| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.
Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\
| |
| | |
Update email template for lost password email
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | |
| |
| |
| | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | |
| |
| |
| | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \
| |/
|/| |
Override config.php values through environment variables
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
* added functionality to override config.php values with 'OC_' prefixed environment variables
* use getenv to read environment variables since apache does not set $_ENV variables, fixed test
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \
| | |
| | | |
New emails for sharebymail
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| |/ /
|/| | |
Optimize put - Dont try to fetch filecache for not existing filecache…
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
encription
|
| |\ \ \
| |/ /
|/| | |
Discover federatedsharing endpoints
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |\ \ \
| | | |
| | | | |
Removes unused code for link share emails
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* now handled by sharebymail app
* see https://github.com/nextcloud/server/pull/657
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
* allows different texts for HTML and text version of the email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |/ /
| |
| |
| |
| |
| | |
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \
| | |
| | | |
Move OC_Defaults to OCP\Defaults
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Allow getting the unread comment count for an entire folder at once
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |/ /
|/| |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \ \
| | | |
| | | | |
Unified sharing options
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Add support for theming in generated emails and simplify API
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* thanks to @espina2 for make this nice design
* the button says "Set password" if the admin didn't specified a password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is not intended anymore, since it falls back to force english
when the header is not set. Also 0228bc6e66cbcb2848eacb41f1de6e7f63ebcb65
makes clear that the order should be:
1. User setting
2. Accept language
3. Admin default
This is the case since the commit from above, unless via OCS and DAV.
Both forced to accept-language falling back to english.
By removing the force, it now also matches the w3 priority list:
https://www.w3.org/International/questions/qa-lang-priorities
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | |_|/
|/| |
| | |
| | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |\ \ \
| | | |
| | | | |
Introduce bruteforce settings
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\ \ \
| | | |
| | | | |
Endorse password protection
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #3890
If we do a put request without a body the current code still tries to
read the body. This patch makes sure that we do not try to read the body
if the content length is 0.
See RFC 2616 Section 4.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |
| |
| |
| | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
