This avoids hitting the backend with multiple requests for the same
token. And will help avoid quick LDAP lockouts.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* includes making ICheck not requiring any context setter
* and IFileCheck extending the IEntityCheck as entity data can be handed in
via Dispatcher
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Some user backends (like the database backend) allow us to obtain a user
case insensitive. However the UID itself is case sensitive.
Example:
* create a user User1
* login as User1
- This results the data/User1 folder to be created etc
* now have some code somewhere that obtains the userFolder (from
IRootFolder) but pas in 'uSER1' as uid
- The code will check if that is a valid user. And in this case it is
since User1 and uSER1 both map to the same user
- However the the UID in the user object is used for the folder a new
folder fill be create data/uSER1
With this PR this is avoided now. Since we obtain the real UID casing in
the backend before creating the user object.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fixing issue in addSubTag()
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fix const
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
autoload
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Revert "fixing issue in addSubTag()"
This reverts commit a9ab2ab91b98133c69272f27ea1b51594719e241.
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
syntax
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
The main use case here is storage provided versioning where we dont have
separate file ids for all the versions, by allowing a prefix for the
version we can store separate previews for all the versions.
Additionally, by keeping all the version previews in the same folder as the
"normal" previews they will be cleaned up properly when the file is deleted
Signed-off-by: Robin Appelman <robin@icewind.nl>
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
the main difference is passing the `File` object to the provider
instead of a `View` + path
Old providers will still continue to work as before
Signed-off-by: Robin Appelman <robin@icewind.nl>
To have a faster autoloading. We should get rid of those of course. But
for now I do not see it happening any time soon.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#15675
This makes loading of the actual L10N lazy. So we only detect and load
the actual translations when they are used. Instead of trying to load
them all the time just because an app is enabled.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This allows a user to mark a token for remote wipe.
Clients that support this can then wipe the device properly.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This adds the new login flow. The desktop client will open up a browser
and poll a returned endpoint at regular intervals to check if the flow
is done.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Before https://github.com/nextcloud/server/pull/13843 a "photo." file could be created
for unsupported image formats by photocache. Because a file is present but not jpg, png or gif no
photo could be returned for this vcard. These invalid files are removed by this repair step.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
this provides a reliable way for apps to listen to new files
without the need to of cache wrappers to hook into inserts themselves
(something which isn't 100% reliable)
Signed-off-by: Robin Appelman <robin@icewind.nl>
Fixes#12568
Since the clearing of the execution context causes another reload. We
should not do the redirect_uri handling as this results in redirecting
back to the logout page on login.
This adds a simple middleware that will just check if the
ClearExecutionContext session variable is set. If that is the case it
will just redirect back to the login page.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#13662
This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.
This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>