diff options
author | Morris Jobke <hey@morrisjobke.de> | 2016-07-07 12:03:34 +0200 |
---|---|---|
committer | Morris Jobke <hey@morrisjobke.de> | 2016-07-07 12:03:34 +0200 |
commit | 11e834ea74243518b4057f0f5f7cafe6f2761530 (patch) | |
tree | f500a6e459a61e9fcaa33114948803a61b4da7b2 /lib/private | |
parent | 64a15191e4397da9712d4d17675993a9acdab31e (diff) | |
parent | e5645a94ecf6a9e037c8475cb085f14b656b71ac (diff) | |
download | nextcloud-server-11e834ea74243518b4057f0f5f7cafe6f2761530.tar.gz nextcloud-server-11e834ea74243518b4057f0f5f7cafe6f2761530.zip |
Merge branch 'stable9' into sync-stable9
Diffstat (limited to 'lib/private')
25 files changed, 248 insertions, 51 deletions
diff --git a/lib/private/app.php b/lib/private/app.php index 5d0909de2a5..76f650a146b 100644 --- a/lib/private/app.php +++ b/lib/private/app.php @@ -1104,7 +1104,7 @@ class OC_App { $version = \OCP\Util::getVersion(); if (!self::isAppCompatible($version, $info)) { throw new \Exception( - $l->t('App "%s" cannot be installed because it is not compatible with this version of ownCloud.', + $l->t('App "%s" cannot be installed because it is not compatible with this version of Nextcloud.', array($info['name']) ) ); diff --git a/lib/private/appframework/http/request.php b/lib/private/appframework/http/request.php index bdd40ef1573..1ab52fb3ca1 100644 --- a/lib/private/appframework/http/request.php +++ b/lib/private/appframework/http/request.php @@ -448,6 +448,10 @@ class Request implements \ArrayAccess, \Countable, IRequest { return false; } + if(!$this->passesStrictCookieCheck()) { + return false; + } + if (isset($this->items['get']['requesttoken'])) { $token = $this->items['get']['requesttoken']; } elseif (isset($this->items['post']['requesttoken'])) { @@ -464,6 +468,44 @@ class Request implements \ArrayAccess, \Countable, IRequest { } /** + * Checks if the strict cookie has been sent with the request if the request + * is including any cookies. + * + * @return bool + * @since 9.1.0 + */ + public function passesStrictCookieCheck() { + if(count($this->cookies) === 0) { + return true; + } + if($this->getCookie('nc_sameSiteCookiestrict') === 'true' + && $this->passesLaxCookieCheck()) { + return true; + } + + return false; + } + + /** + * Checks if the lax cookie has been sent with the request if the request + * is including any cookies. + * + * @return bool + * @since 9.1.0 + */ + public function passesLaxCookieCheck() { + if(count($this->cookies) === 0) { + return true; + } + + if($this->getCookie('nc_sameSiteCookielax') === 'true') { + return true; + } + + return false; + } + + /** * Returns an ID for the request, value is not guaranteed to be unique and is mostly meant for logging * If `mod_unique_id` is installed this value will be taken. * @return string diff --git a/lib/private/appframework/middleware/security/exceptions/strictcookiemissingexception.php b/lib/private/appframework/middleware/security/exceptions/strictcookiemissingexception.php new file mode 100644 index 00000000000..c45cc400d72 --- /dev/null +++ b/lib/private/appframework/middleware/security/exceptions/strictcookiemissingexception.php @@ -0,0 +1,36 @@ +<?php +/** + * @author Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Appframework\Middleware\Security\Exceptions; + +use OCP\AppFramework\Http; + +/** + * Class StrictCookieMissingException is thrown when the strict cookie has not + * been sent with the request but is required. + * + * @package OC\Appframework\Middleware\Security\Exceptions + */ +class StrictCookieMissingException extends SecurityException { + public function __construct() { + parent::__construct('Strict Cookie has not been found in request.', Http::STATUS_PRECONDITION_FAILED); + } +} diff --git a/lib/private/appframework/middleware/security/securitymiddleware.php b/lib/private/appframework/middleware/security/securitymiddleware.php index f3bc06217cd..fe67aca9b2b 100644 --- a/lib/private/appframework/middleware/security/securitymiddleware.php +++ b/lib/private/appframework/middleware/security/securitymiddleware.php @@ -30,6 +30,7 @@ use OC\Appframework\Middleware\Security\Exceptions\AppNotEnabledException; use OC\Appframework\Middleware\Security\Exceptions\CrossSiteRequestForgeryException; use OC\Appframework\Middleware\Security\Exceptions\NotAdminException; use OC\Appframework\Middleware\Security\Exceptions\NotLoggedInException; +use OC\AppFramework\Middleware\Security\Exceptions\StrictCookieMissingException; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Security\CSP\ContentSecurityPolicyManager; use OCP\AppFramework\Http\ContentSecurityPolicy; @@ -132,6 +133,13 @@ class SecurityMiddleware extends Middleware { } } + // Check for strict cookie requirement + if($this->reflector->hasAnnotation('StrictCookieRequired') || !$this->reflector->hasAnnotation('NoCSRFRequired')) { + if(!$this->request->passesStrictCookieCheck()) { + throw new StrictCookieMissingException(); + } + } + // CSRF check - also registers the CSRF token since the session may be closed later Util::callRegister(); if(!$this->reflector->hasAnnotation('NoCSRFRequired')) { @@ -184,6 +192,9 @@ class SecurityMiddleware extends Middleware { */ public function afterException($controller, $methodName, \Exception $exception) { if($exception instanceof SecurityException) { + if($exception instanceof StrictCookieMissingException) { + return new RedirectResponse(\OC::$WEBROOT); + } if (stripos($this->request->getHeader('Accept'),'html') === false) { $response = new JSONResponse( diff --git a/lib/private/console/application.php b/lib/private/console/application.php index 7a8ec49c65b..ffb0224bdc7 100644 --- a/lib/private/console/application.php +++ b/lib/private/console/application.php @@ -87,10 +87,10 @@ class Application { require_once __DIR__ . '/../../../core/register_command.php'; if ($this->config->getSystemValue('installed', false)) { if (\OCP\Util::needUpgrade()) { - $output->writeln("ownCloud or one of the apps require upgrade - only a limited number of commands are available"); + $output->writeln("Nextcloud or one of the apps require upgrade - only a limited number of commands are available"); $output->writeln("You may use your browser or the occ upgrade command to do the upgrade"); } elseif ($this->config->getSystemValue('maintenance', false)) { - $output->writeln("ownCloud is in maintenance mode - no app have been loaded"); + $output->writeln("Nextcloud is in maintenance mode - no app have been loaded"); } else { OC_App::loadApps(); foreach (\OC::$server->getAppManager()->getInstalledApps() as $app) { @@ -106,7 +106,7 @@ class Application { } } } else { - $output->writeln("ownCloud is not installed - only a limited number of commands are available"); + $output->writeln("Nextcloud is not installed - only a limited number of commands are available"); } $input = new ArgvInput(); if ($input->getFirstArgument() !== 'check') { diff --git a/lib/private/defaults.php b/lib/private/defaults.php index 43e8c8082cc..fae2a44152d 100644 --- a/lib/private/defaults.php +++ b/lib/private/defaults.php @@ -51,19 +51,19 @@ class OC_Defaults { $this->l = \OC::$server->getL10N('lib'); $version = \OCP\Util::getVersion(); - $this->defaultEntity = 'ownCloud'; /* e.g. company name, used for footers and copyright notices */ - $this->defaultName = 'ownCloud'; /* short name, used when referring to the software */ - $this->defaultTitle = 'ownCloud'; /* can be a longer name, for titles */ - $this->defaultBaseUrl = 'https://owncloud.org'; - $this->defaultSyncClientUrl = 'https://owncloud.org/sync-clients/'; - $this->defaultiOSClientUrl = 'https://itunes.apple.com/us/app/owncloud/id543672169?mt=8'; - $this->defaultiTunesAppId = '543672169'; - $this->defaultAndroidClientUrl = 'https://play.google.com/store/apps/details?id=com.owncloud.android'; - $this->defaultDocBaseUrl = 'https://doc.owncloud.org'; + $this->defaultEntity = 'Nextcloud'; /* e.g. company name, used for footers and copyright notices */ + $this->defaultName = 'Nextcloud'; /* short name, used when referring to the software */ + $this->defaultTitle = 'Nextcloud'; /* can be a longer name, for titles */ + $this->defaultBaseUrl = 'https://nextcloud.com'; + $this->defaultSyncClientUrl = 'https://nextcloud.com/install'; + $this->defaultiOSClientUrl = 'https://itunes.apple.com/us/app/nextcloud/id1125420102?mt=8'; + $this->defaultiTunesAppId = '1125420102'; + $this->defaultAndroidClientUrl = 'https://play.google.com/store/apps/details?id=com.nextcloud.client'; + $this->defaultDocBaseUrl = 'https://docs.nextcloud.org'; $this->defaultDocVersion = $version[0] . '.' . $version[1]; // used to generate doc links - $this->defaultSlogan = $this->l->t('web services under your control'); + $this->defaultSlogan = $this->l->t('a safe home for all your data'); $this->defaultLogoClaim = ''; - $this->defaultMailHeaderColor = '#1d2d44'; /* header color of mail notifications */ + $this->defaultMailHeaderColor = '#0082c9'; /* header color of mail notifications */ $themePath = OC::$SERVERROOT . '/themes/' . OC_Util::getTheme() . '/defaults.php'; if (file_exists($themePath)) { diff --git a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php index ab1a166018c..b3875cdd1a9 100644 --- a/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php +++ b/lib/private/encryption/exceptions/encryptionheaderkeyexistsexception.php @@ -30,6 +30,6 @@ class EncryptionHeaderKeyExistsException extends GenericEncryptionException { * @param string $key */ public function __construct($key) { - parent::__construct('header key "'. $key . '" already reserved by ownCloud'); + parent::__construct('header key "'. $key . '" already reserved by Nextcloud'); } } diff --git a/lib/private/eventsource.php b/lib/private/eventsource.php index f567d1e6ca5..d38ca0faa75 100644 --- a/lib/private/eventsource.php +++ b/lib/private/eventsource.php @@ -76,6 +76,10 @@ class OC_EventSource implements \OCP\IEventSource { } else { header("Content-Type: text/event-stream"); } + if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { + header('Location: '.\OC::$WEBROOT); + exit(); + } if (!(\OC::$server->getRequest()->passesCSRFCheck())) { $this->send('error', 'Possible CSRF attack. Connection will be closed.'); $this->close(); diff --git a/lib/private/http/client/client.php b/lib/private/http/client/client.php index bd9e82ddae7..f3824b8ce11 100644 --- a/lib/private/http/client/client.php +++ b/lib/private/http/client/client.php @@ -72,7 +72,7 @@ class Client implements IClient { } } - $this->client->setDefaultOption('headers/User-Agent', 'ownCloud Server Crawler'); + $this->client->setDefaultOption('headers/User-Agent', 'Nextcloud Server Crawler'); if($this->getProxyUri() !== '') { $this->client->setDefaultOption('proxy', $this->getProxyUri()); } diff --git a/lib/private/httphelper.php b/lib/private/httphelper.php index f33d4a51745..aa8c5dd6360 100644 --- a/lib/private/httphelper.php +++ b/lib/private/httphelper.php @@ -33,7 +33,7 @@ use OCP\IConfig; * @deprecated Use \OCP\Http\Client\IClientService */ class HTTPHelper { - const USER_AGENT = 'ownCloud Server Crawler'; + const USER_AGENT = 'Nextcloud Server Crawler'; /** @var \OCP\IConfig */ private $config; diff --git a/lib/private/installer.php b/lib/private/installer.php index f1d4d551786..51f23e9e8ad 100644 --- a/lib/private/installer.php +++ b/lib/private/installer.php @@ -383,7 +383,7 @@ class OC_Installer{ // check if the app is compatible with this version of ownCloud if(!OC_App::isAppCompatible(\OCP\Util::getVersion(), $info)) { OC_Helper::rmdirr($extractDir); - throw new \Exception($l->t("App can't be installed because it is not compatible with this version of ownCloud")); + throw new \Exception($l->t("App can't be installed because it is not compatible with this version of Nextcloud")); } // check if shipped tag is set which is only allowed for apps that are shipped with ownCloud diff --git a/lib/private/integritycheck/checker.php b/lib/private/integritycheck/checker.php index b991f66e22e..3669c50ed30 100644 --- a/lib/private/integritycheck/checker.php +++ b/lib/private/integritycheck/checker.php @@ -318,13 +318,20 @@ class Checker { $signature = base64_decode($signatureData['signature']); $certificate = $signatureData['certificate']; - // Check if certificate is signed by ownCloud Root Authority + // Check if certificate is signed by Nextcloud Root Authority $x509 = new \phpseclib\File\X509(); $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/root.crt'); $x509->loadCA($rootCertificatePublicKey); $x509->loadX509($certificate); if(!$x509->validateSignature()) { - throw new InvalidSignatureException('Certificate is not valid.'); + // FIXME: Once Nextcloud has it's own appstore we should remove the ownCloud Root Authority from here + $x509 = new \phpseclib\File\X509(); + $rootCertificatePublicKey = $this->fileAccessHelper->file_get_contents($this->environmentHelper->getServerRoot().'/resources/codesigning/owncloud.crt'); + $x509->loadCA($rootCertificatePublicKey); + $x509->loadX509($certificate); + if(!$x509->validateSignature()) { + throw new InvalidSignatureException('Certificate is not valid.'); + } } // Verify if certificate has proper CN. "core" CN is always trusted. if($x509->getDN(X509::DN_OPENSSL)['CN'] !== $certificateCN && $x509->getDN(X509::DN_OPENSSL)['CN'] !== 'core') { diff --git a/lib/private/json.php b/lib/private/json.php index 74aebd476fb..0272fcf15f5 100644 --- a/lib/private/json.php +++ b/lib/private/json.php @@ -77,6 +77,11 @@ class OC_JSON{ * @deprecated Use annotation based CSRF checks from the AppFramework instead */ public static function callCheck() { + if(!\OC::$server->getRequest()->passesStrictCookieCheck()) { + header('Location: '.\OC::$WEBROOT); + exit(); + } + if( !(\OC::$server->getRequest()->passesCSRFCheck())) { $l = \OC::$server->getL10N('lib'); self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ))); diff --git a/lib/private/ocsclient.php b/lib/private/ocsclient.php index a783a1f8425..52056f4d5e2 100644 --- a/lib/private/ocsclient.php +++ b/lib/private/ocsclient.php @@ -279,7 +279,7 @@ class OCSClient { $tmp = $data->data->content; if (is_null($tmp)) { - \OCP\Util::writeLog('core', 'No update found at the ownCloud appstore for app ' . $id, \OCP\Util::DEBUG); + \OCP\Util::writeLog('core', 'No update found at the Nextcloud appstore for app ' . $id, \OCP\Util::DEBUG); return null; } diff --git a/lib/private/repair.php b/lib/private/repair.php index 0cbb43293e8..152123bb057 100644 --- a/lib/private/repair.php +++ b/lib/private/repair.php @@ -38,6 +38,7 @@ use OC\Repair\Collation; use OC\Repair\CopyRewriteBaseToConfig; use OC\Repair\DropOldJobs; use OC\Repair\EncryptionCompatibility; +use OC\Repair\MoveChannelToSystemConfig; use OC\Repair\OldGroupMembershipShares; use OC\Repair\RemoveGetETagEntries; use OC\Repair\SqliteAutoincrement; @@ -119,7 +120,7 @@ class Repair extends BasicEmitter { new UpdateOutdatedOcsIds(\OC::$server->getConfig()), new RepairInvalidShares(\OC::$server->getConfig(), \OC::$server->getDatabaseConnection()), new AvatarPermissions(\OC::$server->getDatabaseConnection()), - new BrokenUpdaterRepair(), + new MoveChannelToSystemConfig(\OC::$server->getConfig()), ]; } diff --git a/lib/private/repair/dropoldtables.php b/lib/private/repair/dropoldtables.php index abd3bd49b0a..e4b07aab2ba 100644 --- a/lib/private/repair/dropoldtables.php +++ b/lib/private/repair/dropoldtables.php @@ -71,6 +71,7 @@ class DropOldTables extends BasicEmitter implements RepairStep { */ protected function oldDatabaseTables() { return [ + 'authtoken', 'calendar_calendars', 'calendar_objects', 'calendar_share_calendar', diff --git a/lib/private/repair/movechanneltosystemconfig.php b/lib/private/repair/movechanneltosystemconfig.php new file mode 100644 index 00000000000..edc5748a6e7 --- /dev/null +++ b/lib/private/repair/movechanneltosystemconfig.php @@ -0,0 +1,51 @@ +<?php +/** + * @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ +namespace OC\Repair; + +use OC\Hooks\BasicEmitter; +use OCP\IConfig; + +/** + * Class MoveChannelToSystemConfig moves the defined OC_Channel in the app config + * to the system config to be compatible with the Nextcloud updater. + * + * @package OC\Repair + */ +class MoveChannelToSystemConfig extends BasicEmitter implements \OC\RepairStep { + /** @var IConfig */ + private $config; + + public function __construct(IConfig $config) { + $this->config = $config; + } + + public function getName() { + return 'Moves the stored release channel to the config file'; + } + + public function run() { + $channel = $this->config->getAppValue('core', 'OC_Channel', ''); + if($channel !== '') { + $this->config->setSystemValue('updater.release.channel', $channel); + $this->config->deleteAppValue('core', 'OC_Channel'); + } + } +} diff --git a/lib/private/server.php b/lib/private/server.php index 581a2b44cea..0731239e884 100644 --- a/lib/private/server.php +++ b/lib/private/server.php @@ -73,6 +73,8 @@ use OC\Security\SecureRandom; use OC\Security\TrustedDomainHelper; use OC\Session\CryptoWrapper; use OC\Tagging\TagMapper; +use OCA\Theming\Template; +use OCP\IL10N; use OCP\IServerContainer; use OCP\Security\IContentSecurityPolicyManager; use Symfony\Component\EventDispatcher\EventDispatcher; @@ -562,6 +564,17 @@ class Server extends ServerContainer implements IServerContainer { $factory = new $factoryClass($this); return $factory->getManager(); }); + $this->registerService('ThemingDefaults', function(Server $c) { + if($this->getConfig()->getSystemValue('installed', false) && $this->getAppManager()->isInstalled('theming')) { + return new Template( + $this->getConfig(), + $this->getL10N('theming'), + $this->getURLGenerator(), + new \OC_Defaults() + ); + } + return new \OC_Defaults(); + }); $this->registerService('EventDispatcher', function () { return new EventDispatcher(); }); @@ -618,7 +631,8 @@ class Server extends ServerContainer implements IServerContainer { $c->getL10N('core'), $factory, $c->getUserManager(), - $c->getRootFolder() + $c->getRootFolder(), + $c->getEventDispatcher() ); return $manager; @@ -1206,6 +1220,14 @@ class Server extends ServerContainer implements IServerContainer { } /** + * @internal Not public by intention. + * @return \OC_Defaults + */ + public function getThemingDefaults() { + return $this->query('ThemingDefaults'); + } + + /** * @return \OC\IntegrityCheck\Checker */ public function getIntegrityCodeChecker() { diff --git a/lib/private/setup.php b/lib/private/setup.php index a38f594ff7f..b74e34309dc 100644 --- a/lib/private/setup.php +++ b/lib/private/setup.php @@ -468,7 +468,7 @@ class Setup { public static function protectDataDirectory() { //Require all denied $now = date('Y-m-d H:i:s'); - $content = "# Generated by ownCloud on $now\n"; + $content = "# Generated by Nextcloud on $now\n"; $content.= "# line below if for Apache 2.4\n"; $content.= "<ifModule mod_authz_core.c>\n"; $content.= "Require all denied\n"; diff --git a/lib/private/share20/manager.php b/lib/private/share20/manager.php index b00f7ccd5b6..482dcbec0c6 100644 --- a/lib/private/share20/manager.php +++ b/lib/private/share20/manager.php @@ -24,6 +24,7 @@ namespace OC\Share20; use OC\Files\Mount\MoveableMount; +use OC\HintException; use OCP\Files\IRootFolder; use OCP\Files\NotFoundException; use OCP\IUserManager; @@ -42,6 +43,8 @@ use OCP\Files\Folder; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\Exceptions\GenericShareException; +use Symfony\Component\EventDispatcher\EventDispatcher; +use Symfony\Component\EventDispatcher\GenericEvent; /** * This class is the communication hub for all sharing related operations. @@ -82,6 +85,7 @@ class Manager implements IManager { * @param IProviderFactory $factory * @param IUserManager $userManager * @param IRootFolder $rootFolder + * @param EventDispatcher $eventDispatcher */ public function __construct( ILogger $logger, @@ -93,7 +97,8 @@ class Manager implements IManager { IL10N $l, IProviderFactory $factory, IUserManager $userManager, - IRootFolder $rootFolder + IRootFolder $rootFolder, + EventDispatcher $eventDispatcher ) { $this->logger = $logger; $this->config = $config; @@ -105,6 +110,7 @@ class Manager implements IManager { $this->factory = $factory; $this->userManager = $userManager; $this->rootFolder = $rootFolder; + $this->eventDispatcher = $eventDispatcher; } /** @@ -134,16 +140,11 @@ class Manager implements IManager { } // Let others verify the password - $accepted = true; - $message = ''; - \OCP\Util::emitHook('\OC\Share', 'verifyPassword', [ - 'password' => $password, - 'accepted' => &$accepted, - 'message' => &$message - ]); - - if (!$accepted) { - throw new \Exception($message); + try { + $event = new GenericEvent($password); + $this->eventDispatcher->dispatch('OCP\PasswordPolicy::validate', $event); + } catch (HintException $e) { + throw new \Exception($e->getHint()); } } @@ -233,8 +234,9 @@ class Manager implements IManager { throw new GenericShareException($message_t, $message_t, 404); } - // Check that read permissions are always set - if (($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) { + // Link shares are allowed to have no read permissions to allow upload to hidden folders + if ($share->getShareType() !== \OCP\Share::SHARE_TYPE_LINK && + ($share->getPermissions() & \OCP\Constants::PERMISSION_READ) === 0) { throw new \InvalidArgumentException('Shares need at least read permissions'); } } @@ -984,7 +986,17 @@ class Manager implements IManager { public function getShareByToken($token) { $provider = $this->factory->getProviderForType(\OCP\Share::SHARE_TYPE_LINK); - $share = $provider->getShareByToken($token); + try { + $share = $provider->getShareByToken($token); + } catch (ShareNotFound $e) { + //Ignore + } + + // If it is not a link share try to fetch a federated share by token + if ($share === null) { + $provider = $this->factory->getProviderForType(\OCP\Share::SHARE_TYPE_REMOTE); + $share = $provider->getShareByToken($token); + } if ($share->getExpirationDate() !== null && $share->getExpirationDate() <= new \DateTime()) { diff --git a/lib/private/systemtag/systemtagmanager.php b/lib/private/systemtag/systemtagmanager.php index 76a60a91328..51e605cc2fb 100644 --- a/lib/private/systemtag/systemtagmanager.php +++ b/lib/private/systemtag/systemtagmanager.php @@ -124,10 +124,7 @@ class SystemTagManager implements ISystemTagManager { if (!empty($nameSearchPattern)) { $query->andWhere( - $query->expr()->like( - 'name', - $query->expr()->literal('%' . $this->connection->escapeLikeParameter($nameSearchPattern). '%') - ) + $query->expr()->like('name', $query->createNamedParameter('%' . $this->connection->escapeLikeParameter($nameSearchPattern) . '%')) ); } diff --git a/lib/private/template.php b/lib/private/template.php index 2653ae6086a..ec35a1d9ba8 100644 --- a/lib/private/template.php +++ b/lib/private/template.php @@ -76,7 +76,7 @@ class OC_Template extends \OC\Template\Base { $parts = explode('/', $app); // fix translation when app is something like core/lostpassword $l10n = \OC::$server->getL10N($parts[0]); - $themeDefaults = new OC_Defaults(); + $themeDefaults = \OC::$server->getThemingDefaults(); list($path, $template) = $this->findTemplate($theme, $app, $name); diff --git a/lib/private/updater.php b/lib/private/updater.php index fc852991a13..f854afa20c3 100644 --- a/lib/private/updater.php +++ b/lib/private/updater.php @@ -143,7 +143,7 @@ class Updater extends BasicEmitter { return json_decode($this->config->getAppValue('core', 'lastupdateResult'), true); } - $updaterUrl = $this->config->getSystemValue('updater.server.url', 'https://updates.owncloud.com/server/'); + $updaterUrl = $this->config->getSystemValue('updater.server.url', 'https://updates.nextcloud.org/server/'); $this->config->setAppValue('core', 'lastupdatedat', time()); diff --git a/lib/private/user/database.php b/lib/private/user/database.php index fd273055ae1..4622be1657d 100644 --- a/lib/private/user/database.php +++ b/lib/private/user/database.php @@ -49,6 +49,8 @@ */ use OC\Cache\CappedMemoryCache; +use Symfony\Component\EventDispatcher\EventDispatcher; +use Symfony\Component\EventDispatcher\GenericEvent; /** * Class for user management in a SQL Database (e.g. MySQL, SQLite) @@ -59,9 +61,12 @@ class OC_User_Database extends OC_User_Backend implements \OCP\IUserBackend { /** * OC_User_Database constructor. + * + * @param EventDispatcher $eventDispatcher */ - public function __construct() { + public function __construct(EventDispatcher $eventDispatcher = null) { $this->cache = new CappedMemoryCache(); + $this->eventDispatcher = $eventDispatcher ? $eventDispatcher : \OC::$server->getEventDispatcher(); } /** @@ -113,6 +118,8 @@ class OC_User_Database extends OC_User_Backend implements \OCP\IUserBackend { */ public function setPassword($uid, $password) { if ($this->userExists($uid)) { + $event = new GenericEvent($password); + $this->eventDispatcher->dispatch('OCP\PasswordPolicy::validate', $event); $query = OC_DB::prepare('UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?'); $result = $query->execute(array(\OC::$server->getHasher()->hash($password), $uid)); diff --git a/lib/private/util.php b/lib/private/util.php index e4d1ebabc7b..74a944e0850 100644 --- a/lib/private/util.php +++ b/lib/private/util.php @@ -384,7 +384,8 @@ class OC_Util { } /** - * @description get the update channel of the current installed of ownCloud. + * Get the currently configured release channel + * * @return string */ public static function getChannel() { @@ -421,7 +422,7 @@ class OC_Util { // Allow overriding update channel if (\OC::$server->getSystemConfig()->getValue('installed', false)) { - $channel = \OC::$server->getAppConfig()->getValue('core', 'OC_Channel'); + $channel = \OC::$server->getConfig()->getSystemValue('updater.release.channel', null); } else { /** @var $OC_Channel string */ $channel = $OC_Channel; @@ -641,7 +642,7 @@ class OC_Util { if(OC_Util::runningOnWindows()) { $errors[] = [ 'error' => $l->t('Microsoft Windows Platform is not supported'), - 'hint' => $l->t('Running ownCloud Server on the Microsoft Windows platform is not supported. We suggest you ' . + 'hint' => $l->t('Running Nextcloud Server on the Microsoft Windows platform is not supported. We suggest you ' . 'use a Linux server in a virtual machine if you have no option for migrating the server itself. ' . 'Find Linux packages as well as easy to deploy virtual machine images on <a href="%s">%s</a>. ' . 'For migrating existing installations to Linux you can find some tips and a migration script ' . @@ -697,7 +698,7 @@ class OC_Util { . '%sgiving the webserver write access to the root directory%s.', array('<a href="' . $urlGenerator->linkToDocs('admin-dir_permissions') . '" target="_blank">', '</a>')); $errors[] = array( - 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by ownCloud', + 'error' => 'Data directory (' . $CONFIG_DATADIRECTORY . ') not writable by Nextcloud', 'hint' => $permissionsHint ); } else { @@ -807,7 +808,7 @@ class OC_Util { } $errors[] = [ 'error' => $l->t('PHP setting "%s" is not set to "%s".', [$setting[0], var_export($setting[1], true)]), - 'hint' => $l->t('Adjusting this setting in php.ini will make ownCloud run again') + 'hint' => $l->t('Adjusting this setting in php.ini will make Nextcloud run again') ]; $webServerRestart = true; } |