Christoph Wurst
0299ea0a96
Handle token insert conflicts
...
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.
As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-26 12:07:12 +01:00
blizzz
b1dffc5c2d
Merge pull request #17896 from nextcloud/fix/noid/consider-create-group-result
...
take group creation result into consideration
2019-11-25 17:16:40 +01:00
Arthur Schiwon
7b1eedb11e
take group creation result into consideration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-25 14:01:20 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes
...
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Roeland Jago Douma
3c1bcd551d
Fix the tests after #18029
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-21 22:31:45 +01:00
Roeland Jago Douma
5c4b2a2436
Merge pull request #18029 from nextcloud/feature/public-post-login-event
...
Make the post login event public
2019-11-21 12:39:42 +01:00
Roeland Jago Douma
da25ed997e
Do not check for updates if we have no internet
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:30:59 +01:00
Christoph Wurst
535000aac6
Make the post login event public
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-20 18:43:09 +01:00
Roeland Jago Douma
b367027798
Do pagination on the dummy group backend
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 08:08:01 +01:00
Roeland Jago Douma
1bd688a9d1
Use dummy backend in test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-18 11:54:26 +01:00
Robin Appelman
066faaec05
fix folder delete
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:46 +01:00
Robin Appelman
43fa746ad9
dont create empty filecache extended rows
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:43 +01:00
Robin Appelman
1b6e647b63
expose filecache extension data in FileInfo
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:32 +01:00
Robin Appelman
842da3f183
store filecache extension fields
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 11:30:44 +01:00
Daniel Calviño Sánchez
2f49806c20
Add unit tests for "getAllShares()"
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-30 14:27:41 +01:00
John Molakvoæ (skjnldsv)
ea6f423e2c
Extend data returned when searching remote shares
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma
5122629bb0
Make renewSessionToken return the new token
...
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Johannes Koenig
2df8d646c1
make TrustedDomainHelper case insensitive
...
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
blizzz
47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
...
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst
de6940352a
Move settings to an app
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
Roeland Jago Douma
cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
...
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Roeland Jago Douma
6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
...
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman
35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
...
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that
Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman
733d4b6cca
dont delete cache entries if deleting an object from object store failed
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Roeland Jago Douma
210a0554a2
Use the actual password to update the tokens
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Greta Doci
68ef242a0a
Fixed the SecurityTest error
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-15 12:04:28 +02:00
Roeland Jago Douma
2b98eea129
Harden identifyproof openssl code
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
Roeland Jago Douma
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
...
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma
41cbb05aea
Split personal security settings in code
...
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Arthur Schiwon
1cc6f34d88
adapt file hooks test to eventdispatcher utilization
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
Roeland Jago Douma
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
...
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
...
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman
8ef5a366ec
add MAX and MIN to functionbuilder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Roeland Jago Douma
0ff08810d9
Log/FileTest does not require the DB
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
Arthur Schiwon
d33e0be2f1
adjust test expectations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
Daniel Kesselberg
773778dd8c
Add default timeout to expected request options
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
Roeland Jago Douma
3f12ec95f0
SessionMiddleware: declare session property
...
* Remove request since we don't useit
* Update tests as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
Roeland Jago Douma
505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
...
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
Arthur Schiwon
4bd83c9a28
adjust tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
Joas Schilling
db968cb1d4
Cleanup the Settings class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
Roeland Jago Douma
7927aebdeb
Fix report of phpstan in Limiter
...
* unneeded arguments to constructor
* added return types
* let automatic DI do its work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Roeland Jago Douma
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Scott Shambarger
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
Roeland Jago Douma
f81817b47d
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma
cf647451e5
Update CSP test cases to handle the new form-action
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00