Commit graph

179 commits

Author SHA1 Message Date
Björn Schießle
40b99734d3
introduce accounts table and keep it up-to-date with the data added to the personal settings
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:29:41 +01:00
Robin Appelman
2389e0f250
read lockdown scope from token
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-11-16 15:24:27 +01:00
Christoph Wurst
d907666232
bring back remember-me
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
Arthur Schiwon
83ba2f2e90
final db indexes 2016-08-16 13:21:59 +02:00
Arthur Schiwon
9d9c540544
fix duplicated db index name 2016-08-09 22:43:29 +02:00
Arthur Schiwon
ceeb44bd04
Initial work on Apps page split:
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Robin Appelman
29eeeb2273 Save the files external mount id in the mount cache table 2016-07-13 16:34:08 +02:00
Christoph Wurst
0c0a216f42
store last check timestamp in token instead of session 2016-06-17 15:42:28 +02:00
Christoph Wurst
c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Vincent Petry
8646802850 Merge pull request #24696 from owncloud/lock-jobs-while-executing
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling
d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel 2016-05-21 01:59:25 +02:00
Vincent Petry
3cd65fe25d
Add systemtag_group table and get/set methods
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Christoph Wurst
c28e462583
Use CLOB for auth token names to allow long user agent strings 2016-05-12 11:19:17 +02:00
Christoph Wurst
aa85edd224
increase token column width
add some range to time() assertions
2016-05-11 13:36:46 +02:00
Christoph Wurst
8d48502187
Add index on 'last_activity'
add token type column and delete only temporary tokens in the background job

debounce token updates; fix wrong class import
2016-05-11 13:36:46 +02:00
Christoph Wurst
3ab922601a
Check if session token is valid and log user out if the check fails
* Update last_activity timestamp of the session token
* Check user backend credentials once in 5 minutes
2016-05-11 13:36:46 +02:00
Christoph Wurst
2fa5e0a24e
invalidate (delete) session token on logout
add 'last_activity' column to session tokens and delete old ones via a background job
2016-05-11 13:36:46 +02:00
Christoph Wurst
d8cde414bd
token based auth
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
2016-05-11 13:36:46 +02:00
Arthur Schiwon
b3ac81f134 exchange user_id_key for a unique one. 2016-02-26 01:02:22 +01:00
Arthur Schiwon
9250704ecb add index definitions for comments tables 2016-02-24 21:48:12 +01:00
Joas Schilling
24c7f38a00 Make sure we can store strings as per the interface 2016-02-22 15:43:20 +01:00
Roeland Jago Douma
2035a179bc Add store/retrieve checksums
* Add extra db column to filecache
* Bump version
* Update filecache code to actually handle checksum
* Webdav code to store/retrieve checksums
2016-02-03 09:03:51 +01:00
Arthur Schiwon
01cdc70f9c introduce comments read marke tables, comes with user cleanup after deletion 2016-01-29 13:08:02 +01:00
Thomas Müller
9b4c9a0357 Merge pull request #18531 from owncloud/ext-user-credentials
External storage 'Login credentials' auth mechanism
2016-01-22 13:14:14 +01:00
Robin Appelman
cf6ee1c866 cache mountpoints in the db 2016-01-20 16:30:22 +01:00
Robin McCorkell
da4127d23b Introduce CredentialsManager for storage of credentials in DB
CredentialsManager performs a simple role, of storing and retrieving
encrypted credentials from the database. Credentials are stored by user
ID (which may be null) and credentials identifier. Credentials
themselves may be of any type that can be JSON encoded.

The rationale behind this is to avoid further (mis)use of
oc_preferences, which was being used for all manner of data not related
to user preferences.
2016-01-18 11:10:41 +01:00
Roeland Jago Douma
6c77d1734e [Share 2.0] Update db structure to stay backwards compatible 2016-01-06 14:53:43 +01:00
Thomas Müller
08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Vincent Petry
b666367a79 Added system tags data structure and PHP side managers
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Roeland Jago Douma
5e8256beb8 [Sharing 2.0] Add a new db column for the file owner
We need to store the owner of a file in the db to do efficient queries
on the owner of a file. Without this we need to construct fill paths for
each file id in the table and see who the owner of a file is. Which does
not scale.
2015-11-25 13:17:02 +01:00
Arthur Schiwon
6bd343a3b7 DB scheme for Comments table, resolves #20265 2015-11-20 18:00:52 +01:00
Morris Jobke
6b6f19bb94 Drop unused table file_map
* used only for windows support
* windows support was dropped in 8.2.0 - see #17379
* was introduced in fd8cb9974b
* ref #18935
2015-11-05 08:21:53 +01:00
Robin McCorkell
5ca690e2f8 Use integer for availability instead of bool 2015-09-15 10:18:32 +02:00
Thomas Müller
534b2e407a Merge pull request #17662 from owncloud/locking-db
Database backend for locking
2015-08-26 03:56:37 +02:00
Robin Appelman
132a564a21 rename path field to key 2015-08-03 15:46:19 +02:00
Robin Appelman
96a9d171b3 Fix db schema 2015-08-03 14:13:36 +02:00
Robin Appelman
4ea7cbb0f5 Add database backend for high level locking 2015-08-03 14:13:35 +02:00
Robin McCorkell
df19cabb44 Store storage availability in database
Storage status is saved in the database. Failed storages are rechecked every
10 minutes, while working storages are rechecked every request.

Using the files_external app will recheck all external storages when the
settings page is viewed, or whenever an external storage is saved.
2015-07-20 16:27:26 +01:00
Morris Jobke
ff5bd9d918 Remove index on file_target of share table
* causes issues on InnoDB because it exceeds the maximal key length
  of an index which is 767 (3-byte charset * varchar(512) = 1536)
* fixes #17619
2015-07-14 13:26:51 +02:00
Morris Jobke
4a37d565bd Add indexes to speedup DB queries
* file_target is often used in the sharing code in JOIN statements for retrieval of shares
2015-07-08 18:04:10 +02:00
Thomas Müller
3ff484e695 we no longer support webdav locks - no need to keep the column 2015-03-12 15:23:44 +01:00
Robin Appelman
3cf237df67 set max argument length to 4000 2015-02-25 15:09:41 +01:00
Robin Appelman
6fc0eb0236 expand cron argument column to 2048 2015-02-25 15:08:40 +01:00
Joas Schilling
3a5b0a8cfc Revert "Improve: Index for file_map"
This reverts commit c9b5608405.
2015-02-13 15:15:28 +01:00
Joas Schilling
6039523cd6 Revert "Incorporate review changes"
This reverts commit f6a452cabf.
2015-02-13 15:15:10 +01:00
Lukas Reschke
f6a452cabf Incorporate review changes 2015-02-12 19:14:54 +01:00
windaishi
c9b5608405 Improve: Index for file_map
Added two indices for file_map, that improve syncing and uploading and deleting files
2015-02-12 19:12:08 +01:00
Thomas Müller
3e58f5df2e Revert "add share index"
This reverts commit e19b3a8794.
2014-07-17 20:56:06 +02:00