upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-23 18:05:02 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 15
74593 commits 675 branches 1186 tags 6.7 GiB
Commit graph

527 commits

Author SHA1 Message Date
Arthur Schiwon
fc584b7874
fix(Token): make new scope future compatible 
- "password-unconfirmable" is the effective name for 30, but a draft
  name was backported.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 11:05:43 +02:00
Arthur Schiwon
f0494ec17a fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-11 20:19:18 +02:00
Maxence Lange
f1612d4eb9 fix(appconfig): only convert single entry on searchValues() 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-04-17 15:12:22 +00:00
Côme Chilliet
0b332ceac2 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-04 11:45:22 +02:00
Florian Klinger
f3a4abd98c
fix: add check for app_api_system session flag to bypass rate limit 
Signed-off-by: Florian Klinger <florian.klinger@nextcloud.com>
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2024-03-18 20:09:15 +02:00
John Molakvoæ
bbb7955cad
Merge branch 'master' into refactor/OC-Server-getThemingDefaults 2024-03-15 13:12:32 +01:00
Andrey Borysenko
865fd3ba08
fix: add missing copyrights and strict types 
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2024-03-12 18:14:40 +02:00
jld3103
4ac2375ca2
feat: Add declarative settings 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2024-03-12 13:56:54 +02:00
Julius Härtl
b8c5bff673
fix: Adjust user agent pattern for Edge 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-08 12:11:46 +01:00
Julius Härtl
c7813bfdaf
feat: Implement team provider api 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-05 08:13:58 +01:00
John Molakvoæ
b5357f7d12
Merge branch 'master' into refactor/OC-Server-getThemingDefaults 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-02-23 15:47:17 +01:00
Klaus
747aeded9d fix xml ocs response for serializable objects 
Signed-off-by: sualko <klaus@jsxc.org>
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-02-23 14:49:22 +01:00
provokateurin
66e7056c5e
fix(Routing): Only use lowercase names for registering and matching routes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-21 12:07:50 +01:00
Joas Schilling
9f38aabc06
Merge pull request #43552 from nextcloud/bugfix/noid/rfc7239-compatible-proxy-handling 
fix(request): Handle reverse proxy setting a port in Forwarded-For
 2024-02-15 15:29:47 +01:00
Joas Schilling
696ed4a125
fix(CS): Fix coding style 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-02-14 15:38:15 +01:00
Vincent Petry
839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +01:00
Joas Schilling
c4684089a8
fix(request): Fix regex handling and coding-style 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-02-13 16:51:13 +01:00
Mikael Peigney
ffcadf25d4
fix(request): Handle reverse proxy setting a port in Forwarded-For 
Signed-off-by: Mikael Peigney <Mika56@users.noreply.github.com>
 2024-02-13 16:51:13 +01:00
Anna Larch
6434ce96c9 Add timezone getter to ITimeFactory 
Signed-off-by: Anna Larch <anna@nextcloud.com>
 2024-02-13 13:29:06 +01:00
Git'Fellow
786894f15c Fix typo in var 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2024-02-09 14:41:26 +01:00
Côme Chilliet
f73f966c98 chore: Add missing ArrayAccess template parameters 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 10:24:41 +01:00
Maxence Lange
e1d7328bb2 adding test 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-01-31 21:13:32 -01:00
Maxence Lange
51fa22dc26 fix psalm 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-01-31 21:13:32 -01:00
Maxence Lange
86835ee899 sync with new OCP\IAppConfig 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-01-31 21:13:32 -01:00
Ferdinand Thiessen
85978593fe
Merge pull request #42794 from nextcloud/fix/invalid-trusted-proxies 
fix(Request): Catch exceptions in `isTrustedProxy`
 2024-01-29 16:19:51 +01:00
Pavel Kryl
30ad530814 code style: ommited space, reverted [code review] 2024-01-27 15:11:26 +01:00
Pavel Kryl
446ecbc454 fixing bug #6914: Config Param 'overwritecondaddr' not working 
- just ignoring/removing extra parameter 'protocol' as suggested by
  blizzz

Signed-off-by: Pavel Kryl <pavel@kryl.eu>
 2024-01-27 15:11:26 +01:00
Ferdinand Thiessen
7620d230df
fix(Request): Catch exceptions in isTrustedProxy 
The function fails if the configured trusted proxies contain invalid characters and the underlying IpUtils will throw.
But as it is used by `getRemoteAddress` which is used by logging / templating, thrown errors are not reported but silently fail with error 500.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-01-27 14:59:51 +01:00
Joas Schilling
ce583cb67b
techdebt(Middleware): Add more specific array types so its clickable in IDEs 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-30 12:27:08 +01:00
Joas Schilling
f6b6776c93
fix(API): Use a distinct exception so apps can react to it and customize the return 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-28 06:11:57 +01:00
Arthur Schiwon
3fa43a529b
enh(dispatcher): enforce psalm ranges in the http dispatcher 
- allows devs to provide int ranges for API arguments

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-11-24 12:46:38 +01:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Joas Schilling
2fa78f6245
Reverse X-Forwarded-For list to read the correct proxy remote address 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-16 07:45:19 +01:00
Christoph Wurst
78842348b2
feat(dependencyinjection): Allow optional (nullable) services 
Allows working with classes that might or might not be available.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-03 11:53:43 +01:00
Joas Schilling
2b7f78fc2e
Merge pull request #40326 from nextcloud/enh/text-to-image-api 
Implement TextToImage OCP API
 2023-10-26 15:53:30 +02:00
Carl Schwan
eb1d612d96
Add api to register setup checks 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2023-10-19 11:43:58 +02:00
Marcel Klehr
c8cab9d2fd Implement TextToImage OCP API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +02:00
Joas Schilling
356c2219bc
Merge pull request #40865 from nextcloud/bugfix/noid/fix-version-comment 
Fix version number in ITimeFactory after it was delayed
 2023-10-16 08:01:09 +02:00
Joas Schilling
a8ae09c544
fix(docs): Fix parameter types in docs 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-13 11:02:42 +02:00
Joas Schilling
0a4fbaddc7
Fix version number in ITimeFactory after it was delayed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-11 12:14:41 +02:00
Alexander Piskun
0b8a3b578d fixed Drone test 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-06 13:46:37 +03:00
Alexander Piskun
f16c9f42c6 added CORS skip if session was created by AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-10-02 11:08:21 +03:00
Hamid Dehnavi
ea06cf2f39 Convert isset ternary to null coalescing operator 
Signed-off-by: Hamid Dehnavi <hamid.dev.pro@gmail.com>
 2023-09-28 17:44:19 +03:30
Côme Chilliet
f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +02:00
Christoph Wurst
e477bb7eaf
feat(appframework): Expose programmatic rate limiter 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-09-20 20:25:27 +02:00
Andrew Summers
ce74bdcda2
Refactor OC\Server::getThemingDefaults 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2023-08-29 21:33:17 -05:00
Joas Schilling
25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
Joas Schilling
381c35080d
fix(middleware): Fix header injection for bruteforce middleware 
Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons
So shifting back to old standard practise for now

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-22 16:00:39 +02:00
Joas Schilling
2f06f2355d
feat: Add a header which signals that the request was throttled 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-21 16:36:04 +02:00
Robin Appelman
ccf57e0715 add separate event for rendering login page template 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-08-17 10:57:56 +02:00