summaryrefslogtreecommitdiffstats
path: root/settings/routes.php
Commit message (Collapse)AuthorAgeFilesLines
* Implement storing and loading the server infoMichael Weimann2019-01-141-0/+1
| | | | Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
* Fix interaction with groups that contain a slashJoas Schilling2018-11-151-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add admin interface to enforce 2FAChristoph Wurst2018-10-101-1/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Reorder routes to avoid conflictsJulius Härtl2018-06-061-4/+4
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Fix app enabling for groups and allow requesting all appsJulius Härtl2018-06-061-0/+3
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Fix category navigationJulius Härtl2018-06-061-0/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Move to AppFramework ControllerJulius Härtl2018-06-061-10/+9
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net> Move app management ajax code to AppSettingsController Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Bump user controller, cleaned old legacy and added route history modeJohn Molakvoæ (skjnldsv)2018-05-161-25/+3
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Settings to vuejsJohn Molakvoæ (skjnldsv)2018-05-161-1/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Show a link to the docs instead of a button on the untrusted domain pageMorris Jobke2018-04-171-1/+0
| | | | | | | | Before there was a button to "quickly" add the untrusted domain to the config. This button often didn't worked, because the generated URL was often untrusted as well. Thus removing it and providing proper docs seems to be the better approach to handle this rare case. Also the log should not be spammed by messages for the untrusted domain accesses, because they are user related and not necessarily an administrative issue. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Use new navigation endpoint and get rid of the legacy navigationdetect ajaxJulius Härtl2018-04-101-2/+0
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Change @georgehrke's emailMorris Jobke2017-11-061-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update license headersMorris Jobke2017-11-061-1/+3
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* completing PersonalInfoArthur Schiwon2017-06-231-1/+1
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* add route and controller. consolidate common settings functions in a trait.Arthur Schiwon2017-06-231-2/+1
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Allow to force a language and set it via the ocs apiJoas Schilling2017-06-211-1/+0
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Implemented visual feedback if a user is disabled in admin user menu.Thomas Pulzer2017-04-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Implemented visuals for enabling/disabling user from admin user list. Added the controller functions for enabling/disabling a user. Added the route for changing user status (enabled/disabled) and added an additional route handler in the user controller. Finished the visuals to reflect current user status and changed user status respectively. Changed the single icon for enabling/disabling a user into a menu where deletion and state toggling of a user is selectable. Added displaying of disabled user count. Improved style of user action menu. Added proper counting of disabled users. Removed visual indicator for disabled users. Moved pseudo-group detection for disabled users from frontend to the controller. Changed units for newly introduced css values from em to px. Removed unnecessary png and optimized svg with scour. Changed the userlist template to display the user action menu with correct width. Style fixes for better readability and coding style conformity. Changed the icons for enabling, disabling and deleting a user in the action menu.
* add verification dialogBjoern Schiessle2017-04-281-0/+1
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* Make group settings routes explicitRoeland Jago Douma2017-04-181-1/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* bring back setEmailAddress for the user managementBjoern Schiessle2016-11-251-0/+1
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* allow to change display names in the user settings againBjörn Schießle2016-11-211-1/+2
| | | | | | keep display name and email address in sync with the accounts table Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* use PUT to update user settingsChristoph Wurst2016-11-211-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Persist settings on the serverChristoph Wurst2016-11-211-2/+1
| | | | | | | | | | | | Persist personal settings federated sharing scopes Show new settings fields in read-only mode too Insert values on page load Return updated values; show inline success feedback Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix route and jsRoeland Jago Douma2016-11-061-4/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use new appstore APILukas Reschke2016-10-311-1/+0
| | | | | | This change introduces the new appstore API in Nextcloud. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Moved ChangePassword to an actual ControllerRoeland Jago Douma2016-08-171-6/+2
| | | | | * Still no full DI because of encryption fu * Remove old "Controller"
* Initial work on Apps page split:Arthur Schiwon2016-08-091-2/+2
| | | | | | * interfaces for the Admin settings (IAdmin) and section (ISection) * SettingsManager service * example setup with LDAP app
* Update with robinJoas Schilling2016-07-211-1/+1
|
* Fix othersJoas Schilling2016-07-211-3/+4
|
* Update license headersLukas Reschke2016-05-261-3/+4
|
* list user's auth tokens on the personal settings pageChristoph Wurst2016-05-231-1/+2
|
* Update author informationLukas Reschke2016-03-011-0/+1
| | | | Probably nice for the people that contributed to 9.0 to see themselves in the AUTHORS file :)
* Merge pull request #21653 from owncloud/update-license-headers-2016Thomas Müller2016-01-131-2/+3
|\ | | | | Update license headers 2016
| * Happy new year!Thomas Müller2016-01-121-2/+3
| |
* | Allow admins to add system wide root certificatesRobin Appelman2016-01-121-0/+2
|/
* Add code integrity checkLukas Reschke2015-12-011-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository. Furthermore, there is a basic implementation to display problems with the code integrity on the update screen. Code signing basically happens the following way: - There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release :wink:). This certificate is not intended to be used for signing directly and only is used to sign new certificates. - Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`, apps need to be signed with a certificate that either has a CN of `core` (shipped apps!) or the AppID. - The command generates a signature.json file of the following format: ```json { "hashes": { "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d", "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9" }, "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----", "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl" } ``` `hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`. Steps to do in other PRs, this is already a quite huge one: - Add nag screen in case the code check fails to ensure that administrators are aware of this. - Add code verification also to OCC upgrade and unify display code more. - Add enforced code verification to apps shipped from the appstore with a level of "official" - Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release - Add some developer documentation on how devs can request their own certificate - Check when installing ownCloud - Add support for CRLs to allow revoking certificates **Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature: ``` ➜ master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt Successfully signed "core" ``` Then increase the version and you should see something like the following: ![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png) As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen. For packaging stable releases this requires the following additional steps as a last action before zipping: 1. Run `./occ integrity:sign-core` once 2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
* Moved changedisplayname to usercontrollerRoeland Jago Douma2015-11-201-2/+1
| | | | | Killed the old static route to change a users display name and moved it to a properly testable controller.
* Fix everyone count for subadminsVincent Petry2015-10-291-2/+1
| | | | Also moved the logic to the UsersController
* update license headers and authorsMorris Jobke2015-06-251-2/+0
|
* Migrate personal certificate handling into AppFramework controllersLukas Reschke2015-04-201-4/+2
| | | | Also added unit-tests and better error-handling
* allow user to start migration in admin settings if no external user ↵Bjoern Schiessle2015-04-161-0/+1
| | | | back-ends are enabled
* Merge pull request #15314 from owncloud/app-categories-15274Lukas Reschke2015-04-091-20/+20
|\ | | | | Add different trust levels to AppStore interface
| * Add experimental applications switchLukas Reschke2015-04-031-20/+20
| | | | | | | | Allows administrators to disable or enabled experimental applications as well as show the trust level.
* | Removing left overs from old encryption appThomas Müller2015-04-071-6/+0
|/
* Add check for activated local memcacheLukas Reschke2015-03-281-2/+1
| | | | | | Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it. Fixes https://github.com/owncloud/core/issues/14956
* Update license headersJenkins for ownCloud2015-03-261-4/+28
|
* Let users configure security headers in their WebserverLukas Reschke2015-03-021-2/+0
| | | | | | | | | | Doing this in the PHP code is not the right approach for multiple reasons: 1. A bug in the PHP code prevents them from being added to the response. 2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud) 3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations. This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
* Revert "Updating license headers"Morris Jobke2015-02-261-29/+5
| | | | This reverts commit 6a1a4880f0d556fb090f19a5019fec31916f5c36.
* Updating license headersJenkins for ownCloud2015-02-231-5/+29
|
* Remove unused function and correct PHPDocLukas Reschke2015-02-161-2/+0
|