upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25
87518 commits 985 branches 1211 tags 9.7 GiB
Commit graph

672 commits

Author SHA1 Message Date
Ferdinand Thiessen
1c23feae3d
refactor: migrate usage of OC_App to AppManager 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2026-05-13 14:01:49 +02:00
Carl Schwan
e21b7d1121 feat: Add generate session token to CsrfTokenManager 
Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-05-12 18:24:12 +02:00
Carl Schwan
279bface8e refactor: Delete deprecated code from OC_Util 
Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-05-12 18:24:12 +02:00
Carl Schwan
32bc6f54d3 refactor: Replace old Utils::callRegister with new API 
Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-05-12 18:24:12 +02:00
Kate
ac15544703
Merge pull request #60299 from nextcloud/fix/remove-iservercontainer-from-core-apps 
Chore: Remove references to deprecated interface IServerContainer
 2026-05-12 07:48:58 +02:00
Côme Chilliet
9680004b58
chore: Remove almost all uses of deprecated IServerContainer in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-05-11 16:22:22 +02:00
Côme Chilliet
bdfe8ed77e fix: Add proper methods in IAppManager for namespace handling 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-05-11 14:53:29 +02:00
Ferdinand Thiessen
5b756ad8bc refactor: split appstore from settings 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2026-05-05 10:41:04 +02:00
Ferdinand Thiessen
e0ba4d71b6
chore: add missing Override attribute to OC 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2026-04-28 21:29:27 +02:00
Carl Schwan
dfadafc3c3
Merge pull request #59627 from nextcloud/carl/alternative-login-provider 
feat(auth): Add IAlternativeLoginProvider
 2026-04-15 01:53:33 +02:00
Carl Schwan
f4cae8c222
feat(auth): Add IAlternativeLoginProvider 
IAlternativeLogin has a fatal flaw in that it is not possible to
register multiple alternative login dynamically but only statically.

IAlternativeLoginProvider fixes this limitation as the provider can then
provider multiple IAlternativeLogin.

Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-04-14 20:21:58 +02:00
Joas Schilling
7ed9191493
fix(controller): Add default range to $limit parameter 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-04-13 14:45:32 +02:00
Benjamin Gaussorgues
1b504bf4ec
Merge pull request #58863 from nextcloud/fix/annotation-attributes-fix 2026-03-18 08:46:31 +01:00
Joas Schilling
5f80f26799
chore: Fix SPDX header 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-03-16 08:38:16 +01:00
David Dreschner
2bb9524c84
fix: Remove deprecated RFC7231 constant to avoid warnings on PHP 8.5 
Signed-off-by: David Dreschner <david.dreschner@nextcloud.com>
 2026-03-13 10:43:38 +01:00
Kate
c8380b1b62
Merge pull request #58869 from nextcloud/fix/pwd-confirmation 2026-03-12 09:54:15 +01:00
Ferdinand Thiessen
9b54b06de5
fix(SecurityMiddleware): return header to distinguish error type 
Currently we return a 403 (Forbidden) when the password confirmation
failed - which itself seems to be inappropriate as its basically a login
failing so a 401 (not authorized) is more appropriate.

This is especially a problem because APIs might return 403 internally
for good reason (e.g. user missing permission) but 401 would not be a
problem.

But as this is a breaking change so my solution to be able to
distinguish API error from password confirmation error is:

Add a header inside the response that marks failed password confirmation
`X-NC-Auth-NotConfirmed`.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2026-03-11 15:11:29 +01:00
Côme Chilliet
91334643dc
fix(tests): Adapt Middleware tests to API change 
Removed a few tests rendered obsolete by the refactoring.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-03-11 14:27:45 +01:00
Côme Chilliet
447ee17759
fix: Remove code duplication by using the new method 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-03-11 11:36:01 +01:00
Côme Chilliet
520878338f
fix: Move hasAnnotationOrAttribute to the reflector 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-03-11 11:16:26 +01:00
Raphael Gradenwitz
3e78bf662d
Merge pull request #58648 from nextcloud/feat/add-files-sharing-raw-to-rootUrlApps 
feat(routing): add files_sharing_raw to rootUrlApps
 2026-03-10 15:31:02 +01:00
Anna Larch
cbe8e4d90f fix: add fallback to raw path info 
Follow up to https://github.com/nextcloud/server/pull/56843

The raw path info method has no fallback for an empty array parameter

Signed-off-by: Anna Larch <anna@nextcloud.com>
 2026-03-09 22:22:08 +01:00
nextcloud-command
663018455e refactor: Apply rector changes 
Signed-off-by: GitHub <noreply@github.com>
 2026-03-01 14:43:11 +00:00
ernolf
b24663db93
feat(routing): add files_sharing_raw to rootUrlApps 
- Registers the files_sharing_raw app as a root-URL app so that its routes are served under /raw/{token} and /rss instead of the default /apps/files_sharing_raw/... prefix.
  This is required for the files_sharing_raw app to generate correct canonical raw URLs via PublicUrlBuilder.

Signed-off-by: ernolf <raphael.gradenwitz@googlemail.com>
 2026-02-28 20:30:19 +01:00
provokateurin
9dc1d6372f
fix(IContainer): Fix parameter and return types 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-16 10:45:13 +01:00
Kate
b80816dfb7
Merge pull request #58098 from nextcloud/fix/appframework/types-phpstan 
fix(AppFramework): Adjust types so PHPStan understands them
 2026-02-12 14:00:47 +01:00
provokateurin
5c47ce9b40
fix(SimpleContainer): Adjust return type for PHPStan 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-11 11:42:37 +01:00
provokateurin
e8d4d435ed
fix(IRegistrationContext): Use SimpleContainer in registerService factory 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-11 11:42:37 +01:00
provokateurin
97c09753c3
fix(AppFramework): Adjust types so PHPStan understands them 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-09 14:08:42 +01:00
provokateurin
f12cecb684
feat(rector): Enable SafeDeclareStrictTypesRector 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-09 10:59:31 +01:00
Carl Schwan
65e769a861
refactor: Apply comments 
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2026-02-06 13:50:46 +01:00
Carl Schwan
7b6078875b
refactor: Run rector on lib/private 
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2026-02-06 13:50:18 +01:00
Carl Schwan
f81475445d
refactor: Move hasAnnotationOrAttribute to MiddlewareUtils 
Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-01-28 21:48:16 +01:00
Carl Schwan
6408ed0b51
feat(AppFramework): Add missing NoSameSiteCookieRequired attribute 
Allow to replace the old annotation.

Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2026-01-28 21:48:16 +01:00
Carl Schwan
b040fb1c73
feat(AppFramework): Add missing NoTwoFactorRequired attribute 
It's in our documentation but was never implemented.

Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2026-01-28 21:48:16 +01:00
Maxence Lange
6af64a5495 feat(ocm): event on ocm discovery and ocm request 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2026-01-07 17:54:26 -01:00
Joas Schilling
f2e2e4ea21
fix(controller): Support native int ranges 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2026-01-07 17:36:57 +01:00
Christoph Wurst
8a581c230b refactor: improve reflection attribute typing 
This allows tools to see the correct usage of
PasswordConfirmationRequired::getStrict

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-12-04 17:37:47 +01:00
Côme Chilliet
cb80ec7ebb
feat(log): Add script name and occ command to log details 
This will help when troubleshooting issues. For web request we have
 method and url, but for cron and occ currently we have no way to know if
 it’s one or the other and which command.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-12-04 15:04:59 +01:00
Stephan Orbaugh
2d0c5cf627
Merge pull request #56218 from nextcloud/feat/di/abort-infinite-loop 
feat(DI): Abort querying if infinite loop is detected
 2025-11-13 16:15:49 +01:00
Kate
e5f50dafcb
Merge pull request #55620 from nextcloud/fix/appframework/check-reponder-existence 2025-11-12 11:46:08 +01:00
provokateurin
f720925b06
fix(AppFramework): Check for responder existence 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-11-12 09:39:53 +01:00
Joas Schilling
2b9083ab29
feat(rate-limit): Allow overwriting the rate limit 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-11-12 08:59:40 +01:00
Louis Chmn
ed4a1708f2 feat(EphemeralSessions): Introduce lax period 
Signed-off-by: Louis Chmn <louis@chmn.me>
 2025-11-05 16:08:13 +01:00
provokateurin
3dbf848ee9
feat(DI): Abort querying if infinite loop is detected 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-11-05 12:21:19 +01:00
Carl Schwan
336cc3fa35 feat(Db): Use SnowflakeId for previews 
Allow to get an id for the storing the preview on disk before inserting
the preview on the DB.

Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2025-10-28 17:50:03 +01:00
Maxence Lange
9209540db5 feat(route): globalsiteselector as root url generator 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2025-10-13 09:19:20 -01:00
Côme Chilliet
d51efd9735
fix: Do not try to create lazy ghosts for PHP internal classes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-09-28 14:35:49 +02:00
Thomas Citharel
7bf8e9699c
fix(http): handle getHttpProtocol being unset in $_SERVER['SERVER_PROTOCOL'] if called from occ 
Due to the profiler app loading HttpDataCollector when running occ.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2025-09-21 18:06:33 +02:00
provokateurin
9473f47c0d fix(Dispatcher): Catch TypeErrors and turn them into bad request responses 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-09-05 00:49:23 +02:00