Lukas Reschke
9e6634814e
Add support for CSP nonces
...
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.
At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)
IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.
Implementing this offers the following advantages:
1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.
If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Morris Jobke
169faf8c32
Remove sensible information from exception message
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 11:42:04 +02:00
Olivier Mehani
19ad058d06
Add message to NotSquareException thrown from Avatar
...
This prevents cryptic messages such as the following, from `user_ldap`:
Could not set avatar for uid=user,ou=People,dc=example,dc=net, because:
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
Add message to NotPermittedException thrown from Files\Nodes\Folder
Ditto.
Don't use translation macros here as this seems to be pretty low-level
errors that generally get caught and prettified, and I don't want to
unduly clog down the lower layers.
Signed-off-by: Olivier Mehani <shtrom@ssji.net>
fixup! Add message to NotPermittedException thrown from Files\Nodes\Folder
2016-10-24 11:27:27 +02:00
Roeland Jago Douma
ab91fa2660
Merge pull request #1820 from nextcloud/4byte-filenames
...
Allow 4byte unicode filenames on supported platforms
2016-10-24 10:38:25 +02:00
Roeland Jago Douma
7998689bc9
Added method to DB and fix test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:45:04 +02:00
Lukas Reschke
1be6213ba4
Merge pull request #1832 from nextcloud/select2-into-core
...
Select2 into core
2016-10-22 14:35:07 +02:00
John Molakvoæ
3e5e07aa64
Template css order
...
Select2 systemtags removal
Settings again
Fix Script
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-10-21 16:56:31 +02:00
Joas Schilling
0b1fb180a5
Make AppConfig part of the public API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:23 +02:00
Morris Jobke
2799b0a821
Merge pull request #1835 from nextcloud/downstream-24948
...
Move OC\Files\Storage\Shared to the right namespace
2016-10-20 23:48:15 +02:00
Vincent Petry
9e9fef46d9
Get rid of very old oc:// stream wrapper ( #26381 )
2016-10-20 20:46:30 +02:00
Morris Jobke
d9aeee2aa1
Merge pull request #1826 from nextcloud/downstream-26391
...
Fix post_unshareFromSelf hook parameter format
2016-10-20 20:44:05 +02:00
Vincent Petry
fca8bd44ab
Fix shared storage namespace in DecryptAll class
2016-10-20 20:36:50 +02:00
Joas Schilling
246bb9f33d
Move OC\Files\Storage\Shared to the right namespace
2016-10-20 20:27:44 +02:00
Sergio Bertolín
0417cbafd0
Changed request to not add a prefix to the url ( #26256 )
...
* Changed request to not add a prefix to the url
* Expecting forbidden instead of service unavailable
* Handling login exceptions
2016-10-20 17:21:08 +02:00
Vincent Petry
d4976e5554
Fix post_unshareFromSelf hook parameter format
...
When unsharing from self in a group share situation, the share items
passed to the post_unshareFromSelf hook were using the wrong format in
which the attribute names (ex: "share_type") have non camel-case format.
This fix makes sure that in group sharing case we use the correct
format. It looks like the code was already producing it but in
array_merge it was not using it and adding the unprocessed one.
2016-10-20 16:09:08 +02:00
Thomas Müller
ef842ef20a
Ensure $commands being an array - fixes #26073
2016-10-20 15:40:27 +02:00
Robin Appelman
3a8e75a814
Allow 4byte unicode filenames on supported platforms
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-20 14:26:09 +02:00
Joas Schilling
b35d2fd8f2
Allow rich object subjects for Notifications
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:59 +02:00
Joas Schilling
2098648850
Add Rich Object Definitions and a validator
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:51 +02:00
Morris Jobke
f7ca3ec201
Remove unneeded compatibility polyfills
...
- `Object.create` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/create#Browser_compatibility
- `Object.keys` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/keys#Browser_compatibility
- `Array.prototype.filter` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/filter#Browser_compatibility
- `Array.prototype.indexOf` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf#Browser_compatibility
- `Array.prototype.map` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/map#Browser_compatibility
- `Function.prototype.bind` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/bind#Browser_compatibility
- `String.prototype.trim` supported with IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/Trim#Browser_compatibility
- `outerHTML` supported with Firefox 11+: https://developer.mozilla.org/en-US/docs/Web/API/Element/outerHTML#Browser_compatibility
- `window.devicePixelRatio` supported in IE11+: http://caniuse.com/#feat=devicepixelratio
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 10:17:18 +02:00
Morris Jobke
a8cf110ec6
Remove unneeded placeholder polyfill
...
* placeholders are supported in IE11+
* http://caniuse.com/#feat=input-placeholder
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 00:00:25 +02:00
Arthur Schiwon
5d98ab83e9
resolve displayname via manager and registerable resolvers
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:34:00 +02:00
Arthur Schiwon
fea3e20a80
move mention extraction to (I)Comment and report mentions via DAV
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:33:55 +02:00
Joas Schilling
64c9ef96c4
Fix like queries in the QueryBuilder
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Joas Schilling
15bbe02106
Ignore failures of collation change in the pre update step
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Joas Schilling
9356a0e583
Correctly save and pass on the charset
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Thomas Müller
a7245ea082
Fixing ctor call
2016-10-19 00:15:01 +02:00
Morris Jobke
cc28f82b36
Add config option to update charset of mysql to utf8mb4
...
* fully optional
* requires additional options set in the database
2016-10-19 00:15:01 +02:00
Lukas Reschke
c55a737b26
Merge pull request #1734 from nextcloud/setvalue_opt
...
AllConfig setUserValue opt
2016-10-18 17:16:25 +02:00
Morris Jobke
deb59d3d48
Merge pull request #1722 from nextcloud/hide-storage-warnings
...
hide storage wrapper warning for the readonly storage
2016-10-18 16:15:52 +02:00
Morris Jobke
96f8f209b9
Merge pull request #1449 from nextcloud/comments-user-mention
...
Notifications for simple @-mentioning in comments
2016-10-17 09:30:47 +02:00
Lukas Reschke
62e19dfa80
Merge pull request #1441 from nextcloud/getby-id-less-queries
...
optimize Folder::getById to use less queries
2016-10-14 15:18:23 +02:00
Christoph Wurst
53eb0f7f42
Merge pull request #1037 from nextcloud/no-double-token-update
...
dont update the auth token twice
2016-10-14 14:53:17 +02:00
Roeland Jago Douma
77272ea52d
Use cache to determine if value need to be updated
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-13 19:40:40 +02:00
Morris Jobke
4d2835802f
hide storage wrapper warning for the readonly storage
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-13 14:37:31 +02:00
Arthur Schiwon
1bcd2ca8e3
emit pre-update event for comments
...
* notifications can be cleaned up, no polluted DB
* updating comments will re-notify users or remove notifications, depending on the message
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 18:06:22 +02:00
Robin Appelman
1484d01ff6
explicitly cast to int
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:39 +02:00
Robin Appelman
240538d9e6
reuse share node when creating a share
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:36 +02:00
Robin Appelman
37eded7e7c
Always unlock node after trying to create a share
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:29 +02:00
Robin Appelman
0d842e0550
optimize Folder::getById to use less queries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:28 +02:00
Thomas Müller
c5ca71ee82
[9.2] Register commands in info.xml ( #26248 )
...
* Use DI to load console commands from the apps - class name to be defined in the info.xml
* Load commands from info.xml
* Fix unit test
* Allow Di magic for IMountManager
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-11 19:48:26 +02:00
Robin Appelman
25ed6714c7
dont update the auth token twice
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-11 11:05:25 +02:00
Joas Schilling
356ac5d42f
Add app name to the call
...
Regression from 69b063f4c6
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-10 16:34:14 +02:00
Roeland Jago Douma
2dcd97bf14
Merge pull request #1672 from nextcloud/cache_non_exisiting_db_user
...
Cache non existing DB user
2016-10-10 10:52:07 +02:00
Christoph Wurst
a0cb809342
Merge pull request #1660 from nextcloud/add-notification-icon-to-api
...
Add an icon to the notification API
2016-10-10 09:32:34 +02:00
Roeland Jago Douma
1273d82e8b
Cache non existing DB user
...
We always query the database backend. Even if we use a different one
(ldap for example). Now we do this everytime we try to get a user object
so caching that a user is not in the DB safes some queries on each
request then (at least 2 what I found).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 09:30:36 +02:00
Morris Jobke
e5fd9c1e1a
Merge pull request #1640 from nextcloud/less_queries_group_share
...
More efficient group share resolving
2016-10-10 09:26:11 +02:00
Morris Jobke
195fc041da
Merge pull request #1663 from nextcloud/dont-reparse-info-xml
...
Dont reparse info xml + cache AppInfo XML
2016-10-10 09:22:43 +02:00
Morris Jobke
8920c87dce
Merge pull request #1658 from nextcloud/fix-log.condition
...
Default to empty string
2016-10-09 23:39:09 +02:00
Lukas Reschke
0245dd7221
Simplify isSubDirectory check
...
Shaves off another 9ms per request as can be seen at https://blackfire.io/profiles/compare/dd54cef3-e58d-4a22-b8f4-c7c4b70697be/graph
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:56:43 +02:00
Lukas Reschke
0c2b17c80f
Cache AppInfo in Memory Cache if configured
...
This saves around 20ms on a bare-bone instance, on bigger ones more (depending on the number of installed apps).
See https://blackfire.io/profiles/compare/fc326ad3-100d-49b8-8ea9-8343240f53f3/graph
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:29:23 +02:00
Thomas Müller
67d3574bdf
Don't parse info.xml but reuse already cached app infos - fixes #25603 ( #25968 )
...
* Don't parse info.xml but reuse already cached app infos - fixes #25603
* Use === in InfoParser. Fixes test
* InfoParser should not depend on UrlGenerator - fixes issue with session being closed too early
2016-10-07 20:58:22 +02:00
Arthur Schiwon
e1073cf442
Notificacations for simple @-mentioning in comments
...
(WIP) notify user when mentioned in comments
Fix doc, and create absolute URL for as notification link.
PSR-4 compatibility changes
also move notification creation to comments app
Do not notify yourself
unit test for controller and application
smaller fixes
- translatable app name
- remove doubles in mention array
- micro perf optimization
- display name: special label for deleted users, keep user id for users that could not be fetched from userManager
Comment Notification-Listener Unit Test
fix email adresses
remove notification when triggering comment was deleted
add and adjust tests
add missing @license tags
simplify NotificationsController registration
appinfo simplification, php docs
make string easier to translate
adjust test
replace dispatcher-based listeners with a registration method and interface
safer to not pass optional data parameter to setSubject for marking as processed. ID and mention suffices
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
update comment
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 17:11:19 +02:00
Joas Schilling
c77933ca22
Add an icon to the notification API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-07 17:00:24 +02:00
Lukas Reschke
ab4353457d
Default to empty string
...
Otherwise `null` is returned which leads to a ton of similar error messages if the log condition setting is enabled.:
```
{"reqId":"3wVBarnDfOV3qkI1bVCU","remoteAddr":"89.98.78.41","app":"PHP","message":"hash_equals(): Expected user_string to be a string, null given at \/var\/www\/html\/lib\/private\/Log.php#275","level":3,"time":"2016-10-07T14:22:15+00:00","method":"PROPFIND","url":"\/remote.php\/webdav\/","user":"icewind"}
```
2016-10-07 16:23:05 +02:00
Morris Jobke
c4b2639585
Merge pull request #1514 from nextcloud/integration-tests-orphaned-shares
...
Integration tests orphaned shares + Prefilter inaccessible shares
2016-10-06 22:58:56 +02:00
Roeland Jago Douma
990f4a182d
More efficient group share resolving
...
When resolving a group share to the user group share we used to do this
on a per share basis. Now we try to do this for all group shares at
once. Of course still chunked.
Before: N incomming group shares this would mean 1 + N queries
Now: N incomming roups shares this would mean 1 + 1 queries
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-06 19:31:28 +02:00
Joas Schilling
a0b34dfd2f
Merge pull request #1629 from nextcloud/cleanup-settings-application
...
Cleanup settings Application class
2016-10-06 16:57:39 +02:00
Vincent Petry
626daabb56
Prefilter inaccessible shares in DefaultShareProvider::getSharedWith()
...
The DefaultShareProvider now does a DB-level check to find out whether
file_source is accessible at all (deleted file) or whether it's in the
trashbin of a home storage.
One small corner case where the home storage id is in md5 form cannot
be covered properly with this approach.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-06 13:57:58 +02:00
Morris Jobke
0eb992062a
log version number in each log line
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-06 12:42:46 +02:00
Lukas Reschke
ea9b1cc340
Merge pull request #1306 from nextcloud/simplefs
...
Introducing AppData
2016-10-06 09:25:15 +02:00
Lukas Reschke
da0d0d82c8
Merge pull request #1586 from nextcloud/issue-1466-fix-multi-translation-names-and-descriptions
...
Allow multiple names and description
2016-10-05 19:06:22 +02:00
Joas Schilling
8b3deb00b3
When we can not create the class, try if the variable is a registered service
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-05 16:33:19 +02:00
Roeland Jago Douma
a7be37d735
DI fails for bg job
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:17 +02:00
Roeland Jago Douma
2578a81573
Fix repair
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
735abbc8fb
Use a backgroundjob to move avatars
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
851769adc8
Deprecate old app folder
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
f23390ed02
Kill users with the reserved name on login
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
3260f69590
Add for proper DI
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
92dc9e6899
Avatar migration step
...
* Skip move avatar if avatars disabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
6807cb684f
avatar to appdata
...
* Fix AvatarTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
ac38a3a654
Add Tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
5d8b941fea
Initial AppData
...
* Introduce simpleFS
* Introduce IAppData
* Introduce AppData Factory to get your AppData folder
* Update FileDisplayResponse
* AppData implements a ISimpleRoot but lazy. So only if an apps starts
to access data will stuff get initialized
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:14 +02:00
Joas Schilling
53ed3da052
Fallback from "de" to "de_DE" and the other way around
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-04 13:29:54 +02:00
Lukas Reschke
bf0371429c
Remove database requirement from test
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-03 14:15:18 +02:00
Morris Jobke
5dacd51c14
Use proper casing of username in avatar filesystem setup
...
* before you could request an avatar for User instead of user
which sets up the filesystem for that user twice causing
the sharing codes collision detection to detect a lot of
collisions
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-03 14:00:57 +02:00
Joas Schilling
3a5022ad5b
Allow multiple names and description
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-30 11:00:58 +02:00
Morris Jobke
85522ff1ed
Merge pull request #1558 from nextcloud/remove-notifications-upon-user-deletion
...
Remove notifications upon user deletion
2016-09-30 00:34:19 +02:00
Joas Schilling
6188955ed5
Do not break the output when running _completion
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-29 15:57:10 +02:00
Joas Schilling
4d1acfd4ef
Only trigger postDelete hooks when the user was deleted...
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-29 15:40:53 +02:00
Joas Schilling
5b7b8f8dac
Remove notifications upon user deletion
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-29 15:40:52 +02:00
Morris Jobke
19f94ac5f9
Merge pull request #1549 from nextcloud/kill-update-simulation
...
Kill update simulation
2016-09-28 16:29:09 +02:00
Lukas Reschke
c4d263199c
Merge pull request #1521 from nextcloud/fix-mimetypedetect-hiddenfolder
...
Fix mimetype detection inside hidden folders (#26138 )
2016-09-27 18:52:48 +02:00
Vincent Petry
da0cea404d
Kill update simulation
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-27 18:43:53 +02:00
Joas Schilling
615b69677e
Use the same URL everywhere
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-27 14:52:22 +02:00
Joas Schilling
6f955defe4
Return the autoupdater value from the server
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-27 14:38:10 +02:00
Morris Jobke
6a3e0f33b3
Merge pull request #1489 from nextcloud/fix-status-code-when-app-is-disabled
...
Return 404 on v2.php when the app is disabled
2016-09-27 11:04:57 +02:00
Morris Jobke
71fc9303c3
Merge pull request #1516 from nextcloud/fix-openbasedir-realpath-warning
...
Only use realpath for real directories (#26058 )
2016-09-27 00:10:23 +02:00
Lukas Reschke
a43c680d9f
Merge pull request #1499 from nextcloud/updater
...
Add repair step and revert "Open updater" button
2016-09-26 22:28:21 +02:00
Lukas Reschke
598b243838
Merge pull request #1426 from nextcloud/sanitze_opt
...
Optimize sanitizeName
2016-09-26 14:10:50 +02:00
Juan Pablo Villafáñez
26f1ea1cea
Change the minimum log level to fatal
...
Downstreaming of https://github.com/owncloud/core/pull/26213
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-26 11:41:20 +02:00
Vincent Petry
9b4de310bd
Fix mimetype detection inside hidden folders ( #26138 )
...
Downstreaming of https://github.com/owncloud/core/pull/26138
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-26 11:31:03 +02:00
Vincent Petry
1f21a132c7
Only use realpath for real directories ( #26058 )
...
In some cross-local-storage use cases, the Local storage is
instantiated with "/" as data directory. In such cases, calling
realpath() would cause PHP warnings when open_basedir is set.
This fix bypasses the realpath() call when dealing with a root storage.
Downstreaming of https://github.com/owncloud/core/pull/26058
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-26 11:21:47 +02:00
Lukas Reschke
19ad11cce4
Graceful error handling and logging
...
Right now a failed "copyr" will result in the error log being spammed with not really helpful error messages. Also situations such as `$dir` returning `false` are not really caught.
This adds more error handling and logging to make debugging such situations easier.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-09-25 19:03:42 +02:00
Morris Jobke
bf7cbe32c8
Add repair step to remove .step file after update
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-09-23 13:39:06 +02:00
Joas Schilling
78210c8300
Return 404 on v2.php when the app is disabled
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-09-22 12:18:40 +02:00
Joas Schilling
d9063b6141
Use default value instead of throwing when the service could not be found
2016-09-20 13:26:06 +02:00
Roeland Jago Douma
e200eda18d
Optimize sanitizeName
2016-09-16 09:52:52 +02:00
Roeland Jago Douma
7c078a81b4
Add trict CSP to OCS responses
...
If a repsonse now explicitly has the Empty CSP set then the middleware
won't touch it.
2016-09-15 13:11:36 +02:00
Lukas Reschke
c5189a93db
Merge pull request #1375 from nextcloud/display-that-updating-failed-for-htaccess
...
Display an error when updating .htaccess failed
2016-09-14 14:26:41 +02:00
Morris Jobke
e39e1bdf4e
Merge pull request #1395 from nextcloud/issue-369-htaccess-max-sizes
...
Make sure memory limit is > post size and upload filesize
2016-09-13 22:39:08 +02:00
Roeland Jago Douma
edb4a680e0
Merge pull request #1348 from karakayasemi/patch-1
...
Bug fix CachedMountInfo for user home storage
2016-09-13 21:55:14 +02:00
Roeland Jago Douma
b6439da128
Merge pull request #1338 from nextcloud/fix-trashbin-errors
...
Opening the trashbin causes errors in log for files without preview
2016-09-13 19:23:51 +02:00
Joas Schilling
a3c8534b7b
Make sure memory limit is > post size and upload filesize
2016-09-13 16:50:36 +02:00
Joas Schilling
4b26d7d86a
Update docs
2016-09-13 10:51:48 +02:00
Joas Schilling
1675542df4
Display an error when updating .htaccess failed
2016-09-13 10:51:48 +02:00
Thomas Müller
6eba111e09
Fix failing preview unit tests ( #26039 )
2016-09-12 16:46:39 +02:00
Roeland Jago Douma
959bf0d1a7
Cache the build ControllerName
...
Often a route.php file will have many N routes but only M controllers.
Where N >= M. Which means that in most cases the ControllerName will be
converted multiple times. This is of course far from ideal.
Note that this is per app so the cache will contain at most N entries.
Which is not to bad.
2016-09-11 13:25:32 +02:00
Semih Serhat Karakaya
cfc1c7cbd2
Update CachedMountInfo for user home storage
...
In getMountPointNode function rootId is not inside of the userFolder for home storage. We was searching '/user' folder in '/user/files' folder. So, it was return NULL. I moved searching part to parent folder. It solves everything. Also, obviously other storage types not affect then this change.
Related owncloud commit :
https://github.com/owncloud/core/pull/26017
2016-09-09 18:07:21 +03:00
Morris Jobke
f56ae37e8f
Opening the trashbin causes errors in log for files without preview
...
* put a file without a generated preview in the trashbin
(e.g. a *.docx file)
* open the trashbin
* following errors will show up in the nextcloud.log:
- filesize(): stat failed for ...
- fopen(...): failed to open stream: No such file or directory at ...
- fread() expects parameter 1 to be resource, boolean given at ...
- fclose() expects parameter 1 to be resource, boolean given at ...
- imagecreatefromstring(): Empty string or invalid image at ...
This is because the preview code tries to load an SVG image, which
is obviously only text.
The fix simply handles this before the loading happens and the web UI
keeps showing the default mimetype icon.
2016-09-09 13:53:06 +02:00
Morris Jobke
c16aefcff5
Merge pull request #1317 from nextcloud/add-sharing-disclaimer
...
Adding a optional disclaimer to the anonymous upload page
2016-09-08 21:18:28 +02:00
Morris Jobke
5ac26d12f0
Merge pull request #1247 from nextcloud/storage-id-global-cache
...
more efficient querying of numeric storage ids
2016-09-08 21:09:14 +02:00
Morris Jobke
6bb95de1c5
Adding a optional disclaimer to the anonymous upload page
2016-09-08 18:44:27 +02:00
Joas Schilling
0cec06d0c8
Change updater URL
2016-09-08 12:30:17 +02:00
Lukas Reschke
ff691b4d8a
Merge pull request #836 from nextcloud/php7.1
...
Add PHP 7.1 drone tests
2016-09-08 09:19:59 +02:00
Joas Schilling
cdfe538452
Merge pull request #1243 from nextcloud/fix-detection-of-file-types-a-bit
...
Fix detection of file types a bit
2016-09-08 09:19:33 +02:00
Roeland Jago Douma
fb4850ffa8
Fix intergrity checker
...
* Set salt length to 0
See https://tools.ietf.org/html/rfc3447#page-38
* Fix tests for new phpunit
2016-09-07 22:09:29 +02:00
Thomas Müller
1631ef5acc
Initialize array elements properly
2016-09-07 22:09:08 +02:00
Robin Appelman
e8e950a4d2
more efficient querying of numeric storage ids
2016-09-07 17:22:40 +02:00
Morris Jobke
05580f0242
Fix updater URL
2016-09-07 16:51:25 +02:00
Roeland Jago Douma
1d04c9e307
Merge pull request #1287 from nextcloud/correctly-remove-admin-stuff
...
Correctly remove admin sections and settings
2016-09-07 14:30:08 +02:00
Roeland Jago Douma
240798329d
Set proper content type on OCS responses
2016-09-07 10:55:56 +02:00
Joas Schilling
7c0951244a
Deprecate getEditionString()
2016-09-06 16:05:28 +02:00
Morris Jobke
b6bdf81d55
Merge pull request #1275 from nextcloud/OCS_forward_headers_cleanup
...
Internal OCS Controller cleanup
2016-09-06 14:46:05 +02:00
Joas Schilling
43ff2f05fd
Correctly remove admin sections and settings
2016-09-06 14:37:09 +02:00
Morris Jobke
45a84f3623
Merge pull request #1235 from nextcloud/issue-1192-move-navigation-entries-without-order-to-the-end
...
Move navigation entries without order to the end
2016-09-06 14:12:01 +02:00
Roeland Jago Douma
3c55fe6bab
Split OCS version handling
...
This cleans up a bit the OCSController/Middleware. Since the 2 versions
of OCS differ a bit. Moved a lot of stuff internal since it is of no
concern to the outside.
2016-09-06 11:57:39 +02:00
Lukas Reschke
06fa486706
Merge pull request #1158 from nextcloud/cache_avatars
...
Cache avatars
2016-09-05 15:08:43 +02:00
Joas Schilling
12736a3592
Merge pull request #1271 from nextcloud/fix-docs-for-notifications
...
Null !== void, those methods are void
2016-09-05 14:16:45 +02:00
Joas Schilling
fb04c56827
Null !== void, those methods are void
2016-09-05 13:00:56 +02:00
Joas Schilling
db6a3367ad
Merge pull request #1259 from nextcloud/language_order
...
ACCEPT_LANGUAGE goes before default_langauge
2016-09-05 12:37:44 +02:00
Marius Blüm
f8eb7be7b1
Merge pull request #1171 from nextcloud/2fa-backup-codes
...
add 2fa backup codes app
2016-09-05 12:17:29 +02:00
Roeland Jago Douma
7fb88ec506
Use proper ALTER ROLE syntax
...
Fixes #1260
See https://www.postgresql.org/docs/9.0/static/sql-alterrole.html
2016-09-05 10:45:11 +02:00
Joas Schilling
24d90a4bb1
Correctly remove the charset from finfo mimetype
2016-09-05 09:48:22 +02:00
Christoph Wurst
8acb734854
add 2fa backup codes app
...
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00
Roeland Jago Douma
0228bc6e66
ACCEPT_LANGUAGE goes before default_langauge
...
See https://github.com/nextcloud/server/issues/970
Before we had
1. Users settings in personal settings
2. Admins default language settings
3. Accept-Language settings of the browser
However this is not in line with
https://www.w3.org/International/questions/qa-lang-priorities
So this changes the order to
1. Users settings in personal settings
3. Accept-Language settings of the browser
2. Admins default language settings
2016-09-04 13:19:40 +02:00
Roeland Jago Douma
7e13db9952
Merge pull request #1225 from nextcloud/allow-to-validate-password-policy
...
Allow to validate the password_policy app
2016-09-02 21:02:59 +02:00
Joas Schilling
b072c6c943
Move navigation entries without order to the end
2016-09-02 09:11:58 +02:00
Roeland Jago Douma
7f84f05e4d
Cache parsing of info.xml
2016-09-02 09:03:09 +02:00
Morris Jobke
7ffed2deae
Merge pull request #1221 from nextcloud/proper_204_304_response
...
No body or content-length for 204 and 304 responses
2016-09-01 15:04:09 +02:00
Joas Schilling
d3f82356bb
Merge pull request #1227 from nextcloud/improve-tests
...
Improve tests
2016-09-01 14:02:04 +02:00
Morris Jobke
7f8c5ed497
Activate APCu on PHP 7
...
Fix an issue with APCus inc and dec methods on PHP 7
see https://github.com/krakjoe/apcu/issues/183#issuecomment-244038221 for details
2016-09-01 12:30:05 +02:00
Morris Jobke
a3c1d74829
Remove unneeded Windows logic
2016-09-01 10:47:57 +02:00
Joas Schilling
de96c5b17b
Allow to validate the password_policy app
2016-09-01 10:18:00 +02:00
Roeland Jago Douma
21a87d3c2e
No body or content-length for 204 and 304 responses
...
See: https://tools.ietf.org/html/rfc7230#section-3.3
2016-08-31 23:07:48 +02:00
Joas Schilling
f9cea0b582
Merge pull request #797 from nextcloud/only-match-for-auth-cookie
...
Match only for actual session cookie
2016-08-31 15:59:16 +02:00
Roeland Jago Douma
a0af513a4a
Merge pull request #1201 from nextcloud/usermountcache-orphanedshare
...
[master] Usermountcache orphanedshare
2016-08-31 15:07:13 +02:00
Joas Schilling
e4311a2ebd
Merge pull request #608 from nextcloud/small-encryption-improvement
...
skip shared files, if files get decrypted only for a specific user we…
2016-08-31 12:30:37 +02:00
Vincent Petry
669b0bc2ae
Prevent error with orphaned shares when updating user mount cache
2016-08-30 19:49:23 +02:00
Lukas Reschke
57f9117843
Merge pull request #1087 from nextcloud/get-delay-twice
...
dont get bruteforce delay twice
2016-08-30 18:43:01 +02:00
Roeland Jago Douma
83490e90ef
Merge pull request #1089 from nextcloud/allow-to-prevent-previews
...
Check if the file isReadable() before sending a (cached) preview
2016-08-30 11:33:48 +02:00
Roeland Jago Douma
14136295b7
Cache avatars properly
...
* Set proper caching headers for avatars (15 minutes)
* For our own avatar use some extra logic to invalidate when we update
2016-08-30 09:00:16 +02:00
Morris Jobke
4afe4bda26
Merge pull request #891 from nextcloud/us_25810
...
[OC] Fix unmerged shares repair targetdecision
2016-08-30 08:22:34 +02:00
Roeland Jago Douma
7c7f862712
Merge pull request #1142 from nextcloud/fix-case-sensitive-settings
...
Fix issues where some user settings cannot be loaded when the user id…
2016-08-29 19:56:35 +02:00
Roeland Jago Douma
39749c0cd4
Merge pull request #1139 from nextcloud/clean-code-image
...
Some cleanup within OC_Image (#25875 )
2016-08-29 19:56:16 +02:00
Thomas Müller
82e8762c84
Fix issues where some user settings cannot be loaded when the user id differs in case sensitivity - fixes #25684 ( #25686 )
2016-08-29 14:33:16 +02:00
Thomas Müller
df1cc94c23
Some cleanup within OC_Image ( #25875 )
2016-08-29 14:31:59 +02:00
Jörn Friedrich Dreyer
d5518735c9
always return numeric storage id as int, also check type equality in test asserts
2016-08-29 14:20:51 +02:00
Robin Appelman
6c93fe08f5
dont get bruteforce delay twice
2016-08-29 13:36:49 +02:00
Joas Schilling
f41c8c0089
Check if the file isReadable() before sending a (cached) preview
2016-08-29 10:58:57 +02:00
Lukas Reschke
25f1fdb275
Merge pull request #847 from nextcloud/quota-mount-in-homefolder
...
fix quota calculation when a filesystem is mounted in a user home
2016-08-28 15:05:46 +02:00
Raghu Nayyar
9dc23592c3
Merge pull request #1105 from nextcloud/usermenu-ordering
...
fix ordering of user menu entries
2016-08-28 10:30:16 +02:00
Lukas Reschke
4d85ffc27c
Merge pull request #1054 from nextcloud/less-cache-hits
...
Reduce the number of cache operations for dav operations
2016-08-27 22:44:29 +02:00
Jan-Christoph Borchardt
0517f41b3f
fix ordering of user menu entries
2016-08-27 22:42:08 +02:00
Joas Schilling
89c78bbce4
Merge pull request #1031 from nextcloud/2fa-infinite-redirect-loop
...
prevent infinite redirect loops if the there is no 2fa provider to pass
2016-08-26 16:03:05 +02:00
Roeland Jago Douma
53725d4d15
Merge pull request #771 from nextcloud/theming-fixes
...
Theming: Fix missing color usage
2016-08-26 15:02:21 +02:00
Lukas Reschke
de6ab82766
Merge pull request #1080 from nextcloud/always_lazyroot
...
Always use the LazyRoot
2016-08-26 13:18:01 +02:00
Roeland Jago Douma
f805aff67c
Always use the LazyRoot
2016-08-26 12:13:34 +02:00
Julius Haertl
fdab008231
Remove internal from getThemingDefaults
2016-08-26 12:07:52 +02:00
Roeland Jago Douma
044d7c3bb7
Merge pull request #1026 from nextcloud/theming-extend-defaults
...
Theming: Add logo and background to ThemingDefaults
2016-08-26 11:53:24 +02:00
Robin Appelman
fb88d66857
optimize getUserFolder for the common case
2016-08-25 17:22:25 +02:00
Robin Appelman
2693ae870e
cache user folders
2016-08-25 17:22:25 +02:00
Robin Appelman
b2d365734a
cache root id in mountpoint
2016-08-25 17:22:25 +02:00
Joas Schilling
680d7f22bb
Merge pull request #1036 from nextcloud/query-logger-stack
...
add stacktrace to query logger
2016-08-25 16:43:08 +02:00
Robin Appelman
1c3b1e5797
add stacktrace to query logger
2016-08-24 14:37:15 +02:00
Roeland Jago Douma
4e1d501696
Dark autoloader magic for ThemingDefaults
2016-08-24 13:22:21 +02:00
Christoph Wurst
6af2efb679
prevent infinite redirect loops if the there is no 2fa provider to pass
...
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
2016-08-24 10:49:23 +02:00
Joas Schilling
c7c53aefb2
Use the lazy root to make tests pass 🙈
2016-08-24 09:52:05 +02:00
Julius Haertl
80fe499707
Theming: Add logo and background to ThemingDefaults
2016-08-24 00:40:22 +02:00
Lukas Reschke
2f1b17d44a
Merge pull request #1007 from nextcloud/shared-storage-non-recursive
...
Fix shared storage recursive setup
2016-08-23 22:15:38 +02:00
Robin Appelman
a0c2342c20
prevent infinite recursion while getting storage from mount
2016-08-23 14:52:18 +02:00
Lukas Reschke
3ed102497e
Merge pull request #995 from nextcloud/workflow-section
...
Workflow section + hidden empty sections
2016-08-23 11:20:43 +02:00
Lukas Reschke
0747e96b9c
Cache registered autoloaders
...
This saves more than 20ms (!) on every request, the previous problem was that `\OC_App::registerAutoloading` calls `\OC\AppFramework\App::buildAppNamespace` which parses the appinfo.xml. Since that was also called multiple times (e.g. on cloud.nextcloud.com over 200 times) that had a significant performance impact. Also on simple PROPFIND requests.
https://blackfire.io/profiles/compare/65a53e6e-7f35-4974-b559-4c81abd01c3b/graph shows the difference nicely.
2016-08-22 23:49:46 +02:00
Arthur Schiwon
b13092065a
hide parameters of tryLogin when logging
2016-08-22 16:45:07 +02:00
Joas Schilling
94432c089f
Save the container with the app's namespace so we can resolve it
2016-08-22 14:25:43 +02:00
Robin Appelman
e316a7ade7
Allow jail wrappers to lazily initialize the source storage
2016-08-22 12:26:27 +02:00
Robin Appelman
5e44a2d868
Allow storage wrappers to lazily initialize the source storage
2016-08-22 12:23:55 +02:00
Arthur Schiwon
056c1ab035
fix wrong var name
2016-08-22 11:24:48 +02:00
Arthur Schiwon
7972fa5527
enlist only registered sections that also have settings registered to
2016-08-22 08:29:49 +02:00
Lukas Reschke
d50e7ee36c
Remove reading PATH_INFO from server variable
...
Having two code paths for this is unreliable and can lead to bugs. Also, in some cases Apache isn't setting the PATH_INFO variable when mod_rewrite is used.
Fixes https://github.com/nextcloud/server/issues/983
2016-08-19 14:48:13 +02:00
Julius Haertl
162b153f22
Fix loading of ThemingDefaults
2016-08-19 11:26:22 +02:00
Morris Jobke
3ccd69707e
Merge pull request #865 from nextcloud/ocs_config
...
Move OCS route /config to proper controller
2016-08-19 09:39:05 +02:00
blizzz
3b6bbf8159
Merge pull request #934 from nextcloud/add-cachebusters
...
Add cachebusters
2016-08-18 15:45:22 +02:00
blizzz
53d3c8b635
Merge pull request #931 from nextcloud/replace-hardcoded-classname
...
let the containers resolving capabilities find and instantiate the ri…
2016-08-18 14:03:14 +02:00
Lukas Reschke
3c7d2544b9
Add cache buster to left menu bar
2016-08-18 12:34:55 +02:00
Arthur Schiwon
f86b20776a
let the containers resolving capabilities find and instantiate the right service
2016-08-18 11:56:19 +02:00
Joas Schilling
3dba40db7b
Fix "Undefined index" when the values do not exist
2016-08-18 11:53:26 +02:00
Roeland Jago Douma
3a17fabd04
Remove unused private classes
2016-08-18 09:37:11 +02:00
Lukas Reschke
5aaa065d6d
Merge pull request #848 from nextcloud/public-link-quota
...
fix getting quota for public links with quota_include_external_storage
2016-08-17 20:13:56 +02:00
Roeland Jago Douma
fe80bb1aff
Merge pull request #867 from nextcloud/notification-primary-action-always-first
...
Make sure the primary action is always the first one
2016-08-17 19:31:14 +02:00