sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
68,402 Commits
623 Branches
1167 Tags
9.1 GiB
Commit Graph

574 Commits (0984970cd8759ae2dcd7dfdfe41d5816bf3c2948)

Author SHA1 Message Date
Faraz Samapoor 4ce7173f7e Update core/Controller/SetupController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor 2800436948 Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor 9eedeb4012 Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor d64aa85b04 Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 73b7096850 Fixes psalm error. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 468aefc649 Fixes php-cs-fixer error. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 4bf610ebaf Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor fc0e2a938f Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 18:35:32 +07:00
Faraz Samapoor 25cdc35473
Update core/Controller/AppPasswordController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 18:26:27 +07:00
Faraz Samapoor 05784c3244
Update core/Controller/CollaborationResourcesController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 16:45:21 +07:00
Faraz Samapoor 2713ab023f
Update core/Controller/AppPasswordController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 16:45:01 +07:00
Faraz Samapoor 450bf5c99e Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-04 23:20:35 +07:00
Faraz Samapoor a1ef0285f8 Refactors "strpos" calls in /core to improve code readability. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-02 13:13:19 +07:00
Joas Schilling 7ee81b6555
fix(lostpassword): Also rate limit the setPassword endpoint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-15 09:21:07 +07:00
Joas Schilling 9d6ec68b59
feat(translation): Return the detected language so clients can show more details 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-02 16:38:33 +07:00
Joas Schilling e5d0ff0c19
feat(translation): Allow guests to use translations as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:46 +07:00
Joas Schilling 032821d2b5
fix(translation): Use 400 as status code to be distinguishable from server errors 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:42 +07:00
Joas Schilling b7c1e61d0b
fix(translation): Properly set the numbers as HTTP status code 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:38 +07:00
Joas Schilling 21b056ee2d
fix(translation): Translate error messages on translations API 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 08:53:15 +07:00
Côme Chilliet 5063b76c8a
Merge pull request #37495 from joshtrichards/jr-trim-pw-reset-username 
Trim the user/email provided for password resets
 2023-04-05 11:36:53 +07:00
Josh Richards 9899b12478
Trim user earlier 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2023-04-04 10:03:15 +07:00
Christopher Ng 7bc8b543be Improve handling of profile fields 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-03-30 17:11:41 +07:00
Josh Richards 203b9131ec
Trim the user/email provided for password resets 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2023-03-30 11:59:13 +07:00
jld3103 02f9c3a06f
Use implementations instead of interfaces for accessing private methods 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-30 12:33:46 +07:00
Git'Fellow cfd7a57184 Send header to all browsers under HTTPS 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Don't send Clear-Site-Data to Safari

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Fix lint

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2023-03-26 15:29:01 +07:00
jld3103 79507435fa
Fix controller class import for autocomplete 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-16 09:50:43 +07:00
Julius Härtl a0ecc37d03
fix(translation): Allow regular users to use translation api endpoints 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-28 09:29:57 +07:00
Julius Härtl 3e63298381
feat(translations): Add translation provider API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-27 16:52:03 +07:00
MichaIng 0d67fc23f4
Merge pull request #36634 from nextcloud/fix/client-login-flow/state-token-missing-response 
fix(client-login-flow): Use correct response for missing state token
 2023-02-27 16:34:07 +07:00
Julien Veyssier 01cefbd6d6
[reference preview] fix getting null mimetype if the cached reference lacks an image content type 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-02-22 12:39:26 +07:00
Simon L a747be3544
Merge pull request #36443 from nextcloud/fix/23063/fix-login-log-entry 
fix the login log entry
 2023-02-15 18:13:59 +07:00
Christoph Wurst 024adc14b1
fix(client-login-flow): Use correct response for missing state token 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-02-09 14:11:28 +07:00
Joas Schilling 59578817f5
Merge pull request #36489 from nextcloud/bugfix/noid/brute-force-protection-password-reset 
Add bruteforce protection to password reset page
 2023-02-06 22:12:25 +07:00
Christoph Wurst 88d116ba84
fix(client-login-flow): Handle missing stateToken gracefully 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-02-06 09:42:15 +07:00
Joas Schilling 704eb3aa6c
Add bruteforce protection to password reset page 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-02 06:13:49 +07:00
Simon L 6496748971 fix the login log entry 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-01-30 17:07:44 +07:00
Christoph Wurst 7269766e05
Merge pull request #36363 from nextcloud/feat/app-framework/usesession-attribute 
feat(app-framework): Add UseSession attribute to replace annotation
 2023-01-27 16:59:14 +07:00
Julien Veyssier 8766e4f242
handle and return touchProvider errors 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:56 +07:00
Julien Veyssier 946a1af9fd
add 'last used timestamp' management for reference providers 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:56 +07:00
Julien Veyssier 6431c5a559
extend the reference API for the new link picker 
- add 2 interfaces for discoverable and searchable reference providers
- new OCS route to get info on discoverable/searchable reference providers
- new abstract ADiscoverableReferenceProvider that only implements jsonSerialize
- listen to RenderReferenceEvent to inject provider list with initial state

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:55 +07:00
Christoph Wurst 20e00cdf17
feat(app-framework): Add UseSession attribute to replace annotation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-27 09:40:35 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Simon L 06a572ff55
Merge pull request #27492 from cyclops8456/feature/24301-remove-can-install-on-occ-maintenance-install 
Remove the CAN_INSTALL file when occ maintenance:install is complete
 2023-01-18 19:53:02 +07:00
Christoph Wurst 20fcfb5739
feat(app framework)!: Inject services into controller methods 
Usually Nextcloud DI goes through constructor injection. This has the
implication that each instance of a class builds the full DI tree. That
is the injected services, their services, etc. Occasionally there is a
service that is only needed for one controller method. Then the DI tree
is build regardless if used or not.

If services are injected into the method, we only build the DI tree if
that method gets executed.

This is also how Laravel allows injection.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 14:00:38 +07:00
Christoph Wurst f22101d421
Fix login loop if login CSRF fails and user is not logged in 
If CSRF fails but the user is logged in that they probably logged in in
another tab. This is fine. We can just redirect.
If CSRF fails and the user is also not logged in then something is
fishy. E.g. because Nextcloud contantly regenrates the session and the
CSRF token and the user is stuck in an endless login loop.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 09:39:17 +07:00
Alex Harpin 644df591b1 Rename canInstallExists method and add new method for removal 
Rename canInstallExists to shouldRemoveCanInstallFile to cover removal of this file for non-git channels and logging any failure to remove it.

Add new method to detect if this file exists during web based installation.

Signed-off-by: Alex Harpin <development@landsofshadow.co.uk>
 2023-01-10 11:59:06 +07:00
Alex Harpin 72af140723 Move CAN_INSTALL check to method and remove unlink from SetupController 
Move the check for the CAN_INSTALL file in the config directory to a method in the Setup class and remove the call to unlink from the SetupController as this in now handled in the Setup class.

Signed-off-by: Alex Harpin <development@landsofshadow.co.uk>
 2023-01-10 11:59:06 +07:00
Joas Schilling b4a29644cc
Add a const for the max user password length 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-04 11:23:43 +07:00
Joas Schilling 9cfaf27142
Also limit the password length on reset 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-03 16:36:01 +07:00
Christoph Wurst 138deec333
chore: Make the LoginController strict 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-12-15 10:52:28 +07:00