| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
| |
| | |
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
|
| | |
| |
| | |
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
|
| |/
|
|
| |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When the "hide download" property of a share is set the public share
page will not show the download button nor the menu with the download,
direct link and "Add to your Nextcloud" actions; the "downloadURL"
hidden field will not be included either in the generated HTML.
Despite that, note that the "downloadURL" parameter is still set and
passed to the template, as this could be needed anyway to generate
previews (for example, of audio files).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |/
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
| |
operate better
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fixes #10852
A quick hack. Still ensures some type safety however now also accepts
null. Else we'd need to add a whole new layer of middlewares.
This can only happen when a guest user wants to access a controller that
requries the user_id.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
|
|
|
|
| |
Fixes #11030
For https://github.com/orgs/nextcloud/projects/18
This template is now compiled so this no longer has to happen in the
browser. Another step towards a stricter CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Header fixes and public note
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |/
|
|
| |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |\
| |
| | |
Add support for room shares
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The DeletedShareAPIController and ShareAPIController helpers for room
shares are defined in Talk, so the classes do not exist when Talk is not
installed. Due to this when the object returned by "getRoomShareHelper"
is used Phan complains that the class is not declared.
This is not a problem, though, because when the class is not available
"getRoomShareHelper" throws an exception, which is then caught where
that method was called. Therefore now those warnings from Phan are
suppressed (it would be better to use "@phan-suppress-next-line"
instead, but it is not yet available in our Phan version).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases, the DeletedShareAPIController requires explicit handling
of each type of share (for example, to format a share for a
DataResponse). Room shares are implemented in an external app (Nextcloud
Talk), so in order to keep the controller as isolated as possible from
room share specifics all that explicit handling is done in a helper
class provided by the Talk app.
In other cases it is just enough to call the share manager specifying a
room share type; note that the share manager is guarded against share
types for which there is no provider, so it is not necessary to
explicitly check that before passing room shares to the share manager.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In some cases, the ShareAPIController requires explicit handling of each
type of share (for example, to format a share for a DataResponse). Room
shares are implemented in an external app (Nextcloud Talk), so in order
to keep the controller as isolated as possible from room share specifics
all that explicit handling is done in a helper class provided by the
Talk app.
In other cases it is just enough to call the share manager specifying a
room share type; note that the share manager is guarded against share
types for which there is no provider, so it is not necessary to
explicitly check that before passing room shares to the share manager.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Martin Böh (MartB) <mart.b@outlook.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before the public share authentication page is rendered now an event to
load additional scripts is dispatched. Thanks to this any app can load
its own scripts that, when run on the browser, adjust as needed the page
generated by the server.
Note, however, that during the handling of the event apps are only able
to add scripts or styles to be loaded; they can not render arbitrary
content on the page, or change how the content is rendered by the
original template; all those changes have to be done by the scripts at
run-time.
This implies that the scripts of the apps can use only those parameters,
like the token of the share, added to the page when it is generated by
the "publicshareauth" template. Due to this, and given that the event is
being introduced to be used by Talk to inject the UI needed to request
the password for a share, the token of the share is now provided in the
generated page, just like done in the public share page.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
| |
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |
|
|
| |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |\
| |
| | |
sharedWithDisplayName & sharedWithAvatar
|
| | |
| |
| |
| |
| | |
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Due to a misplaced "||" instead of "===" the condition was always met,
so every share type in the conditional chain after the remote and remote
group shares was formatted as a remote/remote group share.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| | |
| |
| |
| | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| | |
| |
| |
| | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| | |
| |
| |
| | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a group share is deleted we keep track of this in the DB.
Right now it is only possible for a recipient to get back the share by
asking the sharer to delete it and to share it again. This doesn't
scale.
This endpoint makes it possible to get back the share.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When the receiver of a group share modifies it (for example, by moving
it to a different folder) the original share is not modified, but a
"ghost" share that keeps track of the changes made by that specific user
is used instead.
By default, the method "getShareById" in the share provider returns the
share from the point of view of the sharer, but it can be used too to
get the share from the point of view of a sharee by providing the
"recipient" parameter (and if the sharee is not found then the share is
returned from the point of view of the sharer).
The "ShareAPIController" always formats the share from the point of view
of the current user, but when getting the information of a specific
share the "recipient" parameter was not given, so it was always returned
from the point of view of the sharer, even if the current user was a
sharee. Now the "recipient" parameter is set to the current user, and
thus the information of the share is returned from the point of view of
the current user, be it the sharer or a sharee.
Note that this special behaviour of "getShareById" happens only with
group shares; with other types of shares the share is the same for the
sharer and the sharee, and thus the parameter is ignored; it was added
for them too just for consistency.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
* Removed tests that are now handled by the middleware
* Updated tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| |
| |
| |
| | |
Now this is in core so the basics (that 99% of the app will want to
use) looks always the same.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| |
| |
| |
| | |
Sometimes when we force a session regeneration we want to update the
current token for this session.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |/
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Make ShareesAPIController strict
|
| | |
| |
| |
| |
| |
| | |
Fixes #9279
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
