Vincent Petry
2340660a5b
PasswordLoginForbidden must extend NotAuthenticated
...
The auth code from Sabre will forward NotAuthenticated exceptions but
in the case of a generic exception, it is packaged as "service not
available".
2016-06-17 15:50:24 +02:00
Christoph Wurst
5a8cfab68f
throw PasswordLoginForbidden on DAV
2016-06-17 11:30:24 +02:00
Christoph Wurst
82b50d126c
add PasswordLoginForbiddenException
2016-06-17 11:02:07 +02:00
Thomas Müller
0b7685d326
Move birthday calendar generation to a live migration job ( #25135 )
2016-06-16 16:14:28 +02:00
Christoph Wurst
465807490d
create session token only for clients that support cookies
2016-06-13 19:44:05 +02:00
Christoph Wurst
331d88bcab
create session token on all APIs
2016-06-13 15:38:34 +02:00
Vincent Petry
57b999fde7
Merge pull request #24990 from owncloud/fix_24868
...
Wrap publicwebdav in sharePermission mask
2016-06-10 14:33:06 +02:00
Vincent Petry
68c3b23e04
Merge pull request #24080 from owncloud/support-calendar-class-property
...
Extract CLASS property from calendar object and store it in the database
2016-06-10 11:22:11 +02:00
Vincent Petry
67c3a97401
Merge pull request #25046 from owncloud/fix-the-realm
...
Use the correct realm for basic authentication
2016-06-10 10:41:46 +02:00
Vincent Petry
543545505d
Merge pull request #25043 from owncloud/webdav-download-mimetype
...
DAV now returns file name with Content-Disposition header
2016-06-10 09:55:59 +02:00
Vincent Petry
1399e87d57
DAV now returns file name with Content-Disposition header
...
Fixes issue where Chrome would append ".txt" to XML files when
downloaded in the web UI
2016-06-09 15:51:41 +02:00
Thomas Müller
cf06b17df1
Use the correct realm for basic authentication - fixes #23427
2016-06-09 13:53:32 +02:00
Thomas Müller
f20c617154
Allow login by email address via webdav as well - fixes #24791
2016-06-09 12:08:49 +02:00
Thomas Müller
bfcd1dc49c
Filter confidential calendar objects in shared calendars
...
Filter private calendar objects in shared calendars
2016-06-09 11:09:14 +02:00
Thomas Müller
082f456b8b
Added unit testing for the migration step
2016-06-09 11:09:14 +02:00
Thomas Müller
369c3b5d7e
Implement classification migration as repair step
2016-06-09 11:09:14 +02:00
Thomas Müller
287e41732c
Bump dav app version and fix variable rename
2016-06-09 11:09:14 +02:00
Thomas Müller
f013cfc530
Add migration step
2016-06-09 11:09:13 +02:00
Thomas Müller
fbdec59f22
Extract CLASS property from calendar object and store it in the database
2016-06-09 11:09:13 +02:00
Robin Appelman
f119769c26
Better handling of forbidden files in dav
2016-06-07 14:01:55 +02:00
Vincent Petry
bf917d7063
Merge pull request #24813 from owncloud/delete-ghost-files
...
allow deleting "ghost files" trough the View and Node api
2016-06-07 09:34:16 +02:00
Thomas Müller
371a07e3ab
Fix checkMove() implementation for dav v2 - fixes #24776 ( #24971 )
2016-06-06 17:01:27 +02:00
Roeland Jago Douma
1b5368bbaf
Wrap publicwebdav in sharePermission mask
...
Fixes #24868
The writable mask was a bit misleading. We should wrap with the
sharepermissions (as they are used everywhere else). The
PERMISSIONS_SHARE are added since that is required for the public link
check plugin.
2016-06-06 14:39:02 +02:00
Robin Appelman
3bd5073251
add test for deleting ghost files over dav
2016-06-03 13:37:52 +02:00
Vincent Petry
3ff2bec5fa
Merge pull request #24935 from owncloud/2fa-block-dav
...
block DAV if 2FA challenge needs to be solved first
2016-06-02 15:31:18 +02:00
Joas Schilling
942e946f06
Catch the ForbiddenException to make sure it gets handled
2016-06-01 16:17:57 +02:00
Christoph Wurst
da03a85c3c
block DAV if 2FA challenge needs to be solved first
2016-06-01 10:42:38 +02:00
Lukas Reschke
aba539703c
Update license headers
2016-05-26 19:57:24 +02:00
Joas Schilling
5882e21b3b
Update DAV unit tests to PSR-4
2016-05-25 16:09:18 +02:00
Joas Schilling
42ba61db04
Fix local execution
2016-05-25 16:09:18 +02:00
Christoph Wurst
28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled
2016-05-24 17:54:02 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks
2016-05-24 11:49:15 +02:00
Vincent Petry
87fa86a69a
Merge pull request #24559 from owncloud/2fa
...
two factor auth
2016-05-23 20:50:03 +02:00
Vincent Petry
c10d8a37f7
Merge pull request #22690 from owncloud/fix-comments-href-remote.php-files
...
ensure comments-href returns a value also when propfind is done again…
2016-05-23 14:47:03 +02:00
Christoph Wurst
dfb4d426c2
Add two factor auth to core
2016-05-23 11:21:10 +02:00
Joas Schilling
54f8822670
Fix unit tests
2016-05-23 09:03:48 +02:00
Joas Schilling
c9fda84841
Make the root collection neutral so it does not only work for files
2016-05-23 09:03:48 +02:00
Joas Schilling
3a8e537946
Remove unused UserFolder
2016-05-23 09:03:47 +02:00
Vincent Petry
5963128342
Adjust DAV SystemTagPlugin unit tests for groups
2016-05-20 17:56:02 +02:00
Vincent Petry
91d4249ed8
Fix system tags DAV plugin tests
2016-05-20 17:56:02 +02:00
Vincent Petry
10fae3994a
Fix system tag update code
2016-05-20 17:56:02 +02:00
Vincent Petry
d7727cdc74
Add admin-only system tag groups property
...
For setting/getting system tag groups
2016-05-20 17:56:02 +02:00
Vincent Petry
88740f035d
Act on effective system tag canAssign permission
...
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.
This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Vincent Petry
03d32bc39b
Fix system tags DAV unit tests
2016-05-20 17:56:02 +02:00
Vincent Petry
bede872dbc
Bring back admin permissions to change system tag permissions
2016-05-20 17:56:02 +02:00
Vincent Petry
09b3883d9c
Updated canUser* functions in SystemTagManager to accept objects
2016-05-20 17:56:02 +02:00
Vincent Petry
8343cfb64b
Add interface methods for permission check
...
Instead of checking for admin perm, use interface method
canUserAssignTag and canUserSeeTag to check for permissions.
Allows for more flexible implementation.
2016-05-20 17:56:02 +02:00
Arthur Schiwon
2b30136ae9
ensure comments-href returns a value also when propfind is done against remote.php/files
2016-05-20 16:22:13 +02:00
Joas Schilling
dd9ee10bc0
Move dav app to PSR-4 ( #24527 )
...
* Move Application to correct namespace and PSR-4 it
* Move dav app to PSR-4
2016-05-12 09:42:40 +02:00
Christoph Wurst
0486d750aa
use the UID for creating the session token, not the login name
2016-05-11 13:36:46 +02:00