Commit Graph

18879 Commits

Author SHA1 Message Date
Christoph Wurst 8fcc0e8d8c
Merge pull request #25302 from mziech/patch-2
Use RFC-compliant URL encoding for cookies
2021-01-29 13:38:02 +01:00
Julius Härtl 222d8e6c1a
Use proper path for scanner
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-29 09:40:46 +01:00
Julius Härtl 0d384dedaa
Obtain the user language from the passed in user id
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-29 08:56:32 +01:00
Julius Härtl 39a4b1c401
Normalize compared path to avoid renaming to the same directory
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-29 08:43:17 +01:00
Roeland Jago Douma 7e727a1a31 The objectid is a string
This allows the query to use the index. Else it has to resort on
scanning all the rows.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-28 22:09:55 +01:00
Roeland Jago Douma e29f903dc4
Merge pull request #25360 from nextcloud/fix/update-autoloaders
Update all composer autoloader files
2021-01-28 20:38:22 +01:00
Christoph Wurst 299f37c5d9
Update all composer autoloader files
The format changed between 2.0.8 and 2.0.9.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-28 14:24:34 +01:00
Julius Härtl a71bb8a485
Make whole Template class final
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 12:00:21 +01:00
Julius Härtl 6c1b357973
Move TemplateProvider registration to boot context and make template type registration lazy
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 12:00:21 +01:00
Julius Härtl 0111381529
Only create template directory if it is present in the default skeleton
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 12:00:20 +01:00
John Molakvoæ (skjnldsv) 4f90766ba3
Skip template picker if none available
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-01-28 12:00:20 +01:00
Julius Härtl 7e6d69d166
Add templatedirectory config value to let admins have their custom templates by default
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 12:00:20 +01:00
Julius Härtl 66fa3fca83
Add ratio to template creators
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 12:00:20 +01:00
John Molakvoæ (skjnldsv) 78e114ed72
Add template picker
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-01-28 12:00:18 +01:00
Julius Härtl 4974404774
files: Create files from template API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 11:59:46 +01:00
Roeland Jago Douma 3a9c7f99f6
Merge pull request #25335 from nextcloud/fix/app-fetcher-php-compat-comparison
Fix/app fetcher php compat comparison
2021-01-27 15:14:52 +01:00
Christoph Wurst e0f0e6e41a
Merge pull request #25268 from nextcloud/enh/previews/sgi-tga
Add SGI and TGA preview support
2021-01-27 14:54:27 +01:00
Nextcloud bot baba83e185
[tx-robot] updated from transifex 2021-01-27 02:20:46 +00:00
Christoph Wurst b4f71ccf4d
Fix app fetcher php comparison to allow wider ranges
When app app specifies php 7.4 as upper limit we have to allow the
installation on php>7.4.0. The previous version check didn't do that.
This adjusts the regexes to discard any irrelevant suffix after the
three version numbers so that we can use more fine granular checks than
php's version_compare can do out of the box, like for php 7.4 we only
compare the major and minor version numbers and ignore the patch level.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-26 16:35:43 +01:00
Christoph Wurst 652bf9d363
Revert "Fix comparison of PHP versions"
This reverts commit bedd9acf78.
2021-01-26 13:48:06 +01:00
Nextcloud bot b98860eeb3
[tx-robot] updated from transifex 2021-01-25 02:20:31 +00:00
Marco Ziech 4923c6be25
Use RFC-compliant URL encoding for cookies
PHP 7.4.2 changed the way how cookies are decoded, applying RFC-compliant raw URL decoding. This leads to a conflict Nextcloud's own cookie encoding, breaking the remember-me function if the UID contains a space character.

Fixes #24438

Signed-off-by: Marco Ziech <marco@ziech.net>
2021-01-24 14:18:28 +01:00
Morris Jobke 1d2707ad78
Merge pull request #25273 from nextcloud/enhancement/hide-two-factor-settings-if-no-providers
Do not show 2FA settings if the user has no providers available
2021-01-22 16:26:17 +01:00
Morris Jobke 47b10c3775
Merge pull request #25275 from nextcloud/fix/two-factor-token-type
Convert 2FA token type to string
2021-01-22 16:14:45 +01:00
Christoph Wurst ac591e2fc2
Fully deprecate the old initial state interface, not just the methods
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 14:53:26 +01:00
blizzz 939433363e
Merge pull request #25128 from nextcloud/ldapprovider-get-property
extend ILDAPProvider to allow reading arbitrairy ldap attributes for users
2021-01-22 14:31:19 +01:00
blizzz f15148f695
adjust since
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Co-authored-by: Morris Jobke <hey@morrisjobke.de>
2021-01-22 14:29:39 +01:00
Christoph Wurst 99d525eb36
Convert 2FA token type to string
The IConfig service is documented to handle its data as strings, hence
this changes the code a bit to ensure we store keys as string and
convert them back when reading.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 14:09:37 +01:00
Christoph Wurst 378f116a63
Do not show 2FA settings if the user has no providers available
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-22 13:55:22 +01:00
John Molakvoæ (skjnldsv) 0bc9e3ca15
Change license mail alias
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-01-22 13:06:35 +01:00
John Molakvoæ (skjnldsv) d47b84be67
Add SGI and TGA preview support
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-01-22 10:42:51 +01:00
Nextcloud bot 7989247574
[tx-robot] updated from transifex 2021-01-22 02:19:54 +00:00
Morris Jobke 10214fbee0
Merge pull request #25214 from nextcloud/dependabot/composer/phpseclib/phpseclib-2.0.30
Bump phpseclib/phpseclib from 2.0.25 to 2.0.30
2021-01-21 10:25:02 +01:00
Roeland Jago Douma d4d33e3095
Merge pull request #25238 from nextcloud/enh/noid/apps-defacto-in-root
Apps folder is defacto in root folder and not above
2021-01-21 09:08:54 +01:00
Roeland Jago Douma 15b0e4d922
Merge pull request #25240 from nextcloud/enh/noid/re-use-fetched-dependencies
Re-use fetched dependencies in lib/base.php
2021-01-21 08:54:05 +01:00
Julius Härtl 349b65eff3
Merge pull request #25236 from nextcloud/mkdir-explicit-chmod
explicitly set permissions on newly created folders
2021-01-21 07:56:10 +01:00
Nextcloud bot 054783e385
[tx-robot] updated from transifex 2021-01-21 02:20:36 +00:00
Morris Jobke d84e1f1951
Re-use fetched dependencies in lib/base.php
Reduces calls to DI container by reusing already fetched dependencies.

For status.php it went from 355 to 344.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-20 21:55:16 +01:00
Morris Jobke 5b0e69828f
Apps folder is defacto in root folder and not above
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-20 21:22:39 +01:00
Robin Appelman d182043e83
explicitly set permissions on newly created folders
this works around any `umask` that might be set and limiting the folder permissions

Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-20 17:15:57 +01:00
Morris Jobke 4c81f5c4ad
Merge pull request #25212 from nextcloud/enh/preview-markdown
Enhance markdown file preview rendering
2021-01-20 15:02:41 +01:00
Morris Jobke 01f013661a
Fix typo in comment
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-20 15:02:32 +01:00
Morris Jobke 6129a85187
Merge pull request #25224 from nextcloud/bugfix/24600/fix-saving-user-credentials
Update handling of user credentials
2021-01-20 14:59:30 +01:00
Julius Härtl aed1fde6fd
Enhance markdown file preview rendering
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-20 11:07:55 +01:00
Roeland Jago Douma fcbbcacab4 Also load CA properly in integrity check
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-20 10:57:41 +01:00
Roeland Jago Douma d751fedffb phpsec lib can't parse multiple certs in one go
So we have to split it manually and do it ourselves

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-20 10:57:41 +01:00
Roeland Jago Douma 3d61adc908
Drop authtoken_version_index
The index was used when deleting old tokens. On top of that the index is
of course not that great since the version is either 1 or 2.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-20 09:34:41 +01:00
Joas Schilling 6c1e294edd
Compare and store the login name via the event
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-20 08:50:17 +01:00
Roeland Jago Douma 6d4afca7ac Add support for webp
Including handling in OC_Image
But also a preview provider

Of course only works if your php actually supports webp

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-19 20:17:10 +01:00
Robin Appelman fdc8635afb
extend ILDAPProvider to allow reading arbitrairy ldap attributes for users
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-19 16:33:58 +01:00
Roeland Jago Douma 0893bba369
Merge pull request #25153 from nextcloud/bugfix/noid/force-signature-verification-on-occ
Force signature verification of apps on occ
2021-01-19 09:35:52 +01:00
Nextcloud bot 91864aeb40
[tx-robot] updated from transifex 2021-01-19 02:20:43 +00:00
Joas Schilling 847aa08ebd
Don't log keys on checkSignature
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 16:09:06 +01:00
Joas Schilling 76c7356af9
Only use alphanumeric chars for mysql password
/ and + can cause problems with other tools that you might want to run on your Nextcloud database.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 12:03:52 +01:00
Joas Schilling 90c3013d40
Cleanup the constructor
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 11:32:50 +01:00
Joas Schilling f319660f60
Force run the verification of the signature on occ
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 11:32:50 +01:00
Nextcloud bot 6d291c3c19
[tx-robot] updated from transifex 2021-01-18 02:19:28 +00:00
Nextcloud bot 1907cc197d
[tx-robot] updated from transifex 2021-01-17 02:19:53 +00:00
Joas Schilling eafd281800
Merge pull request #25138 from gouttegd/fix25137
Fix comparison of PHP versions
2021-01-15 15:18:25 +01:00
Morris Jobke bcb52d64f0
Merge pull request #25141 from nextcloud/bugfix/noid/add-a-hint-about-priority
Add a hint about the direction of priority
2021-01-15 09:46:37 +01:00
Joas Schilling b8acf2fe69
Add a hint about the direction of priority
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-15 08:34:24 +01:00
Damien Goutte-Gattat bedd9acf78 Fix comparison of PHP versions
Use the builtin function `version_compare` to check an app's
compatibility with the available PHP version, instead of reusing
the `OC\App\CompareVersion::isCompatible` method which is intended
to compare Nextcloud versions. PHP version strings do not always
necessarily follow the simple Major.Minor.Patch format used by
Nextcloud and therefore cannot be properly compared by that method.

Signed-off-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
2021-01-14 23:03:20 +00:00
Christoph Wurst b9287f9780
Merge pull request #25091 from nextcloud/enhancement/ocp-db-exception-abstraction
Add our own DB exception abstraction
2021-01-14 12:27:23 +01:00
blizzz f9ab7575e7
Merge pull request #25036 from nextcloud/fix/noid/limitied-allowed-items-db-in_2
respect DB restrictions on number of arguments in statements and queries
2021-01-14 11:36:42 +01:00
Nextcloud bot 6cf9c88596
[tx-robot] updated from transifex 2021-01-13 02:20:19 +00:00
Christoph Wurst 2c9cdc1cdb
Add our own DB exception abstraction
Right now our API exports the Doctrine/dbal exception. As we've seen
with the dbal 3 upgrade, the leakage of 3rdparty types is problematic as
a dependency update means lots of work in apps, due to the direct
dependency of what Nextcloud ships. This breaks this dependency so that
apps only need to depend on our public API. That API can then be vendor
(db lib) agnostic and we can work around future deprecations/removals in
dbal more easily.

Right now the type of exception thrown is transported as "reason". For
the more popular types of errors we can extend the new exception class
and allow apps to catch specific errors only. Right now they have to
catch-check-rethrow. This is not ideal, but better than the dependnecy
on dbal.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-12 16:38:23 +01:00
blizzz 3447ea4955
Merge pull request #25089 from nextcloud/enhancement/ocp-db-types
Add our own db column types via the public API
2021-01-12 15:24:15 +01:00
Roeland Jago Douma e44f275cfe
Merge pull request #25088 from nextcloud/fix/allow_app_updates_again
Allow installing/updating of apps again
2021-01-12 14:34:21 +01:00
Christoph Wurst d4e6463eb2
Add our own constants for db column types
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-12 14:09:13 +01:00
Roeland Jago Douma 41c80d6c19
Fix option in the client code itself as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-12 12:36:21 +01:00
Roeland Jago Douma 9b58a027e3
Allow installing/updating of apps again
The Guzzle API changed. We shall now use sink

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-01-12 10:51:41 +01:00
Johannes Leuker ac88bcbd5f Add 'allow Symlinks' as an option to config.php
Signed-off-by: Johannes Leuker <j.leuker@hosting.de>
2021-01-12 10:38:39 +01:00
Nextcloud bot c8cbb73c05
[tx-robot] updated from transifex 2021-01-12 02:19:49 +00:00
blizzz 7cdc7adf59
Merge pull request #25038 from nextcloud/bugfix/noid/install-mysql8-with-php8
Don't try a transaction for the migrator on MySQL
2021-01-11 18:07:11 +01:00
Roeland Jago Douma fdd111924f
Merge pull request #25039 from nextcloud/fix/libxml-use-internal-errors-deprecated
Only use libxml_disable_entity_loader on php older than 8
2021-01-11 16:14:38 +01:00
Morris Jobke 8f614acade
Merge pull request #25034 from nextcloud/bugfix/noid/load-authentication-for-app-upgrades
Make sure to do priority app upgrades first
2021-01-11 14:44:10 +01:00
Morris Jobke 5ed673e5eb
Merge pull request #25073 from nextcloud/psalm/24521/remove-unneeded-casts
Remove unneeded casts that were found by Psalm
2021-01-11 14:15:16 +01:00
Arthur Schiwon f9484d15cb
DB: warn on parameter number constraints
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-01-11 13:43:34 +01:00
Roeland Jago Douma 683685b72c
Merge pull request #25070 from nextcloud/feature/noid/card-ros-definitions
Deck Rich-Object-String definitions for deck boards and cards
2021-01-11 13:31:21 +01:00
Morris Jobke 24d436cb60
Remove unneeded casts that were found by Psalm
In preparation of the update of Psalm from 4.2.1 to 4.3.1+ (see https://github.com/nextcloud/server/pull/24521)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-11 13:14:41 +01:00
Christoph Wurst c3cb288268
Bump scssphp/scssphp from 1.0.3 to 1.4.0
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-11 12:41:25 +01:00
Joas Schilling 078ecac188
Deck Rich-Object-String definitions for deck boards and cards
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-11 12:03:13 +01:00
Nextcloud bot ca93c9708c
[tx-robot] updated from transifex 2021-01-11 02:19:52 +00:00
Nextcloud bot b137ac468f
[tx-robot] updated from transifex 2021-01-09 02:21:37 +00:00
Christoph Wurst f8efab7c85
Only use libxml_disable_entity_loader on php older than 8
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 16:33:46 +01:00
Joas Schilling 3cdfe7b0f4
Don't try a transaction for the migrator on MySQL
As per https://dev.mysql.com/doc/refman/8.0/en/implicit-commit.html
CREATE TABLE statements automatically commit always. The only reason
this worked in the past was that PHPs PDO connection didn't check the
actual state on commit, but only checked their internal state.
But in PHP8 this was fixed:
https://github.com/php/php-src/blob/PHP-8.0/UPGRADING#L446-L450
So now commit() fails because the internal PDO connection implicitly
commited already.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-08 16:25:40 +01:00
Christoph Wurst 81302f78e5
Merge pull request #24948 from nextcloud/dependabot/composer/doctrine/dbal-3.0.0
Bump doctrine/dbal from 2.12.0 to 3.0.0
2021-01-08 14:58:43 +01:00
Morris Jobke aeb32e1bc8
Merge pull request #22992 from nextcloud/password-urlencode
allow authenticating using urlencoded passwords
2021-01-08 14:34:01 +01:00
Julius Härtl f31edf1544
Make sure to do priority app upgrades first
Otherwise those apps might not be loaded when the others app migrations
are running. The previous loading of authentication apps in the upgrade
step never worked as it just returns in maintenance mode

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-08 12:27:54 +01:00
Morris Jobke dc00c8ac31
Remove "primary" option from schema builder argument $options as it is not used anymore and triggers an exception
See 138eb85234 (diff-300f55366adb50a32a40882ebdc95c163b141f64cba5f45f20bda04a907b3eb3L82)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-08 11:45:19 +01:00
Christoph Wurst 8b64e92b92
Bump doctrine/dbal from 2.12.0 to 3.0.0
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 11:45:19 +01:00
Roeland Jago Douma d13f2d984f
Merge pull request #25015 from nextcloud/fix/no-double-intl-polyfill
Replace patchwork/utf8 with symfony-polyfill-*
2021-01-08 08:25:31 +01:00
Roeland Jago Douma 645e3e6d7e
Merge pull request #25021 from nextcloud/enhancement/occ-install-exception-trace
Print an exception trace for setup exceptions
2021-01-08 08:22:50 +01:00
Nextcloud bot 94188370e7
[tx-robot] updated from transifex 2021-01-08 02:22:30 +00:00
Morris Jobke 1e3c071aa5
Merge pull request #24892 from nextcloud/fix/use-symfony-dispatcher-correctly
Use the Symfony dispatcher correctly
2021-01-07 21:42:44 +01:00
Christoph Wurst 287c26bda3
Replace patchwork/utf8 with symfony-polyfill-*
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-07 21:22:41 +01:00
Morris Jobke 171373a944
Merge pull request #24989 from nextcloud/scanner-ignore-non-readable
ignore files that have no read permissions during scanning
2021-01-07 21:10:53 +01:00
Morris Jobke d0ac76a77c
Add more previous exceptions to database setup code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2021-01-07 21:04:11 +01:00
Roeland Jago Douma 4f52e83695
Merge pull request #24934 from nextcloud/max_file_uploads
Remove useless ini_set calls
2021-01-07 20:15:13 +01:00
Christoph Wurst f1921364d6
Print an exception trace for setup exceptions
Right now any setup error will just result in the exception message
being printed. In some cases this doesn't give any insights into what
went wrong. This adds some dedicated logic to print the exception trace
and any previous exceptions to the CLI.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-07 20:11:25 +01:00