Commit graph

104 commits

Author SHA1 Message Date
Arthur Schiwon
2b128ca576
update autoloader
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:38:05 +02:00
Morris Jobke
07a0f95ebf Update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-21 14:41:47 -05:00
Morris Jobke
edec9ade80 Update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-06 08:04:26 -05:00
Lukas Reschke
7976927628 Merge pull request #4894 from nextcloud/generic-security-activities
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
Roeland Jago Douma
19a1e01d6c
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:11:29 +02:00
Joas Schilling
c6a5a25b48
Add a migration step to save the data from the accounts table before migrating
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-18 10:48:54 +02:00
Joas Schilling
31bb65fa36
Check the name length of database items
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-16 16:16:11 +02:00
Joas Schilling
93fc7fcdbe
Check the syntax of the language file
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-16 16:16:07 +02:00
Lukas Reschke
9d920ef9b2
Update autoloader map
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-15 14:24:44 +02:00
Lukas Reschke
4d101ca2be Merge pull request #4514 from nextcloud/automatic-mysql-4byte-detection
Automatic mysql 4byte detection
2017-05-08 12:18:40 +02:00
Roeland Jago Douma
e3b10f3e6f
Updated autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-28 23:41:38 -03:00
Joas Schilling
0aa5ddff13
Fix autoloading
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-28 09:35:36 +02:00
Morris Jobke
01705b1b6a Merge pull request #4515 from nextcloud/downstream-27643
Adjust query/event logging code in favour of more complex owncloud/di…
2017-04-26 22:58:01 -03:00
Roeland Jago Douma
d0bbae7425
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-26 22:25:41 +02:00
Lukas Reschke
d17a901f8a
Update autoload map
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:54 +02:00
Lukas Reschke
47cd976035
Add app bundles
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:49 +02:00
Jan-Christoph Borchardt
241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Christoph Wurst
5c29fb16c0 Update composer autoloader
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst
d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Lukas Reschke
6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Joas Schilling
9871e4eaee
Kill dead code
> No tests found in class "Test\Share\MailNotificationsTest".

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:43:19 +02:00
Morris Jobke
10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager
Access list to share manager
2017-04-15 13:06:24 -05:00
Roeland Jago Douma
f40b9fa9bd Merge pull request #4330 from nextcloud/activities-for-password-mail-change
Add activities when email or password is changed
2017-04-14 08:16:43 +02:00
Morris Jobke
8e8b345fbd
Fix autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-13 16:28:07 -05:00
Lukas Reschke
8149945a91
Make BruteForceProtection annotation more clever
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
Roeland Jago Douma
6a519abde8
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 14:56:05 +02:00
Roeland Jago Douma
2cbac3357b
Offload acceslist creation to providers
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Lukas Reschke
54930ac926
Update static autoloadermap
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Björn Schießle
b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints
Discover federatedsharing endpoints
2017-04-12 16:01:07 +02:00
Lukas Reschke
3600dd4f52
Add IEMailTemplate to public OCP API
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 16:35:46 +02:00
Roeland Jago Douma
42f40659f6
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-11 15:04:15 +02:00
Lukas Reschke
8daf3d4a70
Update autoloader
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-07 12:03:47 -05:00
Robin Appelman
07449a4885
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 11:14:56 +02:00
Roeland Jago Douma
be6acbeb52
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-24 16:11:54 +01:00
Morris Jobke
f4ead7c7d3
Fix autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-22 12:08:41 -06:00
Joas Schilling
348d97dfd6 Merge pull request #3844 from nextcloud/unshare_event
Unshare event
2017-03-21 16:57:09 +01:00
Lukas Reschke
81c1522ad0
Update autoloader
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-20 10:20:13 +01:00
Roeland Jago Douma
57fc7f60d3
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-17 08:51:03 +01:00
Roeland Jago Douma
d6ce7ac465
Bump autoloader
Composer was updated so lets update the autoloader

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-09 14:21:38 +01:00
Robin Appelman
2a8e922d67 Merge pull request #3360 from nextcloud/dav-search
Implement webdav SEARCH
2017-03-08 13:09:19 +01:00
Morris Jobke
1bcd396679
Change language code for languages with only one translation
* then the language is not that specific and get also matched for fi
* fallback from fi_FI to fi is supported - the other way around not
* contains repair script
* contains tests for repair script
* fixes #869

Order results to make postgres happy

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-01 22:35:28 -06:00
Robin Appelman
d8c89688f4
autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-01 14:06:40 +01:00
Joas Schilling
b26568133f Merge pull request #3605 from nextcloud/single-user
Clean up single user mode
2017-02-24 08:52:26 +01:00
Morris Jobke
9533f4e5ed
Clean up single user mode
Single user mode basically disables WebDAV, OCS and cron execution. Since
we heavily rely on WebDAV and OCS also in the web UI it's basically useless.
An admin only sees a broken interface and can't even change any settings nor
sees any files. Also sharing is not possible.

As this is at least the case since Nextcloud 9 and we haven't received any
reports for this it seems that this feature is not used at all so I removed it.

The encryption commands now rely on the well tested maintenance mode.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:02:31 -06:00
Morris Jobke
2bbf3b18d9
cleanup old and not needed repair steps to speed up the update
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 22:35:18 -06:00
Morris Jobke
c2d3e12e23
Remove unneeded UpdateCertificateStore.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 21:26:59 -06:00
Robin Appelman
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
Morris Jobke
5bad417e57 Merge pull request #2044 from nextcloud/login-credential-store
Login credential store
2017-01-30 19:30:04 -06:00
Robin Appelman
90c011379c
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-27 10:51:00 +01:00
Robin Appelman
c76fe2b4f5
remote now unneeded AvatarPermissions repair step
Avatars are now stored in appdata

Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-26 19:24:55 +01:00