upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-11 23:04:22 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 36
75770 commits 687 branches 1182 tags 8.3 GiB
Commit graph

684 commits

Author SHA1 Message Date
Julius Härtl
24993f988b
fix: Add direct parameter to flow auth v2 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-06 22:44:34 +02:00
Julius Härtl
23ec547af0 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-29 08:16:30 +02:00
Benjamin Gaussorgues
3e2600bf86 feat: don't count failed CSRF as failed login attempt 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-11 14:15:20 +02:00
Arthur Schiwon
464cfce9b5
Merge pull request #44977 from nextcloud/backport/44745/stable29 
[stable29] fix(auth): Keep redirect URL during 2FA setup and challenge
 2024-06-12 19:37:41 +02:00
Daniel Kesselberg
73703eb276 test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 18:21:58 +02:00
provokateurin
ac4ead61af fix(core): Return X-NC-IsCustomAvatar for guest avatars too 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-06-12 11:06:10 +00:00
skjnldsv
7327803816 fix(files_sharing): dark avatar support 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 11:06:10 +00:00
skjnldsv
4ad83e9fa3 fix(core): allow guest avatar fallback 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 11:06:10 +00:00
Arthur Schiwon
f0494ec17a fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-11 20:19:18 +02:00
John Molakvoæ (skjnldsv)
2c2a5a25ac fix(core): unsupported browser redirect url 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2024-06-07 08:58:58 +02:00
Joas Schilling
7f6ee0cb9f fix(search): Limit maximum number of search results 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-05-15 07:54:00 +00:00
Christoph Wurst
67071f8875 fix(auth): Keep redirect URL during 2FA setup and challenge 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-04-23 07:38:33 +00:00
Côme Chilliet
0b332ceac2 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-04 11:45:22 +02:00
Ferdinand Thiessen
3fede00732
feat(login): Clear login form (password) after IDLE timeout 
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-03-25 12:22:53 +01:00
fenn-cs
2792d8b3f5 feat: Limit email input on auth pages to 255 chars 
Excessively long emails reported make server unresponsive.

We could at some point, consider adding a configuration for sysadmins to bypass this setting
on their instance if they want.

Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
 2024-03-21 10:34:55 +01:00
Eduardo Morales
0de6cc7472 feat: added login's initial possible email-states 
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
 2024-03-10 10:32:21 -05:00
Robin Appelman
fd4ca13867
Merge pull request #43471 from nextcloud/cache-path-by-id 
Cache path by id
 2024-03-05 17:26:25 +01:00
Julius Härtl
c7813bfdaf
feat: Implement team provider api 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-05 08:13:58 +01:00
Robin Appelman
e7a7b4a401 perf: switch places that always use the first getById result to getFirstNodeById 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-03-04 13:57:31 +01:00
provokateurin
2c51933b6b
refactor(core): Switch to attribute based routing 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-21 12:07:50 +01:00
provokateurin
6243a9471d
feat(core): Add OCS endpoint for confirming the user password 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 14:28:00 +01:00
provokateurin
d95e500e45
feat(core): Expose the confirm password endpoint 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 08:04:13 +01:00
John Molakvoæ
4a509dfe8e
fix: phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +01:00
John Molakvoæ
9593f4d6f9
fix: openapi 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +01:00
Vincent Petry
839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +01:00
Côme Chilliet
6fc5cef6e9 fix: Support other schemes than HTTP and HTTPS in app navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
Côme Chilliet
4f69f49a75 fix: Revert external url support in icon as it’s not allowed 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
Côme Chilliet
4fb5c15db5 Allow application to pass external links in navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +01:00
provokateurin
b64ab5fba8
refactor: Migrate IgnoreOpenAPI attributes to OpenAPI 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-01-18 16:14:17 +01:00
Côme Chilliet
95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Côme Chilliet
eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Joas Schilling
0b591916d6
fix(openapi): Make OpenAPI CI green again 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-11 12:29:19 +01:00
Ferdinand Thiessen
949e09ccb7 enh(core): Refactor profile page to use vue components 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-01-10 11:22:27 -06:00
Gaspard d'Hautefeuille
08ff644f3c Keep https check 
https://github.com/nextcloud/server/issues/41196 + keep https check

Co-authored-by: Louis <louis@chmn.me>
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +01:00
Gaspard d'Hautefeuille
85911cbab2 Cancel PR #37405, remove regression code 
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +01:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Benjamin Gaussorgues
33837e7d6f
Fix invalid users/groups handling in advanced search 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-15 10:17:43 +01:00
Joas Schilling
0feb55ee93
Merge pull request #41271 from nextcloud/enh/text-processing-iprovider2 
enh(TextProcessing): Add two new provider interfaces
 2023-11-13 10:49:14 +01:00
Benjamin Gaussorgues
c753eefb21
feat(search): Allow multiple search terms in UnifiedController 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-10 09:21:16 +01:00
Marcel Klehr
b45007f38f
Merge branch 'master' into enh/text-processing-iprovider2 2023-11-09 13:46:18 +01:00
Christoph Wurst
a5422a3998
fix: Show error message when CSRF check fails at login 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-08 15:18:34 +01:00
Marcel Klehr
8c0c426538
Merge branch 'master' into enh/text-processing-iprovider2 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-08 11:52:47 +01:00
Marcel Klehr
d11b9cbd79 fix(TextProcessing/Manager): Throw TaskFailureException upon failure 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-06 12:50:16 +01:00
Marcel Klehr
181f819e41 enh(TextProcessing): Add IProvider2 
- allow providers to obtain current task's userId
- allow providers to expose average task runtime

Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-03 16:22:54 +01:00
Christopher Ng
7f530d22e1 fix: Only highlight profile entry when viewing own profile 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-11-02 15:43:56 -07:00
Joas Schilling
2b8114d59d
feat(events): Add typed event for filtering autocompletion suggestions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-02 11:08:53 +01:00
Robin Appelman
1fffa3eae0
load script and styles on setup page 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-31 10:03:09 +01:00
Marcel Müller
c2393fb712 Reset BFP for sudo action 
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
 2023-10-28 18:36:43 +02:00
Christopher Ng
d899e676de fix: Set profile as active nav entry 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-10-26 10:30:22 -07:00
Joas Schilling
2b7f78fc2e
Merge pull request #40326 from nextcloud/enh/text-to-image-api 
Implement TextToImage OCP API
 2023-10-26 15:53:30 +02:00