| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
| |
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
|
|
|
| |
Since we now have all the apps from the appstore we need to do a bit
more checking.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
| |
installed)
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
|
|
|
|
| |
Left over from a refactoring
https://github.com/nextcloud/server/pull/1940
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
|
|
|
| |
This caused more troubles then it had benefits, especially
when an app got disabled or was removed without being disabled.
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Do not update apps if it comes from git
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |/
|
|
|
|
| |
Followup to #7264
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\
| |
| | |
Cache fetched apps in update check
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| |
| |
| | |
The code tried to find the apps with updates and thus was called for every available app. This caused to get the full appstore content as often as apps are available. The appstore request itself was cached nevertheless in an appdata dir, but with an object storage this is still a lot of round trips to read this cached result. Thus the instantiated list is now cached in a static variable (because it's a static method call).
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |/
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\
| |
| | |
Prevent XSS in links which open a new browser window
|
| | | |
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |/
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
|
|
|
|
| |
If extraction fails we should not continue the installation/update
process as the info.xml cannot be loaded and an unrelated error
occurs.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
|
|
|
| |
* uses Installer->installApp now
* removes unused code
* fixes #4453
* added some additional checks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:
- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)
This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.
While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
|
|
|
|
| |
We should verify the app versions when installing a new update, otherwise this could result in downgrade attacks when an attacker just copies the old signature.
Plus it prevents the case that in case of a bug in the appstore actually an older version gets installed.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
|
|
| |
The static version is used nowhere in the code and just decreases coverage
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
|
|
| |
The other function doesn't work if the appstore is disabled
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |
|
|
| |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
