server

Author	SHA1	Message	Date
Patrick Conrad	1806baaeaf	Remove cookies from Clear-Site-Data Header In `2f87fb6b45` this header was introduced. The referenced documentation says: > When delivered with a response from https://example.com/clear, the following header will cause cookies associated with the origin https://example.com to be cleared, as well as cookies on any origin in the same registered domain (e.g. https://www.example.com/ and https://more.subdomains.example.com/). This also applies if `https://nextcloud.example.com/` sends the `Clear-Site-Data: "cookies"` header. This is not the behavior we want at this point! So I removed the deletion of cookies from the header. This has no effect on the logout process as this header is supported only recently and the logout works in old browsers as well. Signed-off-by: Patrick Conrad <conrad@iza.org>	2018-10-15 14:46:06 +02:00
Björn Schießle	1ce8672276	Merge pull request #11714 from nextcloud/lookupserver-and-global-scale always query the lookup server in a global scale setup	2018-10-15 12:14:04 +02:00
Morris Jobke	8177fdb0f6	Merge pull request #11765 from nextcloud/feature/mandatory-2fa-for-groups Mandatory 2FA for groups	2018-10-15 10:58:05 +02:00
Morris Jobke	e36d4a990d	Merge pull request #10439 from eugulixes/improve-encrypt-all-and-decrypt-all-commands Check if TTY is invalid in encryption:encrypt-all and encryption:decrypt-all	2018-10-15 09:15:58 +02:00
Christoph Wurst	83e994c11f	Make it possible to enforce mandatory 2FA for groups Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-15 08:22:52 +02:00
Roeland Jago Douma	5b61ef9213	Disallow unsafe-eval by default Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-14 20:45:34 +02:00
Evgeny Golyshev	ec2f02f4a0	Check if TTY is invalid in encryption:encrypt-all and encryption:decrypt-all Signed-off-by: Evgeny Golyshev <eugulixes@gmail.com>	2018-10-14 15:06:14 +03:00
Bjoern Schiessle	1b0b159685	add more tests Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	2018-10-12 16:11:48 +02:00
Joas Schilling	16817f3743	Make activity events strict Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-10-12 12:12:12 +02:00
Roeland Jago Douma	2a690db553	Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings Add admin interface to enforce 2FA	2018-10-10 20:40:30 +02:00
Bjoern Schiessle	fd5fc24da2	some small fixes and improvements Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	2018-10-10 16:07:01 +02:00
Christoph Wurst	67c3730fbb	Add admin interface to enforce 2FA Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-10 14:34:52 +02:00
Roeland Jago Douma	d5bf2c4523	Move normalizePath to regexes instead of looping This is IMO a bit more readable and it seems to make the code faster. Tested it on the company instance where there are over 3k calls to this function. It shaves off around 10ms. The advantage here is that the pattern gets optimized by php itsel and cached. Also looking for all patterns at the same time and especially no longer looping for /./ patterns should save time. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-10 13:23:59 +02:00
Bjoern Schiessle	9e76d4049a	adjust tests Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	2018-10-09 18:31:33 +02:00
Roeland Jago Douma	c97b4274cc	Add function to generate urls for OCS routes fixes #11617 The OCS routes are only absolute for now as they are often exposed to the outside anyway and are on a different endpoint than index.php in anyway. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-09 15:41:50 +02:00
Christoph Wurst	3f2cd13beb	Remove HHVM check Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-09 10:12:15 +02:00
Morris Jobke	db345e4c6d	Deprecate unused, private OC_Helper::linkToPublic Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-10-08 18:29:52 +02:00
Morris Jobke	fe2a600823	Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation adjust Calendar resource / room interfaces to use class implementation	2018-10-08 17:00:50 +02:00
Morris Jobke	bae3ba3b25	Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section Rename admin security section	2018-10-08 13:57:38 +02:00
Christoph Wurst	b1b43aa7bc	Fix reference to template in tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-08 11:27:22 +02:00
Morris Jobke	7971ba5cc6	Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors Switches the default logo color depending on the primary color	2018-10-08 10:33:22 +02:00
Christoph Wurst	5d2fdfe0b5	Rename admin security section Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-08 10:31:51 +02:00
Georg Ehrke	970242b6ca	RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server Signed-off-by: Georg Ehrke <developer@georgehrke.com>	2018-10-08 01:50:17 +02:00
Georg Ehrke	1c6f666bbf	adjust Calendar resource / room interfaces to use class implementation Signed-off-by: Georg Ehrke <developer@georgehrke.com>	2018-10-08 01:25:20 +02:00
Roeland Jago Douma	60a34179c9	Remove deprecated publishActivity function Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-05 12:55:45 +02:00
Roeland Jago Douma	b574d1c814	Move files_versions to compiled handlebars templates Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-04 09:53:45 +02:00
Roeland Jago Douma	d281f2625d	Move Comments to compiled handlebars Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-04 09:53:44 +02:00
Roeland Jago Douma	78273cb1e6	Add an endppoint for clients to request an app password Now that we allow enforcing 2 factor auth it make sense if we also allow and endpoint where the clients can in the background fetch an apppassword if they were configured before the login flow was present. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-03 19:05:20 +02:00
Morris Jobke	8ede3f6346	Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work Allow overwrite.cli.url without trailing slash	2018-10-02 23:39:30 +02:00
Morris Jobke	6b730b4c47	Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3 Apptoken v3: imrpove token handling on external password change	2018-10-02 21:45:10 +02:00
Roeland Jago Douma	19f84f7b54	Add tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-02 19:50:54 +02:00
Roeland Jago Douma	00e99af586	Mark token as invalid if the password doesn't match Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-02 19:50:44 +02:00
Morris Jobke	7005ff420e	Fix tests Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-10-02 18:37:57 +02:00
Michael Weimann	a45ec3d324	Refactors the scss svg functions Signed-off-by: Michael Weimann <mail@michael-weimann.eu>	2018-10-02 08:37:55 +02:00
Michael Weimann	d855c38e07	Moves the logo files to logo Signed-off-by: Michael Weimann <mail@michael-weimann.eu>	2018-10-02 08:37:54 +02:00
Morris Jobke	6080d9d80a	Merge pull request #11462 from nextcloud/feature/11380/2fa_backup_code_generation Add notification to generate 2FA backup codes	2018-10-01 18:13:23 +02:00
Roeland Jago Douma	956fe1b867	Generate backups code notification if not enable but 2fa is Generate a notification to generate backup codes if you enable an other 2FA provider but backup codes are not yet generated. * Add event listner * Insert background job * Background job tests and emits notification every 2 weeks * If the backup codes are generated the next run will remove the job Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-01 15:35:25 +02:00
Morris Jobke	5394d4400f	Merge pull request #11501 from nextcloud/coverage_no_composer Do not cover composer folders for code coverage	2018-10-01 14:53:44 +02:00
Roeland Jago Douma	2c8cd69b6f	Do not cover composer folders for code coverage Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-01 11:47:11 +02:00
Jan-Christoph Borchardt	9b8e884b19	Change wording of 'Copy URL' to more understandable 'Copy link' Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>	2018-10-01 11:02:12 +02:00
Daniel Kesselberg	9dae927b0c	Add more test cases Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-09-30 12:24:38 +02:00
Christoph Wurst	259c0ce11d	Add mandatory 2FA service/class Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-09-30 11:47:29 +02:00
Daniel Kesselberg	c275beeceb	Allow url without / for overwrite.cli.url Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-09-28 22:32:19 +02:00
John Molakvoæ (skjnldsv)	f5f31e221c	Fix class selector for acceptance tests Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2018-09-28 08:20:10 +02:00
Christoph Wurst	f71ffc73db	Remove unused constructor argument Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-09-27 09:44:21 +02:00
Christoph Wurst	0259792614	Reduce settings manager complexity by loading sections via DI Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-09-27 09:44:21 +02:00
Roeland Jago Douma	1fecea6c08	Also test enabling of the Antivirus App for files Since there is no calendar release for 15 yet we should use an app that we can quickly release for 15 as well. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-09-26 22:05:42 +02:00
blizzz	ff55bcdad5	Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot Extract logic for webroot into method and add test	2018-09-26 15:22:30 +02:00
Morris Jobke	ee73f6c416	Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php Consider openssl settings from config.php	2018-09-25 18:04:20 +02:00
Christoph Wurst	7586b19e52	Only allow 2FA state changs if providers support the operation Ref https://github.com/nextcloud/server/issues/11019. Add `twofactorauth:cleanup` command Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-09-25 09:54:20 +02:00

1 2 3 4 5 ...

4901 commits