Commit Graph

50 Commits

Author SHA1 Message Date
Daniel Calviño Sánchez bfb2a914d2 Honour "hide download" in the public share page
When the "hide download" property of a share is set the public share
page will not show the download button nor the menu with the download,
direct link and "Add to your Nextcloud" actions; the "downloadURL"
hidden field will not be included either in the generated HTML.

Despite that, note that the "downloadURL" parameter is still set and
passed to the template, as this could be needed anyway to generate
previews (for example, of audio files).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-10-30 15:18:55 +01:00
Roeland Jago Douma c237a3f003 Expose hide download to public page
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 15:18:55 +01:00
John Molakvoæ (skjnldsv) b6981dcecb
Merge branch 'master' of https://github.com/nextcloud/server into gridview-table
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 16:44:20 +02:00
John Molakvoæ (skjnldsv) e0dde083d0
Public fixes, request & default to grid
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-10-23 08:43:02 +02:00
Joas Schilling 3febeb6ca7
Use lax CSP when the share is a talk share
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-22 10:57:55 +02:00
Roeland Jago Douma bee5bbbf0e
Move files_drop to compiled handlebars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-16 08:27:06 +02:00
Roeland Jago Douma 335efcc43b
Move to 1 template file for files
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 17:15:07 +02:00
Roeland Jago Douma ae1250f422
Compile filesummary handlebars
Fixes #11030
For https://github.com/orgs/nextcloud/projects/18

This template is now compiled so this no longer has to happen in the
browser. Another step towards a stricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-27 20:16:08 +02:00
John Molakvoæ (skjnldsv) ac2c925231
Fix mobile view and add public share note view
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-08-24 16:45:40 +02:00
MartB 5109743383 Fix multiSelectMenu for public shares #10536
Signed-off-by: Martin Böh (MartB) <mart.b@outlook.de>
2018-08-06 12:42:13 +02:00
Daniel Calviño Sánchez 96108ab858 Add event to load additional scripts in the auth page for public shares
Before the public share authentication page is rendered now an event to
load additional scripts is dispatched. Thanks to this any app can load
its own scripts that, when run on the browser, adjust as needed the page
generated by the server.

Note, however, that during the handling of the event apps are only able
to add scripts or styles to be loaded; they can not render arbitrary
content on the page, or change how the content is rendered by the
original template; all those changes have to be done by the scripts at
run-time.

This implies that the scripts of the apps can use only those parameters,
like the token of the share, added to the page when it is generated by
the "publicshareauth" template. Due to this, and given that the event is
being introduced to be used by Talk to inject the UI needed to request
the password for a share, the token of the share is now provided in the
generated page, just like done in the public share page.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-07-24 14:04:22 +02:00
Bjoern Schiessle 4f59c8e8ae
show note on public link page
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-07-21 15:02:18 +02:00
Roeland Jago Douma 9f658febca
Fix ShareControllerTest
* Removed tests that are now handled by the middleware
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 31392c2443
Move public auth page over
Now this is in core so the basics (that 99% of the app will want to
use) looks always the same.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 366981fba6
Move public preview endpoint over
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 53a1b9a84e
Quick hack to make the files sharing app work with this properly
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-20 08:53:37 +02:00
Roeland Jago Douma 8c47a632e0
Allow updating the token on session regeneration
Sometimes when we force a session regeneration we want to update the
current token for this session.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-14 08:09:36 +02:00
Roeland Jago Douma d6d0e60136
Regenerate session id after public share auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-17 22:07:20 +02:00
Julius Härtl eb19899f8e
Move common menu templates to public API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-04-05 11:09:19 +02:00
John Molakvoæ (skjnldsv) 4c2aff0807
fixup! Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-03-01 13:12:24 +01:00
John Molakvoæ (skjnldsv) 8c69d783e0
Fixed tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:35:42 +01:00
John Molakvoæ (skjnldsv) a0641e43dc
fixup! Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:08:25 +01:00
John Molakvoæ (skjnldsv) fb890807c0
Sharing: redirect to download after authentification if requested
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-02-28 17:05:55 +01:00
Julius Härtl 4a1cbefc90
Fix files_sharing tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:53 +01:00
Julius Härtl 8a13851da8
Use PublicTemplateResponse for files_sharing
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-02-27 12:25:52 +01:00
Morris Jobke d3d045dd5c
Remove unused import statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-14 16:55:43 +01:00
Roeland Jago Douma 20844c828a
Show open graph preview in WhatsApp
Whatsapp is picky about the size of the open graph images.
So we do some special handling.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-02-12 10:42:18 +01:00
Morris Jobke eb51f06a3b
Use ::class statement instead of string
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-29 12:03:47 +01:00
Morris Jobke 6bbea33133
Simplify ternary operator statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 12:36:25 +01:00
Morris Jobke 31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Roeland Jago Douma 2e443c97af
Use the new direct endpoint for the og:image
Some providers had issues when using the preview link (since it was
double encoded).

Now we actually serve the max size preview so it looks better

The image isn't cropped anymore so supporting platforms can just embed
the whole image.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-31 21:00:36 +01:00
Roeland Jago Douma 638be96232
Do not error when downloading from a numeric public subfolder
Fixes #6820

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-30 21:06:35 +01:00
Sascha Sambale 30460b52df
Updated OpenGraph title to display folder name instead of a nextcloud standard text
When sharing a folder via Facebook, WhatsApp or any other platform that makes use of OpenGraph, the display title was "Nextcloud - a safe home for all your data" and the description was the actual name of the folder. This should not be the case, so the display title has been changed to display the folder name and the description now displays the former OpenGraph title.

Signed-off-by: Sascha Sambale <mastixmc@gmail.com>

Fixing whitespaces and empty line.
2017-10-25 18:33:27 +02:00
Roeland Jago Douma 4077f684e1
Only have direct preview urls for image files
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 21:47:09 +02:00
Roeland Jago Douma 894958e3e2
For images we have a preview for use the preview link
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:50 +02:00
Joas Schilling 80febeae21 Fix comparisons in the sharing app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Stephan Müller 7cf3dc4e29 do not show hyphen in og:title if slogan does not exist 2017-07-14 15:26:44 +02:00
Lukas Reschke 727688ebd9
Adjust existing bruteforce protection code
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Morris Jobke 5b4adf66e5
Move OC_Defaults to OCP\Defaults
* currently there are two ways to access default values:
  OCP\Defaults or OC_Defaults (which is extended by
  OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
  it hard to work on theme values
* this extended the public interface with the missing
  methods and uses them everywhere to only rely on the
  public interface

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-09 21:43:01 -05:00
Lukas Reschke 5c7ad6d3ec
Merge some CSS files using our SCSS compiler
This saves around 4 requests on the average page load.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-21 16:35:31 +01:00
Bjoern Schiessle ed55b87b65
add brute force protection for public link authentication
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-25 18:17:08 +01:00
Maxence Lange 43374292b1 update phpdoc
Signed-off-by: Maxence Lange <maxence@pontapreta.net>
2016-12-12 16:15:13 -01:00
Maxence Lange 9ef8d25e46 Download a file in a subfolder in a sharedlink is not working
the $node created using the path (GET) parameter is not used when executing fileListDownloaded()
2016-12-11 18:32:28 -01:00
Lukas Reschke 9def8225c0
Fix image_src link
The link in the image_src link (used for previews on Social Media such as Facebook) was still using the old route. This changes it to use the new route.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-28 16:20:57 +01:00
Joas Schilling bdaf334c53
Move file sharing activities to the new API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-16 16:45:08 +01:00
Bjoern Schiessle 087dab85b4
add activity for share by mail
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-08 15:42:07 +01:00
Vincent Petry 7e701504be
Remove upload_limit in files app as it is not needed with PUT upload (#26069)
The web UI now uses for PUT uploads which aren't restricted by PHP's
upload_max_filesize and post_max_size

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 20:43:35 +01:00
Roeland Jago Douma f589f1a1d6
Move files_sharing Controllers => Controller
lib/Controller is the default location for controllers. So lets put them
all in there.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 11:46:25 +02:00