Commit graph

88 commits

Author SHA1 Message Date
Jan-Christoph Borchardt
241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Christoph Wurst
5c29fb16c0 Update composer autoloader
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst
d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Lukas Reschke
6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Joas Schilling
9871e4eaee
Kill dead code
> No tests found in class "Test\Share\MailNotificationsTest".

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:43:19 +02:00
Morris Jobke
10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager
Access list to share manager
2017-04-15 13:06:24 -05:00
Roeland Jago Douma
f40b9fa9bd Merge pull request #4330 from nextcloud/activities-for-password-mail-change
Add activities when email or password is changed
2017-04-14 08:16:43 +02:00
Morris Jobke
8e8b345fbd
Fix autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-13 16:28:07 -05:00
Lukas Reschke
8149945a91
Make BruteForceProtection annotation more clever
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
Roeland Jago Douma
6a519abde8
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 14:56:05 +02:00
Roeland Jago Douma
2cbac3357b
Offload acceslist creation to providers
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Lukas Reschke
54930ac926
Update static autoloadermap
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Björn Schießle
b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints
Discover federatedsharing endpoints
2017-04-12 16:01:07 +02:00
Lukas Reschke
3600dd4f52
Add IEMailTemplate to public OCP API
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 16:35:46 +02:00
Roeland Jago Douma
42f40659f6
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 15:04:15 +02:00
Lukas Reschke
8daf3d4a70
Update autoloader
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-07 12:03:47 -05:00
Robin Appelman
07449a4885
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 11:14:56 +02:00
Roeland Jago Douma
be6acbeb52
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-24 16:11:54 +01:00
Morris Jobke
f4ead7c7d3
Fix autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-22 12:08:41 -06:00
Joas Schilling
348d97dfd6 Merge pull request #3844 from nextcloud/unshare_event
Unshare event
2017-03-21 16:57:09 +01:00
Lukas Reschke
81c1522ad0
Update autoloader
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-20 10:20:13 +01:00
Roeland Jago Douma
57fc7f60d3
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-17 08:51:03 +01:00
Roeland Jago Douma
d6ce7ac465
Bump autoloader
Composer was updated so lets update the autoloader

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-09 14:21:38 +01:00
Robin Appelman
2a8e922d67 Merge pull request #3360 from nextcloud/dav-search
Implement webdav SEARCH
2017-03-08 13:09:19 +01:00
Morris Jobke
1bcd396679
Change language code for languages with only one translation
* then the language is not that specific and get also matched for fi
* fallback from fi_FI to fi is supported - the other way around not
* contains repair script
* contains tests for repair script
* fixes #869

Order results to make postgres happy

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-01 22:35:28 -06:00
Robin Appelman
d8c89688f4
autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-01 14:06:40 +01:00
Joas Schilling
b26568133f Merge pull request #3605 from nextcloud/single-user
Clean up single user mode
2017-02-24 08:52:26 +01:00
Morris Jobke
9533f4e5ed
Clean up single user mode
Single user mode basically disables WebDAV, OCS and cron execution. Since
we heavily rely on WebDAV and OCS also in the web UI it's basically useless.
An admin only sees a broken interface and can't even change any settings nor
sees any files. Also sharing is not possible.

As this is at least the case since Nextcloud 9 and we haven't received any
reports for this it seems that this feature is not used at all so I removed it.

The encryption commands now rely on the well tested maintenance mode.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:02:31 -06:00
Morris Jobke
2bbf3b18d9
cleanup old and not needed repair steps to speed up the update
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 22:35:18 -06:00
Morris Jobke
c2d3e12e23
Remove unneeded UpdateCertificateStore.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 21:26:59 -06:00
Robin Appelman
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
Morris Jobke
5bad417e57 Merge pull request #2044 from nextcloud/login-credential-store
Login credential store
2017-01-30 19:30:04 -06:00
Robin Appelman
90c011379c
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-27 10:51:00 +01:00
Robin Appelman
c76fe2b4f5
remote now unneeded AvatarPermissions repair step
Avatars are now stored in appdata

Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-26 19:24:55 +01:00
Morris Jobke
4253a9bde3
update autoloader static class files
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-19 16:12:09 -06:00
Christoph Wurst
a6dca9e7a0
add login credential store
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-11 19:20:09 +01:00
Roeland Jago Douma
c7f0063a70
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-11 11:02:11 +01:00
Morris Jobke
4dd2a1e679 Merge pull request #2943 from nextcloud/kill_old_preview_code
Cleanup old preview code
2017-01-10 13:50:14 +01:00
Robin Appelman
e40ecc1aa1
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-06 15:33:33 +01:00
Roeland Jago Douma
b8ab062ef3
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 09:42:40 +01:00
Joas Schilling
bf043deba3
Kill APC because it requires PHP 5.4
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 10:58:34 +01:00
Roeland Jago Douma
e19e7c08ad
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-04 20:56:13 +01:00
Morris Jobke
32f06ab415
update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-04 16:25:07 +01:00
Robin Appelman
a75cfb601e Merge pull request #2923 from nextcloud/remove-fakedir-stream
remove no longer used fakedir stream wrapper
2017-01-03 20:22:16 +01:00
Morris Jobke
8070ccc6f7
update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-03 19:00:05 +01:00
Robin Appelman
98fd6e0e2f
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-28 19:22:44 +01:00
Lukas Reschke
6947410b6f
Update autoloader files
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 19:46:18 +01:00
Joas Schilling
bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 11:42:16 +01:00
Joas Schilling
69575f099c
Update autoloading
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-13 13:56:30 +01:00
Roeland Jago Douma
e3d6b4fe1c
Fixed correct filename of MoveAvatarsBackgroundJob
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-13 12:46:58 +01:00