| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Fix unit test compatibility issues with phpunit 5.2+
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| | | |
|
| |/ |
|
| |\
| |
| | |
[stable9] add events to check passwords with the password policy app
|
| | | |
|
| |/
|
|
|
|
| |
Some browsers such as Firefox on Microsoft Windows otherwise do offer to open the file directly which is kinda silly.
Backport of https://github.com/nextcloud/server/pull/258
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When no cookies are sent it is not required to perform any check for the strict or lax cookie, it does not provide any significant security advantage.
It does however interfer with the Android client which requests thumbnails from the unofficial API at `/index.php/apps/files/api/v1/thumbnail/256/256/{filename}`. This endpoint expects the strict cookie to be existent to not leak the existence of files. The Android client authenticates against this endpoint using Basic Auth and without cookies in some cases at least. This will make these endpoints work again with such cases.
To test this issue the following cURL command once without the patch and once with:
> curl http://localhost/index.php/apps/files/api/v1/thumbnail/256/256/welcome.txt -u admin -v
Without the patch the request is redirected (which the client does not obey) and with the patch the preview is returned.
|
| |\
| |
| |
| | |
downstream-160613
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Backport of #24898
Cherry-picked:
1b66db72d916a763b1c22613b9df5c42e93593a8
60225284f3b8ef947f67bbe168b12dca867d6f3d
28d9ad2817b744bcef35a9259f65eb56b0b2ae78
But manually since we renamed stuff and the repair procedures changed
|
| |\ \
| | |
| | | |
[stable9] Backport files drop feature
|
| | | | |
|
| |/ / |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| |\
| |
| |
| |
| | |
owncloud/backport-24432-never-save-app-language-into-request-lang
[9.0] Do not save the language as request lang for apps when we didn't find…
|
| | | |
|
| |/
|
|
| |
Currently testing the updates is a big problem and not really super easy possible. Since we now have a new updater server we should also make this configurable so that people can properly test updates.
|
| |\ |
|
| | | |
|
| |/ |
|
| |\
| |
| |
| |
| | |
owncloud/backport-24183-change-background-job-sort-order
[9.0] Change the sort order of background jobs to be DESC instead of ASC
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In theory, if your instance ever creates more jobs then your system cron can
handle, the default background jobs get never executed anymore. Because
everytime when the joblist returns the next job it looks for the next ID,
however there is always a new next ID, so it will never wrap back to execute
the low IDs. But when we change the sort order to be DESC, we make sure that
these low IDs are always executed, before the system jumps back up to
execute the new IDs.
|
| |/
|
|
|
|
|
| |
In some scenarios initMountPoints is called with an empty user, and
also there is no user in the session.
In such cases, it is unsafe to let the code move on with an empty user.
|
| |\
| |
| |
| |
| | |
owncloud/dont-transfer-files-to-not-ready-user-stable9
[9.0] Introduce isReadyForUser and verify in file transfer ownership
|
| | | |
|
| | | |
|
| |/
|
|
|
|
|
|
|
| |
Fixes #23782 and #23783
If the file scanner detects a changed file we clear the checksum while
we update the cache.
* Unit test added
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Read available l10n files also from theme folder
The old behaviour was that only languages could be used for an app
that are already present in the apps/$app/l10n folder. If there is
a themed l10n that is not present in the apps default l10n folder
the language could not be used and the texts are not translated.
With this change this is possible and also the l10n files are
loaded even if the default l10n doesn't contain the l10n file.
* Inject server root - allows proper testing and separation of concerns
|
| |\
| |
| |
| |
| | |
owncloud/stable9-make-sure-that-encrypted-version-is-set
[stable9] Make sure that the encrypted version is set
|
| | |
| |
| |
| |
| |
| |
| |
| | |
The code path called when using external storage with WebDAV is using `\OC\Files\Storage\Wrapper\Encryption::getMetaData` which did not contain the actual encrypted version inside the cache entry version. This lead to the following:
1. User uploaded a file
2. File is created and `\OC\Files\Storage\Wrapper\Encryption::getMetaData` is called. It has an empty `encryptedVersion` but sets `encrypted` to either `true` or `false`.
3. The call when updating the file cache will use the old version.
|
| |/
|
|
|
|
| |
in order to create a 1:1 copy of a file if a version gets created
we need to store this information on copyBetweenStorage(). This
allows us to by-pass the encryption wrapper if we read the source file.
|
| |\
| |
| | |
[Stable 9] Non moveable mount points should always be UPDATE+DELETE shareable
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes #23536
The new sharing code is much stricter in checking permissions. However
for non moveable mounts the permissions UPDATE+DELETE are not reported
on the mount point.
This is just a quick fix.
* Updated unit tests
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
* Fix tests
|
| |\
| |
| | |
[stable9] Ensure that stored version is at least 1 for cross-storage copy
|
