sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
83,893 Commits
629 Branches
1167 Tags
8.6 GiB
Commit Graph

34 Commits (jtr/fix-public-exceptions-http-codes)

Author SHA1 Message Date
Côme Chilliet d39d1d8d24
chore: Remove unused deprecated methods from OC_User and Filesystem 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-09-28 22:44:30 +07:00
Ferdinand Thiessen 660f3f6fd1
refactor: use logical `&&` `||` instead of weak `and` `or` operators 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-09-27 23:02:18 +07:00
Daniel Calviño Sánchez 4fcadd630b fix: Throw specific LoginException when the user is disabled 
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2025-07-10 15:09:25 +07:00
Côme Chilliet ddd7d4ed13
fix: Deprecate OC_User methods related to user backends 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-04-10 11:12:25 +07:00
Arthur Schiwon 12d39e818d
fix(Auth): ignore missing token when trying to set password-unconfirmable 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-10-01 12:24:20 +07:00
Ferdinand Thiessen a8f46af20f
chore: Add proper deprecation dates where missing 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-20 00:46:03 +07:00
Daniel Kesselberg af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +07:00
Arthur Schiwon 895ed634af
fix(Token): add FILESYSTEM scope with SCOPE_SKIP_PASSWORD_VALIDATION 
The scope design requires scopes to be either not specified, or
specified explicitely. Therefore, when setting the
skip-password-validation scope for user authentication from mechanisms
like SAML, we also have to set the filesystem scope, otherwise they will
lack access to the filesystem.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-24 13:51:15 +07:00
Arthur Schiwon f6d6efef3a
refactor(Token): introduce scope constants 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:14 +07:00
Arthur Schiwon 340939e688
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +07:00
Andy Scherzinger dae7c159f7
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +07:00
Côme Chilliet ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +07:00
Joas Schilling 497528e45e
fix(logging): Restore the option to log with debug level 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-03-22 01:05:26 +07:00
Julius Härtl e330efe5a0
fix: Implement option to temporarily set the user session 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-19 13:48:23 +07:00
Arthur Schiwon c98b0462e3 fix(admin role): fix old and wrong way to determine whether user is admin 
- fixes Settings knowing who is an admin of non-local group backend groups
- obsoletes and removes a little old, deprecated code
- double checks proper parameter type on Group\Manager::isAdmin
- also fixes legacy OC_User code to check whether user is an admin

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-02-19 18:57:22 +07:00
Vincent Petry 839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +07:00
Christoph Wurst ea8f9a7e84 refactor: Repalce array_search with in_array in lib/ 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-22 11:42:53 +07:00
Côme Chilliet f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +07:00
Maxence Lange 980e8e24f0 dispatch BeforeUserLoggedInEvent 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-03-01 15:31:31 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
MichaIng 21b3e87c77 Allow SSO authentication to provide a user secret 
Implementing PR #24837 from immerda

Signed-off-by: MichaIng <micha@dietpi.com>
 2022-07-12 19:19:00 +07:00
Arthur Schiwon a4a9e7601a
allow use of rememberme cookies for IApacheAuth backends 
- e.g. enables it for SAML backend

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-05-25 13:09:06 +07:00
Robin Appelman 0217949715
only setup part of the filesystem for appdata requests 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-02-09 16:01:21 +07:00
Julien Veyssier 0d2c2ab629
allow null password in UserLoggedInEvent 
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
 2021-10-13 12:37:34 +07:00
Julien Veyssier de5fea4a00
fix login_credentials->password in session when loging in with apache 
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
 2021-10-13 12:24:32 +07:00
Joas Schilling 57a816a1a6
Don't further setup disabled users when logging in with apache 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-09-23 11:19:02 +07:00
Morris Jobke 095418493e
Use proper methods for display name retrieval 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-06-17 10:19:07 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
Arthur Schiwon 6ac4eafcf9
emit UserLoggedInEvent on apache auth 
- post_login OC_Hook is barely used or listened to

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-06-01 13:59:40 +07:00
Christoph Wurst d89a75be0b
Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +07:00
Roeland Jago Douma e0cc95f3aa
Allow user backends to specify a custom logout url 
* Allows SSO backends to do a global logout

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-07-23 10:42:40 +07:00
Christoph Wurst caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +07:00
Christoph Wurst 36b3bc8148
Use php keywords in lowercase 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 14:04:56 +07:00
Christoph Wurst 1e086064f5
Move legacy classes from PSR0 to PSR4 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-07 08:48:00 +07:00