Commit Graph

14422 Commits

Author SHA1 Message Date
Morris Jobke 8a79d0cc70 Merge pull request #6414 from nextcloud/share-notification-wrong-language
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Morris Jobke 75c38d5d98 Merge pull request #6416 from nextcloud/make-sure-sqlite-works-without-content
Ask the schema whether the table and column exist
2017-09-08 19:09:38 +02:00
Morris Jobke e9c713902e Merge pull request #6417 from nextcloud/proper-english-nowhave
Improve text: 'you have now' -> 'you now have'
2017-09-08 18:29:22 +02:00
Leon Klingele 8e46e6b827
Improve text: 'you have now' -> 'you now have'
Signed-off-by: Leon Klingele <leon@struktur.de>
2017-09-08 13:47:11 +02:00
Joas Schilling 29e1aa57e1
Ask the schema whether the table and column exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling 7e625a8d22
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Nextcloud bot 194f880073
[tx-robot] updated from transifex 2017-09-08 00:08:16 +00:00
Lukas Reschke bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke 11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke 485e22acde Merge pull request #6329 from nextcloud/ldap-password
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage 7a33b9273e Refactor webroot detection in resource locator
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke 5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling b68609d0cf
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman 2c0efae30f
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Nextcloud bot 9d930210ee
[tx-robot] updated from transifex 2017-09-06 00:08:21 +00:00
Morris Jobke 15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Knut Ahlers 586cefc4f1
Add @since tag to constant
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-09-05 15:49:13 +02:00
Roeland Jago Douma b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst 87aeae21e3
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Morris Jobke e0c92c2da3
Update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 15:42:34 +02:00
Joas Schilling 6dbb64c4a2
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke 4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke 1ebf91ec16
Add proper EOL
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Morris Jobke c04a494ea7 Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
Roeland Jago Douma c4f175d079 Merge pull request #6326 from nextcloud/fix_4654_3375
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
Morris Jobke 139f9bd3ca Merge pull request #6331 from nextcloud/update-repair-step
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
Bjoern Schiessle e195021926
update autoloader
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-04 11:59:00 +02:00
Morris Jobke e33aa460f1 Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
Julius Härtl b09ce70117
Rebuild SCSS files if frontend controller value changes
fixes #6271
2017-09-03 17:32:41 +02:00
Nextcloud bot 27c6dc9657
[tx-robot] updated from transifex 2017-09-02 00:08:29 +00:00
Bjoern Schiessle e039a4c191
move repair step to stable12
because we decided to backport it the repair step needs to be executed
already on stable12

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
Roeland Jago Douma ffe1429c4f
Pass new value to triggerChange
it is not used. but pass in the empty string (on delete) and the new
file (on create)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
Thomas Ebert 93d539b0cf Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00
Roeland Jago Douma 84ea66dca8 Merge pull request #6296 from nextcloud/improve_2fa
Improve 2FA
2017-08-31 10:52:40 +02:00
Nextcloud bot 99dcf5036d
[tx-robot] updated from transifex 2017-08-31 00:08:31 +00:00
Nextcloud bot 1e24fe858a
[tx-robot] updated from transifex 2017-08-30 00:08:26 +00:00
Roeland Jago Douma 84b7022118
Improve 2FA
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
Morris Jobke 3cfe91bf0f
Add shareWith to email template metadata
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-29 16:09:25 +02:00
Morris Jobke 8c917cbfe0 Merge pull request #6288 from nextcloud/master-6287
Allow the expiration date to be set to null
2017-08-29 11:32:11 +02:00
Nextcloud bot daf2d6cb96
[tx-robot] updated from transifex 2017-08-29 00:08:27 +00:00
Morris Jobke be23f7e1de
Allow the expiration date to be set to null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-28 17:49:16 +02:00
Nextcloud bot 8e4085526d
[tx-robot] updated from transifex 2017-08-28 00:08:24 +00:00
Robin Appelman 804d97d6ff
unlock file when an exception occurs during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Robin Appelman 18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Morris Jobke 2bf15eda26 Merge pull request #6255 from nextcloud/email-meta-data
Add meta information to emails for better customisation
2017-08-26 18:53:52 +02:00
Morris Jobke 0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
Morris Jobke 92292dc06a Merge pull request #6189 from nextcloud/circle-token
link to getShareByToken
2017-08-26 18:26:12 +02:00
Roeland Jago Douma 6c6253ff6f
Bump autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-26 13:48:18 +02:00
Christoph Wurst 6676232a56
Allow 2FA providers to specify their custom CSP
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-08-26 13:48:08 +02:00