Commit graph

4539 commits

Author SHA1 Message Date
Robin Appelman
fc7f7e5c37 only lock in getDirectoryContent if we need to update the cache 2015-11-03 18:23:22 +01:00
Robin Appelman
4f2656993e only lock in getFileInfo if we need to update the cache 2015-11-03 18:23:22 +01:00
Robin Appelman
0397871f7e Split checkUpdate 2015-11-03 18:23:22 +01:00
Thomas Müller
b2a437ffff Add a new core capability which tells the clients which url to use 2015-11-03 14:27:36 +01:00
Thomas Müller
620dc7ce22 Merge pull request #20196 from owncloud/use-actual-mimetype-detection-instead-of-oath
Use actual mimetype detection instead of extension
2015-11-02 17:36:13 +01:00
Raghu Nayyar
56b537271e Global Classes for Core.
Move up the global styles up the hierarchy.

Adds Clear Left, Right and both.

New CSS file for Global Styles.
2015-11-02 20:54:02 +05:30
Thomas Müller
b6ca23afe1 Merge pull request #20189 from owncloud/use-get-http-protocol
Use getHttpProtocol instead of $_SERVER
2015-11-02 10:13:41 +01:00
Lukas Reschke
40ae54d60a Use actual mimetype detection instead of extension
We cannot rely on the extension as the file may also be a valid TAR or ZIP file without such content. Especially when getting resources from the ownCloud appstore.
2015-10-31 00:55:37 +01:00
Lukas Reschke
78cad94ff4 Add support for Redis password auth
For enhanced security it is recommended to configure Redis to only accept connections with a password. (http://redis.io/topics/security)

This is especially critical since Redis supports the LUA scripting language and thus a simple SSRF vulnerability (as proven in http://benmmurphy.github.io/blog/2015/06/04/redis-eval-lua-sandbox-escape/ for example) may lead to a remote code execution.
2015-10-30 20:19:23 +01:00
Lukas Reschke
bafb86fb9f Use getHttpProtocol instead of $_SERVER 2015-10-30 18:05:30 +01:00
Morris Jobke
ef76998eda Add warning for broken l10n json files
* makes it easier to spot broken l10n files
2015-10-30 09:10:16 +01:00
Thomas Müller
73d9699be9 Merge pull request #20135 from owncloud/check-if-null-subadmin
Drop OC_SubAdmin and replace usages
2015-10-29 17:07:45 +01:00
Robin Appelman
c30a68e2f8 Merge pull request #20060 from owncloud/cache-move-final-update-transaction
include the final update in the transaction when moving a folder in the cache
2015-10-29 16:45:59 +01:00
Thomas Müller
1ce911d2f9 Merge pull request #19592 from owncloud/availability-root-always-exists
The root of a storage always exists
2015-10-29 14:14:56 +01:00
Robin Appelman
01d3393b7b include the final update in the transaction when moving a folder in the cache 2015-10-29 12:34:49 +01:00
Thomas Müller
530f7229e7 Merge pull request #19869 from owncloud/cache-adjustcurrentmtimeonrename
On rename, also refresh storage_mtime of the target file
2015-10-29 11:57:00 +01:00
Lukas Reschke
c6f6a8758b Drop OC_SubAdmin and replace usages 2015-10-29 11:31:18 +01:00
Thomas Müller
9ab44f1f00 Merge pull request #11509 from owncloud/internal_email_template
Allow separate templates for internal and external share notifications
2015-10-29 11:27:05 +01:00
Robin Appelman
33eb13e415 The root of a storage always exists 2015-10-29 11:21:50 +01:00
Stephen Colebrook
6feb31bf96 Allow separate templates for internal and external share notifications 2015-10-29 10:24:24 +01:00
Joas Schilling
e5a7e3124a Add a repair step that checks for group membership on shares 2015-10-29 09:26:26 +01:00
Thomas Müller
8ad3df9b9e Merge pull request #19182 from cweiske/support-bzip2
Fix #19181: Support .bz2 app archives
2015-10-28 14:05:11 +01:00
Roeland Jago Douma
07fe1df8c1 Make \OC\SubAdmin php-5.4 compatible
* Also close some cursors while we are at it
2015-10-28 09:09:16 +01:00
Thomas Müller
40ba8d267f Merge pull request #19837 from owncloud/always-enabled-apps
Store list of apps which cannot be disabled in shipped.json
2015-10-26 17:14:29 +01:00
Vincent Petry
b900782513 Also adjust storage_mtime of target after rename
Some storages like Dropbox change their mtime on rename...
2015-10-26 15:41:23 +01:00
Lukas Reschke
8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Thomas Müller
d4d954b2d9 Merge pull request #19982 from owncloud/fix-link-sharing-regression-master
Ensure the password is only hashed in case it's changed on the client…
2015-10-26 10:57:31 +01:00
Thomas Müller
2038b2ec34 Fail hard if shipped.json is missing 2015-10-26 09:53:04 +01:00
Thomas Müller
5a5bcccd0d Don't show apps which are always enabled in the app manager 2015-10-26 09:53:04 +01:00
Thomas Müller
6fc59f85b6 Store list of apps which cannot be disabled in shipped.json 2015-10-26 09:53:04 +01:00
Lukas Reschke
13e817e901 Throw exception on getPath if file does not exist
Currently the `getPath` methods returned `NULL` in case when a file with the specified ID does not exist. This however mandates that developers are checking for the `NULL` case and if they do not the door for bugs with all kind of impact is widely opened.

This is especially harmful if used in context with Views where the final result is limited based on the result of `getPath`, if `getPath` returns `NULL` PHP type juggles this to an empty string resulting in all possible kind of bugs.

While one could argue that this is a misusage of the API the fact is that it is very often misused and an exception will trigger an immediate stop of execution as well as log this behaviour and show a pretty error page.

I also adjusted some usages where I believe that we need to catch these errors, in most cases this is though simply an error that should hard-fail.
2015-10-25 17:58:21 +01:00
Robin Appelman
9d7138aa50 Dont lock /$user/files 2015-10-23 14:59:16 +02:00
Roeland Jago Douma
9071e756a1 Fix for broken ajax/share.php endpoint
Even more code mess :(
All tests pass again. But I'm really not happy with this endpoint.
2015-10-23 09:24:03 +02:00
Volker Fröhlich
711e1235ea Expose syslog tag in the configuration 2015-10-22 17:42:55 +02:00
Thomas Müller
4f5ff9c105 Ensure the password is only hashed in case it's changed on the client - fixes #19950 2015-10-22 17:32:40 +02:00
Thomas Müller
e471600834 Merge pull request #19890 from owncloud/db-keep-shared-locks
Keep shared locks until the end of the request so we can reuse them
2015-10-22 10:43:00 +02:00
Lukas Reschke
8133d46620 Remove dependency on ICrypto + use XOR 2015-10-21 17:33:41 +02:00
Thomas Müller
f7f2a160dd Merge pull request #19918 from owncloud/send-begin-message
Update: state which step we are going to start and warn if it might b…
2015-10-21 14:52:19 +02:00
Thomas Müller
1060be0886 Merge pull request #19927 from owncloud/install-shipped-apps-on-upgrade
Install new shipped apps on upgrade
2015-10-21 14:43:27 +02:00
Roeland Jago Douma
c515628ebe Legacy OC_SubAdmin is now just a wrapper 2015-10-21 11:32:38 +02:00
Roeland Jago Douma
0e9ab13943 New \OC\SubAdmin class
* DI
* Tests
* moved OC_SubAdmin to legacy
* Added to private OC\GroupManager
2015-10-21 11:32:38 +02:00
Thomas Müller
d8276af301 Install new shipped apps on upgrade -fixes #19925 2015-10-21 11:14:12 +02:00
Thomas Müller
d0aeb268d6 Merge pull request #19883 from owncloud/provide-iappcontainer
Provide IAppContainer as dependency injection
2015-10-21 10:49:26 +02:00
Thomas Müller
cf9b8fc182 Merge pull request #18184 from owncloud/ocs-merge-headers
Merge headers of ocs results
2015-10-21 10:36:37 +02:00
Robin Appelman
f39c73c79c add phpdoc 2015-10-21 09:43:30 +02:00
Robin Appelman
cc7bd53d17 Keep shared locks until the end of the request so we can reuse them 2015-10-21 09:43:30 +02:00
Joas Schilling
9200bbeaba Update: state which step we are going to start and warn if it might be slow 2015-10-21 09:17:38 +02:00
Christian Weiske
a543d20958 Fix #19181: Support .bz2 app archives
At first a bz2 handling in needs to be fixed; PEAR's Archive_Tar
otherwise gives the following error:
> Unsupported compression type "bz"
> Supported types are "gz", "bz2" and "lzma2"

After that we can whitelist the application/bz2 MIME type in the installer.
2015-10-20 21:56:24 +02:00
Thomas Müller
1a84c8e9d2 Merge pull request #19884 from owncloud/locking_exception
catch all exception if table doesn't exists
2015-10-20 13:44:00 +02:00
Thomas Müller
64dc222ce5 Merge pull request #19874 from owncloud/delete-cookie-instead-of-setting-value-to-empty
Delete cookie instead of emptying value
2015-10-20 12:47:46 +02:00
Björn Schießle
168c2055ba catch all exception if table doesn't exists 2015-10-20 11:34:08 +02:00
Thomas Müller
5752e3b3c0 Merge pull request #19666 from owncloud/fix_13002
Combine OCS API getUser method code into provisioning_api app
2015-10-20 11:10:39 +02:00
Morris Jobke
a0743f12c6 Provide IAppContainer as dependency injection 2015-10-20 10:33:53 +02:00
Morris Jobke
5944b33d56 [OCI setup] remove static logger/config calls
* logger/config object are already injected - this only uses it
2015-10-20 08:53:57 +02:00
Lukas Reschke
5588c5f262 Delete cookie instead of emptying value
PHP will handle session cookies with an empty values as an E_WARNING error. ([php/#68063](https://bugs.php.net/bug.php?id=68063))

ownCloud sets the cookie to an empty value in case the session expires, it however after this starts a new session. Due to potential race conditions this can in unlikely cases lead to the fact that the session never gets restarted and the user is left with an empty cookie. PHP tries then to use the empty cookie which makes the instance not usable.

To work around any race condition we now tell PHP to explicitly delete the value which can be done by using `null` as value, PHP will then send a cookie with the value "deleted". Also theepiration has been set to -1.
2015-10-19 19:54:12 +02:00
Jörn Friedrich Dreyer
2895c91291 Merge pull request #17641 from owncloud/fix_objectstore_rename
don't move files in cache twice, fixes renaming for objectstores
2015-10-19 17:18:57 +02:00
Robin Appelman
9c5337ca3e Merge pull request #19833 from owncloud/fix_view_rmdir
Removemount expects absolutePath
2015-10-19 16:22:42 +02:00
Thomas Müller
7fe7655070 The full name has to be tested if it's a dir - fixes #19854 2015-10-19 10:07:33 +02:00
Robin Appelman
0c6c36d0c5 fix objectstore files having create permissions 2015-10-16 21:41:51 +02:00
Robin Appelman
e46741cf5d detect object homestorage in share code 2015-10-16 21:41:51 +02:00
Jörn Friedrich Dreyer
aab226cef7 don't move files in cache twice, fixes renaming for objectstores 2015-10-16 21:41:51 +02:00
Thomas Müller
6cd1126dd1 Merge pull request #19843 from owncloud/an-app-is-identified-by-having-a-info.xml-app.php-should-not-be-mandatory
an-app-is-identified-by-having-a-info.xml-app.php-should-not-be-manda…
2015-10-16 21:28:55 +02:00
Roeland Jago Douma
8fdb12f8fb Check for error when resharing 2015-10-16 20:43:17 +02:00
Roeland Jago Douma
9e86d71cc5 When sharing with the owner show the path
The error message should contain the path that is being shared not the
numeric id.
2015-10-16 20:43:17 +02:00
Thomas Müller
a2ec080427 an-app-is-identified-by-having-a-info.xml-app.php-should-not-be-mandatory 2015-10-16 17:25:22 +02:00
Roeland Jago Douma
3a14cfc295 Removemount expects absolutePath 2015-10-16 14:14:00 +02:00
Thomas Müller
2ff55560e2 Remove $ETagFunction - it was never used 2015-10-16 13:17:12 +02:00
Thomas Müller
f2889dc6e4 Consolidate webdav code - move all to one app 2015-10-16 13:17:12 +02:00
Bjoern Schiessle
dd6cb67030 check if fopen was successful before continue 2015-10-15 16:27:38 +02:00
Bjoern Schiessle
c7883b1769 only wrap source if fopen was successful 2015-10-15 16:27:38 +02:00
Morris Jobke
d392ddab70 Remove ArrayParser because it is unused 2015-10-14 16:50:56 +02:00
Thomas Müller
fbccdedb5c Merge pull request #19731 from owncloud/update-list-of-deprecated-methods
Update list of deprecated methods
2015-10-14 16:34:55 +02:00
Thomas Müller
ba461b0c92 Merge pull request #19760 from owncloud/adding_occ_upgrade_text_note
Adding occ upgrade text note
2015-10-14 16:33:33 +02:00
Thomas Müller
db4dae527c Merge pull request #19764 from owncloud/issue-19759-app-check-code-issue
Variables don't have a class, so we can't use toString() on it
2015-10-14 14:10:25 +02:00
Morris Jobke
aa10825026 update deprecation message 2015-10-14 14:08:45 +02:00
Joas Schilling
e2806b0ae8 Update list of deprecated methods 2015-10-14 14:08:45 +02:00
Joas Schilling
8379611dbe Variables don't have a class, so we can't use toString() on it 2015-10-14 13:16:58 +02:00
Thomas Müller
28d6da8158 Merge pull request #19738 from owncloud/proppatch-lastmodified
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
2015-10-14 12:49:33 +02:00
Thomas Müller
757f320531 Merge pull request #19580 from owncloud/issue-19399-remote-shares-case-sensitivity
Make sure that remote shares use the correct uid casing
2015-10-14 12:39:57 +02:00
Thomas Müller
3e87560033 Merge pull request #19727 from owncloud/fix_19678
Return path instead of itemsource
2015-10-14 12:38:38 +02:00
Thomas Müller
bfac6c5eb7 Merge pull request #19730 from owncloud/fix_17560
Squash collection shares
2015-10-14 12:38:16 +02:00
Martin
2c32811156 adding occ upgrade text note 2015-10-14 12:16:17 +02:00
Roeland Jago Douma
002e9c76cd Combine OCS API getUser method code into provisioning_api app
Fixes #13002

Move the cloud/users/{userid} code in total to the provisioning API.
2015-10-13 21:07:48 +02:00
Vincent Petry
02513f8d04 Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
Fix regression that makes PROPPATCH of mtime work like it did in OC <=
8.0.
The PROPPATCH must be done on the "lastmodified" property.
The "getlastmodified" now return 403 again.
2015-10-13 12:51:21 +02:00
Thomas Müller
3891cd9068 Merge pull request #19677 from owncloud/silently-fail-app-upgrade-exceptions-master
Silently fail app upgrade exceptions
2015-10-13 11:04:02 +02:00
Roeland Jago Douma
06aaa059d1 Squash collection shares
If folder1 is shared to user2 and user3. And folder1/folder2 is shared
to user4 and user5 then getting all the users with access to
folder1/folder2 should only list user2 and user 3 once.

Previously this was done twice since we request the info two times.

This fix makes sure that we only append unique results to the array.

* Added test
2015-10-13 10:05:49 +02:00
Roeland Jago Douma
585e9cb0e9 Return path instead of itemsource
Fixes #19678

Errors should contain paths and not internal ids
2015-10-13 09:00:33 +02:00
Lukas Reschke
e03f0542e4 Strip directory from scriptName
`\OCP\IRequest::getScriptName` will also return the directory, so if ownCloud is installed in a subfolder such as `owncloud/` it will resolve to `/owncloud/ocs/v2.php`. This made this check fail and also made it return invalid status codes.
2015-10-12 23:39:16 +02:00
Bjoern Schiessle
8185eaa6dd also detect files in a .part folder as part file 2015-10-12 13:59:16 +02:00
Thomas Müller
0036c637fc Merge pull request #19657 from owncloud/setup-transport
Setup sendmail transport
2015-10-12 13:44:26 +02:00
Thomas Müller
4cb5970947 Always pass in ILogger 2015-10-09 14:08:22 +02:00
Thomas Müller
bd21e5925c Clean code 2015-10-09 13:46:59 +02:00
Thomas Müller
38143d670b Catch exceptions during app upgrade - fixes #16240 2015-10-09 13:44:30 +02:00
Robin Appelman
a42dd117e2 Merge pull request #19654 from owncloud/db-locking-no-scan-transaction
Dont use a transaction in the scanner while using db based locking
2015-10-09 12:38:54 +02:00
Morris Jobke
bf579a153f fix IE8 user agent detection 2015-10-09 11:19:06 +02:00
Thomas Müller
020bb33150 Merge pull request #19034 from owncloud/http-request-warning
Prevent warning decoding content
2015-10-08 21:51:47 +02:00
Thomas Müller
3130438fcc Merge pull request #19651 from owncloud/recursive_mkdir_for_objectstores
make mkdir recursive, add phpdoc to api
2015-10-08 21:28:53 +02:00
Lukas Reschke
18394205c2 Setup sendmail transport
Replaces https://github.com/owncloud/core/pull/19047 and fixes https://github.com/owncloud/enterprise/issues/854  and https://github.com/owncloud/core/issues/19110
2015-10-08 16:48:18 +02:00
Thomas Müller
1227786930 Merge pull request #19650 from owncloud/disable-appstore-for-ee
Disable app store for EE by default
2015-10-08 16:00:41 +02:00
Robin Appelman
7ff5a6ccf4 Dont use a transaction in the scanner while using db based locking 2015-10-08 15:29:04 +02:00