Commit Graph

173 Commits

Author SHA1 Message Date
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Robin Appelman 29eeeb2273 Save the files external mount id in the mount cache table 2016-07-13 16:34:08 +02:00
Christoph Wurst 0c0a216f42
store last check timestamp in token instead of session 2016-06-17 15:42:28 +02:00
Christoph Wurst c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Vincent Petry 8646802850 Merge pull request #24696 from owncloud/lock-jobs-while-executing
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel 2016-05-21 01:59:25 +02:00
Vincent Petry 3cd65fe25d
Add systemtag_group table and get/set methods
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Christoph Wurst c28e462583
Use CLOB for auth token names to allow long user agent strings 2016-05-12 11:19:17 +02:00
Christoph Wurst aa85edd224
increase token column width
add some range to time() assertions
2016-05-11 13:36:46 +02:00
Christoph Wurst 8d48502187
Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst 3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst 2fa5e0a24e
invalidate (delete) session token on logout
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Arthur Schiwon b3ac81f134 exchange user_id_key for a unique one. 2016-02-26 01:02:22 +01:00
Arthur Schiwon 9250704ecb add index definitions for comments tables 2016-02-24 21:48:12 +01:00
Joas Schilling 24c7f38a00 Make sure we can store strings as per the interface 2016-02-22 15:43:20 +01:00
Roeland Jago Douma 2035a179bc Add store/retrieve checksums
* Add extra db column to filecache
* Bump version
* Update filecache code to actually handle checksum
* Webdav code to store/retrieve checksums
2016-02-03 09:03:51 +01:00
Arthur Schiwon 01cdc70f9c introduce comments read marke tables, comes with user cleanup after deletion 2016-01-29 13:08:02 +01:00
Thomas Müller 9b4c9a0357 Merge pull request #18531 from owncloud/ext-user-credentials
External storage 'Login credentials' auth mechanism
2016-01-22 13:14:14 +01:00
Robin Appelman cf6ee1c866 cache mountpoints in the db 2016-01-20 16:30:22 +01:00
Robin McCorkell da4127d23b Introduce CredentialsManager for storage of credentials in DB
CredentialsManager performs a simple role, of storing and retrieving
encrypted credentials from the database. Credentials are stored by user
ID (which may be null) and credentials identifier. Credentials
themselves may be of any type that can be JSON encoded.

The rationale behind this is to avoid further (mis)use of
oc_preferences, which was being used for all manner of data not related
to user preferences.
2016-01-18 11:10:41 +01:00
Roeland Jago Douma 6c77d1734e [Share 2.0] Update db structure to stay backwards compatible 2016-01-06 14:53:43 +01:00
Thomas Müller 08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Vincent Petry b666367a79 Added system tags data structure and PHP side managers
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Roeland Jago Douma 5e8256beb8 [Sharing 2.0] Add a new db column for the file owner
We need to store the owner of a file in the db to do efficient queries
on the owner of a file. Without this we need to construct fill paths for
each file id in the table and see who the owner of a file is. Which does
not scale.
2015-11-25 13:17:02 +01:00
Arthur Schiwon 6bd343a3b7 DB scheme for Comments table, resolves #20265 2015-11-20 18:00:52 +01:00
Morris Jobke 6b6f19bb94 Drop unused table file_map
* used only for windows support
* windows support was dropped in 8.2.0 - see #17379
* was introduced in fd8cb9974b
* ref #18935
2015-11-05 08:21:53 +01:00
Robin McCorkell 5ca690e2f8 Use integer for availability instead of bool 2015-09-15 10:18:32 +02:00
Thomas Müller 534b2e407a Merge pull request #17662 from owncloud/locking-db
Database backend for locking
2015-08-26 03:56:37 +02:00
Robin Appelman 132a564a21 rename path field to key 2015-08-03 15:46:19 +02:00
Robin Appelman 96a9d171b3 Fix db schema 2015-08-03 14:13:36 +02:00
Robin Appelman 4ea7cbb0f5 Add database backend for high level locking 2015-08-03 14:13:35 +02:00
Robin McCorkell df19cabb44 Store storage availability in database
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.

Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
Morris Jobke ff5bd9d918 Remove index on file_target of share table
* causes issues on InnoDB because it exceeds the maximal key length
  of an index which is 767 (3-byte charset * varchar(512) = 1536)
* fixes #17619
2015-07-14 13:26:51 +02:00
Morris Jobke 4a37d565bd Add indexes to speedup DB queries
* file_target is often used in the sharing code in JOIN statements for retrieval of shares
2015-07-08 18:04:10 +02:00
Thomas Müller 3ff484e695 we no longer support webdav locks - no need to keep the column 2015-03-12 15:23:44 +01:00
Robin Appelman 3cf237df67 set max argument length to 4000 2015-02-25 15:09:41 +01:00
Robin Appelman 6fc0eb0236 expand cron argument column to 2048 2015-02-25 15:08:40 +01:00
Joas Schilling 3a5b0a8cfc Revert "Improve: Index for file_map"
This reverts commit c9b5608405.
2015-02-13 15:15:28 +01:00
Joas Schilling 6039523cd6 Revert "Incorporate review changes"
This reverts commit f6a452cabf.
2015-02-13 15:15:10 +01:00
Lukas Reschke f6a452cabf Incorporate review changes 2015-02-12 19:14:54 +01:00
windaishi c9b5608405 Improve: Index for file_map
Added two indices for file_map, that improve syncing and uploading and deleting files
2015-02-12 19:12:08 +01:00
Thomas Müller 3e58f5df2e Revert "add share index"
This reverts commit e19b3a8794.
2014-07-17 20:56:06 +02:00
Jörn Friedrich Dreyer b4f40e4da0 shorten userid columns to 64 chars, ref #9186 2014-06-27 16:48:42 +02:00
Thomas Müller da3974bcb2 - drop permissions table and related code
- the file/folder's permission is now stored in the file cache
- BackGroundWatcher has been removed - this has meanwhile be replaced by occ files:scan which can be executed in a cron jobs
- increase version to trigger database migration
2014-06-05 08:22:01 +02:00
Morris Jobke e8ec81110d Merge pull request #8806 from owncloud/add_share_index
add share index
2014-06-02 18:47:13 +02:00
Frank Karlitschek a339855b4c add another index to the filecache to reduce the number of queries without a matching index 2014-05-31 16:55:50 +02:00
Frank Karlitschek e19b3a8794 add share index 2014-05-31 16:47:46 +02:00
Thomas Müller a2e4bc8d33 # This is a combination of 2 commits.
# The first commit's message is:

adding tests for long paths
increment path field in database up to 4000 (maximum for Oracle - otherwise we could use php's 4096)
increment version to trigger database migration
adding unit test for too long path

# This is the 2nd commit message:

fix too long path
2014-05-28 15:30:44 +02:00