Commit graph

744 commits

Author SHA1 Message Date
Morris Jobke
8e6d86a862 Merge pull request #5304 from nextcloud/bugfix/2855/dont_send_invitations_for_past_events
don't send invitation emails for past events
2017-09-06 22:48:46 +02:00
Morris Jobke
1724fed8c5 Merge pull request #5415 from nextcloud/search-cache-node
cache nodes from search results
2017-09-06 10:16:01 +02:00
Georg Ehrke
a1df91da9d
Sabre/VObject returns DateTimeImmutable, not a simple DateTime
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Georg Ehrke
86f28669fc
don't send invitation emails for past events
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Roeland Jago Douma
f0158e42e9 Merge pull request #6309 from nextcloud/new-dav-event
add a new dav event to allow apps to register their own sabredav plugins
2017-09-04 12:12:46 +02:00
nhirokinet
baba99a7e6 not to backquote LIMIT on CalDavBackend.php 2017-09-03 23:51:49 +09:00
Bjoern Schiessle
f8cc8e1c9e
add a new dav event to allow apps to register their own sabredav plugins
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-30 14:05:18 +02:00
Bjoern Schiessle
e83e1c7c23
add propfind to detect encryption status
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-28 14:02:25 +02:00
Robin Appelman
37e8b698f7 cache nodes from search results
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 10:18:19 +02:00
Morris Jobke
fc12bd0be6 Do not log WebDAV maintenance mode exception
Log the maintenance mode exception only in debug level. Fixes #6124

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 15:03:39 +02:00
Joas Schilling
231bb47ae6 Fix file size comparison
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Joas Schilling
89238164e1 Fix comparisons in the dav app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:55:07 +02:00
Roeland Jago Douma
61a6adff14
Fix sabre test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma
fc369dd86e
[DAV] Fix URLUtil::splitPath usage
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma
f57a3aa81b
[DAV][CalDAV] Fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:16 +02:00
Lukas Reschke
e1f52fc901
Stricter phan config fixes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
Robin Appelman
89b747d066
refactor chunked assembly stream
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 12:49:39 +02:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Joas Schilling
984933e586
Only use readable chars in Share Tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-18 15:44:34 +02:00
Morris Jobke
b4deba2078 Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails
Use PNGs for icons in activity emails
2017-07-07 11:05:00 +02:00
Joas Schilling
b27819785e
Don't log passwords on dav exceptions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-29 17:20:10 +02:00
Morris Jobke
eb9aedf44b Enhance the logging if the part file can not be renamed
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-22 17:50:14 -05:00
Joas Schilling
90fa27694a
Use PNG version of the icons for shipped activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Joas Schilling
698a7cb7f0 Merge pull request #5124 from nextcloud/allow-dirlisting-with-unreadable-items
Allow dir-listing also when one child is blocked by access control
2017-06-16 10:47:08 +02:00
Morris Jobke
ca3c69c8ae Merge pull request #5298 from nextcloud/bugfix/4885/calendar_shares_url_special_char_issue
urldecode group principals in Cal- and CardDAV backend
2017-06-14 23:10:40 -05:00
Morris Jobke
ac565cecad Merge pull request #5300 from nextcloud/bugfix/noid/fix_proppatch_requests_to_groupshares
allow users to send PropPatch request when calendar is group-shared with them
2017-06-14 23:00:39 -05:00
Morris Jobke
f38f2baa5a Merge pull request #5295 from nextcloud/bugfix/5077/allow_proppatches_to_birthday_calendar
allow PropPatch requests to contact_birthdays
2017-06-13 18:11:13 -05:00
Lukas Reschke
633396001f
Prevent sending second WWW-Authenticate header
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.

Fixes https://github.com/nextcloud/server/issues/5088

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Georg Ehrke
35781ae45c
urldecode group principals in Cal- and CardDAV backend
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-12 21:01:30 +02:00
Georg Ehrke
0f1d47cdf3
allow users to send PropPatch request when calendar is group-shared with them
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 09:21:56 +02:00
Georg Ehrke
9563c25c69
allow PropPatch requests to contact_birthdays
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-06-08 08:00:52 +02:00
Joas Schilling
d0c614a322
Allow dir-listing also when one child is blocked by access control
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-26 15:54:39 +02:00
Georg Ehrke
4b5379309e
fix replacing of 4MB Unicode Chars in cal props table
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-21 13:26:46 +02:00
Lukas Reschke
639ba526d0
Adjust realm from SabreDAV to Nextcloud
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:38:55 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
df3909a7c3
Use Bearer backend for SabreDAV
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Roeland Jago Douma
cef2110263
Revert "fix objectstore rename"
This reverts commit 5334a3dc33.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-15 13:59:18 +02:00
Morris Jobke
b2c96d0c23 Stop if user folder is not available
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-09 11:26:08 -05:00
Morris Jobke
2d707fdfb5 Merge pull request #4621 from nextcloud/fix_readonly_shared_calendar_proppatch
fix PROPPATCH requests to read-only shared calendars
2017-05-08 12:42:30 -05:00
Morris Jobke
df6ce6b385 Merge pull request #4675 from nextcloud/fix_4651
Create a photo cache to speedup the contactsmenu
2017-05-08 12:20:27 -05:00
Robin Appelman
9d8936c5bf
fix error when browsing the dav root
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-08 14:34:36 +02:00
Roeland Jago Douma
dea6edb066
Fix init
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 12:40:00 +02:00
Georg Ehrke
255442f281
fix PROPPATCH requests to read-only shared calendars
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-05-08 12:09:15 +02:00
Roeland Jago Douma
92408390b0
Fix ImageExportPluginTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:49 +02:00
Roeland Jago Douma
747990b03a
No more XSS
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:49 +02:00
Roeland Jago Douma
3ab53d000f
Clear cache on vcard change/delete
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:49 +02:00
Roeland Jago Douma
34d97aa51c
Request proper size for contacts menu
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:49 +02:00
Roeland Jago Douma
dd430c2fd7
Cache the carddav photo endpoint
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:49 +02:00
Roeland Jago Douma
303c0dd6a8
Always dispatch Carddav events
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-08 11:20:47 +02:00