diff options
| author | Robin Appelman <icewind@owncloud.com> | 2014-02-20 16:55:18 +0100 |
|---|---|---|
| committer | Robin Appelman <icewind@owncloud.com> | 2014-02-20 16:55:18 +0100 |
| commit | 0624476aa19a63b1f4e35f35e151c3fc46cb697f (patch) | |
| tree | 67e9ead3bfd44e7efe3f4a6d1325866075dbd702 /apps | |
| parent | f33d35cd073addb08c78a65b719c72eb5424434a (diff) | |
| parent | ec45a3c0e2567c89729bc6fe8c996b7939025429 (diff) | |
| download | nextcloud-server-0624476aa19a63b1f4e35f35e151c3fc46cb697f.tar.gz nextcloud-server-0624476aa19a63b1f4e35f35e151c3fc46cb697f.zip | |
Merge branch 'master' into mimeicons-svg
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/files/ajax/delete.php | 15 | ||||
| -rw-r--r-- | apps/files/ajax/newfile.php | 14 | ||||
| -rw-r--r-- | apps/files/ajax/newfolder.php | 4 | ||||
| -rw-r--r-- | apps/files/js/filelist.js | 74 | ||||
| -rw-r--r-- | apps/files/js/files.js | 23 | ||||
| -rw-r--r-- | apps/files/tests/js/fileactionsSpec.js | 2 | ||||
| -rw-r--r-- | apps/files/tests/js/filelistSpec.js | 13 | ||||
| -rw-r--r-- | apps/files_external/ajax/addRootCertificate.php | 2 | ||||
| -rwxr-xr-x | apps/files_external/lib/config.php | 6 | ||||
| -rw-r--r-- | apps/files_external/lib/webdav.php | 63 | ||||
| -rw-r--r-- | apps/files_external/tests/config.php | 6 | ||||
| -rw-r--r-- | apps/files_external/tests/webdav.php | 3 | ||||
| -rw-r--r-- | apps/files_sharing/js/public.js | 30 | ||||
| -rw-r--r-- | apps/files_trashbin/ajax/delete.php | 16 | ||||
| -rw-r--r-- | apps/files_trashbin/ajax/undelete.php | 31 | ||||
| -rw-r--r-- | apps/files_trashbin/js/trash.js | 141 | ||||
| -rw-r--r-- | apps/user_ldap/lib/access.php | 11 | ||||
| -rw-r--r-- | apps/user_ldap/lib/helper.php | 6 | ||||
| -rw-r--r-- | apps/user_ldap/user_ldap.php | 3 |
19 files changed, 317 insertions, 146 deletions
diff --git a/apps/files/ajax/delete.php b/apps/files/ajax/delete.php index c69f5a8860c..69f859daa97 100644 --- a/apps/files/ajax/delete.php +++ b/apps/files/ajax/delete.php @@ -9,8 +9,21 @@ OCP\JSON::callCheck(); // Get data $dir = stripslashes($_POST["dir"]); $files = isset($_POST["file"]) ? $_POST["file"] : $_POST["files"]; +$allFiles = isset($_POST["allfiles"]) ? $_POST["allfiles"] : $_POST["allfiles"]; +if ($allFiles === 'true') { + $allFiles = true; +} -$files = json_decode($files); +// delete all files in dir ? +if ($allFiles) { + $files = array(); + $fileList = \OC\Files\Filesystem::getDirectoryContent($dir); + foreach ($fileList as $fileInfo) { + $files[] = $fileInfo['name']; + } +} else { + $files = json_decode($files); +} $filesWithError = ''; $success = true; diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php index 1853098c507..0187b200759 100644 --- a/apps/files/ajax/newfile.php +++ b/apps/files/ajax/newfile.php @@ -50,16 +50,22 @@ $l10n = \OC_L10n::get('files'); $result = array( 'success' => false, 'data' => NULL - ); +); +$trimmedFileName = trim($filename); -if(trim($filename) === '') { +if($trimmedFileName === '') { $result['data'] = array('message' => (string)$l10n->t('File name cannot be empty.')); OCP\JSON::error($result); exit(); } +if($trimmedFileName === '.' || $trimmedFileName === '..') { + $result['data'] = array('message' => (string)$l10n->t('"%s" is an invalid file name.', $trimmedFileName)); + OCP\JSON::error($result); + exit(); +} -if(strpos($filename, '/') !== false) { - $result['data'] = array('message' => (string)$l10n->t('File name must not contain "/". Please choose a different name.')); +if(!OCP\Util::isValidFileName($filename)) { + $result['data'] = array('message' => (string)$l10n->t("Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed.")); OCP\JSON::error($result); exit(); } diff --git a/apps/files/ajax/newfolder.php b/apps/files/ajax/newfolder.php index 4cfcae3090d..b2b4fb27f74 100644 --- a/apps/files/ajax/newfolder.php +++ b/apps/files/ajax/newfolder.php @@ -23,8 +23,8 @@ if(trim($foldername) === '') { exit(); } -if(strpos($foldername, '/') !== false) { - $result['data'] = array('message' => $l10n->t('Folder name must not contain "/". Please choose a different name.')); +if(!OCP\Util::isValidFileName($foldername)) { + $result['data'] = array('message' => (string)$l10n->t("Invalid name, '\\', '/', '<', '>', ':', '\"', '|', '?' and '*' are not allowed.")); OCP\JSON::error($result); exit(); } diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js index b2de0161aa8..07f831617b7 100644 --- a/apps/files/js/filelist.js +++ b/apps/files/js/filelist.js @@ -582,30 +582,49 @@ window.FileList={ }}); } }, - do_delete:function(files) { - if (files.substr) { + do_delete:function(files, dir) { + var params; + if (files && files.substr) { files=[files]; } - for (var i=0; i<files.length; i++) { - var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete"); - deleteAction.removeClass('delete-icon').addClass('progress-icon'); + if (files) { + for (var i=0; i<files.length; i++) { + var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete"); + deleteAction.removeClass('delete-icon').addClass('progress-icon'); + } } // Finish any existing actions if (FileList.lastAction) { FileList.lastAction(); } - var fileNames = JSON.stringify(files); + var params = { + dir: dir || FileList.getCurrentDirectory() + }; + if (files) { + params.files = JSON.stringify(files); + } + else { + // no files passed, delete all in current dir + params.allfiles = true; + } + $.post(OC.filePath('files', 'ajax', 'delete.php'), - {dir:$('#dir').val(),files:fileNames}, + params, function(result) { if (result.status === 'success') { - $.each(files,function(index,file) { - var files = FileList.findFileEl(file); - files.remove(); - files.find('input[type="checkbox"]').removeAttr('checked'); - files.removeClass('selected'); - }); + if (params.allfiles) { + // clear whole list + $('#fileList tr').remove(); + } + else { + $.each(files,function(index,file) { + var files = FileList.findFileEl(file); + files.remove(); + files.find('input[type="checkbox"]').removeAttr('checked'); + files.removeClass('selected'); + }); + } procesSelection(); checkTrashStatus(); FileList.updateFileSummary(); @@ -622,10 +641,17 @@ window.FileList={ setTimeout(function() { OC.Notification.hide(); }, 10000); - $.each(files,function(index,file) { - var deleteAction = FileList.findFileEl(file).find('.action.delete'); - deleteAction.removeClass('progress-icon').addClass('delete-icon'); - }); + if (params.allfiles) { + // reload the page as we don't know what files were deleted + // and which ones remain + FileList.reload(); + } + else { + $.each(files,function(index,file) { + var deleteAction = FileList.findFileEl(file).find('.action.delete'); + deleteAction.removeClass('progress-icon').addClass('delete-icon'); + }); + } } }); }, @@ -794,6 +820,13 @@ window.FileList={ $(e).removeClass("searchresult"); }); }, + /** + * Returns whether all files are selected + * @return true if all files are selected, false otherwise + */ + isAllSelected: function() { + return $('#select_all').prop('checked'); + }, /** * Returns the download URL of the given file @@ -801,10 +834,13 @@ window.FileList={ * @param dir optional directory in which the file name is, defaults to the current directory */ getDownloadUrl: function(filename, dir) { + var files = filename; + if ($.isArray(filename)) { + files = JSON.stringify(filename); + } var params = { - files: filename, dir: dir || FileList.getCurrentDirectory(), - download: null + files: files }; return OC.filePath('files', 'ajax', 'download.php') + '?' + OC.buildQueryString(params); } diff --git a/apps/files/js/files.js b/apps/files/js/files.js index dab060229e6..8b252e69a1d 100644 --- a/apps/files/js/files.js +++ b/apps/files/js/files.js @@ -364,23 +364,26 @@ $(document).ready(function() { }); $('.download').click('click',function(event) { - var files=getSelectedFilesTrash('name'); - var fileslist = JSON.stringify(files); - var dir=$('#dir').val()||'/'; - OC.Notification.show(t('files','Your download is being prepared. This might take some time if the files are big.')); - // use special download URL if provided, e.g. for public shared files - var downloadURL = document.getElementById("downloadURL"); - if ( downloadURL ) { - window.location = downloadURL.value+"&download&files=" + encodeURIComponent(fileslist); - } else { - window.location = OC.filePath('files', 'ajax', 'download.php') + '?'+ $.param({ dir: dir, files: fileslist }); + var files; + var dir = FileList.getCurrentDirectory(); + if (FileList.isAllSelected()) { + files = OC.basename(dir); + dir = OC.dirname(dir) || '/'; } + else { + files = getSelectedFilesTrash('name'); + } + OC.Notification.show(t('files','Your download is being prepared. This might take some time if the files are big.')); + OC.redirect(FileList.getDownloadUrl(files, dir)); return false; }); $('.delete-selected').click(function(event) { var files=getSelectedFilesTrash('name'); event.preventDefault(); + if (FileList.isAllSelected()) { + files = null; + } FileList.do_delete(files); return false; }); diff --git a/apps/files/tests/js/fileactionsSpec.js b/apps/files/tests/js/fileactionsSpec.js index 8bbc1d3d141..ef7ddcb874a 100644 --- a/apps/files/tests/js/fileactionsSpec.js +++ b/apps/files/tests/js/fileactionsSpec.js @@ -69,7 +69,7 @@ describe('FileActions tests', function() { $tr.find('.action[data-action=Download]').click(); expect(redirectStub.calledOnce).toEqual(true); - expect(redirectStub.getCall(0).args[0]).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?files=test%20download%20File.txt&dir=%2Fsubdir&download'); + expect(redirectStub.getCall(0).args[0]).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?dir=%2Fsubdir&files=test%20download%20File.txt'); redirectStub.restore(); }); }); diff --git a/apps/files/tests/js/filelistSpec.js b/apps/files/tests/js/filelistSpec.js index c26e65fc4de..8f4cb86ab4a 100644 --- a/apps/files/tests/js/filelistSpec.js +++ b/apps/files/tests/js/filelistSpec.js @@ -58,8 +58,15 @@ describe('FileList tests', function() { expect($tr.attr('data-permissions')).toEqual('31'); //expect($tr.attr('data-mime')).toEqual('httpd/unix-directory'); }); - it('returns correct download URL', function() { - expect(FileList.getDownloadUrl('some file.txt')).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?files=some%20file.txt&dir=%2Fsubdir&download'); - expect(FileList.getDownloadUrl('some file.txt', '/anotherpath/abc')).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?files=some%20file.txt&dir=%2Fanotherpath%2Fabc&download'); + describe('Download Url', function() { + it('returns correct download URL for single files', function() { + expect(FileList.getDownloadUrl('some file.txt')).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?dir=%2Fsubdir&files=some%20file.txt'); + expect(FileList.getDownloadUrl('some file.txt', '/anotherpath/abc')).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?dir=%2Fanotherpath%2Fabc&files=some%20file.txt'); + $('#dir').val('/'); + expect(FileList.getDownloadUrl('some file.txt')).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?dir=%2F&files=some%20file.txt'); + }); + it('returns correct download URL for multiple files', function() { + expect(FileList.getDownloadUrl(['a b c.txt', 'd e f.txt'])).toEqual(OC.webroot + '/index.php/apps/files/ajax/download.php?dir=%2Fsubdir&files=%5B%22a%20b%20c.txt%22%2C%22d%20e%20f.txt%22%5D'); + }); }); }); diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php index ae349bfcd3a..fcd3a617ada 100644 --- a/apps/files_external/ajax/addRootCertificate.php +++ b/apps/files_external/ajax/addRootCertificate.php @@ -4,7 +4,7 @@ OCP\JSON::checkAppEnabled('files_external'); OCP\JSON::callCheck(); if ( ! ($filename = $_FILES['rootcert_import']['name']) ) { - header("Location: settings/personal.php"); + header('Location:' . OCP\Util::linkToRoute( "settings_personal" )); exit; } diff --git a/apps/files_external/lib/config.php b/apps/files_external/lib/config.php index 94dc5fb7ad8..b2109e5eacd 100755 --- a/apps/files_external/lib/config.php +++ b/apps/files_external/lib/config.php @@ -352,9 +352,8 @@ class OC_Mount_Config { $phpFile = OC_User::getHome(OCP\User::getUser()).'/mount.php'; $jsonFile = OC_User::getHome(OCP\User::getUser()).'/mount.json'; } else { - $datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data"); $phpFile = OC::$SERVERROOT.'/config/mount.php'; - $jsonFile = $datadir . '/mount.json'; + $jsonFile = \OC_Config::getValue("mount_file", \OC::$SERVERROOT . "/data/mount.json"); } if (is_file($jsonFile)) { $mountPoints = json_decode(file_get_contents($jsonFile), true); @@ -380,8 +379,7 @@ class OC_Mount_Config { if ($isPersonal) { $file = OC_User::getHome(OCP\User::getUser()).'/mount.json'; } else { - $datadir = \OC_Config::getValue("datadirectory", \OC::$SERVERROOT . "/data"); - $file = $datadir . '/mount.json'; + $file = \OC_Config::getValue("mount_file", \OC::$SERVERROOT . "/data/mount.json"); } $content = json_encode($data); @file_put_contents($file, $content); diff --git a/apps/files_external/lib/webdav.php b/apps/files_external/lib/webdav.php index 7611316a26a..9afe73aebd7 100644 --- a/apps/files_external/lib/webdav.php +++ b/apps/files_external/lib/webdav.php @@ -99,7 +99,9 @@ class DAV extends \OC\Files\Storage\Common{ public function rmdir($path) { $this->init(); - $path=$this->cleanPath($path); + $path=$this->cleanPath($path) . '/'; + // FIXME: some WebDAV impl return 403 when trying to DELETE + // a non-empty folder return $this->simpleResponse('DELETE', $path, null, 204); } @@ -107,7 +109,7 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $response=$this->client->propfind($path, array(), 1); + $response=$this->client->propfind($this->encodePath($path), array(), 1); $id=md5('webdav'.$this->root.$path); $content = array(); $files=array_keys($response); @@ -127,8 +129,11 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $response=$this->client->propfind($path, array('{DAV:}resourcetype')); - $responseType=$response["{DAV:}resourcetype"]->resourceType; + $response=$this->client->propfind($this->encodePath($path), array('{DAV:}resourcetype')); + $responseType = array(); + if (isset($response["{DAV:}resourcetype"])) { + $responseType=$response["{DAV:}resourcetype"]->resourceType; + } return (count($responseType)>0 and $responseType[0]=="{DAV:}collection")?'dir':'file'; } catch(\Exception $e) { error_log($e->getMessage()); @@ -141,7 +146,7 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $this->client->propfind($path, array('{DAV:}resourcetype')); + $this->client->propfind($this->encodePath($path), array('{DAV:}resourcetype')); return true;//no 404 exception } catch(\Exception $e) { return false; @@ -166,7 +171,7 @@ class DAV extends \OC\Files\Storage\Common{ $curl = curl_init(); $fp = fopen('php://temp', 'r+'); curl_setopt($curl, CURLOPT_USERPWD, $this->user.':'.$this->password); - curl_setopt($curl, CURLOPT_URL, $this->createBaseUri().str_replace(' ', '%20', $path)); + curl_setopt($curl, CURLOPT_URL, $this->createBaseUri().$this->encodePath($path)); curl_setopt($curl, CURLOPT_FILE, $fp); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); if ($this->secure === true) { @@ -178,6 +183,10 @@ class DAV extends \OC\Files\Storage\Common{ } curl_exec ($curl); + $statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE); + if ($statusCode !== 200) { + \OCP\Util::writeLog("webdav client", 'curl GET ' . curl_getinfo($curl, CURLINFO_EFFECTIVE_URL) . ' returned status code ' . $statusCode, \OCP\Util::ERROR); + } curl_close ($curl); rewind($fp); return $fp; @@ -220,7 +229,7 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $response=$this->client->propfind($path, array('{DAV:}quota-available-bytes')); + $response=$this->client->propfind($this->encodePath($path), array('{DAV:}quota-available-bytes')); if (isset($response['{DAV:}quota-available-bytes'])) { return (int)$response['{DAV:}quota-available-bytes']; } else { @@ -240,7 +249,12 @@ class DAV extends \OC\Files\Storage\Common{ // if file exists, update the mtime, else create a new empty file if ($this->file_exists($path)) { - $this->client->proppatch($path, array('{DAV:}lastmodified' => $mtime)); + try { + $this->client->proppatch($this->encodePath($path), array('{DAV:}lastmodified' => $mtime)); + } + catch (\Sabre_DAV_Exception_NotImplemented $e) { + return false; + } } else { $this->file_put_contents($path, ''); } @@ -276,13 +290,17 @@ class DAV extends \OC\Files\Storage\Common{ } } curl_exec ($curl); + $statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE); + if ($statusCode !== 200) { + \OCP\Util::writeLog("webdav client", 'curl GET ' . curl_getinfo($curl, CURLINFO_EFFECTIVE_URL) . ' returned status code ' . $statusCode, \OCP\Util::ERROR); + } curl_close ($curl); } public function rename($path1, $path2) { $this->init(); - $path1=$this->cleanPath($path1); - $path2=$this->createBaseUri().$this->cleanPath($path2); + $path1 = $this->encodePath($this->cleanPath($path1)); + $path2 = $this->createBaseUri().$this->encodePath($this->cleanPath($path2)); try { $this->client->request('MOVE', $path1, null, array('Destination'=>$path2)); return true; @@ -293,8 +311,8 @@ class DAV extends \OC\Files\Storage\Common{ public function copy($path1, $path2) { $this->init(); - $path1=$this->cleanPath($path1); - $path2=$this->createBaseUri().$this->cleanPath($path2); + $path1 = $this->encodePath($this->cleanPath($path1)); + $path2 = $this->createBaseUri().$this->encodePath($this->cleanPath($path2)); try { $this->client->request('COPY', $path1, null, array('Destination'=>$path2)); return true; @@ -307,7 +325,7 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $response=$this->client->propfind($path, array('{DAV:}getlastmodified', '{DAV:}getcontentlength')); + $response = $this->client->propfind($this->encodePath($path), array('{DAV:}getlastmodified', '{DAV:}getcontentlength')); return array( 'mtime'=>strtotime($response['{DAV:}getlastmodified']), 'size'=>(int)isset($response['{DAV:}getcontentlength']) ? $response['{DAV:}getcontentlength'] : 0, @@ -321,8 +339,11 @@ class DAV extends \OC\Files\Storage\Common{ $this->init(); $path=$this->cleanPath($path); try { - $response=$this->client->propfind($path, array('{DAV:}getcontenttype', '{DAV:}resourcetype')); - $responseType=$response["{DAV:}resourcetype"]->resourceType; + $response=$this->client->propfind($this->encodePath($path), array('{DAV:}getcontenttype', '{DAV:}resourcetype')); + $responseType = array(); + if (isset($response["{DAV:}resourcetype"])) { + $responseType=$response["{DAV:}resourcetype"]->resourceType; + } $type=(count($responseType)>0 and $responseType[0]=="{DAV:}collection")?'dir':'file'; if ($type=='dir') { return 'httpd/unix-directory'; @@ -346,6 +367,16 @@ class DAV extends \OC\Files\Storage\Common{ } /** + * URL encodes the given path but keeps the slashes + * @param string $path to encode + * @return string encoded path + */ + private function encodePath($path) { + // slashes need to stay + return str_replace('%2F', '/', rawurlencode($path)); + } + + /** * @param string $method * @param string $path * @param integer $expected @@ -353,7 +384,7 @@ class DAV extends \OC\Files\Storage\Common{ private function simpleResponse($method, $path, $body, $expected) { $path=$this->cleanPath($path); try { - $response=$this->client->request($method, $path, $body); + $response=$this->client->request($method, $this->encodePath($path), $body); return $response['statusCode']==$expected; } catch(\Exception $e) { return false; diff --git a/apps/files_external/tests/config.php b/apps/files_external/tests/config.php index e296bfcb5b2..767c0adf58e 100644 --- a/apps/files_external/tests/config.php +++ b/apps/files_external/tests/config.php @@ -21,7 +21,11 @@ return array( 'host'=>'localhost', 'user'=>'test', 'password'=>'test', - 'root'=>'/owncloud/files/webdav.php', + 'root'=>'', + // wait delay in seconds after write operations + // (only in tests) + // set to higher value for lighttpd webdav + 'wait'=> 0 ), 'owncloud'=>array( 'run'=>true, diff --git a/apps/files_external/tests/webdav.php b/apps/files_external/tests/webdav.php index 1f9b767eca6..74e905ccc89 100644 --- a/apps/files_external/tests/webdav.php +++ b/apps/files_external/tests/webdav.php @@ -18,6 +18,9 @@ class DAV extends Storage { if ( ! is_array($this->config) or ! isset($this->config['webdav']) or ! $this->config['webdav']['run']) { $this->markTestSkipped('WebDAV backend not configured'); } + if (isset($this->config['webdav']['wait'])) { + $this->waitDelay = $this->config['webdav']['wait']; + } $this->config['webdav']['root'] .= '/' . $id; //make sure we have an new empty folder to work in $this->instance = new \OC\Files\Storage\DAV($this->config['webdav']); $this->instance->mkdir('/'); diff --git a/apps/files_sharing/js/public.js b/apps/files_sharing/js/public.js index c1b7eee3fb7..06c168969de 100644 --- a/apps/files_sharing/js/public.js +++ b/apps/files_sharing/js/public.js @@ -1,3 +1,15 @@ +/* + * Copyright (c) 2014 + * + * This file is licensed under the Affero General Public License version 3 + * or later. + * + * See the COPYING-README file. + * + */ + +/* global OC, FileList, FileActions */ + // Override download path to files_sharing/public.php function fileDownloadPath(dir, file) { var url = $('#downloadURL').val(); @@ -28,12 +40,20 @@ $(document).ready(function() { // override since the format is different FileList.getDownloadUrl = function(filename, dir) { - // we use this because we need the service and token attributes - var tr = FileList.findFileEl(filename); - if (tr.length > 0) { - return $(tr).find('a.name').attr('href') + '&download'; + if ($.isArray(filename)) { + filename = JSON.stringify(filename); + } + var path = dir || FileList.getCurrentDirectory(); + var params = { + service: 'files', + t: $('#sharingToken').val(), + path: path, + download: null + }; + if (filename) { + params.files = filename; } - return null; + return OC.filePath('', '', 'public.php') + '?' + OC.buildQueryString(params); }; } diff --git a/apps/files_trashbin/ajax/delete.php b/apps/files_trashbin/ajax/delete.php index 75d481768ad..ebabc5bc7a2 100644 --- a/apps/files_trashbin/ajax/delete.php +++ b/apps/files_trashbin/ajax/delete.php @@ -2,42 +2,38 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); +$folder = isset($_POST['dir']) ? $_POST['dir'] : '/'; // "empty trash" command if (isset($_POST['allfiles']) and $_POST['allfiles'] === 'true'){ $deleteAll = true; - $folder = isset($_POST['dir']) ? $_POST['dir'] : '/'; if ($folder === '/' || $folder === '') { OCA\Files_Trashbin\Trashbin::deleteAll(); $list = array(); } else { - $dirname = dirname($folder); - if ( $dirname !== '/' && $dirname !== '.' ) { - $dirlisting = '1'; - } else { - $dirlisting = '0'; - } $list[] = $folder; + $folder = dirname($folder); } } else { $deleteAll = false; $files = $_POST['files']; - $dirlisting = $_POST['dirlisting']; $list = json_decode($files); } + +$folder = rtrim($folder, '/') . '/'; $error = array(); $success = array(); $i = 0; foreach ($list as $file) { - if ( $dirlisting === '0') { + if ($folder === '/') { $file = ltrim($file, '/'); $delimiter = strrpos($file, '.d'); $filename = substr($file, 0, $delimiter); $timestamp = substr($file, $delimiter+2); } else { - $filename = $file; + $filename = $folder . '/' . $file; $timestamp = null; } diff --git a/apps/files_trashbin/ajax/undelete.php b/apps/files_trashbin/ajax/undelete.php index 876ad269a70..9c3ccba7ed8 100644 --- a/apps/files_trashbin/ajax/undelete.php +++ b/apps/files_trashbin/ajax/undelete.php @@ -4,15 +4,36 @@ OCP\JSON::checkLoggedIn(); OCP\JSON::callCheck(); $files = $_POST['files']; -$dirlisting = $_POST['dirlisting']; -$list = json_decode($files); +$dir = '/'; +if (isset($_POST['dir'])) { + $dir = rtrim($_POST['dir'], '/'). '/'; +} +$allFiles = false; +if (isset($_POST['allfiles']) and $_POST['allfiles'] === 'true') { + $allFiles = true; + $list = array(); + $dirListing = true; + if ($dir === '' || $dir === '/') { + $dirListing = false; + } + foreach (OCA\Files_Trashbin\Helper::getTrashFiles($dir) as $file) { + $fileName = $file['name']; + if (!$dirListing) { + $fileName .= '.d' . $file['timestamp']; + } + $list[] = $fileName; + } +} else { + $list = json_decode($files); +} $error = array(); $success = array(); $i = 0; foreach ($list as $file) { - if ( $dirlisting === '0') { + $path = $dir . '/' . $file; + if ($dir === '/') { $file = ltrim($file, '/'); $delimiter = strrpos($file, '.d'); $filename = substr($file, 0, $delimiter); @@ -23,9 +44,9 @@ foreach ($list as $file) { $timestamp = null; } - if ( !OCA\Files_Trashbin\Trashbin::restore($file, $filename, $timestamp) ) { + if ( !OCA\Files_Trashbin\Trashbin::restore($path, $filename, $timestamp) ) { $error[] = $filename; - OC_Log::write('trashbin','can\'t restore ' . $filename, OC_Log::ERROR); + OC_Log::write('trashbin', 'can\'t restore ' . $filename, OC_Log::ERROR); } else { $success[$i]['filename'] = $file; $success[$i]['timestamp'] = $timestamp; diff --git a/apps/files_trashbin/js/trash.js b/apps/files_trashbin/js/trash.js index 46d8b56308c..6aade210505 100644 --- a/apps/files_trashbin/js/trash.js +++ b/apps/files_trashbin/js/trash.js @@ -1,5 +1,29 @@ +/* + * Copyright (c) 2014 + * + * This file is licensed under the Affero General Public License version 3 + * or later. + * + * See the COPYING-README file. + * + */ + +/* global OC, t, FileList, FileActions */ $(document).ready(function() { + function removeCallback(result) { + if (result.status !== 'success') { + OC.dialogs.alert(result.data.message, t('core', 'Error')); + } + + var files = result.data.success; + for (var i = 0; i < files.length; i++) { + FileList.findFileEl(OC.basename(files[i].filename)).remove(); + } + FileList.updateFileSummary(); + FileList.updateEmptyContent(); + enableActions(); + } if (typeof FileActions !== 'undefined') { FileActions.register('all', 'Restore', OC.PERMISSION_READ, OC.imagePath('core', 'actions/history'), function(filename) { @@ -7,22 +31,12 @@ $(document).ready(function() { var deleteAction = tr.children("td.date").children(".action.delete"); deleteAction.removeClass('delete-icon').addClass('progress-icon'); disableActions(); - $.post(OC.filePath('files_trashbin', 'ajax', 'undelete.php'), - {files: JSON.stringify([$('#dir').val() + '/' + filename]), dirlisting: tr.attr('data-dirlisting')}, - function(result) { - for (var i = 0; i < result.data.success.length; i++) { - var row = document.getElementById(result.data.success[i].filename); - row.parentNode.removeChild(row); - } - if (result.status !== 'success') { - OC.dialogs.alert(result.data.message, t('core', 'Error')); - } - enableActions(); - FileList.updateFileSummary(); - FileList.updateEmptyContent(); - } + $.post(OC.filePath('files_trashbin', 'ajax', 'undelete.php'), { + files: JSON.stringify([filename]), + dir: FileList.getCurrentDirectory() + }, + removeCallback ); - }); }; @@ -34,22 +48,12 @@ $(document).ready(function() { var deleteAction = tr.children("td.date").children(".action.delete"); deleteAction.removeClass('delete-icon').addClass('progress-icon'); disableActions(); - $.post(OC.filePath('files_trashbin', 'ajax', 'delete.php'), - {files: JSON.stringify([$('#dir').val() + '/' +filename]), dirlisting: tr.attr('data-dirlisting')}, - function(result) { - for (var i = 0; i < result.data.success.length; i++) { - var row = document.getElementById(result.data.success[i].filename); - row.parentNode.removeChild(row); - } - if (result.status !== 'success') { - OC.dialogs.alert(result.data.message, t('core', 'Error')); - } - enableActions(); - FileList.updateFileSummary(); - FileList.updateEmptyContent(); - } + $.post(OC.filePath('files_trashbin', 'ajax', 'delete.php'), { + files: JSON.stringify([filename]), + dir: FileList.getCurrentDirectory() + }, + removeCallback ); - }); // Sets the select_all checkbox behaviour : @@ -68,29 +72,45 @@ $(document).ready(function() { $('.undelete').click('click', function(event) { event.preventDefault(); - var files = getSelectedFiles('file'); - var fileslist = JSON.stringify(files); - var dirlisting = getSelectedFiles('dirlisting')[0]; + var allFiles = $('#select_all').is(':checked'); + var files = []; + var params = {}; disableActions(); - for (var i = 0; i < files.length; i++) { - var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete"); - deleteAction.removeClass('delete-icon').addClass('progress-icon'); + if (allFiles) { + FileList.showMask(); + params = { + allfiles: true, + dir: FileList.getCurrentDirectory() + }; + } + else { + files = getSelectedFiles('name'); + for (var i = 0; i < files.length; i++) { + var deleteAction = FileList.findFileEl(files[i]).children("td.date").children(".action.delete"); + deleteAction.removeClass('delete-icon').addClass('progress-icon'); + } + params = { + files: JSON.stringify(files), + dir: FileList.getCurrentDirectory() + }; } $.post(OC.filePath('files_trashbin', 'ajax', 'undelete.php'), - {files: fileslist, dirlisting: dirlisting}, - function(result) { - for (var i = 0; i < result.data.success.length; i++) { - var row = document.getElementById(result.data.success[i].filename); - row.parentNode.removeChild(row); - } + params, + function(result) { + if (allFiles) { if (result.status !== 'success') { OC.dialogs.alert(result.data.message, t('core', 'Error')); } + FileList.hideMask(); + // simply remove all files + FileList.update(''); enableActions(); - FileList.updateFileSummary(); - FileList.updateEmptyContent(); } + else { + removeCallback(result); + } + } ); }); @@ -101,17 +121,17 @@ $(document).ready(function() { var params = {}; if (allFiles) { params = { - allfiles: true, - dir: $('#dir').val() + allfiles: true, + dir: FileList.getCurrentDirectory() }; } else { - files = getSelectedFiles('file'); + files = getSelectedFiles('name'); params = { files: JSON.stringify(files), - dirlisting: getSelectedFiles('dirlisting')[0] + dir: FileList.getCurrentDirectory() }; - }; + } disableActions(); if (allFiles) { @@ -128,22 +148,17 @@ $(document).ready(function() { params, function(result) { if (allFiles) { + if (result.status !== 'success') { + OC.dialogs.alert(result.data.message, t('core', 'Error')); + } FileList.hideMask(); // simply remove all files - $('#fileList').empty(); + FileList.update(''); + enableActions(); } else { - for (var i = 0; i < result.data.success.length; i++) { - var row = document.getElementById(result.data.success[i].filename); - row.parentNode.removeChild(row); - } + removeCallback(result); } - if (result.status !== 'success') { - OC.dialogs.alert(result.data.message, t('core', 'Error')); - } - enableActions(); - FileList.updateFileSummary(); - FileList.updateEmptyContent(); } ); @@ -208,11 +223,9 @@ function getSelectedFiles(property){ var files=[]; elements.each(function(i,element){ var file={ - name:$(element).attr('data-filename'), - file:$('#dir').val() + "/" + $(element).attr('data-file'), + name:$(element).attr('data-file'), timestamp:$(element).attr('data-timestamp'), - type:$(element).attr('data-type'), - dirlisting:$(element).attr('data-dirlisting') + type:$(element).attr('data-type') }; if(property){ files.push(file[property]); diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 6795aecafee..b7e4023dd73 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -922,6 +922,17 @@ class Access extends LDAPUtility { } /** + * @brief escapes (user provided) parts for LDAP filter + * @param String $input, the provided value + * @returns the escaped string + */ + public function escapeFilterPart($input) { + $search = array('*', '\\', '(', ')'); + $replace = array('\\*', '\\\\', '\\(', '\\)'); + return str_replace($search, $replace, $input); + } + + /** * @brief combines the input filters with AND * @param $filters array, the filters to connect * @returns the combined filter diff --git a/apps/user_ldap/lib/helper.php b/apps/user_ldap/lib/helper.php index 9727d847d27..7de7fe8667f 100644 --- a/apps/user_ldap/lib/helper.php +++ b/apps/user_ldap/lib/helper.php @@ -118,10 +118,16 @@ class Helper { return false; } + $saveOtherConfigurations = ''; + if(empty($prefix)) { + $saveOtherConfigurations = 'AND `Configkey` NOT LIKE \'s%\''; + } + $query = \OCP\DB::prepare(' DELETE FROM `*PREFIX*appconfig` WHERE `configkey` LIKE ? + '.$saveOtherConfigurations.' AND `appid` = \'user_ldap\' AND `configkey` NOT IN (\'enabled\', \'installed_version\', \'types\', \'bgjUpdateGroupsLastRun\') '); diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index 4a147cf9884..757de6b60f4 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -163,6 +163,8 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { * Check if the password is correct without logging in the user */ public function checkPassword($uid, $password) { + $uid = $this->access->escapeFilterPart($uid); + //find out dn of the user name $filter = \OCP\Util::mb_str_replace( '%uid', $uid, $this->access->connection->ldapLoginFilter, 'UTF-8'); @@ -203,6 +205,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { * Get a list of all users. */ public function getUsers($search = '', $limit = 10, $offset = 0) { + $search = $this->access->escapeFilterPart($search); $cachekey = 'getUsers-'.$search.'-'.$limit.'-'.$offset; //check if users are cached, if so return |