Commit Graph

8152 Commits

Author SHA1 Message Date
Roeland Jago Douma 4c88cef749 Only execute query in propagateChange once
The second execute statement should be inside the if block. Else it gets
executed twice which makes no sense.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-05 20:45:50 +00:00
Roeland Jago Douma b9b58b1ace Do not update child all child shares on group share update
Else we overwrite the whole share for link shares. Basically breaking
them.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-04 21:53:38 +00:00
Morris Jobke d2f89950d8 PHP module is named mbstring
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-12-04 17:58:02 +00:00
Roeland Jago Douma 1794c3fdea Bearer tokens are app token
Fixes #12498

This means that we set that it is a proper app token once it is
validated. This will allow the 2FA middleware to just run the same
check.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-20 10:51:07 +00:00
Robin Appelman 5261edb61a
forward object not found error in swift as dav 404
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-11-19 11:37:12 +01:00
Roeland Jago Douma b89996483d
Merge pull request #12376 from nextcloud/backport/12284/stable13
[13] Properly search the root of a shared external storage
2018-11-13 15:59:01 +01:00
Morris Jobke 243516d785
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 14:05:16 +01:00
Morris Jobke 0737a6fbe4
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-13 14:05:13 +01:00
Roeland Jago Douma 8b03bf7d5a
Properly search the root of a shared external storage
Fixes #1020

When an external storage is shared with you in full the root is ''
(empty). This adds an extra check for an empty jail basically.

Because if the jail is on the empty string. It matches all paths.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-09 13:23:52 +01:00
Roeland Jago Douma 40d1202076
Error out early on an expired token
Fixes #12131

If we hit an expired token there is no need to continue checking. Since
we know it is a token.

We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 11:41:00 +01:00
Roeland Jago Douma 04617a28d4
Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 11:39:42 +01:00
Roeland Jago Douma 6971ecef9d
Reset bruteforce on token refresh OAuth
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-11-02 10:54:50 +01:00
Roeland Jago Douma d8a581e426 Actually return the root folder when traversing up the tree
If you now keep calling $node->getParent() you will at some point get
the RootFolder back. This is a nice termination check and will prevent
endless loops if an exit condition is slightly off.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-26 08:36:21 +02:00
Roeland Jago Douma b7524ee49e
Merge pull request #11978 from nextcloud/bugfix-stable13/9326/make_sure_usermanager_getByEmail_only_returns_IUser
[stable13] filter null values for UserManager::getByEmail
2018-10-23 15:14:56 +02:00
Morris Jobke 28fa1e3c7d
Load apps/APP/l10n/*.js and themes/THEME/apps/APP/l10n/*.js
Before it quit right after finding the theme version of the l10n file which results in a not translated part of the UI.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-23 10:35:33 +02:00
Georg Ehrke 879538c22f
filter null values for UserManager::getByEmail
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-22 15:54:41 +02:00
Roeland Jago Douma 32b4e4214f
Allow the creationg of previews of files stored in appdata
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 11:50:02 +02:00
Robin Appelman e3b9e9e57c
tokens can't be valid local user names
this saves searching for shares on non-public link dav requests

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:25:49 +02:00
Robin Appelman c897e2af8e
more efficient way to detect added and removed mounts
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:25:42 +02:00
Robin Appelman f199e7ed17
cache OC\Files\Mount\Manager::findIn results
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:25:37 +02:00
Robin Appelman 65c8fd3b29
cache OC\Files\Mount\Manager::findIn results
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:23:01 +02:00
Robin Appelman bb092553ef
use more efficient method to find mountpoint for path
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:21:20 +02:00
Robin Appelman 67ae310693
remove double loop for detecting changed mounts
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-27 16:19:50 +02:00
Joas Schilling d12ff2c083
MySQL 8.0+ and MariaDB 10.3+ are large prefix and barracuda by default
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-23 14:40:33 +02:00
blizzz d0f8a431c8
Merge pull request #10762 from nextcloud/backport/10260/improved-sql-for-fetching-quota
[stable13] Use the path_hash instead of the path to query the filecache
2018-08-20 15:24:39 +02:00
Morris Jobke 391e693adf
Use the path_hash instead of the path to query the filecache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-20 14:22:52 +02:00
Joas Schilling 60ced31116
Make sure error_log() always receives a string
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-20 14:12:08 +02:00
Roeland Jago Douma b31cea9048
Update the scope of the lockdownmanager
We have the token anyway. So better the scope as well.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-14 13:16:07 +02:00
blizzz c938ea6569
Merge pull request #10620 from nextcloud/mimetype-insert-if-not-exists-13
[13] use insertIfNotExists to store new mimetypes.
2018-08-13 23:16:00 +02:00
Robin Appelman 706813ab08
use insertIfNotExists to store new mimetypes.
Also throw an error if we can't find the mimetype after insert

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-08-09 15:31:47 +02:00
Bjoern Schiessle be172cc6f2
make file cache updates more robust
only update the encrypted version after the write operation is finished and the stream is closed

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-08 10:46:14 +02:00
Robin Appelman 8aeafc63a1
Do scan the root storage in background scan
Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-07-24 15:45:51 +02:00
Morris Jobke d88da34f95
Sanitize parameters in createSessionToken() while logging
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-07-11 14:45:13 +02:00
Morris Jobke 4ff6ea9a55
Merge pull request #10170 from nextcloud/backport/9823/stable13
[stable13] Allow updating the token on session regeneration
2018-07-11 10:02:30 +02:00
John Molakvoæ c99529834c
Merge pull request #10169 from nextcloud/backport/9955/stable13
[stable13] Request a valid property for DAV opendir
2018-07-11 09:42:20 +02:00
Morris Jobke 922c2c64b5
Merge pull request #10180 from nextcloud/lock-negative-13
[13] prevent lock values from going negative with memcache backend
2018-07-11 09:02:19 +02:00
Robin Appelman 1fa6115779
prevent lock values from going negative with memcache backend
This can be caused by the code releasing more locks then it acquires,
once the lock value becomes negative it's likely that it will never be able
to change into an exclusive lock again.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2018-07-10 17:50:45 +02:00
Roeland Jago Douma f84789f88b
Allow updating the token on session regeneration
Sometimes when we force a session regeneration we want to update the
current token for this session.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-09 16:27:12 +02:00
Roeland Jago Douma d03b389b56
Request a valid property for DAV opendir
Apperently Sabre and Onedrive are not friends when requesting a single
404 property. I need to dig deeper on why this is. Anyways requesting a
valid property makes it work like a charm.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-07-09 16:07:04 +02:00
Morris Jobke 83d99449d0
Merge pull request #10121 from nextcloud/stable13-allow-disable-encryption
[stable13] allow to disable encryption
2018-07-09 14:46:06 +02:00
Bjoern Schiessle 3a45bb52bc
allow to disable encryption
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-05 17:24:09 +02:00
Roeland Jago Douma 88c7c6abe3
Make the token expiration also work for autocasting 0
Some bad databases don't respect the default null apprently.
Now even if they cast it to 0 it should work just fine.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-08 16:26:30 +02:00
Christoph Wurst e5fb98d9fc
Fix syntax for php5.6
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-06-04 15:12:57 +02:00
Christoph Wurst 2b0ae6df9f
Fix local users check in contacts menu
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-06-04 15:05:40 +02:00
Roeland Jago Douma 188a41a2be
Make sure the log doesn't try to read from PUT if it can't
If a PUT request comes in that is not JSON or from encoded. Then we can
only read it (exactly) once. If that is the case we must assume no
shared secret is set.

If we don't then we either are the first to read it, thus causing the
real read of the data to fail.

Or we are later and then it throws an exception (also failing the
request).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-30 20:16:18 +02:00
Roeland Jago Douma e55effc5ef
Make sure the file is readable before attempting to create a preview
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-29 22:03:43 +02:00
Morris Jobke 5c9f2dd99f
Merge pull request #9651 from nextcloud/backport/9271/stable13
[stable13] Fix undefined variables
2018-05-29 17:08:40 +02:00
marco44 184a0b97fc
Make LargeFileHelper.php faster by avoiding execs as much as possible
Signed-off-by: Marc Cousin <cousinmarc@gmail.com>
2018-05-29 15:31:55 +02:00
Morris Jobke 57489f1013
Remove a check for an unused variable
Left over from a refactoring

https://github.com/nextcloud/server/pull/1940

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-05-29 15:13:57 +02:00
Morris Jobke 6a4a7c868c
Fix undefined variable - found by Phan
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-05-29 15:12:10 +02:00