upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-23 23:27:46 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 63
66706 commits 868 branches 1197 tags 8.3 GiB
Commit graph

21658 commits

Author SHA1 Message Date
Arthur Schiwon
61aa0978ae
Merge pull request #36609 from nextcloud/lazyuserfolder-mountpoint 
optimize LazyUserFolder::getMountPoint
 2023-03-09 09:46:34 +01:00
Nextcloud bot
d7aa58eab5
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-03-09 02:29:13 +00:00
Simon L
b39329c21c imaginary - fix autorotate and improve the logic 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-03-09 00:11:37 +01:00
Michiel de Jong
c0e84cb512 Add SHARE_TYPE_SCIENCEMESH 
Signed-off-by: Michiel de Jong <michiel@unhosted.org>
 2023-03-08 16:46:55 +01:00
Julius Härtl
e23aa8883e
feat(s3): Use multipart upload for chunked uploading 
This allows to stream file chunks directly to S3 during upload.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-08 14:00:04 +01:00
Joas Schilling
2b49861679
Add a debug message when throttling without defining 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-08 12:09:22 +01:00
Joas Schilling
e839eb9b5c
feat(middleware): Migrate BruteForceProtection annotation to PHP Attribute and allow multiple 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-08 12:09:22 +01:00
Joas Schilling
11a0cb7f22
Merge pull request #32038 from nextcloud/bugfix/noid/only-update-indexes-after-changing-all-mounts 
Add transaction around mass mounts operations
 2023-03-08 08:52:54 +01:00
Nextcloud bot
5ce7336a1b
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-03-08 02:28:45 +00:00
Simon L
40edac18f5 postgresql - add quotes around user names 
fix https://github.com/nextcloud/server/issues/37114

Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-03-08 01:03:27 +01:00
Joas Schilling
6b0cef6b9a Add transaction around mass mounts operations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-07 19:58:55 +00:00
Simon L
e87d968c24 add a check for disk_free_space in Config.php 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-03-07 09:43:14 +00:00
Joas Schilling
1e026a98af
Merge pull request #37026 from nextcloud/fix/route-logs 
fix: Avoid log spam on 404 routes not using GET
 2023-03-07 10:24:03 +01:00
Maxence Lange
e1b91fecf1
Merge pull request #36883 from nextcloud/fix/noid/gs-saml-pre-login-event 
dispatch BeforeUserLoggedInEvent
 2023-03-07 08:01:18 -01:00
Julius Härtl
d515da502f fix: Use proper path for quota fetching 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-06 22:46:07 +00:00
Julius Härtl
3287eddbbc fix: Recalculate storage statistics on updating the quota 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-06 22:46:07 +00:00
Joas Schilling
eddc6f2103
Merge pull request #35872 from nextcloud/feature/noid/psr-clock-interface 
feat(appframework):  Make ITimeFactory extend \PSR\Clock\ClockInterface
 2023-03-06 09:49:18 +01:00
Nextcloud bot
7df188b200
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-03-06 02:27:01 +00:00
Joas Schilling
e5ee2ec441
Merge pull request #37040 from nextcloud/techdebt/noid/remove-deprecated-classes 
techdebt(workflowengine): Remove transition event classes
 2023-03-05 16:54:47 +01:00
Joas Schilling
c297f8ee96
feat(appframework): Make ITimeFactory extend \PSR\Clock\ClockInterface 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-03 15:37:13 +01:00
Joas Schilling
5bc86dd6ac
techdebt(workflowengine): Remove transition event classes 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-03 15:33:17 +01:00
John Molakvoæ
c5da4b8737
Merge pull request #36736 from Glandos/patch-2 2023-03-03 13:35:06 +01:00
Joas Schilling
de64c96a67
Merge pull request #36941 from nextcloud/bugfix/prevent-error-with-oracle-database 
Split the comments ids by chunks
 2023-03-03 12:37:15 +01:00
Julius Härtl
bbc6eee803
fix: Avoid log spam on 404 routes not using GET 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-03 09:40:43 +01:00
Nextcloud bot
bc94fab8ee
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-03-03 02:26:33 +00:00
Julius Härtl
6130f1a78e
Implement file reference wiget 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-02 21:01:44 +01:00
blizzz
289fadfd50
Merge pull request #36803 from nextcloud/fix/sqlite-comments 
[db]: Remove not supported column comments for SQLite
 2023-03-02 12:10:19 +01:00
Maxence Lange
980e8e24f0 dispatch BeforeUserLoggedInEvent 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-03-01 15:31:31 -01:00
Vitor Mattos
e9295f739e Split the comments ids by chunks 
Split the comments ids by chunks to prevent error with Oracle database
that can't do a query with more than 1000 parameters.

https://github.com/nextcloud/spreed/issues/8287

Signed-off-by: Vitor Mattos <vitor@php.rio>
 2023-03-01 13:08:17 -03:00
Max
95a674e238
fix: treat text app session parameters as sensitive values 
* `PublicSessionController create` receives a share token.
* The others receive the parameters for a text session:
  `document_id`, `session_id`, `session_token`.
  Even though these are relatively short lived
  they could be used to retrieve content from the document when leaked.

Signed-off-by: Max <max@nextcloud.com>
 2023-03-01 13:03:47 +01:00
Nextcloud bot
8657c93a97
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-03-01 02:28:10 +00:00
Nextcloud bot
0127ef4f10
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-28 02:27:47 +00:00
Julius Härtl
3e63298381
feat(translations): Add translation provider API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-27 16:52:03 +01:00
Joas Schilling
70a68e88f5
Merge pull request #36837 from nextcloud/fix/truncate-overlong-tagnames 
fix(SystemTagManager): Truncate overlong tag names
 2023-02-27 11:49:50 +01:00
Nextcloud bot
15f660fa5f
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-27 02:26:11 +00:00
Nextcloud bot
61679b4fdb
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-25 02:26:03 +00:00
Joas Schilling
fbbdc64167
Merge pull request #36781 from nextcloud/bugfix/noid/run-repairsteps-against-oracle 
fix(CI): Run repair steps against Oracle DB
 2023-02-24 15:09:07 +01:00
Marcel Klehr
8151b1b8b0 fix(SystemTagManager): Truncate overlong tag names 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-02-24 12:55:10 +01:00
Nextcloud bot
b7bf29fd8c
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-24 02:34:40 +00:00
Joas Schilling
373e6325b7
Fix appconfig compatibility with Oracle DB 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-23 16:57:54 +01:00
Joas Schilling
c8c4dd637f
fix(OCC): Don't throw in the repair step for phone validation 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-23 16:57:53 +01:00
Nextcloud bot
1d211a4b89
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-23 02:29:14 +00:00
Ferdinand Thiessen
a3595f73ac fix(OC/Template): Allow .mjs files within custom app paths 
If apps are installed in non standard app paths, we need
to check `$app_path/$script` instead of only doing so for translations.
Without this it would fallback to `.js` extension even if a `.mjs` file exists.

Also tried make the code more selfe explaining.

Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 21:19:37 +01:00
Ferdinand Thiessen
b642137c65 feat(OC/Template): Add type="module" for ES6 scripts 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 21:19:37 +01:00
Ferdinand Thiessen
00e041b907 feat(template): Allow JSResourceLocator to find ES6 scripts 
Enable module js (ES6) support on the `JSResourceLocator`.
This changes `JSResourceLocator` to look for `.mjs` files first
to allow applications to provide a fallback `.js` for older Nextcloud versions.

Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 21:19:37 +01:00
Ferdinand Thiessen
dbb1fa1273 fix(OC/Template): Remove usage of deprecated functions in JSResourceLocator 
Move from `\OC_App::getAppPath` to `IAppManager::getAppPath`.

Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 21:19:37 +01:00
Robin Appelman
fb1095f0f6
do onetime user setup before getting any mount from providers 
this fixes a race condition where wrappers weren't properly applied if when a mount provider creates the storage instance one mountpoint creation instead of lazily

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-22 18:03:38 +01:00
Ferdinand Thiessen
a9af58fd1a fix(DB): Remove not supported column comments when using SQLite 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-22 01:07:26 +01:00
Julius Härtl
d85d40599b
fix: Update autoloader after #36792 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-21 21:13:05 +01:00
Côme Chilliet
18c4761ab0
Merge pull request #36795 from nextcloud/fix/remove-erronous-parentheses-in-in-clause 
Avoid extra parenthesis around SQL in IN expressions
 2023-02-21 17:37:45 +01:00
Julien Veyssier
a7892881a3
Merge pull request #36792 from nextcloud/enh/noid/add-before-group-changed-event 
New BeforeGroupChangedEvent before setDisplayName on groups
 2023-02-21 17:22:27 +01:00
Robin Appelman
8bc9e23de5
Merge pull request #36428 from nextcloud/disable-db-user-create 
add option to disable db user creation trough environment variable
 2023-02-21 17:11:12 +01:00
Robin Appelman
b923310580
add option to disable db user creation trough environment variable 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-21 15:13:47 +01:00
Côme Chilliet
74811813e7 Avoid extra parenthesis around SQL in IN expressions 
The expression builder already suround the SQL with parenthesis when
 using in(), so we must not add another pair, this confuses at least
 sqlite.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-02-21 13:37:30 +00:00
Julien Veyssier
d9925806eb
dispatch new BeforeGroupChangedEvent before setDisplayName on groups 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-02-21 10:42:38 +01:00
Joas Schilling
98ed72b3ed
Revert "fix(performance): Do not set up filesystem on every call" 2023-02-21 07:36:43 +01:00
Simon L
3204f97d5e
Merge pull request #36759 from sgolovan/master 
Fix integer overflow on 32-bit systems when testing free space for wr…
 2023-02-20 15:21:37 +01:00
Julius Härtl
7858b8313a
Merge pull request #36727 from nextcloud/enh/file-id-direct-editing 
feat(directediting): Allow opening by file id
 2023-02-20 14:39:35 +01:00
Julius Härtl
95eeba83b6
Merge pull request #36780 from nextcloud/bugfix/noid/console-error-share-auth 2023-02-20 12:36:06 +01:00
Julius Härtl
614981ae9a
feat(directediting): Allow opening by file id 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-20 12:16:34 +01:00
Joas Schilling
c550acae62
Merge pull request #36653 from nextcloud/bugfix/noid/more-defensive-old-token-handling 
fix(authentication): Handle null or empty string password hash
 2023-02-20 11:15:37 +01:00
Sergei Golovan
1cb50c5afa Fix integer overflow on 32-bit systems when testing free space for writing a config file. 2023-02-20 10:05:45 +01:00
Julius Härtl
4cebfa95e6
fix: Fix loading styles from core/css/ 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-20 09:28:30 +01:00
Julius Härtl
bba3a1ccf0
Merge pull request #36589 from nextcloud/enh/perf-remove-icache 2023-02-20 08:59:22 +01:00
Nextcloud bot
d01154d363
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-19 02:27:04 +00:00
Anna Larch
5d4efb4d5f
Do not set up filesystem on every call 
Also remove old Oc_FileChunking logis that produced GC- collectable chunks

Signed-off-by: Anna Larch <anna@nextcloud.com>
 2023-02-17 19:18:37 +01:00
Julius Härtl
47bc024885
Revert the token scope to not end up with storing the user used in the session 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-17 10:18:18 +01:00
Julius Härtl
90d2cb09b1
Merge pull request #36396 from nextcloud/fix/cors 2023-02-17 09:42:08 +01:00
Ferdinand Thiessen
f655f83c84 fix(CORS): CORS should only be bypassed on PublicPage if not logged in to prevent CSRF attack vectors 
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-02-16 22:55:18 +01:00
Louis
98b998a2de
Merge pull request #36735 from nextcloud/fix/32635/fix-vcf-contacts 
fix the contacts-menu vcf-contact avatars
 2023-02-16 14:01:19 +01:00
Simon L
bc91dca703
Merge pull request #36689 from nextcloud/fix/x-robots-tag-header 
Change X-Robots-Tag header from "none" to "noindex, nofollow"
 2023-02-16 11:39:37 +01:00
Glandos
3bea7af7b7
fix indent 2 
Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-16 10:10:12 +01:00
Nextcloud bot
5413855d73
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-16 02:25:55 +00:00
Glandos
59e7ed1fad
fix indent 
Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-15 23:40:16 +01:00
Glandos
528e66859b
Use proc_open to avoid spawning a shell 
The use of `exec` will spawn a shell, using `/bin/sh` on POSIX platforms. But in restricted environment, such as AppArmor, this means giving execution to `/bin/sh`, which renders the execution restriction quite useless.
Using an array with `proc_open` reduces this, and paved the way for file streaming instead of temporary file.

Signed-off-by: Glandos <bugs-github@antipoul.fr>
 2023-02-15 23:37:13 +01:00
Simon L
b38d2daede fix the contacts-menu vcf-contact avatars 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-02-15 23:16:43 +01:00
MichaIng
5f90b8eb11
Change X-Robots-Tag header from "none" to "noindex, nofollow" 
While "none" is indeed equivalent to "noindex, nofollow" for Google, but seems to be not supported by Bing and probably other search engines.

https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta/name#other_metadata_names
https://developers.google.com/search/docs/crawling-indexing/robots-meta-tag?hl=de#comma-separated-list
https://www.bing.com/webmasters/help/which-robots-metatags-does-bing-support-5198d240

Signed-off-by: MichaIng <micha@dietpi.com>
 2023-02-15 20:16:51 +01:00
Christoph Wurst
364e7693b9
Merge pull request #36639 from nextcloud/userbackend-local-cache 
also cache backend for user in memory instead of always going to redis
 2023-02-15 19:33:29 +01:00
Christoph Wurst
a2422c937a
Merge pull request #36698 from nextcloud/db-profile-start-time 
log start time of queries for profiler
 2023-02-15 19:29:56 +01:00
Simon L
228911cbcd
Merge pull request #36691 from nextcloud/fix/25175/fix-config-truncating 
add a disk_free_space check before writing config
 2023-02-15 18:25:37 +01:00
Simon L
3757b345bc address review by Joas 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-02-15 13:43:54 +01:00
Joas Schilling
6f3ce5c319
Also copy bruteforce meta data when converting DataResponse to JSONResponse 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-14 16:00:10 +01:00
Robin Appelman
426b3429f7
log start time of queries for profiler 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-14 15:16:15 +01:00
Robin Appelman
c2cc3afd61
Merge pull request #36603 from nextcloud/imagick-cache-formats 
cache formats supported by imagick
 2023-02-14 13:30:44 +01:00
Julius Härtl
a705132c8d
Merge pull request #36656 from nextcloud/route-instrumentation 2023-02-14 10:12:19 +01:00
Nextcloud bot
e01936efa8
Fix(l10n): 🔠 Update translations from Transifex 
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
 2023-02-14 02:25:52 +00:00
Robin Appelman
b911da3e1e
DI for Router 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-13 22:51:14 +01:00
Simon L
9b6e5c6674 add a disk_free_space check before writing config 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-02-13 16:26:19 +01:00
Robin Appelman
d6818ba894
optimize LazyUserFolder::getMountPoint 
no need to do a full setup

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-13 15:13:50 +01:00
Robin Appelman
382432d4e1
cache formats supported by imagick 
turns out this can be quite slow

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-13 14:57:06 +01:00
Robin Appelman
936f634069
Merge pull request #36643 from nextcloud/fs-setup-instrimuntion 
more filesystem setup performance instrumentation
 2023-02-13 14:37:57 +01:00
Julius Härtl
610a203d31
Merge pull request #36525 from nextcloud/fix/noid/params-put 
fix: Only get params from PUT content if possible
 2023-02-13 10:25:52 +01:00
Côme Chilliet
8e1403a180
Merge pull request #36641 from nextcloud/instrument-app-register 
Add more profiler instrumentation to app loading
 2023-02-13 09:42:51 +01:00
Pytal
b59b8fd808
Merge pull request #36232 from nextcloud/enh/a11y-user-menu 
Port user menu to Vue
 2023-02-10 19:22:45 -08:00
jld3103
77f7da9921
Always set displayname and display-name for user data 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-02-10 21:52:54 +01:00
Robin Appelman
853ec60f3e also cache backend for user in memory instead of always going to redis 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-10 12:25:23 +01:00
Robin Appelman
b68be79464 more routing performance instrumentation 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-10 11:12:26 +01:00
Robin Appelman
91d5f6a826 more filesystem setup performance instrumentation 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-02-10 11:11:13 +01:00
Joas Schilling
6417ea0265
fix(authentication): Handle null or empty string password hash 
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument #2 ($hash) must be of type string, null given

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-10 09:18:50 +01:00
Julius Härtl
d9cd8b1d37
Merge pull request #36610 from nextcloud/folder-lazy-submounts 2023-02-10 09:09:08 +01:00