Carl Schwan [Thu, 7 Oct 2021 09:50:33 +0000 (11:50 +0200)]
Fix permissions when copying from ObjectStorage
Make sure that when a user copy a file from a directory they don't have
all permissions to a directory where they have more permissions, the
permissions are correctly set to the one from the parent taget folder.
This was caused by the ObjectStoreStorage::copyFromStorage using
the jailed storage and cache entry instead of the unjailed one like other
storages (the local one).
Steps to reproduce
+ Use object storage
+ Create a groupfolder with one group having full permission and another one
who can just read files.
+ With an user who is in the second group, copy a file from the groupfolder to
the home folder of this user.
+ The file in the home folder of the user will be read only and can't be deleted
even though it is in their home folder and they are the owner. In oc_filecache,
the permissions stored for this file are 1 (READ)
Jonas Meurer [Thu, 8 Jul 2021 16:26:27 +0000 (18:26 +0200)]
Respect user enumeration settings in user status lists
So far, the functions to find user statuses listed didn't respect user
enumeration settings (`shareapi_allow_share_dialog_user_enumeration`
and `shareapi_restrict_user_enumeration_to_group` core app settings).
Fix this privacy issue by returning an empty list in case
`shareapi_allow_share_dialog_user_enumeration` is unset or
`shareapi_restrict_user_enumeration_to_group` is set.
In the long run, we might want to return users from common groups if
`shareapi_restrict_user_enumeration_to_group` is set. It's complicated
to implement this in a way that scales, though. See the discussion at
https://github.com/nextcloud/server/pull/27879#pullrequestreview-753655308
for details.
Also, don't register the user_status dashboard widget at all if
`shareapi_allow_share_dialog_user_enumeration` is unset or
`shareapi_restrict_user_enumeration_to_group` is set.
Fixes: #27122 Signed-off-by: Jonas Meurer <jonas@freesources.org>
Fix "Federated" scope not shown when the lookup server is disabled
When the lookup server is disabled the address books can still be
exchanged between trusted servers. Therefore the user should be able to
set the "Federated" scope in that case.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
dependabot[bot] [Sat, 23 Oct 2021 02:11:35 +0000 (02:11 +0000)]
Update behat/behat requirement in /build/integration
Updates the requirements on [behat/behat](https://github.com/Behat/Behat) to permit the latest version.
- [Release notes](https://github.com/Behat/Behat/releases)
- [Changelog](https://github.com/Behat/Behat/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Behat/Behat/compare/v3.8.0...v3.9.0)
Christoph Wurst [Fri, 22 Oct 2021 08:41:27 +0000 (10:41 +0200)]
Make the route name error more helpful
As a developer I have no clue what "Invalid route name" means. If the
exception gives me a hint I might find it easier to figure out why my
route triggers this error.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
For local users it's possible to select their calendar via the principal url and first update their own attendance status.
External users have no calendar event hence the recipient is the organizer.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Christoph Wurst [Thu, 21 Oct 2021 12:12:36 +0000 (14:12 +0200)]
Prevent duplicate auth token activity updates
The auth token activity logic works as follows
* Read auth token
* Compare last activity time stamp to current time
* Update auth token activity if it's older than x seconds
This works fine in isolation but with concurrency that means that
occasionally the same token is read simultaneously by two processes and
both of these processes will trigger an update of the same row.
Affectively the second update doesn't add much value. It might set the
time stamp to the exact same time stamp or one a few seconds later. But
the last activity is no precise science, we don't need this accuracy.
This patch changes the UPDATE query to include the expected value in a
comparison with the current data. This results in an affected row when
the data in the DB still has an old time stamp, but won't affect a row
if the time stamp is (nearly) up to date.
This is a micro optimization and will possibly not show any significant
performance improvement. Yet in setups with a DB cluster it means that
the write node has to send fewer changes to the read nodes due to the
lower number of actual changes.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Carl Schwan [Thu, 21 Oct 2021 14:57:07 +0000 (16:57 +0200)]
Fix security issues when copying groupfolder with advanced ACL
Using advanced ACL, it is possible that an user has access to a
directory but not to a subdirectory, so the copying use
Common::copyFromStorage instead of Local::copyFromStorage.
Carl Schwan [Mon, 18 Oct 2021 10:57:40 +0000 (12:57 +0200)]
Fix cliping issues in alternative logging buttons
The issues was caused because the button with its margins was bigger
than the parent. Instead of setting the margin of the button, add
padding to the parent. This is more reliable.
Fix bug introduced on drag and drop external files
Drag and drop of external (OS filesystem) to subdirectories in the browser would fail on specific cases, mainly when the subdirectory was no longer off the root folder.
This seemed to have been an issue introduced with the subdirectory free space calculation [here](https://github.com/nextcloud/server/commit/f9536b08096ed1c80391af36d33a18198be1fced) and it seems to fail for any subdirectory that doesn't belong to the root folder.
I couldn't find any reference on scenarios or quota management that would suggest when a subdirectory's free space would be different to the parent's free space, other than when on the root folder, where subdirectories can be external mounts.
As such, if my understanding is correct (please review), this calculation can - and should - be made by getting the free space from the first subdirectory in the total path, which caters for all subdirectory scenarios.
Please advise, happy to help improve this.
Co-authored-by: John Molakvoæ <skjnldsv@users.noreply.github.com> Signed-off-by: pjft <pjft@users.noreply.github.com>