Stephan Orbaugh
fb9a073571
Merge pull request #61916 from nextcloud/carl/fetch-groups-optimization
...
feat: Fetch groups in batch in getUserGroups
2026-07-09 13:10:49 +02:00
Carl Schwan
30291ff591
feat: Fetch groups in batch in getUserGroups
...
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-07-09 11:23:54 +02:00
Ferdinand Thiessen
08b04d9ac5
Merge pull request #61658 from nextcloud/fix/files-node-name
...
fix(files): proper accessible row name and title for overflow
2026-07-09 01:51:38 +02:00
Ferdinand Thiessen
bca2c7f229
fix(files): proper accessible row name and title for overflow
...
- resolves https://github.com/nextcloud/server/issues/59203
- resolves https://github.com/nextcloud/server/issues/56611
In the files list before this the accessible name of the button (default
action) was overridden to the default action display name.
But this causes problem for screen readers because then the whole table
row is just called "view" or "download" instead of using the inner text
(e.g. "filename.txt").
This fixes it to rename it `ACTION: FILENAME` instead.
Also when long names were truncated there were no useful title (tooltip)
for it, so it was not possible to get the real name.
This is fixed by always provide a proper tooltip including the full
name.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-08 21:33:47 +02:00
skjnldsv
84a8e5b1f2
fix(systemtags): remove duplicates, prevent and sanitize existing tags
...
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
Assisted-by: ClaudeCode:claude-opus-4-8
2026-07-08 12:16:50 +02:00
Andy Scherzinger
a256d7eecc
Merge pull request #61615 from nextcloud/fix/lostpassword-throttle-reset-form
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix(core): Throttle lost-password reset form when link is disabled
2026-07-07 18:56:24 +02:00
Andy Scherzinger
65736e5598
Merge pull request #61686 from nextcloud/bug-dont-throttle-csrf
...
fix(bruteforce): Don't throttle requests with failing CSRF
2026-07-07 18:34:31 +02:00
Stephen Cuppett
507c0a78f5
Merge pull request #60002 from cuppett/cuppett/migrate-appconfig-keys-to-bool
...
refactor(encryption): Migrate appconfig keys to typed bool IAppConfig with repair step
2026-07-07 11:06:57 -04:00
Daniel Kesselberg
58b21c0709
fix(bruteforce): Don't throttle requests with failing CSRF
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2026-07-07 17:02:08 +02:00
nfebe
f9e274dfe3
fix(core): Throttle lost-password reset form when link is disabled
...
When password reset links were disabled, the reset form did not rate-limit
failed token attempts, leaving that endpoint open to unthrottled token
guessing. Failed attempts on the form are now always throttled, consistent
with the other reset steps.
Signed-off-by: nfebe <fenn25.fn@gmail.com>
2026-07-07 16:53:02 +02:00
Andy Scherzinger
39d2dc253e
Merge pull request #61845 from nextcloud/fix/declarative-settings-delegation
...
fix(DeclarativeManager): Fix admin delegation
2026-07-07 15:57:26 +02:00
Kate
2eaad341b4
Merge pull request #61870 from nextcloud/kano-ocm-token-confinement
...
fix(auth): confine OCM access token to the masked share endpoint
2026-07-07 15:54:49 +02:00
Kate
bc162c7706
Merge pull request #61858 from nextcloud/test/heic
...
test: fix HEIC tests
2026-07-07 15:10:08 +02:00
Micke Nordin
db96073459
fix(auth): confine OCM access token to the masked share endpoint
...
Gate the temporary-token bearer auth behind an allowOcmAccessToken flag
that only the public, share-masked webdav endpoints set, and drop the
BearerAuth backend from the CalDAV/CardDAV entrypoints. The token is now
honored only on /public.php/webdav, where per-share masking applies.
Assisted-by: ClaudeCode:claude-fable-5
Signed-off-by: Micke Nordin <kano@sunet.se>
2026-07-07 13:56:32 +02:00
Stephan Orbaugh
7c41ebcd80
Merge pull request #61751 from nextcloud/test/files-pw
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
test(files): migrate end-to-end tests to PlayWright
2026-07-07 13:49:26 +02:00
Ferdinand Thiessen
1479eba07b
test: fix HEIC tests
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-07 13:30:58 +02:00
Marcel Klehr
6d2a98a5d3
fix(DeclarativeManagerTest): Fix testAdminFormUserUnauthorized
...
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2026-07-07 08:55:18 +02:00
provokateurin
fb17121065
refactor(files_sharing,Share20): Use Interaction API to apply restrictions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
65366c98ca
refactor(Share20\Manager): Rename generalChecks method and remove unused parameter
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
6cfda6849c
feat(Interaction): Implement all existing restrictions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
1838fb7e79
feat(OCP): Add Interaction API
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
Ferdinand Thiessen
d2e9b78e2c
test(files): migrate end-to-end tests to PlayWright
...
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-06 18:22:10 +02:00
Stephen Cuppett
b86fa0d0df
fix(tests): Migrate EncryptionTrait and test files to typed IAppConfig
...
Update EncryptionTrait, EncryptionMasterKeyUploadTest, EncryptionUploadTest,
and EncryptedSizePropagationTest to use typed IAppConfig::setValueBool/
getValueBool for encryption_enabled and useMasterKey, preventing
AppConfigTypeConflictException when the keys are stored as BOOL type.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
7637213b03
fix(tests): Update tests/lib/Encryption/ManagerTest.php
...
Update to annotation from docblock comment
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
ee6f177b43
refactor(encryption): Drop RetypeEncryptionConfigKeys repair step
...
The IAppConfig API converts stored values to bool on read (getValueBool)
and re-stamps the type on write (setValueBool), so legacy string-typed
encryption config keys migrate lazily without an explicit repair step.
Per PR review feedback, drop the repair step, its test, and the related
AppConfigTypeConflictException fallback in Encryption\Manager::isEnabled
that only existed to bridge the now-unneeded migration window.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
1b2b4cb660
refactor(encryption): Migrate appconfig keys to typed bool IAppConfig with repair step
...
Switch all encryption config reads/writes from deprecated string-typed IConfig to
bool-typed IAppConfig (getValueBool/setValueBool). Adds RetypeEncryptionConfigKeys
repair step to retype existing string values to bool on upgrade. Includes lazy
IAppConfig resolution in Manager and AppConfigTypeConflictException fallbacks
throughout for safety during the upgrade window.
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Cristian Scheid
1f1928df94
feat: add frontend test for custom custom background selection from file picker
...
Signed-off-by: Cristian Scheid <cristianscheid@gmail.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
2026-07-03 14:57:53 +00:00
Kostiantyn Miakshyn
ae3434579b
feat: Add support for NOT ILIKE in query builder expressions
...
Signed-off-by: Kostiantyn Miakshyn <molodchick@gmail.com>
2026-07-03 10:53:55 +03:00
Ferdinand Thiessen
6c6aab514a
test: stablize playwright tests
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-02 22:49:15 +02:00
Ferdinand Thiessen
519c475138
test(files_external): migrate end-to-end tests to PlayWright
...
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-02 21:44:35 +02:00
Joas Schilling
8659690509
test: Don't fail due to deprecations from guzzlehttp 7.12
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2026-07-02 13:57:17 +02:00
Carl Schwan
da0928827a
refactor: Expose a public exception when no user is found
...
And use this new exception everywhere outside of where the old one was
throw.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-30 21:56:10 +02:00
Kate
599500d8f1
Merge pull request #61493 from nextcloud/carl/addStorageWrapper
...
feat: Make it possible to add a storage wrapper using public APIs
2026-06-30 15:15:20 +02:00
Joas Schilling
6a739c0ad2
Merge pull request #61608 from nextcloud/bugfix/noid/decrypt-sensitive-values
...
fix(config): Decrypt sensitive appconfigs when requested
2026-06-29 18:47:54 +02:00
Ferdinand Thiessen
fb18576244
refactor(tests): cleanup PlayWright tests
...
reuse fixtures where possible to deduplicate logic.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-27 18:41:21 +02:00
Joas Schilling
c94bea0a1b
fix(config): Decrypt sensitive appconfigs when requested
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2026-06-26 13:20:46 +02:00
Ferdinand Thiessen
2ccab88ef7
Merge pull request #61147 from brlin-tw/add-tsv-support
...
fix(mimetype): Add TSV support in mimetype aliases, mapping, and names
2026-06-25 13:13:48 +02:00
Ferdinand Thiessen
5fa2c42862
chore(tests): adjust PlayWright tests to follow ESLint rules
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-24 13:16:04 +02:00
Ferdinand Thiessen
f95f3e7895
test(settings): migrate personal settings tests to PlayWright
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-23 18:30:14 +02:00
Ferdinand Thiessen
b842cbb364
test: fix useless waiting for app config cache
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-23 18:30:14 +02:00
Ferdinand Thiessen
b245d2dcc9
test(settings): migrate end-to-end tests to PlayWright
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-23 18:30:14 +02:00
Carl Schwan
b6a23f0268
refactor: Call IStorageFactory::addStorageFactory directly
...
Remove call to deprecated Filesystem api and allow to reuse instead of
the mounts points between addStorageFactory.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-23 15:49:09 +02:00
Carl Schwan
e76d290b67
Merge pull request #61440 from nextcloud/carl/findIn-mount-point
...
perf(View): don't sort twice the same array
2026-06-23 14:00:21 +02:00
Carl Schwan
e6b5f763a4
perf: Avoid sorting an already sorted array
...
Improve performance a bit as this is in the hotpath and take ~2s in
prod.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-23 13:11:42 +02:00
Carl Schwan
a213e6bb1d
Merge pull request #61011 from nextcloud/carl/cleanup-preview
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix(preview): First cleanup from filecache and then from preview table
2026-06-23 11:08:57 +02:00
Ferdinand Thiessen
a430a14019
chore: adjust code to comply with ESLint rules
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-06-22 21:40:38 +02:00
Peter Ringelmann
c02772761f
test(files_trashbin): migrate trashbin e2e from Cypress to Playwright
...
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-06-22 20:45:25 +02:00
Carl Schwan
09aea6312b
fix(preview): Don't abort cleanup of previews too early
...
If we don't find previews in the filecache, this is now normal. Don't
abort and instead delete previews from the new preview table instead.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-22 16:35:33 +02:00
Côme Chilliet
32f8ff2445
fix: Remove uses of deprecated service string names
...
Use the class/interface name instead to avoid logging.
This was breaking in some cases as logging would trigger a deprecation
warning, resulting in an infinite loop.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-22 11:19:00 +02:00
Carl Schwan
f1d26355ce
fix(tests): Fix tests for mimetypes
...
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-21 22:00:27 +02:00