Commit graph

12698 commits

Author SHA1 Message Date
Morris Jobke
27ba46c40e Merge pull request #1890 from nextcloud/downstream-25428
fixing php 32 bit (arm) filemtime on large file issue (#18971) (#25428)
2016-10-25 14:44:27 +02:00
Morris Jobke
c0adc3c2cf Merge pull request #1883 from nextcloud/downstream-26145
Storage 503 message improvements
2016-10-25 13:19:46 +02:00
Lukas Reschke
324e5b02ba Merge pull request #1902 from nextcloud/fix-largefile-helper-not-existent
Remove not existent function call
2016-10-25 12:25:41 +02:00
Lukas Reschke
62bb991050
Add check for linux os
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 12:01:03 +02:00
Lukas Reschke
459477e2c3
Move function to LargeFileHelper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 12:00:57 +02:00
Boris Rybalkin
cfc0d9249b
fixing php 32 bit (arm) filemtime on large file issue (#18971) (#25428)
* fixing php 32 bit (arm) filemtime on large file issue (#18971)

* cast to int
2016-10-25 11:43:17 +02:00
Lukas Reschke
df3444493b
Remove not existent function call
- Removes a not existent function call
- Removes a fallback for Windows

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-25 11:37:16 +02:00
Nextcloud bot
e23a298a81
[tx-robot] updated from transifex 2016-10-25 09:36:09 +00:00
Lukas Reschke
740ff9108b Merge pull request #1884 from nextcloud/downstream-26292
Fix logClientIn for non-existing users (#26292)
2016-10-25 11:24:13 +02:00
Joas Schilling
890f752a6b Merge pull request #1452 from nextcloud/appconfig-endpoint
Appconfig endpoint
2016-10-25 10:57:48 +02:00
Lukas Reschke
79706e0ddc Merge pull request #1283 from nextcloud/us_files-ui-webdav-upload
Use Webdav PUT for uploads
2016-10-25 10:31:03 +02:00
Vincent Petry
6d1e858aa4
Fix logClientIn for non-existing users (#26292)
The check for two factor enforcement would return true for non-existing
users. This fix makes it return false in order to be able to perform
the regular login which will then fail and return false.

This prevents throwing PasswordLoginForbidden for non-existing users.
2016-10-25 09:34:27 +02:00
Morris Jobke
ee8b8adf7a
Update autoload files 🙈
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 21:50:22 +02:00
Roeland Jago Douma
e73a11d106
Fix permision mask
If we move a file from the temp part file to the original file we don't
need update permissions.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Morris Jobke
8a231a4223 Merge pull request #1829 from nextcloud/downstream-26256
Fix login page handling for disabled users
2016-10-24 21:35:53 +02:00
Morris Jobke
ced3aeacb1
dump autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 21:31:03 +02:00
Morris Jobke
567e28b01a Merge pull request #1885 from nextcloud/downstream-26295
App dependencies are now analysed on app enable as well - not only on…
2016-10-24 21:26:50 +02:00
Roeland Jago Douma
72b5206c44 Merge pull request #1886 from nextcloud/downstream-26385
Remove checks about running on Windows
2016-10-24 21:15:54 +02:00
Morris Jobke
f920153f16
Throw exception because the logger causes session issues anyway that early in the request cycle
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 21:14:44 +02:00
Jörn Friedrich Dreyer
2e0e68b57f
log error when setting timezone to UTC fails (#26354)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:14:40 +02:00
Jörn Friedrich Dreyer
817729dc3f
add upgrade command before repair, handle NeedsUpgradeExcaption better 2016-10-24 17:52:49 +02:00
Lukas Reschke
38b3ac8213
Add ContentSecurityPolicyNonceManager
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 16:35:31 +02:00
RealRancor
14b1d946a8
Remove checks whether OC is running on Windows pt. 2 2016-10-24 16:12:17 +02:00
Thomas Müller
03ec052b4e
App dependencies are now analysed on app enable as well - not only on app install. 2016-10-24 15:59:46 +02:00
Vincent Petry
44cf67accd
Storage 503 message improvements
"Storage not available" is now "Storage temporarily not available".
Exceptions are now logged in DEBUG level, not FATAL.
2016-10-24 15:43:15 +02:00
Lukas Reschke
9e6634814e
Add support for CSP nonces
CSP nonces are a feature available with CSP v2. Basically instead of saying "JS resources from the same domain are ok to be served" we now say "Ressources from everywhere are allowed as long as they add a `nonce` attribute to the script tag with the right nonce.

At the moment the nonce is basically just a `<?php p(base64_encode($_['requesttoken'])) ?>`, we have to decode the requesttoken since `:` is not an allowed value in the nonce. So if somebody does on their own include JS files (instead of using the `addScript` public API, they now must also include that attribute.)

IE does currently not implement CSP v2, thus there is a whitelist included that delivers the new CSP v2 policy to newer browsers. Check http://caniuse.com/#feat=contentsecuritypolicy2 for the current browser support list. An alternative approach would be to just add `'unsafe-inline'` as well as `'unsafe-inline'` is ignored by CSPv2 when a nonce is set. But this would make this security feature unusable at all in IE. Not worth it at the moment IMO.

Implementing this offers the following advantages:

1. **Security:** As we host resources from the same domain by design we don't have to worry about 'self' anymore being in the whitelist
2. **Performance:** We can move oc.js again to inline JS. This makes the loading way quicker as we don't have to load on every load of a new web page a blocking dynamically non-cached JavaScript file.

If you want to toy with CSP see also https://csp-evaluator.withgoogle.com/

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-24 12:27:50 +02:00
Morris Jobke
169faf8c32
Remove sensible information from exception message
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-24 11:42:04 +02:00
Olivier Mehani
19ad058d06
Add message to NotSquareException thrown from Avatar
This prevents cryptic messages such as the following, from `user_ldap`:

     Could not set avatar for uid=user,ou=People,dc=example,dc=net, because:

Signed-off-by: Olivier Mehani <shtrom@ssji.net>

Add message to NotPermittedException thrown from Files\Nodes\Folder

Ditto.

Don't use translation macros here as this seems to be pretty low-level
errors that generally get caught and prettified, and I don't want to
unduly clog down the lower layers.

Signed-off-by: Olivier Mehani <shtrom@ssji.net>

fixup! Add message to NotPermittedException thrown from Files\Nodes\Folder
2016-10-24 11:27:27 +02:00
Roeland Jago Douma
ab91fa2660 Merge pull request #1820 from nextcloud/4byte-filenames
Allow 4byte unicode filenames on supported platforms
2016-10-24 10:38:25 +02:00
Roeland Jago Douma
7998689bc9
Added method to DB and fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 09:45:04 +02:00
Lukas Reschke
1be6213ba4 Merge pull request #1832 from nextcloud/select2-into-core
Select2 into core
2016-10-22 14:35:07 +02:00
John Molakvoæ
3e5e07aa64
Template css order
Select2 systemtags removal
Settings again
Fix Script

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2016-10-21 16:56:31 +02:00
Joas Schilling
0b1fb180a5
Make AppConfig part of the public API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-21 09:09:23 +02:00
Morris Jobke
2799b0a821 Merge pull request #1835 from nextcloud/downstream-24948
Move OC\Files\Storage\Shared to the right namespace
2016-10-20 23:48:15 +02:00
Vincent Petry
9e9fef46d9
Get rid of very old oc:// stream wrapper (#26381) 2016-10-20 20:46:30 +02:00
Morris Jobke
d9aeee2aa1 Merge pull request #1826 from nextcloud/downstream-26391
Fix post_unshareFromSelf hook parameter format
2016-10-20 20:44:05 +02:00
Vincent Petry
fca8bd44ab
Fix shared storage namespace in DecryptAll class 2016-10-20 20:36:50 +02:00
Joas Schilling
246bb9f33d
Move OC\Files\Storage\Shared to the right namespace 2016-10-20 20:27:44 +02:00
Sergio Bertolín
0417cbafd0
Changed request to not add a prefix to the url (#26256)
* Changed request to not add a prefix to the url

* Expecting forbidden instead of service unavailable

* Handling login exceptions
2016-10-20 17:21:08 +02:00
Vincent Petry
d4976e5554
Fix post_unshareFromSelf hook parameter format
When unsharing from self in a group share situation, the share items
passed to the post_unshareFromSelf hook were using the wrong format in
which the attribute names (ex: "share_type") have non camel-case format.

This fix makes sure that in group sharing case we use the correct
format. It looks like the code was already producing it but in
array_merge it was not using it and adding the unprocessed one.
2016-10-20 16:09:08 +02:00
Thomas Müller
ef842ef20a
Ensure $commands being an array - fixes #26073 2016-10-20 15:40:27 +02:00
Robin Appelman
3a8e75a814
Allow 4byte unicode filenames on supported platforms
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-20 14:26:09 +02:00
Joas Schilling
cf2d1b2427
Move federated share notifications to ROS
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:59 +02:00
Joas Schilling
b35d2fd8f2
Allow rich object subjects for Notifications
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:59 +02:00
Joas Schilling
2098648850
Add Rich Object Definitions and a validator
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-20 12:14:51 +02:00
Morris Jobke
f7ca3ec201
Remove unneeded compatibility polyfills
- `Object.create` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/create#Browser_compatibility
- `Object.keys` supported with IE9+: https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/Object/keys#Browser_compatibility
- `Array.prototype.filter` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/filter#Browser_compatibility
- `Array.prototype.indexOf` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/indexOf#Browser_compatibility
- `Array.prototype.map` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/map#Browser_compatibility
- `Function.prototype.bind` supported in IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/bind#Browser_compatibility
- `String.prototype.trim` supported with IE9+: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/Trim#Browser_compatibility
- `outerHTML` supported with Firefox 11+: https://developer.mozilla.org/en-US/docs/Web/API/Element/outerHTML#Browser_compatibility
- `window.devicePixelRatio` supported in IE11+: http://caniuse.com/#feat=devicepixelratio

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 10:17:18 +02:00
Morris Jobke
a8cf110ec6
Remove unneeded placeholder polyfill
* placeholders are supported in IE11+
* http://caniuse.com/#feat=input-placeholder

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-20 00:00:25 +02:00
Arthur Schiwon
5d98ab83e9
resolve displayname via manager and registerable resolvers
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:34:00 +02:00
Arthur Schiwon
fea3e20a80
move mention extraction to (I)Comment and report mentions via DAV
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-19 00:33:55 +02:00
Joas Schilling
64c9ef96c4
Fix like queries in the QueryBuilder
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Joas Schilling
15bbe02106
Ignore failures of collation change in the pre update step
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Joas Schilling
9356a0e583
Correctly save and pass on the charset
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-19 00:15:01 +02:00
Thomas Müller
a7245ea082
Fixing ctor call 2016-10-19 00:15:01 +02:00
Morris Jobke
cc28f82b36
Add config option to update charset of mysql to utf8mb4
* fully optional
* requires additional options set in the database
2016-10-19 00:15:01 +02:00
Lukas Reschke
c55a737b26 Merge pull request #1734 from nextcloud/setvalue_opt
AllConfig setUserValue opt
2016-10-18 17:16:25 +02:00
Morris Jobke
deb59d3d48 Merge pull request #1722 from nextcloud/hide-storage-warnings
hide storage wrapper warning for the readonly storage
2016-10-18 16:15:52 +02:00
Nextcloud bot
943d9737e4
[tx-robot] updated from transifex 2016-10-18 00:06:51 +00:00
Morris Jobke
96f8f209b9 Merge pull request #1449 from nextcloud/comments-user-mention
Notifications for simple @-mentioning in comments
2016-10-17 09:30:47 +02:00
Nextcloud bot
00ed841559
[tx-robot] updated from transifex 2016-10-15 00:06:56 +00:00
Lukas Reschke
62e19dfa80 Merge pull request #1441 from nextcloud/getby-id-less-queries
optimize Folder::getById to use less queries
2016-10-14 15:18:23 +02:00
Christoph Wurst
53eb0f7f42 Merge pull request #1037 from nextcloud/no-double-token-update
dont update the auth token twice
2016-10-14 14:53:17 +02:00
Roeland Jago Douma
77272ea52d
Use cache to determine if value need to be updated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-13 19:40:40 +02:00
Morris Jobke
4d2835802f
hide storage wrapper warning for the readonly storage
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-13 14:37:31 +02:00
Nextcloud bot
9aae4a0d02
[tx-robot] updated from transifex 2016-10-13 00:07:02 +00:00
Arthur Schiwon
1bcd2ca8e3
emit pre-update event for comments
* notifications can be cleaned up, no polluted DB
* updating comments will re-notify users or remove notifications, depending on the message

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 18:06:22 +02:00
Robin Appelman
1484d01ff6
explicitly cast to int
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:39 +02:00
Robin Appelman
240538d9e6
reuse share node when creating a share
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:36 +02:00
Robin Appelman
37eded7e7c
Always unlock node after trying to create a share
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:29 +02:00
Robin Appelman
0d842e0550
optimize Folder::getById to use less queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-12 16:12:28 +02:00
Thomas Müller
c5ca71ee82
[9.2] Register commands in info.xml (#26248)
* Use DI to load console commands from the apps - class name to be defined in the info.xml

* Load commands from info.xml

* Fix unit test

* Allow Di magic for IMountManager

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-11 19:48:26 +02:00
Robin Appelman
25ed6714c7
dont update the auth token twice
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-10-11 11:05:25 +02:00
Joas Schilling
356ac5d42f
Add app name to the call
Regression from 69b063f4c6

Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-10 16:34:14 +02:00
Roeland Jago Douma
2dcd97bf14 Merge pull request #1672 from nextcloud/cache_non_exisiting_db_user
Cache non existing DB user
2016-10-10 10:52:07 +02:00
Christoph Wurst
a0cb809342 Merge pull request #1660 from nextcloud/add-notification-icon-to-api
Add an icon to the notification API
2016-10-10 09:32:34 +02:00
Roeland Jago Douma
1273d82e8b
Cache non existing DB user
We always query the database backend. Even if we use a different one
(ldap for example). Now we do this everytime we try to get a user object
so caching that a user is not in the DB safes some queries on each
request then (at least 2 what I found).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 09:30:36 +02:00
Morris Jobke
e5fd9c1e1a Merge pull request #1640 from nextcloud/less_queries_group_share
More efficient group share resolving
2016-10-10 09:26:11 +02:00
Morris Jobke
195fc041da Merge pull request #1663 from nextcloud/dont-reparse-info-xml
Dont reparse info xml + cache AppInfo XML
2016-10-10 09:22:43 +02:00
Morris Jobke
8920c87dce Merge pull request #1658 from nextcloud/fix-log.condition
Default to empty string
2016-10-09 23:39:09 +02:00
Morris Jobke
38104241a2 Merge pull request #1665 from nextcloud/speed-up-is-subdirectory-test
Simplify isSubDirectory check
2016-10-09 23:36:42 +02:00
Nextcloud bot
0beecbf2c5
[tx-robot] updated from transifex 2016-10-08 00:06:50 +00:00
Lukas Reschke
0245dd7221
Simplify isSubDirectory check
Shaves off another 9ms per request as can be seen at https://blackfire.io/profiles/compare/dd54cef3-e58d-4a22-b8f4-c7c4b70697be/graph

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:56:43 +02:00
Lukas Reschke
0c2b17c80f
Cache AppInfo in Memory Cache if configured
This saves around 20ms on a bare-bone instance, on bigger ones more (depending on the number of installed apps).

See https://blackfire.io/profiles/compare/fc326ad3-100d-49b8-8ea9-8343240f53f3/graph

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-07 21:29:23 +02:00
Thomas Müller
67d3574bdf
Don't parse info.xml but reuse already cached app infos - fixes #25603 (#25968)
* Don't parse info.xml but reuse already cached app infos - fixes #25603

* Use === in InfoParser. Fixes test

* InfoParser should not depend on UrlGenerator - fixes issue with session being closed too early
2016-10-07 20:58:22 +02:00
Arthur Schiwon
522b053466
update autoloading map
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 17:11:23 +02:00
Arthur Schiwon
e1073cf442
Notificacations for simple @-mentioning in comments
(WIP) notify user when mentioned in comments

Fix doc, and create absolute URL for as notification link.

PSR-4 compatibility changes

also move notification creation to comments app

Do not notify yourself

unit test for controller and application

smaller fixes

- translatable app name
- remove doubles in mention array
- micro perf optimization
- display name: special label for deleted users, keep user id for users that could not be fetched from userManager

Comment Notification-Listener Unit Test

fix email adresses

remove notification when triggering comment was deleted

add and adjust tests

add missing @license tags

simplify NotificationsController registration

appinfo simplification, php docs

make string easier to translate

adjust test

replace dispatcher-based listeners with a registration method and interface

safer to not pass optional data parameter to setSubject for marking as processed. ID and mention suffices

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

update comment

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 17:11:19 +02:00
Joas Schilling
c77933ca22
Add an icon to the notification API
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-07 17:00:24 +02:00
Lukas Reschke
ab4353457d
Default to empty string
Otherwise `null` is returned which leads to a ton of similar error messages if the log condition setting is enabled.:

```
{"reqId":"3wVBarnDfOV3qkI1bVCU","remoteAddr":"89.98.78.41","app":"PHP","message":"hash_equals(): Expected user_string to be a string, null given at \/var\/www\/html\/lib\/private\/Log.php#275","level":3,"time":"2016-10-07T14:22:15+00:00","method":"PROPFIND","url":"\/remote.php\/webdav\/","user":"icewind"}
```
2016-10-07 16:23:05 +02:00
Morris Jobke
c4b2639585 Merge pull request #1514 from nextcloud/integration-tests-orphaned-shares
Integration tests orphaned shares + Prefilter inaccessible shares
2016-10-06 22:58:56 +02:00
Roeland Jago Douma
990f4a182d
More efficient group share resolving
When resolving a group share to the user group share we used to do this
on a per share basis. Now we try to do this for all group shares at
once. Of course still chunked.

Before: N incomming group shares this would mean 1 + N queries
Now: N incomming roups shares this would mean 1 + 1 queries

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-06 19:31:28 +02:00
Joas Schilling
a0b34dfd2f Merge pull request #1629 from nextcloud/cleanup-settings-application
Cleanup settings Application class
2016-10-06 16:57:39 +02:00
Vincent Petry
626daabb56
Prefilter inaccessible shares in DefaultShareProvider::getSharedWith()
The DefaultShareProvider now does a DB-level check to find out whether
file_source is accessible at all (deleted file) or whether it's in the
trashbin of a home storage.

One small corner case where the home storage id is in md5 form cannot
be covered properly with this approach.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-10-06 13:57:58 +02:00
Morris Jobke
0eb992062a log version number in each log line
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-06 12:42:46 +02:00
Lukas Reschke
ea9b1cc340 Merge pull request #1306 from nextcloud/simplefs
Introducing AppData
2016-10-06 09:25:15 +02:00
Morris Jobke
316db0a97b add proper exception documentation for ISimpleFS interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-10-05 23:47:00 +02:00
Lukas Reschke
da0d0d82c8 Merge pull request #1586 from nextcloud/issue-1466-fix-multi-translation-names-and-descriptions
Allow multiple names and description
2016-10-05 19:06:22 +02:00
Joas Schilling
8b3deb00b3
When we can not create the class, try if the variable is a registered service
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-05 16:33:19 +02:00
Roeland Jago Douma
a7be37d735
DI fails for bg job
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:17 +02:00
Roeland Jago Douma
2578a81573
Fix repair
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
537af9bedd
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00
Roeland Jago Douma
735abbc8fb
Use a backgroundjob to move avatars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-05 11:00:16 +02:00