upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-22 06:37:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 54
66495 commits 876 branches 1195 tags 8.3 GiB
Commit graph

12929 commits

Author SHA1 Message Date
Julius Härtl
e23aa8883e
feat(s3): Use multipart upload for chunked uploading 
This allows to stream file chunks directly to S3 during upload.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-08 14:00:04 +01:00
Joas Schilling
6b0cef6b9a Add transaction around mass mounts operations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-07 19:58:55 +00:00
Maxence Lange
e1b91fecf1
Merge pull request #36883 from nextcloud/fix/noid/gs-saml-pre-login-event 
dispatch BeforeUserLoggedInEvent
 2023-03-07 08:01:18 -01:00
Julius Härtl
d515da502f fix: Use proper path for quota fetching 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-06 22:46:07 +00:00
Julius Härtl
3287eddbbc fix: Recalculate storage statistics on updating the quota 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-06 22:46:07 +00:00
Joas Schilling
c297f8ee96
feat(appframework): Make ITimeFactory extend \PSR\Clock\ClockInterface 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-03 15:37:13 +01:00
John Molakvoæ
c5da4b8737
Merge pull request #36736 from Glandos/patch-2 2023-03-03 13:35:06 +01:00
Joas Schilling
de64c96a67
Merge pull request #36941 from nextcloud/bugfix/prevent-error-with-oracle-database 
Split the comments ids by chunks
 2023-03-03 12:37:15 +01:00
Julius Härtl
6130f1a78e
Implement file reference wiget 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-02 21:01:44 +01:00
blizzz
289fadfd50
Merge pull request #36803 from nextcloud/fix/sqlite-comments 
[db]: Remove not supported column comments for SQLite
 2023-03-02 12:10:19 +01:00
Maxence Lange
980e8e24f0 dispatch BeforeUserLoggedInEvent 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-03-01 15:31:31 -01:00
Vitor Mattos
e9295f739e Split the comments ids by chunks 
Split the comments ids by chunks to prevent error with Oracle database
that can't do a query with more than 1000 parameters.

https://github.com/nextcloud/spreed/issues/8287

Signed-off-by: Vitor Mattos <vitor@php.rio>
 2023-03-01 13:08:17 -03:00
Max
95a674e238
fix: treat text app session parameters as sensitive values 
* `PublicSessionController create` receives a share token.
* The others receive the parameters for a text session:
  `document_id`, `session_id`, `session_token`.
  Even though these are relatively short lived
  they could be used to retrieve content from the document when leaked.

Signed-off-by: Max <max@nextcloud.com>
 2023-03-01 13:03:47 +01:00
Julius Härtl
3e63298381
feat(translations): Add translation provider API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-27 16:52:03 +01:00
Joas Schilling
70a68e88f5
Merge pull request #36837 from nextcloud/fix/truncate-overlong-tagnames 
fix(SystemTagManager): Truncate overlong tag names
 2023-02-27 11:49:50 +01:00
Marcel Klehr
8151b1b8b0 fix(SystemTagManager): Truncate overlong tag names 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-02-24 12:55:10 +01:00
Joas Schilling
373e6325b7
Fix appconfig compatibility with Oracle DB 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-23 16:57:54 +01:00
Joas Schilling
c8c4dd637f
fix(OCC): Don't throw in the repair step for phone validation 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-23 16:57:53 +01:00
Ferdinand Thiessen
a9af58fd1a fix(DB): Remove not supported column comments when using SQLite 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 01:07:26 +01:00
Côme Chilliet
18c4761ab0
Merge pull request #36795 from nextcloud/fix/remove-erronous-parentheses-in-in-clause 
Avoid extra parenthesis around SQL in IN expressions
 2023-02-21 17:37:45 +01:00
Julien Veyssier
a7892881a3
Merge pull request #36792 from nextcloud/enh/noid/add-before-group-changed-event 
New BeforeGroupChangedEvent before setDisplayName on groups
 2023-02-21 17:22:27 +01:00
Robin Appelman
8bc9e23de5
Merge pull request #36428 from nextcloud/disable-db-user-create 
add option to disable db user creation trough environment variable
 2023-02-21 17:11:12 +01:00
Robin Appelman
b923310580
add option to disable db user creation trough environment variable 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-21 15:13:47 +01:00
Côme Chilliet
74811813e7 Avoid extra parenthesis around SQL in IN expressions 
The expression builder already suround the SQL with parenthesis when
 using in(), so we must not add another pair, this confuses at least
 sqlite.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:37:30 +00:00
Julien Veyssier
d9925806eb
dispatch new BeforeGroupChangedEvent before setDisplayName on groups 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-02-21 10:42:38 +01:00
Joas Schilling
98ed72b3ed
Revert "fix(performance): Do not set up filesystem on every call" 2023-02-21 07:36:43 +01:00
Simon L
3204f97d5e
Merge pull request #36759 from sgolovan/master 
Fix integer overflow on 32-bit systems when testing free space for wr…
 2023-02-20 15:21:37 +01:00
Julius Härtl
7858b8313a
Merge pull request #36727 from nextcloud/enh/file-id-direct-editing 
feat(directediting): Allow opening by file id
 2023-02-20 14:39:35 +01:00
Julius Härtl
95eeba83b6
Merge pull request #36780 from nextcloud/bugfix/noid/console-error-share-auth 2023-02-20 12:36:06 +01:00
Julius Härtl
614981ae9a
feat(directediting): Allow opening by file id 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-20 12:16:34 +01:00
Joas Schilling
c550acae62
Merge pull request #36653 from nextcloud/bugfix/noid/more-defensive-old-token-handling 
fix(authentication): Handle null or empty string password hash
 2023-02-20 11:15:37 +01:00
Sergei Golovan
1cb50c5afa Fix integer overflow on 32-bit systems when testing free space for writing a config file. 2023-02-20 10:05:45 +01:00
Julius Härtl
4cebfa95e6
fix: Fix loading styles from core/css/ 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-20 09:28:30 +01:00
Anna Larch
5d4efb4d5f
Do not set up filesystem on every call 
Also remove old Oc_FileChunking logis that produced GC- collectable chunks

Signed-off-by: Anna Larch <anna@nextcloud.com>
 2023-02-17 19:18:37 +01:00
Julius Härtl
47bc024885
Revert the token scope to not end up with storing the user used in the session 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-17 10:18:18 +01:00
Julius Härtl
90d2cb09b1
Merge pull request #36396 from nextcloud/fix/cors 2023-02-17 09:42:08 +01:00
Ferdinand Thiessen
f655f83c84 fix(CORS): CORS should only be bypassed on PublicPage if not logged in to prevent CSRF attack vectors 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-16 22:55:18 +01:00
Louis
98b998a2de
Merge pull request #36735 from nextcloud/fix/32635/fix-vcf-contacts 
fix the contacts-menu vcf-contact avatars
 2023-02-16 14:01:19 +01:00
Glandos
3bea7af7b7
fix indent 2 
Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-16 10:10:12 +01:00
Glandos
59e7ed1fad
fix indent 
Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-15 23:40:16 +01:00
Glandos
528e66859b
Use proc_open to avoid spawning a shell 
The use of `exec` will spawn a shell, using `/bin/sh` on POSIX platforms. But in restricted environment, such as AppArmor, this means giving execution to `/bin/sh`, which renders the execution restriction quite useless.
Using an array with `proc_open` reduces this, and paved the way for file streaming instead of temporary file.

Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-15 23:37:13 +01:00
Simon L
b38d2daede fix the contacts-menu vcf-contact avatars 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-02-15 23:16:43 +01:00
MichaIng
5f90b8eb11
Change X-Robots-Tag header from "none" to "noindex, nofollow" 
While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines.

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names
https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list
https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240

Signed-off-by: MichaIng <micha@dietpi.com>
 2023-02-15 20:16:51 +01:00
Christoph Wurst
364e7693b9
Merge pull request #36639 from nextcloud/userbackend-local-cache 
also cache backend for user in memory instead of always going to redis
 2023-02-15 19:33:29 +01:00
Christoph Wurst
a2422c937a
Merge pull request #36698 from nextcloud/db-profile-start-time 
log start time of queries for profiler
 2023-02-15 19:29:56 +01:00
Simon L
228911cbcd
Merge pull request #36691 from nextcloud/fix/25175/fix-config-truncating 
add a disk_free_space check before writing config
 2023-02-15 18:25:37 +01:00
Simon L
3757b345bc address review by Joas 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-02-15 13:43:54 +01:00
Robin Appelman
426b3429f7
log start time of queries for profiler 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-14 15:16:15 +01:00
Robin Appelman
c2cc3afd61
Merge pull request #36603 from nextcloud/imagick-cache-formats 
cache formats supported by imagick
 2023-02-14 13:30:44 +01:00
Julius Härtl
a705132c8d
Merge pull request #36656 from nextcloud/route-instrumentation 2023-02-14 10:12:19 +01:00