nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Julien Veyssier	4a3f3beb0b	use bruteforce protection on all methods wrapped by PublicShareMiddleware if an invalid token is provided or when share password is wrong Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2022-12-07 13:24:50 +07:00
Côme Chilliet	68363f6944	Fix some more problems with tests under PHP 8.2 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-15 16:02:24 +07:00
Roeland Jago Douma	60ee874485	Remove long depreated AppFramework/Db/Mapper Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2022-10-10 08:18:32 +07:00
Julius Härtl	64a7489958	Fix SessionMiddlewareTest and cover new case with reopening Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-08-24 10:36:57 +07:00
Simon Leiner	09362eaeaa	Support specifying IPv6 proxies in CIDR notation Previously, it was not possible to use CIDR notation for IPv6 proxies in the trusted_proxies parameter of config.php [1]. This patch adds support for that. [1]: https://docs.nextcloud.com/server/24/admin_manual/configuration_server/reverse_proxy_configuration.html#defining-trusted-proxies Signed-off-by: Simon Leiner <simon@leiner.me>	2022-08-02 17:36:47 +07:00
Thomas Citharel	1d30fb7852	Fix reading blob data as resource PostgreSQL returns data as resource when using IQueryBuilder::PARAM_LOB (which is used for QBMapper). Previously we just converted this resource using settype, which produced things like "Resource id #14" instead of the actual resource data. Now we read the stream correctly if the returned data is a resource See context at #22472 Fixes #22439 Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2022-07-25 09:45:47 +07:00
Côme Chilliet	1bd5222224	Fix PHP 8.2 warnings about undeclared properties Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-21 16:17:52 +07:00
Côme Chilliet	c7e1c36362	Remove at matcher uses in tests/lib Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-06-16 17:43:17 +07:00
Joas Schilling	279e06a80f	Merge pull request #32587 from nextcloud/bugfix/noid/improve-jsconfighelper Improve JSConfigHelper code quality a bit	2022-05-31 10:29:30 +07:00
Julius Härtl	3901a93c72	Use JSON_THROW_ON_ERROR instead of custom error handling Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-05-30 19:17:49 +07:00
Joas Schilling	f9efc410fa	Restore old behaviour of sending flase for not found apps Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-05-30 12:41:35 +07:00
Carl Schwan	b70c6a128f	Update core to PHP 7.4 standard - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-05-20 22:18:06 +07:00
Carl Schwan	7817845538	Add a metadata service to store file metadata Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-04-13 14:06:29 +07:00
Cyrille Bollu	c6a5c07041	Adds a "Request password" button to the public share authentication page for shares of type TYPE_EMAIL, when the "video verification" checkbox isn't checked. Users accessing non-anonymous public shares (TYPE_EMAIL shares) can now request a temporary password themselves. - Creates a migration step for the files_sharing app to add the 'password_expiration_time' attribute to the oc_shares table. - Makes share temporary passwords' expiration time configurable via a system value. - Adds a system config value to allow permanent share passwords -Fixes a typo in a comment in apps/files_sharing/src/components/SharingEntryLink.vue See https://github.com/nextcloud/server/issues/31005 Signed-off-by: Cyrille Bollu <cyrpub@bollu.be>	2022-04-11 21:58:24 +07:00
Carl Schwan	7d272c54d0	Add a built-in profiler inside Nextcloud The webui is provided by a seperate application named profiler Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-04-04 10:28:26 +07:00
Côme Chilliet	61f7f13bd8	Migrate from ILogger to LoggerInterface where needed in the tests Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-03-24 16:21:26 +07:00
Joas Schilling	0acd4b5f82	Merge pull request #31235 from nextcloud/techdebt/noid/extract-request-id Extract request id handling to dedicated class so it can be injected without DB dependency	2022-03-22 12:08:45 +07:00
Julius Härtl	bd03dd37be	Allow to set a strict-dynamic CSP through the API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-03-09 15:10:27 +07:00
Julius Härtl	2dd96fe8da	Fix tests Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-02-28 11:24:41 +07:00
Julius Härtl	eede608c0e	Add event logging to app loading Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-02-28 11:24:41 +07:00
Joas Schilling	d078d53683	Fix tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-02-23 11:01:58 +07:00
Joas Schilling	cc6653e45c	Adjust and add unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-02-23 11:01:58 +07:00
Christoph Wurst	cb252c5591	Add Transactional trait for atomic DB operations Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-02-17 09:58:41 +07:00
Christopher Ng	e485451eed	Add test Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-02-11 23:34:25 +07:00
Robin Appelman	c712987878	send request id in response header Signed-off-by: Robin Appelman <robin@icewind.nl>	2022-02-01 14:24:01 +07:00
Carl Schwan	6312c0df69	Check style update Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-01-13 00:19:07 +07:00
Côme Chilliet	3a1b3745eb	Fix DateTime constructor calls with null Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:28:58 +07:00
Carl Schwan	6958d8005a	Add admin privilege delegation for admin settings This makes it possible for selected groups to access some settings pages. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2021-09-29 21:43:31 +07:00
Christoph Wurst	6d5cfe0c66	Move DateTime::RFC2822 to DateTimeInterface::2822 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-23 15:30:43 +07:00
Christoph Wurst	770881d5d6	Move DateTime::ATOM to DateTimeInterface::ATOM Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-23 15:28:07 +07:00
Joas Schilling	181aab416a	Fix warnings about logException Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-06-04 10:57:09 +07:00
Lukas Reschke	377514aad1	Escape filename in Content-Disposition We should escape all occurences of ' and \ in here. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-02 19:22:17 +07:00
Joas Schilling	b6c6527705	Fix unauthorized OCS status in provisioning Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-05-12 08:16:07 +07:00
Christoph Wurst	99f0b10421	Merge pull request #26591 from nextcloud/techdebt/noid/less-ilogger Less ILogger	2021-04-27 15:38:12 +07:00
Joas Schilling	df47445c01	Fix unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-27 14:34:32 +07:00
Joas Schilling	174f4dd043	Fix ratelimit template Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-27 13:55:34 +07:00
Roeland Jago Douma	30e096f3f5	Allow overwriting isAuthenticated * Some implementations might check for different things * IT will not change how the current ones work Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-09 09:17:30 +07:00
Roeland Jago Douma	cc744740b7	Remove deprecated \OCP\API Time to remove this forgood now. Remaining constant moved over The world is a tiny bit better Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-03 20:54:32 +07:00
Christoph Wurst	8b64e92b92	Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-01-08 11:45:19 +07:00
Roeland Jago Douma	48679ae39f	Make sure we just check for the keys Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-12-07 15:44:03 +07:00
Roeland Jago Douma	9163790b7c	Set frame-ancestors to none if none are filled frame-ancestors doesn't fall back to default-src. So when we apply a very restricted CSP we should make sure to set it to 'none' and not leave it empty. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-18 10:13:36 +07:00
Morris Jobke	f03bb4716b	Remove OCSResponse type hint - see #23827 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-11-03 10:43:32 +07:00
Roeland Jago Douma	fa6a790859	Remove deprecated OCSResponse Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-01 14:12:27 +07:00
Morris Jobke	91d445909a	Fix code style Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-10-12 14:54:51 +07:00
Robin Windey	6a1f8fb3be	Fix typo 'shared'	2020-10-12 14:19:41 +07:00
Christoph Wurst	d9015a8c94	Format code to a single space around binary operators Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-05 20:25:24 +07:00
Joas Schilling	95a301ea57	Fix tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-10-02 10:37:18 +07:00
Joas Schilling	a9f22ac7b1	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 12:40:25 +07:00
Morris Jobke	234b510652	Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPUnit\Framework\MockObject\MockObject Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-08-12 13:55:19 +07:00
Morris Jobke	0123cd0ae3	Use assertStringContainsString instead of assertContains on strings Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-23 17:11:29 +07:00

1 2 3 4 5

204 Commits (43918fa8024bf33e8def823cc2cdc57985e3c8ac)