Commit Graph

8908 Commits

Author SHA1 Message Date
Robin Appelman f43cfd9275
forward object not found error in swift as dav 404
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-19 11:36:33 +01:00
Morris Jobke db9e1b90f9
Merge pull request #12375 from nextcloud/backport/12284/stable14
[14] Properly search the root of a shared external storage
2018-11-13 15:09:24 +01:00
Morris Jobke ec5c11d284
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 13:59:24 +01:00
Morris Jobke 442680024f
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 13:59:15 +01:00
Roeland Jago Douma b71bc1289b
Properly search the root of a shared external storage
Fixes #1020

When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.

Because if the jail is on the empty string. It matches all paths.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-09 13:21:45 +01:00
Joas Schilling f48f43818e
Fix default types of activity event member variables
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 14:14:01 +01:00
Roeland Jago Douma a46ca94723
Merge pull request #12197 from nextcloud/backport/12188/revert-wait-for-cron
[stable14] Revert "Wait for cron to finish before running upgrade command"
2018-11-02 08:21:05 +01:00
Roeland Jago Douma fd39fba5f7
Merge pull request #12202 from brad2014/stable14
Fix bug #12151: fix list formatting by correcting malformed html
2018-11-02 08:20:31 +01:00
brad2014 98dd7c1075 Fix bug #12151: fix list formatting by correcting malformed html
Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2018-11-01 15:30:03 -07:00
Morris Jobke b292f919c6
Revert "Wait for cron to finish before running upgrade command"
This reverts commit 18e9631810.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-01 22:09:45 +01:00
Morris Jobke aa92a00129
Merge pull request #12184 from nextcloud/add-gss-to-excluded-backends-stable14
[stable14] add global site selector as user back-end which doesn't support password confirmation
2018-11-01 11:00:50 +01:00
Bjoern Schiessle c47d634837
add global site selector as user back-end which doesn't support password confirmation
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-11-01 10:07:12 +01:00
Roeland Jago Douma e3f3212fbc Error out early on an expired token
Fixes #12131

If we hit an expired token there is no need to continue checking. Since
we know it is a token.

We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma f171378837 Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma 71d2d3ca00 Reset bruteforce on token refresh OAuth
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-31 10:54:17 +01:00
Roeland Jago Douma 1ec92c0497
Merge pull request #12040 from nextcloud/backport/12022/stable14
[14] Allow chunked uploads even if your quota is not sufficient
2018-10-30 12:33:13 +01:00
Bjoern Schiessle 6f3328a9cd
skip already decrypted files on decrypt all command
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-25 17:52:51 +02:00
Roeland Jago Douma d91380d138
Allow chunked uploads even if your quota is not sufficient
Fixes #11485

This allows uploads to shared folders.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 13:53:52 +02:00
Roeland Jago Douma 4abae96298
Catch more occurences where ExpiredTokenException can be thrown
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 10:59:07 +02:00
Roeland Jago Douma 49e992c1da
Expired PK tokens should not fall back to legacy tokens
Fixes #11919

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-25 10:59:07 +02:00
Morris Jobke e5814bd948
Merge pull request #11800 from nextcloud/lookupserver-and-global-scale-stable14
[stable14] always query the lookup server in a global scale setup
2018-10-24 14:44:05 +02:00
Roeland Jago Douma d9c080120e
Merge pull request #11976 from nextcloud/bugfix-stable14/9326/make_sure_usermanager_getByEmail_only_returns_IUser
[stable14] filter null values for UserManager::getByEmail
2018-10-23 15:15:23 +02:00
Morris Jobke 9ea758758e
Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-23 10:22:47 +02:00
Georg Ehrke 554c80b403
filter null values for UserManager::getByEmail
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-22 15:51:57 +02:00
Morris Jobke 61fe59795f
Merge pull request #11929 from nextcloud/backport/11870/proper-column-name-escaping
[stable14] Properly escape column name in "createFunction" call
2018-10-19 15:48:41 +02:00
Morris Jobke 2885db8e9b
Merge pull request #11772 from nextcloud/stable14-pretty-urls-dont-work
[14] Allow overwrite.cli.url without trailing slash
2018-10-19 12:16:22 +02:00
Morris Jobke f6cdab6b11
Properly escape column name in "createFunction" call
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-19 12:12:52 +02:00
Daniel Kesselberg 4f983b7565
Backport https://github.com/nextcloud/server/pull/11446
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-10-11 15:14:33 +02:00
Roeland Jago Douma 18c35e6060
Normalize getUnjailedPath
Fixes #11637

If we do not normalize the unjailed path we might end up with a path
like files/user/folder/. which can break on objectstores

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-11 14:49:32 +02:00
Bjoern Schiessle 84e39b522c
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:08:49 +02:00
Bjoern Schiessle 7e608df598
adjust tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:32:09 +02:00
Bjoern Schiessle 52c52f555d
always query the lookup server in a global scale setup and have a nicer label
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 17:48:15 +02:00
Roeland Jago Douma f7e9533d1e
Allow the creationg of previews of files stored in appdata
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 11:49:02 +02:00
Roeland Jago Douma 5e143f1f52
Just update password hash without validating
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 12:09:43 +02:00
Robin Appelman e46092d7f6
only catch QueryException when trying to build class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-10-01 10:44:58 +02:00
Bjoern Schiessle 28d60274ce
add back-end as parameter to the pre-login hook
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-09-25 14:17:10 +02:00
blizzz ea73f30d77
Merge pull request #11302 from nextcloud/backport/11297/this-database-dude
[stable14] Fix expiration code of tokens
2018-09-20 10:52:15 +02:00
blizzz a0f2bd8d28
Merge pull request #11294 from nextcloud/stable14-locale-template-fix
[stable14] Use user locale as default in the template
2018-09-20 10:37:00 +02:00
Joas Schilling 6718bfb83d
Also adjust the expiration of PublicKeyTokenProvider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 10:00:08 +02:00
Joas Schilling 3a179b2519
Copy the expiration from 480864b3e3 to getTokenById
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-09-20 09:59:53 +02:00
John Molakvoæ (skjnldsv) efbd98183d
Fallback to $lang if no $locale match
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:13:22 +02:00
John Molakvoæ (skjnldsv) d69ddd94de
Typehint
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:13:19 +02:00
John Molakvoæ (skjnldsv) 258330d64d
Use user locale as default in the template
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 16:13:06 +02:00
John Molakvoæ (skjnldsv) e2991d55c7
Fix icons cacher regex for compressed output
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-19 15:47:33 +02:00
MartB fbc1f5cd38
replace setcookie value with '' instead of null.
The php documentation states that an empty string should be used for a cookie when it has no real value.
null leads to the following error: expects parameter 2 to be string, null given

Signed-off-by: Martin Böh <mart.b@outlook.de>
2018-09-19 11:47:40 +02:00
Roeland Jago Douma c83ac2472d
Expire tokens hardening
Just to be sure that the field is also not 0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-07 10:02:56 +02:00
Christoph Wurst fb98db7da7
Fix handlng of concurrent inserts of the 2FA provider registry DAO
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-31 11:46:27 +02:00
Roeland Jago Douma 625c81bd11
Merge pull request #10906 from nextcloud/request-params-array
ensure we always return an array from `Request::getParams`
2018-08-30 21:07:49 +02:00
Julius Härtl e8938df198
Move SCSS variable fetching before the variables.scss to properly calculate color values
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-08-29 16:47:39 +02:00
Robin Appelman c0a283fefb
ensure we always return an array from `Request::getParams`
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-28 18:11:42 +02:00