upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-22 14:50:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 53
81941 commits 888 branches 1195 tags 8.3 GiB
Commit graph

779 commits

Author SHA1 Message Date
Andy Scherzinger
4f2a29adf9
Merge pull request #46672 from nextcloud/fix/preview-invalid-id 
Avoid using partial file info as valid one
 2024-07-25 19:37:30 +02:00
provokateurin
90e108e548
fix(core): Document CSRF token endpoint 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-25 18:04:46 +02:00
Julien Veyssier
060fb26686
fix(taskprocessing): run cs:fix 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-07-25 10:10:32 +02:00
Marcel Klehr
799ee8fd51
feat(TaskProcessing): Implement enums and default values 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-25 10:10:31 +02:00
Julius Härtl
6c1e896a03 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-22 22:32:34 +02:00
Julien Veyssier
fffc784769
feat(taskprocessing): add support for webhooks (http or AppAPI) in the task processing API 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-07-22 11:34:29 +02:00
Ferdinand Thiessen
9716b0d735 refactor: Migrate some legacy and core functions to IFilenameValidator 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-19 19:41:46 +02:00
Marcel Klehr
a3c3eab09c
Merge pull request #46368 from nextcloud/fix/task-processing 
TaskProcessing follow-up
 2024-07-19 12:38:30 +02:00
Jonas
9fe4edca2c
fix(ReferenceApiController): Remove accidently added AnonRateLimit 
Signed-off-by: Jonas <jonas@freesources.org>
 2024-07-17 15:38:09 +02:00
Marcel Klehr
0d07ad98b0 fix(TaskProcessing): Update openapi specs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
eb0b5f29fb fix(TaskProcessingApiController): Address review comments 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
4ac1ac673e fix: psalm errors 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Marcel Klehr
4ac7f8275b feat(TaskProcessing): Allow setting task results for file slots 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-17 13:55:55 +02:00
Jonas
1671bf3ef2
feat(Reference): Add public API endpoints to get references 
Calling the public API endpoints will check for matching registered
reference providers that implement `IPublicReferenceProvider` and call
their respective functions. If no matching provider is found, the
default `LinkReferenceProvider` will be used to provide open graph data.

The frontend reference widget components will call these endpoints from
unauthorized sessions, e.g. in public shares.

If present, the sharing token of the origin URL is passed to
`resolveReferencePublic()` as additional information for the reference
provider to determine the access scope. This allows the respective
reference providers to determine whether the origin share has access to
the linked resource.

`getCacheKeyPublic` also gets the sharing token so it can scope the cached
entry to it.

Contributes to #45978

Signed-off-by: Jonas <jonas@freesources.org>
 2024-07-17 12:56:41 +02:00
Julien CHATY-CAPELLE
2d84d0f5bf fix(core): use OC namespace for core ReponseDefinitions instead of OCA 
Signed-off-by: Julien CHATY-CAPELLE <julien@chaty-capelle.fr>
 2024-07-15 11:50:02 +02:00
Ferdinand Thiessen
a229723b8c
feat: Add new forbidden filename options to Capabilities 
Allow clients to access the new filename validation options
and make frontend name validation possible.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-11 13:31:54 +02:00
Benjamin Gaussorgues
e5275dbada feat: don't count failed CSRF as failed login attempt 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-11 09:27:33 +02:00
Marcel Klehr
224779c33f fix(TaskProcessingApiController): Don't use + to merge non-assoc. arrays 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-01 18:46:59 +02:00
provokateurin
f5ff8136ac
feat(TaskProcessingApi): Add endpoint for getting the next task 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-01 17:11:12 +02:00
Daniel
e5a6698ec0
Merge pull request #45811 from nextcloud/add-test-for-profile-page-controller 
test: add tests for ProfilePageController
 2024-06-12 14:49:03 +02:00
Daniel Kesselberg
98eb190e04
test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 11:46:12 +02:00
provokateurin
c8e767878d fix(core): Return X-NC-IsCustomAvatar for guest avatars too 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-06-12 10:27:29 +02:00
skjnldsv
8bed23288b fix(files_sharing): dark avatar support 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 10:27:29 +02:00
skjnldsv
fb11672df6 fix(core): allow guest avatar fallback 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 10:27:29 +02:00
Arthur Schiwon
98b5cdc43d
Merge pull request #43942 from nextcloud/fix/43612/avoid-pwd-confirm-sso 
fix(Session): avoid password confirmation on SSO
 2024-06-07 11:25:36 +02:00
Arthur Schiwon
340939e688
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +02:00
John Molakvoæ (skjnldsv)
fc3ee65526 fix(core): unsupported browser redirect url 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2024-06-01 09:34:22 +02:00
Andy Scherzinger
e07a190641
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-27 14:53:40 +02:00
Kate
7bc4ccba6a
Merge pull request #45354 from nextcloud/docs/taskprocessingapi/cleanup-endpoint-descriptions 2024-05-16 20:09:06 +02:00
provokateurin
a8abe9d3c2
fix(TaskProcessingApi): Cleanup error handling 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-16 15:17:10 +02:00
provokateurin
4c375c98a4
docs(TaskProcessingApi): Set correct status code messages 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-16 14:57:34 +02:00
provokateurin
eabbb73173
docs(TaskProcessingApi): Cleanup endpoint descriptions 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-16 12:43:39 +02:00
provokateurin
79e153735c
docs(TaskProcessingApi): Fix result endpoint description 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-16 12:43:22 +02:00
Joas Schilling
ef1c32a222
Merge pull request #45317 from nextcloud/bugfix/noid/limit-maximum-number-of-search-results 
fix(search): Limit maximum number of search results
 2024-05-16 10:10:09 +02:00
Marcel Klehr
f3e72aff7c
Merge pull request #45094 from nextcloud/enh/taskprocessing-api 
feat: TaskProcessing API
 2024-05-15 11:43:08 +02:00
Joas Schilling
2bd54d30e5
fix(search): Limit maximum number of search results 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-05-15 09:48:23 +02:00
Marcel Klehr
a8afa7f23d fix(OCS-API): Add endpoint to list user tasks 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
f3a88f04ec fix(OCS-API): No csrf required for /tasks/taskId/file/fileId 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
ec94a672d7 fix(ocs): change /tasktypes response to combine optional and non-optional IO slots 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
c079a61181 feat: Add cancel endpoint to OCS API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
4d9a0eab5f fix: update openai specs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
4a3b9b826e refactor: identifier is now customId/custom_id 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
ec27c538b5 fix: address review comments 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:41 +02:00
Marcel Klehr
2c878099f1 fix: address review comments 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
b85a0edc92 fix: Update autoloaders 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
a5053d33c2 fix: Run cs:fix 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
8ccb29ae3b fix: psalm issues 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
6203c1c7da fix: Check if user is authorized to use the files they mentioned 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
b150d779f3 refactor: rename getTaskType to getTaskTypeId 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:40 +02:00
Marcel Klehr
8e5662602a feat: Add ExApp endpoints 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
Marcel Klehr
7a947980db fix: Fix psalm issues 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
Marcel Klehr
3b0925a064 chore: Regenerate openapi.json 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
Marcel Klehr
29cbb3cf71 chore: Run cs:fix 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
Marcel Klehr
b2b93e4219 feat: Add getFileContents endpoint to TaskProcessing OCS API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
Marcel Klehr
44b896f999 feat: TaskProcessing OCS API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +02:00
provokateurin
dd997b6ac7
docs(preview): Improve API parameter descriptions 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-13 12:47:24 +02:00
Christoph Wurst
22dc27810e
fix(auth): Keep redirect URL during 2FA setup and challenge 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-04-19 10:24:26 +02:00
Côme Chilliet
ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +02:00
Ferdinand Thiessen
3fede00732
feat(login): Clear login form (password) after IDLE timeout 
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-03-25 12:22:53 +01:00
fenn-cs
2792d8b3f5 feat: Limit email input on auth pages to 255 chars 
Excessively long emails reported make server unresponsive.

We could at some point, consider adding a configuration for sysadmins to bypass this setting
on their instance if they want.

Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
 2024-03-21 10:34:55 +01:00
Eduardo Morales
0de6cc7472 feat: added login's initial possible email-states 
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
 2024-03-10 10:32:21 -05:00
Robin Appelman
fd4ca13867
Merge pull request #43471 from nextcloud/cache-path-by-id 
Cache path by id
 2024-03-05 17:26:25 +01:00
Julius Härtl
c7813bfdaf
feat: Implement team provider api 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-05 08:13:58 +01:00
Robin Appelman
e7a7b4a401 perf: switch places that always use the first getById result to getFirstNodeById 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-03-04 13:57:31 +01:00
provokateurin
2c51933b6b
refactor(core): Switch to attribute based routing 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-21 12:07:50 +01:00
provokateurin
6243a9471d
feat(core): Add OCS endpoint for confirming the user password 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 14:28:00 +01:00
provokateurin
d95e500e45
feat(core): Expose the confirm password endpoint 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 08:04:13 +01:00
John Molakvoæ
4a509dfe8e
fix: phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +01:00
John Molakvoæ
9593f4d6f9
fix: openapi 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +01:00
Vincent Petry
839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +01:00
Côme Chilliet
6fc5cef6e9 fix: Support other schemes than HTTP and HTTPS in app navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
Côme Chilliet
4f69f49a75 fix: Revert external url support in icon as it’s not allowed 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
Côme Chilliet
4fb5c15db5 Allow application to pass external links in navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
provokateurin
b64ab5fba8
refactor: Migrate IgnoreOpenAPI attributes to OpenAPI 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-01-18 16:14:17 +01:00
Côme Chilliet
95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Côme Chilliet
eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Joas Schilling
0b591916d6
fix(openapi): Make OpenAPI CI green again 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-11 12:29:19 +01:00
Ferdinand Thiessen
949e09ccb7 enh(core): Refactor profile page to use vue components 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-01-10 11:22:27 -06:00
Gaspard d'Hautefeuille
08ff644f3c Keep https check 
https://github.com/nextcloud/server/issues/41196 + keep https check

Co-authored-by: Louis <louis@chmn.me>
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +01:00
Gaspard d'Hautefeuille
85911cbab2 Cancel PR #37405, remove regression code 
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +01:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Benjamin Gaussorgues
33837e7d6f
Fix invalid users/groups handling in advanced search 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-15 10:17:43 +01:00
Joas Schilling
0feb55ee93
Merge pull request #41271 from nextcloud/enh/text-processing-iprovider2 
enh(TextProcessing): Add two new provider interfaces
 2023-11-13 10:49:14 +01:00
Benjamin Gaussorgues
c753eefb21
feat(search): Allow multiple search terms in UnifiedController 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-10 09:21:16 +01:00
Marcel Klehr
b45007f38f
Merge branch 'master' into enh/text-processing-iprovider2 2023-11-09 13:46:18 +01:00
Christoph Wurst
a5422a3998
fix: Show error message when CSRF check fails at login 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-08 15:18:34 +01:00
Marcel Klehr
8c0c426538
Merge branch 'master' into enh/text-processing-iprovider2 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-08 11:52:47 +01:00
Marcel Klehr
d11b9cbd79 fix(TextProcessing/Manager): Throw TaskFailureException upon failure 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-06 12:50:16 +01:00
Marcel Klehr
181f819e41 enh(TextProcessing): Add IProvider2 
- allow providers to obtain current task's userId
- allow providers to expose average task runtime

Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-03 16:22:54 +01:00
Christopher Ng
7f530d22e1 fix: Only highlight profile entry when viewing own profile 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-11-02 15:43:56 -07:00
Joas Schilling
2b8114d59d
feat(events): Add typed event for filtering autocompletion suggestions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-02 11:08:53 +01:00
Robin Appelman
1fffa3eae0
load script and styles on setup page 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-31 10:03:09 +01:00
Marcel Müller
c2393fb712 Reset BFP for sudo action 
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
 2023-10-28 18:36:43 +02:00
Christopher Ng
d899e676de fix: Set profile as active nav entry 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-10-26 10:30:22 -07:00
Joas Schilling
2b7f78fc2e
Merge pull request #40326 from nextcloud/enh/text-to-image-api 
Implement TextToImage OCP API
 2023-10-26 15:53:30 +02:00
Marcel Klehr
154bb53538
Update core/Controller/TextToImageApiController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-26 11:35:55 +02:00
Marcel Klehr
47e13cd55b en(TextToImage): Use specific exception class instead of generic RuntimeException 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-26 11:16:15 +02:00
Joas Schilling
2353d3cd5c
feat(profile): Add public interface for profile manager so apps can check config 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-23 12:56:31 +02:00
Marcel Klehr
7b7f552a6e fix(Text2Image): Fix OpenAPI types 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-20 13:33:05 +02:00
Marcel Klehr
b7fd5185b6 enh(TextToImage): Allow generating multiple images with one task 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-20 13:13:15 +02:00