sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
73,046 Commits
616 Branches
1176 Tags
9.6 GiB
Commit Graph

6938 Commits (a2f93e7cee4da2d4ca804fdfa540b87fdd78181c)

Author SHA1 Message Date
Benjamin Gaussorgues 8df095f368 feat: don't count failed CSRF as failed login attempt 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-11 14:27:08 +07:00
Daniel Kesselberg ee65749138
test: run tests in child process 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-07-11 00:25:32 +07:00
Andy Scherzinger e319057a93
Merge pull request #45955 from nextcloud/backport/45228/stable28 
[stable28] fix(settings): define a 'heartbeat' route, so SecurityHeaders can handle redirected root
 2024-07-10 22:29:01 +07:00
Andy Scherzinger e57dd34846
Merge pull request #45920 from nextcloud/backport/45582/stable28 
[stable28] delete background jobs by id when cleaning up
 2024-07-10 22:26:43 +07:00
Côme Chilliet 82f9c66dfc fix(tests): Strong type property $router in RouterTest 
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2024-07-10 14:38:34 +07:00
Steve Mokris 1226e79cf1 fix(settings): define a 'heartbeat' route, so SecurityHeaders can handle redirected root 
Signed-off-by: Steve Mokris <steve@kosada.com>
 2024-07-10 14:38:34 +07:00
Robin Appelman 5a9e8e7d3f feat: add setup check for needed mimetype migrations 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-06-21 11:37:13 +07:00
Robin Appelman 1b346aa9a4 test: update DummyJobList 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-06-17 13:25:03 +07:00
Robin Appelman 0ab1cc5f17 refactor: make share manager buildable 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-06-13 18:34:51 +07:00
Daniel Kesselberg 01a6c9119e test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 19:35:45 +07:00
John Molakvoæ b9857b9a7f
Merge pull request #45817 from nextcloud/backport/45698/stable28 2024-06-12 16:30:45 +07:00
Arthur Schiwon b54668be35
Merge pull request #45704 from nextcloud/backport/43942/stable28 
[stable28] fix(Session): avoid password confirmation on SSO
 2024-06-12 14:31:37 +07:00
skjnldsv f1f2f5ca98 fix(files_sharing): dark avatar support 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-06-12 13:30:16 +07:00
Arthur Schiwon 4ec174197f
fix(Token): make new scope future compatible 
- "password-unconfirmable" is the effective name for 30, but a draft
  name was backported.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 11:25:35 +07:00
Arthur Schiwon 86a496d589
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 11:14:25 +07:00
Ferdinand Thiessen 95cd3d59bd fix(Mailer): Allow to enforce strict email format 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-06-11 18:38:00 +07:00
John Molakvoæ 4c7285623c
Merge pull request #45294 from nextcloud/backport/44791/stable28 2024-06-07 12:18:35 +07:00
Benjamin Gaussorgues ca5cfdf88a fix(groups): allows to save group names with more than 64 characters 
Mimic behaviour from LDAP users and add a hard limit to 255 characters

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-05-31 10:54:53 +07:00
Christoph Wurst 3534f3dd7a fix(session): Do not update authtoken last_check for passwordless 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-05-29 13:23:05 +07:00
Joas Schilling 5b07cfa5db
fix: Extend SVG reference check 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-05-16 10:03:54 +07:00
Robin Appelman d1d6e79375
test: adjust test to new permissions check logic 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-05-13 16:41:56 +07:00
Florian Klinger ca655ba100 fix: add check for app_api_system session flag to bypass rate limit 
Signed-off-by: Florian Klinger <florian.klinger@nextcloud.com>
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2024-04-17 11:22:05 +07:00
Benjamin Gaussorgues 2981694fc9
Merge pull request #44446 from nextcloud/backport/43057/stable28 2024-04-17 10:06:14 +07:00
Robin Appelman da114d5c7d test: add test for jail watcher 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-04-10 01:21:01 +07:00
Christopher Ng eb063928f1 test: Update tests 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-04-08 17:09:26 +07:00
Côme Chilliet d6066bf73d fix(tests): Fix tests when daytime saving time change happened recently 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 11:16:10 +07:00
Benjamin Gaussorgues db00cd54ba feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-03-25 08:37:00 +07:00
Christoph Wurst 3eb8082f0c fix(config): Make sure user keys are strings 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-03-19 17:30:47 +07:00
Klaus 354387b135 fix xml ocs response for serializable objects 
Signed-off-by: sualko <klaus@jsxc.org>
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-03-18 01:13:19 +07:00
Eduardo Morales 3d9ed5e469 chore: update logincontroller tests 
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
 2024-03-11 10:30:20 +07:00
Ferdinand Thiessen d0d9b39843 fix(JSResourceLocator): Consider configured app roots for files 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-03-07 08:03:09 +07:00
Julius Härtl a258abfe59 fix: Fetch custom app store url without internet connection 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-04 20:17:01 +07:00
John Molakvoæ f318c296ee
Merge pull request #43833 from nextcloud/backport/43428/stable28 2024-02-29 11:33:03 +07:00
Benjamin Gaussorgues a4a7d82a0c feat(share): save date and time for expiration 
Because of timezones, not saving time can lead to unexpected behaviour
when sharing an item sooner than timezone offset
Example: sharing a file before 9am when in UTC+9

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-26 09:12:03 +07:00
FedericoHeichou 354f895fa5 Add "-i" to MailTest's pipe 
Signed-off-by: FedericoHeichou <federicoheichou@gmail.com>
 2024-02-23 15:15:59 +07:00
Joas Schilling 3decdd9b19 fix(tests): Fix remaining tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-02-22 08:41:26 +07:00
Louis Chemineau c1ef86cbdd Fix tests after slow logout fix 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-02-22 08:41:26 +07:00
Gaspard d'Hautefeuille 7418c3e1f4 Cancel PR #37405, remove regression code 
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-02-22 08:41:26 +07:00
Ferdinand Thiessen 933ad5e4d2
Merge pull request #43181 from nextcloud/backport/42930/stable28 
[stable28] Fix: config param 'overwritecondaddr' not working
 2024-02-03 12:16:56 +07:00
Ferdinand Thiessen 257ea23245
Merge pull request #43133 from nextcloud/backport/43099/stable28 
[stable28] fix(tests): Make PostgreSQL unit tests less flacky by ordering
 2024-02-01 19:20:26 +07:00
Joas Schilling f1af8ea48d fix(tests): Make PostgreSQL unit tests less flacky by ordering 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-02-01 12:19:08 +07:00
Robin Appelman 404b340dda add test for updating etag with unchanged mtime in child folder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:27:29 +07:00
Robin Appelman f56a8e7e9e add test for updating etag with unchanged mtime 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:27:29 +07:00
Arthur Schiwon d7b8f586d4 test(unit): fix RequestTest 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-01-29 09:58:56 +07:00
Git'Fellow 980b14f629 fix(session): Avoid two useless authtoken DB queries for every anonymous request 
Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-01-17 09:16:22 +07:00
Joas Schilling 1c38f8952f
fix(appstore): Only send subscription keys to valid appstores 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-16 10:16:57 +07:00
Julius Härtl 1712df7881 perf: Use more performant way to obtain and check the email as a login name with token login 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-01-09 15:02:38 +07:00
Robin Appelman f516e9599b
Merge pull request #42450 from nextcloud/backport/37469/stable28 
[stable28] restore shared lock ttl to previous value when releasing
 2024-01-02 14:50:14 +07:00
Alexander Piskun 1d0b10b12c AppAPI: allowed to bypass Two-Factor 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-12-29 08:44:13 +07:00
Robin Appelman 2078ad79bd adjust redis compareSetTTL to use a lua script 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-12-22 09:54:13 +07:00