wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
46331 commits 157 branches 562 tags 714 MiB
Commit graph

16105 commits

Author SHA1 Message Date
Morris Jobke
0acae1d4aa
Merge pull request #11719 from nextcloud/techdebt/noid/allow-to-mock-new-datetime 
Allow to inject/mock `new \DateTime()` similar to time()
 2018-10-10 14:54:15 +02:00
Christoph Wurst
67c3730fbb
Add admin interface to enforce 2FA 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-10 14:34:52 +02:00
Roeland Jago Douma
d5bf2c4523
Move normalizePath to regexes instead of looping 
This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.

The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-10 13:23:59 +02:00
Nextcloud bot
7c26bbbd82
[tx-robot] updated from transifex 2018-10-10 00:13:11 +00:00
Roeland Jago Douma
a9f4817b65
Merge pull request #11622 from nextcloud/feature/11617 
Add function to generate urls for OCS routes
 2018-10-09 20:50:37 +02:00
Bjoern Schiessle
9e76d4049a
adjust tests 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-09 18:31:33 +02:00
Bjoern Schiessle
3fa13e791e
always query the lookup server in a global scale setup and have a nicer label 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-09 17:47:29 +02:00
Roeland Jago Douma
c97b4274cc
Add function to generate urls for OCS routes 
fixes #11617

The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-09 15:41:50 +02:00
Joas Schilling
840dd4b39c
Allow to inject/mock new \DateTime() similar to time() 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-10-09 15:38:31 +02:00
Roeland Jago Douma
7370fb37bb
fixup! Add backgroundjobs to OCP 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-09 15:10:38 +02:00
Joas Schilling
ea21aa3f7a
Use numeric placeholders if there are multiple, so that RTL languages can operate better 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-10-09 14:32:14 +02:00
Roeland Jago Douma
2dbbc37852
Bump autolaoders 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-09 12:51:08 +02:00
Roeland Jago Douma
ba95495857
Add backgroundjobs to OCP 
This adds abstract classes to base background jobs on.
Right now almost all uses of this use the private namespace.

For most usages it will be enough to just extend the the abstract
classes QueuedJob or TimedJob.

It should be a straight forward drop in replacement.

The private jobs can then be killed off after a few releases. So we have
a nice public API.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-09 12:36:43 +02:00
Morris Jobke
ea411ccec4
Merge pull request #11677 from nextcloud/feature/appdata_previews 
Allow the creationg of previews of files stored in appdata
 2018-10-09 11:47:14 +02:00
Morris Jobke
8e1c26b509
Merge pull request #11686 from nextcloud/deprecation/noid/ocp_util_recursiveArraySearch 
Deprecate unused OCP\Util::recursiveArraySearch
 2018-10-09 09:43:11 +02:00
Roeland Jago Douma
ade61d8b43
Allow the creationg of previews of files stored in appdata 
To allow us to create previews of files stored in appdata we need to
construct the view differently.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-08 19:37:45 +02:00
Morris Jobke
c4b1e1277b
Deprecate unused OCP\Util::recursiveArraySearch 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-10-08 18:33:09 +02:00
Morris Jobke
db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-10-08 18:29:52 +02:00
Morris Jobke
fe2a600823
Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation 
adjust Calendar resource / room interfaces to use class implementation
 2018-10-08 17:00:50 +02:00
Morris Jobke
bae3ba3b25
Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section 
Rename admin security section
 2018-10-08 13:57:38 +02:00
Christoph Wurst
f29189f200
Rename admin security settings template 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-08 10:45:28 +02:00
Morris Jobke
7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors 
Switches the default logo color depending on the primary color
 2018-10-08 10:33:22 +02:00
Christoph Wurst
5d2fdfe0b5
Rename admin security section 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-08 10:31:51 +02:00
Georg Ehrke
970242b6ca
RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server 
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
 2018-10-08 01:50:17 +02:00
Georg Ehrke
1c6f666bbf
adjust Calendar resource / room interfaces to use class implementation 
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
 2018-10-08 01:25:20 +02:00
Roeland Jago Douma
60a34179c9
Remove deprecated publishActivity function 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-05 12:55:45 +02:00
Morris Jobke
e0ed64366c
Merge pull request #11613 from nextcloud/add-missing-throw-statement 
add missing throw statement to doc block
 2018-10-04 16:28:08 +02:00
Bjoern Schiessle
1d4a80f37d
add missing throw statement to doc block 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-10-04 15:23:07 +02:00
Roeland Jago Douma
0630360835
Merge pull request #11604 from nextcloud/remove-unused-code 
Remove unused code in legacy classes
 2018-10-04 08:07:32 +02:00
Morris Jobke
ac330077d8
Merge pull request #11576 from nextcloud/feature/endpoint_for_clients_to_fetch_apppassword 
Allow clients to request an apppassword if they still use the real password
 2018-10-03 22:26:26 +02:00
Morris Jobke
cdb3ffb293
Remove unused code in legacy classes 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-10-03 22:07:51 +02:00
Roeland Jago Douma
78273cb1e6
Add an endppoint for clients to request an app password 
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-03 19:05:20 +02:00
Nextcloud bot
67d04f2d57
[tx-robot] updated from transifex 2018-10-03 16:58:45 +00:00
Morris Jobke
213d43f043
Merge pull request #11568 from nextcloud/fix/11097/just_update_password_hash 
Just update password hash without validating
 2018-10-03 12:08:49 +02:00
Roeland Jago Douma
f9e201adfe
Merge pull request #11409 from nextcloud/feature/consolidated-2fa-settings 
Consolidate personal two-factor provider settings
 2018-10-03 09:56:21 +02:00
Roeland Jago Douma
0c9a3de68f
Just update password hash without validating 
Fixes #11097

If your password hash changed (becuse your are on 7.2 and we moved to
ARGON2). Then we shold not 'set a new password' but just update the
hash. As else we invoke the password policy again which might lock out
users.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-03 00:37:20 +02:00
Christoph Wurst
daa897100e Update autoloader class map 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-02 23:41:33 +02:00
Morris Jobke
8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work 
Allow overwrite.cli.url without trailing slash
 2018-10-02 23:39:30 +02:00
Morris Jobke
e45248c17a
Merge pull request #10967 from nextcloud/zipresponse 
Add zip response
 2018-10-02 23:34:30 +02:00
Christoph Wurst
79a0ee4f4a
Consolidate personal two-factor provider settings 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-02 22:56:33 +02:00
Morris Jobke
bcbffdb644
Add PHPDoc 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-10-02 22:35:31 +02:00
Daniel Kesselberg
a4eb3ee508
Validate email in occ command 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Daniel Kesselberg
13877c2d20
Use setUserValue instead setEMailAddress because latter omits an changeUser events. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Daniel Kesselberg
6c805ec9ba
Add --admin-email to cli installer 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-10-02 22:24:30 +02:00
Morris Jobke
6b730b4c47
Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3 
Apptoken v3: imrpove token handling on external password change
 2018-10-02 21:45:10 +02:00
Morris Jobke
19d552e00b
Merge pull request #11336 from nextcloud/bugfix/3342/database-name-prefix-sqlite 
Allow --database-name and --database-table-prefix for sqlite from occ
 2018-10-02 21:44:03 +02:00
Roeland Jago Douma
19f84f7b54
Add tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:54 +02:00
Roeland Jago Douma
d9febae5b2
Update all the publickey tokens if needed on web login 
* On weblogin check if we have invalid public key tokens
* If so update them all with the new token

This ensures that your marked as invalid tokens work again if you once
login on the web.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:54 +02:00
Roeland Jago Douma
00e99af586
Mark token as invalid if the password doesn't match 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:44 +02:00
Roeland Jago Douma
efef053960
Add column to DB to store expired passwords 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:44 +02:00
Roland Tapken
d17856a1e9
Make logfile's mode configurable. 
The file logger currently resets the mode of the logfile to 0640.

When the webserver is running as a different user than the cron job
(but both are in the same group) the files mode has to be 0660. The
current implementation breaks logging for the user that is not the
owner of the logfile.

This patch introduces a new config option 'logfilemode' that expects
an octal value (defaults to 0640). Unless the value is lower or equal
than 0 the logfiles mode will be resetted to this value.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
 2018-10-02 18:27:06 +02:00
Christoph Wurst
d01905200a
Merge pull request #11433 from nextcloud/feature/all_lax_cookies2 
Make authenticated cookies lax
 2018-10-02 10:28:05 +02:00
Michael Weimann
d855c38e07
Moves the logo files to logo 
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
 2018-10-02 08:37:54 +02:00
Roeland Jago Douma
7d9052d4b9
fixup! Add fix response 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 08:17:27 +02:00
Roeland Jago Douma
a891f42a5d
fixup! Add fix response 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 08:16:28 +02:00
Roeland Jago Douma
dc6ff14ca0
fixup! Add fix response 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 08:14:18 +02:00
Jakob Sack
a9fa220e68
Add fix response 
implements #7589
 2018-10-02 08:13:39 +02:00
Christoph Wurst
3f594fc1b7
Document possibly thrown excption of QBMapper::insertOrUpdate 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-02 08:09:28 +02:00
Christoph Wurst
40fdff5b80
Add QBMapper::insertOrUpdate() 
This allows elegant upserts where the entity ID is provided (e.g. by an
external system) and when that data is fed into our database multiple
times.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-02 08:09:27 +02:00
Nextcloud bot
77c6e41063
[tx-robot] updated from transifex 2018-10-02 00:12:55 +00:00
Christoph Wurst
45cf2eef56 Let 2FA providers provide their custom icons (dark/light) 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-01 21:02:49 +02:00
Roeland Jago Douma
a95154642d
Emit event on enablign or disabling of 2FA provider 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-01 15:35:24 +02:00
Morris Jobke
1034efd640
Merge pull request #11461 from nextcloud/feature/noid/drop-find-and-pass-additional-paths 
Dont use find to lookup binaries
 2018-10-01 11:47:07 +02:00
Christoph Wurst
259c0ce11d
Add mandatory 2FA service/class 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-30 11:47:29 +02:00
Daniel Kesselberg
d4dec43f8f
Dont use find to lookup binaries 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-29 20:25:19 +02:00
Daniel Kesselberg
c275beeceb
Allow url without / for overwrite.cli.url 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-28 22:32:19 +02:00
Roeland Jago Douma
9a7265babf
Make authenticated cookies lax 
This protects our cookies a bit more. It makes sure that when a 3rdparty
websites embededs a public alendar for example. That all the users see
this in anonymous mode there.

It adds a small helper function.

In the future we can think about protecting other cookies like this as
well. But for now this is sufficient to not have the user logged in at
all when doing 3rdparty requests.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-09-28 16:44:37 +02:00
Nextcloud bot
db50e11edf
[tx-robot] updated from transifex 2018-09-28 11:14:08 +00:00
Roeland Jago Douma
c9e93b8084
Compile contactmenu handlebars templates 
Fixes #11029
For https://github.com/orgs/nextcloud/projects/18

Ship the compiled handlebars templates. This makes it possible to have a
scricter CSP.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-09-27 20:33:58 +02:00
Christoph Wurst
f71ffc73db
Remove unused constructor argument 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-27 09:44:21 +02:00
Christoph Wurst
0259792614
Reduce settings manager complexity by loading sections via DI 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-27 09:44:21 +02:00
Nextcloud bot
2ace0df82a
[tx-robot] updated from transifex 2018-09-27 00:12:26 +00:00
blizzz
ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot 
Extract logic for webroot into method and add test
 2018-09-26 15:22:30 +02:00
Nextcloud bot
2f45045c96
[tx-robot] updated from transifex 2018-09-26 00:12:23 +00:00
Morris Jobke
ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php 
Consider openssl settings from config.php
 2018-09-25 18:04:20 +02:00
Roeland Jago Douma
b8418b502d
Merge pull request #11316 from nextcloud/container-queryexception-only 
only catch QueryException when trying to build class
 2018-09-25 16:21:55 +02:00
Christoph Wurst
7586b19e52
Only allow 2FA state changs if providers support the operation 
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-25 09:54:20 +02:00
Roeland Jago Douma
92fa373314
Merge pull request #11297 from nextcloud/bugfix/noid/this-database-dude 
Copy the expiration from 480864b3e3 to …
 2018-09-25 09:04:44 +02:00
Nextcloud bot
bdb01064e2
[tx-robot] updated from transifex 2018-09-25 00:12:07 +00:00
blizzz
67da97c362
Merge pull request #11222 from nextcloud/gs-and-saml 
make the server ready to use global scale with SAML as auth back-end
 2018-09-24 12:00:13 +02:00
Nextcloud bot
895bccd246
[tx-robot] updated from transifex 2018-09-24 00:12:14 +00:00
Daniel Kesselberg
9d7e51fd56
Use empty instead ?? because dbname is '' sometimes 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-23 18:25:48 +02:00
Daniel Kesselberg
0ee191bf44
Use const for dbname and dbtableprefix defaults 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-23 18:15:57 +02:00
Daniel Kesselberg
a5f0cc6539
--database-name or --database-table-prefix are ignored for sqlite 
The default implementation of initialize in AbstractDatabase writes
database information to config.php. The method is overwritten in
Sqlite but parent is never called. Database-Name and Database-Table-Prefix
are never written to config.php. But from this point setup use values
from config.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-23 15:52:28 +02:00
Nextcloud bot
cce9f25d86
[tx-robot] updated from transifex 2018-09-23 00:12:30 +00:00
Nextcloud bot
bd89af478e
[tx-robot] updated from transifex 2018-09-22 00:12:06 +00:00
Robin Appelman
dccbdc8c01
only catch QueryException when trying to build class 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2018-09-21 18:32:15 +02:00
Nextcloud bot
0211e17e3f
[tx-robot] updated from transifex 2018-09-21 00:12:08 +00:00
Joas Schilling
f258e65f13
Also adjust the expiration of PublicKeyTokenProvider 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-09-20 09:54:27 +02:00
blizzz
30dbbfbd45
Merge pull request #11292 from nextcloud/revert/9442/do-not-apcu-cache-the-autoloader 
Revert "Use APCu caching of composer"
 2018-09-19 19:39:00 +02:00
Joas Schilling
5e6187926f
Copy the expiration from 480864b3e3 to getTokenById 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-09-19 17:55:48 +02:00
Joas Schilling
b026b5deb0
Merge pull request #11134 from nextcloud/locale-template-fix 
Use user locale as default in the template
 2018-09-19 16:06:35 +02:00
John Molakvoæ (skjnldsv)
1e9ab0a367
Fix since tag 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2018-09-19 16:02:09 +02:00
Joas Schilling
40d185e928
Revert "Use APCu caching of composer" 
This reverts commit 948ab8a4d0.

For details why see https://github.com/nextcloud/server/issues/11290
 2018-09-19 15:47:01 +02:00
John Molakvoæ (skjnldsv)
3095ec4125 Fix icons cacher regex for compressed output 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2018-09-19 13:06:04 +02:00
Nextcloud bot
2a51572cc4
[tx-robot] updated from transifex 2018-09-17 00:12:30 +00:00
Daniel Kesselberg
90a9a1ecc6
Consider openssl settings from config.php 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-16 11:51:15 +02:00
Nextcloud bot
40bb45225a
[tx-robot] updated from transifex 2018-09-16 00:12:29 +00:00
Nextcloud bot
3771aeb584
[tx-robot] updated from transifex 2018-09-15 00:12:09 +00:00
Bjoern Schiessle
bb86a8ca36
add back-end as parameter to the pre-login hook 
This is needed for the Global Scale setup to allow the master
node to perform different operations during login, depending
on the user management. Because in case of SAML, the authentication
at the idp happens at the master node.

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2018-09-14 17:23:06 +02:00