mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
22,254 Commits 349 Branches 696 Tags 1.6 GiB
JavaScript 49%
PHP 47.6%
Gherkin 1.2%
Vue 1.2%
CSS 0.6%
Other 0.4%
Go to file
Lukas Reschke 1c75b73239 Verify authentication before initializing apps and routing 
The current behaviour of the authenticion logic in base.php prevents REST APIs in ownCloud applications to work.

Because `!self::$CLI` is usually always a true statement the previously above block was entered which returned, thus the authentication logic for this part does not trigger in.

This can be reproduced by installing apps such as the News app and issuing the following command:

`curl -u admin:admin http://localhost/index.php/apps/news/api/v1-2/feeds`

The following parts needs to get throughly tested:

- [ ] OCS
- [ ] remote.php's DAV features
- [ ] Regular login features

This bug affects master and stable7. I'd propose that we merge this for 8.0 since this has the potential to break every component that relies on Basic Auth features. A backport would also be very nice.

Remark to myself: We really need to move out the authentication code for 8.1 out of base.php - I already have a local branch that does that somewhere which I will get in shape for 8.1... - This untested code is a night-mare.

Fixes itself.
 		2015-01-09 21:07:29 +01:00
.idea Add newline that was removed by 15be763d46 2014-12-10 09:38:32 +01:00
3rdparty@3c5c49860e update dbal to 2.5.0 2014-12-30 16:47:30 +01:00
apps Merge pull request #13204 from owncloud/enc_fix_key_lost 2015-01-09 18:40:51 +01:00
build cleaning up the build directory 2014-12-10 10:07:22 +01:00
config Merge pull request #12984 from owncloud/ldap-user-cleanup-master 2015-01-09 10:47:02 +01:00
core Merge pull request #13195 from owncloud/resharepermfix 2015-01-09 18:05:05 +01:00
l10n Remove *.pot 2014-11-10 11:33:20 +01:00
lib Verify authentication before initializing apps and routing 2015-01-09 21:07:29 +01:00
ocs OCS API for server-to-server sharing 2014-12-04 13:18:13 +01:00
search use cancelable timeout, on scroll only fetch next page if last query had any results 2015-01-06 15:18:41 +01:00
settings Fix js error in personal settings if there is no password field 2015-01-09 15:38:39 +01:00
tests Merge pull request #13208 from owncloud/hhvm-streamwrapper-exception 2015-01-09 18:02:28 +01:00
themes Gitorious => Github 2012-08-26 02:39:42 +03:00
.bowerrc ability to add bower resources 2014-11-03 20:54:40 +01:00
.gitignore Add provisioning_api app 2014-12-24 22:15:20 +01:00
.gitmodules use https as submodule url 2014-03-21 19:38:22 +01:00
.htaccess Add version to .htaccess 2015-01-08 12:49:02 +01:00
.jshintrc enable laxbreak option in jshintrc to comply with our coding guide lines 2014-11-04 12:51:54 +01:00
.scrutinizer.yml bower jquery-ui - exported changes to a separate css file 2014-12-13 09:47:34 +01:00
.user.ini Create .user.ini for PHP-FPM 2014-09-10 16:08:40 +02:00
AUTHORS Add myself as author 2014-09-19 17:24:12 +02:00
CONTRIBUTING.md Update music repo 2014-08-20 09:50:00 +02:00
COPYING-AGPL Really add AGPL file 2011-02-09 15:12:09 +00:00
COPYING-README correct icon license, we use Elementary icons, not Silk anymore 2014-07-15 11:35:49 +02:00
README.md Add some fancy translation chart 2014-12-16 19:55:42 +01:00
autotest-external.sh Setup a docker container that holds a webdav instance to test files_external 2014-12-17 21:50:35 +01:00
autotest-hhvm.sh Adding autotest-hhvm.sh 2014-12-18 10:21:15 +01:00
autotest-js.sh remove 'set -e' - causes issues during ci execution 2014-09-12 15:42:50 +02:00
autotest.cmd Restore the development config after running the tests 2014-12-02 12:41:33 +01:00
autotest.sh Correctly run all tests again when no file is specified 2014-12-09 16:36:41 +01:00
bower.json bump jquery.strengthify to 0.4.1 2015-01-06 13:48:58 +01:00
buildjsdocs.sh Added script to build the JS documentation 2014-10-31 13:27:36 +01:00
console.php Do not load apps when an upgrade is due 2014-07-24 16:53:30 +02:00
cron.php Use the TempManager to handle temporary files 2014-10-24 12:18:49 +02:00
db_structure.xml Revert "add share index" 2014-07-17 20:56:06 +02:00
index.html Try to prefer index.php over index.html in the same directory 2013-04-24 15:11:53 +02:00
index.php Make files non executable 2014-10-24 11:14:51 +02:00
indie.json add indie.json for Indie App Store listing 2014-06-29 22:03:24 +02:00
issue_template.md Also add secret 2014-12-19 10:57:46 +01:00
occ Use a more universal shebang 2014-11-19 17:34:03 +01:00
public.php Add sabredav plugin to check if a user has access to an app 2014-11-17 15:50:24 +01:00
remote.php Add sabredav plugin to check if a user has access to an app 2014-11-17 15:50:24 +01:00
robots.txt Add robot.txt 2013-01-28 16:39:53 -06:00
status.php reduce OC_Preferences, OC_Config and \OCP\Config usage 2014-12-08 22:42:37 +01:00
version.php 8.0 alpha 1 2015-01-01 23:07:16 +01:00

README.md

ownCloud

ownCloud gives you freedom and control over your own data. A personal cloud which runs on your own server.

Build Status on Jenkins CI

Git master: Build Status

Quality:

  • Scrutinizer: Scrutinizer Quality Score
  • CodeClimate: Code Climate

Installation instructions

http://doc.owncloud.org/server/7.0/developer_manual/app/index.html

Contribution Guidelines

http://owncloud.org/contribute/

Get in touch

Important notice on translations

Please submit translations via Transifex: https://www.transifex.com/projects/p/owncloud/

Transifex

For more detailed information about translations: http://doc.owncloud.org/server/7.0/developer_manual/core/translation.html