Commit Graph

2145 Commits

Author SHA1 Message Date
Lukas Reschke e974f26afa
Rename extension point
To align with upstream.

Fixes https://github.com/nextcloud/guests/issues/3

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-28 09:49:02 +02:00
Robin Appelman ab9a36e872
allow apps to set custom mount types
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-28 09:38:21 +02:00
Ivan Sein 9c4275a832 Show tooltip for second action.
Signed-off-by: Ivan Sein <ivan@nextcloud.com>
2017-04-27 18:11:35 +02:00
Roeland Jago Douma 646db7f88d Merge pull request #4518 from nextcloud/downstream-25838
Fix share indicator handling
2017-04-26 19:23:27 +02:00
Vincent Petry 17a31a51c6
Fix share indicator handling
Properly update the fileInfoModel with the updated share types, which
also updates the file list row indicator properly
2017-04-26 13:38:12 +02:00
Georg Ehrke 6bbc682c4b
handle 404 separately
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:30:21 +02:00
Georg Ehrke 99b201a188
unit test jquery.contactsmenu
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:15 +02:00
Georg Ehrke e61cf83faf
better detection whether or not contactsmenu target was clicked
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:14 +02:00
Georg Ehrke 399f08bd33
add contactsmenu popover to resharer infobox
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:14 +02:00
Georg Ehrke 4d60aff6ec
Contactsmenu popover: show proper message when server throws error
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:14 +02:00
Georg Ehrke 8f404c1f56
don't toggle sharing popover together with contactsmenu popover
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:14 +02:00
Georg Ehrke c844b2931e
close menu again when clicking on avatar
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:26:56 +02:00
Georg Ehrke 60f9ed6241
add contactsmenu popover
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:26:53 +02:00
Jan-Christoph Borchardt 241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Jan-Christoph Borchardt 0f0b04b7d9 Fix test
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:06:56 +02:00
Morris Jobke 417bc606e4 Merge pull request #4508 from nextcloud/fix/remove-js-debug-logging
Remove js debug logging
2017-04-25 18:26:53 -03:00
Christoph Wurst fd74ad452a Remove js debug logging
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 21:42:38 +02:00
Jan-Christoph Borchardt 2ccaae8968 Fix emptycontent HTML and wording
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-25 20:47:18 +02:00
Christoph Wurst 945420baaf Use HTTP POST to retrieve the list of contacts
We do not want to have sensitive information in the URL and
therefore also not in the access log. Thus the GET request is
replaced by a POST request.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst 5c61852c25 Fix failing contacts menu js test data
When we test wheter action menus in the contacts menu close
when clicking other ones, we have to provide test data
that actually causes the view to render the menu.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst ecd408d524 Fix icon of second action
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 2c2e1f7988 Use absolute URI for action icons
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 5762cd9436 Use tooltop for contact's top action title
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Lukas Reschke 6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Julius Härtl 27b19aaba1
Fix loading spinner for new app menu
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:25 +02:00
Julius Härtl 7548825743
Responsive app menu
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-04-25 17:31:24 +02:00
Roeland Jago Douma 82c9eb1c56 Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Daniel Calviño Sánchez 58cc1251be Use "complete" callback in onPasswordEntered
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:18:52 +02:00
Daniel Calviño Sánchez e0b0115f99 Extract common ajax call for addShare and updateShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:07:08 +02:00
Daniel Calviño Sánchez 3ab2958930 Document options parameter in saveLinkShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:05:34 +02:00
Daniel Calviño Sánchez 6e9f49f397 Add "complete" callback support for addShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:31:53 +02:00
Daniel Calviño Sánchez 488020cf2e Add "complete" callback support for updateShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:30 +02:00
Daniel Calviño Sánchez 726c6c73f4 Add missing unit test cases and conditions
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:05 +02:00
Morris Jobke fd7257332d Merge pull request #4321 from nextcloud/improve-sharing-tooltip
change sharing tooltip with a more general description of all available share options
2017-04-24 11:12:41 -03:00
Roeland Jago Douma 7a81d46fcb
Fix link password toggle
We took the wrong field from the share api response. So the password was
never shown as set.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-24 14:41:41 +02:00
Roeland Jago Douma c5617f4e8a Merge pull request #4463 from danxuliu/fix-working-icon-placement-on-password-save
Fix working icon placement on password save
2017-04-24 14:34:56 +02:00
Daniel Calviño Sánchez 36f55b5867 Fix working icon placement on password save
Before, the icon appeared below the text input for the password. Now, it
appears inside the text input, to the right end.

The CSS was adjusted based on other icons shown in that position for
other text inputs in the Share tab view, like the information icon or
the clipboard icon.

Fixes #4135

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:50:06 +02:00
Daniel Calviño Sánchez 153d053ee7 Fix working icon not hidden when successfully setting a password
When a request to set the password of a shared link is sent a working
icon is shown. However, as there was no "success" callback, the icon was
never hidden again after successfully setting the password (it worked
fine if there was an error, though).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Christoph Wurst 2317d7bb49
Fix sinon.stub deprecation warnings
Calls to `sinon.stub(obj, 'meth', fn)` are deprecated and therefore
replaced by `sinon.stub(obj, 'meth).callsFake(fn)` as instructed by
the deprecation warning.

This makes the js unit testing output readable again.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-24 10:39:37 +02:00
Lukas Reschke d0d34d308a
Add at most 10 password reset requests per 5 minutes and IP range
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-22 08:12:54 +02:00
Morris Jobke 9536cbf739 Merge pull request #4409 from nextcloud/socialharing_mail
Allow social sharing to specify if a new window is opened
2017-04-20 17:59:55 -05:00
Bjoern Schiessle f0651cb066
allow to set a password for shares which where created without a password before the admin started to enforce the password
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Bjoern Schiessle d8dcd72118
allow admin to enforce password on mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-20 16:33:26 +02:00
Roeland Jago Douma 48fd0ee9f0
Allow social sharing to specify if a new window is opened
For example mail shares should not open a new window because it looks
weird.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 16:32:46 +02:00
Joas Schilling 1c0bffe87f
Fix translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Bjoern Schiessle c6ae57ecee
simplify share placeholder
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-18 12:08:35 +02:00
Morris Jobke ec034757fa Merge pull request #4337 from nextcloud/fix-adblock-share-icon
Fix AdBlock blocking share icon, ref #866
2017-04-13 12:10:37 -05:00
Roeland Jago Douma 3eb6f88019
Move to handlebars.min.js
core.js is now below 1mb!

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-12 22:22:38 +02:00
Roeland Jago Douma abe887cd48
Moved to jquery-ui.custom.min.js
Shaves off about 200kb of the default loaded js libs

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-12 20:03:00 +02:00
Bjoern Schiessle a3c9dcf82a
change sharing tooltip with a more general description of all available share options
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-12 16:07:42 +02:00
Jan-Christoph Borchardt 37145a275f Fix AdBlock blocking share icon, ref #866
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-12 15:04:12 +02:00
Morris Jobke c2686be8da Merge pull request #4285 from nextcloud/bump-md5
[js] Bump blueimp-md5
2017-04-11 12:07:02 -05:00
Roeland Jago Douma 58f959864a
Show 'shared via' in share list for reshares
Fixes #1330

userA shares a file to userB
userB shares that file to userC

userA can see both userB and userC.
Now they can also see that userB shared it to user C

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 13:56:03 +02:00
Roeland Jago Douma 7d1745d1e7
[js] Bump blueimp-md5
* bumped to latest
* moved to min

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-10 20:37:07 +02:00
Morris Jobke ca9d25169d Merge pull request #4136 from nextcloud/expire-date-for-all-shares
Unified sharing options
2017-04-07 17:14:05 -05:00
Roeland Jago Douma bf30090be5
Parse date trough moment
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-07 22:16:29 +02:00
Bjoern Schiessle 0dc13d098f
reset password field properties before we hide it
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle c7b1a48da7
add datepicker to the popover
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle 3bce6a7a6f
allow to edit single files shared by mail. This is useful for collaborative editing documents
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:44:00 +02:00
Bjoern Schiessle 3323d01db1
update unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-07 15:43:59 +02:00
Roeland Jago Douma efb21a948e Merge pull request #4093 from nextcloud/endorse-password-protection
Endorse password protection
2017-04-04 11:04:21 +02:00
Roeland Jago Douma 7d72ae3011
Move to autosize.min.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-03 13:42:33 +02:00
Timo Benk 868500eda4
let the user set an empty password for share link
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:19 +02:00
Timo Benk 0d7801b6ce
endorseLinkPassword changed to enableLinkPasswordByDefault
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:11 +02:00
Timo Benk cbfe5f3c1f
feature endorse password for share links
works like "enforce password protection", but let the
user optionally remove the password protection after the
password is set.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:58:03 +02:00
Bjoern Schiessle 5540def5e3
change permission order
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:33 +02:00
Bjoern Schiessle 99ebdc1111
make sure that variables are defined correctly
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:33 +02:00
Bjoern Schiessle cfbabf8f2f
fix typo and capitalize cruds
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle b84fd7c361
set expire date for all share types
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle 3cc0d15f92
add secure drop functionallity to mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle c191173d59
allow password protected mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:29:32 +02:00
Bjoern Schiessle 0d5147bd49
add new password column to the share table in order to set passwords for share by mails
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:49 +02:00
Bjoern Schiessle d0eefd17d3
allow the user to set a expire date for all shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-03 10:20:47 +02:00
Roeland Jago Douma 2950bcbc70
Do not show social menu when there is no link share
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-31 17:29:41 +02:00
Joas Schilling 0fb7c631ce Merge pull request #4128 from nextcloud/updateclipboard
Update clipboard.js
2017-03-30 14:37:03 +02:00
Roeland Jago Douma 0da04fd284
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 22:54:08 +02:00
Roeland Jago Douma 54c68519ce
Allow avatars for full numeric users
Fixes #4087

Because of fancy javascript if a full numeric uid was used javascript
would convert this to an int. Now we just convert everything to a string
first.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 13:39:48 +02:00
Roeland Jago Douma b052addaca
Use minified clipboard.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-29 00:27:50 +02:00
Robin Appelman dc5ba95469 Merge pull request #4027 from nextcloud/better-spreed-call-urls
Better spreed call urls
2017-03-27 16:21:24 +02:00
Roeland Jago Douma f4c9e44403 Merge pull request #4073 from nextcloud/secure-drop
Rename File drop to Secure drop
2017-03-27 14:39:32 +02:00
Roeland Jago Douma 16b02a0fa9 Merge pull request #4064 from nextcloud/update-moment
Update momentjs
2017-03-27 14:10:54 +02:00
Olivier Paroz 5a6c7877f6
Rename File drop to Secure drop
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-26 16:13:35 -06:00
Lukas Reschke 3c1d76c282
Cleanup code as suggested by @icewind1991
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 19:45:36 +02:00
Lukas Reschke fea2108710
Make async
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 15:26:10 +02:00
Lukas Reschke 980ef89dbf
Fix callback
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:17:01 +02:00
Lukas Reschke 12a019d328
Use eval instead of $.script
Fixes https://github.com/nextcloud/server/issues/4067

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-26 14:12:44 +02:00
Roeland Jago Douma 62827dd1da
use moments.js min in core.js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-26 10:25:15 +02:00
Morris Jobke 2f7669179e Merge pull request #4043 from nextcloud/merge-js-for-template-prepend
Merge JS for template prepend
2017-03-24 15:42:08 -06:00
Lukas Reschke 6a4fde11e6
Merge login JS
Removes 2 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 21:18:24 +01:00
Lukas Reschke 4f73911bab Merge pull request #4041 from nextcloud/merge-systemtags-js
Merge systemtags JS
2017-03-24 21:12:42 +01:00
Lukas Reschke 6a470e5935
Merge JS for template prepend
Shaves off 14 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:37:13 +01:00
Lukas Reschke 4d68324ba6
Merge sharing backend JS
Removes 8 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:17:38 +01:00
Lukas Reschke a9c3692a9a
Merge systemtags JS
Shaves off 7 requests.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-24 20:08:27 +01:00
Joas Schilling 34f0ad4ebe
Allow to push a non-query URL to the browser history
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-24 11:51:58 +01:00
Lukas Reschke f94bc6f8bb Merge pull request #4013 from nextcloud/bundle_vendor_js
Bundle vendor js
2017-03-24 10:49:57 +01:00
Roeland Jago Douma df4d1f7b78 Merge pull request #4022 from nextcloud/downstream-27105
Remove auto-focus on certain input fields
2017-03-24 10:01:06 +01:00
Vincent Petry ab37577182
Properly clear heartbeat interval
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:37:24 -06:00
Vincent Petry 46a32045d7
Update karma, use sinon from npm
Update karma library and use sinon JS library provided by
karma-jasmine-sinon instead of local file.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:35:41 -06:00
Felix Heidecke a9dc3239b3
Remove auto-focus on certain input fields
* remove autofocus on input certain input fields if browser is msie
* Update sharedialoglinkshareview.js
* Update sharedialogview.js

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 17:34:50 -06:00
Roeland Jago Douma eda98ed3df
Merge vendor js
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
Roeland Jago Douma 4518a28924 Revert "Bundle vendor js" 2017-03-22 17:01:54 +01:00
Roeland Jago Douma ec3f5aa6e2 Merge pull request #3795 from nextcloud/bundle_vendor_js
Bundle vendor js
2017-03-22 13:34:21 +01:00
Roeland Jago Douma 98a14909e1
Bundle more default vendor js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-22 08:49:03 +01:00
Morris Jobke c3f08ab151
Remove tooltip of delete button for systemtags
* fixes #3967

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-21 21:49:25 -06:00
Lukas Reschke ac1aff7d92 Merge pull request #3950 from nextcloud/downstream-27149
Forbid to upload part files via web UI
2017-03-20 11:44:57 +01:00
Christoph Wurst 313173dd45 Merge pull request #3936 from nextcloud/downstream-27253
Add extensionpoint to sharedialogview
2017-03-20 08:31:01 +01:00
Felix Heidecke 11f838f9e4
Add ignore_files to config,
test files against ignore_files list on upload

fix typo and indentation

Move blacklist declaration to lib/public/Files/FileInfo.php,

Rename *ignored to *blacklisted

Mocked blacklist_files for testing

Mocked blacklist_files for testing

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 01:17:12 -06:00
Vincent Petry 703f2e6a61
Clear onpopstate handlers after unit tests
Fixes issue when running Karma tests in Firefox.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:15:21 -06:00
Felix Heidecke f198d77388
Add extensionpoint to sharedialogview
Write method overriding extension

Add a list of unknowns while inputting a search term

Rename OCA.Share extension point

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 22:40:36 -06:00
Maxence Lange 69694012ab shares-circles
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
2017-03-17 18:48:33 -01:00
Joas Schilling 0c0ce25b3c Merge pull request #3881 from nextcloud/downstream-26842
Backbone Webdav Adapter MKCOL support
2017-03-17 13:53:04 +01:00
Roeland Jago Douma 7a3acff782 Merge pull request #3874 from nextcloud/harden-js-by-disabling-eval-execution
Harden JS by disabling jQuery eval
2017-03-17 08:31:12 +01:00
Vincent Petry 6488ed3cff
Backbone Webdav Adapter MKCOL support
Usually Backbone collections cannot be created and just simply exists.
But in the Webdav world they need to be creatable.

This enhancement makes it possible to use a Backbone Model to represent
such collections and when creating it, it will use MKCOL instead of PUT.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-17 00:08:48 -06:00
Lukas Reschke 39afcbd49f Merge pull request #3679 from nextcloud/socialsharing
Add social sharing
2017-03-16 23:08:47 +01:00
Lukas Reschke 148e7abb51
Harden JS by disabling jQuery eval
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.

This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 23:03:02 +01:00
Morris Jobke cd4ebe2777 Merge pull request #3008 from nextcloud/appmenu-experiment
Show apps in header
2017-03-16 13:03:41 -06:00
Lukas Reschke 6c8d48b0f6
Harden t() with DOMPurify
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 14:17:42 +01:00
Roeland Jago Douma bb2ec51bbb
Fix unit tests of master
Follow up to #3802

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-16 12:46:02 +01:00
Roeland Jago Douma 57c1be8633 Merge pull request #3802 from Ko-/master
Check that set_time_limit is not disabled before calling it
2017-03-16 12:27:26 +01:00
Julius Haertl f58f8f6f47
Fix popover positioning after window resize
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:10 +01:00
Julius Haertl 61dc78e6dc
Fix menu issues
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Julius Haertl 42feab59d5
Show app icons in the header
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-03-16 11:55:09 +01:00
Ko- 786ee72146 Add warning on admin screen when set_time_limit is unavailable 2017-03-16 11:48:28 +01:00
Roeland Jago Douma 4d207680f2 Merge pull request #3624 from marncz/master
Update.js: countdown feedback before redirect
2017-03-16 07:56:51 +01:00
Marcin Czarnecki 1a3617cdd6 Spacing
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
2017-03-15 06:35:40 +00:00
Morris Jobke 13aae43d89
Fix layout of sharing buttons
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-14 22:52:28 -06:00
Marcin Czarnecki df2670ca3c Update: feedback before redirect
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
2017-03-14 20:36:17 +00:00
Joas Schilling beb3f92c4d
Remove the double password confirmation on changing cron
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-13 15:52:16 +01:00
Roeland Jago Douma be45d6aac9
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-06 21:26:04 +01:00
Roeland Jago Douma 835b49d941
Make sure copy tooltip remains when we have no social providers
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-03 13:36:20 +01:00
Roeland Jago Douma fd71b8bde8
Move social buttons to menu
* If there are social sharing buttons move them and the copy action to a
menu
* If there are no social sharing buttons just leave the copy action
where it is directly

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-03 13:27:06 +01:00
Roeland Jago Douma a85327fe87
Add social sharing
* Add socialshare manager
* Add social share field under link share

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-03 10:19:41 +01:00
Lukas Reschke b5a6f03362 Merge pull request #3643 from nextcloud/replace-deprecated-tipsy
Replace deprecated $.tipsy(...) by $.tooltip(...)
2017-02-28 10:49:14 +01:00
Morris Jobke 413d671d9e Merge pull request #3635 from individual-it/fix_quota_validation
better quota validation
2017-02-28 00:27:51 -06:00
Artur Neumann 9790fe7f5d make values with white spaces possible
a user might enter values with white spaces, and that should be possible
and valid

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 08:25:34 +05:45
Artur Neumann f1fccaca06 better quota validation
this fixes #3634

1. fixed computerFileSize to be more picky about incorrect values
2. more tests for computerFileSize
3. use computerFileSize to validate user quota

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 07:38:11 +05:45
Christoph Wurst 3e7e49884e Replace deprecated $.tipsy(...) by $.tooltip(...)
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-02-27 22:25:05 +01:00
Marcin Czarnecki 9f1fbc2c98 Update: feedback before redirect
Signed-off-by: marncz <M.Czarnecki1@uni.brighton.ac.uk>
2017-02-25 19:16:22 +00:00
Morris Jobke 8a7b8f966e Merge pull request #3489 from nextcloud/give-hint-about-opcache
Show info in admin settings about PHP opcache if disabled
2017-02-24 13:10:47 -06:00
Lukas Reschke bc2f23a0fc Merge pull request #2602 from nextcloud/resize-the-controls-after-the-sidebar-slided-in
Increase debounce time to make sure controls are resized after the sidebar disappeared
2017-02-23 15:46:06 +01:00
Morris Jobke cee8853658
Show info in admin settings about PHP opcache if disabled
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:45:48 -06:00
Bjoern Schiessle 11e5a3dcf4
fix typo
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-02-22 16:28:42 +01:00
Morris Jobke 8e3d0fecd2
Use intval() for validation of config options
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:22:06 -06:00
Morris Jobke 3284efd199
Improve the UX for sharing settings
* shows a info when list is potentially truncated
* shows a warning when characters length is not enough

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-21 17:07:07 -06:00
Morris Jobke 200a28255e
Always enable avatars
* we introduced this setting in the begining because our
  avatar support caused some performance issues, but we
  fixed them and should only provide one way how Nextcloud
  looks

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 17:53:33 -06:00
m3ntalsp00n 01963b4d72 Fix indentation and l10n compliance.
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-08 16:55:31 +10:00
m3ntalsp00n dd9ee2db6f fix tests, longer wait time, update notification stub
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-04 18:51:52 +10:00
m3ntalsp00n fd40613d8e showUpdate funciton allows updated messages
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-04 15:47:09 +10:00
Bjoern Schiessle 92d7dd4781
allow editing single files shared as public link
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-24 13:41:27 +01:00
Marius Blüm a460acb823
Increase debounce time to make sure controls are resized after the sidebar disappeared
Signed-off-by: Marius Blüm <marius@lineone.io>
2017-01-23 11:49:16 -06:00
John Molakvoæ (skjnldsv) f40e5b73f7
Fix #3174
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-01-21 19:06:57 +01:00
Joas Schilling 0f792fedef Merge pull request #3060 from nextcloud/cleanup-js-tests
Cleanup js tests
2017-01-13 14:47:06 +01:00
Christoph Wurst da28a1612e expect warning to be shown
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-13 11:33:12 +01:00
Christoph Wurst 9d56d5e94d add spies for l10n warnings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-13 11:20:19 +01:00
Bjoern Schiessle fcda3a20f4
create new encryption keys on password reset and backup the old one
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-10 17:04:32 +01:00
Roeland Jago Douma 6347d97c7f Merge pull request #2512 from nextcloud/cleanup-system-tag-usage
Only allow admins to delete tags
2017-01-06 16:17:09 +01:00
Arthur Schiwon 68a0f8e153
recognize LDIF (and schema) file types
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-06 12:25:16 +01:00
Joas Schilling 5533c77b91
Don't link to the oC forum
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-04 12:44:10 +01:00
Michael Jobst 969c19b2e9
Fixed size issues on main detail view and disappearing of share recipients (#26603)
* fixed size issues on main detail view and disappearing of share recipients

* Changes due to code comments

* Moved reloadProperties() to FileInfoModel

* Solved Scrutinizer issues

* Bugfix: undefined value used on error

* check if options are set for FileInfoModel.initialize()

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-23 16:56:55 +01:00
Vincent Petry 14256d631c
Use group display name in sharing API + UI 2016-12-22 18:35:32 +01:00
Patrick Paysant d4c088cb79
Verify input, add more unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:20 +01:00
Patrick Paysant ec4bca619d
Add test for unparseable string
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:13 +01:00
Patrick Paysant ff018d48cf
Implements all comments from @PVince81
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:05 +01:00
Patrick Paysant 6217393d6a
Adding computerFileSize in OC.Util
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:28:58 +01:00
Lukas Reschke 9aef75cb36 Merge pull request #2398 from nextcloud/fix-2368
flicker-free permission change in share dialog
2016-12-16 13:35:33 +01:00
Lukas Reschke 49473dee85 Merge pull request #2582 from nextcloud/callback-alos-on-close
Fire callback also on pure closing of prompt dialog
2016-12-09 13:44:53 +01:00
Morris Jobke ec52286a0f
Fire callback also on pure closing of prompt dialog
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-09 12:52:46 +01:00
Joas Schilling 924358ef96
Save the timezone on login again
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-08 10:45:24 +01:00
Arthur Schiwon f29f4d9c3a
fix rendering for mail shares
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-08 10:29:51 +01:00
Arthur Schiwon 3ac8d422de
disable checkboxes during save op to avoid race conditions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-08 10:29:51 +01:00
Arthur Schiwon 056e59af7e
fix some coding style and stricter comparisons, makes scrutinizer happier
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-08 10:29:51 +01:00
Arthur Schiwon 39c2d9e663
also handle can-edit change
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-08 10:29:51 +01:00
Arthur Schiwon 2514176e41
flicker-free permission change in share dialog
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-08 10:29:51 +01:00
Joas Schilling 9ea432f88c
Adjust the JS unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-06 17:50:57 +01:00
Joas Schilling b8e9d255d3
Only allow admins to delete tags
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-06 16:30:21 +01:00
Arthur Schiwon c2062a93a3
set different permissions if file or folder
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-06 15:41:10 +01:00
Arthur Schiwon 02f26751ce
set full edit permissions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-06 15:22:33 +01:00
Arthur Schiwon 9c249427d1
fix change permission on mail shares of folders
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-06 13:44:27 +01:00
Morris Jobke a2867c0664
Properly check the data dir
* fixes #1364

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-05 23:35:35 +01:00
Morris Jobke 8fdfb41b93 Merge pull request #1934 from nextcloud/move-latly-used-tags-to-the-top
Move lately used tags to the top
2016-12-05 16:10:33 +01:00
Morris Jobke db56df1893 Merge pull request #2469 from nextcloud/fix-loading-icon-background
Remove white background from loading icon
2016-12-02 15:53:38 +01:00
Robin Appelman e055fbd4da
adjust js tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-02 13:40:23 +01:00
Morris Jobke 0853f0e7a8
Remove white background from loading icon
* allows to use the loading icon on non-white background (disabled input fields for example)
* fixes #2466

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-02 12:39:12 +01:00
Robin Appelman 8a3b660969
only reload on errors when logged in
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-01 23:44:50 +01:00
Morris Jobke e7a146bd62
fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-29 13:40:41 +01:00
John Molakvoæ 1d50cab1c6
Use displayname
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-11-29 12:17:27 +01:00
Lukas Reschke 183bee9b67 Merge pull request #2342 from nextcloud/filepicker-shadow
Fix filepicker styling
2016-11-28 15:00:19 +01:00
Robin Appelman b2b9abfa33
move more sizing logic to css
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-28 14:05:46 +01:00
Lukas Reschke 518e2edba4 Merge pull request #2341 from nextcloud/filepicker-public-share
use public share fileclient when available
2016-11-28 13:58:07 +01:00
Robin Appelman 7ac240f6f2
fix dialog to window using css
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-28 13:49:45 +01:00
Robin Appelman 26af409a6e
center dialog using css
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-28 13:44:27 +01:00
Morris Jobke d02296d42f Merge pull request #2363 from nextcloud/fix-2329
open popup menu in share dialog only for one sharee on render
2016-11-28 12:54:51 +01:00
Lukas Reschke ddea6d1a90 Merge pull request #2365 from nextcloud/resize-the-controls-after-the-sidebar-slided-in
Make sure the controls is resized after the sidebar disappeared
2016-11-28 12:50:37 +01:00
Bjoern Schiessle e5c31b72e1
bring back permissions for mail shares
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-28 11:24:05 +01:00
Joas Schilling 65c03c26ea
Make sure the controls is resized after the sidebar disappeared
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-28 11:23:05 +01:00
Arthur Schiwon 1965617a2f
open popup menu in share dialog only for one sharee on render
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-11-28 10:56:22 +01:00
Robin Appelman a8ce10bba3
limit filepicker height to screen
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-25 20:54:08 +01:00
Robin Appelman f4d79485d7
fix styling of filepicker dialog
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-25 20:54:08 +01:00
Robin Appelman 97b2782c5b
use public share fileclient when available
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-25 19:23:17 +01:00