72d97b44a7
Expose Swift Mailer streaming options in config, fixes #12702
...
Signed-off-by: Branko Kokanovic <branko@kokanovic.org>
2018-11-30 22:36:03 +01:00
331f3b2652
Merge pull request #12691 from nextcloud/storage-no-encryption-interface
...
Add interface to allow storages from opting out of encryption
2018-11-29 22:02:23 +01:00
8abde7702a
Merge pull request #12690 from peterkraume/bug-12689
...
Set Referrer-Policy also in addSecurityHeaders()
2018-11-29 17:46:53 +01:00
2c1f6331a4
Add interface to allow storages from opting out of encryption
...
As opposed to hard-coding a list of excluded storages
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-29 16:31:34 +01:00
92675a606e
Add sendmailmode to gui
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-29 16:02:36 +01:00
446d96f3eb
Apply patch from @cwiedmann but drop -oi option for pipe
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-29 16:02:35 +01:00
9d9f6903c9
Fix folder path containing leading slash when getting mount root by id
...
This fixes collabora on public link shared groupfolders
Fixes https://github.com/nextcloud/groupfolders/issues/225
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-28 15:18:29 +01:00
79b8703f29
Set Referrer-Policy also in addSecurityHeaders()
...
Fix : #12689
Signed-off-by: Peter Kraume <peter.kraume@gmx.de>
2018-11-27 16:39:06 +01:00
695e60228d
Validate all rich objects not only the used ones
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-23 12:39:02 +01:00
b8fcf6e9b3
Allow empty strings in getAbsoluteURL
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-20 13:36:16 +01:00
53418f2795
Merge pull request #12543 from nextcloud/fix/12498/bearer_tokens_are_apptokens
...
Bearer tokens are app token
2018-11-20 11:49:33 +01:00
cc6c30e769
Merge pull request #12494 from nextcloud/cache-notfound-id
...
return the correct value when trying to get a non existing item from cache by id
2018-11-20 09:51:18 +01:00
8e65f08617
Merge pull request #12500 from nextcloud/swift-object-not-found
...
forward object not found error in swift as dav 404
2018-11-20 09:49:57 +01:00
c2beb36bfc
Bearer tokens are app token
...
Fixes #12498
This means that we set that it is a proper app token once it is
validated. This will allow the 2FA middleware to just run the same
check.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-20 09:23:57 +01:00
cef8eadf2a
Add PHPDoc for thrown exception
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-19 15:34:07 +01:00
35251928d5
forward object not found error in switch as dav 404
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-19 11:34:38 +01:00
b9f2ce2796
Fix loading of .woff2 files in .htaccess
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-18 11:02:20 +01:00
5d5cfefd35
return the correct value when trying to get a non existing item from cache by id
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-16 17:26:42 +01:00
1b85ef4bf2
Fix string doc type casing
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-11-15 11:57:05 +01:00
1783fa7176
Merge pull request #12455 from nextcloud/twofactor-backup-settings
...
Don't register twofactor_backup settings as "regular" settings
2018-11-14 19:35:13 +01:00
2482e8ee34
Log invalid settings class
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-14 18:04:52 +01:00
be5c050acc
Throw exception if decryption fails
...
For #11868
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-14 12:47:35 +01:00
e1a49a223b
Fix SetVcardDatabaseUID when using postgresql
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-13 14:26:33 +01:00
0c9e411f76
Merge pull request #12418 from nextcloud/bugfix/noid/do-not-show-integrity-warning-always
...
Remove outdated integrity warning on each page
2018-11-12 22:44:55 +01:00
3996210307
Merge pull request #12419 from nextcloud/bugfix/noid/group-creation-replace-insertIfNotExist
...
Fix UniqueConstraintViolationException while insert into oc_groups
2018-11-12 21:14:38 +01:00
f6fed4d54b
Merge pull request #12420 from nextcloud/bugfix/noid/icons-cacher-not-found
...
Ignore icons if the file could not be found
2018-11-12 21:13:19 +01:00
fd8eeccb15
Merge pull request #11942 from nextcloud/techdebt/noid/use-count-function
...
Use the defined func()->count() instead of manual counting
2018-11-12 17:43:56 +01:00
84fd81e33f
Fix UniqueConstraintViolationException while insert into oc_groups
...
* fixes race condition in insert
* fixes potentiaol deadlock
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 17:36:35 +01:00
4acd053e4d
Do not fail if the icon file doesn't exists
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 17:31:54 +01:00
9e1ec0cf46
Merge pull request #12413 from nextcloud/bugfix/9305/oc_file_locks-unique-constraint
...
Fix UniqueConstraintViolationException while insert into oc_file_locks
2018-11-12 17:27:09 +01:00
761ba1801b
Remove outdated integrity warning on each page
...
* integrity warning is shown during update and in the admin setup checks
* there is also the plan to retire this old way of notification
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 16:54:38 +01:00
f7e3cf2085
Fix UniqueConstraintViolationException while insert into oc_file_locks
...
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 15:13:10 +01:00
93c62d78db
Fix UniqueConstraintViolationException while insert into oc_filecache
...
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-12 14:43:28 +01:00
859dd1e742
Merge pull request #12371 from nextcloud/bugfix/12369/catch-unique-constraint-violation-exception-in-insertIfNotExist
...
Catch UniqueConstraintViolationException inside insertIfNotExist
2018-11-12 13:41:00 +01:00
26b160cc43
Make sure to always load the latest icons-vars.css file
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-11-12 11:00:56 +01:00
5273639d0e
Add deprecation message ofr insertIfNotExist
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 12:13:30 +01:00
230e93f575
Catch UniqueConstraintViolationException inside insertIfNotExist
...
This is the most common case for the usage of this method.
See also https://github.com/nextcloud/server/issues/12369 and the linked tickets.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-09 10:38:20 +01:00
bb352fb667
Use the defined func()->count() instead of manual counting
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 15:44:45 +01:00
25fe324f41
Merge pull request #12313 from nextcloud/generated-avatar-major-cleanup
...
Clear avatar cache with frontend repair
2018-11-08 10:28:09 +01:00
a9eef37456
Clear avatar cache with frontend repair
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-08 08:31:21 +01:00
10ba0bed8a
Match mentions when the username is wrapped in quotes
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-07 12:33:44 +01:00
add35c7f31
Merge pull request #12284 from nextcloud/fix/1020/search_shared_external
...
Properly search the root of a shared external storage
2018-11-06 18:16:12 +01:00
411d2dece5
Merge pull request #11786 from nextcloud/feature/password_confirmation_backend
...
Expose password confirmation capabilities in the user backend
2018-11-06 00:44:18 +01:00
0277cd7158
Properly search the root of a shared external storage
...
Fixes #1020
When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.
Because if the jail is on the empty string. It matches all paths.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-05 16:27:43 +01:00
cba3883410
Merge pull request #12185 from nextcloud/cleanup/dicontainer
...
Cleanup the DIContainer
2018-11-05 12:16:36 +01:00
72b7c9ffa0
Merge pull request #12105 from nextcloud/using-resharing-right-to-display-shares
...
Shares are displayed to users with resharing rights
2018-11-04 21:08:11 +01:00
9d89f8bbac
Merge pull request #12071 from nextcloud/addressbook-uid-check-migration
...
Addressbook uid check migration
2018-11-02 19:37:48 +01:00
2452a3ec73
Properly query the methodreflector
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
0e5147f001
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
bfb5ef4b29
The identityproof manager should be in Server
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
8f833a309a
No need to register it also in the DI Container
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
fbd0d0bdcf
The Encryption manager belongs in Server.php
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
9c28d2d7c4
SearchResult should be difined in Server as it is a core component
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
964ebed86c
The UserSession is constructed in the server
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
b2501dbf9a
TimeFactory is already regsitsered in the Server Container
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:37 +01:00
61adb513fe
Request is already regsitered in the Server container
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:36 +01:00
421a40e7db
Was already registered in Server
...
The DIContainaer will query server anyways if it can't find it
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 19:20:35 +01:00
4ba709bb71
Merge pull request #11404 from flokli/sendmail-path
...
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
2018-11-02 16:17:02 +01:00
30a1237f81
Merge pull request #11875 from nextcloud/add-support-for-sending-the-password-for-a-link-share-by-nextcloud-talk
...
Add support for sending the password for a link share by Nextcloud Talk
2018-11-02 14:54:46 +01:00
337cd25187
Merge pull request #12200 from nextcloud/tech-debt/noid/cleanup-legacy-sharing
...
Cleanup some unused sharing methods from the old sharing code
2018-11-02 14:03:51 +01:00
054056a8df
Fallback to default path is sendmail can't be found
...
If the sendmail binary can't be found at all we fallback to the default
path.
It most likely is not there but then at least a proper error message
pops up.
Updated the tests to also properly pass.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 14:03:11 +01:00
7078a0e53e
Mailer: discover sendmail path instead of hardcoding it to /usr/sbin/sendmail
...
`sendmail` can very well be in a path different from
`/usr/sbin/sendmail`.
We already search `$PATH` at `lib/private/Settings/Admin/Mail.php` to
detect whether we want to offer sendmail as a mail transfer method, so
let's be consistent and actually initialize `\Swift_SendmailTransport`
with this path to sendmail, instead of just hardcoding
`/usr/sbin/sendmail`.
Signed-off-by: Florian Klink <flokli@flokli.de>
2018-11-02 13:57:43 +01:00
60bcae55a9
Expose the info to the JS
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
603b672a11
Update password confirmation middleware
...
If the userbackend doesn't allow validating the password for a given uid
then there is no need to perform this check.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
1fd640b40b
Expose the backend of IUser
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 13:44:45 +01:00
77b95ccd12
revert tests
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:10:49 +01:00
68c44bb642
shares are displayed to users with resharing rights
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-02 12:09:26 +01:00
248d95339d
Cleanup some unused sharing methods from the old sharing code
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-02 10:49:42 +01:00
2cae91904c
Merge pull request #12194 from nextcloud/fix-path-as-dashboard-is-already-imported
...
fix path to DashboardManager, as the class is already imported (minor)
2018-11-02 08:22:05 +01:00
fe8a67f517
Store "sendPasswordByTalk" property of link shares in the database
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-11-02 01:57:48 +01:00
f28691c26e
Merge pull request #11844 from nextcloud/multiple-link-shares
...
allow to create multiple link shares via share api
2018-11-01 22:36:09 +01:00
35e3d40e80
Merge pull request #12188 from nextcloud/revert/9900/revert-wait-for-cron
...
Revert "Wait for cron to finish before running upgrade command"
2018-11-01 21:52:20 +01:00
1e2d19ae0d
fix path
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-11-01 19:14:58 +01:00
35a7ea869e
Merge pull request #12152 from brad2014/bugfix/12151/fix-emailtemplate-list-formatting
...
Fix issue #12151 : fix list formatting by correcting malformed html
2018-11-01 16:30:22 +01:00
f5a1f4bc1b
Revert "Wait for cron to finish before running upgrade command"
...
This reverts commit 18e9631810
2018-11-01 15:23:40 +01:00
d89edb28c4
move migration
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:02:50 +01:00
06b3ade9ee
Tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:49 +01:00
56ad1fccc0
Repair registration and autoload bump
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 15:00:47 +01:00
938c63e3a2
Repair Step
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-11-01 14:59:22 +01:00
5e90711600
allow to update lables for public link shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:18:55 +01:00
f377a61f90
allow to add labels to shares
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 02:15:07 +01:00
9b3cc72f7c
fix writeStream for jail wrapper
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:57 +01:00
c6a48110bf
allways fall back to fopen for encryption wrapper
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:51 +01:00
93de63777e
extend storage api to allow directly writing a stream to storage
...
this removes the need for temporary storages with some external storage backends.
The new method is added to a separate interface to maintain compatibility with
storage backends implementing the storage interface directly (without inheriting common)
Currently the interface is implemented for objectstorage based storages and local storage
and used by webdav uploads
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-31 21:10:44 +01:00
3ee7597be0
Merge pull request #12166 from nextcloud/feature/limit_preview_sizes
...
Only generate previews in powers of 4 and set min
2018-10-31 20:25:53 +01:00
feeb62a496
wrong method called
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-31 19:43:18 +01:00
ce10f8b8c4
Only generate previews in powers of 4 and set min
...
Before we'd round up all preview request to their nearest power of two.
This resulted still in a lot of possible images. Generating a lot of
server load and taking up a lot of space.
This moves it to previews to be powers of 4: 64, 256, 1024 and 4096
Also the first two powers are always skipped (4, 16) as it doesn't make
sense to generate previews for that.
We cache preview pretty agressively and I feel this is a better
tradeoff.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 19:34:42 +01:00
3442ffeb54
Fix bug #12151 : fix list formatting by correcting malformed html
...
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2018-10-30 15:28:55 -07:00
a51c8377d4
Merge pull request #12140 from nextcloud/fix/expired_token_throttler
...
Expired tokens should not trigger bruteforce protection
2018-10-30 20:17:03 +01:00
ddd39f9dc3
Merge pull request #12056 from nextcloud/interfaces-fulltextsearch-2
...
Public interfaces FullTextSearch
2018-10-30 19:53:01 +01:00
2223d19997
Error out early on an expired token
...
Fixes #12131
If we hit an expired token there is no need to continue checking. Since
we know it is a token.
We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
674930da7f
Move ExpiredTokenException to the correct namespace
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
41ff001b77
Merge pull request #11899 from nextcloud/enhancement/noid/sharing-consolidation
...
Sharing user consolidation
2018-10-30 19:27:05 +01:00
750196aa7f
public interfaces FullTextSearch
...
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
-@return mixed
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Merge remote-tracking branch 'origin/interfaces-fulltextsearch-2' into interfaces-fulltextsearch-2
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-30 18:24:15 +01:00
abbb946bbb
Propegate hide download state in share provider
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
bc960bae02
Extend IShare to show hide download state
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
c1698948b8
Merge pull request #12130 from nextcloud/fix/reset_bruteforce_oauth
...
Reset bruteforce on token refresh OAuth
2018-10-30 14:26:50 +01:00
5a73a9b9de
Fix injection to get the user id
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-10-30 11:41:56 +01:00
75456b057d
Reset bruteforce on token refresh OAuth
...
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.
This resets the brute force attempts for that UID on a valid refresh of
the token.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 11:21:27 +01:00
dccfe4bf84
Merge pull request #12036 from olivermg/master
...
Add capability of specifying "trusted_proxies" entries in CIDR notation (IPv4)
2018-10-30 10:49:08 +01:00
Branko Kokanovic
Morris Jobke
Robin Appelman
Daniel Kesselberg
Carsten Wiedmann
Peter Kraume
Joas Schilling
Roeland Jago Douma
Julius Härtl
Christoph Wurst
Roeland Jago Douma
John Molakvoæ (skjnldsv)
Florian Klink
Maxence Lange
Daniel Calviño Sánchez
Bjoern Schiessle
brad2014