aboutsummaryrefslogtreecommitdiffstats
path: root/lib
Commit message (Collapse)AuthorAgeFilesLines
* feat(dashboard): implement widget item api v2Richard Steinmetz2023-08-226-3/+212
| | | | | | | | | This API enables the dashboard to render all widgets from the API data alone without having apps to provide their own bundles. This saves a lot of traffic and execution time as a lot less javascript has to be parsed on the frontend. Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* fix: Make bypass function public APIJoas Schilling2023-08-213-7/+18
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(OCC): Add a command to get the bruteforce state of an IPJoas Schilling2023-08-212-2/+4
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat: Expose if the own IP is allowed to bypass bruteforce protectionJoas Schilling2023-08-212-22/+12
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat: Add a header which signals that the request was throttledJoas Schilling2023-08-211-4/+14
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add a "testing mode" for bruteforce protection that doesn't ↵Joas Schilling2023-08-211-2/+6
| | | | | | sleep Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add a bruteforce protection backend base on memcacheJoas Schilling2023-08-218-127/+466
| | | | | | Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #39888 from nextcloud/less-container-queriesJoas Schilling2023-08-184-14/+29
|\ | | | | Reduce the number of container queries
| * only determine quota_include_external_storage once for quota wrapperRobin Appelman2023-08-182-4/+6
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * better caching in storage stats calculationsRobin Appelman2023-08-181-7/+12
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * reuse dependencies from wrapped cacheRobin Appelman2023-08-181-3/+11
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #39867 from nextcloud/login-lessJoas Schilling2023-08-186-45/+75
|\ \ | |/ |/| Add a separate event for login page rendering
| * add core fileclient script before othersRobin Appelman2023-08-171-2/+7
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * don't always add core/common and core/main during "sorting"Robin Appelman2023-08-171-1/+6
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * add separate event for rendering login page templateRobin Appelman2023-08-175-3/+62
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
| * move core script loading from static template to event listenerRobin Appelman2023-08-171-39/+0
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Merge pull request #39770 from ↵max-nextcloud2023-08-171-0/+5
|\ \ | | | | | | | | | | | | nextcloud/fix/always-use-displayname-from-correct-backend fix: always use display name from correct backend
| * | fix: always use display name from correct backendMax2023-08-151-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Overwrite the display name after the account is initialized when using an instacne of IGetDisplayNameBackend. Before when using a variation of user_oidc and registering a Backend.php implementing IGetDisplayNameBackend the personal setting page shows 'uid'. The UserManager/AccountManager seems not to use consistently the correct backend. The correct backend is used in this sequence: server/lib/private/TemplateLayout.php $userDisplayName = \OC_User::getDisplayName(); $this->assign(user_displayname, $userDisplayName); In the settings page, it definitely not calls the registered backend, but seems to fall back to default Backend and shows (usually) uid or a value from the standard account property table. Signed-off-by: Max <max@nextcloud.com>
* | | Merge pull request #39910 from nextcloud/bugfix/noid/fix-memcache-class-handlingJoas Schilling2023-08-171-7/+9
|\ \ \ | | | | | | | | fix(memcache): Fix comparison of Memcache configs to classes
| * | | fix(memcache): Fix comparison of Memcache configs to classesJoas Schilling2023-08-161-7/+9
| | | | | | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | | | feat: redirect to the mime icon if no preview availableJohn Molakvoæ2023-08-176-0/+148
| | | | | | | | | | | | | | | | Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
* | | | Merge pull request #39481 from nextcloud/fix/transfer-ownersipJulius Härtl2023-08-171-16/+24
|\ \ \ \
| * | | | fix: don't emit Hooks when hookpaths are emptyAnna Larch2023-08-171-16/+24
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Anna Larch <anna@nextcloud.com>
* | | | Merge pull request #39906 from nextcloud/fix/prevent-warnings-if-attr-unsetFerdinand Thiessen2023-08-172-4/+4
|\ \ \ \ | |/ / / |/| | | Prevent PHP warning when CacheEntry extension keys are not set
| * | | fix: Prevent PHP warnings when optional CacheEntry attributes are unsetFerdinand Thiessen2023-08-162-4/+4
| |/ / | | | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | | Fix(l10n): Update translations from TransifexNextcloud bot2023-08-172-0/+20
| | | | | | | | | | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* | | Rewrite OCS CSRF check to be readablejld31032023-08-161-7/+15
|/ / | | | | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* / Fix(l10n): Update translations from TransifexNextcloud bot2023-08-164-0/+18
|/ | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* select the fileid first when looking for incomplete filesRobin Appelman2023-08-141-5/+9
| | | | | | this seems to improve mariadbs index selection Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #39644 from nextcloud/fix/noid/copy-delete-fallback-for-filesDaniel2023-08-141-1/+1
|\ | | | | fix: copy-and-delete fallback should use unlink
| * fix: copy-and-delete fallback should use unlinkDaniel Kesselberg2023-07-311-1/+1
| | | | | | | | | | | | because rmdir does not work for files. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Merge pull request #39850 from nextcloud/nulCoalSimplDaniel2023-08-141-24/+4
|\ \ | | | | | | Code simplification using null coalescing
| * | Code simplification using null coalescingGit'Fellow2023-08-131-24/+4
| | | | | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* | | Fix(l10n): Update translations from TransifexNextcloud bot2023-08-1468-202/+202
|/ / | | | | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* | Merge pull request #39846 from nextcloud/pgSQLCheckRemoveDaniel2023-08-131-40/+0
|\ \ | | | | | | Remove check for very old PGsql version
| * | Fix lintGit'Fellow2023-08-131-1/+0
| | | | | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
| * | Remove check for very old PGsql Git'Fellow2023-08-131-39/+0
| | | | | | | | | Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
* | | Fix(l10n): Update translations from TransifexNextcloud bot2023-08-132-2/+18
|/ / | | | | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* | Fix(l10n): Update translations from TransifexNextcloud bot2023-08-124-0/+110
| | | | | | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* | Merge pull request #38082 from nextcloud/allow-wasm-unsafe-eval-in-cspJoas Schilling2023-08-114-1/+29
|\ \ | | | | | | Allow "wasm-unsafe-eval" in CSP
| * | Allow "wasm-unsafe-eval" in CSPDaniel Calviño Sánchez2023-08-104-1/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If a page has a Content Security Policy header and the `script-src` (or `default-src`) directive does not contain neither `wasm-unsafe-eval` nor `unsafe-eval` loading and executing WebAssembly is blocked in the page (although it is still possible to load and execute WebAssembly in a worker thread). Although the Nextcloud classes to manage the CSP already supported allowing `unsafe-eval` this affects not only WebAssembly, but also the `eval` operation in JavaScript. To make possible to allow WebAssembly execution without allowing JavaScript `eval` this commit adds support for allowing `wasm-unsafe-eval`. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* | | Fix(l10n): Update translations from TransifexNextcloud bot2023-08-112-0/+4
| | | | | | | | | | | | Signed-off-by: Nextcloud bot <bot@nextcloud.com>
* | | Merge pull request #39655 from nextcloud/appecosystem-authAndy Scherzinger2023-08-101-0/+19
|\ \ \ | | | | | | | | AppEcosystem Authentification
| * \ \ Merge branch 'master' into appecosystem-authAndrey Borysenko2023-08-1071-567/+908
| |\ \ \
| * | | | Fix psalm ci (stub). Wrap server container with try-catchAndrey Borysenko2023-08-021-2/+6
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
| * | | | added Application Ecosystem V2 login handlerAlexander Piskun2023-08-011-0/+15
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* | | | | Merge pull request #39723 from nextcloud/removed-apc-extension-version-checkDaniel2023-08-101-4/+1
|\ \ \ \ \ | |_|/ / / |/| | | | chore: remove version check for apc extension
| * | | | chore: remove version check for apc extensionDaniel Kesselberg2023-08-101-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | APC is gone since PHP 7.0. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | | | | docs: remove superfluous phpdocsDaniel Kesselberg2023-08-101-9/+1
|/ / / / | | | | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | | | Merge pull request #39780 from nextcloud/enh/noid/imaginarySimon L2023-08-101-2/+2
|\ \ \ \ | |_|/ / |/| | | log imaginary errors as info to not spam the server logs
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 17:25:22 +0000