needs to be solved first 2016-06-01 11:19:49 +02:00
Vincent Petry 7b4459d28d Merge pull request #24912 from owncloud/session-tokens-apache-auth
Create session tokens for apache auth users
2016-06-01 10:56:10 +02:00
Christoph Wurst c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Vincent Petry 2b111b217c Merge pull request #24851 from owncloud/ldap-static-method-log
Hack to prevent infinite loop with LDAP + logging
2016-05-31 13:52:52 +02:00
Vincent Petry c0a19ecd2d Merge pull request #24907 from owncloud/properly-check-for-mbstring
Properly check for mbstring extension
2016-05-31 13:51:17 +02:00
Vincent Petry 5bb06723b0
Hack to prevent infinite loop with LDAP + logging
Forward port of a50619200c to 9.1/master
2016-05-31 11:38:41 +02:00
Vincent Petry 59ed464ee6 Merge pull request #24769 from owncloud/issue-24752-no-ui-message-when-integrity-disabled
Only show message in the UI when the checker is enabled
2016-05-31 10:36:16 +02:00
Vincent Petry a441220f24 Merge pull request #24628 from owncloud/decryptall-checkifneedsprocessing
[decrypt_all] Check if file needs to decrypted or not for speed up large oc setups.
2016-05-31 10:12:03 +02:00
Vincent Petry 3361cdf0cc Merge pull request #16688 from owncloud/tests-dockerapachewebdav
Add morrisjobke/webdav docker container for external storage tests
2016-05-31 09:55:06 +02:00
Lukas Reschke a23df94af1
Properly check for mbstring extension
mb_detect_encoding is in the fallback we ship in the polyfill library, mb_strcut is not. Thus this lead to a false positive and ownCloud would just break.
2016-05-31 08:12:36 +02:00
Torben Dannhauer 718f0757e4 Fix for #23066 (#24689) 2016-05-31 06:53:28 +02:00
Vincent Petry 5d7f37d570
Check whether remote DAV server accepted the mtime on touch
ownCloud as remote DAV always accepts the mtime on touch, but other
servers like Apache's DAV server doesn't. The latter doesn't give any
visible hint in its response to detect this case, so this fix does a
subsequent PROPFIND to check whether the mtime was actually set.

Since a touch() operation seldom happens (only on uploads), the minor
performance loss should hopefully be acceptable.
2016-05-30 16:10:30 +02:00
Vincent Petry 6f346b4b1f
Fix webdav destination header when overwriting folders
The trailing slash is needed when talking to Apache's mod_dav server
2016-05-30 16:10:30 +02:00
Vincent Petry 1423cf1d9d
Use isEncrpyted() instead 2016-05-30 14:49:27 +02:00
Christian Jürges fd4f9091fd
Respect oc coding style guide. 2016-05-30 14:49:27 +02:00
Christian Jürges b996c1f43f
Check if file needs to decrypted or not for speed up large oc setups. 2016-05-30 14:49:27 +02:00
Robin Appelman d717b583d2 trigger size calculation after scanning (#24875) 2016-05-30 11:14:31 +02:00
Lukas Reschke aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Joas Schilling db2e9df5f0
Move Job to a better class name 2016-05-25 16:06:06 +02:00
Joas Schilling b72706b450
Move background job to PSR-4 2016-05-25 14:59:59 +02:00
Vincent Petry b5f455f5ac Merge pull request #24812 from owncloud/fkammer-enhancement-cache-folder-gc-ttl
Make chunk cache ttl configurable
2016-05-25 11:07:31 +02:00
Vincent Petry c36cf30ade Merge pull request #24444 from owncloud/update-notifications-for-core-and-apps
Update notifications for core and apps
2016-05-25 09:13:10 +02:00
Christoph Wurst a922957f76
add default token auth config on install, upgrade and add it to sample config 2016-05-24 18:02:52 +02:00
Christoph Wurst 28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled 2016-05-24 17:54:02 +02:00
Vincent Petry d3fb5d618e Merge pull request #24748 from owncloud/login-explicitly
Log in explicitly, save login name when generating browser/device tokens
2016-05-24 17:51:49 +02:00
Vincent Petry 51b0036d8f
Changed labels of chunk TTL to mention chunks 2016-05-24 15:18:56 +02:00
Vincent Petry e7110c7678 Merge pull request #24760 from owncloud/objectstore_multibucket
Objectstore multibucket
2016-05-24 15:15:59 +02:00
Vincent Petry c9b26d065b
Move cache chunk TTL value to FileChunking class
This makes it less generic and only used for actual file chunking
2016-05-24 14:58:27 +02:00
Frederik Kammer 299520b322
Add config value for cache gc ttl 2016-05-24 14:55:26 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Joas Schilling aac990eddf
Add a background job that generates notifications when an update is available 2016-05-24 11:26:51 +02:00
Vincent Petry ee1f4602f3 Merge pull request #24787 from owncloud/fix-update-issue-on-master
Add the background jobs after the table was updated
2016-05-24 10:14:00 +02:00
Vincent Petry 1d1cb79321 Merge pull request #23395 from owncloud/mysql-check-speedup
Speedup schema cloning for MySQL
2016-05-24 10:00:38 +02:00
Christoph Wurst 4128b853e5
login explicitly 2016-05-24 09:48:02 +02:00
Roeland Jago Douma abe338f433
Store user bucket in preferences 2016-05-23 21:57:41 +02:00
Vincent Petry adcf942901 Merge pull request #24750 from owncloud/lenz1111-share_download_range_requests_support
Http Range requests support in downloads
2016-05-23 21:01:26 +02:00
Vincent Petry 5a8af2f0be Merge pull request #24729 from owncloud/try-token-login-first
try token login first
2016-05-23 20:50:57 +02:00
Vincent Petry 4f6670d759 Merge pull request #24658 from owncloud/invalidate-disabled-user-session
invalidate user session if the user was disabled
2016-05-23 20:50:25 +02:00
Vincent Petry 87fa86a69a Merge pull request #24559 from owncloud/2fa
two factor auth
2016-05-23 20:50:03 +02:00
Roeland Jago Douma e03e4921a0
Fix Name 2016-05-23 20:42:08 +02:00
Roeland Jago Douma 5e2316d05d
Allow multibucket in objectstore 2016-05-23 20:42:08 +02:00
Victor Dubiniuk 01aedbe506 Speedup schema cloning for MySQL 2016-05-23 20:52:40 +03:00
Vincent Petry aa56d42fa8 Merge pull request #24777 from owncloud/scanner-dont-propagate
dont needlessly triger the propgator in the scanner
2016-05-23 19:05:20 +02:00
Joas Schilling 78da57466f
Add the background jobs after the table was updated 2016-05-23 17:58:46 +02:00
Vincent Petry 524479fa09 Merge pull request #24699 from owncloud/background-scan-recursion
Only recurse into incomplete folders during background scans
2016-05-23 17:44:02 +02:00
Piotr Filiciak 6577bbe887 Code style and doc fix 2016-05-23 15:17:00 +02:00
Robin Appelman eca57be336 Only recurse into incomplete folders during background scans 2016-05-23 14:40:35 +02:00
Vincent Petry 21df2eb5a1 Merge pull request #24695 from owncloud/background-scan-propagate
Trigger propagation from the background scanner
2016-05-23 14:32:28 +02:00
Vincent Petry 68c5df798c Merge pull request #24765 from owncloud/boolean-installed-config
Make sure we evaluate installed everywhere as a boolean
2016-05-23 14:32:10 +02:00
Vincent Petry 57525a02f8 Merge pull request #24703 from owncloud/personal-settings-auth-tokens
Personal settings auth tokens
2016-05-23 14:17:01 +02:00
Robin Appelman f3979e5459 dont needlessly triger the propgator in the scanner 2016-05-23 13:53:05 +02:00
Vincent Petry bd87f67473 Merge pull request #24349 from owncloud/nfd-storagewrapper
Add wrapper for NFD encoding workaround
2016-05-23 13:45:33 +02:00
Vincent Petry 862d8f43e5 Merge pull request #24766 from owncloud/mmccarn-patch-2
Update imagePath to prefer theme, then app, then core images
2016-05-23 11:46:03 +02:00
Joas Schilling c2cac0940d
Only show message in the UI when the checker is enabled 2016-05-23 11:29:40 +02:00
Christoph Wurst 847bbc51b6
add OCC command to enable/disable 2FA for a user 2016-05-23 11:21:13 +02:00
Christoph Wurst dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Christoph Wurst c20cdc2213
invalidate user session if the user is disabled 2016-05-23 10:32:16 +02:00
mmccarn 1bc5eb111b
Update imagePath to prefer theme, then app, then core images
imagePath updated so that image searches follow this priority:

1) /themes/$theme/apps/$app/img
2) /themes/$theme/$app/img
3) /themes/$theme/core/img
4) $appPath/img
5) /$app/img
6) /core/img

For each folder:
- if the specified file exists, use it.
- otherwise, if $basename.svg does NOT exist, try $basename.png
(This might better be "if filename was an svg, try the png"...)
2016-05-23 10:24:04 +02:00
Joas Schilling 7f1b8f22d4
Make sure that installed is a boolean 2016-05-23 10:09:22 +02:00
Vincent Petry 5ba1add03c Merge pull request #24603 from owncloud/federated_reshare
flat federated re-share
2016-05-23 09:52:13 +02:00
Vincent Petry c78bb2ab34 Merge pull request #24356 from owncloud/scanner-recursion-memory
Free up folder content from memory before recursing in the file scanner
2016-05-23 09:51:52 +02:00
Christoph Wurst 74277c25be
add button to invalidate browser sessions/device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 6495534bcd
add button to add new device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 12431aa399
list user's auth tokens on the personal settings page 2016-05-23 09:11:12 +02:00
Vincent Petry 8646802850 Merge pull request #24696 from owncloud/lock-jobs-while-executing
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel 2016-05-21 01:59:25 +02:00
Joas Schilling 7e3ce83526
Add a method to lock a table 2016-05-21 01:59:03 +02:00
Björn Schießle 7b25839bd5
use share initiator as fall back to access the file
in case of federated re-shares the owner can be a remote user.
Therefore we can't always use to owner to access the local file
2016-05-20 21:15:15 +02:00
Piotr Filiciak 9999e05660
Http Range requests support in downloads
Http range requests support is required for video preview
2016-05-20 18:16:44 +02:00
Vincent Petry 8fbb63d316
Some tweaks for systemtagmanager 2016-05-20 17:56:02 +02:00
Vincent Petry 88740f035d
Act on effective system tag canAssign permission
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.

This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Vincent Petry b5eb3d9e5a
Add system tag assignability check with groups
Whenever a user is not an admin, a tag is visible but not
user-assignable, check whether the user is a member of the allowed
groups.
2016-05-20 17:56:02 +02:00
Vincent Petry 3cd65fe25d
Add systemtag_group table and get/set methods
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Vincent Petry 09b3883d9c
Updated canUser* functions in SystemTagManager to accept objects 2016-05-20 17:56:02 +02:00
Vincent Petry 8343cfb64b
Add interface methods for permission check
Instead of checking for admin perm, use interface method
canUserAssignTag and canUserSeeTag to check for permissions.
Allows for more flexible implementation.
2016-05-20 17:56:02 +02:00
Christoph Wurst 11dc97da43
try token login first 2016-05-20 10:52:39 +02:00
Vincent Petry bac8e13324
Remove unneeded unsets in encoding wrapper 2016-05-20 09:33:59 +02:00
Vincent Petry e8d082208d
Fixes for encoding wrapper
Improved label
Fixed rename/copy/moveFromStorage/copyFromStorage and added tests
Improved findPathToUse algo
2016-05-20 09:33:59 +02:00
Vincent Petry f8b2b95408
Scanner must normalize new children names for cache diff
Since new children from the storage might contain NFD entries, these
must be normalized to NFC to be properly diff'ed with the cache
contents which is always NFC.

This fixes an issue where NFD entries would disappear from the cache
after rescannng for children.
2016-05-20 09:33:59 +02:00
Vincent Petry db4c7fe743
Add encoding wrapper as opt-in mount option
The encoding wrapper is now only applied when the mount option is set,
disabled by default.
2016-05-20 09:33:59 +02:00
Vincent Petry 63bbbf29f4
Add wrapper for NFD encoding workaround 2016-05-20 09:33:59 +02:00
Vincent Petry 65eae43ab1 Merge pull request #24721 from owncloud/public_psr4
Move \OCP to PSR-4
2016-05-19 15:53:03 +02:00
Vincent Petry f42cdec4c4 Merge pull request #24725 from owncloud/ocs-provider-psr4
Move OCS Provider to PSR-4 namespace
2016-05-19 15:36:19 +02:00
Vincent Petry 3b3940df6b Merge pull request #24660 from owncloud/no-token-login-for-disabled-users
don't allow token login for disabled users
2016-05-19 15:32:09 +02:00
Joas Schilling 20f229eed9
Move OCS Provider to PSR-4 namespace 2016-05-19 11:10:32 +02:00
Roeland Jago Douma 893204ef4a
Fix broken exception naming 2016-05-19 10:05:53 +02:00
Christoph Wurst f824f3e5f3
don't allow token login for disabled users 2016-05-18 21:10:37 +02:00
Christoph Wurst 0626578739
add method to query all user auth tokens 2016-05-18 18:25:37 +02:00
Vincent Petry 01f44d83b2 Merge pull request #24691 from owncloud/fixchunkttl
Allow chunk GC mtime tolerance for unfinished part chunks
2016-05-18 18:19:08 +02:00
Robin Appelman e6386652df Trigger propagation from the background scanner 2016-05-18 14:31:43 +02:00
Vincent Petry e0af5263fb
Allow chunk GC mtime tolerance for unfinished part chunks
Whenever part chunks are written, every fwrite in the write loop will
reset the mtime to the current mtime. Only at the end will the touch()
operation set the mtime to now + ttl, in the future.

However the GC code is expecting that every chunk with mtime < now are
old and must be deleted. This causes the GC to sometimes delete part
chunks in which the write loop is slow.

To fix this, a tolerance value is added in the GC code to allow for
more time before a part chunk gets deleted.
2016-05-18 13:39:37 +02:00
Christoph Wurst 98b465a8b9
a single token provider suffices 2016-05-18 09:20:48 +02:00
Robin Appelman de5b7609f9 use mount providers to setup home storages (#24567) 2016-05-17 21:40:55 +02:00
Roeland Douma 5c9103287f Group fixup (#24621)
* Move used OC_Group_xx to \OC\Group

* Add (deprecated) legacy wrapper in legacy, OC_Group_xx

* Replace deprecated use of OC_Group_xx with \OC\Group\xx
2016-05-17 16:06:44 +02:00
Jörn Friedrich Dreyer ca8d2e2f2e Merge pull request #24370 from owncloud/iclientservice-dicontainer
add IClientService to DI container
2016-05-17 09:33:54 +02:00
Jörn Friedrich Dreyer 5e03e9a843 Merge pull request #24083 from owncloud/fix-race-condition
Read only once
2016-05-17 09:03:57 +02:00
Vincent Petry 3db709d568 Merge pull request #24600 from owncloud/http-client-lazy-config
only configure the http client once we start using it
2016-05-13 16:10:24 +02:00
Vincent Petry 6938904b07 Merge pull request #24614 from owncloud/token-validation-log
don't spam the log file with failed token validation entries
2016-05-13 16:09:49 +02:00
Christoph Wurst ed01305e29
don't spam the log file with failed token validation entries 2016-05-13 09:53:50 +02:00
Roeland Jago Douma 05cc0dd478
Move \OC\Template to PSR-4 2016-05-13 08:54:07 +02:00
Roeland Jago Douma eb79b83831
Move functions.php to legacy
This file should really be properly namespaced etc!
2016-05-13 08:54:07 +02:00
Robin Appelman ea0f09a7ed only configure the http client once we start using it 2016-05-12 13:29:45 +02:00
Morris Jobke 9b3eefbf95 Merge pull request #24563 from owncloud/redis-factory
factor out redis configuration into it's own factory
2016-05-12 13:15:12 +02:00
Roeland Douma 9b05f37fad lib/private/ocs to PSR-4 (#24558)
* Move OC_OCS_XX to legacy

* Move \OC\OCS to PSR-4

* OC_OCS_xx to \OC\OCS\xx

* Moved OC_OCS_xx to proper namespace
* OC_OCS_xx is still there for legacy reasons as a wrapper

* No calls to OC_OCS_xx in \OC\OCS\
2016-05-12 09:43:53 +02:00
Lukas Reschke 52add798d4 Do not automatically try to enable index.php-less URLs (#24539)
The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur
l` entry and then derives the `RewriteBase` from it.

This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc.

This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…)

Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if
admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`.

For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master.

Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9.

Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.
2016-05-12 09:43:26 +02:00
Jörn Friedrich Dreyer e03f9e8103 allow configuration of memcached options (#23729)
* allow configuration of memcache options

Use production values for memcached as explained in http://apprize.info/php/scaling/15.html

The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server.

cc @MorrisJobke @FelixBoehm

* add config sample

* merge config options, throw hint on config error

* fix typo

* fix config sample
2016-05-11 19:38:00 +02:00
Thomas Müller 8729415880 Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands
Correctly register PSR-4 autoloading before install.php and loading commands
2016-05-11 13:53:16 +02:00
Christoph Wurst 0486d750aa
use the UID for creating the session token, not the login name 2016-05-11 13:36:46 +02:00
Christoph Wurst 69dafd727d
delete the token in case an exception is thrown when decrypting the password 2016-05-11 13:36:46 +02:00
Christoph Wurst af707fba41
use the query builder instead of raw sql statements 2016-05-11 13:36:46 +02:00
Christoph Wurst 46bdf6ea2b
fix PHPDoc and other minor issues 2016-05-11 13:36:46 +02:00
Christoph Wurst a9b500c03b
catch possible SessionNotAvailableExceptions 2016-05-11 13:36:46 +02:00
Christoph Wurst f0f8bdd495
PHPDoc and other minor fixes 2016-05-11 13:36:46 +02:00
Christoph Wurst 699289cd26
pass in $request on OCS api 2016-05-11 13:36:46 +02:00
Christoph Wurst 168ccf90a6
try apache auth too 2016-05-11 13:36:46 +02:00
Christoph Wurst 8cc5f6036f
Fix existing tests 2016-05-11 13:36:46 +02:00
Christoph Wurst 7aa16e1559
fix setup 2016-05-11 13:36:46 +02:00
Christoph Wurst 7e7d5a2ef2
Add fallback to allow user:token basic auth 2016-05-11 13:36:46 +02:00
Christoph Wurst fdc2cd7554
Add token auth for OCS APIs 2016-05-11 13:36:46 +02:00
Christoph Wurst 8d48502187
Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst 53636c73d6
Add controller to generate client tokens 2016-05-11 13:36:46 +02:00
Christoph Wurst 3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst 2fa5e0a24e
invalidate (delete) session token on logout
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Joas Schilling db16dc6644
Correctly register autoloading before install.php and loading commands 2016-05-11 11:18:00 +02:00
Thomas Müller 9eea062004 Merge pull request #24433 from owncloud/user_psr4
lib/private/user to PSR-4
2016-05-11 11:16:56 +02:00
Lukas Reschke 4a05e9ce76 Merge pull request #24379 from owncloud/remove-unneeded-code
Remove unneeded private wrapper methods
2016-05-10 20:19:48 +02:00
Roeland Jago Douma f6ee738ba8
Add \OC\User\Backend
Since some apps (ldap et al) still depend on OC_User_Backend this seemed
like the cleanest approach.
2016-05-10 19:53:36 +02:00
Roeland Jago Douma 9e1d9871a8
Move OC_User_Database to \OC\User\Database 2016-05-10 19:53:36 +02:00
Roeland Jago Douma 9504500e5f
Move \OC\User to PSR-4 2016-05-10 19:53:36 +02:00
Roeland Jago Douma c51ebb02fa
Move OC_User_XX to legacy folder 2016-05-10 19:53:36 +02:00
Lukas Reschke e8e72aa910 Merge pull request #24434 from owncloud/permalinks
Permalinks
2016-05-10 09:44:50 +02:00
Lukas Reschke 8b428d84c0
Make update server URL configurable
Currently testing the updates is a big problem and not really super easy possible. Since we now have a new updater server we should also make this configurable so that people can properly test updates.
2016-05-09 11:25:58 +02:00
Thomas Müller a502de0d28 Merge pull request #24419 from owncloud/allow-di-for-migration-steps
Allow migration steps to use automatic DI
2016-05-09 09:56:56 +02:00
Vincent Petry caefe23bb6
Send permalink in internal share notification emails 2016-05-06 16:46:59 +02:00
Jarrett 482bfae123 Set higher timeout limit
Set the timeout limit to be 20 instead of 5 for machines that take longer to load the apps from apps.owncloud.org so that it doesn't show up blank.
2016-05-05 14:20:46 -06:00
Morris Jobke 873849e843 Merge pull request #24432 from owncloud/issue-24270-never-save-app-language-into-request-lang
Do not save the language as request lang for apps when we didn't find…
2016-05-04 13:47:08 +02:00
Björn Schießle 61be98f554 Merge pull request #24410 from owncloud/fix_24182
first call the post_login hooks, before we call getUserFolder.
2016-05-04 10:23:38 +02:00
Joas Schilling 9fbb8ce302
Do not save the language as request lang for apps when we didn't find any 2016-05-04 08:28:13 +02:00
Roeland Douma b059aac143 Merge pull request #24411 from owncloud/share_psr4
Move \OC\Share to PSR-4
2016-05-04 07:47:52 +02:00
Robin Appelman e2f6aa3a57 factor out redis configuration into it's own factory 2016-05-03 16:02:17 +02:00
Thomas Müller 4b2544925f Merge pull request #23844 from owncloud/disable-user
Add occ commands to enable and disable a user + a disabled user can n…
2016-05-03 15:22:41 +02:00
Joas Schilling dda949e915
Allow migration steps to use automatic DI 2016-05-03 15:16:39 +02:00
Lukas Reschke df2eb96cc4 Merge pull request #24389 from owncloud/login-by-email
Allow login by email address
2016-05-03 13:44:38 +02:00
Roeland Jago Douma f90acb1b53
Move \OC\Share to PSR-4 2016-05-03 12:39:13 +02:00
Thomas Müller 06293783e0 Merge pull request #24387 from owncloud/locking-mark-reload-free
free up memory when releasing the last shared lock
2016-05-03 12:03:41 +02:00
Thomas Müller f8c04a4219 Merge pull request #24392 from owncloud/declare-cron-jobs-in-info.xml
Declare cron jobs in info.xml
2016-05-03 12:03:28 +02:00
Thomas Müller 15a479fb96 Merge pull request #24408 from owncloud/improve-server-container
Improve server container
2016-05-03 12:03:09 +02:00
Thomas Müller 66bc092724 Merge pull request #24405 from owncloud/user_db_capped_cache
Use a CappedCache in the user database backend
2016-05-03 11:54:21 +02:00
Björn Schießle 8c0984d605
first call the post_login hooks, before we call getUserFolder.
The login process needs to be completed before we can safely create
the users home folder. For example we need to give encryption a chance
to initialize the users encryption keys in order to copy the skeleton
files correctly
2016-05-03 10:46:05 +02:00
Joas Schilling 6ab004fac1
Fix doc block 2016-05-03 10:30:07 +02:00
Joas Schilling 1e5f85ac8c
Use internal tag so IDEs highlight the usage 2016-05-03 10:29:47 +02:00
Roeland Jago Douma 5ba6fe2983
Use a CappedCache in the user database backend
When running with a user database backend on large installations the
cache can grow to significant sizes. This can be especially problematic
when running big cron/repair jobs.
2016-05-03 09:29:22 +02:00
Thomas Müller 71fa0a75bf
Allow declaration of background jobs in info.xml 2016-05-03 08:58:12 +02:00
Roeland Jago Douma 03f1a270cc
Move \OC\Log to PSR-4 2016-05-03 08:57:26 +02:00
Roeland Jago Douma fc82047e26
Move OC_Log_xx to \OC\Log namespace 2016-05-03 08:57:26 +02:00
Lukas Reschke adf7e7295e Merge pull request #24375 from owncloud/archive_move
Move OC_Archive to \OC\Archive and PSR-4
2016-05-03 08:37:01 +02:00
Morris Jobke a72e6a2dac Merge pull request #24386 from owncloud/psr4-for-apps
PSR-4 for apps
2016-05-03 08:24:22 +02:00
Roeland Douma ed3b9d5aff Merge pull request #24381 from owncloud/correc_typehint
Use correct typehint for the IProviderFactory
2016-05-03 07:40:25 +02:00
Roeland Douma c87bd0432a Merge pull request #24380 from owncloud/move-activity-manager-to-namespace
Move activity manager to the namespace
2016-05-03 07:40:04 +02:00
Roeland Jago Douma c96ed5c4ce
Move OC_Archive to \OC\Archive\Archive
* Move out of legacy folder
* Move to proper namespace
* Fix calling code
2016-05-02 19:34:32 +02:00
Roeland Jago Douma 0cb434686c
Move OC_Archive_XX to PSR-4
* Fix code
* Fix tests
2016-05-02 19:32:51 +02:00
Thomas Müller 05cf552f66 Merge pull request #24322 from owncloud/install-and-uninstall-repair-steps
Adding repair steps for install and uninstall
2016-05-02 17:50:29 +02:00
Roeland Douma b84825f030 Merge pull request #24229 from owncloud/session-id-wrapper
add ISession::getId() wrapper for session_id
2016-05-02 16:49:38 +02:00
Joas Schilling d879354ccb
Use lib/ instead of src/ because that is what people are used to 2016-05-02 15:45:52 +02:00
Joas Schilling ee3457aec0
Register the PSR-4 path on loadApp 2016-05-02 15:17:14 +02:00
Thomas Müller 7aca13f14c
Allow login by email address 2016-05-02 14:51:01 +02:00
Thomas Müller fd844f3eb3 Merge pull request #24336 from owncloud/issue-24328-remove-password-from-exception-trace-in-dav-auth
Remove the password from the validateUserPass() method as well
2016-05-02 14:33:07 +02:00
Thomas Müller b10dcfc3b7
Fixing local event delivery for calendar events based on the email address 2016-05-02 14:20:59 +02:00
Robin Appelman 9677681a37 free up memory when releasing the last shared lock 2016-05-02 14:18:46 +02:00
Thomas Müller d7eb17bdc0 Merge pull request #24327 from owncloud/better-callForAllUsers-performance
Better callForAllUsers memory usage
2016-05-02 13:12:43 +02:00
Roeland Jago Douma eb1d5fdaf8
Use correct typehint 2016-05-02 11:59:54 +02:00
Joas Schilling 7bfc617b03
Move activity manager to the namespace 2016-05-02 11:57:24 +02:00
Lukas Reschke f81b57bc45
Read only once
This can lead to race conditions otherwise. Also depracted hasKey
2016-05-02 11:31:57 +02:00
Morris Jobke 5595e038ae
Remove unneeded private wrapper methods 2016-05-02 11:23:14 +02:00
Joas Schilling 3397e27657
Remove the password from the validateUserPass() method as well 2016-05-02 10:44:09 +02:00
Morris Jobke 6b12f96b14 Merge pull request #24341 from owncloud/scan-nfd-showwarning
Add files:scan warning when NFD or incompatible encoding found
2016-05-02 09:41:12 +02:00
Roeland Jago Douma 9b875db8b8
OCS API should catch LoginExceptions
Catching the login exception and returning false (login failed). Makes
the OCS API properly return data instead of printing the exception page.
2016-05-02 09:31:22 +02:00
Thomas Müller 9c9fec36dd
Add occ commands to enable and disable a user + a disabled user can no longer login - fixes #23838 2016-05-02 09:31:22 +02:00
Thomas Müller 5e055ca6c1
Move uninstall repair step execution to the correct place 2016-05-02 09:22:26 +02:00
Thomas Müller b0211a54c4
Repair steps no longer implement the Emitter interface 2016-05-02 09:17:20 +02:00
Thomas Müller f91e5f87d2
Fix installer file location 2016-05-02 09:06:19 +02:00
Thomas Müller e049953d1a
OC_Installer -> \OC\Installer 2016-05-02 08:52:06 +02:00
Thomas Müller 54f45f95f5
Adding repair steps for install and uninstall - fixes #24306 2016-05-02 08:52:06 +02:00
Roeland Jago Douma e68ca8695d
Move lonely file from \OC\Files to PSR-4
Conflicting PR probabaly caused this
2016-05-01 19:40:55 +02:00
Christoph Wurst 13883d2d57
add IClientService to DI container 2016-05-01 15:08:56 +02:00
Roeland Jago Douma 0caa09e845
Move \OC\Group to PSR-4 2016-05-01 13:10:07 +02:00
Roeland Jago Douma d89b533fa5
Move old classes to legacy 2016-05-01 13:09:28 +02:00
Thomas Müller 4575e8acfc Merge pull request #24360 from owncloud/cleanup_non_psr4
Move non PSR-4 files from lib/private root to legacy
2016-05-01 08:47:38 +02:00
Roeland Douma 3a7ad79505 Merge pull request #24212 from owncloud/no_need_to_prop_etag_on_shares
There is no need to do old etag propagation on shares
2016-04-30 12:40:30 +02:00
Roeland Jago Douma 368be8894c
Move non PSR-4 files from lib/private root to legacy
As discussed we move all old style classes (OC_FOO_BAR) to legacy.
Then from there we can evaluate the need to convert them back or if they
can be fully deprecated/deleted.
2016-04-30 11:32:22 +02:00
Roeland Douma 8f8ae963fd Merge pull request #24207 from owncloud/cache-mount-provider
mount custom cache folder using mount providers
2016-04-30 10:47:35 +02:00
Roeland Jago Douma 00122c166a
Properly get the internal path for a cachejail move 2016-04-30 10:40:45 +02:00
Thomas Müller 6c2e94e0b2 Merge pull request #24335 from owncloud/warning-for-wrongly-done-storage-wrappers
Add a warning if a storage wrapper was registered outside of the hook
2016-04-29 17:43:50 +02:00
Thomas Müller e59ccc5fe9 Merge pull request #24299 from owncloud/availability-avoid-concurrency
Prevent concurrent storage availability checks
2016-04-29 17:43:31 +02:00
Robin Appelman e51467689d
mount custom cache folder using mount providers 2016-04-29 17:41:09 +02:00
Thomas Müller f79a81258e Merge pull request #24357 from owncloud/psr_more2
Move more from \OC to PSR-4
2016-04-29 17:39:44 +02:00
Vincent Petry b3a2828c46 Merge pull request #24350 from owncloud/locking-release-memory
optimize releaselock for memcache based locking backends
2016-04-29 17:00:44 +02:00
Vincent Petry 4326d73ff6
Fix SMB storage to not normalize UTF8
This makes sure that even if a NFD file name exists, it is found by the
storage and will be visible to higher layers. Even though the file will
be discarded anyway there, it gives the scanner a chance to display a
warning at least.
2016-04-29 16:19:53 +02:00
Morris Jobke daf5f793a4 Merge pull request #24351 from owncloud/capped-normalized-cache
cap the normalized path cache
2016-04-29 15:22:06 +02:00
Robin Appelman a3623745d5 Free up folder content from memory before recursing in the file scanner 2016-04-29 15:16:41 +02:00
Roeland Jago Douma f52c5b31b6
Move more from \OC to PSR-4
* \OC\OCSClient
* \OC\Preview
* \OC\PreviewManager
* \OC\Repair
* \OC\RepairException
* \OC\Search
* \OC\ServerContainer
* \OC\ServerNotAvailableException
* \OC\ServiceUnavailableException
* \OC\Setup
* \OC\Streamer
* \OC\SubAdmin
* \OC\SystemConfig
* \OC\TagManager
* \OC\Tags
* \OC\TempManager
* \OC\TemplateLayout
* \OC\URLGenerator
* \OC\Updater
2016-04-29 15:08:01 +02:00
Roeland Douma 5bf7e6dd02 Merge pull request #24352 from owncloud/psr4_more
Move more of \OC to PSR-4
2016-04-29 14:57:58 +02:00