Commit Graph

5827 Commits

Author SHA1 Message Date
Vincent Petry 51b0036d8f
Changed labels of chunk TTL to mention chunks 2016-05-24 15:18:56 +02:00
Vincent Petry e7110c7678 Merge pull request #24760 from owncloud/objectstore_multibucket
Objectstore multibucket
2016-05-24 15:15:59 +02:00
Vincent Petry c9b26d065b
Move cache chunk TTL value to FileChunking class
This makes it less generic and only used for actual file chunking
2016-05-24 14:58:27 +02:00
Frederik Kammer 299520b322
Add config value for cache gc ttl 2016-05-24 14:55:26 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Joas Schilling aac990eddf
Add a background job that generates notifications when an update is available 2016-05-24 11:26:51 +02:00
Vincent Petry ee1f4602f3 Merge pull request #24787 from owncloud/fix-update-issue-on-master
Add the background jobs after the table was updated
2016-05-24 10:14:00 +02:00
Vincent Petry 1d1cb79321 Merge pull request #23395 from owncloud/mysql-check-speedup
Speedup schema cloning for MySQL
2016-05-24 10:00:38 +02:00
Christoph Wurst 4128b853e5
login explicitly 2016-05-24 09:48:02 +02:00
Roeland Jago Douma abe338f433
Store user bucket in preferences 2016-05-23 21:57:41 +02:00
Vincent Petry adcf942901 Merge pull request #24750 from owncloud/lenz1111-share_download_range_requests_support
Http Range requests support in downloads
2016-05-23 21:01:26 +02:00
Vincent Petry 5a8af2f0be Merge pull request #24729 from owncloud/try-token-login-first
try token login first
2016-05-23 20:50:57 +02:00
Vincent Petry 4f6670d759 Merge pull request #24658 from owncloud/invalidate-disabled-user-session
invalidate user session if the user was disabled
2016-05-23 20:50:25 +02:00
Vincent Petry 87fa86a69a Merge pull request #24559 from owncloud/2fa
two factor auth
2016-05-23 20:50:03 +02:00
Roeland Jago Douma e03e4921a0
Fix Name 2016-05-23 20:42:08 +02:00
Roeland Jago Douma 5e2316d05d
Allow multibucket in objectstore 2016-05-23 20:42:08 +02:00
Victor Dubiniuk 01aedbe506 Speedup schema cloning for MySQL 2016-05-23 20:52:40 +03:00
Vincent Petry aa56d42fa8 Merge pull request #24777 from owncloud/scanner-dont-propagate
dont needlessly triger the propgator in the scanner
2016-05-23 19:05:20 +02:00
Joas Schilling 78da57466f
Add the background jobs after the table was updated 2016-05-23 17:58:46 +02:00
Vincent Petry 524479fa09 Merge pull request #24699 from owncloud/background-scan-recursion
Only recurse into incomplete folders during background scans
2016-05-23 17:44:02 +02:00
Piotr Filiciak 6577bbe887 Code style and doc fix 2016-05-23 15:17:00 +02:00
Robin Appelman eca57be336 Only recurse into incomplete folders during background scans 2016-05-23 14:40:35 +02:00
Vincent Petry 21df2eb5a1 Merge pull request #24695 from owncloud/background-scan-propagate
Trigger propagation from the background scanner
2016-05-23 14:32:28 +02:00
Vincent Petry 68c5df798c Merge pull request #24765 from owncloud/boolean-installed-config
Make sure we evaluate installed everywhere as a boolean
2016-05-23 14:32:10 +02:00
Vincent Petry 57525a02f8 Merge pull request #24703 from owncloud/personal-settings-auth-tokens
Personal settings auth tokens
2016-05-23 14:17:01 +02:00
Robin Appelman f3979e5459 dont needlessly triger the propgator in the scanner 2016-05-23 13:53:05 +02:00
Vincent Petry bd87f67473 Merge pull request #24349 from owncloud/nfd-storagewrapper
Add wrapper for NFD encoding workaround
2016-05-23 13:45:33 +02:00
Vincent Petry 862d8f43e5 Merge pull request #24766 from owncloud/mmccarn-patch-2
Update imagePath to prefer theme, then app, then core images
2016-05-23 11:46:03 +02:00
Joas Schilling c2cac0940d
Only show message in the UI when the checker is enabled 2016-05-23 11:29:40 +02:00
Christoph Wurst 847bbc51b6
add OCC command to enable/disable 2FA for a user 2016-05-23 11:21:13 +02:00
Christoph Wurst dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Christoph Wurst c20cdc2213
invalidate user session if the user is disabled 2016-05-23 10:32:16 +02:00
mmccarn 1bc5eb111b
Update imagePath to prefer theme, then app, then core images
imagePath updated so that image searches follow this priority:

1) /themes/$theme/apps/$app/img
2) /themes/$theme/$app/img
3) /themes/$theme/core/img
4) $appPath/img
5) /$app/img
6) /core/img

For each folder:
- if the specified file exists, use it.
- otherwise, if $basename.svg does NOT exist, try $basename.png
(This might better be "if filename was an svg, try the png"...)
2016-05-23 10:24:04 +02:00
Joas Schilling 7f1b8f22d4
Make sure that installed is a boolean 2016-05-23 10:09:22 +02:00
Vincent Petry 5ba1add03c Merge pull request #24603 from owncloud/federated_reshare
flat federated re-share
2016-05-23 09:52:13 +02:00
Vincent Petry c78bb2ab34 Merge pull request #24356 from owncloud/scanner-recursion-memory
Free up folder content from memory before recursing in the file scanner
2016-05-23 09:51:52 +02:00
Christoph Wurst 74277c25be
add button to invalidate browser sessions/device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 6495534bcd
add button to add new device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 12431aa399
list user's auth tokens on the personal settings page 2016-05-23 09:11:12 +02:00
Vincent Petry 8646802850 Merge pull request #24696 from owncloud/lock-jobs-while-executing
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel 2016-05-21 01:59:25 +02:00
Joas Schilling 7e3ce83526
Add a method to lock a table 2016-05-21 01:59:03 +02:00
Björn Schießle 7b25839bd5
use share initiator as fall back to access the file
in case of federated re-shares the owner can be a remote user.
Therefore we can't always use to owner to access the local file
2016-05-20 21:15:15 +02:00
Piotr Filiciak 9999e05660
Http Range requests support in downloads
Http range requests support is required for video preview
2016-05-20 18:16:44 +02:00
Vincent Petry 8fbb63d316
Some tweaks for systemtagmanager 2016-05-20 17:56:02 +02:00
Vincent Petry 88740f035d
Act on effective system tag canAssign permission
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.

This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Vincent Petry b5eb3d9e5a
Add system tag assignability check with groups
Whenever a user is not an admin, a tag is visible but not
user-assignable, check whether the user is a member of the allowed
groups.
2016-05-20 17:56:02 +02:00
Vincent Petry 3cd65fe25d
Add systemtag_group table and get/set methods
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Vincent Petry 09b3883d9c
Updated canUser* functions in SystemTagManager to accept objects 2016-05-20 17:56:02 +02:00
Vincent Petry 8343cfb64b
Add interface methods for permission check
Instead of checking for admin perm, use interface method
canUserAssignTag and canUserSeeTag to check for permissions.
Allows for more flexible implementation.
2016-05-20 17:56:02 +02:00
Christoph Wurst 11dc97da43
try token login first 2016-05-20 10:52:39 +02:00
Vincent Petry bac8e13324
Remove unneeded unsets in encoding wrapper 2016-05-20 09:33:59 +02:00
Vincent Petry e8d082208d
Fixes for encoding wrapper
Improved label
Fixed rename/copy/moveFromStorage/copyFromStorage and added tests
Improved findPathToUse algo
2016-05-20 09:33:59 +02:00
Vincent Petry f8b2b95408
Scanner must normalize new children names for cache diff
Since new children from the storage might contain NFD entries, these
must be normalized to NFC to be properly diff'ed with the cache
contents which is always NFC.

This fixes an issue where NFD entries would disappear from the cache
after rescannng for children.
2016-05-20 09:33:59 +02:00
Vincent Petry db4c7fe743
Add encoding wrapper as opt-in mount option
The encoding wrapper is now only applied when the mount option is set,
disabled by default.
2016-05-20 09:33:59 +02:00
Vincent Petry 63bbbf29f4
Add wrapper for NFD encoding workaround 2016-05-20 09:33:59 +02:00
Vincent Petry 65eae43ab1 Merge pull request #24721 from owncloud/public_psr4
Move \OCP to PSR-4
2016-05-19 15:53:03 +02:00
Vincent Petry f42cdec4c4 Merge pull request #24725 from owncloud/ocs-provider-psr4
Move OCS Provider to PSR-4 namespace
2016-05-19 15:36:19 +02:00
Vincent Petry 3b3940df6b Merge pull request #24660 from owncloud/no-token-login-for-disabled-users
don't allow token login for disabled users
2016-05-19 15:32:09 +02:00
Joas Schilling 20f229eed9
Move OCS Provider to PSR-4 namespace 2016-05-19 11:10:32 +02:00
Roeland Jago Douma 893204ef4a
Fix broken exception naming 2016-05-19 10:05:53 +02:00
Christoph Wurst f824f3e5f3
don't allow token login for disabled users 2016-05-18 21:10:37 +02:00
Christoph Wurst 0626578739
add method to query all user auth tokens 2016-05-18 18:25:37 +02:00
Vincent Petry 01f44d83b2 Merge pull request #24691 from owncloud/fixchunkttl
Allow chunk GC mtime tolerance for unfinished part chunks
2016-05-18 18:19:08 +02:00
Robin Appelman e6386652df Trigger propagation from the background scanner 2016-05-18 14:31:43 +02:00
Vincent Petry e0af5263fb
Allow chunk GC mtime tolerance for unfinished part chunks
Whenever part chunks are written, every fwrite in the write loop will
reset the mtime to the current mtime. Only at the end will the touch()
operation set the mtime to now + ttl, in the future.

However the GC code is expecting that every chunk with mtime < now are
old and must be deleted. This causes the GC to sometimes delete part
chunks in which the write loop is slow.

To fix this, a tolerance value is added in the GC code to allow for
more time before a part chunk gets deleted.
2016-05-18 13:39:37 +02:00
Christoph Wurst 98b465a8b9
a single token provider suffices 2016-05-18 09:20:48 +02:00
Robin Appelman de5b7609f9 use mount providers to setup home storages (#24567) 2016-05-17 21:40:55 +02:00
Roeland Douma 5c9103287f Group fixup (#24621)
* Move used OC_Group_xx to \OC\Group

* Add (deprecated) legacy wrapper in legacy, OC_Group_xx

* Replace deprecated use of OC_Group_xx with \OC\Group\xx
2016-05-17 16:06:44 +02:00
Jörn Friedrich Dreyer ca8d2e2f2e Merge pull request #24370 from owncloud/iclientservice-dicontainer
add IClientService to DI container
2016-05-17 09:33:54 +02:00
Jörn Friedrich Dreyer 5e03e9a843 Merge pull request #24083 from owncloud/fix-race-condition
Read only once
2016-05-17 09:03:57 +02:00
Vincent Petry 3db709d568 Merge pull request #24600 from owncloud/http-client-lazy-config
only configure the http client once we start using it
2016-05-13 16:10:24 +02:00
Vincent Petry 6938904b07 Merge pull request #24614 from owncloud/token-validation-log
don't spam the log file with failed token validation entries
2016-05-13 16:09:49 +02:00
Christoph Wurst ed01305e29
don't spam the log file with failed token validation entries 2016-05-13 09:53:50 +02:00
Roeland Jago Douma 05cc0dd478
Move \OC\Template to PSR-4 2016-05-13 08:54:07 +02:00
Roeland Jago Douma eb79b83831
Move functions.php to legacy
This file should really be properly namespaced etc!
2016-05-13 08:54:07 +02:00
Robin Appelman ea0f09a7ed only configure the http client once we start using it 2016-05-12 13:29:45 +02:00
Morris Jobke 9b3eefbf95 Merge pull request #24563 from owncloud/redis-factory
factor out redis configuration into it's own factory
2016-05-12 13:15:12 +02:00
Roeland Douma 9b05f37fad lib/private/ocs to PSR-4 (#24558)
* Move OC_OCS_XX to legacy

* Move \OC\OCS to PSR-4

* OC_OCS_xx to \OC\OCS\xx

* Moved OC_OCS_xx to proper namespace
* OC_OCS_xx is still there for legacy reasons as a wrapper

* No calls to OC_OCS_xx in \OC\OCS\
2016-05-12 09:43:53 +02:00
Lukas Reschke 52add798d4 Do not automatically try to enable index.php-less URLs (#24539)
The current logic for mod_rewrite relies on the fact that people have properly configured ownCloud, basically it reads from the `overwrite.cli.ur
l` entry and then derives the `RewriteBase` from it.

This usually works. However, since the ownCloud packages seem to install themselves at `/owncloud` (because subfolders are cool or so…) _a lot_ of people have just created a new Virtual Host for it or have simply symlinked the path etc.

This means that `overwrite.cli.url` is wrong, which fails hard if it is used as RewriteBase since Apache does not know where it should serve files from. In the end the ownCloud instance will not be accessible anymore and users will be frustrated. Also some shared hosters like 1&1 (because using shared hosters is so awesome… ;-)) have somewhat dubious Apache configurations or use versions of mod_rewrite from the mediveal age. (because updating is money or so…)

Anyhow. This makes this explicitly an opt-in configuration flag. If `htaccess.RewriteBase` is set then it will configure index.php-less URLs, if
admins set that after installation and don't want to wait until the next ownCloud version they can run `occ maintenance:update:htaccess`.

For ownCloud 9.0 we also have to add a repair step to make sure that instances that already have a RewriteBase configured continue to use it by copying it into the config file. That way all existing URLs stay valid. That one is not in this PR since this is unneccessary in master.

Effectively this reduces another risk of breakage when updating from ownCloud 8 to ownCloud 9.

Fixes https://github.com/owncloud/core/issues/24525, https://github.com/owncloud/core/issues/24426 and probably some more.
2016-05-12 09:43:26 +02:00
Jörn Friedrich Dreyer e03f9e8103 allow configuration of memcached options (#23729)
* allow configuration of memcache options

Use production values for memcached as explained in http://apprize.info/php/scaling/15.html

The current implementiation uses ascii based serialization. This PR should reduce traffic to the memcached server.

cc @MorrisJobke @FelixBoehm

* add config sample

* merge config options, throw hint on config error

* fix typo

* fix config sample
2016-05-11 19:38:00 +02:00
Thomas Müller 8729415880 Merge pull request #24531 from owncloud/psr4-loading-for-install-and-commands
Correctly register PSR-4 autoloading before install.php and loading commands
2016-05-11 13:53:16 +02:00
Christoph Wurst 0486d750aa
use the UID for creating the session token, not the login name 2016-05-11 13:36:46 +02:00
Christoph Wurst 69dafd727d
delete the token in case an exception is thrown when decrypting the password 2016-05-11 13:36:46 +02:00
Christoph Wurst af707fba41
use the query builder instead of raw sql statements 2016-05-11 13:36:46 +02:00
Christoph Wurst 46bdf6ea2b
fix PHPDoc and other minor issues 2016-05-11 13:36:46 +02:00
Christoph Wurst a9b500c03b
catch possible SessionNotAvailableExceptions 2016-05-11 13:36:46 +02:00
Christoph Wurst f0f8bdd495
PHPDoc and other minor fixes 2016-05-11 13:36:46 +02:00
Christoph Wurst 699289cd26
pass in $request on OCS api 2016-05-11 13:36:46 +02:00
Christoph Wurst 168ccf90a6
try apache auth too 2016-05-11 13:36:46 +02:00
Christoph Wurst 8cc5f6036f
Fix existing tests 2016-05-11 13:36:46 +02:00
Christoph Wurst 7aa16e1559
fix setup 2016-05-11 13:36:46 +02:00
Christoph Wurst 7e7d5a2ef2
Add fallback to allow user:token basic auth 2016-05-11 13:36:46 +02:00
Christoph Wurst fdc2cd7554
Add token auth for OCS APIs 2016-05-11 13:36:46 +02:00
Christoph Wurst 8d48502187
Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst 53636c73d6
Add controller to generate client tokens 2016-05-11 13:36:46 +02:00
Christoph Wurst 3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst 2fa5e0a24e
invalidate (delete) session token on logout
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Joas Schilling db16dc6644
Correctly register autoloading before install.php and loading commands 2016-05-11 11:18:00 +02:00