Commit graph

200 commits

Author SHA1 Message Date
Lukas Reschke
ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Bjoern Schiessle
dc53788711
remove unused parameter 2016-07-14 16:39:48 +02:00
Lukas Reschke
7a9d60d87e
Merge remote-tracking branch 'upstream/master' into master-upstream-sync 2016-06-26 12:55:05 +02:00
Georg Ehrke
1452b74de7 Contacts API: replace raw image data with url (#25081)
* add uri to AddressBookImpl array

* Introduce ImageExportPlugin for CardDav

* add plugin to v1 routes

* replace binary contact photo with link

* update tests

* Adding unit tests
2016-06-21 15:25:44 +02:00
Lukas Reschke
2b493e2f9d
Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-06-21 11:18:22 +02:00
Thomas Müller
0b7685d326 Move birthday calendar generation to a live migration job (#25135) 2016-06-16 16:14:28 +02:00
Arthur Schiwon
42c66efea5
Merge branch 'master' of https://github.com/owncloud/core into downstream-160611 2016-06-11 15:34:43 +02:00
Vincent Petry
57b999fde7 Merge pull request #24990 from owncloud/fix_24868
Wrap publicwebdav in sharePermission mask
2016-06-10 14:33:06 +02:00
Bjoern Schiessle
66d853680c
block webdav access if share is not readable 2016-06-09 15:15:17 +02:00
Thomas Müller
369c3b5d7e
Implement classification migration as repair step 2016-06-09 11:09:14 +02:00
Thomas Müller
287e41732c
Bump dav app version and fix variable rename 2016-06-09 11:09:14 +02:00
Thomas Müller
f013cfc530
Add migration step 2016-06-09 11:09:13 +02:00
Thomas Müller
fbdec59f22
Extract CLASS property from calendar object and store it in the database 2016-06-09 11:09:13 +02:00
Roeland Jago Douma
1b5368bbaf
Wrap publicwebdav in sharePermission mask
Fixes #24868

The writable mask was a bit misleading. We should wrap with the
sharepermissions (as they are used everywhere else). The
PERMISSIONS_SHARE are added since that is required for the public link
check plugin.
2016-06-06 14:39:02 +02:00
Christoph Wurst
da03a85c3c
block DAV if 2FA challenge needs to be solved first 2016-06-01 10:42:38 +02:00
Lukas Reschke
aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Joas Schilling
dd9ee10bc0 Move dav app to PSR-4 (#24527)
* Move Application to correct namespace and PSR-4 it

* Move dav app to PSR-4
2016-05-12 09:42:40 +02:00
Thomas Müller
cc1d948c2e
Add background job declaration of dav app to info.xml 2016-05-03 08:58:12 +02:00
Thomas Müller
dda942a917
firstoccurence and lastoccurence have a length now - triggering BIGINT on postgres - refs #24221 2016-04-29 14:57:19 +02:00
Björn Schießle
e10105474f
move federated sharing settings to the federatedfilesharing app 2016-04-22 14:55:40 +02:00
Thomas Müller
85d809c0d3 Merge pull request #23268 from owncloud/range-requests-should-not-block-the-session
Close session for publicwebdav
2016-04-18 09:23:39 +02:00
Thomas Müller
439de52534
Remove dav migration for 9.1 2016-04-13 15:53:57 +02:00
Thomas Müller
6f3eeeeb36 Merge pull request #23510 from owncloud/birthdays-on-shared-addressbooks
Propagate birthdays of shared addressbooks to the sharee's birthday c…
2016-04-08 15:19:38 +02:00
Roeland Jago Douma
375f6fcab1
Move public webdav auth over to share manager
The public webdav auth should use the shiny new share manager.
2016-04-08 14:17:13 +02:00
Thomas Müller
7bdde98617 All webdav endpoints within remote.php are now hardcoded - helps to prevent migration issues like #23610 - furthermore there is no need to dynamically lookup all the endpoints we already know 2016-04-05 09:59:43 +02:00
Vincent Petry
262547ba3d Return 401 DummyBasicAuth in case of ajax call 2016-03-31 19:31:31 +02:00
Thomas Müller
395c3d852d Merge pull request #23508 from owncloud/text-columns-should-have-length
Text columns should really have a length 🙈
2016-03-30 23:46:26 +02:00
Thomas Müller
06e8c70400 Fix acls for calendar objects and cards - fixes #23273 2016-03-24 09:53:36 +01:00
Thomas Müller
c8d6a9594a Propagate birthday to group shares as well 2016-03-23 14:12:50 +01:00
Thomas Müller
e979b9c735 Propagate birthdays of shared addressbooks to the sharee's birthday calendar as well 2016-03-23 12:29:45 +01:00
Thomas Müller
1da18a8ceb Text columns should really have a length 🙈 2016-03-23 12:03:54 +01:00
Thomas Müller
765c64c73e fixes #23496 2016-03-23 11:37:00 +01:00
Thomas Müller
492a1ded1c Merge pull request #23083 from owncloud/generate-birthdays-on-upgrade
Birthday events are generated on upgrade
2016-03-21 17:48:02 +01:00
Thomas Müller
7d638fdb34 In debugging mode we enable Sabre's browser plugin since it helps a lot when debugging 2016-03-17 16:51:19 +01:00
Lukas Reschke
7183854509 Close session for publicwebdav
We need to close the session otherwise streaming will lead to a blocked ownCloud.
2016-03-15 16:08:55 +01:00
Thomas Müller
5fc859f7ea Generate birthdays on upgrade from 8.2 as well 2016-03-10 14:17:21 +01:00
Thomas Müller
b021c8c475 Birthday events are generated on upgrade 2016-03-10 13:04:50 +01:00
Thomas Müller
deca1979aa Calendar and addressbook migration commands are always available 2016-03-07 15:04:19 +01:00
Thomas Müller
3b25ccef65 Handle addressbook migration issue by writing the faulty event to the log and continue 2016-03-07 15:04:19 +01:00
Thomas Müller
d32b35fc7f Handle calendar migration issue by writing the faulty event to the log and continue 2016-03-07 15:04:19 +01:00
Lukas Reschke
b302ec8381 Use CLOB for timezone
TEXT defaults to a length of 255 which is going to fail in some cases as the timezone can be rather long.

This changes it back to a CLOB as it has been before as well: 8d8bb68b01. I'm not super convinced that CLOB is the best choice here but at least it seems to work.

Fixes https://github.com/owncloud/core/issues/22876
2016-03-04 21:59:08 +01:00
Joas Schilling
8885cb1eb9 Increase all versions on master which is now 9.1 2016-03-02 08:53:42 +01:00
Lukas Reschke
933f60e314 Update author information
Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
2016-03-01 17:25:15 +01:00
Thomas Müller
a66899c528 Handle null case 2016-03-01 10:41:05 +01:00
Bjoern Schiessle
87e47afed8 remove synced remote address book if the remote server revoked access to his system address book 2016-02-29 16:50:34 +01:00
Bjoern Schiessle
7189c72c33 remove remote address book if the admin removes the server from the trusted servers list 2016-02-29 16:50:33 +01:00
Joas Schilling
b216be8cca Add correct principals for the current user before ACL check 2016-02-19 12:35:33 +01:00
Thomas Müller
ffc2950393 Merge pull request #22198 from owncloud/birthday-calendar
Sync a users contacts birthday to the users birthday calendar
2016-02-19 12:33:19 +01:00
Thomas Müller
d8de7d1e73 Adding cli command to sync birthday calendar 2016-02-18 14:49:45 +01:00
Thomas Müller
c9187cc820 Sync a users contacts birthday to the users birthday calendar 2016-02-18 11:48:34 +01:00
Lukas Reschke
9b3c4e8dc4 Require CSRF token for non WebDAV authenticated requests 2016-02-18 11:18:36 +01:00
Thomas Müller
722809c2bd On login we create a default calendar and a default addressbook for the user - fixes #22360 2016-02-15 14:41:54 +01:00
C. Montero Luque
f64dbc67c6 Merge pull request #20928 from owncloud/publicdav-check-permissions
Check that the owner of a link share still has share permissions on access
2016-02-09 22:01:08 +01:00
Robin Appelman
fd9166488b Check that the owner of a link share still has share permissions on access 2016-02-09 15:02:34 +01:00
Thomas Müller
bf3a843e89 Migration of calendars 2016-02-09 11:20:31 +01:00
Thomas Müller
6a550d44e9 Fix path 2016-02-08 10:52:30 +01:00
Thomas Müller
0c9a469f74 Adding pre oc 9.0 CalDAV endpoint for migration of old clients 2016-02-08 10:52:30 +01:00
Thomas Müller
cca2ade199 Adding pre oc 9.0 CardDAV endpoint for migration of old clients 2016-02-08 10:52:30 +01:00
Thomas Müller
9106595608 Add calendar sharing 2016-02-03 17:18:22 +01:00
Joas Schilling
d79b0886d0 Remove deprecated and unused standalone tag 2016-02-03 12:56:42 +01:00
Thomas Müller
b2976eb72c Unit testing migration logic 2016-01-27 12:10:06 +01:00
Thomas Müller
07a5c26583 Add app to migrate contacts and calendars
Add group sharing migration

Migrate all users
2016-01-27 12:10:06 +01:00
Thomas Müller
c264f9362d Merge pull request #21856 from owncloud/sync-federated-cloud-users-in-cron
Sync federated clouds using a cron job
2016-01-27 10:11:01 +01:00
Thomas Müller
7b678a8c17 Reassemble behavior on shared address books with respect to uri and displayname 2016-01-26 15:07:50 +01:00
Thomas Müller
2d7528bc64 Adding unit tests 2016-01-25 11:39:57 +01:00
Thomas Müller
33171f5c78 Merge pull request #21785 from owncloud/cron-sync-system-addressbook
Add daily cron job to sync system address book
2016-01-20 07:29:10 +01:00
Thomas Müller
177387b13c Install cron job on install and update 2016-01-19 12:36:23 +01:00
Thomas Müller
54cbfcbaa1 Add daily cron job to sync system address book 2016-01-18 22:51:23 +01:00
Thomas Müller
3f041a5b4b Adjust ctor call 2016-01-18 22:15:17 +01:00
Thomas Müller
1448215055 Call ctors properly 2016-01-18 22:14:51 +01:00
Thomas Müller
01a6656c37 Fix ctor 2016-01-14 14:46:51 +01:00
Thomas Müller
a91954907b Start updating system addressbook 2016-01-14 12:10:45 +01:00
Joas Schilling
3bdcfef395 Remove the listener plugin 2016-01-13 10:33:08 +01:00
Thomas Müller
c5a200c419 Merge pull request #21653 from owncloud/update-license-headers-2016
Update license headers 2016
2016-01-13 08:29:42 +01:00
Thomas Müller
682821c71e Happy new year! 2016-01-12 15:02:18 +01:00
Thomas Müller
bf1a2f28c2 Reuse backend as provided by the app container 2016-01-12 14:27:50 +01:00
Thomas Müller
23a8c93fd2 Fix ctor call 2016-01-12 14:24:47 +01:00
Thomas Müller
06dac9726e Address comments 2016-01-12 14:24:47 +01:00
Thomas Müller
90d9834c8c Decouple federation and dav app 2016-01-12 14:24:47 +01:00
Thomas Müller
6f526e638c Unit test contact provider registration 2016-01-11 14:36:20 +01:00
Robin Appelman
56c3686ad6 fix principal constructor for dav 2016-01-11 13:36:26 +01:00
Joas Schilling
ae285c0654 Remove deprecated shipped flag from info.xml which has no use anymore 2016-01-07 15:15:58 +01:00
Joas Schilling
40f786060e Add ownCloud min and max version for shipped apps 2016-01-07 15:11:49 +01:00
Björn Schießle
cd55a19034 implement delete, create, update, search, get permissions 2015-12-15 14:52:27 +01:00
Thomas Müller
32525fa977 save wip 2015-12-11 17:39:27 +01:00
Thomas Müller
c91192fb73 Adding system addressbook for users of this instance - a occ command is supplied for synchronizing 2015-12-02 09:08:27 +01:00
Thomas Müller
b02dea29e6 CardDavBackEnd requires principalBackend on ctor 2015-11-25 21:14:16 +01:00
Thomas Müller
4eb15885c9 Addressbook sharing added based on a simplified approach which is based on calendar sharing standard 2015-11-19 11:34:31 +01:00
Thomas Müller
d8b73fde1a Merge pull request #20371 from owncloud/add-caldav-2
Introducing CalDAV into core
2015-11-18 16:32:19 +01:00
Thomas Müller
fc296aad5d Add occ command to create a new calendar 2015-11-16 16:29:01 +01:00
Thomas Müller
2b13c5db0f Introducing CalDAV into core 2015-11-16 13:24:50 +01:00
Lukas Reschke
a3fc40921b Add fake locker plugin for WebDAVFS
WebDAVFS as used by Finder requires a Class 2 compatible WebDAV server. This change introduces a fake locking provider which will simply advertise Locking support when a request originates from WebDAVFS. It will also return successful LOCK and UNLOCK responses.
2015-11-13 23:31:08 +01:00
Thomas Müller
20e37bd38f Adding occ command to create an addressbook 2015-11-06 15:26:51 +01:00
Thomas Müller
d8e965e59a Introducing CardDAV into core 2015-11-06 15:26:51 +01:00
Thomas Müller
c79496b5a3 Introduced the new webdav endpoint remote.php/dav holding the principals and the files collection 2015-10-26 13:00:00 +01:00
Lukas Reschke
cddc9abc06 Add tests for Sabre Auth plugin + make getCurrentUser compatible 2015-10-23 17:30:47 +02:00
Morris Jobke
ee42e9d489 increase core version and add dav version number 2015-10-21 11:36:44 +02:00
Morris Jobke
ff5ed44330 Fix typo and adjust required version 2015-10-16 13:17:12 +02:00
Roeland Jago Douma
ca27024fa2 Fix webdav access
* Correct namespace
* Pass the EventDispatcher to the webDAV server
2015-10-16 13:17:12 +02:00
Thomas Müller
f2889dc6e4 Consolidate webdav code - move all to one app 2015-10-16 13:17:12 +02:00