summaryrefslogtreecommitdiffstats
path: root/lib/private/AppFramework
Commit message (Collapse)AuthorAgeFilesLines
* Add a debug message when throttling without definingJoas Schilling2023-03-082-11/+11
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(middleware): Migrate BruteForceProtection annotation to PHP Attribute ↵Joas Schilling2023-03-081-5/+43
| | | | | | and allow multiple Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(appframework): ⌚ Make ITimeFactory extend \PSR\Clock\ClockInterfaceJoas Schilling2023-03-031-1/+25
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(translations): Add translation provider APIJulius Härtl2023-02-271-0/+25
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #36396 from nextcloud/fix/corsJulius Härtl2023-02-171-1/+1
|\
| * fix(CORS): CORS should only be bypassed on `PublicPage` if not logged in to ↵Ferdinand Thiessen2023-02-161-1/+1
| | | | | | | | | | | | prevent CSRF attack vectors Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
* | Merge pull request #36656 from nextcloud/route-instrumentationJulius Härtl2023-02-141-5/+17
|\ \
| * | more routing performance instrumentationRobin Appelman2023-02-101-5/+17
| |/ | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #36525 from nextcloud/fix/noid/params-putJulius Härtl2023-02-131-6/+12
|\ \ | | | | | | fix: Only get params from PUT content if possible
| * | fix: Only get params from PUT content if possibleJulius Härtl2023-02-031-6/+12
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | instrumentation for app bootingRobin Appelman2023-02-091-8/+8
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | | add more performance instrumentation for app registeringRobin Appelman2023-02-091-2/+14
| |/ |/| | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | fix: Throw `NotFoundExceptionInterface` to fulfill PSR container interface ↵Ferdinand Thiessen2023-02-062-2/+44
|/ | | | | | if class not found Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
* Pluggable share providerLouis Chemineau2023-02-021-0/+22
| | | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu> Signed-off-by: Louis Chemineau <louis@chmn.me>
* feat(app-framework): Add UseSession attribute to replace annotationChristoph Wurst2023-01-271-4/+30
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* feat(app-framework): Add support for global middlewaresChristoph Wurst2023-01-263-7/+54
| | | | | | | This allows apps to register middlewares that always register, not just for the app's own requests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* perf(app-framework): Make the app middleware registration lazyChristoph Wurst2023-01-253-23/+14
| | | | | | | | | Before this patch, app middlewares were registered on the dispatcher for every app loaded in a Nextcloud process. With the patch, only middlewares belonging to the same app of a dispatcher instance are loaded. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* composer run cs:fixCôme Chilliet2023-01-2029-38/+7
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix types in OCS json answer (status code is an int)Côme Chilliet2023-01-203-5/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix crash in OCS when getting info about an applicationCôme Chilliet2023-01-201-8/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Attempt at reducing psalm errorsCôme Chilliet2023-01-201-5/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* feat(app framework)!: Inject services into controller methodsChristoph Wurst2023-01-182-2/+10
| | | | | | | | | | | | | | | Usually Nextcloud DI goes through constructor injection. This has the implication that each instance of a class builds the full DI tree. That is the injected services, their services, etc. Occasionally there is a service that is only needed for one controller method. Then the DI tree is build regardless if used or not. If services are injected into the method, we only build the DI tree if that method gets executed. This is also how Laravel allows injection. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #34172 from audriga/add-scim-json-supportJoas Schilling2022-12-201-2/+3
|\ | | | | Add support for application/scim+json
| * Merge branch 'master' into add-scim-json-supportStanimir Bozhilov2022-12-196-16/+63
| |\ | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir.bozhilov.1998@gmail.com>
| * | Move JSON content type regex to IRequest and make it a constStanimir Bozhilov2022-12-081-4/+1
| | |
| * | Fix the JSON content type regex to match all MIME typesStanimir Bozhilov2022-09-261-1/+1
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Type hint JSON content type regex and use preg_match lessStanimir Bozhilov2022-09-221-4/+4
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Use regex for all JSON-related content typesStanimir Bozhilov2022-09-211-6/+7
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Treat application/json and application/scim+json in same if-blockStanimir Bozhilov2022-09-211-11/+3
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
| * | Add support for application/scim+json content typeStanimir Bozhilov2022-09-201-0/+11
| | | | | | | | | | | | Signed-off-by: Stanimir Bozhilov <stanimir@audriga.com>
* | | Use strict typing in base.phpCôme Chilliet2022-12-191-17/+8
| |/ |/| | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Merge pull request #35537 from nextcloud/fix/dependency-injection-errorVincent Petry2022-12-161-1/+1
|\ \ | | | | | | Improve dependency injection error message
| * | Improve dependency injection error messageCarl Schwan2022-12-011-1/+1
| | | | | | | | | | | | | | | | | | | | | Change from display the name of the parameter to the type of the parameter. This is that in most cases is usefull. Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* | | Merge pull request #35780 from ↵Vincent Petry2022-12-161-1/+1
|\ \ \ | | | | | | | | | | | | | | | | nextcloud/fix/http-dispatcher-double-parameter-cast Fix missing cast of double controller parameters
| * | | fix(app framework): Fix missing cast of double controller parametersChristoph Wurst2022-12-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | ``settype`` allows 'double' as alias of 'float'. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | | | check if params given to API are really an arrayArtur Neumann2022-12-151-2/+1
|/ / / | | | | | | | | | Signed-off-by: Artur Neumann <artur@jankaritech.com>
* | | Move to str_starts_withJulius Härtl2022-12-071-3/+3
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | Skip querying the app container for server namespaceJulius Härtl2022-12-071-0/+6
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | Avoid container dance for appNameJulius Härtl2022-12-071-4/+9
| | | | | | | | | | | | | | | | | | | | | Sicne the appName is always passed for the DIContainer we can avoid using the container query logic and instead store and use a property Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | use bruteforce protection on all methods wrapped by PublicShareMiddlewareJulien Veyssier2022-12-072-2/+23
|/ / | | | | | | | | | | if an invalid token is provided or when share password is wrong Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* | Clean up and deprecate app container aliasesChristoph Wurst2022-11-021-6/+9
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Improve container return type annotationsJulius Härtl2022-10-141-0/+9
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Allow CSRF on CORS routesJonas Rittershofer2022-09-211-0/+4
|/ | | | | | Co-authored-by: Julius Härtl <jus@bitgrid.net> Co-authored-by: Andreas Brinner <andreas@everlanes.net> Signed-off-by: Jonas Rittershofer <jotoeri@users.noreply.github.com>
* Move registration to IBootstrapJulius Härtl2022-08-311-0/+22
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Reopen sessions if we need to write to them instead of keeping them openJulius Härtl2022-08-171-2/+2
| | | | | | | Sessions are a locking operation until we write close them, so close them early and reopen later in case we want to write to them Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #32363 from nextcloud/cleanup/remove-long-deprecated-classesCarl Schwan2022-08-081-2/+0
|\ | | | | Remove OCP\App and OCP\BackgroundJob
| * Remove OCP\App and OCP\BackgroundJobCarl Schwan2022-08-011-2/+0
| | | | | | | | | | | | | | | | | | | | Both deprecated since NC 23 IAppManager is the replacement for OCP\App unfortunately it can't be dependency injected in classes used by the installed otherwise the database connection is initialised too early Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* | Merge pull request #33398 from nextcloud/enh/noid/sensitive-methods-appsVincent Petry2022-08-051-0/+23
|\ \ | | | | | | allow apps to specify methods carrying sensitive parameters
| * | allow apps to specify methods carrying sensitive parametersArthur Schiwon2022-07-281-0/+23
| | | | | | | | | | | | | | | | | | … in order to remove them from logging. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | | Support specifying IPv6 proxies in CIDR notationSimon Leiner2022-08-021-30/+3
| |/ |/| | | | | | | | | | | | | | | | | Previously, it was not possible to use CIDR notation for IPv6 proxies in the trusted_proxies parameter of config.php [1]. This patch adds support for that. [1]: https://docs.nextcloud.com/server/24/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies Signed-off-by: Simon Leiner <simon@leiner.me>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-04 20:04:32 +0000