Commit Graph

10915 Commits

Author SHA1 Message Date
Joas Schilling 95a301ea57
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-02 10:37:18 +02:00
Roeland Jago Douma 18411b8da3
Merge pull request #23083 from nextcloud/bugfix/extend-php-error-logging
Generate exception to log on php errors
2020-09-29 10:02:33 +02:00
Julius Härtl cb08c6cd18
Merge pull request #23074 from nextcloud/fix/sharee-search-empty-email-match
Do not match sharees on an empty email address
2020-09-29 09:27:49 +02:00
Roeland Jago Douma 7d776091bd
Merge pull request #23013 from nextcloud/bugfix/noid/show-federation-results-with-the-same-name
Show federation and email results also with exact user match unless c…
2020-09-29 09:13:08 +02:00
Julius Härtl b0699d4126
Generate exception to log on php errors
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-29 08:54:53 +02:00
Christoph Wurst bbd962043b
Do not match sharees on an empty email address
When asking for sharees we compare not only UID and displayname but also
the email address. And if that matches we return the sharee as an exact
match. This logic had a flaw as in that it also matched the empty string
to users with no email address.

This is most noticeable when you disable sharee enumeration and open the
ownership transfer dialog. It suggested other users of the instance
before. This has stopped now.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-28 15:35:11 +02:00
Joas Schilling 3212c074b9
Log the number of queries built and executed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-25 14:55:53 +02:00
Julius Härtl 8ab2422b6c
Add acutal response to BeforeTemplateRenderedEvent
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-24 20:00:23 +02:00
Roeland Jago Douma 0e2f316ece
Merge pull request #23015 from nextcloud/bugfix/noid/warn-on-slow-dashboard-widgets
Log slow dashboard widgets
2020-09-24 14:57:17 +02:00
Julius Härtl aa95b3d71b
Add occ command to set theming values
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-24 08:22:07 +02:00
Joas Schilling 6c6d640e39
Don't log "duplicate section" for the shared "connected-accounts" section
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-23 12:25:08 +02:00
Joas Schilling b497067ead
Log a warning if a "lazy" initial state loads longer than 1 second
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-23 12:14:31 +02:00
Joas Schilling 74f4dbe9de
Log an error if a dashboard widget loads longer than 1 second
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-23 12:14:01 +02:00
Joas Schilling 5415eeda43
Show federation and email results also with exact user match unless containing @
Before when you have a user "smith" and a federated user "smith@example.com"
you could see the federation result with "smit" but not with "smith" anymore.
With most LDAP configurations and local backend setups this is disturbing and
causes issues.
The idea of not showing the email and federation on a matching user was with:
Local user registered with "smith@example.com" user id and having that same
email / cloud id in your contacts addressbook. So we now only hide those
"side results" when the search does contain an @

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-23 10:21:55 +02:00
J0WI 68ce17e59b Unify links to php.net
Update all links to https://www.php.net/

Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-09-17 17:40:04 +02:00
Robin Appelman 674db6da88
add event to allow apps to overwrite user quota
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-17 16:32:48 +02:00
Morris Jobke ec07ca2abb
Merge pull request #22844 from nextcloud/enh/richdocumentscode-arm
Support architecture limitations for apps and allow richdocumentscode_arm64 though htaccess
2020-09-17 12:22:42 +02:00
Morris Jobke d144a84df1
Merge pull request #22903 from nextcloud/techdebt/16696/no-need-to-get-full-path-again
Do not fetch the normalized full path again if it is already available
2020-09-17 11:54:47 +02:00
Morris Jobke 063ac9d353
Do not fetch the normalized full path again if it is already available
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-17 09:56:45 +02:00
Roeland Jago Douma b0c04a3e0c
Merge pull request #22867 from nextcloud/shared-storage-init-less
Shared storage optimizations
2020-09-17 08:55:35 +02:00
Julius Härtl 04eb1bb949
Allow to specify supported architectures in appinfo.xml
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:15 +02:00
Julius Härtl 364b96d5b9
Add htaccess exception for richdocumentscode_arm64
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:15 +02:00
Julius Härtl 5340215871
Install richdocumentscode depending on the architecture
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-17 08:55:14 +02:00
Roeland Jago Douma 05edd1e5d6
Merge pull request #22890 from nextcloud/techdebt/18680/help-static-code-analysis-understand-code
Help static code analysis to understand code
2020-09-17 08:51:20 +02:00
Morris Jobke 1bed77c5fc
Merge pull request #22888 from nextcloud/techdebt/18680/remove-unused-code
Remove not needed semicolon and PHPDoc hint
2020-09-16 20:44:46 +02:00
Daniel Kesselberg 096fe20611
Help static code analysis to understand code.
It adds proper type hints to private namespace to allow private namespace methods.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-09-16 16:37:17 +02:00
Morris Jobke 6b4998f20f
Merge pull request #22884 from nextcloud/phpdoc/21873/define-deprecated-version
Specific version for @deprecated PHPDoc
2020-09-16 16:25:11 +02:00
Morris Jobke d3680e682a
Remove not needed semicolon and PHPDoc hint
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 16:18:43 +02:00
Morris Jobke 99c9423766
Remove @suppress SqlInjectionChecker
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 15:53:56 +02:00
Morris Jobke 4cfbe0c97d
Specific version for @deprecated PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 15:09:00 +02:00
Robin Appelman cfde74442c
optimize View::getPath if we already know the storage id
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-16 13:49:07 +02:00
Robin Appelman 244fd6ae49
disable update checking for shared storages
update checking is already handled by the share source

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-15 16:42:40 +02:00
Joas Schilling 441adaa74a
Remove unneeded isset check
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-11 16:20:30 +02:00
Morris Jobke e269f15d56
Merge pull request #22234 from nextcloud/bugfix/noid/reshare-mount
Use user mount with matching shared storage only
2020-09-10 16:19:04 +02:00
Morris Jobke 3d61f7b258
Merge pull request #22774 from nextcloud/bugfix/noid/no-delay-without-ip
Don't break when the IP is empty
2020-09-10 16:11:06 +02:00
Morris Jobke 4ae8caaf28
Merge pull request #22768 from nextcloud/fix/22288/change-0-to-null-for-bmp-encoding
Change 0 to null to properly encode image to BMP if the first pixel is black
2020-09-10 15:25:08 +02:00
Joas Schilling c25063dc07
Don't break when the IP is empty
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-10 14:20:27 +02:00
Morris Jobke 9708b004f7
Merge pull request #22552 from nextcloud/bugfix/noid/opendocument-templates
Add opendocument templates to mimetype mappings
2020-09-10 12:42:29 +02:00
Morris Jobke 46525f8639
Change 0 to null to properly encode image to BMP if the first pixel is black
Ref #22288

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-10 12:08:01 +02:00
Joas Schilling b5a70b31c1
Don't create a deprecation log in base.php
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-10 09:03:39 +02:00
Roeland Jago Douma 6895d97cf0
Merge pull request #22520 from nextcloud/normalize-path-invalid-utf8
dont use `false` as cache key for non utf8 path in normalizePath
2020-09-09 21:52:36 +02:00
Roeland Jago Douma bb06b6cce4
Fix reading empty files from objectstorage
Since we try to do range requests this will fail hard.
However since empty files are not that interesting to read anyways we
just read from an emptry memory stream.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-09 20:45:13 +02:00
Morris Jobke cd563023db
Merge pull request #22657 from nextcloud/bugfix/noid/quota-trash-creation
Check if quota should be applied to path when creating directories
2020-09-09 17:37:28 +02:00
Joas Schilling e280c05053
Merge pull request #22636 from nextcloud/bugfix/noid/initial-stte-cspv3
Make sure that getConfig is still called for browsers that do not support CSPv3
2020-09-09 13:11:59 +02:00
Morris Jobke d8dea5070b
Merge pull request #22729 from nextcloud/fix/object_storage_permissions_shortcut
Run stat less often for objectstorages
2020-09-09 10:43:37 +02:00
Roeland Jago Douma 9fdeed8cc0
Run stat less often for objectstorages
When we want to get the permissions we now do stat at least 5 times for
each entry. Which is a bit much. Especially since the permssions are all
just in the database already.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-08 14:38:36 +02:00
Roeland Jago Douma 919a8d473b
Merge pull request #22646 from nextcloud/bugfix/mimetype-mapping
Fix detecting text/x-php mimetype and secure mimetype mapping
2020-09-08 10:41:09 +02:00
Roeland Jago Douma ac5f2914c7
Merge pull request #22641 from nextcloud/fix/credentials-store-upgrade-property-undefined
Fix undefined class property access after upgrade from 19 to 20
2020-09-08 10:26:23 +02:00
Julius Härtl 87e5fd0d2c
Check if quota should be applied to path when creating directories
This fixes an issue where the files_trashbin hierarchy of a user could
not been created as the mkdir operations were blocked by the quota
storage wrapper. Even with 0 quota, users should be able to have a
trashbin for external storages.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-08 07:33:57 +02:00
Morris Jobke 34d2ae25f7
Merge pull request #22643 from nextcloud/bugfix/noid/fix-installing-on-oracle
Fix installing on Oracle
2020-09-07 20:55:50 +02:00
Julius Härtl 5e4303b1fe
Properly add both mimetypes to secure mimetype mapping
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-07 16:42:11 +02:00
Christoph Wurst 1f7f93a695
Update license headers for Nextcloud 20 (again)
There are still lots of outdated headers, so time for another round of
updates.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 14:37:44 +02:00
Christoph Wurst adf100a42f
Fix undefined class property access after upgrade from 19 to 20
The serialized data in 19 has one property less and this was not
considered in the code. Hence adding a fallback. Moreover I'm changing
the deserialization into an array instead of object, as that is the
safer option.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 13:31:24 +02:00
Joas Schilling 50230847ce
Warn about adding NotNull columns with nullable default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-07 13:14:49 +02:00
blizzz 3eb748fc39
Merge pull request #22589 from nextcloud/bugfix/noid/allow-additional-personal-settings-via-normal-registration
Allow additional personal settings via normal registration
2020-09-07 11:34:06 +02:00
Julius Härtl a9f39bf500
Make sure that getConfig is still called for browsers that do not support CSPv3
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-07 09:37:49 +02:00
Roeland Jago Douma c538b1e4c6
Merge pull request #22597 from nextcloud/techdebt/noid/allow-to-di-the-settings-manager
Add missing alias for OCP\Settings\IManager and deprecate the old one
2020-09-04 20:22:52 +02:00
John Molakvoæ 593d64d935
Merge pull request #17456 from brad2014/feature/brad2014/12391-improve-imip-mail-message-take-2 2020-09-04 19:53:02 +02:00
Joas Schilling 770d12d191
Add missing alias for OCP\Settings\IManager and deprecate the old one
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 16:39:01 +02:00
Joas Schilling cb146c8486
Allow additional personal settings via normal registration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 15:21:48 +02:00
Joas Schilling e690f0e7e3
Merge pull request #22550 from nextcloud/bugfix/13556/use-correct-root-when-compiling-scss
Use the correct root to determinate the webroot for the resource
2020-09-04 08:58:07 +02:00
Julius Härtl b0970f86f0
Update repair step apply new opendocument template mimes
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-04 08:42:32 +02:00
Roeland Jago Douma 0452877a67
Fix app password updating out of bounds
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates

* Added event listener to the PostLoggedInEvent so that we can act on it
  - Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
  token. Else it keeps being marked invalid and thus not used.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +02:00
Brad Rubenstein 442af8c5d5 Minor cleanup: php-cs-fixer, tests, interface consistency
IMipPlugin.php Removed blank lines to make php-cs-fixer happy.
Minor cleanup:  bugs found by Psalm static checker
IEMailTemplate: The public interface to addBodyListItem also needs to include the new plainIndent parameter.
IMipPlugin: Fixes an undefined variable for events that do not have DTEND.  Also use explicit string conversion for parameters and properties in several places.

The new email template adds an additional blank line before "button" links in plain text, so the tests were fixed to include that additional blank line.

Signed-off-by: Brad Rubenstein <brad@wbr.tech>
2020-09-02 17:54:36 +02:00
Joas Schilling 87aa9b187e
Use the correct root to determinate the webroot for the resource
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-02 17:13:24 +02:00
Roeland Jago Douma 6bda2c26c7
Merge pull request #22423 from nextcloud/bugfix/noid/direct-editing-encryption
Do not expose direct editing if no master key is available
2020-09-01 20:32:21 +02:00
Roeland Jago Douma ab6bd79c02
Only disable zip64 if the size is known
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-01 15:01:12 +02:00
Julius Härtl e0ae37745a
Do not expose direct editing if no master key is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-01 11:40:27 +02:00
Roeland Jago Douma d0a7f833cc
Merge pull request #22116 from nextcloud/bugfix/noid/transfer-ownership-share-root
Fix share transfer of single files and on the transfered node
2020-09-01 08:50:22 +02:00
Roeland Jago Douma e0d767d3e1
Merge pull request #16632 from nextcloud/bugfix/external-reshare
Set proper root path for single file shares originating from other storages
2020-09-01 08:48:31 +02:00
Roeland Jago Douma 8dd249937f
Merge pull request #22514 from nextcloud/fix/s3/only_delete_new_failed
Fix S3 error handling
2020-08-31 19:03:24 +02:00
Robin Appelman a792a51dca
dont use `false` as cache key for non utf8 path in normalizePath
since `json_encode` returns `false` if it's input isn't utf8, all non utf8 paths passed to normalizePath will currently return the same cached result.

Fixing this makes working with non utf8 storages a *little* bit more possible for apps

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 17:29:36 +02:00
Robin Appelman 81c5aa9819
set the mount id before calling storage wrapper
this allows the storage wrapper to use the mount id for it's own logic

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-31 16:38:47 +02:00
Julius Härtl ac2999a26a
Transfer shares of the transferred root node
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-31 14:23:34 +02:00
Roeland Jago Douma 789b33aba4
Only update the filecache entry once the file has been written to S3
If we already update before we have no way to revert if the upload
fails.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:28:04 +02:00
Roeland Jago Douma 6ffd7173f9
Don't lose filecache entry on s3 overwrite error
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-31 12:25:20 +02:00
Roeland Jago Douma c43189beae
Merge pull request #22476 from nextcloud/setting-sections-unique
ignore duplicate setting sections
2020-08-30 21:15:50 +02:00
Robin Appelman eb4154cee0
ignore duplicate setting sections
this prevents some 'Section with the same ID already registered' errors in the log

also includes an improvement of the error message to make other cases easier to find

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 17:06:48 +02:00
Roeland Jago Douma 7b8364e001
Merge pull request #21288 from lmamane/master
Return correct loginname in credentials
2020-08-28 16:11:46 +02:00
Robin Appelman 2879472f81
trim slashes
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-28 11:14:50 +02:00
Julius Härtl 7512dc2b34
Set proper root path for single file shares originating from other storages
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-28 10:50:15 +02:00
Robin Appelman c077c15875
show better quota warning for group folders and external storage
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-25 16:05:16 +02:00
Roeland Jago Douma 7e6f04490e
Merge pull request #22393 from nextcloud/fix/license-headers-20
Update the license headers for Nextcloud 20
2020-08-24 22:03:00 +02:00
Joas Schilling df857604d5
Merge pull request #21894 from nextcloud/fix-file-quota
fix: file quota was not applied in all cases
2020-08-24 15:48:48 +02:00
Christoph Wurst 2a054e6c04
Update the license headers for Nextcloud 20
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-24 14:54:25 +02:00
John Molakvoæ dd054f0bdb
Merge pull request #22382 from nextcloud/bugfix/22380
Add repair step to remove old dashboard app config
2020-08-24 14:00:41 +02:00
Julius Härtl 17579c6471
Add repair step to remove old dashboard app config
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-24 10:16:15 +02:00
kevin147147 120c0feb57
Fix example usage 2020-08-23 13:22:06 +02:00
Roeland Jago Douma 51922caa5f
Properly search for users when limittogroups is enabled
Searching just for the uid is not enough.
This makes sure this done properly again now.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-21 13:14:32 +02:00
brad2014 781359a582 iMIP email improvements (take 2)
This PR is a replacement for PR #17195. It is intended to be simpler
to review and approve, with fewer changes, some disabled by default.

It addresses issues #12391 and #13555, with the following changes:

- The plainText of iMIP emails has been upgraded as described in
issue #12391. The HTML design style has not been changed.

- Some of the HTML and plainText content has been rearranged
(simplified header language, moving the event title to from text
body to the first item in the bullet list, spelling corrections,
moving the description to the end of the list), per issue #12391.

- The interface for EMailTemplate has been extended: addBodyListItem
now takes an optional `plainIndent` parameter. Existing callers
see no change. Where new calls set the  new parameter >0, the list
item label (metaInfo) is put in column 1, and the value is indented
into column 2 (properly accounting for multiple lines, if any).

- An optional dav config setting has been added,
`invitation_list_attendees`. It defaults to 'no', leaving emails
unchanged. If set by the site admin to 'yes', then iMIP emails
include, for the organizer and each attendee, their name, email,
and a ✔︎ if they have accepted the invitation.

- Minor refactoring.

Notes:

- The labels for organizers and attendees list items are new, and
require translation/localization.

- Dav config settings are documented in the code, but not in the
Administrator's Guide.

Signed-off-by: brad2014 <brad2014@users.noreply.github.com>
2020-08-20 22:16:47 +02:00
Roeland Jago Douma 6e4b089265
Merge pull request #20891 from cuppett/cuppett/issue#19790
Resolves #19790, Provides Support for IAM Credentials
2020-08-20 20:28:05 +02:00
Roeland Jago Douma 987f621173
Merge pull request #22331 from nextcloud/bugfix/noid/dont-use-deprecated-inigetwrapper
Don't use deprecated getIniWrapper() anymore
2020-08-20 19:45:47 +02:00
Morris Jobke 65b5e65185
Merge pull request #21529 from nextcloud/enh/encryption/improve_key_format
New SSE key format
2020-08-20 17:41:18 +02:00
Joas Schilling b09620651c
Don't use deprecated getIniWrapper() anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 16:35:38 +02:00
korelstar d8a80cd45c
fix: file quota was not applied in all cases 2020-08-20 16:11:50 +02:00
Lionel Elie Mamane ac8b40b8b1
Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-08-20 16:02:22 +02:00
Stephen Cuppett 5ef0f86ce7
Resolves #19790, Provides Support for IAM Credentials
Includes support for either leveraging environment variables
passed to the PHP runtime or IAM instance profile present
on the host being used. The default and first choice is
still the parameter file as documented.

See also: https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_provider.html#chaining-providers

Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2020-08-20 15:54:33 +02:00
Roeland Jago Douma 5340ab3a75
New SSE key format
* Encrypt the keys with the instance secret
* Store them as json (so we can add other things if needed)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-20 15:42:43 +02:00
Robin Appelman 5af7d921a9
Make Cache::removeChildren non recursive
Currently the "add new files during scanning" call stack is smaller than
the "remove deleted files during scanning" call stack. This can lead to
the scanner adding folders in the folder tree that are to deep to be
removed.

This changes the `removeChildren` logic to be non recursive so there is
no limit to the depth of the folder tree during removal

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-20 15:37:02 +02:00
Morris Jobke 6cdaadbc57
Merge pull request #13712 from nextcloud/bugfix/noid/do-not-load-all-routes
Only load routes of the app which is requested
2020-08-20 14:32:25 +02:00
Joas Schilling 2e4b3cebc6
Exclude the Bridge Bot password as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 10:28:35 +02:00
Roeland Jago Douma af3a59fab5
Merge pull request #22237 from nextcloud/bugfix/noid/allow_putContent_empty_string
Allow writing empty content to new file
2020-08-20 09:03:06 +02:00
Morris Jobke d8bdb439a4
Merge pull request #22289 from nextcloud/techdebt/noid/fix-encryption-stream-invalid-scalar-arguments
Cast float to int to avoid invalid scalar argument warning
2020-08-19 22:08:15 +02:00
Morris Jobke 387cac4c5f
Properly inject IRouter into URLGenerator to properly encapsulate tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 22:00:47 +02:00
Morris Jobke 053ee7b386
Only load routes of the app which is requested
* Add fallback to load all routes if needed
* Move partial loaded routes test to proper place

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 21:58:20 +02:00
Roeland Jago Douma b604d5232e
Merge pull request #22218 from nextcloud/enh/sse/make_legacy_cipher_opt_in
SSE: make legacy format opt in
2020-08-19 20:10:45 +02:00
Morris Jobke c449d54204
Merge pull request #22304 from nextcloud/techdebt/noid/matching-param-names
Use matching parameter names form interfaces and implementations
2020-08-19 19:34:02 +02:00
Morris Jobke 4c6eb96471
Merge pull request #22280 from nextcloud/bugfix/noid/429-on-brute-force-maximum
Send "429 Too Many Requests" in case of brute force protection
2020-08-19 18:21:01 +02:00
Morris Jobke fedf9c69d9
Use matching parameter names form interfaces and implementations
Found by Psalm 3.14.1

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 18:16:35 +02:00
Morris Jobke 60be722ee8
Merge pull request #22288 from nextcloud/techdebt/noid/fix-oc_image-invalid-scalar-arguments
Cast float/char to int to avoid invalid scalar argument warning
2020-08-19 17:55:56 +02:00
Morris Jobke e93bf71369
Fix the return type of OC_Template->fetchPage() to be string only
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 16:48:06 +02:00
Roeland Jago Douma 2bbb848c31
Add legacy scanning command
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Roeland Jago Douma 8928bbe969
Make legacy cipher opt in
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-19 15:45:45 +02:00
Joas Schilling 35a8519591
Fix CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 770381c0c6
Correctly return ms delay when at max
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 931aca2fee
Add missing default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling d9c4c9eb99
Simplify array filter
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling dfeee3b850
Fix wrong doc + type hint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 8376c4891f
Only throw when also the last 30 mins were attacking
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 6f751d01db
Make the throttling O(2^n) instead of O(n^n)
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling 64539a6ee1
Make Throttler strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:36 +02:00
Joas Schilling c8fea66d65
Split delay calculation from getting the attempts
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling cdb36c8ead
Let the database count the entries
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling e66bc4a8a7
Send "429 Too Many Requests" in case of brute force protection
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 11:20:35 +02:00
Joas Schilling c8f175e936
Allow to disable share emails
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-19 09:03:58 +02:00
Morris Jobke 560ccf5d83
Cast float to int to avoid invalid scalar argument warning
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-18 16:56:36 +02:00
Morris Jobke 27e7332a9c
Cast float/char to int to avoid invalid scalar argument warning
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-18 16:51:59 +02:00
Roeland Jago Douma 6ed4c8a946
Improve recent file fetching
Fixes #16876

Before we'd just fetch everything from all storages we'd have access to.
Then we'd sort. And filter in php. Now this of course is tricky if a
user shared just a file with you and then has a ton of activity.

Now we try to contruct the prefix path. So that the filtering can happen
right away in the databae.

Now this will make the DB more busy. But it should help overall as in
most cases less queries are needed then etc.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-18 05:56:06 +02:00
John Molakvoæ 565ccb08cd
Merge pull request #22109 from nextcloud/feature/20931/followup-1 2020-08-17 22:13:45 +02:00
Roeland Jago Douma 6675528804
Merge pull request #22271 from nextcloud/phpdoc/22063/add-interface-method-and-phpdoc
Properly add new methods to interface and document in PHPDoc for getR…
2020-08-17 19:34:56 +02:00
Morris Jobke d7f66c36ac
Fix "misplaced variables" warning of Psalm in PHPDoc statements
Ref #21787

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-17 17:46:57 +02:00
Morris Jobke 00cb8e6c54
Merge pull request #22253 from nextcloud/debt/noid/docblocks
Fix some MissingDocblockType or InvalidDocblock warnings.
2020-08-17 17:45:11 +02:00
Morris Jobke e47cfc9a54
Properly add new methods to interface and document in PHPDoc for getRootMounts()
Introduced in #22063 and was just forgotten.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-17 17:13:46 +02:00
Daniel Kesselberg 3e7b815da4
Fix more MissingDocblockType or InvalidDocblock warnings.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-14 20:19:23 +02:00
Daniel Kesselberg 10ac844448
Update documentation for QueryBuilder::set
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-14 19:55:01 +02:00
Georg Ehrke 5b26487f14
Expose status via Collaborators API
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-14 17:04:52 +02:00
Roeland Jago Douma 8daaf33e3d
Silence duplicate session warnings
Fixes #20490

Basically restroring the old behavior.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-08-14 05:23:11 +02:00
Gary Kim 5559570faf
Merge pull request #22242 from nextcloud/techdebt/noid/remove-deprecated-methods
Remove deprecated and unused method calls
2020-08-14 10:10:53 +08:00
Scott Dutton b12a390220
Always try and show pre rendered preview
Currently if the following situation happens

Server generates preview
Server has command removed which allows a preview to be shown
Client asks for preview, gets a 404 error when preview exists
(Mime checked before preview)

This happens more often with documents, or video as the commands are not
native PHP, they require a binary on the server.

After the fix the following would happen

Server generates preview
Server has command removed which allows a preview to be shown
Client asks for preview, gets preview which has been generated
(Mime checked after preview)

This would also allow offline generation (for example a docker image
containing the extra binaries), allowing a reduction in attack surface
of the instance serving the preview data.

Signed-off-by: Scott Dutton <scott@exussum.co.uk>
2020-08-13 22:50:38 +02:00
Morris Jobke 16d83ab30a
Remove getLastJob from IJobList
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 21:50:06 +02:00
Georg Ehrke ee23906c3c
Allow writing empty content to new file
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-13 15:41:26 +02:00
Julius Härtl 52eff4ae7c
Use user mount with matching shared storage only
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-13 15:10:05 +02:00
Morris Jobke 0b856329eb
Merge pull request #22202 from nextcloud/enh/noid/cleanup-servercontainer
Use autowiring where possible in server container
2020-08-13 10:55:48 +02:00
Morris Jobke 3c56922444
Merge pull request #22205 from nextcloud/activity-settings-cleanup
merge file activity settings into a single 'favorite changed' item
2020-08-13 08:15:06 +02:00
Morris Jobke df4bcd616f
Add @deprecated labels for server DI containter aliases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 07:43:37 +02:00
Morris Jobke 725fecee34
Merge pull request #21344 from nextcloud/fix/twofactor-cleanup-event
Emit an event for every disabled 2FA provider during cleanup
2020-08-13 07:25:01 +02:00
Morris Jobke 894640206e
Use registerDeprecatedAlias for non-namespaced aliases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 05:43:38 +02:00
Morris Jobke 2f2252cfba
Use autowiring where possible in server container
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-13 05:43:36 +02:00
Robin Appelman 5f58cefbd7
merge file activity settings into a single 'favorite changed' item
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-13 00:01:34 +02:00
Daniel Kesselberg 4dd507675c
Generate password by password_policy app
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-08-11 21:58:51 +02:00
Morris Jobke 8fc877ff7d
Merge pull request #22117 from nextcloud/activity-settings-grouping
allow grouping of activity settings
2020-08-11 11:24:23 +02:00
Morris Jobke c0be7e329f
Prefer typed event over string based ones
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-10 15:22:55 +02:00
Morris Jobke 54726d5934
Merge pull request #21738 from nextcloud/techdebt/14552/migrate-OC_Group-post_removeFromGroup
Migrate OC_Group post_removeFromGroup hook to actual event object
2020-08-07 17:46:00 +02:00
Morris Jobke 408ed7ebd4
Merge pull request #22139 from nextcloud/fix/noid/check-for-preview-multibucket-fallback-as-second-step
Check previews in multibucket fallback folder as the last step and not as first step
2020-08-07 16:02:02 +02:00
John Molakvoæ (skjnldsv) 9e962fb69f
Allow to update to nightly
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-07 13:51:39 +02:00
Morris Jobke 0807e29e17
Merge pull request #22133 from nextcloud/boot-app-once
only boot apps once
2020-08-07 12:05:09 +02:00
Morris Jobke 06eb230d24
Merge pull request #22135 from nextcloud/enh/noid/occ-preview-repair
Add occ preview:migrate to migrate previews from the old flat structure to a subfolder structure
2020-08-07 11:09:16 +02:00
Robin Appelman 246ed35d94
only boot apps once
in some cases `loadApp` is called more then once which is currently causing apps to be "booted" multiple times which can lead to unexepected behaviour with things like registering hooks

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-07 11:04:47 +02:00
Morris Jobke 4d0c3fa4a8
Check previews in multibucket fallback folder as the last step and not as first step
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-07 09:37:11 +02:00
Morris Jobke 45428e4948
Add config option to enable multibucket preview distribution
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:31:39 +02:00
Morris Jobke 4fdd38c737
Use fixed preview buckets that are postfixed with -preview-NUMBER
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:19:21 +02:00
Morris Jobke 159f28cd52
Mount the old previews in a separate folder for the multi bucket setup and check in them before using the actual locations
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:19:21 +02:00
Morris Jobke 438ac23e2a
Distribute preview folders in appdata in multibucket setup to multiple buckets
* introduces a new IRootMountProvider to register mount points inside the root storage
* adds a AppdataPreviewObjectStoreStorage to handle the split between preview folders and bucket number

Ref #22033

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:19:20 +02:00
Morris Jobke d8734b3b93
Add occ preview:migrate to migrate previews from the old flat structure to a subfolder structure
* `php occ preview:repair` - a preview migration tool that moves existing previews into the new location introduced with #19214
* moves `appdata_INSTANCEID/previews/FILEID` to `appdata_INSTANCEID/previews/0/5/8/4/c/e/5/FILEID`
* migration tool can be stopped during migration via `CTRL+C` - it then finishes the current folder (with the previews of one file) and stops gracefully
* if a PHP memory limit is set in the `php.ini` then it will stop automatically once it has less than 25 MiB memory left (this is to avoid hard crashes in the middle of a migration)
* the tool can be used during operation - possible drawbacks:
    * there is the chance of a race condition that a new preview is generated in the moment the folder is already migrated away - so the old folder with the newly cached preview is deleted and one cached preview needs to be re-generated
    * there is the chance of a race condition during access of a preview while it is migrated to the other folder - then no preview can be shown and results in a 404 (as of now this is an accepted risk)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-06 22:05:46 +02:00
John Molakvoæ 5b6246f52a
Merge pull request #21598 from nextcloud/enh/20930/dashboard-drag 2020-08-06 08:17:52 +02:00
Morris Jobke ae9ecd521f
Merge pull request #21677 from J0WI/clearstatcache-on-rmdir
Do clearstatcache() on rmdir
2020-08-05 23:03:06 +02:00
Morris Jobke 519cd678ee
Merge pull request #22008 from elijahnyp/OCImage_Leak_Fix
Ensured large image is unloaded from memory when generating previews
2020-08-05 22:39:09 +02:00
Julius Härtl 61cc356e0b
Fix php cs check
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-05 17:03:39 +02:00
Julius Härtl 018be662f4
Refactor API to match the widget wording
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-05 17:03:38 +02:00
Julius Härtl db86bea18c
Allow default app to be overwritten by user config
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-08-05 17:03:38 +02:00
Jan C. Borchardt e25bab98b7
Set Dashboard as default app
Signed-off-by: Jan C. Borchardt <hey@jancborchardt.net>
2020-08-05 17:01:28 +02:00
Joas Schilling 55473dd2eb
Merge pull request #22104 from nextcloud/enh/search/make-app-handle-the-order-logic
Make apps handle the order logic
2020-08-05 16:38:45 +02:00
Robin Appelman 227e362842
allow grouping of activity settings
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-08-05 16:13:03 +02:00
Morris Jobke 79fc7e78b7
Merge pull request #21138 from nextcloud/fix/noid/search-in-group-displayname-email
Search also the email and displayname in user mangement for groups
2020-08-05 16:09:00 +02:00
Morris Jobke f510da139f
Use class that actually has the destroy() method in preview generator
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 15:52:40 +02:00
Morris Jobke 6fbf8fceac
Merge pull request #22106 from nextcloud/feature/noid/user_status_api
Provide a PHP Api for UserStatus
2020-08-05 15:30:48 +02:00
Joas Schilling ea8f68bea6 Hand in the route and the parameters of the request
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-08-05 12:52:16 +00:00
Morris Jobke fee13e7ffd
Search also the email and displayname in user mangement for groups
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-05 14:14:05 +02:00
Georg Ehrke 0e0e0d19e8
Provide a PHP Api for UserStatus
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-08-05 13:48:46 +02:00
John Molakvoæ (skjnldsv) d98f7c1bd8
Make apps handle the order logic
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-05 11:37:45 +02:00
John Molakvoæ (skjnldsv) 71b62c4203
Show mime icon, bump bundles, make the SearchResultEntry class non-abstract, Fix header search icon, various fixes
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-04 21:36:22 +02:00
John Molakvoæ (skjnldsv) 6eced42b7a
Remove outdated legacy search scripts
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-08-04 20:56:22 +02:00
Morris Jobke 489fecac32
Merge pull request #22057 from nextcloud/fix/20009/contactsmenu-limit-users
contactsmanager shall limit number of results early
2020-08-03 15:15:46 +02:00
John Molakvoæ (skjnldsv) 1a1b3e20e4 Fix unified search
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-08-03 11:26:03 +00:00
Georg Ehrke 0fad921840
Add user-status app
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-07-31 16:45:27 +02:00
Arthur Schiwon 7c56283c3c
contactsmanager shall limit number of results early
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-07-31 12:42:17 +02:00
Morris Jobke e19bbce7f6
Merge pull request #22060 from nextcloud/trashbin-s3-fixes
Object store trashbin fixes
2020-07-31 10:10:33 +02:00
Robin Appelman 6cb550d567
fix instanceof ISettings check for activity settings
boolean logic is hard

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-30 17:53:14 +02:00
Robin Appelman 8c3b22859c
dont update mimetype when moving to trash
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-30 16:11:45 +02:00
Joas Schilling a32e6a7958
Merge pull request #21993 from nextcloud/fix/lower_route_not_found_level
Log the route not found exception on a lower level
2020-07-30 10:59:31 +02:00
Morris Jobke 4a7d7e446f
User.php: rename of old dispatcher to legacyDispatcher
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-30 10:21:08 +02:00
Morris Jobke 36ee37ec0a
Migrate OC_Group post_removeFromGroup hook to actual event object
Ref #14552

This adds a BeforeUserRemovedEvent to the LDAP backend because it was missing. It's not really before, but we don't have the before state.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-30 10:21:08 +02:00
Joas Schilling 5993bd45f3
Correctly remove usergroup shares on removing group members
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-30 09:47:31 +02:00
Joas Schilling 2af77b2ed7
Merge pull request #22034 from nextcloud/bugfix/noid/parse-url-returns-null
parse_url returns null in case a parameter is not found
2020-07-29 18:07:50 +02:00
Morris Jobke 7e28286e9d
Merge pull request #21542 from nextcloud/activity-notifications
basic settings system for activity notifications
2020-07-29 15:36:38 +02:00
Joas Schilling 9127731c52
parse_url returns null in case a parameter is not found
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-29 08:32:20 +02:00
Joas Schilling bab4fb98eb
Fix overwriteService() for apps
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-28 09:38:43 +02:00
Elijah Martin-Merrill 56ed563b0c fix memory leak caused by not destroying image in Preview/Generate.php
Signed-off-by: Elijah Martin-Merrill <elijah@nyp-itsours.com>
2020-07-27 10:52:44 -04:00
Roeland Jago Douma b57019bcaa
Log the route not found exception on a lower level
This should be logged but it is not that critical to wanner level 3

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-24 15:39:53 +02:00
Morris Jobke 15561b4e0a
Merge pull request #21977 from onehappycat/issue_21960
Ignore whitespace in sharing by mail
2020-07-24 13:37:36 +02:00
Robin Appelman c8427781b4
implement old settings interface
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-24 13:03:35 +02:00
Julius Härtl e1b696929f
Move NotFoundResponse to a proper TemplateResponse
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-24 08:58:14 +02:00
onehappycat e04525c186 Ignore whitespace in sharing by mail
Signed-off-by: onehappycat <one.happy.cat@gmx.com>
2020-07-23 22:20:18 +02:00
Morris Jobke ce314d9484
Merge pull request #21814 from nextcloud/techdebt/noid/federated_share_added-into-typed-event
Move federated_share_added into a typed event
2020-07-23 21:42:48 +02:00
Morris Jobke 173f8abc7e
Merge pull request #21628 from nextcloud/external-to-s3-trashbin-fix
fix moving files from external storage to object store trashbin
2020-07-23 21:35:18 +02:00
Robin Appelman c8cf2e8a5b
fix renameFromStorage messing with folder mimetype
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 20:31:35 +02:00
Simon Spannagel 1fc54d3479 Fix header logo size in notification mails
Signed-off-by: Simon Spannagel <simonspa@kth.se>
2020-07-23 17:52:21 +02:00
Robin Appelman ad7798f9c9
use exceptions for error signaling in writeStream
this remove the ambiguity when writing zero length files

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 15:24:52 +02:00
Robin Appelman 5949849322
fix moving files from external storage to object store trashbin
having the "cache rename" after the "storage move" caused the target
to get the fileid from the source file, without taking care that the object
is stored under the original file id.

By doing the "cache rename" first, we trigger the "update existing file"
logic while moving the file to the object store and the object gets stored for the
correct file id

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-23 15:24:44 +02:00
Roeland Jago Douma e0cc95f3aa
Allow user backends to specify a custom logout url
* Allows SSO backends to do a global logout

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-23 10:42:40 +02:00
Morris Jobke 0763a17332
Move federated_share_added into a typed event
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-23 08:33:17 +02:00
Morris Jobke 346f647962
Merge pull request #21870 from nextcloud/fix/bootstrap-context-container-interfaces
Make the bootstrap context return ContainerInterface instances
2020-07-22 20:38:50 +02:00
Morris Jobke 7b250db60b
Merge pull request #21658 from nextcloud/trashbin-configurable-size
allow admin to configure the max trashbin size
2020-07-21 20:46:43 +02:00
Morris Jobke 7870ca0663
Use the proper IAppContainer and IServerContainer type hints to know which code runs with which container
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-21 20:44:05 +02:00
Christoph Wurst e029055e76
Make the bootstrap context return ContainerInterface instances
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-21 20:42:24 +02:00
Robin Appelman 5eb1e75e24
build autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-21 19:26:59 +02:00
Robin Appelman fb5ae20722
basic settings system for activity notifications
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-21 17:12:38 +02:00
Morris Jobke 09e6b26bdd
Merge pull request #21875 from nextcloud/techdebt/deprecate-ilogger
Deprecate ILogger in favor of the PSR-3 logger
2020-07-20 16:45:14 +02:00
Morris Jobke 9ae75a3ca9
Merge pull request #21850 from nextcloud/techdebt/noid/register-alternative-logins
Allow to register AlternativeLogin on RegistrationContext
2020-07-20 14:20:03 +02:00
Morris Jobke 9271d65641
Merge pull request #21880 from nextcloud/webauthn/discourage_user_auth
Discourage webauthn user interaction
2020-07-20 09:24:08 +02:00
Christoph Wurst 9bc6a8437d
Deprecate the query mothod on the server container
The interface method has already been deprecated, but if some code uses
the concrete type instead, the deprecation is not shown (by phpstorm),
so I think it's better to have this method tagged as well.

The "fix" for this deprecation is to simply use `get` instead of
`query`. Right now this will work 100% the same, but the goal is to slim
down the interface and only use what PSR-11 offers.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-17 08:05:07 +02:00
Joas Schilling cae849bcf9
Merge pull request #21869 from nextcloud/techdebt/noid/add-constants-for-magic-strings
Add constants for the magic strings of template rendering
2020-07-16 22:00:57 +02:00
Roeland Jago Douma 884f3d009a
Discourage webauthn user interaction
Else people might have the feeling this is also doing 2FA. And since it
is only prefered it can be ignored and hacked around.

Once we have proper 2FA with webauthn in one go this probably needs to
be revisted.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-16 21:10:07 +02:00
Roeland Jago Douma dfcb49b9b7
Merge pull request #21873 from nextcloud/techdebt/deprecate-server-container-getters
Deprecate the server container getters
2020-07-16 20:27:36 +02:00
Christoph Wurst 8a433a7226
Deprecate ILogger
The logger service was always intended to follow the PSR-3 interface.
It's time to embrace this and switch over to the "official" API,
hence this custom interface can be slowly phased out.

With Nextcloud 20 the logger also got support for
* App id filled out automatically
* Exceptions handling (as replacement for logException)

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-16 19:19:23 +02:00
Christoph Wurst c889021334
Add a scoped PSR logger for apps
Just like for ILogger we should have a version that has the app ID
pre-set for the context (unless overwritten) so that each log entry can
be traced back to the app that produced it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-16 19:11:56 +02:00
Christoph Wurst efd2835b23
Deprecate the server container getters
Service locators are an anti pattern. These getters just make it more
appealing to do the wrong thing. If you want to locate a service the bad
way, just use the `get` method on a container – it will do the same in
also one line of code.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-16 18:59:56 +02:00
Joas Schilling 49970639fa
Add constants for the magic strings of template rendering
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-16 15:47:28 +02:00
Joas Schilling 0dfcc132ca
Allow to register AlternativeLogin on RegistrationContext
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-16 14:20:24 +02:00
Christoph Wurst 4152216bd8
Use PSR container interface and deprecate our own abstraction
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-16 13:35:45 +02:00
Morris Jobke fc41810d2f
Merge pull request #21822 from nextcloud/enh/events/additionalscripts
Add real events to load additionalscripts
2020-07-15 19:50:01 +02:00
Morris Jobke cc258ad51a
Merge pull request #21844 from bladewing/bladewing-harden-against-mimetype-mismatch
Avoid substr() error when strpos returns false
2020-07-15 19:33:09 +02:00
Roeland Jago Douma 7d7ba61625
Add real events to load additionalscripts
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-15 14:07:18 +02:00
Christoph Wurst b9a911f0b3
Deprecate the internal Symfony dispatcher adapter
This type is not known on the public API, yet we should make sure that
any usage of this class is noticed and migrated as soon as possible.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-15 13:57:35 +02:00
lui87kw 3fe3d1fca3 Extra white space to follow other ifs
Signed-off-by: lui87kw <lukas.ifflaender@uni-wuerzburg.de>
2020-07-15 10:18:47 +02:00
bladewing 7dafd5831f Avoid substr() error when strpos returns false
"Exception: substr() expects parameter 3 to be int, bool given" can occur on Line 378 $mimePart = substr($icon, 0, strpos($icon, '-'));
This happens, when '-' is not found and strpos returns false instead of an int.
When this occurs, e.g., Activity hangs.

Signed-off-by: lui87kw <lukas.ifflaender@uni-wuerzburg.de>
2020-07-15 10:18:47 +02:00
Julius Härtl 35bdb998ef
Dashboard strict typing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:28:12 +02:00
Julius Härtl 31a1494529
Add load method for apps to bootstrap their panels
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:28:11 +02:00
Julius Härtl b71de68f43
Cleanup public api methods
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:28:11 +02:00
Julius Härtl 81e5593133
Move to lazy panel registration during registration context
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:27:57 +02:00
Julius Härtl 673d70dfc5
Add new dashboard public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-07-15 09:24:50 +02:00
Morris Jobke 157c652762
Merge pull request #21825 from nextcloud/fix/appframework/services
Fix AppFramework services
2020-07-14 17:07:38 +02:00
Morris Jobke fba64a972f
Merge pull request #21812 from nextcloud/feature/noid/app-bootstrap-without-app.php
Do not load app.php if Application implements IBootstrap
2020-07-14 17:06:06 +02:00
Roeland Jago Douma dca2469462
Merge pull request #21833 from nextcloud/docfix/noid/irequest_getHeader
Fix PHPDoc of IRequest::getHeader
2020-07-14 16:43:09 +02:00
Morris Jobke 6f167f0dd1
Merge pull request #21828 from nextcloud/enhancement/lazy-bootstrap-registration-delegation
Delegate bootstrap registration lazily
2020-07-14 16:37:04 +02:00
Roeland Jago Douma fa9dfd83c9
Fix AppFramework services
* We can't just register an alias as the services need the appId to be
  injected. if we just register an alias this blows up since the main
  container doesn't have the appId.
* Moved the Authtokens over to show the PoC works

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-14 16:01:14 +02:00
Morris Jobke d9cc2f0213
Do not load app.php if Application implements IBootstrap
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-14 15:55:23 +02:00
Christoph Wurst f03f88b437
Delegate bootstrap registration lazily
* Keep the registration context
* Expose the context object for other components
* Ensure registration is only run once

Search providers are migrated for demonstration.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-14 15:33:32 +02:00
Georg Ehrke 3bdfb380fc
Fix PHPDoc of IRequest::getHeader
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-07-14 14:20:43 +02:00
Christoph Wurst ab303dddcd
Make the PSR-3 adapter exception-aware
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-14 09:38:51 +02:00
Morris Jobke cbbbbee8b1
Merge pull request #21785 from nextcloud/techdebt/noid/remove-classmap-in-files_external
Move OC_Mount_Config to proper classname and remove OC::$CLASSPATH us…
2020-07-13 16:47:12 +02:00
Morris Jobke 7569bc15bd
Merge pull request #21789 from nextcloud/ftp-filter-hash
filter files containing a hash in the path for ftp storages
2020-07-13 10:56:16 +02:00
Robin Appelman e357d46863
filter files containing a hash in the path for ftp storages
the php ftp streamwrapper doesn't handle hashes correctly and will break when it tries to enter a path containing a hash.

By filtering out paths containing a hash we can at least stop the external storage from breaking completely

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-10 14:18:40 +02:00
Morris Jobke 065ef14cb0
Move OC_Mount_Config to proper classname and remove OC::$CLASSPATH usage in files_external
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-10 00:02:59 +02:00
Roeland Jago Douma 10d862e243
Merge pull request #21759 from nextcloud/enh/lazy_subscription
Make the subscription registry lazy
2020-07-09 15:43:48 +02:00
Roeland Jago Douma 725872c23a
Make the subscription registry lazy
This will allow to do lazy registration here which should allow for
loading less (or at least only when needed!).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-09 12:21:06 +02:00
Robin Appelman 70906a359f
ensure home storage is initialized on first setup
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-09 11:14:45 +02:00
Roeland Jago Douma 43efac345e
Use the correct mountpoint to calculate
If we use the owners mount point this results in null. And then the rest
of the checks get called with null. Which doesn't work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-09 11:14:44 +02:00
Morris Jobke 9e88456768
Fix regression in return value of OC_Util::checkDataDirectoryPermissions due to #21761
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-09 09:29:44 +02:00
Roeland Jago Douma c7d9636e82
Kill another unneeded translation
We should only translate things when we actually need them.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-08 21:47:16 +02:00
Roeland Jago Douma ce5cb5ac33
Merge pull request #21758 from nextcloud/fix/routes/defaults
Fix supporting defaults for routes
2020-07-08 20:42:28 +02:00
Roeland Jago Douma 3f447b9c8c
Fix supporting defaults for routes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-08 19:52:45 +02:00
Roeland Jago Douma 76eb793f9b
Only translate if we need the string
This translation was done in each call. Over and over and over again.
All while it was probably not used in 99.99999% of the cases. A small
gain. But still.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-08 15:12:01 +02:00
Robin Appelman 050e2fe346
allow admin to configure the max trashbin size
this allows an admin to configure the max trashbin size instead of always relying on the users quota.

The trashbin size can be configured using the `occ trash:size` command and can be set both globally and per-user

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-07-07 14:45:08 +02:00
Roeland Jago Douma edc1c77dd9
Do not create a RouteActionHandler object for each route
This is not required and doesn't allow us to be properly lazy. On top of
it this doesnt allow us to cache the routes (since closures/objects
can't be cached).

This is the first small step into cleaning up the routing we have

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-07 12:33:22 +02:00
Morris Jobke cd7a6276f2
Merge pull request #21676 from J0WI/fix-chmod-on-fd
Fix chmod on file descriptor
2020-07-07 09:44:57 +02:00
Morris Jobke 560c485e5d
Merge pull request #21714 from nextcloud/td/remove/getAppFolder
Remove old deprecated getAppFolder
2020-07-06 22:36:55 +02:00
Roeland Jago Douma 7d128ebf3e
Remove old deprecated getAppFolder
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-07-06 22:06:58 +02:00
Holger Hees e70249e089
Update SecurityMiddleware.php
OC::$WEBROOT can be empty in case if your nextcloud installation has no url prefix. This will result in an empty Location Header.

in other areas OC::$WEBROOT is always used together with an /
2020-07-06 21:34:46 +02:00
Morris Jobke 37856cd377
Cascading effect - more code that now is not used anymore
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-06 14:13:53 +02:00
Morris Jobke e20db42a0c
Tags.php and the old sharing mechanism
The old sharing mechanism isn't working anymore, because it was replaced by Share 2.0. Also it was nowhere used so this removes the code paths and reduces complexity.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-06 14:12:12 +02:00
Morris Jobke e878c0a054
Merge pull request #21074 from jvsalo/shared-lock-multi-release
Fix releasing a shared lock multiple times
2020-07-06 14:06:41 +02:00
Morris Jobke fb69d6d195
Merge pull request #21238 from nextcloud/techdebt/noid/deferrable-notification-apps
Allow notification apps to defer and flush the sending
2020-07-06 13:50:25 +02:00
Morris Jobke 6c825ee9a0
Merge pull request #21665 from nextcloud/debt/noid/job-list
Fix wrong phpdoc for execute method
2020-07-06 11:14:14 +02:00
Morris Jobke b1cdd0dd9b
Use formal type hints instead of informal PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-06 10:13:23 +02:00
Morris Jobke e900f424ce
Merge pull request #21636 from nextcloud/lock-exception-readable-path
add proper paths to locking exceptions
2020-07-05 22:37:12 +02:00
Morris Jobke d3d11cb826
Merge pull request #21626 from nextcloud/enhancement/injectible-callables
Callable parameter injection
2020-07-05 22:03:12 +02:00
Roeland Jago Douma 4d8b4ef3cc
Merge pull request #21533 from nextcloud/techdebt/noid/dedicated-method-to-get-a-users-language
Techdebt/noid/dedicated method to get a users language
2020-07-04 08:56:13 +02:00
J0WI 356bc50420 Only clear the realpath cache
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-07-03 22:47:13 +02:00
J0WI ea08a01999 clearstatcache() on rmdir
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-07-03 22:42:27 +02:00
J0WI 6ca1599ea4 Fix chmod on file descriptor
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2020-07-03 20:53:58 +02:00
Joas Schilling 3d559159f0
Allow notification apps to defer and flush the sending
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-03 16:44:43 +02:00
Christoph Wurst 4a3ea04baa
Callable parameter injection
This is like what we have to DI and classes, but for callables.

The motivating factor is to get rid of *service locators* in the `boot`
method of apps as a new pattern is about to emerge where we have lots of
`query` calls on the app or server container in order to fetch some
services.

With this little helper it's possible to call another (public) method
and magically have everything injected.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-03 14:37:46 +02:00
Joas Schilling db8267db26
Use the new method everywhere
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-03 10:59:43 +02:00
Daniel Kesselberg 9b10d35477
Fix wrong phpdoc for execute method
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-07-03 10:47:15 +02:00
Christoph Wurst d3a4bc91f7
Fix static method call for s3 bucket compat check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-07-03 09:02:58 +02:00
Roeland Jago Douma d53e005458
Merge pull request #21360 from nextcloud/root-storage-prevent-scanning
prevent the root storage from accidentally scanning user folders
2020-07-02 21:07:16 +02:00
Roeland Jago Douma c79f8b9543
Merge pull request #21580 from therealklanni/master
Add audio formats to htaccess
2020-07-02 20:59:54 +02:00
Roeland Jago Douma 0157e30ad4
Merge pull request #21599 from nextcloud/debt/noid/type-to-types
Replace TYPE with TYPES
2020-07-02 12:21:01 +02:00
Joas Schilling 74a9cadc50
Fix IPv6 remote addresses from X_FORWARDED_FOR headers before validating
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-02 11:13:13 +02:00
Joas Schilling b997edad10
Add a dedicated method to get the language for another user
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-01 10:20:07 +02:00
Daniel Kesselberg 87dd760a89
Replace TYPE with TYPES
As TYPE::* is deprecated.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-30 23:46:22 +02:00
Roeland Jago Douma 873be16c8d
Merge pull request #21588 from nextcloud/bug/21214/method-signature
Update presign method to match with interface again.
2020-06-30 20:36:30 +02:00
Roeland Jago Douma c709dda597
Merge pull request #21589 from nextcloud/debt/noid/wrong-exception-call
Set retry = false for forbidden exception.
2020-06-30 20:35:47 +02:00
Roeland Jago Douma bc29e361b2
Merge pull request #21596 from nextcloud/debt/noid/share-return-mismatch
Replace Share with IShare and add missing return
2020-06-30 19:40:26 +02:00
Robin Appelman da2d425044
add proper paths to locking exceptions
while some code paths do wrap the "raw" locking exception into one with a proper path, not all of them do
by adding the proper path to the original exception we ensure that we always have the usefull information in out logs

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-30 18:10:42 +02:00
Christoph Wurst 8e9726be5c
Log usages of the deprecated app.php file
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-30 09:43:40 +02:00
Daniel Kesselberg 4d44d6be2e
Replace Share with IShare and add missing return.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-26 10:57:55 +02:00
Daniel Kesselberg e984357cfc
Set retry = false for forbidden exception.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-25 23:34:41 +02:00
Daniel Kesselberg 8aa99aa8ff
Update presign method to match with interface again.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-06-25 22:56:28 +02:00
Kevin Lanni c2f2eaf8cc
Add audio formats to htaccess
Signed-off-by: Kevin Lanni <therealklanni@gmail.com>
2020-06-24 20:33:51 -07:00
Roeland Jago Douma b6ce75066d
Merge pull request #21558 from nextcloud/part-file-rename-mask
relax permissions mask check for detecting part file rename
2020-06-24 21:05:07 +02:00
Joas Schilling a2f34f46b2
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-24 18:13:37 +02:00
Joas Schilling 89ed2c37bf
Update share type constant usage
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-24 16:49:16 +02:00
Christoph Wurst 654cd18864
Merge pull request #20916 from nextcloud/feature/unified-search-api
Add unified search API
2020-06-24 15:38:03 +02:00
Christoph Wurst 27b8637e3e
Deprecate \OCP\ISearch
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-24 14:20:26 +02:00
Christoph Wurst f8e08a74ba
Implement unified search for Files
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-24 14:20:26 +02:00
Christoph Wurst 4488e846a5
Add unified search API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-24 14:20:25 +02:00
Joas Schilling 7972a5fda6
Merge pull request #21525 from nextcloud/techdebt/noid/contacts-manager
Techdebt fix contacts manager
2020-06-24 13:55:31 +02:00
Robin Appelman 35d75dbb38
relax permissions mask check for detecting part file rename
with files drop uploads the original file name isn't always used for the '.ocTransferId' source path

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-24 13:06:14 +02:00
Joas Schilling 95652d4469
Fix language in share notes email for users
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 22:01:40 +02:00
Joas Schilling ad0731a63c
Make annotations case insensitive
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-23 20:18:23 +02:00
Joas Schilling 8ec1b8132e
Merge pull request #21452 from nextcloud/bugfix/21451/allow-autocomplete-by-displayname-again
Fix autocomplete for LDAP with `shareapi_only_share_with_group_members` on
2020-06-23 14:02:17 +02:00
Joas Schilling 404080abb4
More imports
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-22 11:10:44 +02:00
Joas Schilling 3997856d76
Fix code style
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-22 11:09:32 +02:00
Joas Schilling 7ed79b64b4
Fix undefined class "IAddressbook" on docs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-22 11:08:23 +02:00
Roeland Jago Douma fbf9772a3e
Allow to specify the cookie type for appframework responses
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.

Helps with #21474

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-22 08:38:44 +02:00
Roeland Jago Douma 6ec8042d88
Merge pull request #21469 from nextcloud/bugfix/noid/event-service-listener-registration
Fix event service listener registration
2020-06-19 21:28:29 +02:00
Roeland Jago Douma 59093abfaf
Merge pull request #21483 from nextcloud/fix/scss/timeout
Give up after 10 seconds in SCSS timeout
2020-06-19 21:26:26 +02:00
Roeland Jago Douma 4768526b81
Give up after 10 seconds in SCSS timeout
Else we keep idling for ages which leads to bad UX

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-06-19 14:39:31 +02:00
Joas Schilling a7f26cfe28
Don't log Keys
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-19 13:44:27 +02:00
Christoph Wurst 2b7b7144d4
Allow crash reporters registration during app bootstrap
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-19 10:38:26 +02:00
Joas Schilling 9cf32a3999
Fix event service listener registration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-18 15:00:19 +02:00
Joas Schilling 1151394739
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-18 11:33:43 +02:00
Christoph Wurst 32bf95c774
Continue with next app when one errors during register
My patch at #21461 had a little error in that it exits the method when a
query exception is encountered during the register step of an app. What
we actually want is to continue with the next app and finish the overall
registration procedure.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-18 09:17:00 +02:00
Christoph Wurst 5ab5a5f89e
Catch all exceptions when an app is registering or booting
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 21:07:42 +02:00
Christoph Wurst 5bc8510b3b
Load the app.php before running apps' boot method
Some apps require the composer autoloader from app.php. If we run boot
before including that file, classes and functions from dependencies
won't be found.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 14:44:02 +02:00
Joas Schilling 9ff7a9c38e
Fix PHP CS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-17 12:08:17 +02:00
Joas Schilling 2ec7b59688
Move back to IGroupManager::displayNamesInGroup()
The problem is that despite it's name IGroup::searchDisplayName()
only searches by userid and this is less fixable than changing back to this method here

Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-17 11:59:56 +02:00
Joas Schilling 3539bd1751
Merge pull request #21434 from nextcloud/bugfix/noid/dont-break-with-GenericEventWrapper
Don't break event listeners with the GenericEventWrapper
2020-06-17 11:55:14 +02:00
Christoph Wurst 6328053105
Merge pull request #21406 from nextcloud/fix/aws-disable-csm
Disable Client-Side Monitoring on AWS storage
2020-06-17 10:58:27 +02:00
Christoph Wurst 69571fb536
Add dedicated API for apps' bootstrapping process
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-17 09:22:21 +02:00
Joas Schilling c76fa60571
Don't break event listeners with the GenericEventWrapper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-16 19:30:36 +02:00
Christoph Wurst 68794ebc92
Emit an event for every disabled 2FA provider during cleanup
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-16 14:38:33 +02:00
Christoph Wurst 5e52c110bb
Merge pull request #21416 from nextcloud/fix/user-deleted-token-cleanup
Clean up auth tokens when user is deleted
2020-06-16 10:01:29 +02:00
Christoph Wurst 3474afa938
Clean up auth tokens when user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-15 19:24:04 +02:00
Julius Härtl 294e40db5f
Avoid duplicate matches in wide and exact results
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-06-15 09:34:57 +02:00
Christoph Wurst 9d392891be
Disable Client-Side Monitoring on AWS storage
The S3 client enables this by default and then tries to read
`.aws/config`. This causes `open_basedir` restriction related error for
some setups. So this patch disables the CSM because it's most likely
unused anyway.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-15 09:13:08 +02:00
Joas Schilling b6d5979d0a
Increase timeout of the appstore requests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-12 13:01:06 +02:00
Robin Appelman e9b5514186
prevent the root storage from accidentally scanning user folders
while this scan *should* never be triggered, it's good to have some failsafe to ensure
that the users home contents don't end up getting scanned in the root storage

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-11 15:41:33 +02:00
Christoph Wurst a636aef585
Allow group search by display name
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-10 11:44:07 +02:00
Roeland Jago Douma 8bee8e1317
Merge pull request #21317 from FlorentCoppint/s3_upload_part_size
Upload part size as S3 parameter instead of constant value
2020-06-09 19:28:58 +02:00
Florent 3594ba6971 Upload part size as S3 parameter instead of constant value
Some S3 providers need a custom upload part size (500 MB static value in Nextcloud).
Here is a commit to change this value via S3 configuration, instead of using S3_UPLOAD_PART_SIZE constant.
A new parameter is added for an S3 connection : uploadPartSize

Signed-off-by: Florent <florent@coppint.com>
2020-06-09 09:18:42 +02:00
Robin Appelman e75797ad67
increase log level for storage self-test
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-06-08 18:12:49 +02:00
Christoph Wurst 5e1805d253
Fix missing parent constructor call and get_class usage in GenericEventWrapper
* The parent constructor was not called
* `get_class` does not allow null values in php7.2+

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-06-08 09:42:45 +02:00
Roeland Jago Douma 72a8e15d3a
Merge pull request #20914 from nextcloud/enh/deprecated_event_log_usage
Log usage of a deprecated event instead of emitting
2020-06-04 19:19:02 +02:00
Joas Schilling 69eda9c0f6
Prevent harder to share your root
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-06-03 14:47:38 +02:00
Roeland Jago Douma 43a0bf7215
Merge pull request #21155 from nextcloud/td/move_to_capabilities_package
Move to @nextcloud/capabilities package
2020-05-30 08:58:19 +02:00
Roeland Jago Douma 0209532638
Move to @nextcloud/capabilities package
And kill of oc_capabilities and _oc_capabilities globals

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-29 16:10:08 +02:00
Roeland Jago Douma 71b2f94101
Fix the loading order of the js files_info and files_client
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-29 15:43:45 +02:00
Roeland Jago Douma 251a4d3097
Merge pull request #21143 from nextcloud/fix-password-changes-in-link-and-mail-shares
Fix password changes in link and mail shares
2020-05-29 13:36:09 +02:00
Daniel Calviño Sánchez 45de42a6b8 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez a426f84dbe Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez 7569590514 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Christoph Wurst 97e9823787
Document \OC_App::getAllApps return type
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-28 20:37:24 +02:00
Roeland Jago Douma 6aa6ab3e02
Add lazy events for the Node API
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.

We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 12:35:45 +02:00
Christoph Wurst 5b92f35fe2
Log why a token is not valid during password check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:58:44 +02:00
Christoph Wurst 2006a6dd0e
Improve traces of invalid token exceptions
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:21:47 +02:00
Roeland Jago Douma 4bada5c732
Merge pull request #21092 from nextcloud/enh/noid/recommended-apps
Update recommended apps
2020-05-25 20:47:20 +02:00
Roeland Jago Douma a6b0bed585
Merge pull request #21090 from nextcloud/bug/noid/do-not-read-cert-from-datadir-by-default
Do not read certificate bundle from data dir by default
2020-05-25 19:48:00 +02:00
Morris Jobke 18b0d753f2
Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.

This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 16:57:56 +02:00
Julius Härtl bde5b9577b
Update hub bundle and add proxy rule to htaccess
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-05-25 16:04:54 +02:00
Morris Jobke e57bca31ad
Merge pull request #20005 from joeried/occ-remove-bruteforce-attempts-by-ip
Implement occ command to reset bruteforce attemps from a given IP address
2020-05-25 14:04:18 +02:00
Morris Jobke bd997a105c
Fix code style
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-25 14:03:21 +02:00
Jaakko Salo b7dd278e24 Fix releasing a shared lock multiple times
Signed-off-by: Jaakko Salo <jaakkos@gmail.com>
2020-05-24 20:23:57 +03:00
Roeland Jago Douma 5e35594cb6
Merge pull request #20989 from nextcloud/td/js/move_core_files_webpack
Move core/js/files to webpack
2020-05-23 09:47:53 +02:00
Roeland Jago Douma 533cb6992b
Merge pull request #21065 from nextcloud/fix/cleanstatscache_before_fetching_metadata
Clear the statscache before fetching the metadata
2020-05-23 09:46:27 +02:00
Roeland Jago Douma 44d05bf356
Move core/js/files to webpack
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-22 20:28:31 +02:00
Roeland Jago Douma 4dacbbd66d
Log usage of a deprecated event instead of emitting
This way we can track down what is being used and migrate them over. And
slowly kill the old way in a release or 2.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 14:56:35 +02:00
Roeland Jago Douma fd805a0388
Merge pull request #20776 from nextcloud/enh/limit_group_queries
Improve group queries
2020-05-22 14:19:28 +02:00
Roeland Jago Douma 6b26744787
Clear the statscache before fetching the metadata
Else if a lot of writes happen. It might happen that an old stat result
is used. Resulting in a wrong file size for the file. For example the
text app when a lot of people edit at the same time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-22 09:21:53 +02:00
Roeland Jago Douma cac844d915
Merge pull request #20814 from nextcloud/group-id-only
dont get the group details if we only ask for the id
2020-05-21 09:53:45 +02:00
Roeland Jago Douma 1c1b349473
Merge pull request #21018 from nextcloud/bug/20498/add-defaults-on-empty
Create account structure also for empty record
2020-05-21 09:47:19 +02:00
Morris Jobke 8123737a40
Revert "Compress the appstore requests by default"
This reverts commit 6ffde128ad.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 13:37:28 +02:00
Morris Jobke 8bcd1c31da
Allow gzip encoded requests by default
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 13:37:28 +02:00
Morris Jobke 6ffde128ad
Compress the appstore requests by default
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:51:07 +02:00
Morris Jobke 3e0d8df036
Cache appstore requests for 60 instead of 5 minutes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-20 09:51:06 +02:00
Christoph Wurst 0556fe351a
Add a message to the log entry of an app being disabled
As an admin, it's always a surprise to see that an app got disabled. On
a busy server with many log entries, it's hard to locate the entry that
explains why Nextcloud disabled an app. Adding a message will make it
more obvious, allowing admins and developers to grep for the string.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-19 11:44:51 +02:00
Morris Jobke 3e65cc1bba
Merge pull request #21033 from nextcloud/enh/capabilities_initialstate
Provide capabilities via initialstate
2020-05-18 19:44:28 +02:00
Roeland Jago Douma e822c33a90
Provide capabilities via initialstate
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-18 16:20:25 +02:00
Morris Jobke 1bba7de28f
Merge pull request #21017 from nextcloud/enh/noid/clean-excluded-groups-list
Remove group from excluded_groups_list after delete
2020-05-18 14:24:18 +02:00
Daniel Kesselberg c6f770ea59
Create account structure also for empty record
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-05-17 15:30:36 +02:00
Daniel Kesselberg 16da29caba
Remove group from excluded_groups_list after delete
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-05-17 15:15:06 +02:00
Roeland Jago Douma d23c7fff2a
Merge pull request #20957 from nextcloud/Valdnet-patch-5
l10n: Adding "The" before "Following"
2020-05-15 19:44:04 +02:00
Morris Jobke 4e49e1da16
Allow TemplateResponse to be compressed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-15 08:38:39 +02:00
Valdnet 8e3de41b4b l10n: Add "The" before "Following" 2020-05-15 14:26:50 +08:00
Morris Jobke e0d2cd40e7
Fix return code of AppConfig::deleteUserValue
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-13 14:55:00 +02:00
Roeland Jago Douma 12fa748c49
Move the notmodified check to middleware where it belongs
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-13 08:11:24 +02:00
Morris Jobke dee1d8737b
Merge pull request #20813 from nextcloud/lazy-folder
generalize the "lazy folder" concept
2020-05-12 14:25:22 +02:00
Christoph Wurst 12fe83cd43
Merge pull request #20858 from nextcloud/fix/20289/remember_webauth_names
Remember the webauthn name of devices
2020-05-12 14:06:20 +02:00
Roeland Jago Douma 6374c329e3
Merge pull request #20270 from nextcloud/enh/appframework/gzip
Add AppFramework compression middleware to gzip responses
2020-05-12 12:20:39 +02:00
Roeland Jago Douma 203d7eb1d3
Add AppFramework GZip middleware to gzip responses
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-12 09:09:48 +02:00
Robin Appelman f7153a3d0c
generalize the "lazy folder" concept
makes it easy to use lazy intialized folder in other places

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-05-11 15:36:13 +02:00
Roeland Jago Douma 35ff4aa1c6
Use random_bytes
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-11 12:46:59 +02:00
Roeland Jago Douma 0659656c72
Merge pull request #20786 from nextcloud/enh/dicontainer_cleanup
DI Cleanup
2020-05-09 11:02:02 +02:00
Christoph Wurst a636d99a27
Merge pull request #20852 from nextcloud/enh/initialstate/appframework
Add InitialState Appframework service
2020-05-08 13:21:58 +02:00
Morris Jobke 131b1fa458
Merge pull request #20815 from nextcloud/share-groupid-only
get only groupids in default share backend
2020-05-08 11:25:51 +02:00
Morris Jobke 08e78ff3b2
Fix OCPSinceChecker and php-cs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-05-08 11:20:46 +02:00
GretaD fce716b905
Fix languages empty array
Signed-off-by: GretaD <gretadoci@gmail.com>
2020-05-08 10:03:58 +02:00
Roeland Jago Douma 32c93ee08e
Move over the IConfig for globalscale
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-08 08:50:01 +02:00