]>
source.dussan.org Git - nextcloud-server.git/log
Thomas Citharel [Thu, 4 Jun 2020 09:31:09 +0000 (11:31 +0200)]
Use \OC::$CLI instead of PHP_SAPI
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Thomas Citharel [Fri, 10 Apr 2020 16:05:43 +0000 (18:05 +0200)]
Fix password reset saying Admin changed my password when reset from
login page
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Roeland Jago Douma [Thu, 4 Jun 2020 08:59:26 +0000 (10:59 +0200)]
Merge pull request #21201 from nextcloud/backport/21181/stable18
[stable18] Do not only catch Exceptions but any Throwable during rmt share delete
Roeland Jago Douma [Thu, 4 Jun 2020 06:26:16 +0000 (08:26 +0200)]
Merge pull request #21184 from nextcloud/version/18.0.5/final
18.0.5
Nextcloud bot [Thu, 4 Jun 2020 02:16:35 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Christoph Wurst [Tue, 2 Jun 2020 07:21:09 +0000 (09:21 +0200)]
Do not only catch Exceptions but any Throwable during rmt share delete
When a remote share is deleted, we notify the remove instance. This may
trigger various error conditions, which we want to catch in order to
avoid undeletable shares. The try-catch, however, did only capture
exceptions, so things like TypeErrors were not caught and caused the
process to fail hard.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Nextcloud bot [Wed, 3 Jun 2020 02:16:28 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Tue, 2 Jun 2020 07:31:16 +0000 (09:31 +0200)]
18.0.5
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Nextcloud bot [Tue, 2 Jun 2020 02:16:11 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Mon, 1 Jun 2020 02:16:10 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 31 May 2020 02:16:28 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 30 May 2020 02:16:15 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Fri, 29 May 2020 19:36:10 +0000 (21:36 +0200)]
Merge pull request #21159 from nextcloud/revert-21152-backport/21143/stable18
Revert "[stable18] Fix password changes in link and mail shares"
Morris Jobke [Fri, 29 May 2020 19:35:57 +0000 (21:35 +0200)]
Revert "[stable18] Fix password changes in link and mail shares"
Morris Jobke [Fri, 29 May 2020 19:34:52 +0000 (21:34 +0200)]
Merge pull request #21152 from nextcloud/backport/21143/stable18
[stable18] Fix password changes in link and mail shares
Daniel Calviño Sánchez [Thu, 28 May 2020 18:53:36 +0000 (20:53 +0200)]
Add integration tests for video verification
Enabling the "send password by Talk" property of shares require that
Talk is installed and enabled, so the Drone step that runs them has to
first clone the Talk repository.
When the integration tests are run on a local development instance,
however, it is not guaranteed that Talk is installed. Due to this the
"@Talk" tag was added, which ensures that any feature or scenario marked
with it will first check if Talk is installed and, if not, skip the
scenario (instead of failing).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:52:11 +0000 (20:52 +0200)]
Add integration tests for creating and updating a mail share
In most cases, when a mail share is created or updated an e-mail is sent
to the sharee, which is done by connecting to the SMTP server set in the
configuration. If the server can not be contacted then the creation or
update of the mail share fails.
To make possible to test mail shares without using a real SMTP server a
fake one has been added. The original script, which is MIT licensed, was
based on inetd, so it was slightly modified to run on its own.
In order to use it from the integration tests the "Given dummy mail
server is listening" step has to be called in the scenarios in which the
mail server is needed.
For now that is the only available step; things like checking the sent
mails, while possible (as the script can log the mails to certain file),
have not been added yet.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:50:02 +0000 (20:50 +0200)]
Generalize integration test steps to download last share
Note that the "last link share can be downloaded" step was kept as it
tests the "url" property specific of link shares.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:46:33 +0000 (20:46 +0200)]
Remove unused variables
The step names were adjusted accordingly.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:40:33 +0000 (20:40 +0200)]
Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).
However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".
Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:37:18 +0000 (20:37 +0200)]
Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:29:28 +0000 (20:29 +0200)]
Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:27:33 +0000 (20:27 +0200)]
Fix creating a mail share with a password
When a mail share was created with a password the given password was not
hashed, so it was not possible to open the share with that password.
Moreover, if passwords were enforced the given password was ignored and
a new one was set (although in this case it was hashed so it worked as
expected). Now the given password is properly hashed and not overriden.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Daniel Calviño Sánchez [Thu, 28 May 2020 18:26:00 +0000 (20:26 +0200)]
Extend mail shares unit tests to check the password and mail template
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Nextcloud bot [Fri, 29 May 2020 02:16:39 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Thu, 28 May 2020 14:38:01 +0000 (16:38 +0200)]
Merge pull request #21061 from nextcloud/version/18.0.5/RC1
18.0.5 RC1
Roeland Jago Douma [Thu, 28 May 2020 14:37:28 +0000 (16:37 +0200)]
Merge pull request #21109 from nextcloud/backport/19793/stable18
[stable18] Fix resharing of federated shares that were created out of links
Christoph Wurst [Thu, 28 May 2020 07:20:03 +0000 (09:20 +0200)]
Merge pull request #21127 from nextcloud/fix/make-translation-sanitization-optional-stable18
[stable18] Make the translation sanitization optional
Roeland Jago Douma [Thu, 28 May 2020 06:17:01 +0000 (08:17 +0200)]
Merge pull request #21132 from nextcloud/backport/20933/stable18
[stable18] Move the password confirmation form template to post
Nextcloud bot [Thu, 28 May 2020 02:16:48 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Mon, 11 May 2020 19:18:38 +0000 (21:18 +0200)]
Move the password confirmation form template to post
I know we use JS for this. But it triggers some false positives on
testing.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Christoph Wurst [Thu, 14 May 2020 13:37:50 +0000 (15:37 +0200)]
Fix devices & sessions sanitization
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Christoph Wurst [Thu, 14 May 2020 13:03:45 +0000 (15:03 +0200)]
Make the translation sanitization optional
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
blizzz [Wed, 27 May 2020 08:18:58 +0000 (10:18 +0200)]
Merge pull request #21115 from nextcloud/backport/21106/stable18
[stable18] use the loginname to verify the old password in user password changes
Nextcloud bot [Wed, 27 May 2020 02:16:21 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Arthur Schiwon [Mon, 25 May 2020 21:00:00 +0000 (23:00 +0200)]
use the loginname to verify the old password in user password changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Roeland Jago Douma [Tue, 26 May 2020 09:44:15 +0000 (11:44 +0200)]
Merge pull request #21096 from nextcloud/backport/21090/stable18
[stable18] Do not read certificate bundle from data dir by default
John Molakvoæ (skjnldsv) [Wed, 29 Apr 2020 14:43:39 +0000 (16:43 +0200)]
Fix federated link sharing permissions
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
Julius Härtl [Fri, 15 May 2020 06:19:31 +0000 (08:19 +0200)]
Fix share update test
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Roeland Jago Douma [Wed, 6 May 2020 19:49:26 +0000 (21:49 +0200)]
Update public link share permission code
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma [Wed, 6 May 2020 19:39:49 +0000 (21:39 +0200)]
Have share permissions on link shares if it is enabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Julius Härtl [Thu, 23 Apr 2020 14:22:48 +0000 (16:22 +0200)]
Adjust integration tests to new permissions
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Thu, 9 Apr 2020 09:36:49 +0000 (11:36 +0200)]
Remove unneeded test since links have resharing permissions by default
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Thu, 5 Mar 2020 13:56:31 +0000 (14:56 +0100)]
Link shares have reshare permission if outgoing federated shares are enabled
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Julius Härtl [Thu, 5 Mar 2020 13:56:04 +0000 (14:56 +0100)]
Set proper share type when converting link shares to federated shares
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Nextcloud bot [Tue, 26 May 2020 02:16:13 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Mon, 25 May 2020 19:31:36 +0000 (21:31 +0200)]
Merge pull request #20881 from nextcloud/backport/20841/stable18
[stable18] add locking to resolve concurent move to trashbin conflicts
Morris Jobke [Mon, 25 May 2020 13:03:52 +0000 (15:03 +0200)]
Do not read certificate bundle from data dir by default
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.
This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke [Mon, 25 May 2020 11:38:04 +0000 (13:38 +0200)]
Merge pull request #20965 from nextcloud/backport/20033/stable18
[stable18] Enable fseek for files in S3 storage
Nextcloud bot [Mon, 25 May 2020 02:16:31 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 24 May 2020 02:16:04 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 23 May 2020 02:16:31 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Robin Appelman [Thu, 9 Apr 2020 12:37:01 +0000 (14:37 +0200)]
harden seekable http stream a bit against failures
Signed-off-by: Robin Appelman <robin@icewind.nl>
Nextcloud bot [Fri, 22 May 2020 02:17:31 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Thu, 21 May 2020 07:36:46 +0000 (09:36 +0200)]
18.0.5 RC1
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Nextcloud bot [Thu, 21 May 2020 02:17:37 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
Robin Appelman [Wed, 1 Apr 2020 16:48:40 +0000 (18:48 +0200)]
update autoloader
Signed-off-by: Robin Appelman <robin@icewind.nl>
Robin Appelman [Thu, 19 Mar 2020 14:28:02 +0000 (15:28 +0100)]
add basic tests for s3 seeking and add some error handling if reopen return the wrong range
Signed-off-by: Robin Appelman <robin@icewind.nl>
Robin Appelman [Thu, 19 Mar 2020 13:32:25 +0000 (14:32 +0100)]
make seekable s3 stream generic
Signed-off-by: Robin Appelman <robin@icewind.nl>
Lukas Stabe [Wed, 22 Jan 2020 08:45:41 +0000 (09:45 +0100)]
Enable fseek for files in S3 storage
Signed-off-by: Lukas Stabe <lukas@stabe.de>
Morris Jobke [Wed, 20 May 2020 11:23:39 +0000 (13:23 +0200)]
Merge pull request #21053 from nextcloud/backport/21050/stable18
[stable18] Caching and compression for app store requests
Morris Jobke [Tue, 19 May 2020 21:04:51 +0000 (23:04 +0200)]
Compress the appstore requests by default
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Morris Jobke [Tue, 19 May 2020 21:04:25 +0000 (23:04 +0200)]
Cache appstore requests for 60 instead of 5 minutes
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Nextcloud bot [Wed, 20 May 2020 02:16:38 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Tue, 19 May 2020 09:58:59 +0000 (11:58 +0200)]
Merge pull request #21030 from nextcloud/backport/21003/stable18
[stable18] Remove entries from locales.json incompatible with punic
Nextcloud bot [Tue, 19 May 2020 02:17:20 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Mon, 18 May 2020 10:30:13 +0000 (12:30 +0200)]
Merge pull request #20996 from nextcloud/backport/20629/stable18
[stable18] Don't load text file preview when text app is available (Fixes: #20615)
Daniel Kesselberg [Sat, 16 May 2020 21:21:22 +0000 (23:21 +0200)]
Remove entries from locales.json incompatible with punic
As reported at https://github.com/nextcloud/server/issues/20999 the list contains en_US_POSIX as locale but punic is unable to parse such a locale. If you select that locale everyone is confused.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Morris Jobke [Mon, 18 May 2020 09:52:12 +0000 (11:52 +0200)]
Merge pull request #20994 from nextcloud/backport/19540/stable18
[stable18] Fix issues with Keystone auth v3 in files_external app
Morris Jobke [Mon, 18 May 2020 09:03:54 +0000 (11:03 +0200)]
Merge pull request #20992 from nextcloud/backport/20941/stable18
[stable18] update icewind/smb to 3.2.4
Nextcloud bot [Mon, 18 May 2020 02:16:32 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 17 May 2020 02:17:08 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sat, 16 May 2020 02:17:24 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
Jonas Meurer [Thu, 23 Apr 2020 11:45:10 +0000 (13:45 +0200)]
Don't load text file preview when text app is available (Fixes: #20615)
When opening a shared text document, the files_sharing app uses
internal preview support in case no other app to open the text file is
available.
So far, it only checks for the old files_texteditor app, not for the new
new text app. This commit fixes this by checking for both.
Signed-off-by: Jonas Meurer <jonas@freesources.org>
Robin Appelman [Tue, 12 May 2020 12:39:08 +0000 (14:39 +0200)]
update icewind/smb to 3.2.4
Signed-off-by: Robin Appelman <robin@icewind.nl>
Julien Lutran [Wed, 19 Feb 2020 10:23:51 +0000 (11:23 +0100)]
Fix issues with Keystone auth v3 in files_external app
Signed-off-by: Julien Lutran <julien.lutran@corp.ovh.com>
Roeland Jago Douma [Fri, 15 May 2020 06:18:49 +0000 (08:18 +0200)]
Merge pull request #20955 from nextcloud/httpcache-18
[stable18] Proxy server could cache http response when it is not private
Roeland Jago Douma [Fri, 15 May 2020 06:12:14 +0000 (08:12 +0200)]
Merge pull request #20975 from nextcloud/dependabot/npm_and_yarn/build/stable18/handlebars-4.6.0
[Security] Bump handlebars from 4.5.3 to 4.6.0 in /build
Nextcloud bot [Fri, 15 May 2020 02:17:29 +0000 (02:17 +0000)]
[tx-robot] updated from transifex
dependabot-preview[bot] [Thu, 14 May 2020 12:56:41 +0000 (12:56 +0000)]
[Security] Bump handlebars from 4.5.3 to 4.6.0 in /build
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.6.0. **This update includes a security fix.**
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.6.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Nextcloud bot [Thu, 14 May 2020 02:16:48 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Clement Wong [Tue, 12 May 2020 09:49:20 +0000 (11:49 +0200)]
Fix http cache test
Signed-off-by: Clement Wong <git@clement.hk>
Clement Wong [Sun, 10 May 2020 09:06:56 +0000 (11:06 +0200)]
Proxy server could cache http response when it is not private
Signed-off-by: Clement Wong <git@clement.hk>
Nextcloud bot [Wed, 13 May 2020 02:16:36 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Morris Jobke [Tue, 12 May 2020 19:05:58 +0000 (21:05 +0200)]
Merge pull request #20574 from nextcloud/backport/16035/stable18
[stable18] dont show remote and email options if we have an exact match for local user email
Robin Appelman [Fri, 21 Jun 2019 13:38:19 +0000 (15:38 +0200)]
dont show remote and email options if we have an exact match for local user email
Signed-off-by: Robin Appelman <robin@icewind.nl>
Morris Jobke [Tue, 12 May 2020 12:21:37 +0000 (14:21 +0200)]
Merge pull request #20802 from nextcloud/backport/19124/stable18
[stable18] Exclude groups from sharing: Skip delete groups
Roeland Jago Douma [Tue, 12 May 2020 11:41:09 +0000 (13:41 +0200)]
Merge pull request #20877 from nextcloud/backport/20719/stable18
[stable18] Fix languages empty array
Nextcloud bot [Tue, 12 May 2020 02:16:21 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Mon, 11 May 2020 19:00:28 +0000 (21:00 +0200)]
Merge pull request #20924 from nextcloud/backport/20915/stable18
[stable18] Use random_bytes
Roeland Jago Douma [Mon, 11 May 2020 14:43:47 +0000 (16:43 +0200)]
Merge pull request #20774 from nextcloud/backport/19743/stable18
[stable18] dont try to update storage mtime if we can't get the mtime
GretaD [Wed, 29 Apr 2020 12:42:07 +0000 (14:42 +0200)]
Fix languages empty array
Signed-off-by: GretaD <gretadoci@gmail.com>
Roeland Jago Douma [Mon, 11 May 2020 08:31:46 +0000 (10:31 +0200)]
Use random_bytes
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Roeland Jago Douma [Mon, 11 May 2020 11:14:17 +0000 (13:14 +0200)]
Merge pull request #20747 from nextcloud/backport/20718/stable18
[stable18] Add a wrapper to fall back to the share owner on public shares
Nextcloud bot [Mon, 11 May 2020 02:16:21 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Nextcloud bot [Sun, 10 May 2020 02:16:11 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Roeland Jago Douma [Sat, 9 May 2020 07:53:14 +0000 (09:53 +0200)]
Merge pull request #20886 from nextcloud/backport/20853/stable18
[stable18] Fix color-text-maxcontrast not passing WCAG AA
Nextcloud bot [Sat, 9 May 2020 02:16:46 +0000 (02:16 +0000)]
[tx-robot] updated from transifex
Jan-Christoph Borchardt [Thu, 7 May 2020 08:36:22 +0000 (10:36 +0200)]
Fix color-text-maxcontrast not passing WCAG AA
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
Robin Appelman [Wed, 6 May 2020 13:32:44 +0000 (15:32 +0200)]
add locking to resolve concurent move to trashbin conflicts
uses a lock to prevent two requests from moving a file to the trashbin concurrently
(causing sql duplicate key errors)
Signed-off-by: Robin Appelman <robin@icewind.nl>