aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #39958 from nextcloud/dav-permissions-perfJohn Molakvoæ2023-08-221-17/+5
|\
| * improve performance of calculating dav permissionsRobin Appelman2023-08-181-17/+5
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | fix(middleware): Fix header injection for bruteforce middlewareJoas Schilling2023-08-221-5/+1
| | | | | | | | | | | | | | Calling setHeaders(getHeaders()) breaks the CSP nonce for unknown reasons So shifting back to old standard practise for now Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix: Make bypass function public APIJoas Schilling2023-08-212-7/+8
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | feat: Expose if the own IP is allowed to bypass bruteforce protectionJoas Schilling2023-08-212-22/+12
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | feat: Add a header which signals that the request was throttledJoas Schilling2023-08-211-4/+14
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | feat(security): Add a "testing mode" for bruteforce protection that doesn't ↵Joas Schilling2023-08-211-2/+6
| | | | | | | | | | | | sleep Signed-off-by: Joas Schilling <coding@schilljs.com>
* | feat(security): Add a bruteforce protection backend base on memcacheJoas Schilling2023-08-215-126/+442
| | | | | | | | | | | | Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #39888 from nextcloud/less-container-queriesJoas Schilling2023-08-184-14/+29
|\ \ | | | | | | Reduce the number of container queries
| * | only determine quota_include_external_storage once for quota wrapperRobin Appelman2023-08-182-4/+6
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * | better caching in storage stats calculationsRobin Appelman2023-08-181-7/+12
| | | | | | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * | reuse dependencies from wrapped cacheRobin Appelman2023-08-181-3/+11
| |/ | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #39867 from nextcloud/login-lessJoas Schilling2023-08-182-42/+8
|\ \ | |/ |/| Add a separate event for login page rendering
| * add separate event for rendering login page templateRobin Appelman2023-08-172-3/+8
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * move core script loading from static template to event listenerRobin Appelman2023-08-171-39/+0
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #39770 from ↵max-nextcloud2023-08-171-0/+5
|\ \ | | | | | | | | | | | | nextcloud/fix/always-use-displayname-from-correct-backend fix: always use display name from correct backend
| * | fix: always use display name from correct backendMax2023-08-151-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Overwrite the display name after the account is initialized when using an instacne of IGetDisplayNameBackend. Before when using a variation of user_oidc and registering a Backend.php implementing IGetDisplayNameBackend the personal setting page shows 'uid'. The UserManager/AccountManager seems not to use consistently the correct backend. The correct backend is used in this sequence: server/lib/private/TemplateLayout.php $userDisplayName = \OC_User::getDisplayName(); $this->assign(user_displayname, $userDisplayName); In the settings page, it definitely not calls the registered backend, but seems to fall back to default Backend and shows (usually) uid or a value from the standard account property table. Signed-off-by: Max <max@nextcloud.com>
* | | Merge pull request #39910 from nextcloud/bugfix/noid/fix-memcache-class-handlingJoas Schilling2023-08-171-7/+9
|\ \ \ | | | | | | | | fix(memcache): Fix comparison of Memcache configs to classes
| * | | fix(memcache): Fix comparison of Memcache configs to classesJoas Schilling2023-08-161-7/+9
| |/ / | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | | feat: redirect to the mime icon if no preview availableJohn Molakvoæ2023-08-172-0/+101
| | | | | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
* | | Merge pull request #39481 from nextcloud/fix/transfer-ownersipJulius Härtl2023-08-171-16/+24
|\ \ \
| * | | fix: don't emit Hooks when hookpaths are emptyAnna Larch2023-08-171-16/+24
| | |/ | |/| | | | | | | Signed-off-by: Anna Larch <anna@nextcloud.com>
* | | Merge pull request #39906 from nextcloud/fix/prevent-warnings-if-attr-unsetFerdinand Thiessen2023-08-172-4/+4
|\ \ \ | |/ / |/| | Prevent PHP warning when CacheEntry extension keys are not set
| * | fix: Prevent PHP warnings when optional CacheEntry attributes are unsetFerdinand Thiessen2023-08-162-4/+4
| |/ | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* / Rewrite OCS CSRF check to be readablejld31032023-08-161-7/+15
|/ | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* select the fileid first when looking for incomplete filesRobin Appelman2023-08-141-5/+9
| | | | | | this seems to improve mariadbs index selection Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #39644 from nextcloud/fix/noid/copy-delete-fallback-for-filesDaniel2023-08-141-1/+1
|\ | | | | fix: copy-and-delete fallback should use unlink
| * fix: copy-and-delete fallback should use unlinkDaniel Kesselberg2023-07-311-1/+1
| | | | | | | | | | | | because rmdir does not work for files. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Code simplification using null coalescingGit'Fellow2023-08-131-24/+4
| | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* | Fix lintGit'Fellow2023-08-131-1/+0
| | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* | Remove check for very old PGsql Git'Fellow2023-08-131-39/+0
| | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* | Merge pull request #38082 from nextcloud/allow-wasm-unsafe-eval-in-cspJoas Schilling2023-08-111-0/+8
|\ \ | | | | | | Allow "wasm-unsafe-eval" in CSP
| * | Allow "wasm-unsafe-eval" in CSPDaniel Calviño Sánchez2023-08-101-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a page has a Content Security Policy header and the `script-src` (or `default-src`) directive does not contain neither `wasm-unsafe-eval` nor `unsafe-eval` loading and executing WebAssembly is blocked in the page (although it is still possible to load and execute WebAssembly in a worker thread). Although the Nextcloud classes to manage the CSP already supported allowing `unsafe-eval` this affects not only WebAssembly, but also the `eval` operation in JavaScript. To make possible to allow WebAssembly execution without allowing JavaScript `eval` this commit adds support for allowing `wasm-unsafe-eval`. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* | | Merge pull request #39723 from nextcloud/removed-apc-extension-version-checkDaniel2023-08-101-4/+1
|\ \ \ | | | | | | | | chore: remove version check for apc extension
| * | | chore: remove version check for apc extensionDaniel Kesselberg2023-08-101-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | APC is gone since PHP 7.0. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | | | docs: remove superfluous phpdocsDaniel Kesselberg2023-08-101-9/+1
|/ / / | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* / / log imaginary errors as info to not spam the server logsSimon L2023-08-091-2/+2
|/ / | | | | | | Signed-off-by: Simon L <szaimen@e.mail.de>
* | feat: Add delete task APIJulius Härtl2023-08-071-0/+12
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | change sql where order to match index orderJulien Veyssier2023-08-071-2/+2
| | | | | | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* | allow anon text processing schedulingJulien Veyssier2023-08-073-6/+56
| | | | | | | | | | | | | | | | | | add a textprocessing_tasks index convert anotations to method attributes refactor TP manager add mapper methods Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* | start implementing ocs endpoint to get task list from user+appId+identifierJulien Veyssier2023-08-072-1/+37
| | | | | | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* | Merge pull request #39698 from joshtrichards/invalid-source-storage-path-catchJohn Molakvoæ2023-08-051-1/+1
|\ \
| * | fix: simplify `sourceData` checkJohn Molakvoæ2023-08-051-1/+1
| | | | | | | | | | | | Co-authored-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
| * | Catch more invalid cache source storage pathsJosh Richards2023-08-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OC\Files\Cache\Cache::get can return string|false|null, not just string|false. - nextcloud/server#26270 added handling of false, but null is needed too. - Well, or we change the default $resullt to false, but I'm not sure if that has other ramifications and the real need here is to simply catch situations where the cache source storage path is not valid for whatever reason Related: nextcloud/server#19009 Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
* | | Merge pull request #39605 from nextcloud/bugfix/noid/final-events-cleanupJoas Schilling2023-08-0410-471/+80
|\ \ \ | |/ / |/| | fix!: Final round of moving to IEventDispatcher
| * | fix!: Move getEventDispatcher usage to IEventDispatcherJoas Schilling2023-07-283-5/+9
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * | chore!: Remove legacy SymfonyAdapterJoas Schilling2023-07-283-348/+0
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * | fix: Migrate collaboration listener and remove legacy adapterJoas Schilling2023-07-281-34/+16
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * | fix: Remove legacy dispatcher from share managerJoas Schilling2023-07-282-7/+0
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * | feat!: Migrate Share accepted event to typed eventJoas Schilling2023-07-282-3/+4
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-03 19:31:34 +0000