Commit graph

1763 commits

Author SHA1 Message Date
Vincent Petry
d00f95578b Stronger fix for navigate away detection 2016-03-22 18:29:19 +01:00
Roeland Jago Douma
cf3e740ae8 Fix js strings if group sharing is disabled 2016-03-22 17:13:34 +01:00
Vincent Petry
6ed8acb15d Firefox returns 303 on cross-domain redirect
Added 303 to catch SSO cross-domain redirect in Firefox.
2016-03-22 16:55:43 +01:00
Vincent Petry
ad1167a44d Detect user navigating away, don't interpret as ajax error
Whenever a user navigates away, all ajax calls will fail with the same
result like a cross-domain redirect (SSO). To distinguish these cases,
we need to detect whether the error is a result of the user navigating
away. For this, we introduce a new flag that will be set in
"beforeunload".

Additional handling was required for false positives in case "beforeunload" is
used (ex: cancelled upload) and the user cancelled the navigation.
2016-03-22 16:54:01 +01:00
Thomas Müller
2db67c3308 Merge pull request #23386 from owncloud/share-keepoptioncheckboxinblocks
Keep share checkboxes together
2016-03-21 18:05:16 +01:00
Thomas Müller
86581f6626 Merge pull request #22065 from owncloud/systemtags-create-same-prefix
Allow creating tags where another one with same prefix exists
2016-03-21 11:15:49 +01:00
Lukas Reschke
6ad957906e Consistently use rel=noreferrer
When linking to external entities we should consistently use rel=noreferrer
2016-03-20 15:27:20 +01:00
Vincent Petry
9ef24b9a0f Keep share checkboxes together
- removed leading spaces before markup which can affect rendering in
  some cases
- added shareOption CSS class to group and keep share option checkbox +
  label
- moved ".showCruds" arrow into the matching shareOption to keep the
  arrow together with the checkbox
2016-03-18 11:59:57 +01:00
Lukas Reschke
2ca3c0d461 Adjust wording a bit
**Before:**
> Your PHP version (5.4.16) is no longer supported by PHP. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.

**After:**
> You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by the PHP Group as soon as your distribution supports it.

Fixes https://github.com/owncloud/enterprise/issues/1170
2016-03-11 17:39:35 +01:00
Roeland Jago Douma
19347187d8 Fix MKCOL for IE11 as well
Using https://github.com/owncloud/core/pull/22274 we have to patch the
iedavclient.js as well.
2016-03-10 13:36:26 +01:00
Thomas Müller
4324d302bc Merge pull request #22872 from owncloud/password-change-tooltip-text
Update error text for link passwords
2016-03-07 14:46:27 +01:00
Morris Jobke
49b7fc107a Update error text for link passwords
* this removes the old tooltip first before showing
  the new one to update the text - otherwise the old
  text will be shown
2016-03-04 18:11:42 +01:00
prastut
aa8bdc7f14 trigger login if remember_login checked 2016-03-04 00:22:04 +05:30
Lukas Reschke
933f60e314 Update author information
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Thomas Müller
71e5de3865 Merge pull request #22677 from owncloud/allow-to-overwrite-single-l10n-string-via-theme
Allow to overwrite a single language string via the theme folder
2016-03-01 08:26:28 +01:00
Vincent Petry
0091df2bc8 Improved JS L10N bundle merging + tests 2016-02-29 17:39:21 +01:00
Joas Schilling
78570a5f72 Allow to overwrite a single language string via the theme folder 2016-02-26 13:56:02 +01:00
Thomas Müller
c6c15ba825 Merge pull request #22608 from owncloud/collaborative-tags
Rename system tags app to collaborative tags
2016-02-26 10:47:40 +01:00
Joas Schilling
4471f359b1 Rename system tags app to collaborative tags 2016-02-26 09:14:28 +01:00
Vincent Petry
b634f1e2c7 Make more action icons themable + style fixes
Action icons now appear properly in public link page.
More actions are now CSS icons.
2016-02-25 23:01:07 +01:00
Roeland Jago Douma
92cff0984d Make file actions use icon CSS classes
This makes theming of file actions possible
2016-02-25 22:49:52 +01:00
Vincent Petry
1add45ae6a Tweak tooltip style for recipients 2016-02-25 11:18:30 +01:00
Joas Schilling
edbc1060ce Add the uid on hover for sharing autocomplete 2016-02-24 09:57:02 +01:00
Vincent Petry
27544144ce Fix unit tests affected by side effects
The notification tests were not restoring the clock properly, but
indirectly helped other tests pass.

Since now we're restoring the clock properly, the other tests were fixed
to still work.
2016-02-22 17:25:32 +01:00
Vincent Petry
8ea80e114a Accumulate notifications instead of blinking
This makes it possible to display multiple notifications.
If the options.type is set to "error", it will also add a close button.
2016-02-22 17:25:32 +01:00
Thomas Müller
8abdcb8085 Fix error ins source language strings
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/core/50786279
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/settings-1/50555028
2016-02-19 15:04:16 +01:00
Lukas Reschke
9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Thomas Müller
7af7d18cfa Merge pull request #16783 from owncloud/handle-redirects-global
Adding global error handler for ajax calls which run into redirection…
2016-02-17 14:49:04 +01:00
Thomas Müller
7b0f83b616 Merge pull request #22445 from owncloud/files-client-sendpropfindheaders
Files DAV client send propfind headers
2016-02-17 11:32:16 +01:00
Thomas Müller
92e5160003 Merge pull request #22452 from owncloud/fix_22441
Unlock sharee input field when sharing fails
2016-02-17 10:59:03 +01:00
Roeland Jago Douma
a9a3947e61 Do not clear sharee input on failed share 2016-02-17 09:21:17 +01:00
Roeland Jago Douma
e1fd86ccb6 Unlock sharee input field when sharing fails
Fixes #22441

When addShares fails (for whatever reason) we should unlock the sharee
input field so the user does not have to reload the page.
2016-02-17 09:21:12 +01:00
Vincent Petry
5575443be9 Fix redundant headers in files dav client
The defaultHeaders are already injected with the xhrProvider, so no need
to pass them again a second time.
2016-02-16 17:37:12 +01:00
Roeland Jago Douma
d8f91b0e82 Allow searching for single user 2016-02-16 16:23:09 +01:00
Vincent Petry
b8b77709c0 Add handler for global ajax errors 2016-02-15 12:48:47 +01:00
Thomas Müller
294dcb4eff Adding global error handler for ajax calls which run into redirections or unauthorized responses 2016-02-15 12:47:18 +01:00
Thomas Müller
be65ba4089 Merge pull request #22383 from owncloud/better-sharee-translations
Do not use string concatination for translations
2016-02-15 11:16:16 +01:00
Thomas Müller
2054dbd4c8 Merge pull request #22350 from owncloud/fix_22304
WebUI feedback when sharing
2016-02-15 10:45:42 +01:00
Joas Schilling
c8ddbc385c Do not use string concatination for translations 2016-02-15 09:20:15 +01:00
Roeland Jago Douma
33ef240b39 Search tags case insensitive
fixes: #22352

* Added unit tests
2016-02-14 20:41:39 +01:00
Thomas Müller
11707dffce Merge pull request #22351 from owncloud/fix_22277
show remote server on federated share auto-complete
2016-02-13 18:25:04 +01:00
Thomas Müller
761e9cf3a4 Merge pull request #21837 from owncloud/recipients-error-message
First try for shareWithField error message
2016-02-12 16:09:37 +01:00
Bjoern Schiessle
862e28f006 show remote server on auto complete 2016-02-12 15:52:51 +01:00
Roeland Jago Douma
92c131b481 Updated unit tests 2016-02-12 14:31:00 +01:00
Roeland Jago Douma
51b55d5320 Provide proper feedback when creating a share in the webUI
Fixes #22304

Creating a share is not instant (especially not for federated shares) so
we should show that something is happening in the webUI properly.
2016-02-12 14:01:15 +01:00
Roeland Jago Douma
b786523bb7 Clear error when removing text 2016-02-12 10:25:42 +01:00
Roeland Jago Douma
113bfb0b07 Update tooltip on new search 2016-02-12 10:04:33 +01:00
Julian Müller
de4824077e First try for shareWithField error message
Second try for ShareWithField error message
2016-02-12 10:04:30 +01:00
Roeland Jago Douma
a823485638 Reload list of shares on directory change 2016-02-11 11:06:26 +01:00
Roeland Jago Douma
f5be48d81d Calculate the share statuses in js from the OCS Response
Right now this is only done on page load. We should do it on each
directory traversal.
2016-02-11 11:03:11 +01:00
Roeland Jago Douma
1301ec9351 Only show link shares for the current user
Currently we have no way to display multiple links in the UI.
So just display the link share for the current user.

Fixes #22275
2016-02-10 16:00:55 +01:00
Roeland Jago Douma
630bee749b Only show link spinner if the share exists
If there is no share to delete do not set the spinner.
Fixes #21726
2016-02-10 11:08:15 +01:00
Lukas Reschke
abc675d87e Move update notification code into app
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.

Furthermore also makes some more code unit-testable...
2016-02-09 18:05:51 +01:00
Vincent Petry
e378a757ff Add system tags filter section for files app 2016-02-09 10:59:29 +01:00
Thomas Müller
a35d5625e0 Merge pull request #22186 from owncloud/show-different-unsupported-failure-message
Don't show "report this to the community" when the upgrade is unsuppo…
2016-02-08 16:45:32 +01:00
Lukas Reschke
25aad470c1 Add message with reference to forum post 2016-02-08 10:45:46 +01:00
Morris Jobke
4032cc0166 Don't show "report this to the community" when the upgrade is unsupported
* fixes #21367
2016-02-08 09:19:16 +01:00
Vincent Petry
995a825dac Make JS Webdav work again with IE9-IE10 2016-02-05 14:48:10 +01:00
Thomas Müller
f9aa5d2971 Merge pull request #22133 from owncloud/add-check-for-content
Add check for content
2016-02-04 17:40:31 +01:00
Thomas Müller
e22b2d8b63 Merge pull request #22130 from owncloud/fix-jsunit-filesclient
Fix jsunit filesclient
2016-02-04 16:49:58 +01:00
Lukas Reschke
5ba6148bfe Add check for content
The response may be a redirect which is always followed by jQuery. Thus leading to false positives depending on the server configuration (e.g. when it issues a 302)

To prevent that there is also a check performed on the response content.
2016-02-04 16:13:27 +01:00
Vincent Petry
23f0515771 Fix JS DAV files client unit tests
Instead of trying to mock the promise, just stub davclient.js' request
object.
2016-02-04 15:39:18 +01:00
Vincent Petry
8782004742 Small fixes in Dav files client
Remove double leading slash in path.
Add utf-8 in default content type.
2016-02-04 15:38:54 +01:00
Faruk Uzun
6ffd8f3e0d Introduce some mimetypes for richdocuments
* application/vnd.lotus-wordpro
* application/vnd.visio
* application/vnd.wordperfect
* application/msonenote
2016-02-04 13:48:21 +02:00
Roeland Jago Douma
aef43816c2 host and hostname are different things
host can contain the port (host of http://example.com:1234 is
example.com:1234) while hostname never contains a port. They can however
be similar. If you navigate to http://example.com then both host and
hostname will be example.com.

* Fixed docs
* added getHostName function
2016-02-03 11:28:07 +01:00
Vincent Petry
d81c00304f Fix parsing empty Webdav property nodes
Return empty string instead of undefined
2016-02-02 18:01:15 +01:00
Vincent Petry
3b581b051f Expose display name in JS side
Adds a new method `OC.getCurrentUser` to get both the user id and
display name Could be used for a future Js
2016-02-02 18:01:15 +01:00
Vincent Petry
29386eccf9 Add pagination support for comments GUI 2016-02-02 18:01:15 +01:00
Vincent Petry
22be3867f1 Allow creating tags where another one with same prefix exists
When creating a new entry, compare the full tag name and not only the
prefix.
2016-02-02 10:42:35 +01:00
Vincent Chan
59cfeae2cd changed variables to lowercase 2016-02-02 10:32:50 +01:00
Vincent Chan
faf48e42b7 Move data protection check to javascript
fixes #20199
2016-02-01 18:57:58 +01:00
Thomas Müller
e23cd35019 Merge pull request #21953 from owncloud/make-enable_avatars-more-robust
Make enable_avatars setting more robust
2016-02-01 14:08:40 +01:00
matthias-g
41c87531ff Update explanation of how to enable debug mode 2016-01-30 18:26:10 +01:00
Thomas Müller
45609d95d4 Merge pull request #21992 from owncloud/share-dialog-error-handling
Properly forward error messages in share dialog
2016-01-29 14:42:57 +01:00
Joas Schilling
c925bfdcd6 Trim tag names to avoid problems 2016-01-28 20:41:47 +01:00
Vincent Petry
df3f6fee10 Properly forward error messages in share dialog 2016-01-28 17:18:33 +01:00
Vincent Petry
7e1de0e3c2 Fix share default expiration date calculation
Now using UTC dates with moment js to accurately add the number of days
2016-01-28 15:25:34 +01:00
Vincent Petry
b063ddb05b Share dialog use OCS API 2016-01-28 15:25:34 +01:00
Thomas Müller
de8852a760 Merge pull request #21958 from owncloud/systemtags-style
Use boxes for system tags, shorten permission text
2016-01-28 12:54:52 +01:00
Vincent Petry
1473e156f4 Use boxes for system tags, shorten permission text
Permission text now doesn't appear when all permissions are there, or
shows as "invisible" or "not assignable", which should better cover all
use cases.

Changed select2 style to use boxes in the input field.
2016-01-28 11:24:13 +01:00
Morris Jobke
1601d9235a Make enable_avatars setting more robust
* handles the setting in the same way everywhere
* fixes #21949
2016-01-27 15:17:25 +01:00
Vincent Petry
714d8c2424 Fix system tags conflict situations
Does not disrupt the UX whenever a tag or association was created
concurrently. The input field will adjust itself as if the tag was
already there in the first place.
2016-01-27 15:09:59 +01:00
Vincent Petry
cfba90a78d Fix system tags proppatch with booleans
Backbone webdav adapter now converts booleans and ints to strings.

Fixed system tags to use "true" / "false" strings for booleans instead
of 1 / 0.
2016-01-27 11:09:43 +01:00
Joas Schilling
4ea0d3c05d Deprecate getFirstWeekDay() and getDateFormat() in favor of l() 2016-01-26 14:02:31 +01:00
Vincent Petry
0a1350d5ac System tags sidebar selector now respects permissions
For admins: display the namespace behind the tag name.
For users: no namespace, don't display non-assignable tags in the
dropdown, display already assigned non-assignable tags with a different
style
2016-01-25 10:45:02 +01:00
Vincent Petry
d4198607ec Expose whether user is an admin through a method
Which is nicer than an obscure global variable
2016-01-25 10:07:47 +01:00
Thomas Müller
44043cb1d7 Merge pull request #21811 from owncloud/fix-unauthenticated-avatar
Show default placeholder if avatar image can't be fetched
2016-01-25 10:01:23 +01:00
Joas Schilling
f108dbfa6a Move getDescriptiveTag to core 2016-01-21 15:56:25 +01:00
Morris Jobke
b188de242e Show default placeholder if avatar image can't be fetched
* fixes owncloud/documents#601
* ref #14564
2016-01-20 15:18:57 +01:00
Vincent Petry
ffba6d0a7e Added system tags GUI in sidebar
Added files details sidebar panel to assign/unassign/rename/delete
system tags.
2016-01-19 16:24:26 +01:00
Vincent Petry
8d41cbb97a Implement toggleselect extension for select2
To make it possible to toggle selected values inside the dropdown
2016-01-19 16:24:26 +01:00
Morris Jobke
6e096936e5 update JS humanFileSize to use KB instead of kB 2016-01-19 10:51:57 +01:00
Joas Schilling
50557b19b6 Run the command once again 2016-01-18 11:13:25 +01:00
Vincent Petry
857c316bda Backbone transport for Webdav 2016-01-16 11:28:04 +01:00
Thomas Müller
b1ee51f255 Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
2016-01-13 10:33:58 +01:00
Thomas Müller
c5a200c419 Merge pull request #21653 from owncloud/update-license-headers-2016
Update license headers 2016
2016-01-13 08:29:42 +01:00
Thomas Müller
682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Thomas Müller
2493cfede9 Merge pull request #21640 from owncloud/add-config-to-disable-wellknown-check
Add config switch to disable the .well-known URL check
2016-01-12 14:46:09 +01:00
Lukas Reschke
4d0dcd3c53 Add X-Download-Options and X-Permitted-Cross-Domain-Policies
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
2016-01-12 10:37:16 +01:00
Morris Jobke
8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Morris Jobke
a6c7cdd75e Show the well-known URL check as info instead of error
* ref https://github.com/owncloud/core/pull/21562#issuecomment-170344549
2016-01-12 09:18:20 +01:00
Morris Jobke
0161928fc3 Add check for .well-known URL in the root of the webservers URL
* fixes #20012
2016-01-08 23:27:29 +01:00
Joas Schilling
334a6d57a3 Check the correct config for displaying the "notify by email" option 2016-01-08 14:15:06 +01:00
Roeland Jago Douma
6bd15856b2 Added js tests for the Sharee API usage 2015-12-30 10:46:19 +01:00
Roeland Jago Douma
49031e0744 Fix unit tests 2015-12-30 08:58:04 +01:00
Roeland Jago Douma
f99fcd5dd6 Filter out share owner in sharee suggestion list 2015-12-30 08:58:04 +01:00
Roeland Jago Douma
fa7996aa8a Web sharing uses sharee endpoint 2015-12-30 08:58:04 +01:00
Thomas Müller
9c4ab51735 Merge pull request #21364 from owncloud/bring_back_icons_filepicker
Get the icon in javascript for the filepicker
2015-12-28 10:21:58 +01:00
Roeland Jago Douma
2fc458479e [Avatars] Calculate 'sane' hue precissions
We used to get the numeric value of the entrire md5 string which is a
128bit integer. We would then devide this by the maxval of a 128bit int.

There is no need for such huge computations. As we just require a value
between 0 and 255. Thus using two 16 bit values is more than enough to
get the precision we need. By just taking the MSB we get nearly
identical results.
2015-12-24 10:50:12 +01:00
Roeland Jago Douma
9be43e10af Since the server no longer calculates the icon
The server no longer calculates the icon. So we have the js side do it
for us.
2015-12-24 08:59:32 +01:00
Lukas Reschke
cebeb0e052 Fix unit tests
Fixes https://github.com/owncloud/core/issues/21345
2015-12-23 09:11:22 +01:00
Renaud Fortier
83899a5fa1 add _blank to href 2015-12-21 13:28:32 -05:00
Morris Jobke
ed98cdf532 Use OCP\Util::getVersion instead of the internal private implementation 2015-12-18 15:26:54 +01:00
Roeland Jago Douma
c64e827f00 Since avatar.js is now essentially empty remove it 2015-12-17 16:32:18 +01:00
Roeland Jago Douma
6248bad0f7 Add a default size to the avatar placeholders
This removed the need to do an avatar request on the "empty" row in the
user settings.
2015-12-17 16:30:23 +01:00
Thomas Müller
3bcaaa6c3a Merge pull request #21259 from owncloud/load_big_avatar_only_personal
Only load the big (128x128) avatar on the perosnal page
2015-12-17 16:07:50 +01:00
Thomas Müller
1285b78086 Merge pull request #21200 from owncloud/files-authorizationheader
Use Authorization headers for public webdav in web UI
2015-12-17 15:30:13 +01:00
Roeland Jago Douma
a81836a42f Only load the big (128x128) avatar on the perosnal page
Before the code was executed on every page if a user was logged in. Now
only on the personal page. Thus saving a request on all other pages.
2015-12-17 13:55:22 +01:00
Vincent Petry
181ba7b4e1 Fix files UI mtime parsing from webdav 2015-12-16 17:44:16 +01:00
Vincent Petry
ab9849e72f Use Authorization headers for public webdav instead of URL
Instead of prepending the token as username in the URL, use the
Authorization header instead. This is because IE9 considers this a
cross-domain call and refuses to do it in the first place.
2015-12-14 17:42:13 +01:00
Roeland Jago Douma
e8d5eb65c6 Files can't have create permissions
Fixes #20839
2015-12-11 22:28:26 +01:00
Thomas Müller
d6276faff6 Merge pull request #21014 from owncloud/share-unsharelinkpapercut
Fix unshare link click element
2015-12-08 08:39:33 +01:00
Thomas Müller
b15d77c934 Merge pull request #21015 from owncloud/update-redirecttocorrectpage
Redirect to correct URL after updating
2015-12-07 19:55:45 +01:00
Thomas Müller
4100263bd6 Merge pull request #20996 from owncloud/issue-12215-remove-password-reset-when-not-possible
Issue 12215 remove password reset when not possible
2015-12-07 19:55:26 +01:00
Vincent Petry
69ab047f89 Redirect to correct URL after updating
Now requires a trailing slash to make sure we don't land on the
forbidden page.
2015-12-07 18:08:00 +01:00
Vincent Petry
5567b6cee2 Fix unshare link click element
When clicking on the unshare link (trash icon), the correct link element
needs to be used instead of whatever child was clicked. Then, that
element might contain a visible loading icon.

This fixes the spinner detection and also prevents a full page reload in
case the spinner was visible.
2015-12-07 17:58:17 +01:00
Vincent Petry
6735005be0 Fix duplicate bogus share field when link sharing is not allowed
Whenever link share is not allowed, it was outputting a bogus sharing
field which name would conflict with the regular sharing field.

This fix makes sure that the bogus sharing field with "Resharing not
allowed" message only appears when triggered by removed share
permissions.
2015-12-07 16:53:56 +01:00
Joas Schilling
87bc02c6cd Allow specifying a custom reset-password-url 2015-12-07 15:41:40 +01:00
Thomas Müller
9c550a07ed OC.FilePath has still a valid use case when generating paths to static files what for generateUrl cannot be used for - closes #15604 2015-12-07 12:23:42 +01:00
Thomas Müller
f3d49a89fe Merge pull request #11131 from owncloud/use-phpini-wrapper
Replacing ini_get instances with inigetwrapper usages
2015-12-07 10:20:59 +01:00
Roeland Jago Douma
50d862e5d1 [Avatars] JS should not load same avatar twice
Old code first dit an ajax request to the avatar. Then a new image
object with the same src was created and since we do not cache avatars
yet :(  this resulted in 2 sequential requests to the exact same URL

Now if you set the displayname it will first set the placeholder and
then load the avatar in the background. Only once this time!
2015-12-04 10:42:11 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Vincent Petry
b1ca431852 Fix for parsing pretty printed Webdav responses
Update davclient.js + adjust IE workaround for this
2015-11-24 15:26:53 +01:00
Clark Tomlinson
9caf4ffbfc Replacing ini_get instances with inigetwrapper usages 2015-11-23 14:12:31 +01:00
Vincent Petry
a05e40932c Now using IE8 workaround of davclient.js for all IE versions 2015-11-22 16:05:52 +01:00
Vincent Petry
7ec83fc9fb Fix OC.FileInfo to copy all properties
This makes it possible to also store custom properties passed through
the data object like tags or shareOwner.
2015-11-22 16:05:50 +01:00
Vincent Petry
a1d0682ef8 Use oc:fileid property instead of oc:id 2015-11-22 16:05:51 +01:00
Thomas Müller
ab1d786d87 Fix port issue - options.host already has the port attached 2015-11-22 16:05:51 +01:00
Vincent Petry
dc8ce87a26 Query tags/favorite through Webdav in file list 2015-11-22 16:05:50 +01:00
Vincent Petry
fa2be0750c Make files app use Webdav for most operations 2015-11-22 16:05:50 +01:00
Vincent Petry
f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
Vincent Petry
fb3d5c7856 Add evert's davclient.js + es6-promise + IE8 workaround
- Add davclient.js lib
- Add es6-promise required by that lib
- Wrote IE8 workaround lib/shim for davclient.js
2015-11-22 16:05:49 +01:00
Joas Schilling
78c456b895 Allow creating OCS v2 links in JS 2015-11-16 14:23:43 +01:00
Vincent Petry
a2cd9708f6 Set "ie" CSS class for IE10, IE11
Fixed border in file action menu
2015-11-10 17:04:52 +01:00
Joas Schilling
f04151f69b Close the user menu when clicking it again 2015-11-02 10:09:13 +01:00
Morris Jobke
b32e6fbb62 [tags] remove unneeded variables 2015-10-30 10:02:15 +01:00
Thomas Müller
774d069ff0 Merge pull request #20122 from owncloud/files-consolidateiconupdate
Fix icon update to be more consistent
2015-10-29 15:40:15 +01:00
Vincent Petry
9c9158e6b7 Fix icon update to be more consistent
Makes the details bar show the same icon as in the list.
2015-10-29 12:59:51 +01:00
Tom Needham
628e4a9daf Add sharee list view js tests 2015-10-29 09:01:47 +01:00
Thomas Müller
588a668455 Merge pull request #20082 from owncloud/phil-davis-sharedialogviewspec-typos
sharedialogviewSpec.js couple of text typos
2015-10-27 20:04:05 +01:00
Thomas Müller
c15b2094e5 Merge pull request #20078 from owncloud/tipsy-body
Append tipsys to body
2015-10-27 15:08:25 +01:00
Phil Davis
89ab505c7b sharedialogviewSpec.js couple of text typos
I noticed a new typo in 15ef39d5b9 and looked for others while I am here.
2015-10-27 17:11:49 +05:45
Hendrik Leppelsack
5a01dc44d6 append tipsys to body 2015-10-27 11:22:41 +01:00
Vincent Petry
0d98e5e456 [IE9] Don't send link share password placeholder
When exiting the password field in the share dialog, IE9 would
mistakenly think that the password has changed and would send the
placeholder.

This fix prevents changing the password whenever the placeholder is set
as value.
2015-10-26 17:45:21 +01:00
Thomas Müller
23e51c37cf Merge pull request #20049 from owncloud/make-author-file-complete
Generate author file by license.php build script
2015-10-26 17:14:06 +01:00
Lukas Reschke
8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Vincent Petry
c64fb46fbf Fix share link focus on click
Clicking on the link share must focus and select it
2015-10-26 12:49:52 +01:00
Roeland Jago Douma
9071e756a1 Fix for broken ajax/share.php endpoint
Even more code mess :(
All tests pass again. But I'm really not happy with this endpoint.
2015-10-23 09:24:03 +02:00
Thomas Müller
4f5ff9c105 Ensure the password is only hashed in case it's changed on the client - fixes #19950 2015-10-22 17:32:40 +02:00
Thomas Müller
56fdb0ac93 Merge pull request #19935 from owncloud/issue-19916-settings-menu-hide-on-file-action
Use the normal OC.menu JS for handling the Settings menu
2015-10-22 10:42:02 +02:00
Thomas Müller
15ef39d5b9 Merge pull request #19952 from owncloud/share-dialogue-tests
Add JS tests for share dialog
2015-10-22 09:23:05 +02:00
Tom Needham
e3ae453ee5 Fix line lengths in share dialog unit tests 2015-10-21 13:30:42 +00:00
Tom Needham
8a6d22d751 Add JS tests for share autocompletion handling 2015-10-21 12:46:08 +00:00
Joas Schilling
a0437591db Use the normal OC.menu JS for handling the Settings menu 2015-10-21 13:59:30 +02:00
Tom Needham
2ca5b1aa1f Add test for remote share info tooltop 2015-10-21 10:00:29 +00:00
Vincent Petry
89e3860e1a Disable app icon preview in apps page for IE
All IE versions are not able to properly upscale SVG icons unless the
said SVG files contain a "viewBox" attribute, which is not always the
case. Also we cannot guarantee that all third party apps will have this
attribute in their icons.

So for now, app icons will not be displayed in IE instead of broken
ones.
2015-10-21 10:50:06 +02:00
Vincent Petry
1e64968ff7 Allow leaving update page when errors occurred 2015-10-20 13:29:44 +02:00
Vincent Petry
06ddd40886 Prevent leaving the DB update page while in progress 2015-10-20 13:28:48 +02:00
Christoph Wurst
9778094a25 fix filepicker loading spinner 2015-10-19 23:43:12 +02:00
Vincent Petry
90e34e26bd Fix spinner positions in share tab
Also fix missing spinner when removing link share
2015-10-16 15:54:27 +02:00
Vincent Petry
3af2ad0cd9 Fix DOM element ids in share dialog
- Rely on class names instead of global ids
- When global ids are needed for label+checkbox, append the view id
  (cid) to the element's id

This fixes the checkboxes when multiple sidebars exist in the DOM.
2015-10-16 10:54:45 +02:00
Thomas Müller
8d5aff9db5 Merge pull request #19631 from owncloud/share-emailsenterror
Fix share email sending feedback
2015-10-14 12:51:32 +02:00
Thomas Müller
a83e003ae3 Merge pull request #19645 from owncloud/file-conflict-disablecontinue
Disable "Continue" button in conflict dialog when no selection
2015-10-14 12:39:37 +02:00
Thomas Müller
f34b97bc98 Merge pull request #19699 from owncloud/hutchic-issue-18241-reload-page-link
refs #18241 Make the 'please reload this page' a clickable link
2015-10-14 12:39:19 +02:00
Morris Jobke
2f9f963616 [update] show default error message if empty message 2015-10-14 09:41:47 +02:00
Colin Hutchinson
f49c1039c4 refs #18241 Make the 'please reload this page' a clickable link 2015-10-10 14:14:01 -04:00
Vincent Petry
c7aef6c368 Fix uploading avatar and root certs in IE8 2015-10-09 11:19:05 +02:00
Morris Jobke
3c005bc020 Check .conflicts for checkboxes 2015-10-08 17:13:28 +02:00
Roeland Jago Douma
08600a7ed5 Add unit tests for sending e-mail for link shares 2015-10-08 16:39:25 +02:00
Vincent Petry
4bf19d4472 Fix share email sending feedback
Redisplay email address after failure
2015-10-08 16:39:12 +02:00
Vincent Petry
cba1aae073 Disable "Continue" button in conflict dialog when no selection 2015-10-08 12:27:33 +02:00
Thomas Müller
0385a62363 Merge pull request #19597 from owncloud/update-license-headers
update licence headers via script
2015-10-06 11:18:35 +02:00
Morris Jobke
b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Thomas Müller
ea72d90617 Merge pull request #19553 from owncloud/properly_format_date_shareview
Use DD-MM-YYYY consistently in share sidebar
2015-10-05 22:02:12 +02:00
Morris Jobke
b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Roeland Jago Douma
8c459a895d Do not remove linkshare if there is none
If the password is enforced we can't create a link share right away but
just show the password field. Untoggling the link sharing should not try
to remove the share.

* Added unit test
2015-10-05 21:12:27 +02:00
Thomas Müller
681ab05e4d Merge pull request #19539 from owncloud/fix-multiselect-overlap-shorter
Fix filelist size issues, breadcrumb, multiselect
2015-10-05 09:48:31 +02:00
Roeland Jago Douma
96deeca34d Use DD-MM-YYYY consistently in share sidebar
We used to display the response from the server. Which is in non ISO8601
format. Now this is weird since the datepickers shows us 'DD-MM-YYYY'
once a date is chosen.

Now use momentJS to properly format the date.

* Unit tests updated
2015-10-04 11:38:29 +02:00
Vincent Petry
f135128664 Fix filelist size issues, breadcrumb, multiselect
- calculate multiselect header width to exclude scrollbar
- call FileList._onResize() when sidebar is toggled ("appresized"), this
  also updates the breadcrumb width
- moved global getScrollBarWidth() to OC.Util namespace
2015-10-02 18:03:48 +02:00
Thomas Müller
ff89824135 Merge pull request #19272 from owncloud/mimetypes-enhanced
Introduce a few new mimetypes for code, fix recursive mimetype aliases
2015-10-02 17:50:34 +02:00
Vincent Petry
1562da3691 Focus on share field after first display 2015-10-02 16:39:27 +02:00
Roeland Jago Douma
57ceee13a9 Updated some mimetypes
* c++ and cpp now both map to code
2015-10-02 15:28:23 +02:00
Robin McCorkell
aeb20675dd Allow recursive mimetype aliases
application/xml -> text/html -> text/code
2015-10-02 15:28:23 +02:00
Robin McCorkell
cd7aff47e1 Introduce a few new mimetypes for code 2015-10-02 15:28:23 +02:00
Thomas Müller
594a3e4e22 Merge pull request #19523 from owncloud/fix-seconds-ago
Fix moment.js "a few seconds ago" with "seconds ago"
2015-10-02 14:11:46 +02:00
Morris Jobke
4b3a5a257f Fix moment.js "a few seconds ago" with "seconds ago"
* fixes #18627
2015-10-02 10:51:51 +02:00
Vincent Petry
5dff9d88cb Make sure the conflict dialog is loaded before adding conflicts 2015-10-02 09:55:43 +02:00
Thomas Müller
eeac6e2ab1 Merge pull request #19454 from owncloud/ie8-madness-returns
[IE8] Fix file type sizes and popover menus in file list
2015-09-30 15:15:38 +02:00
Thomas Müller
67609699bc Merge pull request #19443 from owncloud/sharedialog-passworderror
Fix share link password error
2015-09-30 11:08:04 +02:00
Vincent Petry
dbb6692468 [IE8] Fix filetype icon sizes
Added hack that uses a "filter" CSS with explicit URL to fix the "New"
menu by scaling down icons and also fix the folder/filetype icon in the sidebar
by scaling it up.
2015-09-29 18:28:31 +02:00
Olivier Paroz
a1c419dc71 Use Hermite resampling for comparator canvas previews 2015-09-29 16:35:24 +02:00
Vincent Petry
8def1383c8 Fix share link password error
- only allow submitting the password once, single request
- display error in tooltip
2015-09-29 15:30:01 +02:00
Thomas Müller
037cce7f05 Merge pull request #19418 from owncloud/fix-parsehashquery
Consider both hash params and query when parsing URL
2015-09-29 13:21:34 +02:00
Vincent Petry
71dabc6c13 Consider both hash params and query when parsing URL 2015-09-28 18:37:40 +02:00
Vincent Petry
a823a79f12 Show loading spinner for first fetch of shares
Whenever the sidebar first loads shares, show a spinner instead of an
empty content
2015-09-28 15:57:57 +02:00
Thomas Müller
4d8be8822c Merge pull request #19363 from owncloud/checkboxes-sidebar
Restyle checkboxes in sidebar
2015-09-28 10:54:55 +02:00
Hendrik Leppelsack
0ae931ed57 fix sidebar spinner 2015-09-25 20:48:47 +02:00
Hendrik Leppelsack
2ee36dc4de restyle checkboxes in sidebar 2015-09-25 11:54:26 +02:00
Hendrik Leppelsack
604f5783fd fix multiselect 2015-09-25 00:51:39 +02:00
Thomas Müller
846b826867 Merge pull request #18517 from owncloud/17753_to_master
Fix preview of old file on public upload conflicts
2015-09-24 15:20:00 +02:00
Thomas Müller
d7a923671f Merge pull request #19305 from owncloud/share-hasusershares
Fix ShareItemModel.hasUserShares to only check shares of current item
2015-09-24 14:57:23 +02:00
Vincent Petry
76e30d0df7 Expiration date was always a string 2015-09-24 12:21:19 +02:00
Vincent Petry
0db9b28f3f Fix ShareItemModel.hasUserShares to only check shares of current item
The shares array is based on what the server returns and can contain
share info for parent folders.

hasUserShares is now fixed to ignore parent folders and only checks for
shares on the current item.
2015-09-23 14:41:13 +02:00
Vincent Petry
6ea27e2b03 Fix parsing int attributes from share.php response
Sometimes the attributes returned by share.php are integers but packaged
as strings.

This fix makes sure that such attributes are parsed as integers
2015-09-23 12:16:47 +02:00
Thomas Müller
0c283dc020 Merge pull request #19220 from individual-it/fix_19164
re initialize OC.Share.currentShares OC.Share.itemShares
2015-09-23 11:41:20 +02:00
Thomas Müller
53a167eae9 Merge pull request #19279 from owncloud/share-fixbogusentry
Fix bogus entry that appears when switching with arrow keys
2015-09-23 11:30:50 +02:00
Hendrik Leppelsack
3f0a870908 implement builder pattern in tipsy shim 2015-09-23 09:27:44 +02:00
Vincent Petry
03ca76f54f Fix bogus entry that appears when switching with arrow keys 2015-09-22 17:16:20 +02:00
Lukas Reschke
4201f59402 Update mimetypes 2015-09-22 16:43:29 +02:00
Individual IT Services
976942bb61 re initialize OC.Share.currentShares OC.Share.itemShares
otherwise old values are kept.
fix for #19164
2015-09-21 17:01:50 +05:45
Hendrik Leppelsack
964cfc8e08 fix missing checkboxes in file comparator 2015-09-21 12:57:34 +02:00
Olivier Paroz
04b14df35c Fix preview of old file on public upload conflicts 2015-09-20 12:38:21 +02:00
Olivier Paroz
9776d60b57 Typo 2015-09-19 10:34:19 +02:00
Thomas Müller
08ae1e8183 Merge pull request #19008 from owncloud/jquery_avatar_tests
JS tests for jquery.avatar
2015-09-18 17:31:18 +02:00
Hendrik Leppelsack
7c80c8e484 fix missing checkboxes in share dialog 2015-09-17 16:25:10 +02:00
Vincent Petry
6141ea12b1 Port share.css styles to the sidebar panel 2015-09-16 07:23:29 +02:00
Vincent Petry
36e452a472 Fix cruds button in share dialog
Only toggle the current row
2015-09-16 07:23:29 +02:00
Vincent Petry
02d68d0613 Removed obsolete tests 2015-09-16 07:23:29 +02:00
Vincent Petry
f439c07ba9 Fix allow reshare for owner when sharing with self through group 2015-09-16 07:23:29 +02:00
Vincent Petry
996639f4fb More unit tests for share dialog 2015-09-16 07:23:29 +02:00
Vincent Petry
886f1ed660 Update JS unit tests for share dialog (WIP) 2015-09-16 07:23:29 +02:00
Vincent Petry
41f16e821a Remove unused/obsoleted OC.Share code
The sharing dialog has been moved to ShareDialogView
2015-09-16 07:23:29 +02:00
Vincent Petry
1933bcfa92 Implement email autocomplete for link share 2015-09-16 07:23:29 +02:00
Vincent Petry
62ff78787a Implement email share link 2015-09-16 07:23:29 +02:00
Vincent Petry
aeee19b3f2 Implement "notify by email" checkbox in share dialog 2015-09-16 07:23:29 +02:00
Vincent Petry
e0a2004f4c Clear field after adding user 2015-09-16 07:23:28 +02:00
Vincent Petry
06b11dd602 Fix shares list events
Some events need preventing default like unshare, but setting
permissions doesn't.
2015-09-16 07:23:28 +02:00
Vincent Petry
e90065881d Bring back the share icon and update its status
Display share icon in file list row.
Update share icon status when the sharing state changed.
2015-09-16 07:23:28 +02:00
Vincent Petry
8194d092e7 Add expiration date handling in share tab 2015-09-16 07:23:28 +02:00
Arthur Schiwon
c2ff2ca982 cleanup 2015-09-16 07:23:28 +02:00
Arthur Schiwon
a0fa7186f5 make permission/cruds checkboxes work 2015-09-16 07:23:28 +02:00
Arthur Schiwon
c7453b4db1 toggle visibility of detailed cruds permissions 2015-09-16 07:23:28 +02:00
Arthur Schiwon
d4bbc062be cleanup 2015-09-16 07:23:28 +02:00
Arthur Schiwon
a5b0ea031d make unshare work 2015-09-16 07:23:28 +02:00
Arthur Schiwon
7ae84e0e5c make 'Allow editing' (aka public upload) checkbox work 2015-09-16 07:23:28 +02:00
Arthur Schiwon
6d832359b6 fix allow upload checkbox appeareance 2015-09-16 07:23:28 +02:00
Arthur Schiwon
9fe6d7c568 implements setting and removing password for link shares, including forced ones 2015-09-16 07:23:28 +02:00
Arthur Schiwon
5dfaa0c82d mark url on click 2015-09-16 07:23:27 +02:00
Arthur Schiwon
f29b51682b share and unshare via link (not yet password). also some internal changes to reduce unnecessary rendering 2015-09-16 07:23:27 +02:00