upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-03 20:41:22 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 25
76735 commits 651 branches 1179 tags 8.1 GiB
Commit graph

391 commits

Author SHA1 Message Date
Daniel Kesselberg
af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +02:00
Julius Härtl
e4fa36e231
fix: Fix failing test for group listing 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-06 21:06:44 +02:00
Côme Chilliet
1e2155993d
chore(tests): Adapt tests to the group:list change 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-06 14:43:44 +02:00
Julius Härtl
6c1e896a03 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-22 22:32:34 +02:00
Benjamin Gaussorgues
e5275dbada feat: don't count failed CSRF as failed login attempt 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-11 09:27:33 +02:00
Daniel
e5a6698ec0
Merge pull request #45811 from nextcloud/add-test-for-profile-page-controller 
test: add tests for ProfilePageController
 2024-06-12 14:49:03 +02:00
Daniel Kesselberg
98eb190e04
test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 11:46:12 +02:00
skjnldsv
8bed23288b fix(files_sharing): dark avatar support 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 10:27:29 +02:00
Andy Scherzinger
1f7e2ba599
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-13 17:41:36 +02:00
Christoph Wurst
22dc27810e
fix(auth): Keep redirect URL during 2FA setup and challenge 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-04-19 10:24:26 +02:00
Côme Chilliet
ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +02:00
Ferdinand Thiessen
3fede00732
feat(login): Clear login form (password) after IDLE timeout 
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-03-25 12:22:53 +01:00
Eduardo Morales
685145714a chore: update logincontroller tests 
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
 2024-03-10 11:36:42 -05:00
Louis Chemineau
72f7b80153
Revert change in TwoFactorAuth CleanupTest.php 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-03-06 16:46:35 +01:00
Louis Chemineau
fcdc8b47f2 fix(files_versions): Improve files version listing 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-03-06 10:15:31 +01:00
Anupam Kumar
ce24923f4c
add generate-password option and flow fixes 
Signed-off-by: Anupam Kumar <kyteinsky@gmail.com>
 2024-02-24 04:56:52 +05:30
Anupam Kumar
a92c507cb6
new user password email option, improved on #29368 
Signed-off-by: Anupam Kumar <kyteinsky@gmail.com>
 2024-02-24 04:56:52 +05:30
Philip Gatzka
b587ec39f4
Enable adding E-Mail addresses to new user accounts using the CLI 
Signed-off-by: Philip Gatzka <philip.gatzka@mailbox.org>
 2024-02-24 04:56:52 +05:30
provokateurin
6243a9471d
feat(core): Add OCS endpoint for confirming the user password 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 14:28:00 +01:00
John Molakvoæ
4a509dfe8e
fix: phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +01:00
Maxence Lange
f7d0c74b10 lazy AppConfig 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-01-15 15:45:13 -01:00
Joas Schilling
2ee5c7a8f9
fix(tests): Fix remaining tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-09 15:58:02 +01:00
Louis Chemineau
db11313152
Fix tests after slow logout fix 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-01-08 19:09:48 +01:00
Gaspard d'Hautefeuille
85911cbab2 Cancel PR #37405, remove regression code 
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +01:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Ferdinand Thiessen
154a9989a7
Merge pull request #39852 from nextcloud/pragmaHeader 
Stop sending deprecated Pragma header
 2023-10-18 03:30:21 +02:00
Côme Chilliet
ee39a47e84
Fix Dynamic property timeFactory in ClientFlowLoginControllerTest 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-09 10:30:54 +02:00
Julien Veyssier
807f173dec
make oauth2 authorization code expire after 10 minutes 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Côme Chilliet
0c421975bd Remove last calls to deprecated at matcher in tests/Core 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-18 10:21:21 +02:00
Joas Schilling
6f520f2304
Merge pull request #40026 from lhsazevedo/auth-token-commands 
feat: Add auth token list and delete commands
 2023-08-29 08:57:07 +02:00
Joas Schilling
25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
Git'Fellow
066f6ef16c Stop sending deprecated Pragma header 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2023-08-28 15:11:22 +02:00
Lucas Azevedo
771a7b92cc Add tests for occ user:auth-tokens:delete 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 02:27:41 -03:00
John Molakvoæ
266fb31180
fix(tests): preview phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2023-08-17 18:58:21 +02:00
jld3103
1be836273d
core: Add OpenAPI spec 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-13 07:24:15 +02:00
Faraz Samapoor
fd0e2f711a Fixes testcase error. 
Signed-off-by: Faraz Samapoor <fsa@adlas.at>
 2023-06-24 23:14:23 +02:00
Joas Schilling
33385d7ecb
fix(tests): Adjust unit tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-15 16:12:14 +02:00
Ferdinand Thiessen
dc9d8c42bb fix: Adjust console formatter code to match with Symfony type hints 
Symfony has added type hints on the `OutputFormatterInterface`,
so we must adjust our type hints to match with Symfony.

Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
 2023-04-17 18:35:10 +02:00
Joshua Trees
a4032a3800 Add some tests for input trimming in LostController.php 
Signed-off-by: Joshua Trees <me@jtrees.io>
 2023-04-05 12:15:38 +02:00
Git'Fellow
346054f854
Fix tests 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2023-03-28 09:41:04 +02:00
Joas Schilling
59578817f5
Merge pull request #36489 from nextcloud/bugfix/noid/brute-force-protection-password-reset 
Add bruteforce protection to password reset page
 2023-02-06 22:12:25 +01:00
Joas Schilling
875e6cf7e6
fix(CI): Adjust expected result 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-06 11:26:38 +01:00
Christoph Wurst
88d116ba84
fix(client-login-flow): Handle missing stateToken gracefully 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-02-06 09:42:15 +01:00
Côme Chilliet
003cc2b45a
Fix tests failures (number of calls differed with last rebase) 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-24 09:38:20 +01:00
Carl Schwan
a23cd7b961
Fix a bunch of deprecation in the phpunit for core 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2023-01-24 09:34:09 +01:00
Joas Schilling
1c099c7f17
Fix broken user:setting command unit test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-23 07:01:22 +01:00
Côme Chilliet
f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +01:00
Christoph Wurst
20fcfb5739
feat(app framework)!: Inject services into controller methods 
Usually Nextcloud DI goes through constructor injection. This has the
implication that each instance of a class builds the full DI tree. That
is the injected services, their services, etc. Occasionally there is a
service that is only needed for one controller method. Then the DI tree
is build regardless if used or not.

If services are injected into the method, we only build the DI tree if
that method gets executed.

This is also how Laravel allows injection.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 14:00:38 +01:00
Christoph Wurst
f22101d421
Fix login loop if login CSRF fails and user is not logged in 
If CSRF fails but the user is logged in that they probably logged in in
another tab. This is fine. We can just redirect.
If CSRF fails and the user is also not logged in then something is
fishy. E.g. because Nextcloud contantly regenrates the session and the
CSRF token and the user is stuck in an endless login loop.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 09:39:17 +01:00
Christoph Wurst
138deec333
chore: Make the LoginController strict 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-12-15 10:52:28 +01:00