summaryrefslogtreecommitdiffstats
path: root/lib/private/user
Commit message (Collapse)AuthorAgeFilesLines
* getMediumStrengthGenerator is deprecated and does not do anything anymoreRoeland Jago Douma2016-01-111-1/+1
|
* Remove OC_DB::isErrorMorris Jobke2016-01-071-2/+2
|
* Move regeneration of session ID into session classesLukas Reschke2016-01-041-0/+2
| | | | There were code paths that nowadays call ISession::login directly thus bypassing the desired regeneration of the session ID. This moves the session regeneration deeper into the session handling and thus ensures that it is always called. Furthermore, I also added the session regeneration to the remember me cookie plus added some test case expectations for this.
* different strategy in cleaning up after user was deletedArthur Schiwon2015-12-091-0/+2
| | | | | | | | we do not listen to deletion hooks anymore, because there is no guarantee that they will be heard - requires that something fetches the CommentsManager first. Instead, in the user deletion routine the clean up method will be called directly. Same way as it happens for files, group memberships, config values.
* More cleanups of OC_Config usageMorris Jobke2015-12-032-2/+2
|
* User IUser::getEMailAddress() all over the placeThomas Müller2015-12-021-1/+1
|
* Fix endless recursionThomas Müller2015-12-021-7/+9
|
* Fix commentsThomas Müller2015-12-021-1/+1
|
* Fix getCloudIdThomas Müller2015-12-021-0/+1
|
* Proposal: add enumeration function to IUserManager which simply calls a ↵Thomas Müller2015-12-021-4/+30
| | | | callbask for each user in all backends
* Add the user's cloud id to the vCardThomas Müller2015-12-021-25/+42
|
* Add IUser::getAvatarImage() for easy accessThomas Müller2015-12-021-1/+27
|
* Introduce \OCP\IUser::getEMailAddress()Thomas Müller2015-11-251-0/+10
|
* Make sure that remote shares use the correct uid casingJoas Schilling2015-10-061-0/+32
|
* update licence headers via scriptMorris Jobke2015-10-054-3/+3
|
* Move dummy backend to Tests namespaceLukas Reschke2015-09-221-169/+0
|
* Remove last occurence of `forcessl`Lukas Reschke2015-08-261-2/+2
| | | | This shoudl have been adjusted as well, now it's consistent with `setMagicInCookie`. While it does not have a security impact directly some automated scanners reported this all the time.
* Fixed "Remote IP:" syntax on failed loginsRealRancor2015-07-091-1/+1
|
* Remove OC_LogThomas Müller2015-07-031-2/+2
|
* Fix indentationLukas Reschke2015-06-271-15/+15
|
* Add missing annotations for parametersLukas Reschke2015-06-274-26/+36
|
* update license headers and authorsMorris Jobke2015-06-252-5/+17
|
* more type hintsRobin Appelman2015-06-021-2/+2
|
* Reduce the complexity of the search queries in the backends to a minimumJoas Schilling2015-05-181-5/+20
|
* fix followup issues with unneeded parametersMorris Jobke2015-04-181-2/+2
|
* throw exception when backends don't provide a user instead of creating ↵Jörn Friedrich Dreyer2015-04-101-0/+14
| | | | legacy local storages
* Update license headersJenkins for ownCloud2015-03-268-73/+179
|
* Remove outdated commentLukas Reschke2015-03-131-2/+0
|
* Drop example user backendLukas Reschke2015-03-131-70/+0
| | | | | | We already provide an interface for application developers, this file is outdated and thus should get removed. Addresses No. 3 from https://github.com/owncloud/core/issues/14847
* Merge pull request #14867 from owncloud/drop-OC_User_HTTPMorris Jobke2015-03-131-120/+0
|\ | | | | Remove OC_User_HTTP
| * Remove OC_User_HTTPLukas Reschke2015-03-131-120/+0
| | | | | | | | Addresses No. 1 from https://github.com/owncloud/core/issues/14847
* | Can also be nullLukas Reschke2015-03-131-1/+1
|/ | | | If the user does not exist this returns null and can lead to nasty bugs since the IDE is not indicating this...
* Let users configure security headers in their WebserverLukas Reschke2015-03-021-1/+1
| | | | | | | | | | Doing this in the PHP code is not the right approach for multiple reasons: 1. A bug in the PHP code prevents them from being added to the response. 2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud) 3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations. This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
* Revert "Updating license headers"Morris Jobke2015-02-2610-222/+144
| | | | This reverts commit 6a1a4880f0d556fb090f19a5019fec31916f5c36.
* Merge pull request #10735 from owncloud/use_remote_addrRobin McCorkell2015-02-251-4/+1
|\ | | | | Use getRemoteAddress which supports reverse proxies
| * Use getRemoteAddress which supports reverse proxiesLukas Reschke2015-02-241-4/+1
| | | | | | | | | | | | Breaking change for 8.1 wiki (Security > Administrators): The log format for failed logins has changed and uses now the remote address and is considering reverse proxies for such scenarios when configured correctly.
* | Merge pull request #13340 from owncloud/use-http-onlyLukas Reschke2015-02-241-10/+13
|\ \ | |/ |/| Use "HTTPOnly" for cookies when logging out
| * Use "HTTPOnly" for cookies when logging outLukas Reschke2015-01-141-10/+13
| | | | | | | | | | | | This has no other reason than preventing some insane automated scanners from reporting this as security bug (which it obviously isn't as the cookie contains nothing of value) Thus it generally results in an happier Lukas and hopefully less reports to our support and security mail addresses...
* | Updating license headersJenkins for ownCloud2015-02-2310-144/+222
| |
* | Throw an exception when login is canceled by an appRobin Appelman2015-01-222-1/+18
| |
* | Return false if the login is canceled in a hookRobin Appelman2015-01-131-1/+1
|/
* Merge pull request #12969 from owncloud/clarify-docsMorris Jobke2014-12-221-2/+2
|\ | | | | Clarify return values
| * Fix typoLukas Reschke2014-12-191-1/+1
| |
| * Clarify return valuesLukas Reschke2014-12-191-1/+1
| | | | | | | | This function returns `null` when no user is logged-in.
* | Merge pull request #12923 from owncloud/ultra-slim-version-of-incognito-modeLukas Reschke2014-12-191-0/+5
|\ \ | |/ |/| Add ultra-slim hack for incognito mode
| * Add ultra-slim hack for incognito modeLukas Reschke2014-12-171-0/+5
| | | | | | | | As discussed at https://github.com/owncloud/core/pull/12912#issuecomment-67391155
* | introduce names for user backends - IUserBackendMorris Jobke2014-12-195-6/+38
| | | | | | | | * LDAP with multiple servers also proved backendName
* | Merge pull request #12901 from owncloud/move-ldap-check-to-managerRobin McCorkell2014-12-181-0/+3
|\ \ | |/ |/| Move the Null-Byte LDAP check to the user manager
| * Move the Null-Byte LDAP check to the user managerLukas Reschke2014-12-171-0/+3
| | | | | | | | | | | | The existing method is deprecated and just a wrapper around the manager method. Since in the future other code paths might call this function instead we need to perform that check here. Related to http://owncloud.org/security/advisory/?id=oc-sa-2014-020
* | add a isLoggedIn method to the usersession and deprecate the isLoggedIn ↵Bernhard Posselt2014-12-171-0/+9
|/ | | | method on the api
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 12:05:50 +0000