| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
|
|
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
|
|
|
| |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
|
|
|
| |
Signed-off-by: Maksim Sukharev <antreesy.web@gmail.com>
|
|
|
|
| |
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
|\
| |
| | |
perf(carddav): don't query circle memberships
|
| |
| |
| |
| |
| |
| |
| | |
It is not possible to share address books with circles so it is
pointless to query for address books shared with joined circles.
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
| |
| |
| |
| | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
|\ \
| | |
| | | |
fix: log error when writing stream to dav file
|
| | |
| | |
| | |
| | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
|/ /
| |
| |
| |
| |
| | |
Remove the documentation from the implementaitons.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
| |
| |
| |
| |
| |
| | |
Not sure how the test ever passed as it can only
throw with strict types which are not yet enabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
|\ \
| | |
| | |
| | | |
nextcloud/artonge/feat/do_not_require_samesite_strict_cookie_on_public.php
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This currently prevent directly accessing a ressource when clicking on a link on a third party site. Example, clicking on `https://example.com/public.php/dav/files/pqLWcA269zfzXez/?accept=zip` in a GitHub comment.
Skipping the check is an issue with password protected shares, as it allows third party sites to request the ressource when the user already entered the password, aka CSRF. So after removing the check from `base.php`, we need to add the it again in the `PublicAuth` plugin.
We also add a redirect to be helpful to the user.
**Warning**: this adds the limitation that clicking on a direct download link for password protected shares will redirect you to the password form, and then to the main share view.
Fix #52482
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
|\ \ \
| | | |
| | | | |
Add command to clear dav's photo cache
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
|\ \ \ \
| |_|/ /
|/| | | |
chore: move streamCopy implementation from `OC_Helper` to `OCP\Files`
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The function was already there but called the legacy version.
So moved the implementation and migrated all usages of it.
Sadly the interface was slightly different so adjusted it to be
compatible with both legacy and the OCP one.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
|\ \ \
| |/ /
|/| |
| | |
| | | |
nextcloud/fix/dav/update-rooms-resources-background-job
fix(dav): add repair step to queue job to update rooms and resources
|
| | |
| | |
| | |
| | | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
| | |
| | |
| | |
| | | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Before: Find all entries in `dav_shares` with `access = 5` for the user's principal, as well as group and circle memberships.
After: Find all entries in `dav_shares` with `access = 5` solely for the user's principal.
Future support for unsharing group or circle principals could be considered as a feature enhancement.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Introduces a `unshare` method in `CalDavBackend` to handle user unshares.
- Implements check to determine if unshare entry is needed based on group/circle membership.
- Ensures `updateShares` is only used when the calendar owner manages shares.
- Resolves issue where unsharing a calendar as owner created an unshare entry in `oc_dav_shares`.
Related PRs:
- https://github.com/nextcloud/server/pull/43117
- https://github.com/nextcloud/server/pull/47737
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
|/ /
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
| |
| |
| | |
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
|
|\ \
| | |
| | | |
fix(throttler): Always use the sleepDelayOrThrowOnMax instead of deprecated sleepDelay
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The sleep is not adding benefit when it's being aborted with 429
in other cases anyway.
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|\ \ \ |
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
shares
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
|\ \
| | |
| | | |
fix(CalDAV): do not ignore move command object target uri
|
| | |
| | |
| | |
| | | |
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
|\ \ \
| | | |
| | | | |
fix(dav): throw invalid argument when property type does not match
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Resolves https://github.com/nextcloud/server/issues/49972
Currently a TypeError is thrown when casting fails,
this lead to a HTTP 500 error. Instead throw a proper
InvalidArgumentError so the user receives a HTTP 400.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|