upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-04-28 01:28:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 31
76442 commits 889 branches 1198 tags 6.6 GiB
Commit graph

917 commits

Author SHA1 Message Date
Daniel Kesselberg
af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +02:00
Ferdinand Thiessen
2916e5df7e
feat: Provide CSP nonce as <meta> element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:32:44 +02:00
Ferdinand Thiessen
0563757ea4 fix(SetupCheck): Properly check public access to data directory 
When checking for public (web) access to the data directory the status is not enough
as you might have a webserver that forwards to e.g. a login page.
So instead check that the content of the file matches.

For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content
to allow checking.

¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-08 22:08:42 +02:00
John Molakvoæ
8a5bc4778b
Merge pull request #38364 from joshtrichards/jr-preview-libgd-webp-animation-bypass 2024-08-06 17:56:14 +02:00
Ferdinand Thiessen
9716b0d735 refactor: Migrate some legacy and core functions to IFilenameValidator 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-19 19:41:46 +02:00
John Molakvoæ
d237fd0e78
Merge pull request #46342 from nextcloud/fix-getimagesize 2024-07-16 21:47:35 +02:00
Ferdinand Thiessen
f4ede27cdb
refactor: Remove deprecated Util function for filename validation to FilenameValidator 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-16 12:49:10 +02:00
Josh Richards
c0e1503ce1 fix(previews): Stop returning true when getimagesize() fails 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2024-07-15 21:06:49 -04:00
Daniel Kesselberg
6983310ec0 docs: correct return type for findAppInDirectories 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-07-11 23:13:08 +02:00
Arthur Schiwon
895ed634af
fix(Token): add FILESYSTEM scope with SCOPE_SKIP_PASSWORD_VALIDATION 
The scope design requires scopes to be either not specified, or
specified explicitely. Therefore, when setting the
skip-password-validation scope for user authentication from mechanisms
like SAML, we also have to set the filesystem scope, otherwise they will
lack access to the filesystem.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-24 13:51:15 +02:00
Robin Appelman
957a00b9de chore: remove chunking-v1 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-06-19 16:57:42 +02:00
Julius Härtl
ea9f2361ae
perf: Avoid reusing previous migration steps 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-06-18 11:55:08 +02:00
Arthur Schiwon
98b5cdc43d
Merge pull request #43942 from nextcloud/fix/43612/avoid-pwd-confirm-sso 
fix(Session): avoid password confirmation on SSO
 2024-06-07 11:25:36 +02:00
Arthur Schiwon
f6d6efef3a
refactor(Token): introduce scope constants 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:14 +02:00
Arthur Schiwon
340939e688
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +02:00
John Molakvoæ
7f745a1ed0
Merge branch 'master' into refactor/OC-Server-getSecureRandom 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 19:13:53 +02:00
John Molakvoæ
4d9199fb88
Merge branch 'master' into refactor/OC-Server-getL10NFactory 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 17:52:14 +02:00
John Molakvoæ
258bb03cf5
Merge branch 'master' into refactor/OC-Server-getSecureRandom 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 14:24:22 +02:00
John Molakvoæ
91227c908b
Merge branch 'master' into refactor/OC-Server-getHTTPClientService 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 14:21:45 +02:00
John Molakvoæ
99af78cd66
Merge branch 'master' into refactor/OC-Server-getL10NFactory 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-05-30 14:19:51 +02:00
Josh Richards
046fe8d404
fix(previews): Don't crash on animated WEBP images 
Fixes #30029 and #37263

libgd handles animated WEBP images poorly and generates a meaningless error message as a result. We were returning a 500 error for these preview requests (web) and a fatal error at the command-line (occ). Now we bypass libgd if the we detect an animated WEBP image (and simply don't generate the preview). No more 500 error. Should fix occ too.

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-05-30 07:48:17 +02:00
Andy Scherzinger
dae7c159f7
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +02:00
Ferdinand Thiessen
538a04968a
fix(tests): Adjust theming test for new splitted background and primary colors 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-05-21 20:36:26 +02:00
Ferdinand Thiessen
8028784976
fix: cleanup theming app code 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-05-21 20:36:26 +02:00
Côme Chilliet
a9f7131575
fix: Move OC_EventSource to OC namespace 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-05-16 17:28:54 +02:00
Simon L.
620d10c842 feat(exception-template): allow to link to specific documentation for how to retreive server log 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2024-05-14 15:37:38 +02:00
provokateurin
ce53a7ad81
fix(OC_Image): Set correct return type for exif_imagetype stub 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-06 13:34:27 +02:00
Côme Chilliet
ed4603c5aa
fix: Fix small psalm errors in legacy 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-30 09:38:47 +02:00
Côme Chilliet
5d1ca7e25a
fix: Drop workarounds for unsupported obsolete PHP versions 
Also improved error handling in Installer.php to be type safe.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-22 16:55:42 +02:00
Côme Chilliet
644036ab4e
fix: Migrate away from OC_App toward the IAppManager 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-22 12:14:58 +02:00
Côme Chilliet
6d7ff2e85a
fix: Fix typing issues related to resource migration 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-09 10:48:27 +02:00
Côme Chilliet
ab6afe0111 fix: Fix new psalm errors from update 
Not sure about the SimpleContainer modification, let’s see what CI says
 about that.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-08 11:29:09 +02:00
Côme Chilliet
ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +02:00
Richard Steinmetz
e9c0d0e67f
fix(preview): webp preview format 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-03-26 09:58:36 +01:00
Joas Schilling
497528e45e
fix(logging): Restore the option to log with debug level 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-03-22 01:05:26 +01:00
Julius Härtl
e330efe5a0
fix: Implement option to temporarily set the user session 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-19 13:48:23 +01:00
John Molakvoæ
27defd7e51
Merge pull request #40127 from summersab/refactor/OC-Server-getTwoFactorAuthManager 2024-03-15 15:05:33 +01:00
Andrew Summers
0047789580 Refactor OC\Server::getTwoFactorAuthManager 
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>
 2024-03-15 13:12:51 +01:00
John Molakvoæ
3f560ae940
Merge branch 'master' into refactor/OC-Server-getRootFolder 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-03-15 13:01:10 +01:00
Côme Chilliet
7033967115
Merge pull request #43996 from nextcloud/feat/store-last-known-quota-usage 
feat: Store last known quota usage for a user
 2024-03-07 10:29:04 +01:00
Côme Chilliet
29a648ab73
fix: Avoid calling setUserValue on null user id 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-03-06 18:36:08 +01:00
Côme Chilliet
80191906b3 feat: Store last known quota usage for a user 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-03-06 12:15:03 +01:00
Côme Chilliet
ead574ba7f fix: Remove calls to deprecated OC_JSON::encode 
to_string was useless because L10N string is json serializable now and
serialize to string correctly. Removed all external calls to
OC_JSON::encode to ease removing the rest of it later.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-03-06 10:42:21 +01:00
Ferdinand Thiessen
27642d3e6d fix: Enforce forbidden filename characters on backend 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-02-28 22:19:25 +01:00
John Molakvoæ
b080113fdd
Merge branch 'master' into fix/42480/user-admin-not-admin 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-02-24 19:31:22 +01:00
Richard Steinmetz
f2e6abadbf
feat: theme error page 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-02-24 18:28:28 +01:00
Julius Härtl
efc3d76e43 feat: Print early exceptions in debug mode instead of plain error pages 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-02-23 15:57:20 +01:00
Arthur Schiwon
c98b0462e3 fix(admin role): fix old and wrong way to determine whether user is admin 
- fixes Settings knowing who is an admin of non-local group backend groups
- obsoletes and removes a little old, deprecated code
- double checks proper parameter type on Group\Manager::isAdmin
- also fixes legacy OC_User code to check whether user is an admin

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-02-19 18:57:22 +01:00
Vincent Petry
839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +01:00
Côme Chilliet
cf6a0e0833
chore: Deprecate OC_App::loadApps and add missing return type in Server 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-08 14:34:01 +01:00