sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
76,378 Commits
620 Branches
1167 Tags
9.0 GiB
Commit Graph

7183 Commits (b6bc28833ca7292aa6144fab9710868cf252925f)

Author SHA1 Message Date
Robin Appelman c3ad469750
Merge pull request #47259 from nextcloud/memcache-ncad 
feat: add negative compare-and-delete to imemcache
 2024-08-21 17:19:04 +07:00
Joas Schilling e1caa198e3
ci: Skip flaky test on PHP 8.3 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-08-21 13:13:12 +07:00
Ferdinand Thiessen b9cc7bcec7
fix: `FilenameValidator::isForbidden` should only check forbidden files 
And not forbidden basenames as this is used for different purposes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-21 04:16:14 +07:00
Robin Appelman 20dbb6c7e8 feat: add negative compare-and-delete to imemcache 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-20 19:34:28 +07:00
Ferdinand Thiessen 2ec68b1eb9
refactor(Log): Use new in initializer instead of constructor body 
PHP 8.1 allows us to now move the `new` into the initializer,
this makes the code a bit nicer (and 3 lines shorter).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-17 18:38:28 +07:00
John Molakvoæ d35c4eb911
Merge branch 'master' into jr-readdir-false-false 
Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2024-08-16 10:53:50 +07:00
Ferdinand Thiessen 3e409fd342
Merge pull request #43573 from nextcloud/HolgerHees-fix-csp-nonce-handling 
Fix for ignored `CSP_NONCE` in ContentSecurity Header
 2024-08-13 17:53:30 +07:00
Christoph Wurst 5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 12:39:11 +07:00
Ferdinand Thiessen 2916e5df7e
feat: Provide CSP nonce as `<meta>` element 
This way we use the CSP nonce for dynamically loaded scripts.
Important to notice: The CSP nonce must NOT be injected in `content` as
this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors).

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:32:44 +07:00
Ferdinand Thiessen 009761be58
test: Adjust tests for CSP nonce 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-13 10:06:32 +07:00
Côme Chilliet 1cfc25d08c
fix(tests): Adapt tests to change of DefaultShareProvider constructor 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-12 15:20:21 +07:00
Ferdinand Thiessen 0563757ea4 fix(SetupCheck): Properly check public access to data directory 
When checking for public (web) access to the data directory the status is not enough
as you might have a webserver that forwards to e.g. a login page.
So instead check that the content of the file matches.

For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content
to allow checking.

¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-08 22:08:42 +07:00
Christoph Wurst 2b38d6ae7e
fix(session): Log when session_* calls are slow 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-07 09:02:10 +07:00
Julius Härtl e4fa36e231
fix: Fix failing test for group listing 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-06 21:06:44 +07:00
John Molakvoæ 42650f6773
Merge pull request #46967 from nextcloud/fix/share-not-found 2024-08-06 17:45:44 +07:00
John Molakvoæ e6457aa9c4
Merge pull request #46985 from nextcloud/feat/email-share-format 2024-08-06 17:40:47 +07:00
skjnldsv db28aa8cd1 fix(files_sharing): show proper share not found error message 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-08-06 16:25:10 +07:00
Côme Chilliet 1e2155993d
chore(tests): Adapt tests to the group:list change 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-06 14:43:44 +07:00
Jérôme Herbinet c221090c86 fix: unify bundle naming 
Signed-off-by: Jérôme Herbinet <33763786+Jerome-Herbinet@users.noreply.github.com>
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-08-06 11:14:07 +07:00
skjnldsv 879d248c55 fix: emails tests after new design fixes 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-08-06 09:42:19 +07:00
Robin Appelman 9af6184af6 chore: delete repair step for 8y old oc_mounts issue 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-08-02 17:21:54 +07:00
Julius Härtl a6d421e767
chore: Remove deprecated legacy search backend 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-08-01 12:33:18 +07:00
Stephan Orbaugh 18c0bcb2da
Merge pull request #46476 from nextcloud/enh/noid/migration-attributes 
Migration Attributes
 2024-07-30 15:54:56 +07:00
Joas Schilling 710a69b4b5
feat(log): Allow to combine log.conditions to only log (app&user) 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-07-30 13:18:09 +07:00
Ferdinand Thiessen 21f558b12b
Merge pull request #46379 from nextcloud/fix/folder-search-owner 
fix: `OCP\Files\Node\Folder::search` was not setting the owner
 2024-07-30 13:04:15 +07:00
Maxence Lange ad490c963b feat(migration-attributes): tests 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-07-29 12:44:52 +07:00
John Molakvoæ 0ae83d6183
Merge pull request #46760 from nextcloud/fix/appframework/csrf-custom-header 2024-07-27 16:27:52 +07:00
Andy Scherzinger 4f2a29adf9
Merge pull request #46672 from nextcloud/fix/preview-invalid-id 
Avoid using partial file info as valid one
 2024-07-25 19:37:30 +07:00
provokateurin 9d1705259c
fix(AppFramework): Allow requests with OCS-APIRequest header to pass CSRF checks 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-25 17:31:49 +07:00
Marcel Klehr 799ee8fd51
feat(TaskProcessing): Implement enums and default values 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-07-25 10:10:31 +07:00
Ferdinand Thiessen 57ed738af2
Merge pull request #46644 from nextcloud/cast-bigint 
fix: cast to bigint on postgresql
 2024-07-24 20:39:04 +07:00
Louis 7266a9ef33
Merge pull request #46418 from nextcloud/artonge/feat/user_admin_delegation 
feat(users): Add users and group management to admin delegation
 2024-07-24 11:15:54 +07:00
SebastianKrupinski fc0b694d37 feat: mail provider backend 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2024-07-23 16:20:36 +07:00
Robin Appelman 16c184e2cb
fix: cast to bigint on postgresql 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-07-23 14:41:13 +07:00
Julius Härtl 6c1e896a03 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-22 22:32:34 +07:00
Louis Chemineau dff8815449
feat(users): Add support for admin delegation for users and groups management 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-07-22 17:17:35 +07:00
Julien Veyssier fffc784769
feat(taskprocessing): add support for webhooks (http or AppAPI) in the task processing API 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-07-22 11:34:29 +07:00
Stephan Orbaugh 9ed2d3e495
Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidator 
refactor: Migrate some legacy and core functions to `IFilenameValidator`
 2024-07-22 10:40:50 +07:00
Andy Scherzinger c2a571e435
Merge pull request #46473 from nextcloud/feat/restrict_admin_to_ips 
feat(security): restrict admin actions to IP ranges
 2024-07-22 10:10:42 +07:00
Ferdinand Thiessen 9716b0d735 refactor: Migrate some legacy and core functions to `IFilenameValidator` 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-07-19 19:41:46 +07:00
Joas Schilling 7395211c1a
Merge pull request #46605 from nextcloud/bugfix/noid/test-more-oracle-versions 
fix(deps): Deprecate functionality deprecated by doctrine and test on more oracle versions
 2024-07-19 16:40:49 +07:00
Joas Schilling 047479ccf9
feat(security): Add public API to allow validating IP Ranges and checking for "in range" 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-19 16:28:03 +07:00
Benjamin Gaussorgues 202e5b1e95
feat(security): restrict admin actions to IP ranges 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-07-19 16:28:03 +07:00
Marcel Klehr a3c3eab09c
Merge pull request #46368 from nextcloud/fix/task-processing 
TaskProcessing follow-up
 2024-07-19 12:38:30 +07:00
Joas Schilling f6238d35bd
fix(test): Make the test less flaky 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-07-19 11:21:16 +07:00
Joas Schilling eeb6ddb176
fix(db): Deprecate `IExpressionBuilder::or()` and `IExpressionBuilder::and()` without parameters 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-07-19 11:21:16 +07:00
Joas Schilling 829f2b9bc7
fix(db): Promote the use of `getDatabaseProvider` to reduce the impage of removed upstream platforms 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-07-19 11:21:14 +07:00
Joas Schilling a4c1d7291f
fix(db): Use `createSchemaManager()` method as `getSchemaManager()` is deprecated 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-07-19 11:21:11 +07:00
Robin Appelman 64ca4b832d
Merge pull request #46583 from nextcloud/filecache-sharding-compat 
Make filecache queries compatible with sharding
 2024-07-19 09:49:45 +07:00
provokateurin e5dcdfb9e0
feat(Security): Warn about using annotations instead of attributes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-18 11:25:32 +07:00