Commit Graph

8920 Commits

Author SHA1 Message Date
Carsten Wiedmann 571e3c155c
Apply patch from @cwiedmann but drop -oi option for pipe
* Add sendmailmode to gui
* Add testcases for pipe mode

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-12-08 17:18:04 +01:00
Julius Härtl 72ab9edb8d
Make sure to always load the latest icons-vars.css file
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-12-07 23:30:28 +01:00
Roeland Jago Douma 2d6cfdce58
Merge pull request #12869 from nextcloud/backport/12857/stable14
[stable14] Emit write update only once on touch
2018-12-06 08:30:31 +01:00
Roeland Jago Douma bdd974db3f Emit write update only once on touch
When a touch is done (i.e. when creating a new file in the node API)
The hooks contain 'write' and 'touch' (and the operation is touch as
well). This would cause a double write update. Which doesn't make sense.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-05 21:56:01 +00:00
Roeland Jago Douma ab31b26b0c Only execute query in propagateChange once
The second execute statement should be inside the if block. Else it gets
executed twice which makes no sense.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-05 20:45:15 +00:00
Roeland Jago Douma ab8f31b24c Do not update child all child shares on group share update
Else we overwrite the whole share for link shares. Basically breaking
them.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-04 21:53:35 +00:00
Morris Jobke 316d79b2ae PHP module is named mbstring
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-04 17:57:19 +00:00
Peter Kraume 6dbfe24777 Set Referrer-Policy also in addSecurityHeaders()
Fix: #12689
Signed-off-by: Peter Kraume <peter.kraume@gmx.de>
2018-11-29 16:48:12 +00:00
Robin Appelman 7ee9781087 Fix folder path containing leading slash when getting mount root by id
This fixes collabora on public link shared groupfolders

Fixes https://github.com/nextcloud/groupfolders/issues/225

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-28 19:07:51 +00:00
Morris Jobke ff59905b12
Merge pull request #12540 from nextcloud/backport/12450/stable14
[stable14] Throw exception if decryption fails
2018-11-22 14:54:02 +01:00
Roeland Jago Douma adf1488e4e Bearer tokens are app token
Fixes #12498

This means that we set that it is a proper app token once it is
validated. This will allow the 2FA middleware to just run the same
check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-20 10:50:21 +00:00
Roeland Jago Douma 40a3937877 Throw exception if decryption fails
For #11868

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-19 21:26:01 +00:00
Robin Appelman f43cfd9275
forward object not found error in swift as dav 404
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-19 11:36:33 +01:00
Morris Jobke db9e1b90f9
Merge pull request #12375 from nextcloud/backport/12284/stable14
[14] Properly search the root of a shared external storage
2018-11-13 15:09:24 +01:00
Morris Jobke ec5c11d284
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 13:59:24 +01:00
Morris Jobke 442680024f
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 13:59:15 +01:00
Roeland Jago Douma b71bc1289b
Properly search the root of a shared external storage
Fixes #1020

When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.

Because if the jail is on the empty string. It matches all paths.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-09 13:21:45 +01:00
Joas Schilling f48f43818e
Fix default types of activity event member variables
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 14:14:01 +01:00
Roeland Jago Douma a46ca94723
Merge pull request #12197 from nextcloud/backport/12188/revert-wait-for-cron
[stable14] Revert "Wait for cron to finish before running upgrade command"
2018-11-02 08:21:05 +01:00
Roeland Jago Douma fd39fba5f7
Merge pull request #12202 from brad2014/stable14
Fix bug #12151: fix list formatting by correcting malformed html
2018-11-02 08:20:31 +01:00
brad2014 98dd7c1075 Fix bug #12151: fix list formatting by correcting malformed html
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2018-11-01 15:30:03 -07:00
Morris Jobke b292f919c6
Revert "Wait for cron to finish before running upgrade command"
This reverts commit 18e9631810.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-01 22:09:45 +01:00
Morris Jobke aa92a00129
Merge pull request #12184 from nextcloud/add-gss-to-excluded-backends-stable14
[stable14] add global site selector as user back-end which doesn't support password confirmation
2018-11-01 11:00:50 +01:00
Bjoern Schiessle c47d634837
add global site selector as user back-end which doesn't support password confirmation
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 10:07:12 +01:00
Roeland Jago Douma e3f3212fbc Error out early on an expired token
Fixes #12131

If we hit an expired token there is no need to continue checking. Since
we know it is a token.

We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma f171378837 Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma 71d2d3ca00 Reset bruteforce on token refresh OAuth
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma 1ec92c0497
Merge pull request #12040 from nextcloud/backport/12022/stable14
[14] Allow chunked uploads even if your quota is not sufficient
2018-10-30 12:33:13 +01:00
Bjoern Schiessle 6f3328a9cd
skip already decrypted files on decrypt all command
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-25 17:52:51 +02:00
Roeland Jago Douma d91380d138
Allow chunked uploads even if your quota is not sufficient
Fixes #11485

This allows uploads to shared folders.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 13:53:52 +02:00
Roeland Jago Douma 4abae96298
Catch more occurences where ExpiredTokenException can be thrown
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 10:59:07 +02:00
Roeland Jago Douma 49e992c1da
Expired PK tokens should not fall back to legacy tokens
Fixes #11919

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 10:59:07 +02:00
Morris Jobke e5814bd948
Merge pull request #11800 from nextcloud/lookupserver-and-global-scale-stable14
[stable14] always query the lookup server in a global scale setup
2018-10-24 14:44:05 +02:00
Roeland Jago Douma d9c080120e
Merge pull request #11976 from nextcloud/bugfix-stable14/9326/make_sure_usermanager_getByEmail_only_returns_IUser
[stable14] filter null values for UserManager::getByEmail
2018-10-23 15:15:23 +02:00
Morris Jobke 9ea758758e
Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-23 10:22:47 +02:00
Georg Ehrke 554c80b403
filter null values for UserManager::getByEmail
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-22 15:51:57 +02:00
Morris Jobke 61fe59795f
Merge pull request #11929 from nextcloud/backport/11870/proper-column-name-escaping
[stable14] Properly escape column name in "createFunction" call
2018-10-19 15:48:41 +02:00
Morris Jobke 2885db8e9b
Merge pull request #11772 from nextcloud/stable14-pretty-urls-dont-work
[14] Allow overwrite.cli.url without trailing slash
2018-10-19 12:16:22 +02:00
Morris Jobke f6cdab6b11
Properly escape column name in "createFunction" call
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-19 12:12:52 +02:00
Daniel Kesselberg 4f983b7565
Backport https://github.com/nextcloud/server/pull/11446
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-11 15:14:33 +02:00
Roeland Jago Douma 18c35e6060
Normalize getUnjailedPath
Fixes #11637

If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:49:32 +02:00
Bjoern Schiessle 84e39b522c
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:08:49 +02:00
Bjoern Schiessle 7e608df598
adjust tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:32:09 +02:00
Bjoern Schiessle 52c52f555d
always query the lookup server in a global scale setup and have a nicer label
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 17:48:15 +02:00
Roeland Jago Douma f7e9533d1e
Allow the creationg of previews of files stored in appdata
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 11:49:02 +02:00
Roeland Jago Douma 5e143f1f52
Just update password hash without validating
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 12:09:43 +02:00
Robin Appelman e46092d7f6
only catch QueryException when trying to build class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-01 10:44:58 +02:00
Bjoern Schiessle 28d60274ce
add back-end as parameter to the pre-login hook
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 14:17:10 +02:00
blizzz ea73f30d77
Merge pull request #11302 from nextcloud/backport/11297/this-database-dude
[stable14] Fix expiration code of tokens
2018-09-20 10:52:15 +02:00
blizzz a0f2bd8d28
Merge pull request #11294 from nextcloud/stable14-locale-template-fix
[stable14] Use user locale as default in the template
2018-09-20 10:37:00 +02:00