Commit graph

9978 commits

Author SHA1 Message Date
John Molakvoæ (skjnldsv)
ea6f423e2c Extend data returned when searching remote shares
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma
bc9b223e65
Fix DAV mimetype search
Fixes #15048
Catches the case where a full mimetype is sumbitted in the where like
clause. Before we didn't catch this and it was just forwarded as is
causing invalid queries.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-28 21:56:29 +01:00
Roeland Jago Douma
f763219f19
Merge pull request #17712 from nextcloud/enh/limit_hardening/database/user
Make sure limit is never negative
2019-10-28 13:59:09 +01:00
Roeland Jago Douma
70500e25ad
Merge pull request #17173 from nextcloud/feature/event-broadcasting
Make it possible to broadcast events to (web) clients
2019-10-28 13:58:35 +01:00
Christoph Wurst
d180a98714
Make it possible to broadcast events to (web) clients
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-10-28 13:58:13 +01:00
Roeland Jago Douma
dd185e383d
Make sure limit is never negative
There were some cases where a negative limit could be passed in. Which
would happily make the query explode.

This is just a quick hack to make sure it never is negative.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-28 13:07:43 +01:00
Daniel Kesselberg
83af640780
Remove objectstore credentials
Also remove the username for Swift v2 and add todo for unclear keys.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-10-27 00:51:39 +02:00
Daniel Kesselberg
8e44e0134a
Remove objectstore credentials
S3: key and secret
Swift v3: user.name and user.password

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-10-27 00:41:01 +02:00
Roeland Jago Douma
931c68c0bf
Do not show 'Get your own free account' on services under subscription
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 16:46:32 +02:00
Roeland Jago Douma
e71f222082
Cleanup theming mess
* Do not do translations in the constructor. This gets called to early
so there is no user yet. Which means we can't obtain the locale. Which
means we store the wrong translation instance.

* Same for the theming app magic. Just use the parent call when needed.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 13:31:19 +02:00
Roeland Jago Douma
6a560fd51e
Don't pass in the locale as the language
This messes with the translation of the date names etc.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 13:29:51 +02:00
Julius Härtl
7636b9e164
Fix help route in navigation
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-22 17:56:55 +02:00
blizzz
923735021b
Merge pull request #17568 from nextcloud/fix/noid/move-away-from-deprecated-event
use OCP\EventDispatcher\Event over Symfony's deprecated Event
2019-10-21 13:40:36 +02:00
Roeland Jago Douma
8d094920c3
Merge pull request #17594 from nextcloud/dont-cache-notfound
Dont cache empty url for not found routes
2019-10-21 12:06:49 +02:00
Roeland Jago Douma
2276cb12c4
Merge pull request #17547 from nextcloud/enh/noid/log-exception-json-escape
Do not escape slashes for logged exceptions
2019-10-21 11:14:03 +02:00
Robin Appelman
219905b9c8
Dont cache empty url for not found routes
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-10-18 18:20:25 +02:00
Arthur Schiwon
e8095cf737
use OCP\EventDispatcher\Event over Symfony's deprecated Event
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-10-17 13:31:48 +02:00
John Molakvoæ
bd5189f29f
Let SCSS cleanup only run once (#17543)
Let SCSS cleanup only run once
2019-10-17 10:03:08 +02:00
Roeland Jago Douma
098ab7af4b
Do DI on registered middleware as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-16 22:52:48 +02:00
Julius Härtl
a9c089064b
Deprecate TemplateManager
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-16 09:54:17 +02:00
Julius Härtl
0a4dd3605b
Do not escape slashes for logged exceptions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-15 16:09:23 +02:00
Julius Härtl
ee743867d4
Make sure the cache is only reset once at a time
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-15 15:17:16 +02:00
Julius Härtl
e51010b0f4
Use a distributed cache for the isCachedCache
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-15 11:56:02 +02:00
Daniel Kesselberg
0ecc70c497
Assume that getType is available
From PHP7 getType is always available. No need to check it nowdays.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-10-14 09:50:12 +02:00
Daniel Kesselberg
ace74ef866
Fix ReflectionType::__toString() is deprecated
As of PHP 7.1.0, ReflectionType::__toString() is deprecated, and ReflectionParameter::getType() may return an instance of ReflectionNamedType. To get the name of the parameter type, ReflectionNamedType() is available in this case.

https://www.php.net/manual/en/reflectionparameter.gettype.php
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-10-14 09:50:06 +02:00
Christoph Wurst
f6a79338d4
Make sure we create an app's Application class just once
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-10-11 08:21:24 +02:00
Roeland Jago Douma
1e8f063aed
Merge pull request #17484 from nextcloud/bugfix/activity-last-timestamp-merged
Always use the latest timestamp for merged activities
2019-10-10 20:30:16 +02:00
Roeland Jago Douma
5917644536
Merge pull request #17276 from nextcloud/storage-id-eq
Get single storage id using `eq` instead of `in`
2019-10-09 15:17:49 +02:00
Julius Härtl
a41ed39bf2
Always use the latest timestamp for merged activities
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-09 11:25:37 +02:00
Roeland Jago Douma
5122629bb0
Make renewSessionToken return the new token
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Roeland Jago Douma
3fccc7dc47
Cache the public key tokens
Sometimes (esp with token auth) we query the same token multiple times.
While this is properly indexed and fast it is still a bit of a waste.

Right now it is doing very stupid caching. Which gets invalidate on any
update.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-08 13:57:36 +02:00
Roeland Jago Douma
075a0b24d5
Merge pull request #17431 from johkoenig/bugfix/17377/trusted_domain_helper_case_insensitive
make TrustedDomainHelper case insensitive
2019-10-08 08:51:11 +02:00
Roeland Jago Douma
f2d44b87bb
Merge pull request #17440 from nextcloud/enh/noid/log-json-escape
Do not escape slashes in log json
2019-10-08 08:48:52 +02:00
Daniel Kesselberg
fdf4e1ebb2
Remove duplicate code
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-10-08 00:46:50 +02:00
Julius Härtl
29a6f2d830
Do not escape slashes in log json
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-10-07 13:39:40 +02:00
Johannes Koenig
2df8d646c1 make TrustedDomainHelper case insensitive
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
John Molakvoæ
62399c76e8
Allow group displaynames in the database backend (#17221)
Allow group displaynames in the database backend
2019-10-05 18:34:14 +02:00
Roeland Jago Douma
6db51324fa
Fix DB usersInGroups fetching
* Follow the interface defaults
* Only set limit or offset if they are properly set

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-02 09:43:35 +02:00
blizzz
47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst
de6940352a Move settings to an app
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
Joas Schilling
b9f963225f
Do not allow to have an empty display name
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-27 14:29:57 +02:00
Joas Schilling
00859f46f3
Fix DI issue
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-27 14:29:56 +02:00
Joas Schilling
a54ff49c6b
Remove inherited docs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-27 14:29:56 +02:00
Joas Schilling
653628c8fb
Allow to set the group display name in the database backend
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-27 14:29:56 +02:00
Joas Schilling
45506adc5c
Add a displayname to the database group backend
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-27 14:29:56 +02:00
Roeland Jago Douma
cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Robin Appelman
bde791cec9
use eq instead of in for loading single storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-26 15:04:04 +02:00
Robin Appelman
1a8f9b8b1d
log which storage id can't be inserted
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-26 15:04:00 +02:00
MichaIng
c7e66ec848
Add "Order" to assure that no parental "Allow" can grant access
Signed-off-by: MichaIng <micha@dietpi.com>
2019-09-26 12:38:58 +02:00
Roeland Jago Douma
1cb1b132ca
Merge pull request #17252 from nextcloud/bugfix/noid/user-0-can-not-comment
Fix user with id 0 to be able to comment
2019-09-26 11:30:56 +02:00
Roeland Jago Douma
6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman
35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that

Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman
733d4b6cca
dont delete cache entries if deleting an object from object store failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Joas Schilling
e4b36f4f47
Fix user with id 0 to be able to comment
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-25 09:07:07 +02:00
Roeland Jago Douma
48a00b88e1
Merge pull request #17163 from nextcloud/bugfix/noid/print-error-on-data-dir-error
Print error on data dir error
2019-09-23 10:08:58 +02:00
Roeland Jago Douma
b2aec1d816
Merge pull request #17206 from nextcloud/logger-catch-exceptions
catch exceptions that occur during logging
2019-09-19 18:33:45 +02:00
Robin Appelman
2943c18548
catch exceptions that occur during logging
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-19 13:39:40 +02:00
Christoph Wurst
a5869be60f Fix l10n in federated file sharing
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-19 12:57:45 +02:00
Roeland Jago Douma
210a0554a2
Use the actual password to update the tokens
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Daniel Kesselberg
ee76b0fbd2
Add uid to delete temp token query
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-18 16:52:42 +02:00
Joas Schilling
a4ba2113b2
Fix getById for files in appdata and the root mount
In case the path we are currently in is inside the appdata_* folder,
the original getById method does not work, because it can only look inside
the user's mount points. But the user has no mount point for the root storage.

So in that case we directly check the mount of the root if it contains
the id. If it does we check if the path is inside the path we are working
in.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-17 11:15:59 +02:00
Joas Schilling
ad7d13a87c
Print the error pages as error so we load less scripts and might be able to view it
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-16 19:38:43 +02:00
Roeland Jago Douma
978d312e69
Merge pull request #17151 from nextcloud/td/remove/createPreview
Remove deprecated function createPreview
2019-09-15 19:36:18 +02:00
Greta Doci
0a874c51af
Disable app token creation for impersonated people, ref #15539
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-09-15 12:04:27 +02:00
Roeland Jago Douma
98f91982be
Remove deprecated function createPreview
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-15 10:52:34 +02:00
Roeland Jago Douma
2b98eea129
Harden identifyproof openssl code
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
blizzz
ac48a9ba61
Merge pull request #17106 from nextcloud/feature/dispatch-typed-event
Add Symfony inspired typed event dispatcher method
2019-09-12 09:25:26 +02:00
Roeland Jago Douma
1b8d6df6cd
Merge pull request #17084 from nextcloud/refactor/symfony-dispatcher-signature
Use the new Symfony event dispatcher signature
2019-09-11 22:08:38 +02:00
Christoph Wurst
b9e14d5972
Add Symfony inspired typed event dispatcher method
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-11 20:02:50 +02:00
Joas Schilling
15d39c48e6
Merge pull request #17021 from nextcloud/bye-spreed-hello-talk
Bye Spreed namespace, hello Talk!
2019-09-11 14:59:37 +02:00
Roeland Jago Douma
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma
41cbb05aea
Split personal security settings in code
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Christoph Wurst
222b458280
Use the new Symfony event dispatcher signature
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-10 11:26:55 +02:00
Arthur Schiwon
20901c59d4
emit file events via Dispatcher, too
another step to get rid of hooks and emitters

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 22:56:04 +02:00
Roeland Jago Douma
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma
b3f663b8aa
Merge pull request #16859 from PhrozenByte/patch-1
Add IAppManager::getAppWebPath()
2019-09-09 12:20:27 +02:00
Roeland Jago Douma
ac19017461
Merge pull request #16962 from nextcloud/keep-cypress-git
Kill repair step for cypress
2019-09-08 21:29:01 +02:00
Roeland Jago Douma
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman
8ef5a366ec
add MAX and MIN to functionbuilder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Daniel Rudolf
2d56664e35
Improve usage of IAppManager::getAppWebPath()
Deprecate \OC_App::getAppWebPath() and \OC_App::getAppPath()

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2019-09-05 18:35:40 +02:00
Joas Schilling
858b18e34a
Bye Spreed namespace, hello Talk!
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-09-05 15:32:58 +02:00
Arthur Schiwon
3ce5d4e545
reduce adressbook change events and handling
... from four to one on avatar updates

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:25 +02:00
Julius Härtl
64fe9bc287
Return the proper jailed path when requesting the root path
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-09-04 13:25:17 +02:00
Roeland Jago Douma
b7301f40dd
Merge pull request #16972 from nextcloud/enh/default_client_timeout
Set a default request timeout
2019-09-04 08:08:48 +02:00
Roeland Jago Douma
ca2623e6ad
Set a default request timeout
This to avoid endless running processes.
A default timeout of 30 seconds should cover the 99% case. If a job need
specific longer time it should set that.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-02 15:42:48 +02:00
Daniel Kesselberg
62ded4ad50
Kill repair step for cypress tests
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-02 11:50:23 +02:00
Samuel CHEMLA
94eb77a535 Fix sanity checks #16963
Signed-off-by: Samuel CHEMLA <chemla.samuel@gmail.com>
2019-09-01 22:27:08 +02:00
Daniel Kesselberg
2d04be27df
Keep cypress if git
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-01 20:46:13 +02:00
Julius Härtl
299759b836
Handle throwables in the http dispatcher
Co-authored-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-29 17:19:14 +02:00
Roeland Jago Douma
130fdf5006
Merge pull request #16913 from nextcloud/fix/declare_members
SessionMiddleware: declare session property
2019-08-29 09:54:45 +02:00
Roeland Jago Douma
3f12ec95f0
SessionMiddleware: declare session property
* Remove request since we don't useit
* Update tests as well

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
Roeland Jago Douma
c73b4f25c3
Make sure they keys are unique
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 12:55:07 +02:00
Joas Schilling
b1a0d464ba
Merge pull request #16723 from nextcloud/fix/sharing/unshare-message
Add expiration event for shares
2019-08-26 12:58:51 +02:00
John Molakvoæ
40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
Daniel Rudolf
34919d3ebc
Add IAppManager::getAppWebPath()
Implements a public API for \OC_App::getAppWebPath()

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2019-08-25 15:27:04 +02:00
blizzz
f515da4f3c
Merge pull request #16845 from nextcloud/bugfix/noid/public-constants
Make the sharing constants publicly available
2019-08-23 23:15:15 +02:00
Joas Schilling
92862c51f5
Always check via http and https whether htaccess is working
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-23 14:33:58 +02:00
Joas Schilling
b130a4c8fb
Make the sharing constants publicly available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-23 13:54:19 +02:00
Arthur Schiwon
43bc31bacb
set a storage availability delay on auth issues to avoid lock out
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-22 12:40:15 +02:00
Roeland Jago Douma
1e74ffd46b
Merge pull request #16820 from nextcloud/bugfix/noid/access-handling-of-projects
Change access handling of projects
2019-08-21 22:02:50 +02:00
blizzz
9ac15bc4e9
Merge pull request #16813 from compagnon/fix/noid/AutoloadNotAllowedException-theming-off
autoloader.php could raise Not AllowedException
2019-08-21 16:04:32 +02:00
Joas Schilling
69f2974706
Only trigger the events with tags that where actually assigned
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 11:58:27 +02:00
Joas Schilling
23bd4c127d
Add a repair step to clear the projects access cache
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 09:16:14 +02:00
Joas Schilling
b53283fcb7
Change the logic so projects are only shown when you can access all resources
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-21 09:16:14 +02:00
John Molakvoæ (skjnldsv)
b557f52c22
Add expiration event for shares
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-08-21 08:30:17 +02:00
Roeland Jago Douma
dd02920aed
Merge pull request #16811 from nextcloud/bugfix/16771/correctly-remove-apps-without-any-releases
Correctly remove apps without any releases
2019-08-20 22:29:20 +02:00
Roeland Jago Douma
1dda6fb05b
Merge pull request #16812 from nextcloud/bugfix/noid/previewv1-returntype
Explicit cast for ProviderV1Adapter
2019-08-20 22:28:43 +02:00
Guillaume COMPAGNON
0516675a5c autoloader.php could raise Not AllowedException
when theming is off

Signed-off-by: Guillaume Compagnon <gcompagnon@outlook.com>

	modified:   lib/private/TemplateLayout.php
2019-08-20 17:11:40 +02:00
Julius Härtl
d3d37aa19d
Explicit cast for ProviderV1Adapter
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-20 15:47:59 +02:00
Joas Schilling
17096adff9
Correctly remove apps without any releases
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-20 14:47:46 +02:00
Joas Schilling
323642454a
Undefined variable response when server is no nextcloud anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-20 12:54:58 +02:00
Joas Schilling
650e4f9f4c
Merge pull request #16793 from nextcloud/bugfix/noid/filter-more-configs
Filter more configs
2019-08-20 09:01:20 +02:00
Roeland Jago Douma
1614dee6dc
Codechecker: removed unused use
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:41:46 +02:00
Roeland Jago Douma
7927aebdeb
Fix report of phpstan in Limiter
* unneeded arguments to constructor
* added return types
* let automatic DI do its work

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Joas Schilling
b6c78eb9d4
Filter more configs
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-19 16:32:20 +02:00
MichaIng
51a35bb1cb
Minor syntax
+ Use Apache syntax with cases according to official docs: https://github.com/nextcloud/server/pull/16792/files#r315207691
+ Add missing whitespace for concatenating strings to variable: https://github.com/nextcloud/server/pull/16792/files#r315207520
+ Apache 2.5 will be released as 2.6: https://github.com/nextcloud/server/pull/16792/files#r315206147

Signed-off-by: Micha Felle <micha@dietpi.com>
2019-08-19 15:50:48 +02:00
MichaIng
01b558c8b4
Update lib/private/Setup.php
+ Remove unnecessary spaces from code

Co-Authored-By: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-19 15:29:48 +02:00
MichaIng
dcbf8fa8e3
Harden data protection .htaccess
+ Set "Satisfy All" whenever available, as well on Apache 2.4+. This is required to override possible "Satisfy Any" on parent dir, which otherwise would allow direct access to data, regardless of "Require" directive.
+ Set "Deny from all" as well whenever available, to block access regardless of which access control directive takes priority.
+ Assume Apache 2.2 only, if mod_authz_core and mod_access_compat are both not available, to avoid doubled directives. In this case set "Deny from all" directive only if the providing mod_authz_host module is available. "Satisfy" is a core directive on Apache 2.2.
+ Update Apache version strings. Regarding the used directives/modules, Apache 2.4 and 2.5 behave the same.
+ Add ordering spaces to better reflect the nested directives and to match style of other .htaccess files.

Fixes: https://github.com/nextcloud/server/issues/6449

Signed-off-by: Micha Felle <micha@dietpi.com>
2019-08-19 15:09:44 +02:00
Joas Schilling
810ee7d811
Make the auto-disabled list more broad
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-15 11:12:45 +02:00
Georg Ehrke
f6c3424039
Fix tracking of auto disabled apps in Updater
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2019-08-15 11:12:43 +02:00
Roeland Jago Douma
d14aed1048
Merge pull request #15946 from martink-p/bugxfix/9792/encrypted-external-webdav
Update Encryption.php
2019-08-15 10:22:50 +02:00
Roeland Jago Douma
f7152cccb2
Merge pull request #16572 from nextcloud/fix/15613/bring-back-psql9-compat
instead of upsert query, fallback to default on PSQL <= 9.4
2019-08-14 10:10:37 +02:00
blizzz
2ac01c0203
Merge pull request #16725 from nextcloud/bugfix/noid/syslog-di
Fix loading of the syslog logging class
2019-08-14 09:46:48 +02:00
Arthur Schiwon
d0409548c6
instead of upsert, fallback to default query on PgSQL <= 9.4
because there is no upsert yet

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-14 09:05:11 +02:00
Julius Härtl
2efb9a7d90
Make sure SystemConfig class can be injected and syslog_tag is fetched properly
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-13 16:26:18 +02:00
Roeland Jago Douma
145eee91fe
Get the proper UID
Some user backends (like the database backend) allow us to obtain a user
case insensitive. However the UID itself is case sensitive.

Example:
* create a user User1
* login as User1
  - This results the data/User1 folder to be created etc
* now have some code somewhere that obtains the userFolder (from
IRootFolder) but pas in 'uSER1' as uid
  - The code will check if that is a valid user. And in this case it is
  since User1 and uSER1 both map to the same user
  - However the the UID in the user object is used for the folder a new
  folder fill be create data/uSER1

With this PR this is avoided now. Since we obtain the real UID casing in
the backend before creating the user object.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-13 09:33:46 +02:00
Roeland Jago Douma
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Roeland Jago Douma
9d6eb2daf7
Merge pull request #16179 from J0WI/mv-frameoptions
Add X-Frame-Options header to .htaccess
2019-08-11 21:30:51 +02:00
Scott Shambarger
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
 "cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.

Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
J0WI
1b074f48d8
Remove duplicated spaces
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
3f2932c75a
Sort headers
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:50 +02:00
J0WI
76cbd7db6e
Add X-Frame-Options header to .htaccess
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2019-08-11 20:11:49 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma
5d94590cee
Have the OCSBaseResponse call the parent constructor
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-08 09:52:20 +02:00
Roeland Jago Douma
b42b26eceb
Merge pull request #15187 from vitormattos/bugfix-create-database-user
Bugfix: user is not allowed
2019-08-08 09:03:48 +02:00
Roeland Jago Douma
650927a822
Properly return an int in the getId function of the cache
fixes #16684

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-07 20:38:42 +02:00
Roeland Jago Douma
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma
f94ee72507
Add form-action CSP element
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl
22b81ac1e4
Fix permission check on incoming federated shares
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma
417fbb5d60
setting unsafe-eval is deprecated
This will be removed in a future version of Nextcloud.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-30 16:27:38 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma
ba60fafb9a
Add proper PostLoginEvent
This can be used by othr mechanisms to listen for this event in a lazy
fashion.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Morris Jobke
e45fb5fa3e
Fix typo in comment
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 14:55:43 +02:00
Roeland Jago Douma
51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
Split up security middleware
2019-07-29 12:13:55 +02:00
Roeland Jago Douma
fb78cd3ed8
Merge pull request #16570 from nextcloud/enh/supress_touch_error
Supress warnings touch can generate
2019-07-29 10:39:46 +02:00
Roeland Jago Douma
37a4282c7a
Split up security middleware
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.

I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Roeland Jago Douma
9ef23e2362
Merge pull request #16558 from nextcloud/enh/less_verbose_locked_logging
Do not log all locked exceptions
2019-07-27 10:39:11 +02:00
Roeland Jago Douma
1cc8a2f5d2
Supress warnings touch can generate
We already catch the result value. Having the warning being logged
explicitly doesn't help and polutes the log.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 17:26:59 +02:00
Morris Jobke
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Roeland Jago Douma
cdc43cd39b
Merge pull request #16456 from nextcloud/dep/searchByTag
Remove deprecated searchByTag
2019-07-26 15:07:04 +02:00
Roeland Jago Douma
4cc41cb4c7
Do not log all locked exceptions
This can happen for valid reasons (multiple users writing at the same
time) with for example the text app. Apps should properly handle it. No
reason to log it by default.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 14:55:13 +02:00
Arthur Schiwon
78201bcb72
treat sensitive config keys by pattern
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma
323f40a493
Merge pull request #16461 from nextcloud/fix/noid/pgsql-version
fixes the check for postgresql
2019-07-26 12:32:04 +02:00
Roeland Jago Douma
0487144b26
Remove deprecated searchByTag
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Julius Härtl
e43b341b04
Add additional check for read permissions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Julius Härtl
3674f6fa2d
Check the if we can actually access the storage cache for recent files
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Joas Schilling
7d3a349d8f
PHPStorm code cleanup
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 10:39:57 +02:00
Joas Schilling
3b334169a8
Get the topmost parent for the parent instead of doing endless recursion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-24 10:39:22 +02:00
Morris Jobke
d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Morris Jobke
3a6d8174a9
Merge pull request #16450 from nextcloud/tech-debt/noid/cleanup-unused-OC_API-methods
Removes unused OC_API::register
2019-07-22 16:04:01 +02:00
Morris Jobke
54bcd86db7
Adjust deprecation tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-22 12:06:16 +02:00
Daniel Kesselberg
608f4d3ee9
Pass $configargs to openssl_pkey_export
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 22:21:59 +02:00
Daniel Kesselberg
8bed3021bd
Exclude .rnd files from integrity check
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Morris Jobke
a085a88205
Merge pull request #14954 from tacruc/searchPatterns
Allow to search for real pattern in contacts
2019-07-19 18:03:37 +02:00
Morris Jobke
baff2ccdba
Merge pull request #16452 from nextcloud/bug/noid/error-with-exception-on-ssl-error
Error with exception on SSL error
2019-07-18 20:51:30 +02:00
Morris Jobke
4ae17427c5
Error with exception on SSL error
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 18:50:44 +02:00
Arthur Schiwon
8b1126e6d2
fixes the check for postgresql
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-18 18:34:10 +02:00
Roeland Jago Douma
057e88e9e7
Merge pull request #16380 from Dreamsorcerer/patch-1
Allow use of server var for CSP nonce
2019-07-18 15:33:15 +02:00
Sam Bull
ea935f65fd
Add support for CSP_NONCE server variable
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.

Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
Morris Jobke
55d8c3db3e
Reduce indirection in AppManager
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 11:33:58 +02:00
Morris Jobke
605d0874a4
Removes unused OC_API::register
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-18 11:27:09 +02:00
Morris Jobke
48653d1a27
Merge pull request #16440 from marcelklehr/fix/objectstorage-put-contents
Fix File#putContents(string) on ObjectStorage
2019-07-17 22:38:41 +02:00
Morris Jobke
5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
Notifications overhaul
2019-07-17 20:22:03 +02:00
Morris Jobke
782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
Marcel Klehr
d46744e2f1 Fix File#putContents(string) on ObjectStorage
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2019-07-17 14:58:56 +02:00
Morris Jobke
223a91d5ef
Merge pull request #16416 from nextcloud/enh/log-details
Move log detail aggregation and reuse it in syslog/systemd logger
2019-07-17 11:43:32 +02:00
Julius Härtl
07bbec3355
Move log detail aggregation to separate class and reuse it in syslog/systemd logger
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-17 08:45:55 +02:00
Morris Jobke
99f2c82222
Properly inject the logger
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
Roeland Jago Douma
8ca2b31804
Do not keep searching for recent
If userA has a lot of recent files. But only shares 1 file with userB
(that has no files at all). We could keep searching until we run out of
recent files for userA.

Now assume the inactive userB has 20 incomming shares like that from
different users. getRecent then basically keeps consuming huge amounts
of resources and with each iteration the load on the DB increases
(because of the offset).

This makes sure we do not get more than 3 times the limit we search for
or more than 5 queries.

This means we might miss some recent entries but we should fix that
separatly. This is just to make sure the load on the DB stays sane.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-16 19:14:55 +02:00
Joas Schilling
594efca1e3
Update since to the correct version
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 16:58:38 +02:00
Joas Schilling
565838da9c
Update unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
Joas Schilling
55f5bc79a1
Keep the old method as a fallback and adjust the tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
Oliver Salzburg
392a4dd68a
Use specific privileges when creating admin
Using the ALL shorthand can cause problems when not all privileges are available to the user.
For example, AWS RDS MariaDB/MySQL will not grant the initial user account on an instance the SUPER privilege.
While the user account is still valid for pretty much any task on the DB instance, it can not use the ALL shorthand when granting privileges to new users.
By supplying a specific set of privileges, we work around this limitation without sacrificing functionality.

Closes #16139

Signed-off-by: Oliver Salzburg <oliver.salzburg@gmail.com>
2019-07-16 10:26:25 +02:00
Roeland Jago Douma
d0e1bcc1d0
Merge pull request #15606 from nextcloud/fix/15605/add-catch-for-runtime-exception
Add catch for RuntimeException
2019-07-16 08:05:11 +02:00
Morris Jobke
cbecc1f8cf
Log RuntimeException in CleanupCardDAVPhotoCache
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-15 22:26:08 +02:00
Roeland Jago Douma
a3deb21bf4
Merge pull request #16334 from nextcloud/feature/noid/enterprise-logo
Add enterprise logo
2019-07-15 20:31:06 +02:00
Morris Jobke
b732f51c10
Add enterprise logo
Also set it as theming logo if the subscription is valid.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-15 16:45:53 +02:00
Joas Schilling
64f67818bc
Fix new core notifier
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:14:58 +02:00
Joas Schilling
865c12aa0e
Fix detection of Notifiers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:43 +02:00
Joas Schilling
f376b9fea7
Fix creation of the Manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:42 +02:00
Joas Schilling
9690b3153a
Change how Notifiers and Apps are registered
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:42 +02:00
Joas Schilling
9b288cda6d
Make all interfaces strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-15 15:12:40 +02:00
Morris Jobke
1e5fadcdf1
Merge pull request #16399 from nextcloud/improvement/noid/fulltextsearch-simple-queries
[nc17] add SimpleQueries to FullTextSearch
2019-07-15 10:18:04 +02:00
Maxence Lange
cb91b3ce3e addsubtag should push to array
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-14 19:17:55 -01:00
Maxence Lange
1e2518d7f9 new model to manage some simple queries
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fixing issue in addSubTag()

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
fix const

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
autoload

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Revert "fixing issue in addSubTag()"

This reverts commit a9ab2ab91b98133c69272f27ea1b51594719e241.

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
syntax

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2019-07-14 19:07:28 -01:00
Roeland Jago Douma
f8aeef7ae9
Lock SCSS so we only run 1 job at a time
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
Roeland Jago Douma
c193c0d466
Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentions
Allow guest mentions of talk to be parsed
2019-07-12 10:35:54 +02:00
Roeland Jago Douma
74be0cf982
Merge pull request #16361 from nextcloud/bugfix/noid/drop-foreignkey-on-owncloud-migration
Drop foreignkey on owncloud migration
2019-07-11 19:40:04 +02:00
Morris Jobke
79e0b5c4ce
Merge pull request #15514 from nextcloud/feature/noid/add-enterprise-channel
Update channels for updater server
2019-07-11 12:42:34 +02:00
Joas Schilling
0d4ca0e754
Drop foreign key before trying to drop the accounts table
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 12:14:25 +02:00
Morris Jobke
39c28bd05b
Enterprise update channel
Allows to select the enterprise update channel for instances that have a valid subscription.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-10 16:19:34 +02:00
Joas Schilling
77918356d6
Allow guest mentions of talk to be parsed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-10 15:33:10 +02:00
Roeland Jago Douma
e953205908
Use HTTP1.1 to read S3 objects
Some of the READs otherwise use HTTP/1.0 which is not always supported
by all backends. HTTP/1.1 is there since 1999 way longer than S3 so safe
to assume it is always there IMO.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-10 11:42:22 +02:00
Christoph Wurst
d058ef2b6c
Make it possible to wipe all tokens/devices of a user
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
Christoph Wurst
1c261675ad
Refactor: move remote wipe token logic to RW service
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
Roeland Jago Douma
761c961b52
Merge pull request #16307 from nextcloud/bugfix/noid/previewv1adapter-isAvailable
Fix ProviderV1Adapter isAvailable wrapper
2019-07-09 13:37:07 +02:00
Roeland Jago Douma
027486e27d
Merge pull request #15867 from nextcloud/preview-versioning
allow keeping multiple preview "versions" of the same file
2019-07-09 11:06:44 +02:00
Julius Härtl
5030d15e25
Fix ProviderV1Adapter isAvailable wrapper
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-09 11:02:20 +02:00
Roeland Jago Douma
5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
Robin Appelman
5cb00aba09
allow injecting CsrfTokenManager by class
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-07-09 08:42:49 +02:00
Robin Appelman
5e082f8946
allow keeping multiple preview "versions" of the same file
The main use case here is storage provided versioning where we dont have
separate file ids for all the versions, by allowing a prefix for the
version we can store separate previews for all the versions.

Additionally, by keeping all the version previews in the same folder as the
"normal" previews they will be cleaned up properly when the file is deleted

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-07-08 22:04:16 +02:00
Roeland Jago Douma
5ac857bcdc
Add an event to edit the CSP
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
Roeland Jago Douma
3d69f03a6d
Merge pull request #16292 from nextcloud/techdebt/noid/cleanup-outdated-repair-steps
Remove one time repair steps that have already run when updating to 17
2019-07-08 20:32:44 +02:00
Morris Jobke
53d2d95478
Remove one time repair steps that have already run when updating to 17
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
Morris Jobke
13c7810306
Try to delete the cypress folder of the viewer app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:35:27 +02:00
John Molakvoæ
5a03189ce7
Mimetype list integrity check should not fail if it's changed (#15810)
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
John Molakvoæ
b32afe26bb
Allow IProviderV2 for previews as well (#16209)
Allow IProviderV2 for previews as well
2019-07-07 19:59:31 +02:00
John Molakvoæ (skjnldsv)
4505afe184
Allow IProviderV2 for previews as well
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-07-05 13:57:46 +02:00
Xheni Myrtaj
ea2d75c2b4
Remove empty lines
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:38:30 +01:00
Xheni Myrtaj
9211e34aec
Added Tests for modified mimetypelist
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
Julius Härtl
857fae288c
Always set the display name for user shares
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00
Joas Schilling
85a80b05ac
Unify the permission checking in one place only
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 16:34:00 +02:00
Joas Schilling
e4addbae3e
Better check reshare permissions when creating a share
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 14:00:13 +02:00
Christoph Wurst
c50fe2a9c9
Send emails when remote wipe starts/finishes
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-02 21:59:23 +02:00
Georg Ehrke
9f7fca49bb
Merge pull request #15775 from nextcloud/refactor/decouple-remote-wipe-notifications
Decouple remote wipe notifcation channels with events
2019-07-02 08:58:21 +00:00
Joas Schilling
c15c2e440f
Allow apps to overwrite the maximum length when reading from database
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-01 15:48:26 +02:00
Greta Doci
5898e87e0f Remove deleted groups from app restrictions fixes #15823
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-06-27 20:17:50 +02:00
Christoph Wurst
aa6622ccef Decouple remote wipe notifcation channels with events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 17:16:18 +02:00
Roeland Jago Douma
5312a07f55
Merge pull request #16107 from nextcloud/local-check-path
verify that paths are valid for recursive local move
2019-06-27 16:36:30 +02:00
Robin Appelman
f39605dabc
verify that paths are valid for recursive local move
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-27 11:10:08 +02:00
Joas Schilling
d2c8a11c07
Allow apps to store longer messages in the comments API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-06-26 10:14:24 +02:00
Jan-Christoph Borchardt
b466127b1f
Merge pull request #16055 from nextcloud/design/native-fonts
Use native font stack
2019-06-26 00:08:16 +02:00
Roeland Jago Douma
a47403d5f8
Merge pull request #16021 from nextcloud/bugfix/noid/fall-back-to-black-for-non-color-values
Fall back to black for non-color values
2019-06-25 22:04:12 +02:00
Roeland Jago Douma
2f5810f26e
Merge pull request #15832 from nextcloud/bugfix/noid/fulltext-search-groupfolders
Fix full text search for groupfolders
2019-06-25 21:43:37 +02:00
Roeland Jago Douma
d4a44d9b78
Merge pull request #15870 from nextcloud/preview-provider-v2
Add new Provider interface for preview providers
2019-06-25 15:05:54 +02:00
Roeland Jago Douma
5fbf304c2a
Merge pull request #15777 from nextcloud/feature/ocp-event-dispatcher
Add event dispatcher to OCP
2019-06-25 11:48:16 +02:00
Christoph Wurst
3174012adf Add event dispatcher to OCP
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-25 10:02:27 +02:00
Jan-Christoph Borchardt
d14c0f2ed7
Move font from Nunito to Noto Sans
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2019-06-22 11:23:44 +02:00
Robin Appelman
1ad95caf24
Merge pull request #15889 from nextcloud/touch-handle-backend-exceptions
handle storage exceptions when trying to set mtime
2019-06-21 17:14:27 +02:00
Joas Schilling
9d121985dc
Merge pull request #15540 from nextcloud/bugfix/noid/prevent-faulty-logs-from-nested-setupFS-calls
Prevent faulty logs from nested setupFS calls
2019-06-21 12:00:22 +02:00
Joas Schilling
05381f00d2
Fall back to black for non-color values
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-06-20 15:23:06 +02:00
John Molakvoæ
21d836364e
Add extendedSupport to Subscription (#15922)
Add extendedSupport to Subscription
2019-06-19 10:55:10 +02:00
Julius Härtl
3ef1780646
Allow to access source maps on apache
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-19 09:54:49 +02:00
Julius Härtl
df072471a7
Add extendedSupport to Subscription
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-17 16:36:23 +02:00
Morris Jobke
9dac9710e4 Fix full text search for groupfolders
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-06-17 12:52:22 -01:00
Robin Appelman
6150614374
Add new Provider interface for preview providers
the main difference is passing the `File` object to the provider
instead of a `View` + path

Old providers will still continue to work as before

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-17 14:09:09 +02:00
martink-p
9cff71f5b0 Update Encryption.php
Signed-off-by: martink-p <47943787+martink-p@users.noreply.github.com>
2019-06-17 12:13:29 +02:00
martink-p
8b22ede5f3 Update Encryption.php
Signed-off-by: martink-p <47943787+martink-p@users.noreply.github.com>
2019-06-17 12:13:29 +02:00
martink-p
39a4fe40a3 Apply suggestions from code review
Co-Authored-By: Daniel Kesselberg <mail@danielkesselberg.de>
Signed-off-by: martink-p <47943787+martink-p@users.noreply.github.com>
2019-06-17 12:13:29 +02:00
martink-p
4b9675df6c Update Encryption.php
Signed-off-by: martink-p <47943787+martink-p@users.noreply.github.com>
2019-06-17 12:13:29 +02:00
John Molakvoæ (skjnldsv)
e9351ef779
Add strict type on Notifications tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-13 14:58:38 +02:00
John Molakvoæ
18d85d46d1
Merge pull request #15783 from nextcloud/bugfix/6015/app-enable-migration
Run repair steps when enabling an app that has already been installed
2019-06-11 18:42:23 +02:00
John Molakvoæ (skjnldsv)
49d5030a53
Fix userid casting in notifications
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-11 16:53:20 +02:00
Christoph Wurst
7d1fc2b8e8
Fix missing login hook wih Apache/SAML
Without this patch the hook does not transport the information whether the login is
done with an app password or not. The suspicious login app requires the parameter
to function correctly, hence adding it will make suspicious login detection also possible
with SAML users.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-11 07:29:00 +02:00
Robin Appelman
b4e2d8f8ad
handle storage exceptions when trying to set mtime
not all storage backends can handle setting the mtime and they might
not always handle that error correctly.

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-06 16:09:27 +02:00
Julius Härtl
8f2e8fa324
Run repair steps when enabling an app that has already been installed
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-05 13:52:46 +02:00
Roeland Jago Douma
357263a70b
Do not try to autoload built in types
This avoids calls to the autoloader (or chain of autoloaders) to see if
for example 'principalPrefix' class can be found. While we already know
it is a string.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-04 15:13:32 +02:00
Xheni Myrtaj
1d434cbac6
Update lib/private/IntegrityCheck/Checker.php
Co-Authored-By: Morris Jobke <hey@morrisjobke.de>
2019-05-31 17:04:04 +02:00
Roeland Jago Douma
5ab4daad96
Move OC\Settings\Admin and OC\Settings\Personal to actual settings
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-05-30 12:49:47 +02:00
Xheni Myrtaj
9a7e19771f
Fix indentation
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-05-29 22:52:45 +02:00
Xheni Myrtaj
d227f4d34c
Do not fail integrity check if mimetype list is changed
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-05-29 22:43:23 +02:00
Roeland Jago Douma
58fe0b8032
Merge pull request #15776 from nextcloud/get-by-id-shares-last
search files by id in shared storages last
2019-05-29 21:56:15 +02:00
John Molakvoæ
866282f13f
Start fixing 2fa icons in dark theme, ref #13643 (#15597)
Start fixing 2fa icons in dark theme, ref #13643
2019-05-29 06:56:52 +02:00
Robin Appelman
98dd526010
search files by id in shared storages last
this prevents unneeded recursion when the file is not in the share

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-28 20:03:45 +02:00
Greta Doci
536b4106bb Fix 2fa icons in dark theme, fix #13643
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-05-28 17:17:04 +02:00
Morris Jobke
abeea8b0b9
Merge pull request #15766 from nextcloud/bugfix/0b-quota-create-backend
Check for free space on touch
2019-05-28 15:02:51 +02:00
Julius Härtl
67dd4b018a
Check for free space on touch
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-28 13:06:59 +02:00
Arne Hamann
2c5ebac458
Allow to search for real pattern in contacts
Added an option escape_like_param to allow wildcards

Signed-off-by: Arne Hamann <kontakt+github@arne.email>
2019-05-28 10:01:56 +02:00
blizzz
3e5174b733
Merge pull request #15704 from nextcloud/enh/7276/group-names
Group display name support (service level + ldap)
2019-05-27 15:09:03 +02:00
Arthur Schiwon
c6c8a41d2f
group display name support (service level + ldap)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-05-27 12:03:05 +02:00
Roeland Jago Douma
8b6d8ed423
Merge pull request #15738 from nextcloud/enh/dont-notify-admin-if-no-exposing-share-links-found
Don't notify admins if no potentially over exposing links found
2019-05-27 11:50:43 +02:00
Daniel Kesselberg
d00566b750
Don't notify admins if no potentially over exposing links found
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-05-26 15:52:19 +02:00
Roeland Jago Douma
b0c2042a28
Merge pull request #15714 from nextcloud/fix/204_304_rfc
Check the actual status code for 204 and 304
2019-05-24 19:51:01 +02:00
Roeland Jago Douma
5b0e70ff77
Merge pull request #15679 from nextcloud/feature/sub-admin-settings
Make it possible to show admin settings for sub admins
2019-05-24 15:37:46 +02:00
Roeland Jago Douma
b0c030cbb5
Check the actual status code for 204 and 304
The header is the full http header like: HTTP/1.1 304 Not Modified
So comparing this to an int always yields false
This also makes the 304 RFC compliant as the resulting content length
should otherwise be the length of the message and not 0.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-24 15:18:32 +02:00
Morris Jobke
96e892770d
Merge pull request #15715 from nextcloud/s3-bucket-name
Allow other code to use the s3 client from object store
2019-05-24 15:03:22 +02:00
Robin Appelman
834db3af2c
add method to get bucket name from s3 storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-24 14:02:03 +02:00
Christoph Wurst
22ae682823
Make it possible to show admin settings for sub admins
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-23 20:31:40 +02:00
Morris Jobke
3d306bfef3
Merge pull request #15684 from nextcloud/objectstore-expose-urn
make ObjectStoreStorage::getURN public
2019-05-22 22:49:40 +02:00
Morris Jobke
78c1492df9
Merge pull request #15682 from nextcloud/enh/15675/lazy_l10n
Make the L10N loading lazy
2019-05-22 14:11:48 +02:00
Morris Jobke
024fc27e9a
Merge pull request #15685 from nextcloud/fix/noid/redis-cluster-with-auth
Allow redis cluster to use password
2019-05-22 13:47:11 +02:00
Morris Jobke
e9e9b6a4b6
Allow redis cluster to use password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-22 12:19:07 +02:00
Robin Appelman
06a119242e
make ObjectStoreStorage::getURN public
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-22 12:17:33 +02:00
Roeland Jago Douma
b2cc5d8fb6
Make the L10N loading lazy
Fixes #15675
This makes loading of the actual L10N lazy. So we only detect and load
the actual translations when they are used. Instead of trying to load
them all the time just because an app is enabled.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-05-22 11:22:12 +02:00
blizzz
f739783780
Merge pull request #15668 from nextcloud/fix/10832/l10n-on-settings-page
Fix l10n for SettingsManager by injecting the l10n factory
2019-05-22 00:50:44 +02:00
Morris Jobke
8c3c04596e
Fix l10n for SettingsManager by injecting the l10n factory
Fixes #10832

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-05-21 22:25:13 +02:00
Roeland Jago Douma
9daee196a3
Merge pull request #15660 from nextcloud/objectstore-get
add method to get the used object store from the storage
2019-05-21 20:02:50 +02:00
Robin Appelman
439b341e89
add method to get the used object store from the storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-05-21 17:18:00 +02:00
Morris Jobke
ac92603014
Merge pull request #15638 from nextcloud/bugfix/7965/sharing-hide-if-empty
Only show sharing section if it has content
2019-05-21 10:33:07 +02:00
Roeland Jago Douma
f03eb7ec3c
Remote wipe support
This allows a user to mark a token for remote wipe.
Clients that support this can then wipe the device properly.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-20 20:50:27 +02:00
Julius Härtl
8f11d2a39b
Only show sharing section if it has content
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-05-20 18:07:24 +02:00
Daniel Kesselberg
b693487d64
Add catch for RuntimeException
getDirectoryListing can throw a NotFoundException or a RuntimeException.
The repair step should be skipped if the cache directory is missing so
a catch for both exceptions is required.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-05-17 21:04:01 +02:00
Roeland Jago Douma
579162d7b9
Allow 2FA to be setup on first login
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-05-17 10:11:53 +02:00
Joas Schilling
22fa6421e5
Prevent faulty logs from nested setupFS calls
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-05-15 10:22:51 +02:00
Roeland Jago Douma
1cfc59c3ad
Merge pull request #15497 from nextcloud/3rdparty/doctrine/dbal-292
[3rdparty] Doctrine dbal to 2.9.2
2019-05-15 08:57:13 +02:00
Roeland Jago Douma
9fe4d8e7a1
Merge pull request #15336 from epma01/redis-patch
Fix Redis with unix socket #730
2019-05-15 08:43:20 +02:00