summaryrefslogtreecommitdiffstats
path: root/lib/private
Commit message (Collapse)AuthorAgeFilesLines
* don't keep result types hard codedArthur Schiwon2017-09-268-47/+53
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Splits off the logic from sharees endpoint thus making it available fromArthur Schiwon2017-09-269-0/+889
| | | | | | within Nc/via PHP. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Merge pull request #6647 from nextcloud/scss-no-take-only-throwJohn Molakvoæ2017-09-261-0/+2
|\ | | | | Do not stop on scss compilation failure
| * Do not stop on scss compilation failureJohn Molakvoæ (skjnldsv)2017-09-261-0/+2
| | | | | | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* | Improve exception handlingMorris Jobke2017-09-261-0/+3
| | | | | | | | | | | | | | | | | | | | If there is an exception in the template handling then a white page is shown. This improves the handling of this and shows text only about the internal error. To test this just setup redis as cache and then disable the php-redis module. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Merge pull request #6544 from nextcloud/fix/duplicate-session-tokenMorris Jobke2017-09-251-0/+1
|\ \ | |/ |/| Fix duplicate session token after remembered login
| * Fix duplicate session token after remembered loginChristoph Wurst2017-09-201-0/+1
| | | | | | | | | | | | | | | | | | On a remembered login session, we create a new session token in the database with the values of the old one. As we actually don't need the old session token anymore, we can delete it right away. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Merge pull request #6632 from nextcloud/do_not_show_hyphenRoeland Jago Douma2017-09-251-1/+1
|\ \ | | | | | | Do not show hyphen
| * | do not show hyphen after instance name in emails if slogan does not existStephan Müller2017-09-251-1/+1
| | | | | | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | | Handle SameSiteCookie check for index.php in AppFramework MiddlewareRoeland Jago Douma2017-09-244-1/+153
|/ / | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fixed webroot detectionJohn Molakvoæ (skjnldsv)2017-09-221-1/+1
| | | | | | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* | Merge pull request #6605 from nextcloud/oc_ocs_response_is_depMorris Jobke2017-09-212-35/+7
|\ \ | | | | | | OC_OCS_Response is deprecated
| * | Remove private legacy OC_OCS_ResponseRoeland Jago Douma2017-09-211-28/+0
| | | | | | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
| * | OC_OCS_Response is deprecatedRoeland Jago Douma2017-09-211-7/+7
| |/ | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* / Avoid error undefined index classes in logJohn Molakvoæ (skjnldsv)2017-09-211-0/+3
|/ | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Merge pull request #6573 from nextcloud/nonfound-webroot-empty-stringRoeland Jago Douma2017-09-202-4/+4
|\ | | | | Fix "webroot not found" when installed to the root of the webserver
| * Fix "webroot not found" when installed to the root of the webserverRobin Appelman2017-09-202-4/+4
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Read appinfo from a local cacheRoeland Jago Douma2017-09-191-1/+1
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* fix path styleRobin Appelman2017-09-181-3/+1
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* reuse object read/write/delete logic in s3 implementationsRobin Appelman2017-09-182-49/+83
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* update aws sdk and move it to 3rdpartyRobin Appelman2017-09-182-41/+21
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #6490 from nextcloud/share_pagination_queryRoeland Jago Douma2017-09-181-0/+5
|\ | | | | Improve sharing pagination
| * Improve sharing paginationRoeland Jago Douma2017-09-151-0/+5
| | | | | | | | | | | | | | Basically we did in almost all cases did a query to much. This resulted in an extra query for each share type. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Merge pull request #6549 from nextcloud/fix-6534Morris Jobke2017-09-181-1/+2
|\ \ | | | | | | don't pass User object when uid string is expected
| * | don't pass User object when uid string is expectedArthur Schiwon2017-09-181-1/+2
| |/ | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Merge pull request #5462 from nextcloud/add-frameancestor-supportLukas Reschke2017-09-181-0/+14
|\ \ | | | | | | Add CSP frame-ancestors support
| * | Add CSP frame-ancestors supportThomas Citharel2017-09-151-0/+14
| |/ | | | | | | | | | | Didn't set the @since annotation yet. Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* | Add filter for `shareapi_allow_share_dialog_user_enumeration`Lukas Reschke2017-09-151-14/+48
| | | | | | | | | | | | | | | | This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc. Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Fix issue when disabling the shareapi_only_share_with_group_members option + ↵Tobia De Koninck2017-09-151-2/+12
| | | | | | | | | | | | fix findOne Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* | Improve code styleTobia De Koninck2017-09-151-5/+7
| | | | | | | | Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* | Some code improvementsTobia De Koninck2017-09-151-4/+5
| | | | | | | | Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* | Add testsTobia De Koninck2017-09-151-1/+1
| | | | | | | | Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* | Fix testsTobia De Koninck2017-09-151-2/+4
| | | | | | | | Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* | Privacy enhancements for contacts menuTobia De Koninck2017-09-151-4/+71
|/ | | | | | | - Groups, which are excluded from sharing should not see local users at all - If sharing is restricted to users own groups, he should only see contacts from his groups: Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
* Fix webroot throwJohn Molakvoæ (skjnldsv)2017-09-141-1/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Merge pull request #6458 from nextcloud/rethrow-correct-exceptionMorris Jobke2017-09-141-3/+10
|\ | | | | Rethrow the correct exception when there was an error in an app conta…
| * Rethrow the correct exception when there was an error in an app containerJoas Schilling2017-09-121-3/+10
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #6452 from ↵Lukas Reschke2017-09-131-5/+5
|\ \ | | | | | | | | | | | | lukanetconsult/hotfix/issue-6415-undefined-variable Fix undefined variable $tmpRoot
| * | Fix undefined variable $tmpRootAxel Helmert2017-09-121-5/+5
| | | | | | | | | | | | | | | | | | Refactoring of webroot detection left an unused variable. Fixes: #6415 Signed-off-by: Axel Helmert <info@luka.de>
* | | Fix AppPassword 2FA authRoeland Jago Douma2017-09-121-1/+5
| | | | | | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | | Use IAppManager instead of private APIJulius Härtl2017-09-121-1/+2
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | Move theming related imagePath logic to ThemingDefaultsJulius Härtl2017-09-121-8/+7
|/ / | | | | | | Signed-off-by: Julius Haertl <jus@bitgrid.net>
* / Fix uninitialized variable $this->paramsWilliam Pain2017-09-111-2/+2
|/ | | | Signed-off-by: William Pain <pain.william@gmail.com>
* Merge pull request #6414 from nextcloud/share-notification-wrong-languageMorris Jobke2017-09-082-12/+20
|\ | | | | Use the language of the recipient for the share notification
| * Use the language of the recipient for the share notificationJoas Schilling2017-09-082-12/+20
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Ask the schema whether the table and column existJoas Schilling2017-09-081-13/+6
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #6360 from nextcloud/fix/session-timeout-refresh-csrf-tokenLukas Reschke2017-09-071-5/+8
|\ | | | | Fix failing csp/nonce check due to timed out session
| * Fix failing csp/nonce check due to timed out sessionChristoph Wurst2017-09-041-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CSP nonce is based on the CSRF token. This token does not change, unless you log in (or out). In case of the session data being lost, e.g. because php gets rid of old sessions, a new CSRF token is gen- erated. While this is fine in theory, it actually caused some annoying problems where the browser restored a tab and Nextcloud js was blocked due to an outdated nonce. The main problem here is that, while processing the request, we write out security headers relatively early. At that point the CSRF token is known/generated and transformed into a CSP nonce. During this request, however, we also log the user in because the session information was lost. At that point we also refresh the CSRF token, which eventually causes the browser to block any scripts as the nonce in the header does not match the one which is used to include scripts. This patch adds a flag to indicate whether the CSRF token should be refreshed or not. It is assumed that refreshing is only necessary if we want to re-generate the session id too. To my knowledge, this case only happens on fresh logins, not when we recover from a deleted session file. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Merge pull request #6380 from nextcloud/cleanup-oci-setupLukas Reschke2017-09-071-173/+22
|\ \ | | | | | | cleanup oci setup code
| * | cleanup oci setup codeRobin Appelman2017-09-061-173/+22
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-19 07:18:43 +0000