upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-12 16:39:39 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
79835 commits 915 branches 1207 tags 7.1 GiB
Commit graph

756 commits

Author SHA1 Message Date
Joas Schilling
a2eca9de03
Merge pull request #58115 from nextcloud/backport/58015/stable30
Some checks are pending
Integration sqlite / changes (push) Waiting to run
Details
Integration sqlite / integration-sqlite (8.1, stable30, --tags ~@large files_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, capabilities_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, collaboration_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, comments_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, dav_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, federation_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, filesdrop_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, ldap_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, openldap_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, openldap_numerical_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, remoteapi_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, setup_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, sharees_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, sharing_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, theming_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, videoverification_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite-summary (push) Blocked by required conditions
Details
Psalm static code analysis / static-code-analysis (push) Waiting to run
Details
Psalm static code analysis / static-code-analysis-security (push) Waiting to run
Details
Psalm static code analysis / static-code-analysis-ocp (push) Waiting to run
Details 
[stable30] fix(TextToImage): Refactor scheduling mechanism
 2026-02-19 12:50:52 +01:00
Salvatore Martire
8731ad4a02 fix: add X-User-Id header to logout response before clearing the user session 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2026-02-09 10:49:02 +00:00
Marcel Klehr
714d9832ef fix(TextToImage): Refactor scheduling mechanism 2026-02-05 14:54:33 +00:00
Julien Veyssier
bf581c7bdc fix(ai-apis): reject text inputs that are longer than 64K chars 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-11-11 08:09:17 +00:00
Luka Trovic
1293f5a17e fix: translation on /unsupported screen 
Signed-off-by: Luka Trovic <luka@nextcloud.com>
 2025-10-21 08:23:09 +00:00
Andy Scherzinger
655bb38186
Merge pull request #55793 from nextcloud/backport/fix/55776/stable30
Some checks are pending
Integration sqlite / changes (push) Waiting to run
Details
Integration sqlite / integration-sqlite (8.1, stable30, --tags ~@large files_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, capabilities_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, collaboration_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, comments_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, dav_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, federation_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, filesdrop_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, ldap_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, openldap_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, openldap_numerical_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, remoteapi_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, setup_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, sharees_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, sharing_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, theming_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite (8.1, stable30, videoverification_features) (push) Blocked by required conditions
Details
Integration sqlite / integration-sqlite-summary (push) Blocked by required conditions
Details
Psalm static code analysis / static-code-analysis (push) Waiting to run
Details
Psalm static code analysis / static-code-analysis-security (push) Waiting to run
Details
Psalm static code analysis / static-code-analysis-ocp (push) Waiting to run
Details 
[stable30] fix(TextToImage): Set better attribute for routes
 2025-10-16 10:27:10 +02:00
Marcel Klehr
37b4be55e9 fix(TextToImage): Set better attribute for routes 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-10-15 16:22:31 +02:00
Marcel Klehr
a2e0bf8fe6 fix(TextProcessingApiController): Set better attribute on routes 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-10-15 10:03:16 +02:00
provokateurin
1fd72c9fe8
fix(core): Stop abusing the cache for avatar upload 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-09-26 19:34:58 +02:00
Christoph Wurst
8ff78f8c8c fix(auth): allow access to dynamic js files during 2FA 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-09-11 15:49:38 +02:00
Marcel Klehr
1f70dc3c28 fix: Run cs:fix 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-08-29 09:52:40 +02:00
Marcel Klehr
df12869381 fix(TaskProcessingApiController): Don't allow anonymous access anymore 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>

[skip ci]
 2025-08-28 11:15:39 +00:00
Marcel Klehr
a53a0c2dc6 fix(TaskProcessingApiController): Improve error handling 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-07-22 17:36:48 +02:00
Richard Steinmetz
3a101c302e
fix: update request token on two-factor pages 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-23 16:00:34 +02:00
Richard Steinmetz
b2bc8c389a fix: generate csrf tokens if two factor challenge is ongoing 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-23 13:57:22 +00:00
Ferdinand Thiessen
931aed3968 fix: handle IDLE timeout 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-06-03 13:16:09 +00:00
Ferdinand Thiessen
832f79ac93
chore: apply code style 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-30 19:04:59 +02:00
Richard Steinmetz
550d8d9fce
fix(oauth2): retain support for legacy ownCloud clients 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-04-02 12:23:45 +02:00
Louis Chemineau
9141eb473f
feat: Close sessions created for login flow v2 
Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser.

This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request.

Signed-off-by: Louis Chemineau <louis@chmn.me>

[skip ci]

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-03-03 11:38:03 +01:00
Jonas
3737727a04 fix(ReferenceApiController): Bump rate limit for public resolve endpoint 
E.g. text documents might contain hundreds of links whose previews need
to get loaded.

Fixes: nextcloud/collectives#1607

Signed-off-by: Jonas <jonas@freesources.org>
 2024-12-16 15:52:05 +00:00
Marcel Klehr
25f558d004 fix(TaskProcessing): Set up fs in getFileContentsInternal 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-11-26 10:38:17 +00:00
Marcel Klehr
7a309e7a99 fix(TaskProcessingApiController): Don't use + to merge non-assoc. arrays 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-11-06 09:44:11 +00:00
provokateurin
e77d6c913d
fix(core): Limit valid avatar sizes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-08-14 09:29:30 +02:00
Julius Härtl
1aa29441e3 fix: Add direct parameter to flow auth v2 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-05 12:13:52 +02:00
Julius Härtl
a6d421e767
chore: Remove deprecated legacy search backend 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-01 12:33:18 +02:00
provokateurin
bc5c0262af
refactor(core): Make all attribute arguments named 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-27 22:36:18 +02:00
provokateurin
c57c3c1573
refactor(core): Replace security annotations with respective attributes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-26 07:30:45 +02:00
Kate
a9b77c3d12
Merge pull request #46761 from nextcloud/fix/core/document-csrf-token-endpoint 2024-07-26 07:13:26 +02:00
Andy Scherzinger
4f2a29adf9
Merge pull request #46672 from nextcloud/fix/preview-invalid-id 
Avoid using partial file info as valid one
 2024-07-25 19:37:30 +02:00
provokateurin
90e108e548
fix(core): Document CSRF token endpoint 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-25 18:04:46 +02:00
Julien Veyssier
060fb26686
fix(taskprocessing): run cs:fix 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-07-25 10:10:32 +02:00
Marcel Klehr
799ee8fd51
feat(TaskProcessing): Implement enums and default values 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-25 10:10:31 +02:00
Julius Härtl
6c1e896a03 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-22 22:32:34 +02:00
Julien Veyssier
fffc784769
feat(taskprocessing): add support for webhooks (http or AppAPI) in the task processing API 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-07-22 11:34:29 +02:00
Ferdinand Thiessen
9716b0d735 refactor: Migrate some legacy and core functions to IFilenameValidator 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-19 19:41:46 +02:00
Marcel Klehr
a3c3eab09c
Merge pull request #46368 from nextcloud/fix/task-processing 
TaskProcessing follow-up
 2024-07-19 12:38:30 +02:00
Jonas
9fe4edca2c
fix(ReferenceApiController): Remove accidently added AnonRateLimit 
Signed-off-by: Jonas <jonas@freesources.org>
 2024-07-17 15:38:09 +02:00
Marcel Klehr
0d07ad98b0 fix(TaskProcessing): Update openapi specs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
eb0b5f29fb fix(TaskProcessingApiController): Address review comments 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
4ac1ac673e fix: psalm errors 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
4ac7f8275b feat(TaskProcessing): Allow setting task results for file slots 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Jonas
1671bf3ef2
feat(Reference): Add public API endpoints to get references 
Calling the public API endpoints will check for matching registered
reference providers that implement `IPublicReferenceProvider` and call
their respective functions. If no matching provider is found, the
default `LinkReferenceProvider` will be used to provide open graph data.

The frontend reference widget components will call these endpoints from
unauthorized sessions, e.g. in public shares.

If present, the sharing token of the origin URL is passed to
`resolveReferencePublic()` as additional information for the reference
provider to determine the access scope. This allows the respective
reference providers to determine whether the origin share has access to
the linked resource.

`getCacheKeyPublic` also gets the sharing token so it can scope the cached
entry to it.

Contributes to #45978

Signed-off-by: Jonas <jonas@freesources.org>
 2024-07-17 12:56:41 +02:00
Julien CHATY-CAPELLE
2d84d0f5bf fix(core): use OC namespace for core ReponseDefinitions instead of OCA 
Signed-off-by: Julien CHATY-CAPELLE <julien@chaty-capelle.fr>
 2024-07-15 11:50:02 +02:00
Ferdinand Thiessen
a229723b8c
feat: Add new forbidden filename options to Capabilities 
Allow clients to access the new filename validation options
and make frontend name validation possible.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-11 13:31:54 +02:00
Benjamin Gaussorgues
e5275dbada feat: don't count failed CSRF as failed login attempt 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-11 09:27:33 +02:00
provokateurin
f5ff8136ac
feat(TaskProcessingApi): Add endpoint for getting the next task 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-01 17:11:12 +02:00
Daniel
e5a6698ec0
Merge pull request #45811 from nextcloud/add-test-for-profile-page-controller 
test: add tests for ProfilePageController
 2024-06-12 14:49:03 +02:00
Daniel Kesselberg
98eb190e04
test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 11:46:12 +02:00
provokateurin
c8e767878d fix(core): Return X-NC-IsCustomAvatar for guest avatars too 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-06-12 10:27:29 +02:00
skjnldsv
8bed23288b fix(files_sharing): dark avatar support 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 10:27:29 +02:00