Commit Graph

238 Commits

Author SHA1 Message Date
Thomas Müller 473cd97a45 Merge pull request #22592 from owncloud/fix-response-header
Add header for attachment disposition only once
2016-02-24 12:15:32 +01:00
Morris Jobke 403f11633c Drop unneeded use statements 2016-02-23 14:53:12 +01:00
Lukas Reschke fc2c5fe414 Add header for attachment disposition only once
Recent refactorings have resulted in the header being added twice, this makes browsers ignore the header which removes any security gains.

This changeset adds the header only once and adds integration tests ensuring the correct header in future.

https://github.com/owncloud/core/issues/22577
2016-02-23 12:23:41 +01:00
Thomas Müller 4dfdb2720c Case insensitive search in contacts - fixes #22575 2016-02-22 19:47:10 +01:00
Joas Schilling a0d0edc754 Make non-public-method protected 2016-02-22 15:26:59 +01:00
Thomas Müller f3b13c7656 Merge pull request #22536 from owncloud/add-integration-tests-for-tags
Add integration tests for tags plus fix permissions
2016-02-22 14:14:51 +01:00
Pierre Jochem 1a8a667863 Solution for Proposal #19974
Show username when writing into owncloud.log
2016-02-22 10:02:45 +01:00
Lukas Reschke 3bd95cca6b Check if user has permission to create such a tag
Fixes https://github.com/owncloud/core/issues/22512
2016-02-19 20:45:20 +01:00
Thomas Müller 5b3a79a28b Merge pull request #22509 from owncloud/add-filesplugin-to-new-webdav-endpoint
Add FilesPlugin
2016-02-19 14:44:02 +01:00
Thomas Müller 66f0ba837f Merge pull request #22348 from owncloud/issue-21812-calendar-old-caldav-url
Fix old calendar dav urls
2016-02-19 13:33:16 +01:00
Thomas Müller e987d8cd47 Add FilesPlugin - fixes #22507 2016-02-19 12:37:24 +01:00
Thomas Müller 1106c354ac Merge pull request #22515 from owncloud/webdav_checksum_only_for_files
Only add checksum headers for 'real' files
2016-02-19 12:36:56 +01:00
Joas Schilling b216be8cca Add correct principals for the current user before ACL check 2016-02-19 12:35:33 +01:00
Joas Schilling 4e2f9ce05b Convert the old principal to the new principal before getting calendars 2016-02-19 12:35:33 +01:00
Thomas Müller ffc2950393 Merge pull request #22198 from owncloud/birthday-calendar
Sync a users contacts birthday to the users birthday calendar
2016-02-19 12:33:19 +01:00
Roeland Jago Douma 751d3df469 Only add checksum headers for files
We can only add the checksum header for real ownCloud files (so we have
a fileinfo object etc).
2016-02-19 10:56:43 +01:00
Thomas Müller f6e61a296f Merge pull request #22424 from owncloud/add-generic-csrf-protection-to-webdav
Require CSRF token for non WebDAV authenticated requests
2016-02-19 09:13:00 +01:00
Thomas Müller d8de7d1e73 Adding cli command to sync birthday calendar 2016-02-18 14:49:45 +01:00
Thomas Müller 981c73000c Prevent deletion of birthday calendar 2016-02-18 11:49:16 +01:00
Thomas Müller c9187cc820 Sync a users contacts birthday to the users birthday calendar 2016-02-18 11:48:34 +01:00
Lukas Reschke 9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Vincent Petry 53eff9792f Check the quota on the actual file's storage in dav quota plugin
Fix quota plugin to use the correct file name when chunking

When chunking, the file name is the compound name, so need to convert it
to the correct final file name before doing the free space check.
This ensures that in the case of shared files, the correct storage is
used for the quota check.
2016-02-17 11:52:49 +01:00
Thomas Müller 1cb3583a9a Merge pull request #22398 from owncloud/fix-card-properties
Queries on the cards table by uri require the addressbook as well
2016-02-16 10:19:51 +01:00
Thomas Müller f850871415 Merge pull request #22385 from owncloud/issue-22384-invalid-content-location-on-commenting
Posting a comment replies with invalid location URL
2016-02-16 08:30:11 +01:00
Thomas Müller 722809c2bd On login we create a default calendar and a default addressbook for the user - fixes #22360 2016-02-15 14:41:54 +01:00
Thomas Müller df7280a3c7 Queries on the cards table by uri require the addressbook as well - fixes #22284 2016-02-15 14:29:24 +01:00
Joas Schilling cb836158f0 Deduplicate slashes 2016-02-15 10:54:56 +01:00
Thomas Müller 248c571c56 Merge pull request #22331 from owncloud/dav-nonexisting-part
fix getNodeForPath for non existing part files
2016-02-13 18:24:00 +01:00
Thomas Müller b3323a51c9 Merge pull request #22294 from owncloud/carddav-report-list-groups-2
Adding a custom webdav property which holds the list of contacts groups
2016-02-12 13:22:05 +01:00
Robin Appelman c3e4ced64a fix getNodeForPath for non existing part files 2016-02-11 17:22:40 +01:00
Thomas Müller 26939a2873 Merge pull request #22290 from owncloud/dav-upload-scan-in-lock
scan the file in the write lock when uploading over dav
2016-02-11 14:02:08 +01:00
Thomas Müller c919b41395 Adding a custom webdav property which holds the list of contacts groups 2016-02-10 17:06:13 +01:00
Robin Appelman bef70e9448 also fix lock order for chunked dav uploads 2016-02-10 16:31:32 +01:00
Robin Appelman 65554ec333 scan the file in the write lock when uploading over dav 2016-02-10 16:21:13 +01:00
Thomas Müller 159a0eb597 Merge pull request #20073 from owncloud/files-should-add-download-disposition
Serve files with an attachment disposition for new DAV endpoint
2016-02-10 14:35:50 +01:00
Thomas Müller c1d21cf873 Merge pull request #22263 from owncloud/fix-group-principals
Fix group principal
2016-02-10 14:22:18 +01:00
Thomas Müller 2e94d34dfd Fix group principal 2016-02-10 10:43:32 +01:00
C. Montero Luque f64dbc67c6 Merge pull request #20928 from owncloud/publicdav-check-permissions
Check that the owner of a link share still has share permissions on access
2016-02-09 22:01:08 +01:00
Thomas Müller 2982017682 Merge pull request #22228 from owncloud/comments-limit-message
Limit comment message to 1k chars
2016-02-09 16:35:23 +01:00
Thomas Müller 4659bf9b4a Merge pull request #22234 from owncloud/systemtags-filter-intersect-empty
Fix system tag filter AND condition
2016-02-09 15:34:06 +01:00
Robin Appelman fd9166488b Check that the owner of a link share still has share permissions on access 2016-02-09 15:02:34 +01:00
Arthur Schiwon bbc86e0756 on DAV throw Bad Request if provided message is too long 2016-02-09 13:59:13 +01:00
Joas Schilling e8d9c288bc Stop when a mid result is empty 2016-02-09 12:07:30 +01:00
Vincent Petry 3028684d89 Fix system tag filter AND condition
If one of the results is empty, no need to do array_intersect and return
an empty result directly.
2016-02-09 11:39:22 +01:00
Thomas Müller bf3a843e89 Migration of calendars 2016-02-09 11:20:31 +01:00
Thomas Müller 98497aa423 Merge pull request #22199 from owncloud/multiple_checksums
Make checksum propfind future proof
2016-02-09 09:10:32 +01:00
Vincent Petry 2f1a60a64d Add REPORT on files endpoint for filtering
For now only supports filtering by system tags
2016-02-08 21:04:53 +01:00
Thomas Müller 703f3551dc Only set the header if the node exists and in case the request is a GET 2016-02-08 17:49:25 +01:00
Lukas Reschke 2cad9d2b8c Serve files with an attachment disposition for new DAV endpoint
This adds a `Content-Disposition: attachment` header to all files served via the DAV endpoint.
2016-02-08 17:08:34 +01:00
Thomas Müller 33eed35ae4 Merge pull request #21817 from owncloud/support-old-carddav-endpoint
Adding pre oc 9.0 CardDAV endpoint for migration of old clients
2016-02-08 15:46:38 +01:00