- Catch all thrown exceptions and handle in such a way you do not get
information about forbidden files.
- Resepect download permissions of shares.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Canceling the previous add of deletion of invalid shares in
transferownership because in some cases it deletes valid reshares, if
incoming shares are not transfered on purpose.
Inverting the order of transfer between incoming and outgoing so that
reshare can be migrated when incoming shares are transfered.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Note: Removed part about fix command from original PR
Signed-off-by: Luka Trovic <luka@nextcloud.com>
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
(cherry picked from commit 42181c2f49)
For E2EE encrypted files, we abort the transfer.
For SSE encrypted files, we abort only if not using master key.
Also fixed the check for when the path to a single file is used.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
The initial state is no longer used, it was only used in legacy UI and in the f2v rewrite
it was only used for the `id` which can be loaded just from the URL.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This adds an admin setting to toggle Windows filename compatibility.
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Louis <louis@chmn.me>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This allows to configure forbidden filenames (the full filename like `.htaccess`)
and also forbidden basenames like `com0` where `com0`, `com0.txt` and `com0.tar.gz` will match.
We need this as only using basenames was too restrictive and will cause problems on some systems when updating.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Allow clients to access the new filename validation options
and make frontend name validation possible.
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
`UseSession` isn’t used in theses controllers.
Not using it should avoid a few session locks.
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
When the receiver denies the transfer the notification handler was missing,
so no notification was created for the transfer owner.
But also the internal notification was created two times:
1. When rejecting the transfer
2. By the reject function when dismissing the notification
This is fixed by only relying on the dismiss function.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
