upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-19 08:25:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
31763 commits 951 branches 1208 tags 8.3 GiB
Commit graph

318 commits

Author SHA1 Message Date
Lukas Reschke
a4cfb3ddc1
Don't print exception message in HTML 
The exception message is potentially influenced by user input and could thus be confusing (e.g. somebody could try to open a file like "Please send a mail to support@foo.com", and then the message would include that string.

It is thus reasonable to not show the exception message by default. Also for the browser view I added an `exit()` at the end, as otherwise the XML exception would be attached.
 2016-09-09 14:17:14 +02:00
Joas Schilling
a69fe583f8
UPDATE permissions qualify for renaming a node 2016-09-08 09:43:12 +02:00
Joas Schilling
338ce725c7
Only require CREATE permissions when the file does not exist yet 2016-09-08 09:41:58 +02:00
Joas Schilling
d8adb48147
Correctly handle multi-values when converting VCards to array 2016-08-31 12:19:16 +02:00
Lukas Reschke
971f22edc5
[stable9] Adding quota plugin to new dav endpoint 
Backport of https://github.com/nextcloud/server/pull/648
 2016-07-29 12:41:53 +02:00
Joas Schilling
ca6a7d9e6a
Run the license script 2016-07-22 09:48:05 +02:00
Thomas Müller
96e2a3a4b2
Cast share id to string (#25402) (#25431) 2016-07-20 15:11:04 +02:00
Joas Schilling
06ac822b71
Use the themed Defaults everywhere 2016-07-15 09:22:44 +02:00
Morris Jobke
11e834ea74
Merge branch 'stable9' into sync-stable9 2016-07-07 12:03:34 +02:00
Vincent Petry
a2e0573987 Merge pull request #25298 from owncloud/schiessle-fix-get-contact-stable9 
[stable9] get only vcards which match both the address book id and the vcard uri
 2016-07-06 11:52:27 +02:00
Thomas Müller
4a4103b923 Suppress warnings from DAV migration if there's nothing to do (#25279) 2016-07-01 11:30:14 +02:00
Morris Jobke
23cc465b0d Merge pull request #254 from nextcloud/fix-229-stable9 
[stable9] get only vcard which match both the address book id and the vcard uri
 2016-06-30 17:43:46 +02:00
Bjoern Schiessle
3491400261
add some additonal permission checks to the webdav backend 2016-06-30 15:05:13 +02:00
Bjoern Schiessle
6a61cc0e35
get only vcard which match both the address book id and the vcard uri 2016-06-30 10:46:21 +02:00
Björn Schießle
1f71285137
get only vcards which match both the address book id and the vcard uri (#25294) 2016-06-29 12:18:28 +02:00
Lukas Reschke
dcb5f00461
Merge remote-tracking branch 'upstream/stable9' into stable9-upstream-sync 2016-06-26 12:48:19 +02:00
Vincent Petry
81761b87e4
DAV now returns file name with Content-Disposition header 2016-06-13 10:50:10 +02:00
Lukas Reschke
218e4b48ad
Adjust some more branding texts 
Replaces ownCloud with Nextcloud in the user-facing messages
 2016-06-11 10:46:02 +02:00
Joas Schilling
c433218aa1
Catch the ForbiddenException to make sure it gets handled 2016-06-03 15:16:11 +02:00
Thomas Müller
711641e4a9
Personal calendar should be generated even if the birthday calendar already exists - fixes #24082 2016-04-22 13:03:31 +02:00
Thomas Müller
4e50dd87d5
Birthday calendar should never have write acl - fixes #24154 2016-04-21 16:44:06 +02:00
Thomas Müller
1d4d45e91f Adding VCFExportPlugin 2016-04-10 20:41:44 +02:00
Thomas Müller
dca6869a89 Merge pull request #23574 from owncloud/sabre-plugin-browser-error-page-stable9 
[stable9] Sabre plugin browser error page
 2016-04-06 15:32:12 +02:00
Thomas Müller
b6fb3148c2 Revert "Explicitly add the current principal to the acl in case of group sharing" 
This reverts commit 52f4acf23d.
 2016-03-31 11:22:47 +02:00
Thomas Müller
ef8b75960c Handle group shares of addressbooks on v1 as well ... now FINALLY .... 2016-03-31 09:07:36 +02:00
Thomas Müller
f28817aed5 Fix acls for calendar objects and cards - fixes #23273 2016-03-31 09:07:36 +02:00
Thomas Müller
cb300d164e Return proper current-user-principal on v1 endpoints - fixes #23306 2016-03-31 09:05:39 +02:00
Thomas Müller
e664e582fb Fix group shares on v1 caldav and carddav - fixes #23328 2016-03-31 09:05:39 +02:00
Thomas Müller
8c9842fbd9 Fix unit test 2016-03-30 10:01:17 +02:00
Thomas Müller
52f4acf23d Explicitly add the current principal to the acl in case of group sharing 2016-03-29 19:09:31 +02:00
Lukas Reschke
1f4e824d0b Add magical regex to catch browsers 2016-03-24 19:03:21 +01:00
Thomas Müller
7a6d4a3287 In case of exception we return an html page in case the client is a browser 2016-03-24 19:03:21 +01:00
Vincent Petry
1f4738c372 Return remote shares in oc:share-types Webdav property 
Fixes web UI to properly display the share status icon when an outgoing
remote share exists
 2016-03-24 17:22:09 +01:00
Lukas Reschke
2139130ec8 Check if request is sent from official ownCloud client 
There are authentication backends such as Shibboleth that do send no Basic Auth credentials for DAV requests. This means that the ownCloud DAV backend would consider these requests coming from an untrusted source and require higher levels of security checks. (e.g. a CSRF check)

While an elegant solution would rely on authenticating via token (so that one can properly ensure that the request came indeed from a trusted client) this is a okay'ish workaround for this problem until we have something more reliable in the authentication code.
 2016-03-24 09:00:35 +01:00
Thomas Müller
3b98e8c56d Merge pull request #23467 from owncloud/early-creation-of-birthday-calendar-stable9 
Create the contact birthday calendar right away as soon as the comman…
 2016-03-22 17:28:11 +01:00
Arthur Schiwon
90a2be58f8 adjust PrincipalUri as returned from Sabre to effective username 
backport of #23404
 2016-03-22 15:24:01 +01:00
Thomas Müller
ad852ca24a Create the contact birthday calendar right away as soon as the command is executed once - fixes #23203 2016-03-22 10:31:53 +01:00
Roeland Jago Douma
df056e1299 Remove duplicated copyright 2016-03-18 11:38:02 +01:00
Vincent Petry
fb705fa305 Add webdav property for share info in PROPFIND response 2016-03-18 11:36:39 +01:00
Roeland Jago Douma
9dfcb55a2f Set proper public webdav permissions when public upload disabled 
Fixes #23325

It can happen that a user shares a folder with public upload. And some
time later the admin disables public upload on the server.

To make sure this is handled correctly we need to check the config value
and reduce the permissions.

Fix is kept small to be easy backportable.
 2016-03-17 13:54:53 +01:00
Thomas Müller
ec4c5a3e75 Merge pull request #23128 from owncloud/contacts_calendar_name_color-stable9 
add title and color to birthday calendar
 2016-03-17 13:08:03 +01:00
Thomas Müller
99de93a6c6 Merge pull request #23075 from owncloud/backport-23074-oracle-ext-storage 
[9.0] Correctly escape join statements and use selectAlias
 2016-03-15 12:13:54 +01:00
Thomas Müller
3380a3af74 Merge pull request #22949 from owncloud/stable9-fix-group-share-migration-for-calendars-and-contacts 
Fix group sharing and sharing permissions - fixes #22932
 2016-03-14 16:31:08 +01:00
Thomas Müller
2609bf3500 Merge pull request #23114 from owncloud/no-fatal-error-if-DSTART-is-not-set-stable9 
No fatal error if dstart is not set stable9
 2016-03-14 16:14:03 +01:00
Thomas Müller
884a3b9bb4 Merge pull request #23105 from owncloud/readonly-birthday-cal-stable9 
The birthday_calendar is read-only
 2016-03-14 16:07:42 +01:00
Thomas Müller
dac69225d2 Merge pull request #23102 from owncloud/stable9-backport-23094 
[stable9] Fake LOCK statement for Windows 7, 8 and 10 network mounts
 2016-03-13 19:51:26 +01:00
Georg Ehrke
b0c7eba7d0 add title and color to birthday calendar 2016-03-10 22:55:32 +01:00
Thomas Müller
e89f27e191 getOwner is not available on FileHome - fixes #23116 2016-03-10 22:51:02 +01:00
Thomas Müller
62a36ee884 The birthday_calendar is read-only 2016-03-10 21:36:11 +01:00
Thomas Müller
a58e374956 Merge pull request #22909 from owncloud/backport-22244-prevent-calendar-proppatch 
[9.0] Prevent calendar proppatch for share recipients
 2016-03-10 21:32:38 +01:00