sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
80,783 Commits
620 Branches
1167 Tags
9.0 GiB
Commit Graph

725 Commits (1042d1458ca37d28600767aefcbeb302ddee5159)

Author SHA1 Message Date
Daniel Calviño Sánchez ac6b07356d fix: Fix theming for disabled accounts 
The Theming app injects the stylesheets for the different themes in the
"<header>" element of the page, and those stylesheets are then loaded by
the browser from a "Controller" (a plain "Controller", not an
"OCSController"). The stylesheets, in turn, may also get some images
(like the background) also from the "Controller".

When handling a request to "index.php" it is checked whether the user is
logged in and, if not, a login is tried. A disabled user is explicitly
seen as not logged in, so a login is always tried in that case, but
disabled users are also explicitly prevented to log in, so the login
also fails. Due to that trying to get any of the themed stylesheets or
images with a disabled account (to be able to show the "Account
disabled" error page) fails with an HTTP status 401.

To solve that, and to avoid touching this basic logic as much as
possible, the login exception is now ignored (if the user is disabled)
for some specific requests to the Theming app.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2025-07-11 02:54:16 +07:00
provokateurin 987af4193d
fix(files): Always transfer incoming shares when doing ownership transfer to prevent broken reshares 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-07-01 13:08:13 +07:00
Richard Steinmetz a402a84544
fix: revive always storing lowercased email addresses 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-24 14:24:48 +07:00
Daniel Kesselberg 85746b9ebc
test(dav): add integration test for principal property search 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-06-17 20:02:30 +07:00
skjnldsv 8f2d3fcfb6 fix(dav): file drop nickname 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-05 08:56:17 +07:00
dependabot[bot] 51270d8089 build(deps-dev): bump phpunit/phpunit in /build/integration 
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.6.22 to 9.6.23.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases)
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/9.6.23/ChangeLog-9.6.md)
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.6.22...9.6.23)

---
updated-dependencies:
- dependency-name: phpunit/phpunit
  dependency-version: 9.6.23
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-29 14:56:14 +07:00
dependabot[bot] 490d2a6a53 build(deps-dev): bump behat/behat in /build/integration 
Bumps [behat/behat](https://github.com/Behat/Behat) from 3.16.0 to 3.16.1.
- [Release notes](https://github.com/Behat/Behat/releases)
- [Changelog](https://github.com/Behat/Behat/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Behat/Behat/compare/v3.16.0...v3.16.1)

---
updated-dependencies:
- dependency-name: behat/behat
  dependency-version: 3.16.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-28 14:21:32 +07:00
Ferdinand Thiessen 3ce306ec57 feat(files): add command to automatically rename filenames 
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-26 10:12:50 +07:00
Joas Schilling 3923eaba04 feat(profile): Add an API to get the profile field data 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-04-24 00:50:11 +07:00
dependabot[bot] bca137597b
Merge pull request #52313 from nextcloud/dependabot/composer/build/integration/stable31/guzzlehttp/guzzle-7.9.3 2025-04-23 08:20:36 +07:00
dependabot[bot] 553c019eaa
build(deps-dev): bump phpunit/phpunit in /build/integration 
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) from 9.6.21 to 9.6.22.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases)
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/9.6.22/ChangeLog-9.6.md)
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.6.21...9.6.22)

---
updated-dependencies:
- dependency-name: phpunit/phpunit
  dependency-version: 9.6.22
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-22 12:58:23 +07:00
dependabot[bot] dc1032cc64
build(deps-dev): bump guzzlehttp/guzzle in /build/integration 
Bumps [guzzlehttp/guzzle](https://github.com/guzzle/guzzle) from 7.9.2 to 7.9.3.
- [Release notes](https://github.com/guzzle/guzzle/releases)
- [Changelog](https://github.com/guzzle/guzzle/blob/7.9/CHANGELOG.md)
- [Commits](https://github.com/guzzle/guzzle/compare/7.9.2...7.9.3)

---
updated-dependencies:
- dependency-name: guzzlehttp/guzzle
  dependency-version: 7.9.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-22 12:58:11 +07:00
Ferdinand Thiessen d3fe0826b4 fix(dav): allow uploading of files with long filenames 
A filename must be less or equal 255 characters, but when adding the
`.part` and `.ocfiletransfer` extensions we might overflow this limit.
So we should also use filename hashes for uploading when the file has a
long filename, similar like when we are uploading to the user storage
directly.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-22 11:53:46 +07:00
skjnldsv de30163f9a
fix(files_sharing): expireDate null tests 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-04-22 11:17:22 +07:00
skjnldsv 496521e993 test: enable rate limiting for ratelimiting.feature 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-04-15 08:58:17 +07:00
Joas Schilling 7a6fd82a4b test: Disable ratelimit as tests trigger it 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-04-15 08:58:17 +07:00
Côme Chilliet 304112b0ad
fix(tests): Sort activities by id to get the last one 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-27 12:20:35 +07:00
Côme Chilliet 69235976ad
feat: Add context and test steps for activity in sharing 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-27 12:20:22 +07:00
Côme Chilliet d3b976bf36
feat: add integration test for sharing activity 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-27 12:20:03 +07:00
Louis Chemineau d0b4746a08 feat: Support deleting metadata from WebDAV 
The `$value` will be `null` if the update is wrapped inside a `<d:remove>...</d:remove>` block.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-03-04 13:12:20 +07:00
provokateurin 64ed0c05dd
fix(Share20): Convert broken hooks to IEventListener 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-03-04 07:56:59 +07:00
Côme Chilliet f09de1f2c5 fix: Fix test by scanning group before using it 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-02-27 15:35:22 +07:00
Ferdinand Thiessen 2c03bc74fa
fix(provisioning_api): Correct limit for `editUser` 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-02-06 15:46:15 +07:00
Ferdinand Thiessen 8fc1b6f1cd fix(sharing): Ensure download restrictions are not dropped 
When a user receives a share with share-permissions but also with
download restrictions (hide download or the modern download permission attribute),
then re-shares of that share must always also include those restrictions.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-02-04 15:06:11 +07:00
Ferdinand Thiessen 124db6147d test: Reset sharing app config after test 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-01-28 17:26:28 +07:00
Ferdinand Thiessen 2926fe270a fix(files_sharing): Respect permissions passed when creating link shares 
Given:
User creates a link or email share with permissions=4 (create only = file drop).

Problem:
Currently the permissions are automatically extended to permissions = 5
(READ + CREATE). Work around was to create the share and directly update
it.

Solution:
Respect what the user is requesting, create a file drop share.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-01-28 17:26:28 +07:00
Daniel Calviño Sánchez bf45ce843c test: Add integration tests for moving a file from and to a shared folder 
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2025-01-27 17:01:14 +07:00
Richard Steinmetz cc9f1e00dd fix(dav): default calendar and address book not created on first login 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-01-23 22:54:02 +07:00
skjnldsv abd3cb60fc fix(files): more conversion tests and translate error messages 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-01-17 18:22:58 +07:00
skjnldsv 19ce362896 chore: add file conversion integration tests 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-01-16 18:55:44 +07:00
skjnldsv 669e6cadd6 chore(federation): cleanup SettingsController and legacy AddServerMiddleware 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-01-09 15:39:01 +07:00
skjnldsv b434750cb2 chore(federation): add trusted server auto accept integration tests 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-01-09 12:54:51 +07:00
Stephan Orbaugh b64b106c13
Merge pull request #49966 from nextcloud/block-dav-move-parent 
fix: block moving files to it's own parent with dav
 2025-01-07 10:24:06 +07:00
Robin Appelman 757076af29
fix: explicitly ignore nested mounts when transfering ownership 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2025-01-06 14:45:35 +07:00
Robin Appelman 9193cd664e fix: block moving files to it's own parent with dav 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2025-01-03 15:30:20 +07:00
Joas Schilling 63f3309993
fix(logger): Prevent infinite recursion with log.condition => matches 
When we need to check the log condition for a user matches,
there is a risk that something on the way checks the log level
and would result in an infinite loop.
So we simply check if it's a nested call and use the default
warning level in that case.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-01-03 10:04:51 +07:00
Benjamin Gaussorgues 22051a73c1
feat(login): add origin check at login 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-12-05 09:51:53 +07:00
Maxence Lange f08d053290 fix(ocm): switching to IdentityProof 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-12-04 09:30:55 +07:00
Maxence Lange 4591430c9c feat(ocm): signing ocm requests 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-12-04 09:30:55 +07:00
Louis Chemineau d6fa2100e1
test(ExternalStorage): Send basic auth during integrations tests 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-11-28 11:12:29 +07:00
Daniel Kesselberg 6b383faf41
Revert "fix(dav): Always respond custom error page on exceptions" 
This reverts commit 9992e7d439.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-11-22 11:55:25 +07:00
Kate 95766246ea
Merge pull request #49244 from nextcloud/feat/profile-app 2024-11-14 11:07:06 +07:00
skjnldsv 158299b3d7 fix(profile): make sure the app cannot be disabled as it was in core 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-11-14 10:25:10 +07:00
provokateurin fc0c61458e
test(integration): Correctly cleanup logs 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-11-14 08:12:20 +07:00
dependabot[bot] 8e3f85111d
chore(deps-dev): Bump behat/behat in /build/integration 
Bumps [behat/behat](https://github.com/Behat/Behat) from 3.15.0 to 3.16.0.
- [Release notes](https://github.com/Behat/Behat/releases)
- [Changelog](https://github.com/Behat/Behat/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Behat/Behat/compare/v3.15.0...v3.16.0)

---
updated-dependencies:
- dependency-name: behat/behat
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-09 02:09:33 +07:00
Joas Schilling 86784ad873
ci: Bump behat/behat as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-10-30 09:04:05 +07:00
Joas Schilling 37966c645e
ci: Align integration test dependencies with 3rdaprty/ 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-10-29 22:54:30 +07:00
Ferdinand Thiessen bbc5d32c8e
fix(dav): Public WebDAV endpoint should allow `GET` requests 
`GET` should be allowed even without Ajax header to allow downloading files,
or show files in the viewer. All other requests could be guarded, but this should not.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-10-09 17:10:52 +07:00
Hamza Mahjoubi 9be2f060f9 fix: provision api's status codes 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2024-09-30 17:19:32 +07:00
Ferdinand Thiessen 0f6760c810
feat(files): Make the files download action use WebDAV zip download 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-28 13:18:29 +07:00