Commit graph

40609 commits

Author SHA1 Message Date
Nextcloud bot
194f880073
[tx-robot] updated from transifex 2017-09-08 00:08:16 +00:00
Lukas Reschke
bab313da5d Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-token
Fix failing csp/nonce check due to timed out session
2017-09-07 19:51:59 +02:00
Lukas Reschke
3bd6b2a0b3 Merge pull request #6379 from nextcloud/ensure-password-complexity
Make sure the password contains special characters
2017-09-07 14:12:35 +02:00
Lukas Reschke
11c7a98a2a Merge pull request #6380 from nextcloud/cleanup-oci-setup
cleanup oci setup code
2017-09-07 14:11:55 +02:00
Joas Schilling
5a257cec63
Make sure the password contains special characters
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-07 12:47:55 +02:00
Morris Jobke
c58853d223 Merge pull request #6398 from nextcloud/revert-6394-navigation-mail-fix
Revert "Fix active entry highlight in certain apps"
2017-09-07 09:35:53 +02:00
Morris Jobke
17d980cb9c Revert "Fix active entry highlight in certain apps" 2017-09-07 09:35:44 +02:00
Morris Jobke
5184f3a7b4 Merge pull request #6394 from nextcloud/navigation-mail-fix
Fix active entry highlight in certain apps
2017-09-07 09:30:15 +02:00
Morris Jobke
485e22acde Merge pull request #6329 from nextcloud/ldap-password
Don't log LDAP password when server is not available
2017-09-07 09:25:56 +02:00
Roeland Jago Douma
daf3db8de6 Merge pull request #6381 from nextcloud/fix-error-message
Fix "Uninitialized string offset: 0 at \/media\/psf\/stable9\/lib\/pr…
2017-09-07 09:25:17 +02:00
Lukas Reschke
0bccd5a0d9
Fix "Uninitialized string offset: 0 at \/media\/psf\/stable9\/lib\/private\/URLGenerator.php#224"
The URLGenerator doesn't support `` as target for absolute URLs, we need to link to `/` thus.

Regression introduced with 46229a00f3

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-07 08:34:02 +02:00
Jan-Christoph Borchardt
55f67ff7e7 Fix active entry highlight in certain apps
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-09-07 02:45:12 +02:00
Nextcloud bot
9959560649
[tx-robot] updated from transifex 2017-09-07 00:08:23 +00:00
Morris Jobke
d84a20e8fd Merge pull request #6332 from lukanetconsult/hotfix/6028-realpath-on-webroot
Refactor webroot detection in resource locator
2017-09-06 22:51:31 +02:00
Morris Jobke
8e6d86a862 Merge pull request #5304 from nextcloud/bugfix/2855/dont_send_invitations_for_past_events
don't send invitation emails for past events
2017-09-06 22:48:46 +02:00
tux-rampage
7a33b9273e Refactor webroot detection in resource locator
The current implementation breaks installations with symlinks to
directories inside the webroot (i.E. apps).

With this change both variants, directory and symlinks, will be detected
correctly.

Fixes: #6028
Signed-off-by: Axel Helmert <axel.helmert@luka.de>
2017-09-06 21:32:48 +02:00
Morris Jobke
a10c4517cb Merge pull request #5571 from Luzifer/5570_backend_admin
Allow group backend to declare users as admins
2017-09-06 19:50:52 +02:00
Morris Jobke
6be8642c59 Merge pull request #6377 from nextcloud/fix-included-file
Properly include file
2017-09-06 19:50:01 +02:00
Morris Jobke
392e64395a Merge pull request #6247 from nextcloud/oauth-state-undefined
Fix undefined index oauthState
2017-09-06 19:47:24 +02:00
Morris Jobke
d09bf0b9ff Merge pull request #6384 from nextcloud/failed-storage-tests
adjust tests to new failed storage handling
2017-09-06 19:12:45 +02:00
Robin Appelman
ccc41aeddd
adjust tests to new failed storage handling
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 17:12:19 +02:00
Morris Jobke
5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Joas Schilling
b68609d0cf
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-06 16:38:55 +02:00
Morris Jobke
444779ce96
Fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-06 16:38:24 +02:00
Morris Jobke
504c1abee0
Fix undefined index oauthState
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-06 16:38:24 +02:00
Robin Appelman
2c0efae30f
cleanup oci setup code
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-06 15:55:05 +02:00
Lukas Reschke
033d2de002
Properly include file
Regression from 005ef115fb

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-06 15:35:38 +02:00
Morris Jobke
6f7d200838 Merge pull request #6370 from nextcloud/fix-alternative-logins
Fix layout of alternative login buttons
2017-09-06 10:22:04 +02:00
Morris Jobke
f5aea79bd7
Fix layout of alternative login buttons
* fixes #6367

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-06 10:21:11 +02:00
Morris Jobke
1724fed8c5 Merge pull request #5415 from nextcloud/search-cache-node
cache nodes from search results
2017-09-06 10:16:01 +02:00
Nextcloud bot
9d930210ee
[tx-robot] updated from transifex 2017-09-06 00:08:21 +00:00
Joas Schilling
521ede8f5f
Allow translations of the comments activity in the emails too
Message and object data is not available on emails atm,
so we can not use them either...

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-05 18:10:32 +02:00
Morris Jobke
15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Knut Ahlers
586cefc4f1
Add @since tag to constant
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-09-05 15:49:13 +02:00
Morris Jobke
4e3c39c1d1
Fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-05 13:55:36 +02:00
Morris Jobke
cebbb1633a Merge pull request #5642 from tobru/fix/groupOfUniqueNames_in_Wizard
recognize groupOfUniqueNames as valid LDAP group object
2017-09-05 13:33:15 +02:00
Georg Ehrke
a1df91da9d
Sabre/VObject returns DateTimeImmutable, not a simple DateTime
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Georg Ehrke
86f28669fc
don't send invitation emails for past events
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-09-05 13:13:37 +02:00
Roeland Jago Douma
b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Nextcloud bot
6be5dc91cb
[tx-robot] updated from transifex 2017-09-05 00:08:24 +00:00
Morris Jobke
ff93dd7eb1 Merge pull request #5466 from jlehtoranta/ldap-connectivity-fixes
LDAP Connectivity Fixes
2017-09-04 18:31:32 +02:00
Christoph Wurst
87aeae21e3
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-04 17:29:26 +02:00
Joas Schilling
dea011243e
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 17:01:31 +02:00
Morris Jobke
91fc25c28c Merge pull request #6082 from nextcloud/theming-fix-white-element-color
Use separate element color in theming
2017-09-04 15:43:06 +02:00
Morris Jobke
e0c92c2da3
Update autoloader
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 15:42:34 +02:00
Joas Schilling
6dbb64c4a2
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 15:07:41 +02:00
Joas Schilling
95ecab0356
Set the meta data before everything
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 14:46:05 +02:00
Julius Härtl
63d1da50b4
Cleanup theming styles to fit the new login page
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-04 14:31:57 +02:00
Julius Härtl
8f10cee3ff
Fix tests for primary element color
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-04 14:30:46 +02:00
Julius Härtl
da5662c454
Use separate element color in theming
This way we can use a grey color when the primary color is to bright

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-09-04 14:30:46 +02:00