summaryrefslogtreecommitdiffstats
path: root/core/Controller
Commit message (Collapse)AuthorAgeFilesLines
* Theming: theme flow redirection pageJulius Härtl2017-11-081-1/+1
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Change @georgehrke's emailMorris Jobke2017-11-061-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update license headersMorris Jobke2017-11-0613-5/+35
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add 204 endpointRoeland Jago Douma2017-11-021-0/+42
| | | | | | | | | | Fixes #6967 This allows clients to check for Walled Garden connections. The endpoint just responds with a 204 (which is very unlikely with such a connection) Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* meanwhile we can have exact matches. also show those.Arthur Schiwon2017-10-311-1/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* configurable amount of autocomplete results in commentsArthur Schiwon2017-10-271-2/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* add search parameter to autocomplete controllerArthur Schiwon2017-10-251-3/+15
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* AutoCompletion backendArthur Schiwon2017-10-221-0/+89
| | | | | | | | | | * introduce a Controller for requests * introduce result sorting mechanism * extend Comments to retrieve commentors (actors) in a tree * add commenters sorter * add share recipients sorter Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Set the data from the templateJoas Schilling2017-10-181-3/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Set the subject with the email template to allow themingJoas Schilling2017-10-181-1/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Exclude avatar from Same-Site Cookie requirementLukas Reschke2017-10-111-0/+1
| | | | | | Required to work with the upcoming Collabora avatar integration. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix "Uninitialized string offset: 0 at ↵Lukas Reschke2017-09-071-6/+6
| | | | | | | | | | \/media\/psf\/stable9\/lib\/private\/URLGenerator.php#224" The URLGenerator doesn't support `` as target for absolute URLs, we need to link to `/` thus. Regression introduced with https://github.com/nextcloud/server/commit/46229a00f39e507249dbe3ceb7507277da3fa4f8 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix undefined index oauthStateMorris Jobke2017-09-061-0/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-nameMorris Jobke2017-09-051-2/+1
|\ | | | | Set the meta data before everything
| * Merge setMetaData into constructorJoas Schilling2017-09-041-2/+1
| | | | | | | | | | | | This ensures that the meta data is set in the beginning Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #6196 from nextcloud/downstream-26539-2Morris Jobke2017-09-041-0/+1
|\ \ | | | | | | Handle invalid ext storage backend to keep mount point visible
| * | Fix broken testsMorris Jobke2017-09-041-0/+1
| |/ | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* / Add rich link preview to the login pageJulius Härtl2017-09-021-8/+22
|/ | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Return the user id in case of an errorJoas Schilling2017-08-291-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #6255 from nextcloud/email-meta-dataMorris Jobke2017-08-261-0/+3
|\ | | | | Add meta information to emails for better customisation
| * Also for reset passwordJoas Schilling2017-08-241-0/+3
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #6177 from nextcloud/properly-add-slo-urlMorris Jobke2017-08-261-4/+4
|\ \ | | | | | | Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
| * | Inject \OCP\IURLGenerator to make tests workLukas Reschke2017-08-181-1/+1
| | | | | | | | | | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
| * | Properly allow \OCP\Authentication\IApacheBackend to specify logout URLLukas Reschke2017-08-181-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string. This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result in `<a href="foo">`. This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with 054e161eb5f4a5c5c13ee322ae8e93ce66f01b13 inside the navigation manager where one cannot simply inject attributes. Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112, people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects you to the IdP and properly logs you out there as well. Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but I'm not aware of any and there's simply no way to fix this properly otherwise. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | | Allow 2FA providers to specify their custom CSPChristoph Wurst2017-08-261-1/+7
| |/ |/| | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | No password reset for disabled usersJoas Schilling2017-08-181-3/+12
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #5907 from nextcloud/add-metadata-to-throttle-callMorris Jobke2017-08-011-1/+1
|\ | | | | Add metadata to \OCP\AppFramework\Http\Response::throttle
| * Add metadata to \OCP\AppFramework\Http\Response::throttleLukas Reschke2017-07-271-1/+1
| | | | | | | | | | | | Fixes https://github.com/nextcloud/server/issues/5891 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Fix OCSControllerRoeland Jago Douma2017-08-011-3/+3
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix ContactsMenuControllerRoeland Jago Douma2017-08-011-4/+3
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix AvatarControllerRoeland Jago Douma2017-08-011-2/+3
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Cleanup legacy user class from unused methodsMorris Jobke2017-07-241-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add public capabilities APIJulius Härtl2017-06-301-2/+7
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Add Clear-Site-Data headerLukas Reschke2017-06-201-1/+3
| | | | | | | | | | This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content. See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types. Ref https://twitter.com/mikewest/status/877149667909406723 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add tests for ClientFlowLoginControllerLukas Reschke2017-05-181-6/+4
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add OAuth state to sessionLukas Reschke2017-05-181-24/+18
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* use name of oauth app to identify auth tokenBjoern Schiessle2017-05-181-2/+10
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* show error page if no valid client identifier is given and if it is not a ↵Bjoern Schiessle2017-05-181-5/+24
| | | | | | API request Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* Remove special charactersLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add basic implementation for OAuth 2.0 Authorization Code FlowLukas Reschke2017-05-181-20/+72
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Disable the API endpoints as wellJoas Schilling2017-05-111-0/+16
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Disable reset password link. Issue: #27440Ujjwal Bhardwaj2017-05-111-0/+2
|
* Automatic injection for CssControllerJoas Schilling2017-05-101-3/+4
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Automatic injection for JsControllerJoas Schilling2017-05-101-3/+4
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Update login flow redirectionMario Danic2017-05-041-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Handle more error casesMorris Jobke2017-05-021-0/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* add contactsmenu popoverGeorg Ehrke2017-04-261-0/+17
| | | | Signed-off-by: Georg Ehrke <developer@georgehrke.com>
* Merge branch 'master' into contactsmenuJan-Christoph Borchardt2017-04-261-0/+238
|\ | | | | | | Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
| * AppToken to 72 charsRoeland Jago Douma2017-04-251-1/+1
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
| * Do not remove the state token to earlyRoeland Jago Douma2017-04-251-1/+3
| | | | | | | | | | | | | | we should check the stateToken before we remove it. Else the check will always fail. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 13:01:33 +0000