| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\
| |
| | |
[stable23] Handle one time and large passwords
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).
For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.
This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| |\ \
| |/
|/| |
[stable23] Improve local IP detection
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |\ \
| | |
| | | |
[stable23] load dashboard widgets of enabled apps only
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
- might break install
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- per design, all enabled apps have their registration run
- limitations, e.g. enabled by group, are not considered in that state,
because we do not have a session (and might need apps?)
- before instantiation of widget it has to be checked whether the providing
app is actually enabled for the logged in user.
- a public interface is being changed, but it is not meant to be
implemented or used outside of the core handling. Therefore save to
backport.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |/
|
|
| |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |\
| |
| | |
[stable23] Fix reading blob data as resource
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
PostgreSQL returns data as resource when using IQueryBuilder::PARAM_LOB
(which is used for QBMapper).
Previously we just converted this resource using settype, which produced
things like "Resource id #14" instead of the actual resource data.
Now we read the stream correctly if the returned data is a resource
See context at #22472
Fixes #22439
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
| |/
|
|
| |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\
| |
| | |
[stable23] also use nextcloud certificate bundle when downloading from s3
|
| | |
| |
| |
| | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |/
|
|
|
|
|
|
|
|
| |
- requireAppFile() only appends /appinfo/app.php
- without the absolute path, require_once looks into include_path
- the first match in inlcude_path however migth be different from appPath
- fixed by providing the tested(!), full path to the app
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
|
| |
|
|
| |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\ |
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | |
| |
| |
| | |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\ \
| |/
|/| |
[stable23] Fix hook encryption with cron job
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Make sure the setup fs is set before using the Update service
Backport of #29674
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| |\ \
| | |
| | | |
[stable23] Allow to disable password policy enforcement for selected groups
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Co-authored-by: Vincent Petry <vincent@nextcloud.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Christopher Ng <chrng8@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\ \ \
| |/ /
|/| | |
[stable23] Avoid deprecation warnings about libxml_disable_entity_loader in PHP 8+
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In some scenarios (file not in cache, but partial data of it in the
object), Cache->get() might return an array, which leads to errors like
"Call to a member function getId() on array".
So check whether the returned entry is of type ICacheEntry before doing
operations on it in Cache->remove().
Fixes: #33023
Signed-off-by: Jonas <jonas@freesources.org>
|
| |\ \ \
| | | |
| | | | |
[stable23] Fix detection of firefox in ContentSecurityPolicyNonceManager
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Reuse Request::USER_AGENT_FIREFOX, and also update the safari detection
since safari < 12 is not supported anymore and we can remove a bit of
code duplication
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| |/ /
| |
| |
| | |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| | |
| |
| |
| | |
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| | |
| |
| |
| | |
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
|
| |\ \
| | |
| | | |
[stable23] Improve local domain detection
|
| | |/
| |
| |
| | |
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |\ \
| |/
|/| |
[stable23] Add share search tweaks
|
| | |
| |
| |
| | |
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| | |
| |
| |
| |
| |
| | |
shareapi_restrict_user_enumeration_full_match_ignore_second_display_name was introduced to ignore second display name during search from the share panel. But this setting was not respected by search from the calendar application. This fix it.
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| | |
| |
| |
| | |
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
| | |
| |
| |
| | |
Signed-off-by: Louis Chemineau <louis@chmn.me>
|
