The password confirmation dialog is always shown unless the user backend
does not allow password confirmation. A user backend may explicitly
provide that information, but even if it does not that could have been
defined in the authentication token with
"IToken::SCOPE_SKIP_PASSWORD_VALIDATION" (for example, when "user_oidc"
is only used for authentication and user provision is done by another
user backend).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Allow clients to access the new filename validation options
and make frontend name validation possible.
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.
Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Add the filename restrictions to our JS config so we can create a common frontend library
function to check filename validity (de-duplicate code).
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
This adds a new config variable `loglevel_frontend`,
allowing to configure the logging level of the
browser part as requested in nextcloud/nextcloud-logger#141
If not configured the `loglevel` is used as the fallback.
Signed-off-by: Ferdinand Thiessen <rpm@fthiessen.de>
This capability do DB access and as far I know is not used by the webui.
This remove one DB query for each page load.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
Psalm found an issue. However the issue found was because of lying
docblocks. Fixed those and did some typing to make it all better.
For #25839
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
We don't use `shareapi_internal_enforce_expire_date` anywhere.
`shareapi_enforce_internal_expire_date` is the one we want.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Côme Chilliet
Maxence Lange
Daniel Calviño Sánchez
zorn-v
provokateurin
dependabot[bot]
Julius Knorr
Anna Larch
Daniel Kesselberg
Richard Steinmetz
Ferdinand Thiessen
Arthur Schiwon
Andy Scherzinger
John Molakvoæ
Louis Chemineau
Joas Schilling
Andrew Summers
John Molakvoæ
Christopher Ng
Ferdinand Thiessen
Carl Schwan
Vincent Petry
Roeland Jago Douma
Morris Jobke
Christoph Wurst