Commit Graph

11824 Commits

Author SHA1 Message Date
Roeland Douma d5506b605f Move \OCP\Encryption to PSR-4 (#24680) 2016-05-17 23:08:43 +02:00
Robin Appelman de5b7609f9 use mount providers to setup home storages (#24567) 2016-05-17 21:40:55 +02:00
Roeland Douma 7dbdf2f7e0 \OCP\DB to PSR-4 (#24650)
* Move \OCP\DB to PSR-4

* Fix PHP doc
2016-05-17 17:38:25 +02:00
Vincent Petry 379be91618 Merge pull request #24597 from owncloud/run-upgrade-in-incognito-mode
run upgrades in incognito mode
2016-05-17 16:14:11 +02:00
Roeland Douma 5c9103287f Group fixup (#24621)
* Move used OC_Group_xx to \OC\Group

* Add (deprecated) legacy wrapper in legacy, OC_Group_xx

* Replace deprecated use of OC_Group_xx with \OC\Group\xx
2016-05-17 16:06:44 +02:00
Roeland Douma 90a290afd8 Move \OCP\Diagnostics to PSR-4 (#24667) 2016-05-17 15:53:49 +02:00
Roeland Douma 499f0e487d Move \OCP\Authentication to PSR-4 (#24632) 2016-05-17 10:29:23 +02:00
Roeland Douma cbff3e0de7 Move \OCP\Console to PSR-4 (#24636) 2016-05-17 10:28:58 +02:00
Roeland Douma 15fdd36617 Move \OCP\Contacts to PSR-4 (#24645) 2016-05-17 10:22:21 +02:00
Jörn Friedrich Dreyer ca8d2e2f2e Merge pull request #24370 from owncloud/iclientservice-dicontainer
add IClientService to DI container
2016-05-17 09:33:54 +02:00
Jörn Friedrich Dreyer 5e03e9a843 Merge pull request #24083 from owncloud/fix-race-condition
Read only once
2016-05-17 09:03:57 +02:00
Jenkins for ownCloud c24a685ab5 [tx-robot] updated from transifex 2016-05-17 01:54:56 -04:00
Jenkins for ownCloud bafa02d312 [tx-robot] updated from transifex 2016-05-16 01:54:58 -04:00
Jenkins for ownCloud 7c28f62e20 [tx-robot] updated from transifex 2016-05-15 01:55:34 -04:00
Vincent Petry e383a9506d Merge pull request #24617 from owncloud/autoloader_no_private
our autoloader should not load classes in \OC
2016-05-13 17:30:10 +02:00
Vincent Petry 3db709d568 Merge pull request #24600 from owncloud/http-client-lazy-config
only configure the http client once we start using it
2016-05-13 16:10:24 +02:00
Vincent Petry 6938904b07 Merge pull request #24614 from owncloud/token-validation-log
don't spam the log file with failed token validation entries
2016-05-13 16:09:49 +02:00
Roeland Jago Douma a037c10c88
All \OC\ classes are handled by the composer autoloader 2016-05-13 11:11:01 +02:00
Roeland Jago Douma 5a5a5b2032
OC_xx all live in the legacy folder 2016-05-13 11:10:21 +02:00
Christoph Wurst ed01305e29
don't spam the log file with failed token validation entries 2016-05-13 09:53:50 +02:00
Roeland Jago Douma 05cc0dd478
Move \OC\Template to PSR-4 2016-05-13 08:54:07 +02:00
Roeland Jago Douma eb79b83831
Move functions.php to legacy
This file should really be properly namespaced etc!
2016-05-13 08:54:07 +02:00
Jenkins for ownCloud cba4875e4d [tx-robot] updated from transifex 2016-05-13 02:08:45 -04:00
Robin Appelman ea0f09a7ed only configure the http client once we start using it 2016-05-12 13:29:45 +02:00
Morris Jobke 9b3eefbf95 Merge pull request #24563 from owncloud/redis-factory
factor out redis configuration into it's own factory
2016-05-12 13:15:12 +02:00
Christoph Wurst 8b6bb0a426 Log user out correctly if max session lifetime is reached (#24552) 2016-05-12 12:09:13 +02:00
Christoph Wurst 3a1882b143
run upgrades in incognito mode 2016-05-12 11:56:58 +02:00
Roeland Douma 56f4c4bed9 Move \OCP\Comments to PSR-4 (#24565) 2016-05-12 09:48:11 +02:00
Roeland Douma 9b05f37fad lib/private/ocs to PSR-4 (#24558)
* Move OC_OCS_XX to legacy

* Move \OC\OCS to PSR-4

* OC_OCS_xx to \OC\OCS\xx

* Moved OC_OCS_xx to proper namespace
* OC_OCS_xx is still there for legacy reasons as a wrapper

* No calls to OC_OCS_xx in \OC\OCS\
2016-05-12 09:43:53 +02:00
Lukas Reschke 52add798d4 Do not automatically try to enable index.php-less URLs (#24539)
The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur
l` entry and then derives the `RewriteBase` from it.

This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc.

This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…)

Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if
admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`.

For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master.

Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9.

Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.
2016-05-12 09:43:26 +02:00
Jenkins for ownCloud c5ae14453a [tx-robot] updated from transifex 2016-05-12 02:08:58 -04:00
Jörn Friedrich Dreyer e03f9e8103 allow configuration of memcached options (#23729)
* allow configuration of memcache options

Use production values for memcached as explained in http://apprize.info/php/scaling/15.html

The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server.

cc @MorrisJobke @FelixBoehm

* add config sample

* merge config options, throw hint on config error

* fix typo

* fix config sample
2016-05-11 19:38:00 +02:00
Thomas Müller 8729415880 Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands
Correctly register PSR-4 autoloading before install.php and loading commands
2016-05-11 13:53:16 +02:00
Christoph Wurst 0486d750aa
use the UID for creating the session token, not the login name 2016-05-11 13:36:46 +02:00
Christoph Wurst 69dafd727d
delete the token in case an exception is thrown when decrypting the password 2016-05-11 13:36:46 +02:00
Christoph Wurst af707fba41
use the query builder instead of raw sql statements 2016-05-11 13:36:46 +02:00
Christoph Wurst 46bdf6ea2b
fix PHPDoc and other minor issues 2016-05-11 13:36:46 +02:00
Christoph Wurst a9b500c03b
catch possible SessionNotAvailableExceptions 2016-05-11 13:36:46 +02:00
Christoph Wurst f0f8bdd495
PHPDoc and other minor fixes 2016-05-11 13:36:46 +02:00
Christoph Wurst 699289cd26
pass in $request on OCS api 2016-05-11 13:36:46 +02:00
Christoph Wurst 168ccf90a6
try apache auth too 2016-05-11 13:36:46 +02:00
Christoph Wurst 8cc5f6036f
Fix existing tests 2016-05-11 13:36:46 +02:00
Christoph Wurst 7aa16e1559
fix setup 2016-05-11 13:36:46 +02:00
Christoph Wurst 7e7d5a2ef2
Add fallback to allow user:token basic auth 2016-05-11 13:36:46 +02:00
Christoph Wurst fdc2cd7554
Add token auth for OCS APIs 2016-05-11 13:36:46 +02:00
Christoph Wurst 8d48502187
Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst 53636c73d6
Add controller to generate client tokens 2016-05-11 13:36:46 +02:00
Christoph Wurst 3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst 2fa5e0a24e
invalidate (delete) session token on logout
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00