Stephan Orbaugh
fb9a073571
Merge pull request #61916 from nextcloud/carl/fetch-groups-optimization
...
feat: Fetch groups in batch in getUserGroups
2026-07-09 13:10:49 +02:00
Carl Schwan
30291ff591
feat: Fetch groups in batch in getUserGroups
...
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-07-09 11:23:54 +02:00
skjnldsv
84a8e5b1f2
fix(systemtags): remove duplicates, prevent and sanitize existing tags
...
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
Assisted-by: ClaudeCode:claude-opus-4-8
2026-07-08 12:16:50 +02:00
Stephen Cuppett
507c0a78f5
Merge pull request #60002 from cuppett/cuppett/migrate-appconfig-keys-to-bool
...
refactor(encryption): Migrate appconfig keys to typed bool IAppConfig with repair step
2026-07-07 11:06:57 -04:00
Andy Scherzinger
39d2dc253e
Merge pull request #61845 from nextcloud/fix/declarative-settings-delegation
...
fix(DeclarativeManager): Fix admin delegation
2026-07-07 15:57:26 +02:00
Kate
2eaad341b4
Merge pull request #61870 from nextcloud/kano-ocm-token-confinement
...
fix(auth): confine OCM access token to the masked share endpoint
2026-07-07 15:54:49 +02:00
Micke Nordin
db96073459
fix(auth): confine OCM access token to the masked share endpoint
...
Gate the temporary-token bearer auth behind an allowOcmAccessToken flag
that only the public, share-masked webdav endpoints set, and drop the
BearerAuth backend from the CalDAV/CardDAV entrypoints. The token is now
honored only on /public.php/webdav, where per-share masking applies.
Assisted-by: ClaudeCode:claude-fable-5
Signed-off-by: Micke Nordin <kano@sunet.se>
2026-07-07 13:56:32 +02:00
Ferdinand Thiessen
1479eba07b
test: fix HEIC tests
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2026-07-07 13:30:58 +02:00
Marcel Klehr
6d2a98a5d3
fix(DeclarativeManagerTest): Fix testAdminFormUserUnauthorized
...
Assisted-by: ClaudeCode:claude-opus-4-8
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2026-07-07 08:55:18 +02:00
provokateurin
fb17121065
refactor(files_sharing,Share20): Use Interaction API to apply restrictions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
65366c98ca
refactor(Share20\Manager): Rename generalChecks method and remove unused parameter
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
provokateurin
1838fb7e79
feat(OCP): Add Interaction API
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-07-07 08:19:15 +02:00
Stephen Cuppett
b86fa0d0df
fix(tests): Migrate EncryptionTrait and test files to typed IAppConfig
...
Update EncryptionTrait, EncryptionMasterKeyUploadTest, EncryptionUploadTest,
and EncryptedSizePropagationTest to use typed IAppConfig::setValueBool/
getValueBool for encryption_enabled and useMasterKey, preventing
AppConfigTypeConflictException when the keys are stored as BOOL type.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
7637213b03
fix(tests): Update tests/lib/Encryption/ManagerTest.php
...
Update to annotation from docblock comment
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
ee6f177b43
refactor(encryption): Drop RetypeEncryptionConfigKeys repair step
...
The IAppConfig API converts stored values to bool on read (getValueBool)
and re-stamps the type on write (setValueBool), so legacy string-typed
encryption config keys migrate lazily without an explicit repair step.
Per PR review feedback, drop the repair step, its test, and the related
AppConfigTypeConflictException fallback in Encryption\Manager::isEnabled
that only existed to bridge the now-unneeded migration window.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Stephen Cuppett
1b2b4cb660
refactor(encryption): Migrate appconfig keys to typed bool IAppConfig with repair step
...
Switch all encryption config reads/writes from deprecated string-typed IConfig to
bool-typed IAppConfig (getValueBool/setValueBool). Adds RetypeEncryptionConfigKeys
repair step to retype existing string values to bool on upgrade. Includes lazy
IAppConfig resolution in Manager and AppConfigTypeConflictException fallbacks
throughout for safety during the upgrade window.
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Signed-off-by: Stephen Cuppett <steve@cuppett.com>
2026-07-04 08:19:10 -04:00
Kostiantyn Miakshyn
ae3434579b
feat: Add support for NOT ILIKE in query builder expressions
...
Signed-off-by: Kostiantyn Miakshyn <molodchick@gmail.com>
2026-07-03 10:53:55 +03:00
Joas Schilling
8659690509
test: Don't fail due to deprecations from guzzlehttp 7.12
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2026-07-02 13:57:17 +02:00
Carl Schwan
da0928827a
refactor: Expose a public exception when no user is found
...
And use this new exception everywhere outside of where the old one was
throw.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-30 21:56:10 +02:00
Kate
599500d8f1
Merge pull request #61493 from nextcloud/carl/addStorageWrapper
...
feat: Make it possible to add a storage wrapper using public APIs
2026-06-30 15:15:20 +02:00
Carl Schwan
b6a23f0268
refactor: Call IStorageFactory::addStorageFactory directly
...
Remove call to deprecated Filesystem api and allow to reuse instead of
the mounts points between addStorageFactory.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-23 15:49:09 +02:00
Carl Schwan
e76d290b67
Merge pull request #61440 from nextcloud/carl/findIn-mount-point
...
perf(View): don't sort twice the same array
2026-06-23 14:00:21 +02:00
Carl Schwan
e6b5f763a4
perf: Avoid sorting an already sorted array
...
Improve performance a bit as this is in the hotpath and take ~2s in
prod.
Signed-off-by: Carl Schwan <carlschwan@kde.org>
2026-06-23 13:11:42 +02:00
Carl Schwan
a213e6bb1d
Merge pull request #61011 from nextcloud/carl/cleanup-preview
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix(preview): First cleanup from filecache and then from preview table
2026-06-23 11:08:57 +02:00
Côme Chilliet
32f8ff2445
fix: Remove uses of deprecated service string names
...
Use the class/interface name instead to avoid logging.
This was breaking in some cases as logging would trigger a deprecation
warning, resulting in an infinite loop.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-22 11:19:00 +02:00
Enrique Pérez Arnaud
3616212ba2
feat(files_sharing): store and refresh OCM access tokens for external shares
...
Co-authored-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
2026-06-17 11:01:16 +02:00
Enrique Pérez Arnaud
4d56c74ba7
feat(ocm): advertise exchange-token capability and token endpoint
...
Co-authored-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
2026-06-17 11:01:14 +02:00
Enrique Pérez Arnaud
ac2f9816a6
feat(auth): support permanent OCM refresh tokens and bearer login
...
Co-authored-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Micke Nordin <kano@sunet.se>
Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>
2026-06-17 10:44:51 +02:00
Andy Scherzinger
9af6fe9500
Merge pull request #61053 from bygadd/fix/taskprocessing-worker-atomic-claim
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
fix(taskprocessing): claim tasks atomically so parallel workers don't duplicate
2026-06-17 10:21:33 +02:00
Andy Scherzinger
c409abfc63
Merge pull request #61322 from nextcloud/fix/improve-password-confirmation-middleware
...
fix: Do not set last-password-confirm for apptoken sessions
2026-06-16 19:49:28 +02:00
Côme Chilliet
f7f9a47ceb
fix: Do not set last-password-confirm for apptoken sessions
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-16 11:59:13 +02:00
Micke Nordin
64a23d457f
test(ocm): Add tests for deduplication of resourceTypes
...
Also update 3rdparty
Assisted-by: ClaudeCode:claude-fable-5
Signed-off-by: Micke Nordin <kano@sunet.se>
2026-06-16 11:30:24 +02:00
Joas Schilling
45a4c10612
Merge pull request #61275 from nextcloud/jtr/test-S3-testFileSizes
...
CodeQL Advanced / Analyze (actions) (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
Psalm static code analysis / changes (push) Waiting to run
Psalm static code analysis / static-code-analysis (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-security (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ocp (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-ncu (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-strict (push) Blocked by required conditions
Psalm static code analysis / static-code-analysis-summary (push) Blocked by required conditions
test(s3): fix flaky EOF check and remove PHP 8.5 skip
2026-06-15 17:38:59 +02:00
Yoan Bozhilov
022531b997
fix(taskprocessing): guard lockTask on scheduled, record started_at, Oracle fallback
...
Address review feedback (@marcelklehr, Copilot):
- lockTask claims only SCHEDULED tasks (was status != RUNNING) and stamps
started_at in the same atomic UPDATE, so a finished task cannot be re-claimed
and the external-provider claim path records started_at as well.
- claimWithBoundedRetry re-reads after lockTask instead of a follow-up UPDATE.
- Oracle joins SQLite on the bounded-retry fallback: Oracle cannot combine a
row-limiting clause with FOR UPDATE (ORA-02014), which failed the claim tests
on Oracle CI.
- Reword the worker docblock/comments to "prefer oldest available" (parallel
SKIP LOCKED does not guarantee a strict global order).
- Add a regression test that lockTask does not resurrect a finished task.
Signed-off-by: Yoan Bozhilov <bygadd@gmail.com>
Assisted-by: Claude Code:claude-opus-4-8
2026-06-15 16:37:34 +02:00
Yoan Bozhilov
0799454a1f
fix(taskprocessing): claim tasks atomically with SKIP LOCKED + composite index
...
Replace the worker retry/ignore-list claim-loop with a single atomic
SELECT ... FOR UPDATE SKIP LOCKED claim (SQLite bounded-retry fallback),
preserving the no-duplicate guarantee while removing the thundering-herd
contention that throttled backlog draining. Add a (status,type,last_updated)
index via the table-creating migration + db:add-missing-indices listener.
Signed-off-by: Yoan Bozhilov <bygadd@gmail.com>
Assisted-by: Claude Code:claude-opus-4-8
2026-06-15 16:37:34 +02:00
Côme Chilliet
088dba3c20
chore: Fix CreateSessionTokenCommandTest and add test for ephemeral session
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-15 15:28:38 +02:00
Josh
384e21b824
test(s3): drop unnecessarily added fclose
...
Signed-off-by: Josh <josh.t.richards@gmail.com>
2026-06-13 10:21:26 -04:00
Josh
ba4924b331
test(s3): make testFileSizes EOF assertion more robust
...
Signed-off-by: Josh <josh.t.richards@gmail.com>
2026-06-13 10:01:52 -04:00
Benjamin Gaussorgues
28d32d8fff
feat(snowflake): allows to generate Snowflake IDs matching a timestamp
...
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2026-06-12 13:53:10 +02:00
Benjamin Gaussorgues
60ce92a697
feat(utils): add getter for serverid with proper default
...
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2026-06-12 13:53:10 +02:00
provokateurin
3ee06f338c
ci(PHP): Only test against highest and lowest supported PHP versions
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2026-06-11 20:04:56 +02:00
Louis
da706223e4
Merge pull request #61140 from nextcloud/fix/fix-deprecations-in-tests
...
Fix deprecations in tests
2026-06-11 14:48:10 +02:00
Carl Schwan
c882abff2e
Merge pull request #60957 from nextcloud/carl/simplify-di-init
...
refactor(server): Register alias when needed
2026-06-11 13:57:35 +02:00
Louis
996fcfe443
Merge pull request #57216 from Roszakos/2fa-stateless-provider-interface
...
feat (2fa): Add IStatelessProvider interface
2026-06-11 11:01:23 +02:00
Daphne Muller
69af641e34
Merge pull request #60500 from nextcloud/enh/noid/taskprocessing-streaming
...
On behalf of Julien
2026-06-11 10:22:33 +02:00
Côme Chilliet
d8a6ab54e7
chore(tests): Use /dev/shm as a tempdirectory
...
Should fix tests in phpunit-32bits
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-11 09:45:33 +02:00
Côme Chilliet
a8f21da1f7
fix: Fix data directory permission check and its test
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-11 09:45:32 +02:00
Côme Chilliet
9fe62b6338
chore(tests): Speed up TARTest by compressing a smaller folder
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2026-06-11 09:45:32 +02:00
Côme Chilliet
d881bca11f
chore(tests): Adapt tests to IUser strict typing
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2026-06-11 09:45:31 +02:00
Côme Chilliet
a51886569e
chore: Pass correct type for alias in QueryBuilderTest
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2026-06-11 09:45:31 +02:00