Mirrors/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2024-08-30 05:55:15 +02:00
Code Issues Actions 28 Packages Projects Releases Wiki Activity
58,228 Commits 403 Branches 1,025 Tags 5.5 GiB
4ed296db9f
Commit Graph

11148 Commits

Author SHA1 Message Date
Joas Schilling
521bb30541
Throw "401 Unauthenticated" when authentication is provided but invalid 
E.g. with an AppToken that has been revoked

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-04-22 15:28:43 +02:00
Morris Jobke
393309b98f
Merge pull request #25714 from nextcloud/fix/23197/explicitly_check_hex2bin_input 
Explicitly check hex2bin input
 2021-04-22 13:23:39 +02:00
Robin Appelman
effb7dc8ba
set mimetype for objects uploaded to object storages 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-04-21 15:25:58 +02:00
Roeland Jago Douma
a34085e1a2 Move 2fa backupscode to new registration 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-04-20 21:01:16 +02:00
Roeland Jago Douma
5ee9e1f784 Move 2FA registration to IBootstrap 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-04-20 21:01:16 +02:00
Roeland Jago Douma
46872e3921
Merge pull request #26617 from nextcloud/fix/oracle-column-check-unrelated-migrations 
Do not check Oracle column constraints in unrelated migrations
 2021-04-20 20:49:06 +02:00
Roeland Jago Douma
f31d24dd7a
Merge pull request #26647 from nextcloud/bugfix/noid/empty-filename 
Fail when creating new files with an empty path
 2021-04-20 20:47:16 +02:00
Arthur Schiwon
f8d1ee5cfa
ignore mail shares of related remote share results 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-04-20 14:02:35 +02:00
Julius Härtl
8398762d78
Fail when creating new files with an empty path 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-04-20 11:20:20 +02:00
Christoph Wurst
2ab8268128
Do not check Oracle column constraints in unrelated migrations 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-04-19 13:05:34 +02:00
Roeland Jago Douma
808e589035 Allow registering NotifierServices trough IBootstrap 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-04-16 13:56:28 +02:00
Vincent Petry
af61486aea
Separate settings for remote share expiration 
Added separate settings for default and enforced expiration date for
remote shares.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-04-15 10:06:09 +02:00
Vincent Petry
8680bafc5c
Implement expiration date for federated shares 
Add expiration date field in UI.
Save expiration date when creating or updating federated share.
Read expiration date from DB in federated share provider.
Applies to both federated user and group shares.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-04-15 10:02:00 +02:00
Roeland Jago Douma
f031dd61c1
Merge pull request #26551 from nextcloud/fix/noid/redis-exists-bool 
ensure redis returns bool for hasKey
 2021-04-14 13:37:23 +02:00
Arthur Schiwon
9f5480eef4
ensure redis returns bool for hasKey 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-04-13 23:07:54 +02:00
J0WI
74a7c2eefc Use correct getSystemValue type 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-04-12 22:54:50 +02:00
Roeland Jago Douma
789bb0d0ac
Merge pull request #26266 from nextcloud/future-proof-networking 
Improve networking checks
 2021-04-12 12:42:33 +02:00
Roeland Jago Douma
2bedbc1793
Merge pull request #26439 from nextcloud/increase-subnet-matcher 
Increase subnet matcher
 2021-04-08 14:48:27 +02:00
Lukas Reschke
2befac662c Limit size of properties to 2048 characters 
It is unreasonable to expect that one of these fields would be longer
than 2048 characters. Whilst some have definitely lower limits (such as
for phone numbers or domain names), a upper bound as sanity check makes
sense.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-08 11:55:51 +02:00
Lukas Reschke
e5a4236e68 Increase subnet matcher 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-07 12:28:59 +00:00
Lukas Reschke
4b4971ab52
Merge pull request #24966 from nextcloud/jknockaert-patch-1 
avoid fread on directories and unencrypted files
 2021-04-06 13:45:10 +02:00
Lukas Reschke
5fe1f134f9 Strictify null check 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-06 11:39:24 +00:00
Lukas Reschke
5f3abffe6f Improve networking checks 
Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-04-06 11:37:47 +00:00
Morris Jobke
5fb909faa5
Merge pull request #24055 from nextcloud/bugfix/noid/enfore-no-notnull-for-boolean-to-store-false 
Enforce no notnull for boolean to store false
 2021-04-01 18:30:26 +02:00
Julius Härtl
6fd571461c
Properly handle creating the template directory in a subfolder (fixes #25787) 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-04-01 13:48:21 +02:00
Julius Härtl
37591f05dc
Get the parent directory before creating a file from a template 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-04-01 13:48:21 +02:00
Julius Härtl
bbc64cfabc
Merge pull request #26394 from nextcloud/feature/noid/updatable-account-data 
Allow apps to write/update account data
 2021-04-01 08:05:54 +02:00
Robin Appelman
65b78515bd
make ILDAPProviderFactory usable when there is no ldap setup 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-03-31 15:23:33 +02:00
Joas Schilling
fcedbc85d0
Allow apps to write/update account data 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-31 15:18:25 +02:00
Joas Schilling
f9d4fa2d38
Rename the method to match what it does 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-31 10:21:18 +02:00
Joas Schilling
3696ef5b96
Don't allow Notnull for boolean columns 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-31 10:21:17 +02:00
Joas Schilling
133a6f4fe4
Document the constraints we test against 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-31 10:21:17 +02:00
Joas Schilling
c98cab137c
Fix exception messages spacing 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-31 10:21:10 +02:00
kesselb
2212a67fbc
Merge pull request #25961 from nextcloud/enh/events/2fa_provider 
Add real events for enabled 2fa providers for users
 2021-03-30 23:13:36 +02:00
Roeland Jago Douma
f3738eeff7
Merge pull request #25280 from nextcloud/explicit-file-permissions 
Set umask before operations that create local files
 2021-03-30 21:55:50 +02:00
Roeland Jago Douma
7c30d1aa2d
Merge pull request #26219 from nextcloud/relative-path-null 
getRelativePath can return null
 2021-03-30 21:10:05 +02:00
Arthur Schiwon
be3ae9a44b
gracefully handle deleteFromSelf when share is already gone 
- handling race conditions

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-03-30 12:59:40 +02:00
Joas Schilling
602de272c0
Merge pull request #26243 from nextcloud/enh/noid/avatar-privacy-new-scope 
Avatar privacy and new scope
 2021-03-29 09:01:12 +02:00
Robin Appelman
c8736e7a23
fix return value of Root::get 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-03-26 21:29:24 +01:00
Vincent Petry
cc54f718f5
Add known user check in avatar when v2-private scope 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:10 +01:00
Vincent Petry
bb008be28a
Added PlaceholderAvatar with own cached images 
When avatar scope is private, the PlaceholderAvatar is used to deliver a
placeholder avatar based on the user's initials.

This was implemented as a separate class for now to avoid messing with
the existing UserAvatar implementation and its generated vs
non-generated logic.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:09 +01:00
Vincent Petry
b73df5846c
Add property scope tests for AccountManager 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:09 +01:00
Vincent Petry
266a6fb5f8
OCS allow reading and writing account property scopes 
Extends the provisioning API to allow a user to get and set their own
account property scopes.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:08 +01:00
Vincent Petry
278a73789e
Map old account scope properties to new names 
Use new scope values in settings page.
Adjust all consumers to use the new constants.
Map old scope values to new ones in account property getter.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:08 +01:00
Vincent Petry
b81a1c1bdb
Add new v2-private account scope 
Added new v2-private account manager scope that restricts the scope
further by excluding public link access.

Avatars with v2-private account scope are now showing the guest avatar
instead of the real avatar.

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-26 13:07:05 +01:00
Morris Jobke
81fef4ddee
Log when a storage is marked as unavailable 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-03-25 16:19:08 +01:00
Roeland Jago Douma
f97491eb8f
Merge pull request #26285 from nextcloud/techdebt/noid/cleanup-update-events 
Remove event listener to udpate events that are not present anymore
 2021-03-25 11:12:34 +01:00
Morris Jobke
ad16b19ec7
Merge pull request #21484 from nextcloud/better-forbidden-path-errors 
show better error messages when a file with a forbidden path is encountered
 2021-03-25 09:15:52 +01:00
Morris Jobke
3388758d04
Remove event listener to udpate events that are not present anymore 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-03-25 09:01:09 +01:00
Roeland Jago Douma
c15172bc4e
Merge pull request #21641 from nextcloud/techdebt/noid/bye-bye-database-xml 
Bye bye database xml
 2021-03-25 08:58:07 +01:00