Commit Graph

7882 Commits

Author SHA1 Message Date
Morris Jobke a0132a49a6 Merge pull request #6549 from nextcloud/fix-6534
don't pass User object when uid string is expected
2017-09-18 14:28:14 +02:00
Lukas Reschke 53057f2bd0 Merge pull request #5462 from nextcloud/add-frameancestor-support
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
Arthur Schiwon 0837745477
don't pass User object when uid string is expected
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-18 13:19:47 +02:00
Roeland Jago Douma ae1fdf73c2
Improve sharing pagination
Basically we did in almost all cases did a query to much.
This resulted in an extra query for each share type.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-15 19:44:19 +02:00
Lukas Reschke 705432ca6f
Add filter for `shareapi_allow_share_dialog_user_enumeration`
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.

Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
Thomas Citharel ecf347bd1a Add CSP frame-ancestors support
Didn't set the @since annotation yet.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
Tobia De Koninck 5896176d69
Fix issue when disabling the shareapi_only_share_with_group_members option + fix findOne
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:41 +02:00
Tobia De Koninck 7dfa527da2
Improve code style
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck f0370c0244
Some code improvements
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck fa402c74d2
Add tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck 473a1ecad1
Fix tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Tobia De Koninck 92c238e0f0
Privacy enhancements for contacts menu
- Groups, which are excluded from sharing should not see local users at all
 - If sharing is restricted to users own groups, he should only see contacts from his groups:

Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
John Molakvoæ (skjnldsv) 1a0ac912b2
Fix webroot throw
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
Morris Jobke 883574974d Merge pull request #6458 from nextcloud/rethrow-correct-exception
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
Lukas Reschke 8ef4fcb4b7 Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
Roeland Jago Douma 9163cf9241
Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Axel Helmert 01d4967130 Fix undefined variable $tmpRoot
Refactoring of webroot detection left an unused variable.

Fixes: #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
Joas Schilling c4b3198ac2
Rethrow the correct exception when there was an error in an app container
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
Julius Härtl 8391ca8792
Use IAppManager instead of private API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
Julius Härtl b49ab065b7
Move theming related imagePath logic to ThemingDefaults
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
William Pain 9a63ded43b
Fix uninitialized variable $this->params
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
Morris Jobke 8a79d0cc70 Merge pull request #6414 from nextcloud/share-notification-wrong-language
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Joas Schilling 29e1aa57e1
Ask the schema whether the table and column exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling 7e625a8d22
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Lukas Reschke bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke 11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke 485e22acde Merge pull request #6329 from nextcloud/ldap-password
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage 7a33b9273e Refactor webroot detection in resource locator
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke 5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling b68609d0cf
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman 2c0efae30f
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Morris Jobke 15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Roeland Jago Douma b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst 87aeae21e3
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Joas Schilling 6dbb64c4a2
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke 4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke 1ebf91ec16
Add proper EOL
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Morris Jobke c04a494ea7 Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
Roeland Jago Douma c4f175d079 Merge pull request #6326 from nextcloud/fix_4654_3375
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
Morris Jobke 139f9bd3ca Merge pull request #6331 from nextcloud/update-repair-step
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
Morris Jobke e33aa460f1 Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
Julius Härtl b09ce70117
Rebuild SCSS files if frontend controller value changes
fixes #6271
2017-09-03 17:32:41 +02:00
Bjoern Schiessle e039a4c191
move repair step to stable12
because we decided to backport it the repair step needs to be executed
already on stable12

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
Roeland Jago Douma ffe1429c4f
Pass new value to triggerChange
it is not used. but pass in the empty string (on delete) and the new
file (on create)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
Thomas Ebert 93d539b0cf Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00
Roeland Jago Douma 84ea66dca8 Merge pull request #6296 from nextcloud/improve_2fa
Improve 2FA
2017-08-31 10:52:40 +02:00
Roeland Jago Douma 84b7022118
Improve 2FA
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
Morris Jobke 3cfe91bf0f
Add shareWith to email template metadata
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-29 16:09:25 +02:00
Morris Jobke be23f7e1de
Allow the expiration date to be set to null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-28 17:49:16 +02:00
Robin Appelman 804d97d6ff
unlock file when an exception occurs during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Robin Appelman 18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Morris Jobke 2bf15eda26 Merge pull request #6255 from nextcloud/email-meta-data
Add meta information to emails for better customisation
2017-08-26 18:53:52 +02:00
Morris Jobke 0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
Morris Jobke 92292dc06a Merge pull request #6189 from nextcloud/circle-token
link to getShareByToken
2017-08-26 18:26:12 +02:00
Björn Schießle 60ee450809 Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
Joas Schilling 09747b296a
Add meta information to emails for better customisation
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-24 17:54:22 +02:00
Robin Appelman 5431b8bfc2 allow configuring the command bus 2017-08-24 16:21:50 +02:00
Robin Appelman 9731350ace split async test bus for easier subclassing 2017-08-24 16:06:37 +02:00
Roeland Jago Douma 9357cf735a Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
Maxence Lange 0459c03696 link to getShareByToken
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2017-08-20 15:21:58 +02:00
Lukas Reschke 2e4cd44556
Inject \OCP\IURLGenerator to make tests work
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
Lukas Reschke a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.

This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.

Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.

Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
Lukas Reschke c016b01bf9
Ensure log message is UTF-8 encoded
PHP's json_encode only accept proper UTF-8 strings, loop over all
elements to ensure that they are properly UTF-8 compliant or convert
them manually.

Without this somebody passing an invalid User Agent may make json_encode
return false which will get logged as empty newline.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 15:01:50 +02:00
Lukas Reschke ed8a98eaa1
Prevent SQL error message in case of error
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.

The easiest way to reproduce is on MySQL:

1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
Morris Jobke 1c38a83927 Always log cron execution
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707

Recently there was also a bug report about a non-visible last cron execution
(#6088) - let's better remove this.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
Morris Jobke cf7c4a4439 Merge pull request #6123 from nextcloud/cleanup-shareItem
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
Morris Jobke 8366dfa50b Cleanup usage of shareItem in internal code base
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
Morris Jobke 3e13e94254 Use proper methods for checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00
Morris Jobke f640b56bfa Cleanup unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 10:09:47 +02:00
Roeland Jago Douma 8ea434d2d0 Merge pull request #6004 from nextcloud/forward-5902-repair-drop-account-terms-on-oc-migration
[13] Repair step: drop account terms on oc migration
2017-08-10 21:18:06 +02:00
Bjoern Schiessle bae5be3dc1
add prefix to user and system keys to avoid name collisions
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Bjoern Schiessle 9524badccc
extend the identity proof manager to allow system wide key pairs
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Joas Schilling b9b88aa666
Don't lock in the appdata_ directory
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-10 12:35:33 +02:00
Joas Schilling 5515c7b2c0
Still throw a locked exception when the path is not relative to $user/files/
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-10 11:58:01 +02:00
Morris Jobke 3dc1bcd4c1 Merge pull request #6052 from nextcloud/fix_jail_copy
Fix copy from jailed storage
2017-08-10 10:21:56 +02:00
Morris Jobke 5aa25fcdd5 Fix require once for actionInclude
* regression from #5791

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-09 23:51:49 +02:00
Roeland Jago Douma 9717cdfb9e
If there is no content don't error
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:13 +02:00
Roeland Jago Douma 459ae6d94a
User proper anonymous function
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:12 +02:00
Lukas Reschke 70d42afb93
Use non-deprecated INTL_IDNA_VARIANT_UTS46
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:02 +02:00
Lukas Reschke c78e999b21
Make definition compatible
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:02 +02:00
Lukas Reschke e9dc4f107a
Make declaration compatible
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:01 +02:00
Morris Jobke e08768ee04 Merge pull request #6047 from nextcloud/fix-6017-select-indexed-columns
Use indexed column path_hash to find the parent
2017-08-09 13:53:23 +02:00
Roeland Jago Douma ace7b69aa7
Fix copy from jailed storage
If we have a jailed storage we must also fix the internal path on copy.
Else we pass in the wrong path.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 11:56:31 +02:00
Joas Schilling 66b61eb67d
Use indexed column path_hash to find the parent
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-09 10:56:16 +02:00
Roeland Jago Douma ed3b391e47
Use symfony/translation for L10N plurals
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-07 19:53:36 +02:00
Joas Schilling 43a6ba899e
Use the existing array of OC versions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-07 12:09:05 +02:00
Joas Schilling 40b47f13df
Add a repair step to drop the account_terms table on oc migration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-07 12:08:36 +02:00
Roeland Jago Douma 4633717f04
Move pre_shared and post_shared events to EventDispatcher
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-03 15:14:29 +02:00
Morris Jobke 585e5c6ea5
Logo claim is not used anymore
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-02 23:08:45 +02:00
Morris Jobke c40352c030 Merge pull request #5816 from nextcloud/fix-oracle
Fix oracle
2017-08-02 20:54:58 +02:00
Morris Jobke d7d2d7c803 Merge pull request #5952 from nextcloud/appmanager-isshipped
Use public methods for OC_App::isShipped
2017-08-02 16:15:02 +02:00
Lukas Reschke bc9eb59384
Use IUser
This is broken and will never work as the phan CI step pointed out.

Pro-tip of the day: Check why CI fails before merging 🙈

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-02 13:25:22 +02:00
Joas Schilling 78412fda9c
Add a method to compare empty strings with an expression
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:50:41 +02:00
Joas Schilling 100fe07f5d
Fix repair step for oracle...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling 2f8756754f
Fix last failures with oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling bb58667511
Fix ILIKE regex for oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling fc22a2cb07
Fix auth provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling a5b0308713
Use selectAlias()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling 20f8d1094a
Can not insert auto increment on oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling a76d4ef04e
Fix clob comparison
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:15 +02:00
Joas Schilling 8ec6c1f259
Quote aliases as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:15 +02:00
Joas Schilling b29baababd
Oracle does not support PDO::FETCH_KEY_PAIR
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:12 +02:00
Morris Jobke cd02b2205e Use public methods for OC_App::isShipped
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-01 18:57:00 +02:00
Lukas Reschke f93a82b8b0
Remove explicit type hints for Controller
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 17:32:03 +02:00
Morris Jobke 84c22fdeef Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call
Add metadata to \OCP\AppFramework\Http\Response::throttle
2017-08-01 14:43:47 +02:00
Morris Jobke 6010c4f267 Merge pull request #5877 from nextcloud/typehint_middleware
Prop argument type for Middleware
2017-08-01 14:28:16 +02:00
Morris Jobke 050fa63380 Merge pull request #5939 from nextcloud/dont-have-set-uid-as-displayname
Remove setUidAsDisplayName
2017-08-01 13:28:27 +02:00
Roeland Jago Douma c8452803ef Merge pull request #5897 from nextcloud/add-share-mail-for-user-share
Send an email once a file/folder is shared with a user
2017-08-01 13:27:15 +02:00
Roeland Jago Douma a5feb51a6a
Fix OCS Exception
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma ede15f0988
Fix L10N::t
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Lukas Reschke 0fa49db770
Some more invalid PHPDocs in legacy classes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke 66b8208791
Function also accepts ints
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke fd059a25d3
Properly name variable
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke 6fb84ebb71
null is a valid parameter
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke dfd8125aeb
Replace wrong PHPDocs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke 4166d61ce6
Fix MigrationSchemaChecker and CryptoWrapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke b53c4c0db9
Fix template functions
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke d321e9792e
Add |null to PHPDoc
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke 28098a7602
Fix \OCP\Util
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke 5424d6a40d
Add proper PHPDoc
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke b4d4db0e39
Take IUser instead of User
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke e1f52fc901
Stricter phan config fixes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
Roeland Jago Douma fa2f122e09 Merge pull request #5890 from nextcloud/fix-403-and-404-redirect
Fix 403 and 404 redirect
2017-07-31 22:14:52 +02:00
Roeland Jago Douma 3548603a88
Fix middleware implementations signatures
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
Lukas Reschke bef4f015ee
Remove setUidAsDisplayName
This code is a leftover from the old Shibboleth implementation from ownCloud days, nowadays it causes more issues than it does good (such as https://github.com/nextcloud/user_saml/pull/137). Let's remove it for the future thus.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 15:52:53 +02:00
Morris Jobke 7b2c08a31a Merge pull request #5905 from nextcloud/ocp-config
Use IConfig instead of static OCP\Config
2017-07-31 10:54:40 +02:00
Joas Schilling 50912fb94f
Add brackets around concat statements so comparing the result works as intended
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-28 15:36:26 +02:00
Morris Jobke c43abe43b0 Send an email once a file/folder is shared with a user
* only if user has set an email address
* only for user shares (no group shares for now)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-28 08:36:11 +02:00
Lukas Reschke f22ab3e665
Add metadata to \OCP\AppFramework\Http\Response::throttle
Fixes https://github.com/nextcloud/server/issues/5891

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-27 14:17:45 +02:00
Morris Jobke c27498db71 Use IConfig instead of static OCP\Config
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
Morris Jobke 0de90cfc67 Fix 403 and 404 redirect
* Nextcloud is not properly loaded in the standalone version (especially the theming)
* it is already not listed anymore in the Nginx config (see nextcloud/documentation#392)
* the index.php-free version doesn't support this

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 16:30:09 +02:00
Lukas Reschke 013d7483bf Add new bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 11:49:03 +02:00
Lukas Reschke 3faef644a1 Merge pull request #5864 from nextcloud/legacy_user
Remove legacy OC_User_Backend and OC_User_Interface
2017-07-25 17:15:11 +02:00
Lukas Reschke 63676d3b24 Merge pull request #5836 from nextcloud/preview_update
Empty search no longer works
2017-07-25 17:08:31 +02:00
Joas Schilling 41fca6c852
"Only variables must be passed by reference"
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:49:16 +02:00
Joas Schilling 10d7cbb71f
Use order by to avoid problems when chunking finds a same item again...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:49:12 +02:00
Joas Schilling 5e04254d40
Install from migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:47:37 +02:00
Roeland Jago Douma b930f32e89
Remove legacy OC_User_Backend and OC_User_Interface
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:42:55 +02:00
Roeland Jago Douma a907720817
Move \OC_L10N_String to proper \OC\L10N\L10NString
* Proper namespacing
* Fixed phpdocs

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:17:20 +02:00
Morris Jobke 5dc480a38c Merge pull request #5857 from nextcloud/database-exception-cleanup
Remove unneeded parameter in DatabaseException
2017-07-24 16:14:53 +02:00
Morris Jobke e785b849c7 Merge pull request #5835 from nextcloud/cleanup_testing_app
Cleanup testing app
2017-07-24 15:03:15 +02:00
Morris Jobke c43d479372 Merge pull request #5855 from nextcloud/cleanup-legacy-user-class
Cleanup legacy user class from unused methods
2017-07-24 14:39:18 +02:00
Morris Jobke 184f25c0d6 Merge pull request #5854 from nextcloud/improve-personal-page-code
Cleanup code of personal page to use public interfaces
2017-07-24 14:38:05 +02:00
Morris Jobke 5bc0edbd29 Merge pull request #5844 from nextcloud/phpstorm_inspect2
More phpstorm inspection fixes
2017-07-24 13:54:30 +02:00
Morris Jobke b8ed028870 Remove unneeded parameter in DatabaseException
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 13:44:12 +02:00
Roeland Jago Douma 25c36be901
Proper DI for ILockingProvider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 13:44:09 +02:00
Morris Jobke 188b87e03b Cleanup legacy user class from unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 12:17:53 +02:00
Morris Jobke 7790017a14 Cleanup code of personal page to use public interfaces
* public interfaces instead of static code calls
* drop static private namespace methods

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 12:11:24 +02:00
Roeland Jago Douma 5f227bd93b
More phpstorm inspection fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 11:39:29 +02:00
Morris Jobke ae13d011d1 Remove unneeded styles
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 11:09:14 +02:00
Roeland Jago Douma 8bee9cf8d3
Empty search no longer works
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 10:56:21 +02:00
Lukas Reschke bb6fe6afba
Adjust to height=120
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-24 10:18:16 +02:00
Lukas Reschke ba1e16ea2e Revert "Set max-width of image to 100px in Outlook as well" 2017-07-24 10:14:47 +02:00
Roeland Jago Douma 989614f9d5 Merge pull request #5783 from nextcloud/outlook-max-width
Set max-width of image to 100px in Outlook as well
2017-07-24 07:15:41 +02:00
Morris Jobke a98f57ebd0 Set max-width of image to 100px in Outlook as well
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-23 23:15:21 +02:00
Marin Treselj 586eb3ed0a
Redesign jQuery UI datepicker
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-07-23 14:06:04 +02:00
Morris Jobke 9a151056d0 Merge pull request #5812 from MrJeos/master
Fix for mb strlen
2017-07-22 11:04:24 +02:00
Morris Jobke 655c26224b Merge pull request #5596 from nextcloud/mount-rename
Fix renaming of non-renamble mounts
2017-07-21 23:10:50 +02:00
Morris Jobke 13dd0b0ebe Merge pull request #5785 from nextcloud/path-repair-steps-storage
Also repair storage id's when repairing invalid entries
2017-07-21 16:58:31 +02:00
Lukas Reschke 4c637a428e Merge pull request #5821 from nextcloud/fix-theming-on-untrusted-domain
Fix error message on untrusted domain error page
2017-07-21 14:50:31 +02:00
Robin Appelman 06a4d6b5b9 Also repair storage id's when repairing invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 14:06:13 +02:00
Roeland Jago Douma a33b6cdd21 Merge pull request #5820 from MarcelWaldvogel/minor-documentation-fixes
Minor documentation fixes
2017-07-21 13:32:10 +02:00
Morris Jobke 1a4a68dbc6 Fix error message on untrusted domain error page
Fixes #5347

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-21 11:46:37 +02:00
Marcel Waldvogel 4e42f059ed Minor typos
Signed-off-by: Marcel Waldvogel <marcel.waldvogel@uni-konstanz.de>
2017-07-21 09:50:44 +02:00
Roeland Jago Douma e5bedd8947 Merge pull request #5818 from nextcloud/ocs_privatedata
PrivateData to app
2017-07-21 09:47:49 +02:00
Morris Jobke b1954bed97 Merge pull request #5797 from paulijar/share20-postUnshareFromSelf
Dispatch event postUnshareFromSelf when the recipient of a share unshares it
2017-07-21 09:32:49 +02:00
Roeland Jago Douma 7753b93aa6
PrivateData to app
* PrivateData is an app now: https://github.com/nextcloud/privatedata
* No need to load the OCS routes.php (as there is none!)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-21 08:51:14 +02:00
Lukas Reschke 3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Artem Kochnev 5abeb9519e Fix for mb strlen
Error with moving files with long names in UTF-8
2017-07-20 17:29:50 +03:00
Pauli Järvinen 7c4a15f215 Emit hook postUnshareFromSelf when the recipient of a share unshares it
- This kind of hook signal used to be emitted in the old Share library but it was missing from Share 2.0

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-20 14:45:46 +03:00
Joas Schilling 3ff3c338c9 Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens
Only use readable chars in Share Tokens
2017-07-19 16:40:18 +02:00
Morris Jobke 49c622fcba Merge pull request #5719 from nextcloud/improve-jscombiner
Properly handle if the deps file if for some reason empty
2017-07-19 16:31:29 +02:00
Lukas Reschke 591aaa4154
Add workaround for https://github.com/etsy/phan/issues/1033
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 11:08:43 +02:00
Lukas Reschke 030d85bc9c
Remove unused functions
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:12 +02:00
Lukas Reschke d8ec399454
Run phan over code base
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:11 +02:00
Morris Jobke 2ebafb06fd Properly handle if the deps file if for some reason empty
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-19 00:10:46 +02:00
Morris Jobke 5accbf5568 Merge pull request #5744 from 1manprojects/patch-1
Removed cast to integer in getSize
2017-07-18 23:43:09 +02:00
Roeland Jago Douma f0f1e2c501 Merge pull request #5770 from nextcloud/path-repair-steps-loop
Fix invalid path repair step not getting all invalid entries
2017-07-18 22:22:51 +02:00
Joas Schilling e71b9fb3d6 Merge pull request #5709 from nextcloud/null-user-exist
null users dont exist
2017-07-18 18:24:42 +02:00
Joas Schilling 984933e586
Only use readable chars in Share Tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Robin Appelman 8b58b4c2a7
Fix invalid path repair step not getting all invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-18 14:01:49 +02:00
1 Man Projects 3e5d590f1e changed direct cast to integer to numerical value 2017-07-17 15:19:04 +02:00
Robin Appelman 0e107bc63c
non movable mounts can not be moved
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-17 15:09:08 +02:00
Pauli Järvinen 8dce97a3e1 Fix emitting of legacy hook post_unshare
- When a file was unshared, the legacy hook pre_unshare fired twice and the hook post_unshare did not fire at all. This was obviously a copy-paste error.

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-16 13:13:15 +03:00
1 Man Projects 56c0384044 Removed cast to integer in getSize
Fixes - Wrong or no sizes of files/folders #5031
2017-07-15 20:18:45 +02:00
Lukas Reschke a79447c6fd Merge pull request #5699 from nextcloud/bruteforce_capability
Add bruteforce capabilities
2017-07-14 15:20:31 +02:00
Morris Jobke 1f1504e071 Merge pull request #5708 from nextcloud/nested-permissions-mask
Fix scan permissions with nested permissions masks
2017-07-13 23:27:01 +02:00
Morris Jobke 01466ab840 Merge pull request #5715 from nextcloud/master-5655
Fixed repair step
2017-07-13 19:30:05 +02:00
Robin Appelman 350e036c56 chunk getting invalid paths and reuse queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:38 +02:00
Robin Appelman 4a727a578c use a generator instead of fetching all rows at once
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:34 +02:00
Robin Appelman 5185a3c0c9
null users dont exist
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 15:53:14 +02:00
Robin Appelman 03f27b4c2c
Fix scan permissions with nested permissions masks
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 14:29:04 +02:00
Joas Schilling e335121d5e Merge pull request #5070 from nextcloud/theming-vs-themes
Prefer custom theme over the theming app
2017-07-13 13:41:31 +02:00
Roeland Jago Douma f71457782b Merge pull request #5695 from nextcloud/dont-error-when-the-table-doesnt-exist
Don't throw an error when the table doesn't exist
2017-07-13 13:28:52 +02:00
Roeland Jago Douma 6a1f2ac076
Add bruteforce capabilities
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-13 11:23:08 +02:00
Roeland Jago Douma 04f2090698
Write cert bundle to tmp file first
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-12 19:24:20 +02:00
Joas Schilling c6b7204fcb
Don't throw an error when the table doesn't exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-12 15:35:24 +02:00
Roeland Jago Douma 86a496d94a Merge pull request #5567 from nextcloud/public-capabilities
Public capabilities API
2017-07-12 13:04:54 +02:00
Roeland Jago Douma 08d3cb9107 Merge pull request #5685 from nextcloud/jail-propagator
Fix propagating changes within jail wrapper
2017-07-12 12:14:51 +02:00