* Resolves: https://github.com/nextcloud/server/issues/48629
While the database supports NULL, the typing has always said it only returns *string*.
So to not break any apps that might trust the typings we should return `''` if the database is set to `NULL`.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Currently there is a problem if an exception is thrown in `User::delete`,
because at that point the user is already removed from the backend,
but not all data is deleted.
There is no way to recover from this state, as the user is gone no information is available anymore.
This means the data is still available on the server but can not removed by any API anymore.
The solution here is to first set a flag and backup the user home,
this can be used to recover failed user deletions in a way the delete can be re-tried.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This commit fixes the issue #47856. When you upload a file into a group folder and when you use a single S3 bucket as primary storage, the final move operation hangs for a long time. In the background, Nextcloud initiates a copy-delete sequence from the bucket into the bucket, with causes a lot unnecessary overhead. Nextcloud thinks that the file must be imported to another storage and does not recognize that everything is done on the same object bucket. In that case, the import step can be completely skipped, which saves time, network bandwidth and reduces the load on the object storage.
The behavior improves a lot with https://github.com/nextcloud/server/pull/46013. However, there are still some put messages that are being sent to the object storage when you use an object storage as primary storage and upload files into a group folder.
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Christoph Fiehe <c.fiehe@eurodata.de>
Previously even when the precondition did not match, the call "passed"
when the after value was the expected one. This however can lead to
race conditions, duplicate code excutions and other things.
Signed-off-by: Joas Schilling <coding@schilljs.com>
Renaming is basically copy + delete (a move), so no need to update permissions.
Especially if the node is in a invalid directory the node should be moveable but not editable.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
When checking for public (web) access to the data directory the status is not enough
as you might have a webserver that forwards to e.g. a login page.
So instead check that the content of the file matches.
For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content
to allow checking.
¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
