Commit graph

14222 commits

Author SHA1 Message Date
Robin Appelman
6aa25b9f1e Merge pull request #6743 from nextcloud/invalid-path-repair-from11-12
[12] dont run invalid path repair step when upgrading from 11.0.5.2 and later
2017-10-04 15:08:34 +02:00
Nextcloud bot
1c30c72909
[tx-robot] updated from transifex 2017-10-04 00:08:37 +00:00
Robin Appelman
95dc9a89b3
dont run invalid path repair step when upgrading from 11.0.5.2 and later
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-03 16:28:54 +02:00
Nextcloud bot
4a21eb1c7d
[tx-robot] updated from transifex 2017-10-03 00:08:30 +00:00
Nextcloud bot
489fc55e1d
[tx-robot] updated from transifex 2017-09-30 00:08:35 +00:00
Nextcloud bot
cae4a1956b
[tx-robot] updated from transifex 2017-09-29 00:08:31 +00:00
Nextcloud bot
df00dc89d1
[tx-robot] updated from transifex 2017-09-28 00:08:46 +00:00
Arthur Schiwon
499da044b6
don't pass User object when uid string is expected
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-27 17:51:22 +02:00
Morris Jobke
f6ccc1e0a1 Merge pull request #6554 from nextcloud/stable12-contacts_menu_privacy
[Stable12] contacts menu privacy
2017-09-27 15:32:29 +02:00
John Molakvoæ (skjnldsv)
892a427807
Do not stop on scss compilation failure
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-09-27 08:35:02 +02:00
Nextcloud bot
af923601b9
[tx-robot] updated from transifex 2017-09-27 00:08:33 +00:00
Morris Jobke
2062c2ada6 Merge pull request #6528 from nextcloud/fix_4654_3375-12
[stable12] Pass new value to triggerChange
2017-09-20 16:05:49 +02:00
Nextcloud bot
db56ea3e70
[tx-robot] updated from transifex 2017-09-19 00:08:39 +00:00
Lukas Reschke
44ae66e7d2
Add filter for shareapi_allow_share_dialog_user_enumeration
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.

Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-18 17:28:07 +02:00
Tobia De Koninck
005cd8ae42
Fix issue when disabling the shareapi_only_share_with_group_members option + fix findOne
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:51 +02:00
Tobia De Koninck
21e903cb31
Improve code style
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:47 +02:00
Tobia De Koninck
3409c364fe
Some code improvements
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:41 +02:00
Tobia De Koninck
d2d6ed5c97
Add tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:33 +02:00
Tobia De Koninck
88ccbef546
Fix tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:28 +02:00
Tobia De Koninck
6f4976fd4d
Privacy enhancements for contacts menu
- Groups, which are excluded from sharing should not see local users at all
 - If sharing is restricted to users own groups, he should only see contacts from his groups:

Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-18 17:27:24 +02:00
Nextcloud bot
c854665b0c
[tx-robot] updated from transifex 2017-09-18 00:08:41 +00:00
Nextcloud bot
bc88484e7f
[tx-robot] updated from transifex 2017-09-17 00:08:34 +00:00
Nextcloud bot
18a258c531
[tx-robot] updated from transifex 2017-09-16 00:08:34 +00:00
Roeland Jago Douma
71fdc43125
Pass new value to triggerChange
it is not used. but pass in the empty string (on delete) and the new
file (on create)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-15 20:23:45 +02:00
Nextcloud bot
99916a9bda
[tx-robot] updated from transifex 2017-09-15 00:08:17 +00:00
Nextcloud bot
a7f3fadd37
[tx-robot] updated from transifex 2017-09-14 00:08:21 +00:00
Nextcloud bot
51c110dd66
[tx-robot] updated from transifex 2017-09-13 00:08:21 +00:00
Roeland Jago Douma
ab50f0b1de
Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:35:16 +02:00
Morris Jobke
cb6178b828 Merge pull request #6443 from nextcloud/backport-6064-absolute-path-must-be-relative-to-files-on-theming-update
[stable12] Still throw a locked exception when the path is not relative to $user/files/
2017-09-12 10:03:29 +02:00
Morris Jobke
3aae3a54e5 Merge pull request #6446 from nextcloud/backport-6414-share-notification-wrong-language
[stable12] Use the language of the recipient for the share notification
2017-09-12 09:40:19 +02:00
Morris Jobke
0c43183ac9 Merge pull request #6442 from nextcloud/backport-6416-make-sure-sqlite-works-without-content
[stable12] Ask the schema whether the table and column exist
2017-09-11 23:20:58 +02:00
Joas Schilling
2a6855a76d
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-11 11:28:20 +02:00
Joas Schilling
d25ea6ae1c
Don't lock in the appdata_ directory
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-11 11:18:56 +02:00
Joas Schilling
9cae892974
Still throw a locked exception when the path is not relative to $user/files/
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-11 11:18:47 +02:00
Joas Schilling
e88a4a0b3d
Fix Nextcloud 12 compatibility
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-11 11:14:33 +02:00
Joas Schilling
6fd01c3993
Ask the schema whether the table and column exist
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-11 11:08:58 +02:00
Christoph Wurst
55c7aa674c
Fix failing csp/nonce check due to timed out session
The CSP nonce is based on the CSRF token. This token does not change,
unless you log in (or out). In case of the session data being lost,
e.g. because php gets rid of old sessions, a new CSRF token is gen-
erated. While this is fine in theory, it actually caused some annoying
problems where the browser restored a tab and Nextcloud js was blocked
due to an outdated nonce.
The main problem here is that, while processing the request, we write
out security headers relatively early. At that point the CSRF token
is known/generated and transformed into a CSP nonce. During this request,
however, we also log the user in because the session information was
lost. At that point we also refresh the CSRF token, which eventually
causes the browser to block any scripts as the nonce in the header
does not match the one which is used to include scripts.
This patch adds a flag to indicate whether the CSRF token should be
refreshed or not. It is assumed that refreshing is only necessary
if we want to re-generate the session id too. To my knowledge, this
case only happens on fresh logins, not when we recover from a deleted
session file.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-11 10:08:06 +02:00
Nextcloud bot
985cbc6b33
[tx-robot] updated from transifex 2017-09-10 00:08:33 +00:00
Nextcloud bot
ac96dc80de
[tx-robot] updated from transifex 2017-09-08 00:08:25 +00:00
Joas Schilling
287ebb52d5
Don't log LDAP password when server is not available
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-07 09:26:40 +02:00
Roeland Jago Douma
ef1c81188b Merge pull request #6319 from nextcloud/improve_2fa-12
[stable12] Improve 2FA
2017-09-06 20:07:46 +02:00
Lukas Reschke
ad96c58e8b Merge pull request #6368 from nextcloud/backport-5436-fix-group-check
[stable12] Fix group check on share provider
2017-09-06 17:19:15 +02:00
Roeland Jago Douma
dbcd549e35
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-06 17:07:11 +02:00
Nextcloud bot
ba71df12cc
[tx-robot] updated from transifex 2017-09-06 00:08:30 +00:00
Jan-Philipp Litza
b35c039b77
Fix 500 Internal Server Error on writing
In some not yet completely determined configurations, the following error could occur while writing a file:

Error: Call to a member function getUsers() on null
    /var/www/nextcloud/lib/private/Share20/Manager.php - line 1277: OC\Share20\DefaultShareProvider->getAccessList(Array, true)
    /var/www/nextcloud/lib/private/Share20/ShareHelper.php - line 51: OC\Share20\Manager->getAccessList(Object(OC\Files\Node\Folder), true, true)
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 616: OC\Share20\ShareHelper->getPathsForAccessList(Object(OC\Files\Node\File))
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 196: OCA\Activity\FilesHooks->getUserPathsFromPath('/path/to/file', 'user')
    /var/www/nextcloud/apps/activity/lib/FilesHooks.php - line 157: OCA\Activity\FilesHooks->addNotificationsForFileAction('/path/to/file', 'file_changed', 'changed_self', 'changed_by')
    /var/www/nextcloud/apps/activity/lib/FilesHooksStatic.php - line 55: OCA\Activity\FilesHooks->fileUpdate('/path/to/file')
    /var/www/nextcloud/lib/private/legacy/hook.php - line 106: OCA\Activity\FilesHooksStatic fileUpdate(Array)
    /var/www/nextcloud/lib/private/Files/View.php - line 1245: OC_Hook emit('OC_Filesystem', 'post_update', Array)
    /var/www/nextcloud/lib/private/Files/View.php - line 1173: OC\Files\View->runHooks(Array, '/path/to/file', true)
    /var/www/nextcloud/lib/private/Files/View.php - line 679: OC\Files\View->basicOperation('file_put_conten...', '/path/to/file', Array, '<?xml version="...')
    /var/www/nextcloud/lib/private/Files/Node/File.php - line 64: OC\Files\View->file_put_contents('/path/to/file', '<?xml version="...')
    [...]

Signed-off-by: Jan-Philipp Litza <janphilipp@litza.de>
2017-09-05 17:31:39 +02:00
Joas Schilling
6e7c37cbd3
Merge setMetaData into constructor
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-05 16:04:09 +02:00
Nextcloud bot
fe2f9ac7ce
[tx-robot] updated from transifex 2017-09-02 00:08:39 +00:00
Roeland Jago Douma
faffebc718
Improve 2FA
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-31 10:54:10 +02:00
Nextcloud bot
0ba7914d0c
[tx-robot] updated from transifex 2017-08-31 00:08:40 +00:00
Bjoern Schiessle
b53587cf8d
update autoloader
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-30 20:36:48 +02:00