diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2016-06-09 18:45:12 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2016-06-09 18:45:12 +0200 |
| commit | a636e4ff28b25797d6cc7750bc1efe52437ec67f (patch) | |
| tree | ef385b9ef924088b6d6c1404d659e6be450aaf1f /lib | |
| parent | 28193732ea24094335cccddf5fe03aeeeb6f5894 (diff) | |
| parent | 6ba18934e6f095de08bec7bdc10c45485eeb5cc7 (diff) | |
| download | nextcloud-server-a636e4ff28b25797d6cc7750bc1efe52437ec67f.tar.gz nextcloud-server-a636e4ff28b25797d6cc7750bc1efe52437ec67f.zip | |
Downstream 2016-06-09
Merge branch 'master' of https://github.com/owncloud/core into downstream-160609
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/l10n/ar.js | 39 | ||||
| -rw-r--r-- | lib/l10n/ar.json | 39 | ||||
| -rw-r--r-- | lib/l10n/ro.js | 5 | ||||
| -rw-r--r-- | lib/l10n/ro.json | 5 | ||||
| -rw-r--r-- | lib/private/AllConfig.php | 9 | ||||
| -rw-r--r-- | lib/private/AppConfig.php | 2 | ||||
| -rw-r--r-- | lib/private/AppFramework/Middleware/Security/CORSMiddleware.php | 12 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/DefaultTokenCleanupJob.php | 1 | ||||
| -rw-r--r-- | lib/private/Encryption/DecryptAll.php | 4 | ||||
| -rw-r--r-- | lib/private/Files/Cache/Scanner.php | 7 | ||||
| -rw-r--r-- | lib/private/Files/Cache/Updater.php | 5 | ||||
| -rw-r--r-- | lib/private/Files/Storage/Common.php | 3 | ||||
| -rw-r--r-- | lib/private/Files/Storage/Local.php | 36 | ||||
| -rw-r--r-- | lib/private/Files/Utils/Scanner.php | 7 | ||||
| -rw-r--r-- | lib/private/Files/View.php | 45 | ||||
| -rw-r--r-- | lib/private/Log.php | 28 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 49 | ||||
| -rw-r--r-- | lib/private/legacy/api.php | 4 | ||||
| -rw-r--r-- | lib/private/legacy/helper.php | 4 | ||||
| -rw-r--r-- | lib/private/legacy/util.php | 37 | ||||
| -rw-r--r-- | lib/public/IAppConfig.php | 2 | ||||
| -rw-r--r-- | lib/public/IConfig.php | 3 |
22 files changed, 289 insertions, 57 deletions
diff --git a/lib/l10n/ar.js b/lib/l10n/ar.js index 21a67883ac3..a7a3e4e4c31 100644 --- a/lib/l10n/ar.js +++ b/lib/l10n/ar.js @@ -1,18 +1,46 @@ OC.L10N.register( "lib", { + "Cannot write into \"config\" directory!" : "الكتابة في مجلد \"config\" غير ممكنة!", + "This can usually be fixed by giving the webserver write access to the config directory" : "يمكن حل هذا عادة بإعطاء خادم الوب صلاحية الكتابة في مجلد config", + "See %s" : "أنظر %s", + "Sample configuration detected" : "تم اكتشاف إعدادات عيّنة", + "PHP %s or higher is required." : "إصدار PHP %s أو أحدث منه مطلوب.", + "PHP with a version lower than %s is required." : "PHP الإصدار %s أو أقل مطلوب.", + "%sbit or higher PHP required." : "مكتبات PHP ذات %s بت أو أعلى مطلوبة.", + "Following databases are supported: %s" : "قواعد البيانات التالية مدعومة: %s", + "The command line tool %s could not be found" : "لم يتم العثور على أداة سطر الأوامر %s", + "The library %s is not available." : "مكتبة %s غير متوفرة.", "Unknown filetype" : "نوع الملف غير معروف", "Invalid image" : "الصورة غير صالحة", "today" : "اليوم", "yesterday" : "يوم أمس", + "_%n day ago_::_%n days ago_" : ["قبل ساعات","قبل يوم","قبل يومين","قبل %n يوماً","قبل %n يوماً","قبل %n يوماً"], "last month" : "الشهر الماضي", + "_%n month ago_::_%n months ago_" : ["قبل عدة أيام","قبل شهر","قبل شهرين","قبل %n شهراً","قبل %n شهراً","قبل %n شهراً"], "last year" : "السنةالماضية", "seconds ago" : "منذ ثواني", + "Empty filename is not allowed" : "لا يسمح بأسماء فارغة للملفات", + "4-byte characters are not supported in file names" : "المحارف ذات 4 بايت غير مسموح بها في أسماء الملفات", + "File name is a reserved word" : "اسم الملف كلمة محجوزة", + "File name contains at least one invalid character" : "اسم الملف به ، على الأقل ، حرف غير صالح", + "File name is too long" : "اسم الملف طويل جداً", "App directory already exists" : "مجلد التطبيق موجود مسبقا", "Can't create app folder. Please fix permissions. %s" : "لا يمكن إنشاء مجلد التطبيق. يرجى تعديل الصلاحيات. %s", + "Archive does not contain a directory named %s" : "الأرشيف لا يحتوي مجلداً اسمه %s", "No source specified when installing app" : "لم يتم تحديد المصدر عن تثبيت البرنامج", + "No href specified when installing app from http" : "لم يتم تحديد href عند تثبيت التطبيق من http", + "No path specified when installing app from local file" : "لم يتم تحديد مسار عند تثبيت التطبيق من ملف محلّي", "Archives of type %s are not supported" : "الأرشيفات من نوع %s غير مدعومة", + "Failed to open archive when installing app" : "فشل فتح الأرشيف أثناء تثبيت التطبيق", "App does not provide an info.xml file" : "التطبيق لا يتوفر على ملف info.xml", + "App cannot be installed because appinfo file cannot be read." : "لا يمكن تثبيت التطبيق لأن ملف appinfo غير ممكنة قراءته.", + "Signature could not get checked. Please contact the app developer and check your admin screen." : "لم يتم التحقق من التوقيع. فضلاً اتصل بمطوّر التطبيق و تحقق من شاشة الإدارة في حسابك.", + "App can't be installed because of not allowed code in the App" : "لم يتم تثبيت التطبيق لوجود شفرة غير مسموح بها في التطبيق", + "App can't be installed because it is not compatible with this version of ownCloud" : "لم يتم تثبيت التطبيق لأنه غير متوافق مع هذا الإصدار من ownCloud", + "App can't be installed because it contains the <shipped>true</shipped> tag which is not allowed for non shipped apps" : "لم يتم تثبيت التطبيق لأن به علامة <shipped>true</shipped> التي لايسمح بها في التطبيقات غير المشحونة", + "App can't be installed because the version in info.xml is not the same as the version reported from the app store" : "لم يتم تثبيت التطبيق لأن الإصدار في info.xml مختلف عن الإصدار المذكور في متجر التطبيقات", + "%s enter the database username and name." : "%s أدخِل اسم قاعدة البيانات واسم مستخدمها.", "%s enter the database username." : "%s ادخل اسم المستخدم الخاص بقاعدة البيانات.", "%s enter the database name." : "%s ادخل اسم فاعدة البيانات", "%s you may not use dots in the database name" : "%s لا يسمح لك باستخدام نقطه (.) في اسم قاعدة البيانات", @@ -23,9 +51,20 @@ OC.L10N.register( "You need to enter either an existing account or the administrator." : "انت بحاجة لكتابة اسم مستخدم موجود أو حساب المدير.", "Offending command was: \"%s\", name: %s, password: %s" : "الأمر المخالف كان : \"%s\", اسم المستخدم : %s, كلمة المرور: %s", "PostgreSQL username and/or password not valid" : "اسم المستخدم / أو كلمة المرور الخاصة بـPostgreSQL غير صحيحة", + "Mac OS X is not supported and %s will not work properly on this platform. Use it at your own risk! " : "نظام ماك الإصدار X غير مدعوم و %s لن يعمل بشكل صحيح على هذه المنصة. استخدمه على مسؤوليتك!", + "For the best results, please consider using a GNU/Linux server instead." : "فضلاً ضع في الاعتبار استخدام نظام GNU/Linux بدل الأنظمة الأخرى للحصول على أفضل النتائج.", + "Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP." : "فضلاً إحذف إعداد open_basedir من ملف php.ini لديك أو حوّل إلى PHP إصدار 64 بت.", "Set an admin username." : "اعداد اسم مستخدم للمدير", "Set an admin password." : "اعداد كلمة مرور للمدير", + "Can't create or write into the data directory %s" : "لا يمكن الإنشاء أو الكتابة في مجلد البيانات %s", + "Invalid Federated Cloud ID" : "معرّف سحابة الاتحاد غير صالح", "%s shared »%s« with you" : "%s شارك »%s« معك", + "%s via %s" : "%s عبر %s", + "Sharing %s failed, because the file does not exist" : "فشلت مشاركة %s فالملف غير موجود", + "You are not allowed to share %s" : "أنت غير مسموح لك أن تشارك %s", + "Sharing %s failed, because you can not share with yourself" : "فشلت مشاركة %s لأنك لايمكنك المشاركة مع نفسك", + "Sharing %s failed, because the user %s does not exist" : "فشلت مشاركة %s لأن المستخدم %s غير موجود", + "Share type %s is not valid for %s" : "مشاركة النوع %s غير صالحة لـ %s", "Could not find category \"%s\"" : "تعذر العثور على المجلد \"%s\"", "Apps" : "التطبيقات", "A valid username must be provided" : "يجب ادخال اسم مستخدم صحيح", diff --git a/lib/l10n/ar.json b/lib/l10n/ar.json index eb91606bb52..86284a03538 100644 --- a/lib/l10n/ar.json +++ b/lib/l10n/ar.json @@ -1,16 +1,44 @@ { "translations": { + "Cannot write into \"config\" directory!" : "الكتابة في مجلد \"config\" غير ممكنة!", + "This can usually be fixed by giving the webserver write access to the config directory" : "يمكن حل هذا عادة بإعطاء خادم الوب صلاحية الكتابة في مجلد config", + "See %s" : "أنظر %s", + "Sample configuration detected" : "تم اكتشاف إعدادات عيّنة", + "PHP %s or higher is required." : "إصدار PHP %s أو أحدث منه مطلوب.", + "PHP with a version lower than %s is required." : "PHP الإصدار %s أو أقل مطلوب.", + "%sbit or higher PHP required." : "مكتبات PHP ذات %s بت أو أعلى مطلوبة.", + "Following databases are supported: %s" : "قواعد البيانات التالية مدعومة: %s", + "The command line tool %s could not be found" : "لم يتم العثور على أداة سطر الأوامر %s", + "The library %s is not available." : "مكتبة %s غير متوفرة.", "Unknown filetype" : "نوع الملف غير معروف", "Invalid image" : "الصورة غير صالحة", "today" : "اليوم", "yesterday" : "يوم أمس", + "_%n day ago_::_%n days ago_" : ["قبل ساعات","قبل يوم","قبل يومين","قبل %n يوماً","قبل %n يوماً","قبل %n يوماً"], "last month" : "الشهر الماضي", + "_%n month ago_::_%n months ago_" : ["قبل عدة أيام","قبل شهر","قبل شهرين","قبل %n شهراً","قبل %n شهراً","قبل %n شهراً"], "last year" : "السنةالماضية", "seconds ago" : "منذ ثواني", + "Empty filename is not allowed" : "لا يسمح بأسماء فارغة للملفات", + "4-byte characters are not supported in file names" : "المحارف ذات 4 بايت غير مسموح بها في أسماء الملفات", + "File name is a reserved word" : "اسم الملف كلمة محجوزة", + "File name contains at least one invalid character" : "اسم الملف به ، على الأقل ، حرف غير صالح", + "File name is too long" : "اسم الملف طويل جداً", "App directory already exists" : "مجلد التطبيق موجود مسبقا", "Can't create app folder. Please fix permissions. %s" : "لا يمكن إنشاء مجلد التطبيق. يرجى تعديل الصلاحيات. %s", + "Archive does not contain a directory named %s" : "الأرشيف لا يحتوي مجلداً اسمه %s", "No source specified when installing app" : "لم يتم تحديد المصدر عن تثبيت البرنامج", + "No href specified when installing app from http" : "لم يتم تحديد href عند تثبيت التطبيق من http", + "No path specified when installing app from local file" : "لم يتم تحديد مسار عند تثبيت التطبيق من ملف محلّي", "Archives of type %s are not supported" : "الأرشيفات من نوع %s غير مدعومة", + "Failed to open archive when installing app" : "فشل فتح الأرشيف أثناء تثبيت التطبيق", "App does not provide an info.xml file" : "التطبيق لا يتوفر على ملف info.xml", + "App cannot be installed because appinfo file cannot be read." : "لا يمكن تثبيت التطبيق لأن ملف appinfo غير ممكنة قراءته.", + "Signature could not get checked. Please contact the app developer and check your admin screen." : "لم يتم التحقق من التوقيع. فضلاً اتصل بمطوّر التطبيق و تحقق من شاشة الإدارة في حسابك.", + "App can't be installed because of not allowed code in the App" : "لم يتم تثبيت التطبيق لوجود شفرة غير مسموح بها في التطبيق", + "App can't be installed because it is not compatible with this version of ownCloud" : "لم يتم تثبيت التطبيق لأنه غير متوافق مع هذا الإصدار من ownCloud", + "App can't be installed because it contains the <shipped>true</shipped> tag which is not allowed for non shipped apps" : "لم يتم تثبيت التطبيق لأن به علامة <shipped>true</shipped> التي لايسمح بها في التطبيقات غير المشحونة", + "App can't be installed because the version in info.xml is not the same as the version reported from the app store" : "لم يتم تثبيت التطبيق لأن الإصدار في info.xml مختلف عن الإصدار المذكور في متجر التطبيقات", + "%s enter the database username and name." : "%s أدخِل اسم قاعدة البيانات واسم مستخدمها.", "%s enter the database username." : "%s ادخل اسم المستخدم الخاص بقاعدة البيانات.", "%s enter the database name." : "%s ادخل اسم فاعدة البيانات", "%s you may not use dots in the database name" : "%s لا يسمح لك باستخدام نقطه (.) في اسم قاعدة البيانات", @@ -21,9 +49,20 @@ "You need to enter either an existing account or the administrator." : "انت بحاجة لكتابة اسم مستخدم موجود أو حساب المدير.", "Offending command was: \"%s\", name: %s, password: %s" : "الأمر المخالف كان : \"%s\", اسم المستخدم : %s, كلمة المرور: %s", "PostgreSQL username and/or password not valid" : "اسم المستخدم / أو كلمة المرور الخاصة بـPostgreSQL غير صحيحة", + "Mac OS X is not supported and %s will not work properly on this platform. Use it at your own risk! " : "نظام ماك الإصدار X غير مدعوم و %s لن يعمل بشكل صحيح على هذه المنصة. استخدمه على مسؤوليتك!", + "For the best results, please consider using a GNU/Linux server instead." : "فضلاً ضع في الاعتبار استخدام نظام GNU/Linux بدل الأنظمة الأخرى للحصول على أفضل النتائج.", + "Please remove the open_basedir setting within your php.ini or switch to 64-bit PHP." : "فضلاً إحذف إعداد open_basedir من ملف php.ini لديك أو حوّل إلى PHP إصدار 64 بت.", "Set an admin username." : "اعداد اسم مستخدم للمدير", "Set an admin password." : "اعداد كلمة مرور للمدير", + "Can't create or write into the data directory %s" : "لا يمكن الإنشاء أو الكتابة في مجلد البيانات %s", + "Invalid Federated Cloud ID" : "معرّف سحابة الاتحاد غير صالح", "%s shared »%s« with you" : "%s شارك »%s« معك", + "%s via %s" : "%s عبر %s", + "Sharing %s failed, because the file does not exist" : "فشلت مشاركة %s فالملف غير موجود", + "You are not allowed to share %s" : "أنت غير مسموح لك أن تشارك %s", + "Sharing %s failed, because you can not share with yourself" : "فشلت مشاركة %s لأنك لايمكنك المشاركة مع نفسك", + "Sharing %s failed, because the user %s does not exist" : "فشلت مشاركة %s لأن المستخدم %s غير موجود", + "Share type %s is not valid for %s" : "مشاركة النوع %s غير صالحة لـ %s", "Could not find category \"%s\"" : "تعذر العثور على المجلد \"%s\"", "Apps" : "التطبيقات", "A valid username must be provided" : "يجب ادخال اسم مستخدم صحيح", diff --git a/lib/l10n/ro.js b/lib/l10n/ro.js index 5c5b7844cf7..de13cd796d6 100644 --- a/lib/l10n/ro.js +++ b/lib/l10n/ro.js @@ -29,6 +29,7 @@ OC.L10N.register( "Module with id: %s does not exist. Please enable it in your apps settings or contact your administrator." : "Modulul cu id-ul %s nu există. Activează-l în setările tale de aplicație sau contactează-ți administratorul.", "Empty filename is not allowed" : "Nu este permis fișier fără nume", "Dot files are not allowed" : "Fișierele care încep cu caracterul punct nu sunt permise", + "4-byte characters are not supported in file names" : "Caracterele stocate în 4 octeți nu sunt suportate în denumirile fișierelor", "File name is a reserved word" : "Numele fișierului este un cuvânt rezervat", "File name contains at least one invalid character" : "Numele fișierului conține măcar un caracter invalid", "File name is too long" : "Numele fișierului este prea lung", @@ -36,6 +37,8 @@ OC.L10N.register( "Can't create app folder. Please fix permissions. %s" : "Nu se poate crea directorul de aplicație. Repară permisiunile. %s", "Archive does not contain a directory named %s" : "Arhiva nu conține vreun director cu numele %s", "No source specified when installing app" : "Nu a fost specificată vreo sursă la instalarea aplicației", + "No href specified when installing app from http" : "Nu s-a specificat adresa la instalarea aplicației dintr-o sursă de pe Internet", + "No path specified when installing app from local file" : "Nu s-a specificat vreo cale la instalarea aplicației de pe un fișier local", "Archives of type %s are not supported" : "Arhivele de tip %s nu sunt suportate", "Failed to open archive when installing app" : "Deschiderea arhivei a eșuat în timpul instalării aplicației", "App does not provide an info.xml file" : "Aplicația nu furnizează un fișier info.xml", @@ -51,10 +54,12 @@ OC.L10N.register( "DB Error: \"%s\"" : "Eroare Bază de Date: \"%s\"", "Offending command was: \"%s\"" : "Comanda cauză a fost: \"%s\"", "PostgreSQL username and/or password not valid" : "Nume utilizator și/sau parolă PostgreSQL greșită", + "For the best results, please consider using a GNU/Linux server instead." : "Pentru cele mai bune rezultate, ia în calcul folosirea unui server care rulează un sistem de operare GNU/Linux.", "Set an admin username." : "Setează un nume de administrator.", "Set an admin password." : "Setează o parolă de administrator.", "Invalid Federated Cloud ID" : "ID invalid cloud federalizat", "%s shared »%s« with you" : "%s Partajat »%s« cu tine de", + "%s via %s" : "%s via %s", "You are not allowed to share %s" : "Nu există permisiunea de partajare %s", "Sharing %s failed, because this item is already shared with %s" : "Partajarea %s a eșuat deoarece acest element este deja partajat cu %s", "Not allowed to create a federated share with the same user" : "Nu este permisă crearea unei partajări federalizate cu acelaşi utilizator", diff --git a/lib/l10n/ro.json b/lib/l10n/ro.json index 566f6d01123..9149650a015 100644 --- a/lib/l10n/ro.json +++ b/lib/l10n/ro.json @@ -27,6 +27,7 @@ "Module with id: %s does not exist. Please enable it in your apps settings or contact your administrator." : "Modulul cu id-ul %s nu există. Activează-l în setările tale de aplicație sau contactează-ți administratorul.", "Empty filename is not allowed" : "Nu este permis fișier fără nume", "Dot files are not allowed" : "Fișierele care încep cu caracterul punct nu sunt permise", + "4-byte characters are not supported in file names" : "Caracterele stocate în 4 octeți nu sunt suportate în denumirile fișierelor", "File name is a reserved word" : "Numele fișierului este un cuvânt rezervat", "File name contains at least one invalid character" : "Numele fișierului conține măcar un caracter invalid", "File name is too long" : "Numele fișierului este prea lung", @@ -34,6 +35,8 @@ "Can't create app folder. Please fix permissions. %s" : "Nu se poate crea directorul de aplicație. Repară permisiunile. %s", "Archive does not contain a directory named %s" : "Arhiva nu conține vreun director cu numele %s", "No source specified when installing app" : "Nu a fost specificată vreo sursă la instalarea aplicației", + "No href specified when installing app from http" : "Nu s-a specificat adresa la instalarea aplicației dintr-o sursă de pe Internet", + "No path specified when installing app from local file" : "Nu s-a specificat vreo cale la instalarea aplicației de pe un fișier local", "Archives of type %s are not supported" : "Arhivele de tip %s nu sunt suportate", "Failed to open archive when installing app" : "Deschiderea arhivei a eșuat în timpul instalării aplicației", "App does not provide an info.xml file" : "Aplicația nu furnizează un fișier info.xml", @@ -49,10 +52,12 @@ "DB Error: \"%s\"" : "Eroare Bază de Date: \"%s\"", "Offending command was: \"%s\"" : "Comanda cauză a fost: \"%s\"", "PostgreSQL username and/or password not valid" : "Nume utilizator și/sau parolă PostgreSQL greșită", + "For the best results, please consider using a GNU/Linux server instead." : "Pentru cele mai bune rezultate, ia în calcul folosirea unui server care rulează un sistem de operare GNU/Linux.", "Set an admin username." : "Setează un nume de administrator.", "Set an admin password." : "Setează o parolă de administrator.", "Invalid Federated Cloud ID" : "ID invalid cloud federalizat", "%s shared »%s« with you" : "%s Partajat »%s« cu tine de", + "%s via %s" : "%s via %s", "You are not allowed to share %s" : "Nu există permisiunea de partajare %s", "Sharing %s failed, because this item is already shared with %s" : "Partajarea %s a eșuat deoarece acest element este deja partajat cu %s", "Not allowed to create a federated share with the same user" : "Nu este permisă crearea unei partajări federalizate cu acelaşi utilizator", diff --git a/lib/private/AllConfig.php b/lib/private/AllConfig.php index 6e99e1ac268..e082cea3305 100644 --- a/lib/private/AllConfig.php +++ b/lib/private/AllConfig.php @@ -154,7 +154,7 @@ class AllConfig implements \OCP\IConfig { * * @param string $appName the appName that we want to store the value under * @param string $key the key of the value, under which will be saved - * @param string $value the value that should be stored + * @param string|float|int $value the value that should be stored */ public function setAppValue($appName, $key, $value) { \OC::$server->getAppConfig()->setValue($appName, $key, $value); @@ -198,11 +198,16 @@ class AllConfig implements \OCP\IConfig { * @param string $userId the userId of the user that we want to store the value under * @param string $appName the appName that we want to store the value under * @param string $key the key under which the value is being stored - * @param string $value the value that you want to store + * @param string|float|int $value the value that you want to store * @param string $preCondition only update if the config value was previously the value passed as $preCondition * @throws \OCP\PreConditionNotMetException if a precondition is specified and is not met + * @throws \UnexpectedValueException when trying to store an unexpected value */ public function setUserValue($userId, $appName, $key, $value, $preCondition = null) { + if (!is_int($value) && !is_float($value) && !is_string($value)) { + throw new \UnexpectedValueException('Only integers, floats and strings are allowed as value'); + } + // TODO - FIXME $this->fixDIInit(); diff --git a/lib/private/AppConfig.php b/lib/private/AppConfig.php index 24542152ffc..f84c8a41f17 100644 --- a/lib/private/AppConfig.php +++ b/lib/private/AppConfig.php @@ -143,7 +143,7 @@ class AppConfig implements IAppConfig { * * @param string $app app * @param string $key key - * @param string $value value + * @param string|float|int $value value * @return bool True if the value was inserted or updated, false if the value was the same */ public function setValue($app, $key, $value) { diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php index 2b9a072e59a..d84e9963436 100644 --- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php @@ -26,13 +26,13 @@ namespace OC\AppFramework\Middleware\Security; use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; use OC\AppFramework\Utility\ControllerMethodReflector; +use OC\User\Session; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; -use OCP\IRequest; -use OCP\IUserSession; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; +use OCP\IRequest; /** * This middleware sets the correct CORS headers on a response if the @@ -53,18 +53,18 @@ class CORSMiddleware extends Middleware { private $reflector; /** - * @var IUserSession + * @var Session */ private $session; /** * @param IRequest $request * @param ControllerMethodReflector $reflector - * @param IUserSession $session + * @param Session $session */ public function __construct(IRequest $request, ControllerMethodReflector $reflector, - IUserSession $session) { + Session $session) { $this->request = $request; $this->reflector = $reflector; $this->session = $session; @@ -89,7 +89,7 @@ class CORSMiddleware extends Middleware { $pass = $this->request->server['PHP_AUTH_PW']; $this->session->logout(); - if(!$this->session->login($user, $pass)) { + if(!$this->session->logClientIn($user, $pass)) { throw new SecurityException('CORS requires basic auth', Http::STATUS_UNAUTHORIZED); } } diff --git a/lib/private/Authentication/Token/DefaultTokenCleanupJob.php b/lib/private/Authentication/Token/DefaultTokenCleanupJob.php index 04b98c6c5a0..7746d6be915 100644 --- a/lib/private/Authentication/Token/DefaultTokenCleanupJob.php +++ b/lib/private/Authentication/Token/DefaultTokenCleanupJob.php @@ -28,6 +28,7 @@ class DefaultTokenCleanupJob extends Job { protected function run($argument) { /* @var $provider DefaultTokenProvider */ + // TODO: add OC\Authentication\Token\IProvider::invalidateOldTokens and query interface $provider = OC::$server->query('OC\Authentication\Token\DefaultTokenProvider'); $provider->invalidateOldTokens(); } diff --git a/lib/private/Encryption/DecryptAll.php b/lib/private/Encryption/DecryptAll.php index 8676bc09575..34a3e1bff91 100644 --- a/lib/private/Encryption/DecryptAll.php +++ b/lib/private/Encryption/DecryptAll.php @@ -80,7 +80,7 @@ class DecryptAll { $this->input = $input; $this->output = $output; - if (!empty($user) && $this->userManager->userExists($user) === false) { + if ($user !== '' && $this->userManager->userExists($user) === false) { $this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again'); return false; } @@ -141,7 +141,7 @@ class DecryptAll { $this->output->writeln("\n"); $userList = []; - if (empty($user)) { + if ($user === '') { $fetchUsersProgress = new ProgressBar($this->output); $fetchUsersProgress->setFormat(" %message% \n [%bar%]"); diff --git a/lib/private/Files/Cache/Scanner.php b/lib/private/Files/Cache/Scanner.php index e6bd118d5a5..c17f9bfd51b 100644 --- a/lib/private/Files/Cache/Scanner.php +++ b/lib/private/Files/Cache/Scanner.php @@ -38,6 +38,7 @@ use OC\Files\Filesystem; use OC\Hooks\BasicEmitter; use OCP\Config; use OCP\Files\Cache\IScanner; +use OCP\Files\ForbiddenException; use OCP\Files\Storage\ILockingStorage; use OCP\Lock\ILockingProvider; @@ -140,7 +141,11 @@ class Scanner extends BasicEmitter implements IScanner { } } - $data = $this->getData($file); + try { + $data = $this->getData($file); + } catch (ForbiddenException $e) { + return null; + } if ($data) { diff --git a/lib/private/Files/Cache/Updater.php b/lib/private/Files/Cache/Updater.php index 820941abae1..4e17c4d778d 100644 --- a/lib/private/Files/Cache/Updater.php +++ b/lib/private/Files/Cache/Updater.php @@ -231,7 +231,10 @@ class Updater implements IUpdater { $parentId = $this->cache->getParentId($internalPath); $parent = dirname($internalPath); if ($parentId != -1) { - $this->cache->update($parentId, array('storage_mtime' => $this->storage->filemtime($parent))); + $mtime = $this->storage->filemtime($parent); + if ($mtime !== false) { + $this->cache->update($parentId, array('storage_mtime' => $mtime)); + } } } } diff --git a/lib/private/Files/Storage/Common.php b/lib/private/Files/Storage/Common.php index cec6a42a2c0..0c1b69108d4 100644 --- a/lib/private/Files/Storage/Common.php +++ b/lib/private/Files/Storage/Common.php @@ -643,6 +643,9 @@ abstract class Common implements Storage, ILockingStorage { $data = []; $data['mimetype'] = $this->getMimeType($path); $data['mtime'] = $this->filemtime($path); + if ($data['mtime'] === false) { + $data['mtime'] = time(); + } if ($data['mimetype'] == 'httpd/unix-directory') { $data['size'] = -1; //unknown } else { diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php index b07e26a3358..005b5f9ab91 100644 --- a/lib/private/Files/Storage/Local.php +++ b/lib/private/Files/Storage/Local.php @@ -33,20 +33,31 @@ */ namespace OC\Files\Storage; + +use OCP\Files\ForbiddenException; + /** * for local filestore, we only have to map the paths */ class Local extends \OC\Files\Storage\Common { protected $datadir; + protected $dataDirLength; + + protected $allowSymlinks = false; + + protected $realDataDir; + public function __construct($arguments) { if (!isset($arguments['datadir']) || !is_string($arguments['datadir'])) { throw new \InvalidArgumentException('No data directory set for local storage'); } $this->datadir = $arguments['datadir']; + $this->realDataDir = rtrim(realpath($this->datadir), '/') . '/'; if (substr($this->datadir, -1) !== '/') { $this->datadir .= '/'; } + $this->dataDirLength = strlen($this->realDataDir); } public function __destruct() { @@ -157,7 +168,7 @@ class Local extends \OC\Files\Storage\Common { public function filemtime($path) { clearstatcache($this->getSourcePath($path)); - return filemtime($this->getSourcePath($path)); + return $this->file_exists($path) ? filemtime($this->getSourcePath($path)) : false; } public function touch($path, $mtime = null) { @@ -188,7 +199,7 @@ class Local extends \OC\Files\Storage\Common { return ''; } - $handle = fopen($fileName,'rb'); + $handle = fopen($fileName, 'rb'); $content = fread($handle, $fileSize); fclose($handle); return $content; @@ -337,10 +348,27 @@ class Local extends \OC\Files\Storage\Common { * * @param string $path * @return string + * @throws ForbiddenException */ public function getSourcePath($path) { $fullPath = $this->datadir . $path; - return $fullPath; + if ($this->allowSymlinks || $path === '') { + return $fullPath; + } + $pathToResolve = $fullPath; + $realPath = realpath($pathToResolve); + while ($realPath === false) { // for non existing files check the parent directory + $pathToResolve = dirname($pathToResolve); + $realPath = realpath($pathToResolve); + } + if ($realPath) { + $realPath = $realPath . '/'; + } + if (substr($realPath, 0, $this->dataDirLength) === $this->realDataDir) { + return $fullPath; + } else { + throw new ForbiddenException("Following symlinks is not allowed ('$fullPath' -> '$realPath' not inside '{$this->realDataDir}')", false); + } } /** @@ -377,7 +405,7 @@ class Local extends \OC\Files\Storage\Common { * @return bool */ public function copyFromStorage(\OCP\Files\Storage $sourceStorage, $sourceInternalPath, $targetInternalPath) { - if($sourceStorage->instanceOfStorage('\OC\Files\Storage\Local')){ + if ($sourceStorage->instanceOfStorage('\OC\Files\Storage\Local')) { /** * @var \OC\Files\Storage\Local $sourceStorage */ diff --git a/lib/private/Files/Utils/Scanner.php b/lib/private/Files/Utils/Scanner.php index 9b55c312e26..8beba116fe1 100644 --- a/lib/private/Files/Utils/Scanner.php +++ b/lib/private/Files/Utils/Scanner.php @@ -160,7 +160,12 @@ class Scanner extends PublicEmitter { if ($storage->instanceOfStorage('\OC\Files\Storage\Home') and (!$storage->isCreatable('') or !$storage->isCreatable('files')) ) { - throw new ForbiddenException(); + if ($storage->file_exists('') or $storage->getCache()->inCache('')) { + throw new ForbiddenException(); + } else {// if the root exists in neither the cache nor the storage the user isn't setup yet + break; + } + } $relativePath = $mount->getInternalPath($dir); $scanner = $storage->getScanner(); diff --git a/lib/private/Files/View.php b/lib/private/Files/View.php index f738542ea8c..e9daa123470 100644 --- a/lib/private/Files/View.php +++ b/lib/private/Files/View.php @@ -337,10 +337,17 @@ class View { return $this->removeMount($mount, $absolutePath); } if ($this->is_dir($path)) { - return $this->basicOperation('rmdir', $path, array('delete')); + $result = $this->basicOperation('rmdir', $path, array('delete')); } else { - return false; + $result = false; + } + + if (!$result && !$this->file_exists($path)) { //clear ghost files from the cache on delete + $storage = $mount->getStorage(); + $internalPath = $mount->getInternalPath($absolutePath); + $storage->getUpdater()->remove($internalPath); } + return $result; } /** @@ -429,7 +436,7 @@ class View { /** * @param string $path - * @param int $from + * @param int $from * @param int $to * @return bool|mixed * @throws \OCP\Files\InvalidPathException @@ -441,18 +448,18 @@ class View { $handle = $this->fopen($path, 'rb'); if ($handle) { if (fseek($handle, $from) === 0) { - $chunkSize = 8192; // 8 kB chunks - $end = $to + 1; - while (!feof($handle) && ftell($handle) < $end) { - $len = $end-ftell($handle); - if ($len > $chunkSize) { - $len = $chunkSize; + $chunkSize = 8192; // 8 kB chunks + $end = $to + 1; + while (!feof($handle) && ftell($handle) < $end) { + $len = $end - ftell($handle); + if ($len > $chunkSize) { + $len = $chunkSize; + } + echo fread($handle, $len); + flush(); } - echo fread($handle, $len); - flush(); - } - $size = ftell($handle) - $from; - return $size; + $size = ftell($handle) - $from; + return $size; } throw new \OCP\Files\UnseekableException('fseek error'); @@ -679,7 +686,15 @@ class View { if ($mount and $mount->getInternalPath($absolutePath) === '') { return $this->removeMount($mount, $absolutePath); } - return $this->basicOperation('unlink', $path, array('delete')); + $result = $this->basicOperation('unlink', $path, array('delete')); + if (!$result && !$this->file_exists($path)) { //clear ghost files from the cache on delete + $storage = $mount->getStorage(); + $internalPath = $mount->getInternalPath($absolutePath); + $storage->getUpdater()->remove($internalPath); + return true; + } else { + return $result; + } } /** diff --git a/lib/private/Log.php b/lib/private/Log.php index 6028064a878..49223521916 100644 --- a/lib/private/Log.php +++ b/lib/private/Log.php @@ -60,6 +60,32 @@ class Log implements ILogger { /** @var Normalizer */ private $normalizer; + protected $methodsWithSensitiveParameters = [ + // Session/User + 'login', + 'checkPassword', + 'updatePrivateKeyPassword', + 'validateUserPass', + + // TokenProvider + 'getToken', + 'isTokenPassword', + 'getPassword', + 'decryptPassword', + 'logClientIn', + 'generateToken', + 'validateToken', + + // TwoFactorAuth + 'solveChallenge', + 'verifyChallenge', + + //ICrypto + 'calculateHMAC', + 'encrypt', + 'decrypt', + ]; + /** * @param string $logger The logger that should be used * @param SystemConfig $config the system config object @@ -286,7 +312,7 @@ class Log implements ILogger { 'File' => $exception->getFile(), 'Line' => $exception->getLine(), ); - $exception['Trace'] = preg_replace('!(login|checkPassword|updatePrivateKeyPassword|validateUserPass)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']); + $exception['Trace'] = preg_replace('!(' . implode('|', $this->methodsWithSensitiveParameters) . ')\(.*\)!', '$1(*** sensitive parameters replaced ***)', $exception['Trace']); $msg = isset($context['message']) ? $context['message'] : 'Exception'; $msg .= ': ' . json_encode($exception); $this->error($msg, $context); diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 362468d4109..f560bb4bfc0 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -361,7 +361,14 @@ class Session implements IUserSession, Emitter { // TODO: throw LoginException instead (https://github.com/owncloud/core/pull/24616) return false; } - return $this->login($user, $password); + if (!$this->login($user, $password) ) { + $users = $this->manager->getByEmail($user); + if (count($users) === 1) { + return $this->login($users[0]->getUID(), $password); + } + return false; + } + return true; } private function isTokenAuthEnforced() { @@ -376,7 +383,11 @@ class Session implements IUserSession, Emitter { ); $user = $this->manager->get($username); if (is_null($user)) { - return true; + $users = $this->manager->getByEmail($username); + if (count($users) !== 1) { + return true; + } + $user = $users[0]; } // DI not possible due to cyclic dependencies :'-/ return OC::$server->getTwoFactorAuthManager()->isTwoFactorAuthenticated($user); @@ -385,7 +396,7 @@ class Session implements IUserSession, Emitter { /** * Check if the given 'password' is actually a device token * - * @param type $password + * @param string $password * @return boolean */ public function isTokenPassword($password) { @@ -470,11 +481,39 @@ class Session implements IUserSession, Emitter { $name = isset($request->server['HTTP_USER_AGENT']) ? $request->server['HTTP_USER_AGENT'] : 'unknown browser'; try { $sessionId = $this->session->getId(); - $this->tokenProvider->generateToken($sessionId, $uid, $loginName, $password, $name); + $pwd = $this->getPassword($password); + $this->tokenProvider->generateToken($sessionId, $uid, $loginName, $pwd, $name); + return true; } catch (SessionNotAvailableException $ex) { + // This can happen with OCC, where a memory session is used + // if a memory session is used, we shouldn't create a session token anyway + return false; + } + } + /** + * Checks if the given password is a token. + * If yes, the password is extracted from the token. + * If no, the same password is returned. + * + * @param string $password either the login password or a device token + * @return string|null the password or null if none was set in the token + */ + private function getPassword($password) { + if (is_null($password)) { + // This is surely no token ;-) + return null; + } + try { + $token = $this->tokenProvider->getToken($password); + try { + return $this->tokenProvider->getPassword($token, $password); + } catch (PasswordlessTokenException $ex) { + return null; + } + } catch (InvalidTokenException $ex) { + return $password; } - return true; } /** diff --git a/lib/private/legacy/api.php b/lib/private/legacy/api.php index 1e581153ce6..024f3c0fb63 100644 --- a/lib/private/legacy/api.php +++ b/lib/private/legacy/api.php @@ -349,7 +349,7 @@ class OC_API { if ($ocsApiRequest) { // initialize the user's filesystem - \OC_Util::setUpFS(\OC_User::getUser()); + \OC_Util::setupFS(\OC_User::getUser()); self::$isLoggedIn = true; return OC_User::getUser(); @@ -374,7 +374,7 @@ class OC_API { self::$logoutRequired = true; // initialize the user's filesystem - \OC_Util::setUpFS(\OC_User::getUser()); + \OC_Util::setupFS(\OC_User::getUser()); self::$isLoggedIn = true; return \OC_User::getUser(); diff --git a/lib/private/legacy/helper.php b/lib/private/legacy/helper.php index f107d47faf7..21fb3cbc5ab 100644 --- a/lib/private/legacy/helper.php +++ b/lib/private/legacy/helper.php @@ -206,7 +206,9 @@ class OC_Helper { foreach ($files as $fileInfo) { /** @var SplFileInfo $fileInfo */ - if ($fileInfo->isDir()) { + if ($fileInfo->isLink()) { + unlink($fileInfo->getPathname()); + } else if ($fileInfo->isDir()) { rmdir($fileInfo->getRealPath()); } else { unlink($fileInfo->getRealPath()); diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index b744db21238..a863348566e 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -1128,19 +1128,8 @@ class OC_Util { return $encoded; } - /** - * Check if the .htaccess file is working - * @param \OCP\IConfig $config - * @return bool - * @throws Exception - * @throws \OC\HintException If the test file can't get written. - */ - public function isHtaccessWorking(\OCP\IConfig $config) { - - if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { - return true; - } + public function createHtaccessTestFile(\OCP\IConfig $config) { // php dev server does not support htaccess if (php_sapi_name() === 'cli-server') { return false; @@ -1148,7 +1137,7 @@ class OC_Util { // testdata $fileName = '/htaccesstest.txt'; - $testContent = 'testcontent'; + $testContent = 'This is used for testing whether htaccess is properly enabled to disallow access from the outside. This file can be safely removed.'; // creating a test file $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; @@ -1164,6 +1153,28 @@ class OC_Util { } fwrite($fp, $testContent); fclose($fp); + } + + /** + * Check if the .htaccess file is working + * @param \OCP\IConfig $config + * @return bool + * @throws Exception + * @throws \OC\HintException If the test file can't get written. + */ + public function isHtaccessWorking(\OCP\IConfig $config) { + + if (\OC::$CLI || !$config->getSystemValue('check_for_working_htaccess', true)) { + return true; + } + + $testContent = $this->createHtaccessTestFile($config); + if ($testContent === false) { + return false; + } + + $fileName = '/htaccesstest.txt'; + $testFile = $config->getSystemValue('datadirectory', OC::$SERVERROOT . '/data') . '/' . $fileName; // accessing the file via http $url = \OC::$server->getURLGenerator()->getAbsoluteURL(OC::$WEBROOT . '/data' . $fileName); diff --git a/lib/public/IAppConfig.php b/lib/public/IAppConfig.php index 1406e8a56d6..22fcdbbb205 100644 --- a/lib/public/IAppConfig.php +++ b/lib/public/IAppConfig.php @@ -88,7 +88,7 @@ interface IAppConfig { * sets a value in the appconfig * @param string $app app * @param string $key key - * @param string $value value + * @param string|float|int $value value * @deprecated 8.0.0 use method setAppValue of \OCP\IConfig * * Sets a value. If the key did not exist before it will be created. diff --git a/lib/public/IConfig.php b/lib/public/IConfig.php index 9e5024545b3..05158e9063e 100644 --- a/lib/public/IConfig.php +++ b/lib/public/IConfig.php @@ -104,7 +104,7 @@ interface IConfig { * Writes a new app wide value * * @param string $appName the appName that we want to store the value under - * @param string $key the key of the value, under which will be saved + * @param string|float|int $key the key of the value, under which will be saved * @param string $value the value that should be stored * @return void * @since 6.0.0 @@ -149,6 +149,7 @@ interface IConfig { * @param string $value the value that you want to store * @param string $preCondition only update if the config value was previously the value passed as $preCondition * @throws \OCP\PreConditionNotMetException if a precondition is specified and is not met + * @throws \UnexpectedValueException when trying to store an unexpected value * @since 6.0.0 - parameter $precondition was added in 8.0.0 */ public function setUserValue($userId, $appName, $key, $value, $preCondition = null); |