75bc25f906
Allow apps to create custom session handlers.
2014-05-12 11:08:28 -04:00
3cd32dcb7c
adding X-Robots-Tag to all responses of ownCloud + move addSecurityHeaders() to OC_Response, which seems to be a more reasonable place
2014-05-12 15:14:01 +02:00
fd5b2d11d6
Rename issubdirectory to isSubDirectory
2014-05-11 15:50:59 +02:00
e1e1009ccc
Redirect to index if the logout link is accessed without valid session
...
This is needed to prevent "Token expired" messages while login if a session is expired
@see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
2014-05-11 13:09:46 +02:00
73b914ddbc
Add CSRF check on login and logout
...
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
2014-05-04 13:56:21 +02:00
906061a07b
Merge pull request #8171 from owncloud/fix-import
...
be nice and use a relative import so people can use the class without fi...
2014-05-02 22:43:19 +02:00
7c0340c63c
Merge pull request #7852 from josh4trunks/basic_auth_fix
...
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-28 21:46:52 +02:00
6935364b33
add class Pimple to autloader
2014-04-28 20:57:44 +02:00
1d9ac38da6
Remove an added t by the github webeditor
...
Notice to myself: Stick to my IDE.
2014-04-27 16:41:09 +02:00
7a8bfeae6e
Grammatical fixes
2014-04-27 16:31:04 +02:00
b6612ef04a
Clarify the trusted_domain error page
2014-04-26 23:11:29 +02:00
ff0dab6e92
This adds one more missing untranslated text from lib/share
...
Also displays the untrusted domain warning in English
2014-04-24 01:42:18 +02:00
e88731a477
Some more PHPDoc fixes
2014-04-21 15:44:54 +02:00
c123dc7de4
Fix typo
...
Thanks @DeepDiver1975
2014-04-14 10:15:31 +02:00
387d46cb98
Typo + Line breaks
2014-04-13 12:54:26 +02:00
df67a04385
Move security headers to base.php
...
Some headers were currently only added to the templates but not to other components (e.g. SabreDAV / JSON / etc...)
The migration to base.php ensures that the headers are served to all requests passing base.php
2014-04-13 11:51:03 +02:00
647abe512b
reduce code duplication, fix parse error, prevent page reload on hitting enter while changing the display name - refs #8085
2014-04-07 14:04:16 +02:00
5b402aa846
Fixed Typo
2014-04-03 22:12:57 -07:00
a266144750
Don't always $cookie_path, only set it when needed
2014-04-03 22:12:57 -07:00
d1106f1749
cookie would be useless if value is not set
2014-04-03 22:12:57 -07:00
63df8354da
Don't to set the cookie it wasn't needed.
2014-04-03 22:12:57 -07:00
4ddf5d92f2
Fixes login / logout when HTTP Basic Headers are avilable.
2014-04-03 22:12:57 -07:00
d0012e729a
Merge pull request #7879 from owncloud/sharing_cleanup_public_api
...
sharing api cleanup, first step
2014-03-28 12:23:11 +01:00
5fa8f7cf12
Merge pull request #7107 from owncloud/load-apps-proper-master
...
Load apps proper master
2014-03-28 10:33:55 +01:00
b602662578
add a "helper" and a "hooks" class. Move constants needed by multiple classes
...
to a "constants" class
2014-03-25 17:47:24 +01:00
4c8a83e82f
Merge pull request #7714 from owncloud/phpunit-config
...
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-24 13:01:37 +01:00
96e6cb3db4
all authentication apps are loaded at first - everything else relies on these apps
2014-03-21 15:00:25 +01:00
6ff96b34ad
Merge branch 'master' into load-apps-proper-master
...
Conflicts:
apps/files/ajax/rawlist.php
cron.php
ocs/v1.php
2014-03-21 14:05:08 +01:00
36c0f08ec0
Merge pull request #7732 from owncloud/datafolderexistence
...
Added .ocdata file to check for data folder validity
2014-03-20 11:31:28 +01:00
756bbe8786
Merge pull request #7649 from owncloud/routing-public
...
Move routing classes to an interface and expose it in the public api
2014-03-17 21:07:05 +01:00
b619ff6076
Return 503 when a config/data dir error exists
2014-03-14 21:05:15 +01:00
a8eb7a5092
Allow setting the config dir to use as enviroment variable for phpunit
2014-03-13 13:33:09 +01:00
8048868bd7
use preDelete instead of postDelete hook
2014-03-13 03:14:42 +01:00
26793e1f94
switch OC::getRouter usages to OC::$server->getRouter
2014-03-10 14:06:47 +01:00
8ab7d18a6a
Move the router classes to a namespace and expose it with a public interface
2014-03-10 14:04:58 +01:00
ba3f5fe53a
Merge pull request #7583 from owncloud/trusteddomainerrorpage
...
[master] Show warning page when accessing server from an untrusted domain
2014-03-07 10:37:16 +01:00
421cff00bd
Show warning page when accessing server from an untrusted domain
...
Added early check for the requested domain host and show a warning
page if the domain is not trusted.
2014-03-06 11:51:08 +01:00
32b29c9d73
Merge branch 'master' into fix-7307
...
Conflicts:
core/js/router.js
settings/js/admin.js
2014-03-06 00:15:08 +01:00
1291303c5a
Replace OC.Router.generate() with OC.generateUrl()
2014-03-02 22:30:24 +01:00
da19109f40
Config to disable basic_auth username chacking
...
This can be confusing and/or annoying
2014-02-26 18:06:13 +01:00
7f05c23231
Merge pull request #3760 from IMM0rtalis/remove_logout_redirect_slash
...
- removed slash-adding for logout-header-redirect
2014-02-26 16:05:09 +01:00
27ad69eea5
Merge branch 'master' into no-css-js-delivery-via-php
2014-02-21 14:01:24 +01:00
fbea02bebb
kill $coreStyles and $coreScripts
2014-02-20 14:18:01 +01:00
bf22ed7bdb
kill old minimizer code
2014-02-20 13:10:56 +01:00
3e2c56157b
reduce width of searchbox on mobile, fix overlap, fix #7282
2014-02-20 11:33:46 +01:00
2a6a9a8cef
polish documentation based on scrutinizer patches
2014-02-06 17:02:21 +01:00
79fc4f3126
Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging
2014-02-06 11:34:27 +01:00
0db5fead8e
remove some more global variable $RUNTIME_NOAPPS
2014-02-06 10:04:18 +01:00
afbe50d09c
remove global variable $RUNTIME_NOAPPS - it's just superfluous
2014-02-06 09:44:13 +01:00
3c80071807
Merge pull request #4795 from owncloud/setup
...
Move core setup code to controller class
2014-02-04 06:04:21 -08:00
cf5277b558
also load error handler if debugging is enabled
2014-02-03 12:08:28 +01:00
bca725dc32
Merge branch 'master' into setup
...
Conflicts:
core/setup.php
2014-01-31 16:43:12 +01:00
0a1708ba11
Merge pull request #6912 from owncloud/replace-webroot-in-css
...
Remove %webroot% from CSS
2014-01-27 04:11:15 -08:00
9fa788c452
Merge pull request #6736 from owncloud/tests-jsunittests
...
Added Javascript unit tests
2014-01-23 12:43:05 -08:00
25e9b7a742
add icons.css file, first step to get rid of %webroot%
2014-01-23 12:55:39 +01:00
164915a3f8
Move test config folder to tests/config
2014-01-20 13:41:52 +01:00
6b4c3df087
Load a separate config (if present) when running unit tests
2014-01-17 14:40:48 +01:00
350214c609
Added Javascript unit tests
...
- added karma utility to run jasmine unit tests
- added Sinon library (for stubs/mocks/fakeserver)
- added a few unit tests for core and files
- added autotest-js.sh script
2014-01-16 17:12:29 +01:00
c3829dfa61
rename user-id to loginname to stay consistent
2014-01-09 10:29:21 +01:00
e0bd7e145c
Remove @ in order to get proper error handling
2014-01-07 16:24:05 +01:00
214aecac78
require composer's autoload.php if present
2014-01-05 21:49:08 +01:00
4c45c6f418
dont try to register background jobs if we haven't upgraded yet
2013-12-13 17:15:18 +01:00
f26ba5846d
coding style
2013-12-13 16:58:16 +01:00
dcfda5c2a9
coding style
2013-12-13 16:58:09 +01:00
91d6a6dd7c
On webdav sesssions, loginname was compared to username which does not need to match necessarily
2013-12-13 16:58:03 +01:00
df1a404466
Fix webroot for update page
...
On the update page, config.js was missing which caused oc_webroot to not
be available. That would trigger the faulty oc_webroot fallback that
didn't take URLs like "/owncloud/index.php/files/apps" into account.
This fix adds config.js in the update page and also a fix for the
oc_webroot fallback, in case it is used elsewhere.
2013-12-13 12:56:48 +01:00
9c4bbf9ad7
Revert "Revert "Fix user's displayName being overwritten by (old) cookie""
...
This reverts commit eba35d28cd
2013-12-05 20:53:11 +01:00
eba35d28cd
Revert "Fix user's displayName being overwritten by (old) cookie"
...
This reverts commit 2a7380cc21
2013-12-05 16:12:46 +01:00
2a7380cc21
Fix user's displayName being overwritten by (old) cookie
2013-12-05 14:18:32 +01:00
9fbccc83e3
merge master into single-user-mode
2013-11-25 21:25:04 +01:00
71c1327691
Add "single user mode" which restricts access to users in the admin group
...
This can be enabled by setting 'singleuser' to true in config.php
2013-11-25 15:08:24 +01:00
317d421874
provide more cli friendly error messages
2013-11-25 13:04:23 +01:00
4a2f9636cf
Merge pull request #5773 from owncloud/fix-2152-master
...
Make working en_US.UTF-8 locale a hard requirement
2013-11-21 08:03:21 -08:00
49cd5dad24
add trash bin and file versions delete hooks in OC::registerPreviewHooks
2013-11-12 14:08:55 +01:00
a6d8854d2a
Make working en_US.UTF-8 locale a hard requirement
2013-11-08 14:30:08 +01:00
4f24d4ba01
display the exception instead of meaningless message
2013-11-04 21:55:55 +01:00
eb3c5070c0
replace template function link_to_docs() with \OC_Helper::linkToDocs()
2013-11-02 19:11:46 +01:00
06b42f9788
Merge pull request #5443 from owncloud/fix-autoloader-caching
...
Remove Autoloader Cache Hack. Do not use Cache on Install.
2013-11-01 05:35:34 -07:00
b6bb2b26dd
Make "Please contact your system administrator" a full sentence.
2013-11-01 11:35:02 +01:00
c61d328ab9
Merge pull request #3889 from owncloud/apps_preload
...
Don't load the apps when we need to upgrade
2013-10-28 03:17:52 -07:00
3917d18980
Merge pull request #5528 from frisco82/changeUpadateNotification
...
Changed update message to be more instructive
2013-10-24 10:28:17 -07:00
3a81c8e3af
Changed update message to be more instructive, changed update style to be less aggresive
...
Fix br tags
Improve english messages
2013-10-24 19:21:40 +02:00
54e9d8c306
Merge pull request #5507 from owncloud/webdav-removeredirectfromindex
...
Remove WebDAV redirect from the root path
2013-10-24 10:05:21 -07:00
c186f33428
Remove WebDAV redirect from the root path
...
This will prevent people mounting the root path.
They should use the full webdav path instead.
Fixes #4923
2013-10-24 10:34:09 +02:00
086b82bd69
Fixed sharing dropdown placeholders in IE8/9
...
Added jquery.placeholder shim to handle input field placeholders in IE8/9
2013-10-23 18:51:25 +02:00
f5e2b92688
Only use autoloader cache when 'instanceid' is available.
2013-10-22 11:17:15 +02:00
eb6637682e
Inject memoryCache into Autoloader. Remove recursion-prevention hack.
2013-10-22 11:17:15 +02:00
148d2616e5
introduce link_to_docs() and migrate links
2013-10-21 21:29:45 +02:00
33c4747fdf
Use display name from magic cookie, fixes #4884
2013-10-18 13:36:33 +02:00
fdeef5e874
Merge branch 'master' into fixing-appframework-master
...
Conflicts:
lib/private/appframework/middleware/security/securitymiddleware.php
tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php
2013-10-16 15:45:55 +02:00
6f8dd54788
Include exception message in log entry when session fails to start
2013-10-12 09:15:08 +01:00
cf7ea4bec5
Handle ownCloud logging when data dir not created
2013-10-11 17:16:37 +01:00
cb110c0679
Log the session exception when ownCloud is not installed
2013-10-11 16:45:58 +01:00
0641365a10
Merge pull request #4780 from AxelRb/master
...
On an auth failure the uid and the IP address should be logged to the st...
2013-10-10 07:21:36 -07:00
9b0454380c
changed the argument to false for getValue , reformated else statement
2013-10-10 14:15:13 +02:00
053b55721d
Merge branch 'master' into fixing-appframework-master
2013-10-08 12:13:24 +02:00
fda37ea09c
PHPDoc added
2013-10-07 00:32:08 +02:00
a90ea2c069
Merge remote-tracking branch 'origin/master' into setup
2013-10-02 18:23:59 +02:00
621ab1c7ee
fixing various PHPDoc comments
2013-10-02 15:04:42 +02:00
8c77cd1901
remove obsolete function login()
2013-10-02 14:49:14 +02:00
4cecede13d
code cleanup - remove special case for webdav in handleApacheAuth()
2013-10-02 00:55:35 +02:00
7e9e23f210
Merge branch 'master' into apache-auth-master
2013-10-02 00:21:11 +02:00
d8ada370d7
Squashed commit of the following:
...
commit ae1f68ac54cf2878d265b2bbce13bd600d2d0719
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date: Thu Aug 22 11:45:27 2013 +0200
fixing undefined variable
commit 982f327ca10eea0a2222eae3e74210648591fd8a
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date: Wed Aug 7 12:00:14 2013 +0200
adding login.php as alternative for index.php/login
commit da0d7e1d096fb80789524b01f0f96fe08d147943
Author: Thomas Müller <thomas.mueller@tmit.eu>
Date: Wed Aug 7 11:36:12 2013 +0200
adding a route for web login
commit 8e2a01160485cf7e9a2eb8bf46f06fae73956e8e
Author: Karl Beecher <karl@endocode.com>
Date: Tue Aug 6 17:00:28 2013 +0200
Login attempt returns true instead of exiting immediately
commit fd89d55de9e71e986e03a0de9aad9407b632e22f
Author: Karl Beecher <karl@endocode.com>
Date: Mon Aug 5 15:31:30 2013 +0200
Further abstraction.
This change introduces the ApacheBackend interface for backends that
depend on Apache authentication and session management. There are no
longer references to specific backends in OC_User.
commit 469cfd98aea5a37985722cf5f9e00ece0ce38178
Author: Karl Beecher <karl@endocode.com>
Date: Thu Aug 1 15:46:36 2013 +0200
Make login attempt function protected.
commit d803515f19ff086e2028fcaa51afae579685e596
Author: Karl Beecher <karl@endocode.com>
Date: Wed Jul 31 16:00:22 2013 +0200
Amends the login link
When using a Shibboleth login, clicking logout displays a message to the
user instead of ending the session.
commit aa8c1fcea05c8268f26a10b21c4e0bc547c3414f
Author: Karl Beecher <karl@endocode.com>
Date: Tue Jul 30 13:15:59 2013 +0200
Abstract Shibboleth authentication into an Apache authentication method
commit 69082f2ebcab267f6e8eceb1a252f84c52236546
Author: Karl Beecher <karl@endocode.com>
Date: Tue Jul 30 11:22:26 2013 +0200
Convert spaces -> tabs
commit 5a80861d86855eec5906fd5e235ac4ff12efb0f2
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 17:40:48 2013 +0200
Separate the authentication methods
SABRE authentication and base authentication have slightly different
workings right now. They should be refactored into a common method
later, but time pressure requires us to reinvent the wheel slightly.
commit dc20a9f8764b103b7d8c5b713f2bcdae18708b65
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 17:07:07 2013 +0200
Authenicate calls to WebDAV against Shibboleth.
When using WebDAV, the OC_Connector_Sabre_Auth::authenticate method is
normally called without trying the Shibboleth authentication... thus the
session is not established.
The method now tries Shib authentication, setting up a session if the
user has already authenticated.
commit 091e4861b2246c4084c9b30e232289fde4ba1abf
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 14:04:54 2013 +0200
Sets up the Shibboleth login attempt.
commit bae710ec0579ef99b23022cc12f6876c5fe6b0d5
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 12:36:44 2013 +0200
Add a method for attempting shibboleth login.
If the PHP_AUTH_USER and EPPN environment variables are set, attempt a
Shibboleth (passwordless) login.
commit 667d0710a7854e58fb109201d9cee6ec064e793a
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 11:38:04 2013 +0200
Revert "Adds the apps2 folder with user_shibboleth backend."
This reverts commit 7abbdb64676d667b0c69aca37becdc47e56dc7ef.
commit 7abbdb64676d667b0c69aca37becdc47e56dc7ef
Author: Karl Beecher <karl@endocode.com>
Date: Mon Jul 29 11:28:06 2013 +0200
Adds the apps2 folder with user_shibboleth backend.
Conflicts:
core/templates/layout.user.php
lib/base.php
2013-10-01 14:29:01 +02:00
02d6976263
Merge branch 'master' into lib-private-master-2
2013-09-30 21:29:58 +02:00
b58a464b86
Merge pull request #4967 from owncloud/dont_remember_login_if_enc_enabled
...
don't remember login if the encrypion app is enabled
2013-09-30 10:53:41 -07:00
9c9dc276b7
move the private namespace OC into lib/private - OCP will stay in lib/public
...
Conflicts:
lib/private/vcategories.php
2013-09-30 16:36:59 +02:00
db39fede97
Merge branch 'master' into appframework-master
...
Conflicts:
apps/files/lib/helper.php
apps/files_trashbin/lib/helper.php
2013-09-25 09:52:12 +02:00
c486fc7608
introduce OC_Util::rememberLoginAllowed()
2013-09-24 18:01:34 +02:00
b693b5085c
don't remember login if the encrypion app is enabled because the user
...
needs to log-in again in order to decrypt his private key with his password
2013-09-24 13:08:55 +02:00
8e26f291a7
Merge pull request #4684 from owncloud/improved-console
...
Use more object oriented way for console commands
2013-09-19 14:22:32 -07:00
09d043729a
Note to self 2: Do as you preach. Test!
2013-09-18 15:02:25 +02:00
79cd655920
Note to self: Test before pushing!!!
2013-09-18 14:50:21 +02:00
534933ee9b
Use new emitter system
2013-09-18 13:15:38 +02:00
fe86182dac
OC_Cache namespace changes and add UserCache to server container.
...
Refs #4863
2013-09-17 17:46:33 +02:00
5d4e9e0d25
/OC/Server has created too early causing issues with config operations as OC:$SERVERPATH was not yet initialized
...
This fixes unit test execution
2013-09-15 23:07:18 +02:00
ad82a56f79
Merge branch 'master' into appframework-master
2013-09-15 21:18:59 +02:00
5b3388c7c4
Merge branch 'master' into appframework-master
2013-09-13 20:56:49 +02:00
c9c5e1b97f
Merge branch 'master' into oc_avatars
2013-09-12 07:41:44 +02:00
8ae612f693
Move core setup code to controller class
2013-09-10 20:19:42 +02:00
7810e27dad
Changed default behaviour to not log IP address in case of an auth failure. Can be configured in OC conf now.
...
Log level changed to warning .
2013-09-10 11:07:26 +02:00
0cd6473909
On an auth failure the uid and the IP address should be logged to the standard log file.
...
This update works for a standard setup, when using a proxy for the server one can probably use the X-forwarded-for header
instead of the remote address.
2013-09-09 15:35:39 +02:00
e9849270e3
Revert "fixes #4574"
...
This reverts commit 81a45cfcf1
2013-09-06 00:28:13 +02:00
820fd42161
Merge branch 'master' into oc_avatars
2013-09-04 12:56:40 +02:00
e5fc7b9dbe
Merge branch 'master' into clean_up_util
...
Conflicts:
lib/base.php
2013-09-02 07:58:06 +02:00
76b1b5b6a3
Provide 'enable_avatars' in config.php, to disable avatars
2013-09-01 18:17:14 +02:00
0aba549e7f
Use more object oriented way for console commands
2013-09-01 16:40:50 +02:00
5d653753bd
Merge branch 'master' into oc_avatars
2013-08-31 12:56:36 +02:00
a9d6b59307
Merge branch 'master' into appframework-master
2013-08-31 01:38:44 +02:00
8ef40277b2
Merge master into oc_preview
2013-08-30 18:11:18 +02:00
0f5df181a3
Merge pull request #4661 from owncloud/separate-app-styles
...
Move CSS for apps and browser-specific fixes out of main styles.css
2013-08-30 09:08:25 -07:00
95f42d6544
Merge pull request #4578 from houbaastef/master
...
fixes #4574
2013-08-30 06:20:07 -07:00
7d398ba622
Use the real username in preferences and magic cookie instead of case-insensitive user input. Fixes 4616.
2013-08-30 11:45:16 +02:00
9c23ed580a
move CSS for browser-specific fixes out of styles.css into new fixes.css
2013-08-30 11:42:32 +02:00
cc8e19ad11
move CSS for apps out of styles.css into new apps.css
2013-08-30 11:38:49 +02:00
0c708be76b
Use defaultavatars
2013-08-29 14:26:11 +02:00
b7758d0f8d
Merge master into oc_preview
2013-08-29 10:50:55 +02:00
3fd2df4088
Only enable logrotate when configured. Also rotate size is settable.
2013-08-28 17:41:27 +02:00
42f3ecb60f
Check for installed state before registering the logrotate background job
2013-08-28 17:11:43 +02:00
b5e2842e00
Very simple log rotation
2013-08-28 17:11:43 +02:00
45076edf4f
Merge pull request #3891 from owncloud/fix_loadAppScriptFile
...
Check if the app is enabled and the app path is found before trying to l...
2013-08-28 06:10:06 -07:00
9843c8e838
Merge pull request #4434 from owncloud/fix_octemplate_escaping
...
Fix octemplate string escaping.
2013-08-28 03:59:43 -07:00
a995e81686
Merge branch 'master' into appframework-master
2013-08-26 21:31:15 +02:00
81a45cfcf1
fixes #4574
2013-08-26 15:16:41 +02:00
6ffa2a28d0
Merge branch 'master' into oc_preview
2013-08-23 23:10:37 +02:00
ba029ef4b2
initial setup of the server container
2013-08-21 00:58:15 +02:00
f1518a54df
Merge branch 'master' into clean_up_util
...
Conflicts:
lib/util.php
2013-08-20 17:20:30 +02:00
65d802329f
Fix some naming and spacing in lib/util.php
2013-08-18 10:33:09 +02:00
9c5416fe4a
Clean up \OC\Util
...
- Use camelCase
- Add some phpdoc
- Fix some indents
- Use some more spacing
2013-08-15 15:57:32 +02:00
ca495758bd
Fix octemplate string escaping.
2013-08-14 23:06:43 +02:00
7425efade7
Merge branch 'master' into oc_preview
...
Conflicts:
3rdparty
lib/template.php
2013-07-30 00:34:36 +02:00
ringmaster
Thomas Müller
Lukas Reschke
Bernhard Posselt
Volkan Gezer
josh4trunks
Vincent Petry
Bjoern Schiessle
icewind1991
Robin Appelman
Georg Ehrke
kondou
Bart Visscher
Jan-Christoph Borchardt
Jörn Friedrich Dreyer
Morris Jobke
Arthur Schiwon
Nico Kaiser
Andreas Fischer
Ramiro Aparicio
Tom Needham
Axel Roenn
Thomas Tanghus
Stephane Martin
Stephane Martin