Commit graph

2883 commits

Author SHA1 Message Date
Jenkins for ownCloud
77a8085f84 [tx-robot] updated from transifex 2016-01-11 01:55:34 -05:00
Jan-Christoph Borchardt
d05e0c81d4 remove extra slogan footer from Personal and Admin pages 2016-01-11 03:18:06 +01:00
Lukas Reschke
f4c04c5f28 Concat also the other results
Otherwise this will ignore the two last checks 🙊
2016-01-10 11:39:44 +01:00
Jenkins for ownCloud
580deb09f8 [tx-robot] updated from transifex 2016-01-10 01:55:57 -05:00
Thomas Müller
c5b2b3a124 Merge pull request #21562 from owncloud/properly-check-for-well-known-redirect
Add check for .well-known URL in the root of the webservers URL
2016-01-09 17:42:11 +01:00
Jenkins for ownCloud
72b34575df [tx-robot] updated from transifex 2016-01-09 01:55:50 -05:00
Morris Jobke
0161928fc3 Add check for .well-known URL in the root of the webservers URL
* fixes #20012
2016-01-08 23:27:29 +01:00
Morris Jobke
99cf90c8a4 fix warning box size for avatar change 2016-01-08 10:27:55 +01:00
Jenkins for ownCloud
88c4cba1f5 [tx-robot] updated from transifex 2016-01-08 01:56:39 -05:00
Thomas Müller
46107f82d4 Merge pull request #21506 from owncloud/issue-20218-min-max-owncloud-version-warning
Issue 20218 min max owncloud version warning
2016-01-07 16:51:00 +01:00
Joas Schilling
3a494033d2 Allow searching apps by ID 2016-01-07 16:33:25 +01:00
Vincent Petry
44f4195eee Keep scroll position in users page when sorting
When sorting, some browsers like Chrome will lose the scroll position,
possibly because the sorting code is touching the DOM elements.

This fix saves the scroll position before sorting and sets it back
afterwards.
2016-01-07 15:48:59 +01:00
Vincent Petry
112ccd00a3 Fix users list dropdown position after scroll
When scrolling, the position calculation of the multiselect dropdown was
wrong. Adding "position: relative" to the list container makes the
button calculation relative to it instead of the whole page. In this
case the dropdown is properly aligned with the field regardless of
scrolling.
2016-01-07 15:25:04 +01:00
Joas Schilling
83855c073b Add a warning on the apps list when the version is missing 2016-01-07 15:03:55 +01:00
Jenkins for ownCloud
27dfa74d89 [tx-robot] updated from transifex 2016-01-07 01:55:48 -05:00
Thomas Müller
d3922510d0 Merge pull request #20994 from owncloud/personal-page
improve layout of personal settings page
2016-01-06 17:25:12 +01:00
Lukas Reschke
88c7face07 Inject OCSClient
Fixes https://github.com/owncloud/core/issues/21451
2016-01-06 11:40:22 +01:00
Jenkins for ownCloud
c77917f48c [tx-robot] updated from transifex 2016-01-06 01:55:16 -05:00
Jan-Christoph Borchardt
bfee488c56 remove unneeded 'goto' prefix from settings anchors 2016-01-04 12:59:32 +01:00
Jenkins for ownCloud
157bb50a39 [tx-robot] updated from transifex 2016-01-04 01:55:05 -05:00
Jenkins for ownCloud
6ca2da7d5c [tx-robot] updated from transifex 2016-01-02 01:54:46 -05:00
Jenkins for ownCloud
dfec9f0c8a [tx-robot] updated from transifex 2016-01-01 01:55:10 -05:00
Jenkins for ownCloud
970495a067 [tx-robot] updated from transifex 2015-12-31 01:55:16 -05:00
Jenkins for ownCloud
45c41e2b2c [tx-robot] updated from transifex 2015-12-30 01:55:47 -05:00
Jan-Christoph Borchardt
e4cf53031b fix overlap and functionality of cropper 2015-12-28 19:23:40 +01:00
Jan-Christoph Borchardt
640adde3b9 improve layout of personal settings page 2015-12-28 18:50:50 +01:00
Jan-Christoph Borchardt
6e60b6ee7c shorten quota usage wording, fix overflow on mobile, fix #21129 2015-12-28 18:42:48 +01:00
Jenkins for ownCloud
89584716f8 [tx-robot] updated from transifex 2015-12-28 01:55:10 -05:00
Morris Jobke
ed98cdf532 Use OCP\Util::getVersion instead of the internal private implementation 2015-12-18 15:26:54 +01:00
Morris Jobke
e42f262d85 properly use OCP\Util instead of OC_Helper 2015-12-18 11:46:21 +01:00
Thomas Müller
551e553bf4 Merge pull request #21264 from owncloud/deprecated_oc_user_methods
Cleanup OC_User deprecated methods
2015-12-18 10:15:18 +01:00
Thomas Müller
228a75e2ec Merge pull request #21248 from owncloud/deprecated_oc_helper_linkToRoute
Replace deprecated OC_Helper::linkToRoute calls
2015-12-18 07:56:42 +01:00
Roeland Jago Douma
9fe3d2f1f8 OC_Helper::linkToRoute is deprecated
Replaced all calls to OC_Helper::linkToRoute with
OC::$server->getURLGenerator()->linkToRoute
2015-12-17 18:46:42 +01:00
Roeland Jago Douma
6248bad0f7 Add a default size to the avatar placeholders
This removed the need to do an avatar request on the "empty" row in the
user settings.
2015-12-17 16:30:23 +01:00
Thomas Müller
3818a055b9 Merge pull request #21255 from owncloud/usermanagement-show-password-error-temporary
user management: show password error temporary
2015-12-17 16:25:14 +01:00
Roeland Jago Douma
7e44ea5da0 Remove deprecated function OC_User::getManager
Private deprecated function => removed
Replaced all instances with suggested replacement
2015-12-17 16:18:34 +01:00
Thomas Müller
d402ac91d7 Merge pull request #21260 from owncloud/fix-undefined-l10n-var
initialize l10n instance earlier, fixes an undefined var warning foll…
2015-12-17 16:08:08 +01:00
Arthur Schiwon
0ecbfae5ff initialize l10n instance earlier, fixes an undefined var warning followed by a php error 2015-12-17 15:08:15 +01:00
Roeland Jago Douma
a81836a42f Only load the big (128x128) avatar on the perosnal page
Before the code was executed on every page if a user was logged in. Now
only on the personal page. Thus saving a request on all other pages.
2015-12-17 13:55:22 +01:00
michag86
7a86f10ebc Update users.js 2015-12-17 12:43:44 +01:00
Jenkins for ownCloud
a7cd8103b5 [tx-robot] updated from transifex 2015-12-17 01:55:09 -05:00
Jenkins for ownCloud
74de12c698 [tx-robot] updated from transifex 2015-12-13 01:54:51 -05:00
Thomas Müller
4f860b7e0a Merge pull request #20978 from owncloud/fix-dont-show-unsaved-values-in-usermgmt
reset mailadress/displayname on blur
2015-12-11 12:15:01 +01:00
Jenkins for ownCloud
acce1638e5 [tx-robot] updated from transifex 2015-12-11 01:55:44 -05:00
Thomas Müller
ae6c3c1539 Merge pull request #21123 from owncloud/remove-db-locking-performance-warning-master
Remove info about database locking performance
2015-12-10 17:24:43 +01:00
Thomas Müller
01b9f07ac8 Remove info about database locking performance 2015-12-10 16:10:45 +01:00
Jenkins for ownCloud
078ca149b5 [tx-robot] updated from transifex 2015-12-10 01:55:17 -05:00
Jenkins for ownCloud
dda9525c4b [tx-robot] updated from transifex 2015-12-09 01:55:14 -05:00
Thomas Müller
fe8dc0bd5e Merge pull request #21022 from owncloud/get-rid-of-by-reference
Get rid of by reference
2015-12-08 11:04:25 +01:00
Thomas Müller
c88438790c Merge pull request #20979 from owncloud/settings-groups-entry
Add 'my groups' anchor to the personal page sidebar
2015-12-08 11:04:09 +01:00
Lukas Reschke
4b293dffe5 Use \OCP\Util::sanitizeHTML instead of \OC_Util::sanitizeHTML 2015-12-08 08:56:47 +01:00
Scrutinizer Auto-Fixer
453e1bf66e Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-12-07 15:43:36 +00:00
Patrick Robertson
96a83a783f Add 'my groups' anchor to the personal page sidebar 2015-12-07 16:16:12 +01:00
Thomas Müller
085f3f58fa Merge pull request #20954 from owncloud/settings_user_only_load_avatar_if_available
Settings user only load avatar if available
2015-12-07 10:19:38 +01:00
Thomas Müller
c9069d5711 Merge pull request #20959 from owncloud/drop-OC_App-setActiveNavigationEntry
Remove unused setActiveNavigationEntry of OC_App - it's also in OCP\App
2015-12-07 10:17:44 +01:00
michag86
cf0d163a32 reset mailadress/displayname on blur 2015-12-07 09:48:54 +01:00
Jenkins for ownCloud
f0b1ba713d [tx-robot] updated from transifex 2015-12-05 01:55:14 -05:00
Morris Jobke
e6d4496fc2 Remove unused setActiveNavigationEntry of OC_App - it's also in OCP\App 2015-12-04 17:23:51 +01:00
Roeland Jago Douma
8c9a3ccefc Do not request an avatar if there is none 2015-12-04 14:56:49 +01:00
Roeland Jago Douma
a619629ac0 Only try to load avatars in the user list if there is any 2015-12-04 14:56:49 +01:00
Roeland Jago Douma
50d862e5d1 [Avatars] JS should not load same avatar twice
Old code first dit an ajax request to the avatar. Then a new image
object with the same src was created and since we do not cache avatars
yet :(  this resulted in 2 sequential requests to the exact same URL

Now if you set the displayname it will first set the placeholder and
then load the avatar in the background. Only once this time!
2015-12-04 10:42:11 +01:00
Thomas Müller
7fefd4f4d9 Merge pull request #20860 from owncloud/use-user-getEMailAddress-all-over-the-place
User IUser::getEMailAddress() all over the place
2015-12-03 09:21:53 +01:00
Jenkins for ownCloud
5c178a2719 [tx-robot] updated from transifex 2015-12-03 01:55:12 -05:00
Thomas Müller
eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Morris Jobke
0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Jenkins for ownCloud
4f4b91a9ec [tx-robot] updated from transifex 2015-12-02 02:00:28 -05:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller
f48ea593eb Merge pull request #20850 from owncloud/use-text-instead-of-html
Use .text instead of .html
2015-12-01 10:18:29 +01:00
Jenkins for ownCloud
8421a43df1 [tx-robot] updated from transifex 2015-12-01 01:55:07 -05:00
Lukas Reschke
3ea654d2d4 Use .text instead of .html
Makes some static source code analyzers happier.
2015-11-30 23:49:27 +01:00
Jenkins for ownCloud
5a9b892b2e [tx-robot] updated from transifex 2015-11-30 01:55:24 -05:00
Jenkins for ownCloud
d305412a35 [tx-robot] updated from transifex 2015-11-28 01:55:16 -05:00
Jenkins for ownCloud
39fb320bae [tx-robot] updated from transifex 2015-11-27 01:55:14 -05:00
Jenkins for ownCloud
dd18ea611b [tx-robot] updated from transifex 2015-11-26 01:55:22 -05:00
Jenkins for ownCloud
6e60c0f0c4 [tx-robot] updated from transifex 2015-11-25 01:55:37 -05:00
Jenkins for ownCloud
cb69e6c201 [tx-robot] updated from transifex 2015-11-24 01:56:32 -05:00
Thomas Müller
bf672d7e51 Merge pull request #20222 from owncloud/federated_sharing_auto_complete
federated sharing auto-complete, first step
2015-11-23 10:42:14 +01:00
Thomas Müller
333232f665 Merge pull request #20559 from owncloud/settings_app_to_controller
[Settings] Moved changedisplayname to usercontroller
2015-11-23 08:36:47 +01:00
Jenkins for ownCloud
56e05a90af [tx-robot] updated from transifex 2015-11-23 01:54:53 -05:00
Jenkins for ownCloud
2321cc4854 [tx-robot] updated from transifex 2015-11-22 01:54:53 -05:00
Jenkins for ownCloud
eb42340fa3 [tx-robot] updated from transifex 2015-11-21 01:54:59 -05:00
Roeland Jago Douma
0265bcfdae Moved changedisplayname to usercontroller
Killed the old static route to change a users display name and moved it
to a properly testable controller.
2015-11-20 16:05:43 +01:00
Jenkins for ownCloud
764504de19 [tx-robot] updated from transifex 2015-11-20 01:55:32 -05:00
Björn Schießle
97c60fd217 change 'cronstatus' to 'status' so that it can be used in other apps too 2015-11-19 18:07:10 +01:00
Thomas Müller
4ff34daedb Merge pull request #20533 from owncloud/log-level
clarify log level setting design, fix #20514
2015-11-19 10:41:30 +01:00
Jenkins for ownCloud
c10be07c1b [tx-robot] updated from transifex 2015-11-19 01:55:13 -05:00
Jan-Christoph Borchardt
9671103121 clarify log level setting design, fix #20514 2015-11-18 14:04:09 +01:00
Jenkins for ownCloud
5dd59b4bd2 [tx-robot] updated from transifex 2015-11-11 01:55:47 -05:00
Thomas Müller
dd153a5625 Merge pull request #20176 from owncloud/font-style
move font back from Light to Regular for body text, fix #18954
2015-11-10 17:52:09 +01:00
Thomas Müller
0c46f75f6a Merge pull request #20436 from owncloud/checkbox
use new checkbox style for Apps mgmt settings
2015-11-10 17:47:24 +01:00
Jan-Christoph Borchardt
83c177fc1b move font back from Light to Regular for body text on normal-res screens, fix #18954 2015-11-10 16:12:42 +01:00
Jan-Christoph Borchardt
e9691893b5 use new checkbox style for Apps mgmt settings 2015-11-10 14:31:34 +01:00
Thomas Müller
267d30d4f6 Fix #18072 2015-11-10 10:28:23 +01:00
Thomas Müller
a5dd2df384 Merge pull request #20383 from owncloud/fix-setupchecks-messages
Properly detect setup check messages set in the HTML template
2015-11-09 11:10:41 +01:00
Jenkins for ownCloud
113f9f80f3 [tx-robot] updated from transifex 2015-11-09 01:55:05 -05:00
Jenkins for ownCloud
f8637b6082 [tx-robot] updated from transifex 2015-11-08 01:55:13 -05:00
Robin McCorkell
6959d5ca22 Properly detect setup check messages set in the HTML template 2015-11-08 00:02:59 +00:00
Morris Jobke
fa24d92eea Show the language code in personal settings for unknown languages
Steps to reproduce:
* having an unknown language set in oc_preferences
* browse the personal settings
* only get listed the first letter of this language in the language chooser
2015-11-06 09:48:05 +01:00
Jenkins for ownCloud
f2b19333b9 [tx-robot] updated from transifex 2015-11-06 01:55:09 -05:00
Thomas Müller
475b52c93b Merge pull request #20283 from owncloud/fix-varaible-type
Fix typo in variable name
2015-11-04 11:10:48 +01:00