Commit graph

1009 commits

Author SHA1 Message Date
Lukas Reschke
6dc59019af Merge pull request #14346 from owncloud/storage-based-path-validation
adding storage specific filename verification
2015-03-10 11:02:47 +01:00
Thomas Müller
214fa44400 Merge pull request #14534 from owncloud/add-child-src
Add support for 'child-src' directive
2015-03-10 10:30:44 +01:00
Thomas Müller
3623f14e73 no translation service in common storage class 2015-03-09 10:38:38 +01:00
Thomas Müller
e28d314b53 deprecate isValidFileName() 2015-03-09 10:38:38 +01:00
Thomas Müller
4bac595068 adding storage specific filename verification - refs #13640 2015-03-09 10:38:37 +01:00
Lukas Reschke
cdced56f2b Fix PHPDoc
That apparently went lost when changing the signature.
2015-03-04 15:35:41 +01:00
Joas Schilling
b669bf26d6 Fix the behaviour of getLanguageCode() to match the expectation of the name 2015-03-03 16:47:31 +01:00
Lukas Reschke
b29940d956 Add support for 'child-src' directive
This is required when working with stuff such as PDF.js in the files_pdfviewer application. Opt-in only.

Master change only because the stable CSP policies has a failback that allows nearly anything 🙈
2015-02-28 12:27:46 +01:00
Bernhard Posselt
970b14d297 Merge pull request #13616 from owncloud/streamresponse
AppFramework StreamResponse
2015-02-27 15:43:01 +01:00
Bernhard Posselt
95239ad21e AppFramework StreamResponse
First stab at the StreamResponse, see #12988

The idea is to use an interface ICallbackResponse (I'm not 100% happy with the name yet, suggestions?) that allow the response to output things in its own way, for instance stream the file using readfile

Unittests are atm lacking, plan is to

check if a mock of ICallbackResponse will be used by calling its callback (also unhappy with this name) method
Usage is:

$response = new StreamResponse('path/to/file');

rename io to output, add additional methods and handle error and not modified cases when using StreamResponse

fix indention and uppercasing, also handle forbidden cases

fix indention

fix indention

no forbidden, figuring out if a file is really readable is too complicated to get to work across OSes and streams

remove useless import

remove useless import

fix intendation
2015-02-27 15:42:33 +01:00
Joas Schilling
3a6a0501c4 Add "throws" lines to calling methods and interface aswell 2015-02-27 12:16:53 +01:00
Thomas Müller
f72f9e0159 Merge pull request #14530 from owncloud/revert-14403
Revert "Updating license headers"
2015-02-27 00:39:29 -08:00
Morris Jobke
0c1e6fad6c Merge pull request #14300 from owncloud/commandbus
Add async command system to handle asynchronous operations
2015-02-26 15:10:13 +01:00
Morris Jobke
06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Thomas Müller
c62eb9d652 owncloud -> ownCloud 2015-02-25 22:21:24 +01:00
Bernhard Posselt
4e29a4d867 deprecate getters for deprecated class 2015-02-25 22:21:24 +01:00
Bernhard Posselt
7b2fdbfb0b use IDBConnection and close cursors after insert/update/delete 2015-02-25 22:21:24 +01:00
Bernhard Posselt
fb84e7d282 migrate to IDBConnection 2015-02-25 22:21:24 +01:00
Robin Appelman
bf65b1f18b Rename getAsyncCommandBus to getCommandBus 2015-02-25 15:09:41 +01:00
Robin Appelman
8213f8d67d Allow apps to determine which commands should be run synchronous based on traints 2015-02-25 15:09:41 +01:00
Robin Appelman
74ae7b8929 Add async command system to handle asynchronous operations 2015-02-25 15:08:40 +01:00
Lukas Reschke
d43d34c93f Merge pull request #14195 from owncloud/activity-manager-performance-improvements
Activity manager performance improvements
2015-02-24 15:19:15 +01:00
Vincent Petry
4290e1990e Merge pull request #13829 from owncloud/appmanager-list
Better caching for enabled apps
2015-02-23 16:03:32 +01:00
Jenkins for ownCloud
6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Lukas Reschke
fcc5f5a4f4 Merge pull request #13777 from owncloud/close-cursor
Close cursor for appframework and manipulation queries if applicable
2015-02-20 20:15:22 +01:00
Clark Tomlinson
8d09cc3b91 Merge pull request #13989 from owncloud/enhancment/security/11857
Allow AppFramework applications to specify a custom CSP header
2015-02-18 10:27:29 -05:00
Robin Appelman
04628cf368 better name for getAppsEnabledForUser 2015-02-17 15:05:29 +01:00
Lukas Reschke
9f91d64918 Make scrutinizer happy 2015-02-16 22:13:00 +01:00
Lukas Reschke
886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Joas Schilling
f808acd317 Add visibility to interface to make scrutinizer 1 step happier 2015-02-16 17:46:43 +01:00
Robin Appelman
2b58e8489f Add getInstalledApps and getAppsForUser to the app manager 2015-02-16 15:15:35 +01:00
Lukas Reschke
a9d1a01440 Rename to allowEval 2015-02-16 12:30:21 +01:00
Lukas Reschke
b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00
Lukas Reschke
025110821f URLEncode logout attribute
Otherwise logout can fail if the requesttoken contains a +
2015-02-13 12:08:23 +01:00
Joas Schilling
6c349c00bb Order methods to by grouped by their task 2015-02-13 11:55:06 +01:00
Lukas Reschke
86139fcce8 Deprecate OC_JSON and OCP\JSON
This deprecates – but not removes – those two classes and all functions in it. There is no reason that new developments should use those methods as with the AppFramework there is a replacement that allows testable code.

With the `@deprecated` annotation IDEs like PHPStorm will point out to the developer that a functionality is deprecated and that there is a better suited replacement.
2015-02-12 00:56:13 +01:00
Morris Jobke
1bb6de7c1b Merge pull request #13425 from owncloud/phpdoc_cleanup
Cleanup of PHPDoc return types
2015-02-10 01:14:00 +01:00
Vincent Petry
5296767393 Merge pull request #13921 from owncloud/ocs-af
Add a controller and reponse for ocs
2015-02-09 18:11:47 +01:00
Lukas Reschke
47c7eb4e70 Merge pull request #13973 from owncloud/enhancement/security/13366
Respect `mod_unique_id` and refactor `OC_Request::getRequestId`
2015-02-09 17:35:19 +01:00
Lukas Reschke
770fa761b8 Respect mod_unique_id and refactor OC_Request::getRequestId
When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.

Testplan:

- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request

Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.

Fixes https://github.com/owncloud/core/issues/13366
2015-02-09 11:53:11 +01:00
Bernhard Posselt
b89ddcfe41 fix license email 2015-02-05 14:09:01 +01:00
Bernhard Posselt
fdc64e370c add a controller and reponse for ocs 2015-02-05 14:02:17 +01:00
Robin Appelman
c644ed89a7 Add a better way to check if an avatar exists for the user 2015-02-03 14:54:06 +01:00
Bernhard Posselt
37e8969d34 ignore cursorclosing 2015-01-29 19:16:28 +01:00
Vincent Petry
acec40fe5a Merge pull request #13561 from owncloud/trash-finaldeletewhencrossstoragefix
Call final unlink in trash wrapper's storage
2015-01-27 17:05:38 +01:00
Vincent Petry
12867b9c78 Fix return type of addStorageWrapper in PHPDoc 2015-01-27 16:41:43 +01:00
Thomas Müller
956de27e94 Merge pull request #13676 from owncloud/fix-node-iface
Fix node interface
2015-01-27 09:34:59 +01:00
Bernhard Posselt
b8769802df fix node interface 2015-01-26 15:58:41 +01:00
Joas Schilling
c61e9f3912 Add a method to set/unset multiple config values in one call
This reduces the number of file writes we do for config.php and therefor
hopefully helps lowering the chances for empty config.php files
2015-01-23 11:00:53 +01:00
Vincent Petry
6fb553e92c Do not call wrapStorage if storate with same name added twice 2015-01-22 16:24:24 +01:00