| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
This allows the admin to control the behavior whether link shares with
READ permissions should be extended to also gain SHARE permissions,
allowing users (public share receivers) to add the share to their cloud.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| | |
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Theming app injects the stylesheets for the different themes in the
"<header>" element of the page, and those stylesheets are then loaded by
the browser from a "Controller" (a plain "Controller", not an
"OCSController"). The stylesheets, in turn, may also get some images
(like the background) also from the "Controller".
When handling a request to "index.php" it is checked whether the user is
logged in and, if not, a login is tried. A disabled user is explicitly
seen as not logged in, so a login is always tried in that case, but
disabled users are also explicitly prevented to log in, so the login
also fails. Due to that trying to get any of the themed stylesheets or
images with a disabled account (to be able to show the "Account
disabled" error page) fails with an HTTP status 401.
To solve that, and to avoid touching this basic logic as much as
possible, the login exception is now ignored (if the user is disabled)
for some specific requests to the Theming app.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
|
|
|
| |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
# Conflicts:
# apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |/
|
|
|
|
| |
prevent broken reshares
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
| |
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
|
| |
|
|
| |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
| |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
|
|
|
|
| |
Those constants are not used anywhere anymore and are deprecated for
more than ten versions. So its time to cleanup the interface.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |/
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
|
| |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
|
|
|
| |
The `$value` will be `null` if the update is wrapped inside a `<d:remove>...</d:remove>` block.
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| |
|
|
| |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
When we need to check the log condition for a user matches,
there is a risk that something on the way checks the log level
and would result in an infinite loop.
So we simply check if it's a nested call and use the default
warning level in that case.
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
|
| |
|
|
| |
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
|
| |
|
|
| |
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
|
|
|
| |
`GET` should be allowed even without Ajax header to allow downloading files,
or show files in the viewer. All other requests could be guarded, but this should not.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
|
|
| |
requests
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Anna Larch <anna@nextcloud.com>
|
| |
|
|
|
|
|
|
|
| |
As the external storage uses the Nextcloud server itself the number of
workers of the PHP process running the Nextcloud server had to be
increased. Otherwise if a request is sent for the external storage while
handling a request from the integration tests a deadlock would occur.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
| |
|
|
| |
Signed-off-by: provokateurin <kate@provokateurin.de>
|
| |
|
|
| |
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
|
| |
|
|
| |
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
|
| |
|
|
|
|
|
|
|
| |
Allow clients to access the new filename validation options
and make frontend name validation possible.
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
| |
|
|
| |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |
|
|
| |
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
|
| |\
| |
| | |
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
|
| | |
| |
| |
| |
| |
| | |
folder
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
|
