Daniel Kesselberg
51f0651d68
Run setupchecks when #security-warnings is present
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-01-05 16:29:57 +01:00
Julius Härtl
a3be286273
Make setup check also pass with a 501 status
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-12-19 07:41:25 +01:00
Roeland Jago Douma
a915594b03
Merge pull request #12734 from nextcloud/feature/noid/check-nginx-woff2
...
Add check for missing .woff2 rule in Nginx via setup check
2018-11-29 19:36:56 +01:00
Morris Jobke
f5894b653d
Add check for missing .woff2 rule in Nginx via setup check
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-11-29 17:01:43 +01:00
Daniel Kesselberg
92675a606e
Add sendmailmode to gui
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-29 16:02:36 +01:00
Rinat Gumirov
5aca24f3bd
expire share days in settings validate
...
Signed-off-by: Rinat Gumirov <rinat.gumirov@mail.ru>
2018-10-31 00:15:41 +05:00
Daniel Calviño Sánchez
20a5ce217a
Add check for well known URL of WebFinger in the settings overview
...
If the WebFinger service is not set in Nextcloud configuration no check
is performed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-10-10 14:12:10 +02:00
Morris Jobke
b8d54bd53a
Fix a misleading setup check for .well-known/caldav & carddav
...
The problem is that the version without the slash is the correct one.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-10 10:41:02 +02:00
Daniel Calviño Sánchez
fe30653194
Fix "checkWellKnownUrl" not being run
...
The check is run only if its last parameter is true; data() tries to
convert the HTML attribute string to an actual JavaScript value, so
"true" is returned as an actual boolean instead of an string; as a
strict comparison against "true" was used the result was false and thus
the checks were not run.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-09-27 15:39:26 +02:00
Julius Härtl
5a20ac7df2
Add warning state to setup checks
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-06-06 17:34:38 +02:00
Julius Härtl
6afe3e42f3
Add visual indicator for setup checks
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-06-06 17:34:37 +02:00
Morris Jobke
0d5142be70
Show a link to the docs instead of a button on the untrusted domain page
...
Before there was a button to "quickly" add the untrusted domain to the config. This button often didn't worked, because the generated URL was often untrusted as well. Thus removing it and providing proper docs seems to be the better approach to handle this rare case.
Also the log should not be spammed by messages for the untrusted domain accesses, because they are user related and not necessarily an administrative issue.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-04-17 17:47:11 +02:00
Bjoern Schiessle
1615312bf1
add share permissions to settings page
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-02-27 12:29:25 +01:00
Joas Schilling
e938663329
Don't send the test mail twice
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-24 12:50:29 +02:00
Joas Schilling
a5b4308a51
Don't put the SMTP password into the HTML code
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 15:44:20 +02:00
Joas Schilling
beb3f92c4d
Remove the double password confirmation on changing cron
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-13 15:52:16 +01:00
Joas Schilling
62855c08ff
Require confirmation when changing the email settings
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:50 +01:00
Joas Schilling
247b7f37ce
Color the trusted domain to alert the admin a bit more
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-31 12:22:21 +01:00
Joas Schilling
103bf6dd28
Switch to public API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:26 +02:00
Joas Schilling
0b1fb180a5
Make AppConfig part of the public API
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:23 +02:00
Morris Jobke
6bb95de1c5
Adding a optional disclaimer to the anonymous upload page
2016-09-08 18:44:27 +02:00
Morris Jobke
cf79417490
Use tooltip for background job execution time
2016-07-13 09:59:42 +02:00
Christoph Wurst
e4a8456d01
replace $().attr('checked') by $().prop('checked', state) or $().is(':checked')
2016-04-19 16:20:17 +02:00
Roeland Jago Douma
35024beb9c
Add allow sharing with groups
checkbox to admin page
2016-03-22 17:13:34 +01:00
Vincent Chan
faf48e42b7
Move data protection check to javascript
...
fixes #20199
2016-02-01 18:57:58 +01:00
Morris Jobke
8b6b042ffd
Add config switch to disable the .well-known URL check
2016-01-12 09:53:23 +01:00
Lukas Reschke
f4c04c5f28
Concat also the other results
...
Otherwise this will ignore the two last checks 🙊
2016-01-10 11:39:44 +01:00
Morris Jobke
0161928fc3
Add check for .well-known URL in the root of the webservers URL
...
* fixes #20012
2016-01-08 23:27:29 +01:00
Robin McCorkell
6959d5ca22
Properly detect setup check messages set in the HTML template
2015-11-08 00:02:59 +00:00
Thomas Müller
b2dd5cb616
save excluded groups in json format - fixes #10983
2015-10-01 15:37:55 +02:00
Robin McCorkell
2992a1aa88
Merge pull request #18395 from owncloud/hide-empty-security-warning
...
[admin settings] Show success message if security warnings are empty
2015-08-21 11:38:40 +01:00
Morris Jobke
63a1f9afac
add success message
2015-08-21 11:09:01 +02:00
Morris Jobke
e8c3eb7473
Clear cron errors on change of background job mode
...
* fixes #18454
2015-08-20 14:51:28 +02:00
Morris Jobke
70bce7a54a
[admin settings] hide security warnings if empty
...
* fixes #15257
2015-08-18 16:42:25 +02:00
Jan-Christoph Borchardt
12eec397e3
Merge pull request #17975 from owncloud/settings_admin_warning_levels
...
Settings admin warning levels
2015-08-18 13:38:08 +02:00
Roeland Jago Douma
8bde72c4bd
All setup messages are now properly types
2015-07-30 09:57:08 +02:00
Roeland Jago Douma
5d15051da4
Allow setupchecks to specify a warning level
2015-07-30 09:57:08 +02:00
Roeland Jago Douma
15a0f8e433
Do not allow invalid default expire days
...
Currently it is possible to set a negative number of days in which a
public share expires. This results in public sharing not working and it
undesired.
Weird thing is that the API still lets you create shares and gives back
an URL. However the id is "unkown" and the URL invalid.
2015-07-04 06:57:00 +02:00
Bjoern Schiessle
8f1e504d79
adjust wording and add button to confirm encryption
2015-05-05 10:38:09 +02:00
Bjoern Schiessle
6dc3682cc2
don't let the the user disable encryption once it was activated
2015-05-04 13:13:31 +02:00
Clark Tomlinson
1174ad0681
Merge pull request #15445 from owncloud/enc2_migration
...
add migration script from old encryption to new one
2015-04-16 09:34:47 -04:00
Bjoern Schiessle
d2ef73367c
allow user to start migration in admin settings if no external user back-ends are enabled
2015-04-16 14:15:04 +02:00
Jan-Christoph Borchardt
04ca5b8160
remove slow fade animation for remaining tipsy tooltips
2015-04-15 12:25:10 +02:00
Joas Schilling
495562f40c
Move federated cloud sharing, files externals and updater to special positions
2015-03-27 09:38:09 +01:00
Thomas Müller
232518ac54
Merge pull request #15234 from owncloud/encryption2_core
...
core part of encryption 2.0
2015-03-26 21:14:59 +01:00
Bjoern Schiessle
ff9c85ce60
implement basic encryption functionallity in core to enable multiple encryption modules
2015-03-26 20:56:51 +01:00
Jan-Christoph Borchardt
04a4df5065
only show connection checks results if there are errors, fix #11476
2015-03-25 09:34:13 +01:00
Jan-Christoph Borchardt
db02edd7c8
adjust list of errors, more compact and readable
2015-03-06 15:27:21 +01:00
Lukas Reschke
bbd5f28415
Let users configure security headers in their Webserver
...
Doing this in the PHP code is not the right approach for multiple reasons:
1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.
This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Jakob Sack
0efed5c216
Add absolute time of last cronjob as hover tip
2015-02-28 21:48:19 +01:00