Commit Graph

1679 Commits

Author SHA1 Message Date
Christoph Wurst 5900e46f01
Turn off jQuery animations when testing 2016-04-18 10:41:02 +02:00
John Molakvoæ e11b39a248 Fix rgb values
Fix was required because values was too big for rgb and breaking the brightness calculation.
Now we have the initial sat (70%) and the reduction to 60 if too bright working again.
2016-04-18 09:29:42 +02:00
Christoph Wurst 3e1f1ccc76 downgrade jquery, update jquery-migrate 2016-04-15 13:55:23 +02:00
Christoph Wurst 621d1e2128 update jquery to version 2.2.3 2016-04-14 12:47:35 +02:00
Christoph Wurst 97d553b57a close navigation menu when opening app in new tab (#23914) 2016-04-14 11:53:20 +02:00
Christoph Wurst a2572ffec7 add loading feedback to user menu entries (#23916)
fixes #19857
2016-04-14 11:53:09 +02:00
Morris Jobke e03d289b70
Use 6 months as SSL STS header threshold
* this uses 6 months (6 * 30 * 24 * 60 * 60 = 15552000)
* old value was half a year (365 / 2 * 24 * 60 * 60 = 15768000)
* fixes #23957
2016-04-13 08:47:34 +02:00
John Molakvoæ 28571e6361 Updated color generator
Separated the main function to allow special use without dom manipulation.
2016-04-06 19:34:50 +02:00
Morris Jobke 1f7e02e4d4 Add detailed logs hidden and show them on request 2016-04-04 12:34:18 +02:00
Thomas Müller 1bf4c75e8b Show individual sql schema migration steps during upgrade - on web as well as on the command line 2016-04-04 12:34:18 +02:00
Stefan Weil 62a5952a72 core: Fix typos (found by codespell)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-04-04 10:57:17 +02:00
Jan-Christoph Borchardt a0e2eae7de Merge pull request #23638 from owncloud/new-placeholder-colours-generator
New colour generator
2016-04-03 12:26:22 +02:00
John Molakvoæ dcc28a3ad7 New colour generator 2016-04-01 18:00:47 +02:00
Vincent Petry 8d11c3b87b Merge pull request #23487 from owncloud/core-globalajaxerrorwhengoingaway
Detect user navigating away, don't interpret as ajax error
2016-04-01 17:03:55 +02:00
Vincent Petry 06e7856400 Adjust core unit tests for unload/reload cases 2016-03-23 10:53:40 +01:00
Thomas Müller 61c5717281 Merge pull request #23463 from owncloud/lets-consistently-use-no-referer
Consistently use rel=noreferrer
2016-03-23 09:14:54 +01:00
Vincent Petry d00f95578b Stronger fix for navigate away detection 2016-03-22 18:29:19 +01:00
Roeland Jago Douma cf3e740ae8 Fix js strings if group sharing is disabled 2016-03-22 17:13:34 +01:00
Vincent Petry 6ed8acb15d Firefox returns 303 on cross-domain redirect
Added 303 to catch SSO cross-domain redirect in Firefox.
2016-03-22 16:55:43 +01:00
Vincent Petry ad1167a44d Detect user navigating away, don't interpret as ajax error
Whenever a user navigates away, all ajax calls will fail with the same
result like a cross-domain redirect (SSO). To distinguish these cases,
we need to detect whether the error is a result of the user navigating
away. For this, we introduce a new flag that will be set in
"beforeunload".

Additional handling was required for false positives in case "beforeunload" is
used (ex: cancelled upload) and the user cancelled the navigation.
2016-03-22 16:54:01 +01:00
Thomas Müller 2db67c3308 Merge pull request #23386 from owncloud/share-keepoptioncheckboxinblocks
Keep share checkboxes together
2016-03-21 18:05:16 +01:00
Thomas Müller 86581f6626 Merge pull request #22065 from owncloud/systemtags-create-same-prefix
Allow creating tags where another one with same prefix exists
2016-03-21 11:15:49 +01:00
Lukas Reschke 6ad957906e Consistently use rel=noreferrer
When linking to external entities we should consistently use rel=noreferrer
2016-03-20 15:27:20 +01:00
Vincent Petry 9ef24b9a0f Keep share checkboxes together
- removed leading spaces before markup which can affect rendering in
  some cases
- added shareOption CSS class to group and keep share option checkbox +
  label
- moved ".showCruds" arrow into the matching shareOption to keep the
  arrow together with the checkbox
2016-03-18 11:59:57 +01:00
Lukas Reschke 2ca3c0d461 Adjust wording a bit
**Before:**
> Your PHP version (5.4.16) is no longer supported by PHP. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.

**After:**
> You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by the PHP Group as soon as your distribution supports it.

Fixes https://github.com/owncloud/enterprise/issues/1170
2016-03-11 17:39:35 +01:00
Roeland Jago Douma 19347187d8 Fix MKCOL for IE11 as well
Using https://github.com/owncloud/core/pull/22274 we have to patch the
iedavclient.js as well.
2016-03-10 13:36:26 +01:00
Thomas Müller 4324d302bc Merge pull request #22872 from owncloud/password-change-tooltip-text
Update error text for link passwords
2016-03-07 14:46:27 +01:00
Morris Jobke 49b7fc107a Update error text for link passwords
* this removes the old tooltip first before showing
  the new one to update the text - otherwise the old
  text will be shown
2016-03-04 18:11:42 +01:00
prastut aa8bdc7f14 trigger login if remember_login checked 2016-03-04 00:22:04 +05:30
Lukas Reschke 933f60e314 Update author information
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Thomas Müller 71e5de3865 Merge pull request #22677 from owncloud/allow-to-overwrite-single-l10n-string-via-theme
Allow to overwrite a single language string via the theme folder
2016-03-01 08:26:28 +01:00
Vincent Petry 0091df2bc8 Improved JS L10N bundle merging + tests 2016-02-29 17:39:21 +01:00
Joas Schilling 78570a5f72 Allow to overwrite a single language string via the theme folder 2016-02-26 13:56:02 +01:00
Thomas Müller c6c15ba825 Merge pull request #22608 from owncloud/collaborative-tags
Rename system tags app to collaborative tags
2016-02-26 10:47:40 +01:00
Joas Schilling 4471f359b1 Rename system tags app to collaborative tags 2016-02-26 09:14:28 +01:00
Vincent Petry b634f1e2c7 Make more action icons themable + style fixes
Action icons now appear properly in public link page.
More actions are now CSS icons.
2016-02-25 23:01:07 +01:00
Roeland Jago Douma 92cff0984d Make file actions use icon CSS classes
This makes theming of file actions possible
2016-02-25 22:49:52 +01:00
Vincent Petry 1add45ae6a Tweak tooltip style for recipients 2016-02-25 11:18:30 +01:00
Joas Schilling edbc1060ce Add the uid on hover for sharing autocomplete 2016-02-24 09:57:02 +01:00
Vincent Petry 27544144ce Fix unit tests affected by side effects
The notification tests were not restoring the clock properly, but
indirectly helped other tests pass.

Since now we're restoring the clock properly, the other tests were fixed
to still work.
2016-02-22 17:25:32 +01:00
Vincent Petry 8ea80e114a Accumulate notifications instead of blinking
This makes it possible to display multiple notifications.
If the options.type is set to "error", it will also add a close button.
2016-02-22 17:25:32 +01:00
Thomas Müller 8abdcb8085 Fix error ins source language strings
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/core/50786279
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/settings-1/50555028
2016-02-19 15:04:16 +01:00
Lukas Reschke 9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Thomas Müller 7af7d18cfa Merge pull request #16783 from owncloud/handle-redirects-global
Adding global error handler for ajax calls which run into redirection…
2016-02-17 14:49:04 +01:00
Thomas Müller 7b0f83b616 Merge pull request #22445 from owncloud/files-client-sendpropfindheaders
Files DAV client send propfind headers
2016-02-17 11:32:16 +01:00
Thomas Müller 92e5160003 Merge pull request #22452 from owncloud/fix_22441
Unlock sharee input field when sharing fails
2016-02-17 10:59:03 +01:00
Roeland Jago Douma a9a3947e61 Do not clear sharee input on failed share 2016-02-17 09:21:17 +01:00
Roeland Jago Douma e1fd86ccb6 Unlock sharee input field when sharing fails
Fixes #22441

When addShares fails (for whatever reason) we should unlock the sharee
input field so the user does not have to reload the page.
2016-02-17 09:21:12 +01:00
Vincent Petry 5575443be9 Fix redundant headers in files dav client
The defaultHeaders are already injected with the xhrProvider, so no need
to pass them again a second time.
2016-02-16 17:37:12 +01:00
Roeland Jago Douma d8f91b0e82 Allow searching for single user 2016-02-16 16:23:09 +01:00
Vincent Petry b8b77709c0 Add handler for global ajax errors 2016-02-15 12:48:47 +01:00
Thomas Müller 294dcb4eff Adding global error handler for ajax calls which run into redirections or unauthorized responses 2016-02-15 12:47:18 +01:00
Thomas Müller be65ba4089 Merge pull request #22383 from owncloud/better-sharee-translations
Do not use string concatination for translations
2016-02-15 11:16:16 +01:00
Thomas Müller 2054dbd4c8 Merge pull request #22350 from owncloud/fix_22304
WebUI feedback when sharing
2016-02-15 10:45:42 +01:00
Joas Schilling c8ddbc385c Do not use string concatination for translations 2016-02-15 09:20:15 +01:00
Roeland Jago Douma 33ef240b39 Search tags case insensitive
fixes: #22352

* Added unit tests
2016-02-14 20:41:39 +01:00
Thomas Müller 11707dffce Merge pull request #22351 from owncloud/fix_22277
show remote server on federated share auto-complete
2016-02-13 18:25:04 +01:00
Thomas Müller 761e9cf3a4 Merge pull request #21837 from owncloud/recipients-error-message
First try for shareWithField error message
2016-02-12 16:09:37 +01:00
Bjoern Schiessle 862e28f006 show remote server on auto complete 2016-02-12 15:52:51 +01:00
Roeland Jago Douma 92c131b481 Updated unit tests 2016-02-12 14:31:00 +01:00
Roeland Jago Douma 51b55d5320 Provide proper feedback when creating a share in the webUI
Fixes #22304

Creating a share is not instant (especially not for federated shares) so
we should show that something is happening in the webUI properly.
2016-02-12 14:01:15 +01:00
Roeland Jago Douma b786523bb7 Clear error when removing text 2016-02-12 10:25:42 +01:00
Roeland Jago Douma 113bfb0b07 Update tooltip on new search 2016-02-12 10:04:33 +01:00
Julian Müller de4824077e First try for shareWithField error message
Second try for ShareWithField error message
2016-02-12 10:04:30 +01:00
Roeland Jago Douma a823485638 Reload list of shares on directory change 2016-02-11 11:06:26 +01:00
Roeland Jago Douma f5be48d81d Calculate the share statuses in js from the OCS Response
Right now this is only done on page load. We should do it on each
directory traversal.
2016-02-11 11:03:11 +01:00
Roeland Jago Douma 1301ec9351 Only show link shares for the current user
Currently we have no way to display multiple links in the UI.
So just display the link share for the current user.

Fixes #22275
2016-02-10 16:00:55 +01:00
Roeland Jago Douma 630bee749b Only show link spinner if the share exists
If there is no share to delete do not set the spinner.
Fixes #21726
2016-02-10 11:08:15 +01:00
Lukas Reschke abc675d87e Move update notification code into app
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.

Furthermore also makes some more code unit-testable...
2016-02-09 18:05:51 +01:00
Vincent Petry e378a757ff Add system tags filter section for files app 2016-02-09 10:59:29 +01:00
Thomas Müller a35d5625e0 Merge pull request #22186 from owncloud/show-different-unsupported-failure-message
Don't show "report this to the community" when the upgrade is unsuppo…
2016-02-08 16:45:32 +01:00
Lukas Reschke 25aad470c1 Add message with reference to forum post 2016-02-08 10:45:46 +01:00
Morris Jobke 4032cc0166 Don't show "report this to the community" when the upgrade is unsupported
* fixes #21367
2016-02-08 09:19:16 +01:00
Vincent Petry 995a825dac Make JS Webdav work again with IE9-IE10 2016-02-05 14:48:10 +01:00
Thomas Müller f9aa5d2971 Merge pull request #22133 from owncloud/add-check-for-content
Add check for content
2016-02-04 17:40:31 +01:00
Thomas Müller e22b2d8b63 Merge pull request #22130 from owncloud/fix-jsunit-filesclient
Fix jsunit filesclient
2016-02-04 16:49:58 +01:00
Lukas Reschke 5ba6148bfe Add check for content
The response may be a redirect which is always followed by jQuery. Thus leading to false positives depending on the server configuration (e.g. when it issues a 302)

To prevent that there is also a check performed on the response content.
2016-02-04 16:13:27 +01:00
Vincent Petry 23f0515771 Fix JS DAV files client unit tests
Instead of trying to mock the promise, just stub davclient.js' request
object.
2016-02-04 15:39:18 +01:00
Vincent Petry 8782004742 Small fixes in Dav files client
Remove double leading slash in path.
Add utf-8 in default content type.
2016-02-04 15:38:54 +01:00
Faruk Uzun 6ffd8f3e0d Introduce some mimetypes for richdocuments
* application/vnd.lotus-wordpro
* application/vnd.visio
* application/vnd.wordperfect
* application/msonenote
2016-02-04 13:48:21 +02:00
Roeland Jago Douma aef43816c2 host and hostname are different things
host can contain the port (host of http://example.com:1234 is
example.com:1234) while hostname never contains a port. They can however
be similar. If you navigate to http://example.com then both host and
hostname will be example.com.

* Fixed docs
* added getHostName function
2016-02-03 11:28:07 +01:00
Vincent Petry d81c00304f Fix parsing empty Webdav property nodes
Return empty string instead of undefined
2016-02-02 18:01:15 +01:00
Vincent Petry 3b581b051f Expose display name in JS side
Adds a new method `OC.getCurrentUser` to get both the user id and
display name Could be used for a future Js
2016-02-02 18:01:15 +01:00
Vincent Petry 29386eccf9 Add pagination support for comments GUI 2016-02-02 18:01:15 +01:00
Vincent Petry 22be3867f1 Allow creating tags where another one with same prefix exists
When creating a new entry, compare the full tag name and not only the
prefix.
2016-02-02 10:42:35 +01:00
Vincent Chan 59cfeae2cd changed variables to lowercase 2016-02-02 10:32:50 +01:00
Vincent Chan faf48e42b7 Move data protection check to javascript
fixes #20199
2016-02-01 18:57:58 +01:00
Thomas Müller e23cd35019 Merge pull request #21953 from owncloud/make-enable_avatars-more-robust
Make enable_avatars setting more robust
2016-02-01 14:08:40 +01:00
matthias-g 41c87531ff Update explanation of how to enable debug mode 2016-01-30 18:26:10 +01:00
Thomas Müller 45609d95d4 Merge pull request #21992 from owncloud/share-dialog-error-handling
Properly forward error messages in share dialog
2016-01-29 14:42:57 +01:00
Joas Schilling c925bfdcd6 Trim tag names to avoid problems 2016-01-28 20:41:47 +01:00
Vincent Petry df3f6fee10 Properly forward error messages in share dialog 2016-01-28 17:18:33 +01:00
Vincent Petry 7e1de0e3c2 Fix share default expiration date calculation
Now using UTC dates with moment js to accurately add the number of days
2016-01-28 15:25:34 +01:00
Vincent Petry b063ddb05b Share dialog use OCS API 2016-01-28 15:25:34 +01:00
Thomas Müller de8852a760 Merge pull request #21958 from owncloud/systemtags-style
Use boxes for system tags, shorten permission text
2016-01-28 12:54:52 +01:00
Vincent Petry 1473e156f4 Use boxes for system tags, shorten permission text
Permission text now doesn't appear when all permissions are there, or
shows as "invisible" or "not assignable", which should better cover all
use cases.

Changed select2 style to use boxes in the input field.
2016-01-28 11:24:13 +01:00
Morris Jobke 1601d9235a Make enable_avatars setting more robust
* handles the setting in the same way everywhere
* fixes #21949
2016-01-27 15:17:25 +01:00
Vincent Petry 714d8c2424 Fix system tags conflict situations
Does not disrupt the UX whenever a tag or association was created
concurrently. The input field will adjust itself as if the tag was
already there in the first place.
2016-01-27 15:09:59 +01:00
Vincent Petry cfba90a78d Fix system tags proppatch with booleans
Backbone webdav adapter now converts booleans and ints to strings.

Fixed system tags to use "true" / "false" strings for booleans instead
of 1 / 0.
2016-01-27 11:09:43 +01:00
Joas Schilling 4ea0d3c05d Deprecate getFirstWeekDay() and getDateFormat() in favor of l() 2016-01-26 14:02:31 +01:00
Vincent Petry 0a1350d5ac System tags sidebar selector now respects permissions
For admins: display the namespace behind the tag name.
For users: no namespace, don't display non-assignable tags in the
dropdown, display already assigned non-assignable tags with a different
style
2016-01-25 10:45:02 +01:00
Vincent Petry d4198607ec Expose whether user is an admin through a method
Which is nicer than an obscure global variable
2016-01-25 10:07:47 +01:00
Thomas Müller 44043cb1d7 Merge pull request #21811 from owncloud/fix-unauthenticated-avatar
Show default placeholder if avatar image can't be fetched
2016-01-25 10:01:23 +01:00
Joas Schilling f108dbfa6a Move getDescriptiveTag to core 2016-01-21 15:56:25 +01:00
Morris Jobke b188de242e Show default placeholder if avatar image can't be fetched
* fixes owncloud/documents#601
* ref #14564
2016-01-20 15:18:57 +01:00
Vincent Petry ffba6d0a7e Added system tags GUI in sidebar
Added files details sidebar panel to assign/unassign/rename/delete
system tags.
2016-01-19 16:24:26 +01:00
Vincent Petry 8d41cbb97a Implement toggleselect extension for select2
To make it possible to toggle selected values inside the dropdown
2016-01-19 16:24:26 +01:00
Morris Jobke 6e096936e5 update JS humanFileSize to use KB instead of kB 2016-01-19 10:51:57 +01:00
Joas Schilling 50557b19b6 Run the command once again 2016-01-18 11:13:25 +01:00
Vincent Petry 857c316bda Backbone transport for Webdav 2016-01-16 11:28:04 +01:00
Thomas Müller b1ee51f255 Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
2016-01-13 10:33:58 +01:00
Thomas Müller c5a200c419 Merge pull request #21653 from owncloud/update-license-headers-2016
Update license headers 2016
2016-01-13 08:29:42 +01:00
Thomas Müller 682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Thomas Müller 2493cfede9 Merge pull request #21640 from owncloud/add-config-to-disable-wellknown-check
Add config switch to disable the .well-known URL check
2016-01-12 14:46:09 +01:00
Lukas Reschke 4d0dcd3c53 Add X-Download-Options and X-Permitted-Cross-Domain-Policies
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
2016-01-12 10:37:16 +01:00
Morris Jobke 8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Morris Jobke a6c7cdd75e Show the well-known URL check as info instead of error
* ref https://github.com/owncloud/core/pull/21562#issuecomment-170344549
2016-01-12 09:18:20 +01:00
Morris Jobke 0161928fc3 Add check for .well-known URL in the root of the webservers URL
* fixes #20012
2016-01-08 23:27:29 +01:00
Joas Schilling 334a6d57a3 Check the correct config for displaying the "notify by email" option 2016-01-08 14:15:06 +01:00
Roeland Jago Douma 6bd15856b2 Added js tests for the Sharee API usage 2015-12-30 10:46:19 +01:00
Roeland Jago Douma 49031e0744 Fix unit tests 2015-12-30 08:58:04 +01:00
Roeland Jago Douma f99fcd5dd6 Filter out share owner in sharee suggestion list 2015-12-30 08:58:04 +01:00
Roeland Jago Douma fa7996aa8a Web sharing uses sharee endpoint 2015-12-30 08:58:04 +01:00
Thomas Müller 9c4ab51735 Merge pull request #21364 from owncloud/bring_back_icons_filepicker
Get the icon in javascript for the filepicker
2015-12-28 10:21:58 +01:00
Roeland Jago Douma 2fc458479e [Avatars] Calculate 'sane' hue precissions
We used to get the numeric value of the entrire md5 string which is a
128bit integer. We would then devide this by the maxval of a 128bit int.

There is no need for such huge computations. As we just require a value
between 0 and 255. Thus using two 16 bit values is more than enough to
get the precision we need. By just taking the MSB we get nearly
identical results.
2015-12-24 10:50:12 +01:00
Roeland Jago Douma 9be43e10af Since the server no longer calculates the icon
The server no longer calculates the icon. So we have the js side do it
for us.
2015-12-24 08:59:32 +01:00
Lukas Reschke cebeb0e052 Fix unit tests
Fixes https://github.com/owncloud/core/issues/21345
2015-12-23 09:11:22 +01:00
Renaud Fortier 83899a5fa1 add _blank to href 2015-12-21 13:28:32 -05:00
Morris Jobke ed98cdf532 Use OCP\Util::getVersion instead of the internal private implementation 2015-12-18 15:26:54 +01:00
Roeland Jago Douma c64e827f00 Since avatar.js is now essentially empty remove it 2015-12-17 16:32:18 +01:00
Roeland Jago Douma 6248bad0f7 Add a default size to the avatar placeholders
This removed the need to do an avatar request on the "empty" row in the
user settings.
2015-12-17 16:30:23 +01:00
Thomas Müller 3bcaaa6c3a Merge pull request #21259 from owncloud/load_big_avatar_only_personal
Only load the big (128x128) avatar on the perosnal page
2015-12-17 16:07:50 +01:00
Thomas Müller 1285b78086 Merge pull request #21200 from owncloud/files-authorizationheader
Use Authorization headers for public webdav in web UI
2015-12-17 15:30:13 +01:00
Roeland Jago Douma a81836a42f Only load the big (128x128) avatar on the perosnal page
Before the code was executed on every page if a user was logged in. Now
only on the personal page. Thus saving a request on all other pages.
2015-12-17 13:55:22 +01:00
Vincent Petry 181ba7b4e1 Fix files UI mtime parsing from webdav 2015-12-16 17:44:16 +01:00
Vincent Petry ab9849e72f Use Authorization headers for public webdav instead of URL
Instead of prepending the token as username in the URL, use the
Authorization header instead. This is because IE9 considers this a
cross-domain call and refuses to do it in the first place.
2015-12-14 17:42:13 +01:00
Roeland Jago Douma e8d5eb65c6 Files can't have create permissions
Fixes #20839
2015-12-11 22:28:26 +01:00
Thomas Müller d6276faff6 Merge pull request #21014 from owncloud/share-unsharelinkpapercut
Fix unshare link click element
2015-12-08 08:39:33 +01:00
Thomas Müller b15d77c934 Merge pull request #21015 from owncloud/update-redirecttocorrectpage
Redirect to correct URL after updating
2015-12-07 19:55:45 +01:00
Thomas Müller 4100263bd6 Merge pull request #20996 from owncloud/issue-12215-remove-password-reset-when-not-possible
Issue 12215 remove password reset when not possible
2015-12-07 19:55:26 +01:00
Vincent Petry 69ab047f89 Redirect to correct URL after updating
Now requires a trailing slash to make sure we don't land on the
forbidden page.
2015-12-07 18:08:00 +01:00
Vincent Petry 5567b6cee2 Fix unshare link click element
When clicking on the unshare link (trash icon), the correct link element
needs to be used instead of whatever child was clicked. Then, that
element might contain a visible loading icon.

This fixes the spinner detection and also prevents a full page reload in
case the spinner was visible.
2015-12-07 17:58:17 +01:00
Vincent Petry 6735005be0 Fix duplicate bogus share field when link sharing is not allowed
Whenever link share is not allowed, it was outputting a bogus sharing
field which name would conflict with the regular sharing field.

This fix makes sure that the bogus sharing field with "Resharing not
allowed" message only appears when triggered by removed share
permissions.
2015-12-07 16:53:56 +01:00
Joas Schilling 87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Thomas Müller 9c550a07ed OC.FilePath has still a valid use case when generating paths to static files what for generateUrl cannot be used for - closes #15604 2015-12-07 12:23:42 +01:00
Thomas Müller f3d49a89fe Merge pull request #11131 from owncloud/use-phpini-wrapper
Replacing ini_get instances with inigetwrapper usages
2015-12-07 10:20:59 +01:00
Roeland Jago Douma 50d862e5d1 [Avatars] JS should not load same avatar twice
Old code first dit an ajax request to the avatar. Then a new image
object with the same src was created and since we do not cache avatars
yet :(  this resulted in 2 sequential requests to the exact same URL

Now if you set the displayname it will first set the placeholder and
then load the avatar in the background. Only once this time!
2015-12-04 10:42:11 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Vincent Petry b1ca431852 Fix for parsing pretty printed Webdav responses
Update davclient.js + adjust IE workaround for this
2015-11-24 15:26:53 +01:00