mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
41,547 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

437 Commits

Author SHA1 Message Date
Morris Jobke 4b73ddc9ce
Merge pull request #6437 from nextcloud/support-mail-send-in-share 
Add support for `\OCP\Share\IShare::getMailSend` back
 2017-11-27 11:29:38 +01:00
Morris Jobke a51a8fbcaf
Federation actually sends an email via Share 2.0 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-27 10:54:40 +01:00
Morris Jobke c930f70b52
Harden phan checks to catch more errors 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-27 07:53:56 +01:00
Björn Schießle f347e2e4a6
Merge pull request #7047 from nextcloud/add-support-for-files-with-no-permissions 
Add support for files with no permissions
 2017-11-20 16:15:52 +01:00
Julius Härtl 7006b739b0
Remove brackets for invalid mail addresses when updating the license header 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-11-07 10:50:42 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 20:38:59 +01:00
Morris Jobke 0eebff152a
Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +01:00
Daniel Calviño Sánchez 555d582f35 Return whether the file is readable or not in the DAV permissions 
Until now it was safe to assume that every file was readable by its
owner, so there was no need to return whether the file was readable or
not. However, with the introduction of end to end encryption that is no
longer the case, and it is now necessary to explicitly provide that
information.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2017-11-02 19:37:00 +01:00
Roeland Jago Douma 2f36744aff
Update phan config 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-24 20:40:14 +02:00
Roeland Jago Douma ab20a64ed4
DAV Autoloader 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-24 20:40:11 +02:00
Roeland Jago Douma 112b0d57a8
Comments Autoloader 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-24 20:40:11 +02:00
Roeland Jago Douma ce7c9dfe8a
Admin Audit autoloader 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-24 20:40:09 +02:00
Roeland Jago Douma ff9f325677
Ignore composer stuff in phan 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-17 22:22:36 +02:00
Roeland Jago Douma 5d7d96dc45
Update autoload checker 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-17 21:55:06 +02:00
Roeland Jago Douma 17bd2fb268
Phan is moved to a new repo 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-10-16 16:23:55 +02:00
Robin Appelman f0c7b8f264
show diff in autoload checker 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-09-18 17:20:08 +02:00
Joas Schilling 242c9ee06c
No more root file 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-25 12:47:39 +02:00
Roeland Jago Douma 02b9388fc6
Move image-optimization.sh to build dir 
* We should not ship this!

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-07-24 08:08:18 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections 
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-20 22:48:13 +02:00
Lukas Reschke 591aaa4154
Add workaround for https://github.com/etsy/phan/issues/1033 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-19 11:08:43 +02:00
Lukas Reschke d8ec399454
Run phan over code base 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-19 10:28:11 +02:00
Morris Jobke 844e7b03b4 Add test to check if new files are added to the root of the repository 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-07-12 11:52:42 +02:00
Lukas Reschke 633396001f
Prevent sending second WWW-Authenticate header 
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.

Fixes https://github.com/nextcloud/server/issues/5088

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-06-13 13:54:52 +02:00
Lukas Reschke b8de3f40ee
Bearer comes first on the new endpoint 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 21:57:07 +02:00
Lukas Reschke 639ba526d0
Adjust realm from SabreDAV to Nextcloud 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 21:38:55 +02:00
Lukas Reschke f93db724d7
Make legacy DAV backend use the BearerAuth backend as well 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 21:19:39 +02:00
Lukas Reschke 538112181f
Add additional test for accessing DAV using Bearer Auth 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:11 +02:00
Lukas Reschke f2a01e1b08
Use a standardized Bearer now 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:10 +02:00
Lukas Reschke a4116220cb
Add app to autoenabled provisioning API scenario 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:08 +02:00
Morris Jobke 692e056df9 Extract app name and navigation entries for l10n 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-05-08 23:24:28 -05:00
Morris Jobke 865cd487c4
Split up sharing-v1-part2.feature to avoid timeouts 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-05-02 12:55:29 -03:00
Vincent Petry d379b197d5
Fix forbidden backslash DAV integration tests 2017-04-26 15:47:59 +02:00
Sergio Bertolin a761d4cce7
Added test cases from core 16825 2017-04-26 15:29:01 +02:00
Vincent Petry 9bff66e68d
Simplified new endpoint move test 2017-04-26 15:27:02 +02:00
Vincent Petry c30feafaa2
Added case when final chunk move must not change file id 2017-04-26 15:26:15 +02:00
Sergio Bertolin 9ab17c95c0
Added test about checking file id after a move 2017-04-26 15:24:19 +02:00
Morris Jobke 51da0442d9 Merge pull request #4494 from nextcloud/fix-jsunit 
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher
 2017-04-25 12:45:52 -03:00
Morris Jobke dd5dbe3ebd
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-25 10:26:46 -03:00
Joas Schilling 7ea492b69a
Loop over the apps directory and add the task 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-25 14:35:51 +02:00
Joas Schilling dee2c8d23b
Check whether we can json decode the translations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-25 11:01:34 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations 
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-13 12:00:16 +02:00
Morris Jobke 4cf4d2f27e
Favorites integration tests for shared files 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-12 11:44:57 -05:00
Joas Schilling bd37021587
Fix casing of same origin frame option 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-12 12:37:32 +02:00
Vincent Petry d1081e7940
Add integration test for trashbin 
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-04-11 14:59:21 -05:00
Lukas Reschke 4cf61481e5
Clear opcode cache after config change 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-11 18:57:40 +02:00
Lukas Reschke b882f65fbb
Add integration tests 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-11 01:39:54 +02:00
Morris Jobke 4c60360bf7 Merge pull request #4221 from nextcloud/provisioning-api-for-account-info 
Allow to change account info via provisioning api
 2017-04-07 12:48:44 -05:00
Joas Schilling 3d628783d9
Allow to change account info via provisioning api 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-07 12:50:47 +02:00
Morris Jobke b084ceec3d Merge pull request #4224 from nextcloud/dont-list-on-public-calendar-endpoint 
Don't list on public calendar endpoints
 2017-04-05 20:55:39 -05:00
Lukas Reschke 63288ebc50
Don't list on public calendar endpoints 
There is no need to allow listing here.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-04-05 22:43:05 +02:00