wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
40462 commits 157 branches 562 tags 714 MiB
Commit graph

14418 commits

Author SHA1 Message Date
Morris Jobke
e9c713902e Merge pull request #6417 from nextcloud/proper-english-nowhave 
Improve text: 'you have now' -> 'you now have'
 2017-09-08 18:29:22 +02:00
Leon Klingele
8e46e6b827
Improve text: 'you have now' -> 'you now have' 
Signed-off-by: Leon Klingele <leon@struktur.de>
 2017-09-08 13:47:11 +02:00
Nextcloud bot
194f880073
[tx-robot] updated from transifex 2017-09-08 00:08:16 +00:00
Lukas Reschke
bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token 
Fix failing csp/nonce check due to timed out session
 2017-09-07 19:51:59 +02:00
Lukas Reschke
11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup 
cleanup oci setup code
 2017-09-07 14:11:55 +02:00
Morris Jobke
485e22acde Merge pull request #6329 from nextcloud/ldap-password 
Don't log LDAP password when server is not available
 2017-09-07 09:25:56 +02:00
tux-rampage
7a33b9273e Refactor webroot detection in resource locator 
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
 2017-09-06 21:32:48 +02:00
Morris Jobke
a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin 
Allow group backend to declare users as admins
 2017-09-06 19:50:52 +02:00
Morris Jobke
5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop 
Fix login with basic auth
 2017-09-06 17:04:00 +02:00
Joas Schilling
b68609d0cf
Don't log LDAP password when server is not available 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-06 16:38:55 +02:00
Robin Appelman
2c0efae30f
cleanup oci setup code 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-09-06 15:55:05 +02:00
Nextcloud bot
9d930210ee
[tx-robot] updated from transifex 2017-09-06 00:08:21 +00:00
Morris Jobke
15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name 
Set the meta data before everything
 2017-09-05 16:08:57 +02:00
Knut Ahlers
586cefc4f1
Add @since tag to constant 
Signed-off-by: Knut Ahlers <knut@ahlers.me>
 2017-09-05 15:49:13 +02:00
Roeland Jago Douma
b96485b6bd
Fix login with basic auth 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-09-05 12:24:41 +02:00
Christoph Wurst
87aeae21e3
Fix failing csp/nonce check due to timed out session 
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-09-04 17:29:26 +02:00
Morris Jobke
e0c92c2da3
Update autoloader 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-04 15:42:34 +02:00
Joas Schilling
6dbb64c4a2
Merge setMetaData into constructor 
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-04 15:07:41 +02:00
Morris Jobke
4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split 
Allow configuring different command bus backends
 2017-09-04 14:22:06 +02:00
Morris Jobke
1ebf91ec16
Add proper EOL 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-04 14:21:44 +02:00
Morris Jobke
c04a494ea7 Merge pull request #6064 from nextcloud/fix-5219-absolute-path-must-be-relative-to-files-on-theming-update 
Still throw a locked exception when the path is not relative to $user/files/
 2017-09-04 14:05:34 +02:00
Roeland Jago Douma
c4f175d079 Merge pull request #6326 from nextcloud/fix_4654_3375 
Pass new value to triggerChange
 2017-09-04 12:03:19 +02:00
Morris Jobke
139f9bd3ca Merge pull request #6331 from nextcloud/update-repair-step 
Generate system wide key pair (update repair step after backport)
 2017-09-04 11:59:34 +02:00
Bjoern Schiessle
e195021926
update autoloader 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-09-04 11:59:00 +02:00
Morris Jobke
e33aa460f1 Merge pull request #6297 from te-online/add-mimetype-internet-shortcut 
Add mimetype application/internet-shortcut for .url files
 2017-09-04 11:55:05 +02:00
Julius Härtl
b09ce70117
Rebuild SCSS files if frontend controller value changes 
fixes #6271
 2017-09-03 17:32:41 +02:00
Nextcloud bot
27c6dc9657
[tx-robot] updated from transifex 2017-09-02 00:08:29 +00:00
Bjoern Schiessle
e039a4c191
move repair step to stable12 
because we decided to backport it the repair step needs to be executed
already on stable12

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-09-01 11:05:11 +02:00
Roeland Jago Douma
ffe1429c4f
Pass new value to triggerChange 
it is not used. but pass in the empty string (on delete) and the new
file (on create)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-31 21:59:27 +02:00
Thomas Ebert
93d539b0cf Add mimetype support for .URL (Windows) and .webloc (macOS) files. Update places/link svg. Add filetype/link icon. Add repair step for mime types. 
Signed-off-by: Thomas Ebert <thomas.ebert@te-online.net>
 2017-08-31 16:53:07 +02:00
Roeland Jago Douma
84ea66dca8 Merge pull request #6296 from nextcloud/improve_2fa 
Improve 2FA
 2017-08-31 10:52:40 +02:00
Nextcloud bot
99dcf5036d
[tx-robot] updated from transifex 2017-08-31 00:08:31 +00:00
Nextcloud bot
1e24fe858a
[tx-robot] updated from transifex 2017-08-30 00:08:26 +00:00
Roeland Jago Douma
84b7022118
Improve 2FA 
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-29 20:27:36 +02:00
Morris Jobke
3cfe91bf0f
Add shareWith to email template metadata 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-08-29 16:09:25 +02:00
Morris Jobke
8c917cbfe0 Merge pull request #6288 from nextcloud/master-6287 
Allow the expiration date to be set to null
 2017-08-29 11:32:11 +02:00
Nextcloud bot
daf2d6cb96
[tx-robot] updated from transifex 2017-08-29 00:08:27 +00:00
Morris Jobke
be23f7e1de
Allow the expiration date to be set to null 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-08-28 17:49:16 +02:00
Nextcloud bot
8e4085526d
[tx-robot] updated from transifex 2017-08-28 00:08:24 +00:00
Robin Appelman
804d97d6ff
unlock file when an exception occurs during scanning 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-08-26 18:58:06 +02:00
Robin Appelman
18908af87b
Dont swallow exception when inserting mimetypes if we're inside a transaction 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-08-26 18:58:06 +02:00
Morris Jobke
2bf15eda26 Merge pull request #6255 from nextcloud/email-meta-data 
Add meta information to emails for better customisation
 2017-08-26 18:53:52 +02:00
Morris Jobke
0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url 
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
 2017-08-26 18:50:52 +02:00
Morris Jobke
92292dc06a Merge pull request #6189 from nextcloud/circle-token 
link to getShareByToken
 2017-08-26 18:26:12 +02:00
Roeland Jago Douma
6c6253ff6f
Bump autoloader 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-26 13:48:18 +02:00
Christoph Wurst
6676232a56
Allow 2FA providers to specify their custom CSP 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-08-26 13:48:08 +02:00
Nextcloud bot
ca490bafb9
[tx-robot] updated from transifex 2017-08-26 00:08:26 +00:00
Nextcloud bot
7b8bd8188e
[tx-robot] updated from transifex 2017-08-25 00:08:59 +00:00
Björn Schießle
60ee450809 Merge pull request #5870 from nextcloud/generate-system-wide-key-pair 
extend the identity proof manager to allow system wide key pairs
 2017-08-24 18:36:35 +02:00
Joas Schilling
09747b296a
Add meta information to emails for better customisation 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-24 17:54:22 +02:00