wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
30534 commits 157 branches 562 tags 714 MiB
Commit graph

12691 commits

Author SHA1 Message Date
Joas Schilling
2263b8b693 Remove the notification if accepting/declining failed because of 404 2016-02-11 10:41:55 +01:00
Jenkins for ownCloud
5165998723 [tx-robot] updated from transifex 2016-02-11 01:55:35 -05:00
Vincent Petry
f79fafcf06 Revert back to non-webdav download link for public URLs 
Fixes issues with browsers not happy with the token.
Fixes activities which were not sent.
 2016-02-10 19:09:52 +01:00
Thomas Müller
6b836325cf Merge pull request #22276 from owncloud/harden-updater-auth 
Harden updater authentication
 2016-02-10 17:31:38 +01:00
Thomas Müller
6ffb83ae19 Merge pull request #22269 from owncloud/issue-22243-avoid-deadlock-with-lots-of-entries-to-cleanup 
Chunk the cleanup queries to make sure they don't time out
 2016-02-10 17:26:11 +01:00
Thomas Müller
10613f7265 Merge pull request #22273 from owncloud/versions-fixpathasrecipient 
Fix versions path as share recipient when different than owner path
 2016-02-10 17:25:14 +01:00
Thomas Müller
c919b41395 Adding a custom webdav property which holds the list of contacts groups 2016-02-10 17:06:13 +01:00
Robin Appelman
edbe5d7b6d handle forbidden exceptions in smb backend 2016-02-10 16:52:13 +01:00
Robin Appelman
bef70e9448 also fix lock order for chunked dav uploads 2016-02-10 16:31:32 +01:00
Lukas Reschke
5680743c2b Harden updater authentication 
- Reset tokens after 2 hours as discussed at https://github.com/owncloud/updater/issues/220#issuecomment-182033453
- Used BCrypt for storing the password in the config.php. This makes it substantially harder in case of a leakage of the token to bruteforce it. In the future we can evaluate also an HMAC including the IP. That's a bit tricker though at the moment considering that we support reverse proxies. Didn't feel brave enough to touch that dragon now as well ;)
 2016-02-10 16:31:11 +01:00
Robin Appelman
65554ec333 scan the file in the write lock when uploading over dav 2016-02-10 16:21:13 +01:00
Joas Schilling
5dc63e34b4 Add translations of unshare activities 2016-02-10 15:42:48 +01:00
Thomas Müller
5c89cf9565 Merge pull request #22267 from owncloud/fix_encryption2 
calculate and update the version of the encryption signature correctly
 2016-02-10 15:14:52 +01:00
Thomas Müller
159a0eb597 Merge pull request #20073 from owncloud/files-should-add-download-disposition 
Serve files with an attachment disposition for new DAV endpoint
 2016-02-10 14:35:50 +01:00
Thomas Müller
c4d2f6bb25 Merge pull request #22270 from owncloud/use-cache-directly 
Use cache directly instead of QueryBuilder
 2016-02-10 14:23:04 +01:00
Thomas Müller
c1d21cf873 Merge pull request #22263 from owncloud/fix-group-principals 
Fix group principal
 2016-02-10 14:22:18 +01:00
Vincent Petry
1b9e291913 Use full path of known file when handling versions 
Instead of relying on the versions API response, use the known file path
when populating version models.
 2016-02-10 13:39:25 +01:00
Vincent Petry
a6f997ddae Remove path from versions response 
The path attribute contains the path relative to the owner's home
folder, not the one from the recipient, which is useless for the client
and needlessly discloses the owner's original path.

The requested already has access to the full path of the file, so no
need to add it to the response.
 2016-02-10 13:38:38 +01:00
Bjoern Schiessle
9dc759b4dc remember signature version and only set it on update to make sure that other 
apps like files_versions still get the old signature version
 2016-02-10 13:27:32 +01:00
Joas Schilling
0ebb205010 Chunk the queries to make sure they don't time out 2016-02-10 13:04:37 +01:00
Lukas Reschke
762636efcd Use cache directly instead of QB 
In case somebody does not use oc_filecache
 2016-02-10 12:30:39 +01:00
Bjoern Schiessle
43ed86313c use the version of the original file if we write the part file to have a proper version if we move the file over to the original location 2016-02-10 11:08:03 +01:00
Thomas Müller
2e94d34dfd Fix group principal 2016-02-10 10:43:32 +01:00
Joas Schilling
fa893762a2 Fix oracle by using less quotes 2016-02-10 08:40:45 +01:00
Joas Schilling
75d552b29e Listen to the notification event to reload the file list 2016-02-10 08:40:45 +01:00
Joas Schilling
65e1e4a202 Mark the accept button as primary 2016-02-10 08:40:45 +01:00
Joas Schilling
c769f5775d Create the actions with the correct ID 2016-02-10 08:40:45 +01:00
Joas Schilling
31cf3b8288 Make sure the share ID is an integer 2016-02-10 08:40:45 +01:00
Joas Schilling
cb8024ca14 Fix action paths 2016-02-10 08:40:45 +01:00
Joas Schilling
49dd693d8f Bring the messages inline 2016-02-10 08:40:45 +01:00
Joas Schilling
a4a7cf40a1 Fix the notification API usage 2016-02-10 08:40:45 +01:00
Joas Schilling
3ff88c8c84 Revert "Disable the remote sharing notifications until they work properly" 
This reverts commit 6bc93c7401.

Conflicts:
	apps/files_sharing/lib/external/manager.php
 2016-02-10 08:40:44 +01:00
Jenkins for ownCloud
9ebcc4ce31 [tx-robot] updated from transifex 2016-02-10 01:56:05 -05:00
Lukas Reschke
ca350294a6 Add tests for setVersion 2016-02-09 23:43:28 +01:00
Vincent Petry
45c78476f5 Use cache update instead of put for encryption version 
Saves a call to fetch the file id which didn't even work for a reason.

This fix properly sets the version in the database.
 2016-02-09 23:43:28 +01:00
Lukas Reschke
6724f76573 Use cache and add tests 2016-02-09 23:43:27 +01:00
Bjoern Schiessle
377d7fb8a8 don't decrease ->version for part files but only a local variable, otherwise it can happen that we decrease it twice and end up with the wrong value 2016-02-09 23:43:27 +01:00
Bjoern Schiessle
966eb4b084 realPath should contain the path to the file we want to read, e.g. the version and not the original file 2016-02-09 23:43:27 +01:00
Lukas Reschke
5ccb9dfa7e Use database for keeping track of the version 2016-02-09 23:43:27 +01:00
Lukas Reschke
3badf5caf5 Use number of chunk for HMAC as well 
Prevents switching single blocks within the encrypted file.
 2016-02-09 23:43:26 +01:00
Lukas Reschke
b5824f024a Keep track of file version 
This way it is not possible anymore for an external storage admin to put up old versions of the file.
 2016-02-09 23:43:26 +01:00
Lukas Reschke
d5c1596887 Clarify documentation 2016-02-09 23:43:26 +01:00
Lukas Reschke
3b62459c41 Use hash with appended "a" of the original password for the authentication 2016-02-09 23:43:26 +01:00
Björn Schießle
9bb97c714b fixing unit tests 2016-02-09 23:43:26 +01:00
Lukas Reschke
b9ff16498b Use random_bytes instead OpenSSL 2016-02-09 23:43:26 +01:00
Björn Schießle
61dd191253 meta data are at the end of the file 2016-02-09 23:43:25 +01:00
Björn Schießle
e7ff84df5c always use default cipher for write operations, no matter how the file was encrypted before 2016-02-09 23:43:25 +01:00
Björn Schießle
cf3a8f274f make it backward compatible to work with signed and un-signed files 2016-02-09 23:43:25 +01:00
Björn Schießle
40a5ba72fc sign all encrypted blocks and check signature on decrypt 2016-02-09 23:43:25 +01:00
Lukas Reschke
db8f267647 Add note about the addPadding function 2016-02-09 23:43:25 +01:00
Lukas Reschke
59ebad0b53 Use an actual 16 byte long IV 
The previous IV was actually 12 byte extended to 16 byte using base64. As the encrypted file should be fine with containing binary data as well we can simply remove the encoding like that here.
 2016-02-09 23:43:24 +01:00
Lukas Reschke
d25b8dacb3 Use AES-256-CTR as default 
CTR is recommended over CFB mode.
 2016-02-09 23:43:24 +01:00
Thomas Müller
4cfb7ca7dd Merge pull request #22255 from owncloud/add-sso-for-updatechecker 
Add SSO for updater application
 2016-02-09 23:37:32 +01:00
Thomas Müller
57ef23dadf Merge pull request #22251 from owncloud/smb-105 
update icewind/smb to 1.0.5
 2016-02-09 23:37:09 +01:00
C. Montero Luque
f64dbc67c6 Merge pull request #20928 from owncloud/publicdav-check-permissions 
Check that the owner of a link share still has share permissions on access
 2016-02-09 22:01:08 +01:00
C. Montero Luque
962d0c3290 Merge pull request #22252 from owncloud/consolidate-user-set-quota 
Consolidate getQuota and setQuota methods in User instance
 2016-02-09 22:00:24 +01:00
Lukas Reschke
b9e3ed1468 Add SSO for updater application 
Allows logging-in into the updater application by visiting the admin panel and pressing "Open updater".
 2016-02-09 20:28:30 +01:00
Arthur Schiwon
d19c47a381 More fixed tests :) 2016-02-09 18:11:30 +01:00
Lukas Reschke
abc675d87e Move update notification code into app 
Moves the update notification code in a single app. This is required since we want to use SSO for the new updater and for this have some code running in ownCloud as well (and we don't want that in core neccessarily). This app can provide that in the future, right now it's only the update notification itself. Will continue working on the SSO right away but wanted to keep the PR small.

Furthermore also makes some more code unit-testable...
 2016-02-09 18:05:51 +01:00
Arthur Schiwon
3a796d1e15 Consolidate getQuota and setQuota methods in User instance 2016-02-09 17:16:43 +01:00
Robin Appelman
3982c8f87a update icewind/smb to 1.0.5 2016-02-09 17:09:30 +01:00
Thomas Müller
2982017682 Merge pull request #22228 from owncloud/comments-limit-message 
Limit comment message to 1k chars
 2016-02-09 16:35:23 +01:00
Thomas Müller
d89ddba3a2 Merge pull request #22241 from owncloud/more-info-in-case-of-trusted-server-add 
Forward exception message to the admin in case of errors and in case …
 2016-02-09 16:11:18 +01:00
Thomas Müller
81d4042af4 Adjust command description 2016-02-09 15:42:41 +01:00
Thomas Müller
10b9bf15f4 Set share owner and share initiator on upate as well 2016-02-09 15:41:06 +01:00
Thomas Müller
cbb7934fb3 Introduce console command to transfer ownerships of files - refs #19154 2016-02-09 15:41:06 +01:00
Thomas Müller
4659bf9b4a Merge pull request #22234 from owncloud/systemtags-filter-intersect-empty 
Fix system tag filter AND condition
 2016-02-09 15:34:06 +01:00
Thomas Müller
1199b539f2 Merge pull request #21773 from owncloud/files_external-list-authtype 
Show the proper auth identifier when listing mounts as json
 2016-02-09 15:33:47 +01:00
Thomas Müller
232bb75329 Merge pull request #21893 from owncloud/migrate-calendars 
Migrate calendars
 2016-02-09 15:14:33 +01:00
Robin Appelman
acd8c72d3d add tests 2016-02-09 15:03:00 +01:00
Roeland Jago Douma
359c62d90e Fix unit tests 2016-02-09 15:03:00 +01:00
Robin Appelman
f9f2800016 check share permissions in share controller 2016-02-09 15:03:00 +01:00
Robin Appelman
fd9166488b Check that the owner of a link share still has share permissions on access 2016-02-09 15:02:34 +01:00
Thomas Müller
bc8632856a Forward exception message to the admin in case of errors and in case the remote server version is to low and appropriate message is displayed as well 2016-02-09 14:41:26 +01:00
Arthur Schiwon
bbc86e0756 on DAV throw Bad Request if provided message is too long 2016-02-09 13:59:13 +01:00
Thomas Müller
a6ade67dfb Merge pull request #22197 from owncloud/files-filterbysystemtags 
Add file list filter to filter by system tags
 2016-02-09 13:31:00 +01:00
Thomas Müller
9639981041 Merge pull request #22202 from owncloud/global-auth-no-user 
handle no user set for personal global auth
 2016-02-09 13:30:41 +01:00
Thomas Müller
6474866aff Merge pull request #22225 from owncloud/sharing-moar-hooks 
More sharing hooks for extended auditing
 2016-02-09 13:30:22 +01:00
Joas Schilling
e8d9c288bc Stop when a mid result is empty 2016-02-09 12:07:30 +01:00
Joas Schilling
178914104c Add a test for empty mid-result 2016-02-09 12:07:17 +01:00
Vincent Petry
3028684d89 Fix system tag filter AND condition 
If one of the results is empty, no need to do array_intersect and return
an empty result directly.
 2016-02-09 11:39:22 +01:00
Vincent Petry
847a2426b8 Fix unit tests for system tag filter section 2016-02-09 11:22:05 +01:00
Thomas Müller
bf3a843e89 Migration of calendars 2016-02-09 11:20:31 +01:00
Vincent Petry
e378a757ff Add system tags filter section for files app 2016-02-09 10:59:29 +01:00
Roeland Jago Douma
623a0e4637 Example hook check 2016-02-09 10:36:44 +01:00
Roeland Jago Douma
38cbfed476 Fix unit test 2016-02-09 10:20:25 +01:00
Thomas Müller
98497aa423 Merge pull request #22199 from owncloud/multiple_checksums 
Make checksum propfind future proof
 2016-02-09 09:10:32 +01:00
Thomas Müller
bfa404b441 Merge pull request #22217 from owncloud/fix_22215 
Federates shares have to set a file_target
 2016-02-09 09:10:17 +01:00
Jenkins for ownCloud
e749a02e6b [tx-robot] updated from transifex 2016-02-09 01:55:36 -05:00
Arthur Schiwon
cd68500731 throw hooks when accessing a link share 2016-02-09 00:34:10 +01:00
Vincent Petry
ae367c7e97 Fix elementToFile to also return path when defined 
Fixes issue when opening the share dialog for a file inside the favorite
list, and the file is from a subfolder
 2016-02-08 22:33:39 +01:00
Thomas Müller
b77a4b0c6a Merge pull request #22112 from owncloud/dav-filesreport 
Provide REPORT method on files DAV to filter/search files
 2016-02-08 21:41:40 +01:00
Thomas Müller
75bbd4f8b6 Merge pull request #22211 from owncloud/versions-hook-info 
versions provide more information when throwing hooks
 2016-02-08 21:06:03 +01:00
Vincent Petry
2f1a60a64d Add REPORT on files endpoint for filtering 
For now only supports filtering by system tags
 2016-02-08 21:04:53 +01:00
Roeland Jago Douma
7f2cb6ab60 Federates shares have to set a file_target 
The old code path is still used to get the sharing info in the webui.
This requires the file_target to be set. This does not mean anything
for federated shares.

Fixes #22215
 2016-02-08 18:30:51 +01:00
Arthur Schiwon
d2d6644702 use int values and constants instead of strings 2016-02-08 18:16:27 +01:00
Thomas Müller
698a6b07a8 Merge pull request #22206 from owncloud/share2_migration_with_federated 
Update the migration step to include federated shares
 2016-02-08 17:58:26 +01:00
Thomas Müller
703f3551dc Only set the header if the node exists and in case the request is a GET 2016-02-08 17:49:25 +01:00
Lukas Reschke
2cad9d2b8c Serve files with an attachment disposition for new DAV endpoint 
This adds a `Content-Disposition: attachment` header to all files served via the DAV endpoint.
 2016-02-08 17:08:34 +01:00
Arthur Schiwon
b6e03fe261 versions provide more information when throwing hooks 2016-02-08 16:33:49 +01:00