Commit graph

7909 commits

Author SHA1 Message Date
John Molakvoæ
fc46e98fc6 Merge pull request #6647 from nextcloud/scss-no-take-only-throw
Do not stop on scss compilation failure
2017-09-26 16:26:43 +02:00
John Molakvoæ (skjnldsv)
dec713fc92
Do not stop on scss compilation failure
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-26 15:29:37 +02:00
Joas Schilling
fe3b2385ab
Code clean up
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:27:42 +02:00
Joas Schilling
1287d6ddb3
Only allow colons in db host for IPv6 addresses
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-26 14:20:04 +02:00
Morris Jobke
11c31e94fe
Improve exception handling
If there is an exception in the template handling then a white page is shown.
This improves the handling of this and shows text only about the internal
error.

To test this just setup redis as cache and then disable the php-redis module.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-26 13:54:51 +02:00
Morris Jobke
292a704648 Merge pull request #6544 from nextcloud/fix/duplicate-session-token
Fix duplicate session token after remembered login
2017-09-25 17:39:02 +02:00
Roeland Jago Douma
3bd4e7e541 Merge pull request #6632 from nextcloud/do_not_show_hyphen
Do not show hyphen
2017-09-25 16:34:50 +02:00
Roeland Jago Douma
29fb315ffc
Allow requesting the max preview
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 16:18:48 +02:00
Stephan Müller
86265320b8
do not show hyphen after instance name in emails if slogan does not exist
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-25 09:20:46 +02:00
Roeland Jago Douma
c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-24 21:07:16 +02:00
John Molakvoæ (skjnldsv)
4a5eeb2ce7
Fixed webroot detection
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-22 07:20:31 +02:00
Morris Jobke
38568c362b Merge pull request #6605 from nextcloud/oc_ocs_response_is_dep
OC_OCS_Response is deprecated
2017-09-21 20:38:18 +02:00
Roeland Jago Douma
2207fdcd8c
Remove private legacy OC_OCS_Response
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:56 +02:00
Roeland Jago Douma
87e10f9e6a
OC_OCS_Response is deprecated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:00 +02:00
Robin Appelman
385d6f098c
Add tests for multipart upload
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:47:34 +02:00
Robin Appelman
4ae46d8876
only do multipart upload for large files
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:06:59 +02:00
John Molakvoæ (skjnldsv)
0e17b65bcf
Avoid error undefined index classes in log
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-21 14:00:39 +02:00
Christoph Wurst
38bb6e1477
Fix duplicate session token after remembered login
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
Roeland Jago Douma
8358c63f53 Merge pull request #6573 from nextcloud/nonfound-webroot-empty-string
Fix "webroot not found" when installed to the root of the webserver
2017-09-20 20:04:27 +02:00
Robin Appelman
e4e5e735db
multipart upload for s3 object storage
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 17:51:58 +02:00
Robin Appelman
5430d73a0e
Fix "webroot not found" when installed to the root of the webserver
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-20 14:19:15 +02:00
Christoph Wurst
2e19c42bc5
Check whether an app archive can be extracted
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 14:07:17 +02:00
Roeland Jago Douma
6d7ca1092d
Read appinfo from a local cache
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-19 14:34:11 +02:00
Robin Appelman
d526969a68
fix path style
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:28 +02:00
Robin Appelman
d70607104e
reuse object read/write/delete logic in s3 implementations
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
Robin Appelman
dad18baec8
update aws sdk and move it to 3rdparty
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 15:16:27 +02:00
Roeland Jago Douma
ca5c3f839a Merge pull request #6490 from nextcloud/share_pagination_query
Improve sharing pagination
2017-09-18 14:34:15 +02:00
Morris Jobke
a0132a49a6 Merge pull request #6549 from nextcloud/fix-6534
don't pass User object when uid string is expected
2017-09-18 14:28:14 +02:00
Lukas Reschke
53057f2bd0 Merge pull request #5462 from nextcloud/add-frameancestor-support
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
Arthur Schiwon
0837745477
don't pass User object when uid string is expected
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-18 13:19:47 +02:00
Roeland Jago Douma
ae1fdf73c2
Improve sharing pagination
Basically we did in almost all cases did a query to much.
This resulted in an extra query for each share type.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-15 19:44:19 +02:00
Lukas Reschke
705432ca6f
Add filter for shareapi_allow_share_dialog_user_enumeration
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.

Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
Thomas Citharel
ecf347bd1a Add CSP frame-ancestors support
Didn't set the @since annotation yet.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
Tobia De Koninck
5896176d69
Fix issue when disabling the shareapi_only_share_with_group_members option + fix findOne
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:41 +02:00
Tobia De Koninck
7dfa527da2
Improve code style
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck
f0370c0244
Some code improvements
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck
fa402c74d2
Add tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck
473a1ecad1
Fix tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Tobia De Koninck
92c238e0f0
Privacy enhancements for contacts menu
- Groups, which are excluded from sharing should not see local users at all
 - If sharing is restricted to users own groups, he should only see contacts from his groups:

Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
John Molakvoæ (skjnldsv)
1a0ac912b2
Fix webroot throw
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-14 08:41:10 +02:00
Morris Jobke
883574974d Merge pull request #6458 from nextcloud/rethrow-correct-exception
Rethrow the correct exception when there was an error in an app conta…
2017-09-14 00:32:13 +02:00
Lukas Reschke
8ef4fcb4b7 Merge pull request #6452 from lukanetconsult/hotfix/issue-6415-undefined-variable
Fix undefined variable $tmpRoot
2017-09-13 22:42:42 +02:00
Roeland Jago Douma
9163cf9241
Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Axel Helmert
01d4967130 Fix undefined variable $tmpRoot
Refactoring of webroot detection left an unused variable.

Fixes: #6415
Signed-off-by: Axel Helmert <info@luka.de>
2017-09-12 12:14:27 +02:00
Joas Schilling
c4b3198ac2
Rethrow the correct exception when there was an error in an app container
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-12 11:54:13 +02:00
Julius Härtl
8391ca8792
Use IAppManager instead of private API
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-12 09:28:22 +02:00
Julius Härtl
b49ab065b7
Move theming related imagePath logic to ThemingDefaults
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2017-09-12 09:22:57 +02:00
William Pain
9a63ded43b
Fix uninitialized variable $this->params
Signed-off-by: William Pain <pain.william@gmail.com>
2017-09-11 10:01:12 +02:00
Morris Jobke
8a79d0cc70 Merge pull request #6414 from nextcloud/share-notification-wrong-language
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Joas Schilling
29e1aa57e1
Ask the schema whether the table and column exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 11:45:16 +02:00
Joas Schilling
7e625a8d22
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Lukas Reschke
bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke
11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Morris Jobke
485e22acde Merge pull request #6329 from nextcloud/ldap-password
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
tux-rampage
7a33b9273e Refactor webroot detection in resource locator
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke
a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke
5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling
b68609d0cf
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Robin Appelman
2c0efae30f
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Morris Jobke
15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Roeland Jago Douma
b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Christoph Wurst
87aeae21e3
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Joas Schilling
6dbb64c4a2
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Morris Jobke
4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke
1ebf91ec16
Add proper EOL
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Morris Jobke
c04a494ea7 Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update
Still throw a locked exception when the path is not relative to $user/files/
2017-09-04 14:05:34 +02:00
Roeland Jago Douma
c4f175d079 Merge pull request #6326 from nextcloud/fix_4654_3375
Pass new value to triggerChange
2017-09-04 12:03:19 +02:00
Morris Jobke
139f9bd3ca Merge pull request #6331 from nextcloud/update-repair-step
Generate system wide key pair (update repair step after backport)
2017-09-04 11:59:34 +02:00
Morris Jobke
e33aa460f1 Merge pull request #6297 from te-online/add-mimetype-internet-shortcut
Add mimetype application/internet-shortcut for .url files
2017-09-04 11:55:05 +02:00
Julius Härtl
b09ce70117
Rebuild SCSS files if frontend controller value changes
fixes #6271
2017-09-03 17:32:41 +02:00
Bjoern Schiessle
e039a4c191
move repair step to stable12
because we decided to backport it the repair step needs to be executed
already on stable12

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-09-01 11:05:11 +02:00
Roeland Jago Douma
ffe1429c4f
Pass new value to triggerChange
it is not used. but pass in the empty string (on delete) and the new
file (on create)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 21:59:27 +02:00
Thomas Ebert
93d539b0cf Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types.
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
2017-08-31 16:53:07 +02:00
Roeland Jago Douma
84ea66dca8 Merge pull request #6296 from nextcloud/improve_2fa
Improve 2FA
2017-08-31 10:52:40 +02:00
Roeland Jago Douma
84b7022118
Improve 2FA
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
Morris Jobke
3cfe91bf0f
Add shareWith to email template metadata
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-29 16:09:25 +02:00
Morris Jobke
be23f7e1de
Allow the expiration date to be set to null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-28 17:49:16 +02:00
Robin Appelman
804d97d6ff
unlock file when an exception occurs during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Robin Appelman
18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-08-26 18:58:06 +02:00
Morris Jobke
2bf15eda26 Merge pull request #6255 from nextcloud/email-meta-data
Add meta information to emails for better customisation
2017-08-26 18:53:52 +02:00
Morris Jobke
0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
Morris Jobke
92292dc06a Merge pull request #6189 from nextcloud/circle-token
link to getShareByToken
2017-08-26 18:26:12 +02:00
Björn Schießle
60ee450809 Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
Joas Schilling
09747b296a
Add meta information to emails for better customisation
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-24 17:54:22 +02:00
Robin Appelman
5431b8bfc2 allow configuring the command bus 2017-08-24 16:21:50 +02:00
Robin Appelman
9731350ace split async test bus for easier subclassing 2017-08-24 16:06:37 +02:00
Roeland Jago Douma
9357cf735a Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
Maxence Lange
0459c03696 link to getShareByToken
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2017-08-20 15:21:58 +02:00
Lukas Reschke
2e4cd44556
Inject \OCP\IURLGenerator to make tests work
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
Lukas Reschke
a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.

This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.

Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.

Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
Lukas Reschke
c016b01bf9
Ensure log message is UTF-8 encoded
PHP's json_encode only accept proper UTF-8 strings, loop over all
elements to ensure that they are properly UTF-8 compliant or convert
them manually.

Without this somebody passing an invalid User Agent may make json_encode
return false which will get logged as empty newline.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 15:01:50 +02:00
Lukas Reschke
ed8a98eaa1
Prevent SQL error message in case of error
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.

The easiest way to reproduce is on MySQL:

1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
Morris Jobke
1c38a83927 Always log cron execution
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707

Recently there was also a bug report about a non-visible last cron execution
(#6088) - let's better remove this.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
Morris Jobke
cf7c4a4439 Merge pull request #6123 from nextcloud/cleanup-shareItem
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
Morris Jobke
8366dfa50b Cleanup usage of shareItem in internal code base
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
Morris Jobke
3e13e94254 Use proper methods for checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00
Morris Jobke
f640b56bfa Cleanup unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 10:09:47 +02:00
Roeland Jago Douma
8ea434d2d0 Merge pull request #6004 from nextcloud/forward-5902-repair-drop-account-terms-on-oc-migration
[13] Repair step: drop account terms on oc migration
2017-08-10 21:18:06 +02:00
Bjoern Schiessle
bae5be3dc1
add prefix to user and system keys to avoid name collisions
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Bjoern Schiessle
9524badccc
extend the identity proof manager to allow system wide key pairs
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Joas Schilling
b9b88aa666
Don't lock in the appdata_ directory
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-10 12:35:33 +02:00
Joas Schilling
5515c7b2c0
Still throw a locked exception when the path is not relative to $user/files/
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-10 11:58:01 +02:00
Morris Jobke
3dc1bcd4c1 Merge pull request #6052 from nextcloud/fix_jail_copy
Fix copy from jailed storage
2017-08-10 10:21:56 +02:00
Morris Jobke
5aa25fcdd5 Fix require once for actionInclude
* regression from #5791

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-09 23:51:49 +02:00
Roeland Jago Douma
9717cdfb9e
If there is no content don't error
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:13 +02:00
Roeland Jago Douma
459ae6d94a
User proper anonymous function
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:12 +02:00
Lukas Reschke
70d42afb93
Use non-deprecated INTL_IDNA_VARIANT_UTS46
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:02 +02:00
Lukas Reschke
c78e999b21
Make definition compatible
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:02 +02:00
Lukas Reschke
e9dc4f107a
Make declaration compatible
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-09 15:12:01 +02:00
Morris Jobke
e08768ee04 Merge pull request #6047 from nextcloud/fix-6017-select-indexed-columns
Use indexed column path_hash to find the parent
2017-08-09 13:53:23 +02:00
Roeland Jago Douma
ace7b69aa7
Fix copy from jailed storage
If we have a jailed storage we must also fix the internal path on copy.
Else we pass in the wrong path.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 11:56:31 +02:00
Joas Schilling
66b61eb67d
Use indexed column path_hash to find the parent
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-09 10:56:16 +02:00
Roeland Jago Douma
ed3b391e47
Use symfony/translation for L10N plurals
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-07 19:53:36 +02:00
Joas Schilling
43a6ba899e
Use the existing array of OC versions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-07 12:09:05 +02:00
Joas Schilling
40b47f13df
Add a repair step to drop the account_terms table on oc migration
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-07 12:08:36 +02:00
Roeland Jago Douma
4633717f04
Move pre_shared and post_shared events to EventDispatcher
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-03 15:14:29 +02:00
Morris Jobke
585e5c6ea5
Logo claim is not used anymore
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-02 23:08:45 +02:00
Morris Jobke
c40352c030 Merge pull request #5816 from nextcloud/fix-oracle
Fix oracle
2017-08-02 20:54:58 +02:00
Morris Jobke
d7d2d7c803 Merge pull request #5952 from nextcloud/appmanager-isshipped
Use public methods for OC_App::isShipped
2017-08-02 16:15:02 +02:00
Lukas Reschke
bc9eb59384
Use IUser
This is broken and will never work as the phan CI step pointed out.

Pro-tip of the day: Check why CI fails before merging 🙈

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-02 13:25:22 +02:00
Joas Schilling
78412fda9c
Add a method to compare empty strings with an expression
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:50:41 +02:00
Joas Schilling
100fe07f5d
Fix repair step for oracle...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
2f8756754f
Fix last failures with oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
bb58667511
Fix ILIKE regex for oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
fc22a2cb07
Fix auth provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
a5b0308713
Use selectAlias()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
20f8d1094a
Can not insert auto increment on oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling
a76d4ef04e
Fix clob comparison
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:15 +02:00
Joas Schilling
8ec6c1f259
Quote aliases as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:15 +02:00
Joas Schilling
b29baababd
Oracle does not support PDO::FETCH_KEY_PAIR
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:12 +02:00
Morris Jobke
cd02b2205e Use public methods for OC_App::isShipped
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-01 18:57:00 +02:00
Lukas Reschke
f93a82b8b0
Remove explicit type hints for Controller
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 17:32:03 +02:00
Morris Jobke
84c22fdeef Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call
Add metadata to \OCP\AppFramework\Http\Response::throttle
2017-08-01 14:43:47 +02:00
Morris Jobke
6010c4f267 Merge pull request #5877 from nextcloud/typehint_middleware
Prop argument type for Middleware
2017-08-01 14:28:16 +02:00
Morris Jobke
050fa63380 Merge pull request #5939 from nextcloud/dont-have-set-uid-as-displayname
Remove setUidAsDisplayName
2017-08-01 13:28:27 +02:00
Roeland Jago Douma
c8452803ef Merge pull request #5897 from nextcloud/add-share-mail-for-user-share
Send an email once a file/folder is shared with a user
2017-08-01 13:27:15 +02:00
Roeland Jago Douma
a5feb51a6a
Fix OCS Exception
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Roeland Jago Douma
ede15f0988
Fix L10N::t
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Lukas Reschke
0fa49db770
Some more invalid PHPDocs in legacy classes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
66b8208791
Function also accepts ints
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
fd059a25d3
Properly name variable
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
6fb84ebb71
null is a valid parameter
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
dfd8125aeb
Replace wrong PHPDocs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
4166d61ce6
Fix MigrationSchemaChecker and CryptoWrapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
b53c4c0db9
Fix template functions
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke
d321e9792e
Add |null to PHPDoc
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke
28098a7602
Fix \OCP\Util
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke
5424d6a40d
Add proper PHPDoc
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke
b4d4db0e39
Take IUser instead of User
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:15 +02:00
Lukas Reschke
e1f52fc901
Stricter phan config fixes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
Roeland Jago Douma
fa2f122e09 Merge pull request #5890 from nextcloud/fix-403-and-404-redirect
Fix 403 and 404 redirect
2017-07-31 22:14:52 +02:00
Roeland Jago Douma
3548603a88
Fix middleware implementations signatures
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
Lukas Reschke
bef4f015ee
Remove setUidAsDisplayName
This code is a leftover from the old Shibboleth implementation from ownCloud days, nowadays it causes more issues than it does good (such as https://github.com/nextcloud/user_saml/pull/137). Let's remove it for the future thus.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-31 15:52:53 +02:00
Morris Jobke
7b2c08a31a Merge pull request #5905 from nextcloud/ocp-config
Use IConfig instead of static OCP\Config
2017-07-31 10:54:40 +02:00
Joas Schilling
50912fb94f
Add brackets around concat statements so comparing the result works as intended
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-28 15:36:26 +02:00
Morris Jobke
c43abe43b0 Send an email once a file/folder is shared with a user
* only if user has set an email address
* only for user shares (no group shares for now)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-28 08:36:11 +02:00
Lukas Reschke
f22ab3e665
Add metadata to \OCP\AppFramework\Http\Response::throttle
Fixes https://github.com/nextcloud/server/issues/5891

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-27 14:17:45 +02:00
Morris Jobke
c27498db71 Use IConfig instead of static OCP\Config
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
Morris Jobke
0de90cfc67 Fix 403 and 404 redirect
* Nextcloud is not properly loaded in the standalone version (especially the theming)
* it is already not listed anymore in the Nginx config (see nextcloud/documentation#392)
* the index.php-free version doesn't support this

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 16:30:09 +02:00
Lukas Reschke
013d7483bf Add new bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 11:49:03 +02:00
Lukas Reschke
3faef644a1 Merge pull request #5864 from nextcloud/legacy_user
Remove legacy OC_User_Backend and OC_User_Interface
2017-07-25 17:15:11 +02:00
Lukas Reschke
63676d3b24 Merge pull request #5836 from nextcloud/preview_update
Empty search no longer works
2017-07-25 17:08:31 +02:00
Joas Schilling
41fca6c852
"Only variables must be passed by reference"
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:49:16 +02:00
Joas Schilling
10d7cbb71f
Use order by to avoid problems when chunking finds a same item again...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:49:12 +02:00
Joas Schilling
5e04254d40
Install from migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:47:37 +02:00
Roeland Jago Douma
b930f32e89
Remove legacy OC_User_Backend and OC_User_Interface
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:42:55 +02:00
Roeland Jago Douma
a907720817
Move \OC_L10N_String to proper \OC\L10N\L10NString
* Proper namespacing
* Fixed phpdocs

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:17:20 +02:00
Morris Jobke
5dc480a38c Merge pull request #5857 from nextcloud/database-exception-cleanup
Remove unneeded parameter in DatabaseException
2017-07-24 16:14:53 +02:00
Morris Jobke
e785b849c7 Merge pull request #5835 from nextcloud/cleanup_testing_app
Cleanup testing app
2017-07-24 15:03:15 +02:00
Morris Jobke
c43d479372 Merge pull request #5855 from nextcloud/cleanup-legacy-user-class
Cleanup legacy user class from unused methods
2017-07-24 14:39:18 +02:00
Morris Jobke
184f25c0d6 Merge pull request #5854 from nextcloud/improve-personal-page-code
Cleanup code of personal page to use public interfaces
2017-07-24 14:38:05 +02:00
Morris Jobke
5bc0edbd29 Merge pull request #5844 from nextcloud/phpstorm_inspect2
More phpstorm inspection fixes
2017-07-24 13:54:30 +02:00
Morris Jobke
b8ed028870 Remove unneeded parameter in DatabaseException
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 13:44:12 +02:00
Roeland Jago Douma
25c36be901
Proper DI for ILockingProvider
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 13:44:09 +02:00
Morris Jobke
188b87e03b Cleanup legacy user class from unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 12:17:53 +02:00
Morris Jobke
7790017a14 Cleanup code of personal page to use public interfaces
* public interfaces instead of static code calls
* drop static private namespace methods

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 12:11:24 +02:00
Roeland Jago Douma
5f227bd93b
More phpstorm inspection fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 11:39:29 +02:00
Morris Jobke
ae13d011d1 Remove unneeded styles
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-24 11:09:14 +02:00
Roeland Jago Douma
8bee9cf8d3
Empty search no longer works
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 10:56:21 +02:00
Lukas Reschke
bb6fe6afba
Adjust to height=120
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-24 10:18:16 +02:00
Lukas Reschke
ba1e16ea2e Revert "Set max-width of image to 100px in Outlook as well" 2017-07-24 10:14:47 +02:00
Roeland Jago Douma
989614f9d5 Merge pull request #5783 from nextcloud/outlook-max-width
Set max-width of image to 100px in Outlook as well
2017-07-24 07:15:41 +02:00
Morris Jobke
a98f57ebd0 Set max-width of image to 100px in Outlook as well
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-23 23:15:21 +02:00
Marin Treselj
586eb3ed0a
Redesign jQuery UI datepicker
Signed-off-by: Marin Treselj <marin@pixelipo.com>
2017-07-23 14:06:04 +02:00
Morris Jobke
9a151056d0 Merge pull request #5812 from MrJeos/master
Fix for mb strlen
2017-07-22 11:04:24 +02:00
Morris Jobke
655c26224b Merge pull request #5596 from nextcloud/mount-rename
Fix renaming of non-renamble mounts
2017-07-21 23:10:50 +02:00
Morris Jobke
13dd0b0ebe Merge pull request #5785 from nextcloud/path-repair-steps-storage
Also repair storage id's when repairing invalid entries
2017-07-21 16:58:31 +02:00
Lukas Reschke
4c637a428e Merge pull request #5821 from nextcloud/fix-theming-on-untrusted-domain
Fix error message on untrusted domain error page
2017-07-21 14:50:31 +02:00
Robin Appelman
06a4d6b5b9 Also repair storage id's when repairing invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 14:06:13 +02:00
Roeland Jago Douma
a33b6cdd21 Merge pull request #5820 from MarcelWaldvogel/minor-documentation-fixes
Minor documentation fixes
2017-07-21 13:32:10 +02:00
Morris Jobke
1a4a68dbc6 Fix error message on untrusted domain error page
Fixes #5347

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-21 11:46:37 +02:00
Marcel Waldvogel
4e42f059ed Minor typos
Signed-off-by: Marcel Waldvogel <marcel.waldvogel@uni-konstanz.de>
2017-07-21 09:50:44 +02:00
Roeland Jago Douma
e5bedd8947 Merge pull request #5818 from nextcloud/ocs_privatedata
PrivateData to app
2017-07-21 09:47:49 +02:00
Morris Jobke
b1954bed97 Merge pull request #5797 from paulijar/share20-postUnshareFromSelf
Dispatch event postUnshareFromSelf when the recipient of a share unshares it
2017-07-21 09:32:49 +02:00
Roeland Jago Douma
7753b93aa6
PrivateData to app
* PrivateData is an app now: https://github.com/nextcloud/privatedata
* No need to load the OCS routes.php (as there is none!)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-21 08:51:14 +02:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Artem Kochnev
5abeb9519e Fix for mb strlen
Error with moving files with long names in UTF-8
2017-07-20 17:29:50 +03:00
Pauli Järvinen
7c4a15f215 Emit hook postUnshareFromSelf when the recipient of a share unshares it
- This kind of hook signal used to be emitted in the old Share library but it was missing from Share 2.0

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-20 14:45:46 +03:00
Joas Schilling
3ff3c338c9 Merge pull request #5734 from nextcloud/only-readable-chars-in-share-tokens
Only use readable chars in Share Tokens
2017-07-19 16:40:18 +02:00
Morris Jobke
49c622fcba Merge pull request #5719 from nextcloud/improve-jscombiner
Properly handle if the deps file if for some reason empty
2017-07-19 16:31:29 +02:00