ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
29eeeb2273
Save the files external mount id in the mount cache table
2016-07-13 16:34:08 +02:00
0c0a216f42
store last check timestamp in token instead of session
2016-06-17 15:42:28 +02:00
c58d8159d7
Create session tokens for apache auth users
2016-05-31 17:07:49 +02:00
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
8646802850
Merge pull request #24696 from owncloud/lock-jobs-while-executing
...
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel
2016-05-21 01:59:25 +02:00
3cd65fe25d
Add systemtag_group table and get/set methods
...
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
c28e462583
Use CLOB for auth token names to allow long user agent strings
2016-05-12 11:19:17 +02:00
aa85edd224
increase token column width
...
add some range to time() assertions
2016-05-11 13:36:46 +02:00
8d48502187
Add index on 'last_activity'
...
add token type column and delete only temporary tokens in the background job
debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
3ab922601a
Check if session token is valid and log user out if the check fails
...
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
2fa5e0a24e
invalidate (delete) session token on logout
...
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
d8cde414bd
token based auth
...
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
b3ac81f134
exchange user_id_key for a unique one.
2016-02-26 01:02:22 +01:00
9250704ecb
add index definitions for comments tables
2016-02-24 21:48:12 +01:00
24c7f38a00
Make sure we can store strings as per the interface
2016-02-22 15:43:20 +01:00
2035a179bc
Add store/retrieve checksums
...
* Add extra db column to filecache
* Bump version
* Update filecache code to actually handle checksum
* Webdav code to store/retrieve checksums
2016-02-03 09:03:51 +01:00
01cdc70f9c
introduce comments read marke tables, comes with user cleanup after deletion
2016-01-29 13:08:02 +01:00
9b4c9a0357
Merge pull request #18531 from owncloud/ext-user-credentials
...
External storage 'Login credentials' auth mechanism
2016-01-22 13:14:14 +01:00
cf6ee1c866
cache mountpoints in the db
2016-01-20 16:30:22 +01:00
da4127d23b
Introduce CredentialsManager for storage of credentials in DB
...
CredentialsManager performs a simple role, of storing and retrieving
encrypted credentials from the database. Credentials are stored by user
ID (which may be null) and credentials identifier. Credentials
themselves may be of any type that can be JSON encoded.
The rationale behind this is to avoid further (mis)use of
oc_preferences, which was being used for all manner of data not related
to user preferences.
2016-01-18 11:10:41 +01:00
6c77d1734e
[Share 2.0] Update db structure to stay backwards compatible
2016-01-06 14:53:43 +01:00
08248f66ba
Merge pull request #20650 from owncloud/systemtags-core
...
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
b666367a79
Added system tags data structure and PHP side managers
...
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
5e8256beb8
[Sharing 2.0] Add a new db column for the file owner
...
We need to store the owner of a file in the db to do efficient queries
on the owner of a file. Without this we need to construct fill paths for
each file id in the table and see who the owner of a file is. Which does
not scale.
2015-11-25 13:17:02 +01:00
6bd343a3b7
DB scheme for Comments table, resolves #20265
2015-11-20 18:00:52 +01:00
6b6f19bb94
Drop unused table file_map
...
* used only for windows support
* windows support was dropped in 8.2.0 - see #17379
* was introduced in fd8cb9974b#18935
2015-11-05 08:21:53 +01:00
5ca690e2f8
Use integer for availability instead of bool
2015-09-15 10:18:32 +02:00
534b2e407a
Merge pull request #17662 from owncloud/locking-db
...
Database backend for locking
2015-08-26 03:56:37 +02:00
132a564a21
rename path field to key
2015-08-03 15:46:19 +02:00
96a9d171b3
Fix db schema
2015-08-03 14:13:36 +02:00
4ea7cbb0f5
Add database backend for high level locking
2015-08-03 14:13:35 +02:00
df19cabb44
Store storage availability in database
...
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.
Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
ff5bd9d918
Remove index on file_target of share table
...
* causes issues on InnoDB because it exceeds the maximal key length
of an index which is 767 (3-byte charset * varchar(512) = 1536)
* fixes #17619
2015-07-14 13:26:51 +02:00
4a37d565bd
Add indexes to speedup DB queries
...
* file_target is often used in the sharing code in JOIN statements for retrieval of shares
2015-07-08 18:04:10 +02:00
3ff484e695
we no longer support webdav locks - no need to keep the column
2015-03-12 15:23:44 +01:00
3cf237df67
set max argument length to 4000
2015-02-25 15:09:41 +01:00
6fc0eb0236
expand cron argument column to 2048
2015-02-25 15:08:40 +01:00
3a5b0a8cfc
Revert "Improve: Index for file_map"
...
This reverts commit c9b5608405
2015-02-13 15:15:28 +01:00
6039523cd6
Revert "Incorporate review changes"
...
This reverts commit f6a452cabf
2015-02-13 15:15:10 +01:00
f6a452cabf
Incorporate review changes
2015-02-12 19:14:54 +01:00
c9b5608405
Improve: Index for file_map
...
Added two indices for file_map, that improve syncing and uploading and deleting files
2015-02-12 19:12:08 +01:00
3e58f5df2e
Revert "add share index"
...
This reverts commit e19b3a8794
2014-07-17 20:56:06 +02:00
b4f40e4da0
shorten userid columns to 64 chars, ref #9186
2014-06-27 16:48:42 +02:00
da3974bcb2
- drop permissions table and related code
...
- the file/folder's permission is now stored in the file cache
- BackGroundWatcher has been removed - this has meanwhile be replaced by occ files:scan which can be executed in a cron jobs
- increase version to trigger database migration
2014-06-05 08:22:01 +02:00
e8ec81110d
Merge pull request #8806 from owncloud/add_share_index
...
add share index
2014-06-02 18:47:13 +02:00
a339855b4c
add another index to the filecache to reduce the number of queries without a matching index
2014-05-31 16:55:50 +02:00
e19b3a8794
add share index
2014-05-31 16:47:46 +02:00
a2e4bc8d33
# This is a combination of 2 commits.
...
# The first commit's message is:
adding tests for long paths
increment path field in database up to 4000 (maximum for Oracle - otherwise we could use php's 4096)
increment version to trigger database migration
adding unit test for too long path
# This is the 2nd commit message:
fix too long path
2014-05-28 15:30:44 +02:00
Lukas Reschke
Robin Appelman
Christoph Wurst
Vincent Petry
Joas Schilling
Arthur Schiwon
Roeland Jago Douma
Thomas Müller
Robin McCorkell
Morris Jobke
Robin McCorkell
Joas Schilling
Lukas Reschke
windaishi
Jörn Friedrich Dreyer
Frank Karlitschek