sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
81,941 Commits
620 Branches
1167 Tags
9.0 GiB
Commit Graph

1207 Commits (b9ab00a59e2d906fdb43eaaea37eb7a4a9cc8a13)

Author SHA1 Message Date
MichaIng 7b137ddd75 feat(updater): hide overwrites from disabled apps list on upgrade 
If an incompatible app is enabled manually, it is added to the "app_install_overwrite" array in config.php. Nextcloud upgrades won't disable any app in this array, but they were still shown on the upgrade page and logs as being disabled.

This commit assures that only apps which are really disabled, i.e. which are not in the "app_install_overwrite" array, are shown and logged as disabled during upgrades.

Signed-off-by: MichaIng <micha@dietpi.com>
 2024-02-27 20:19:56 +07:00
Côme Chilliet ccc66e912b
fix: Use DI for Setup class and move away from deprecated methods 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-29 15:28:00 +07:00
John Molakvoæ 3214324b72
fix(l10n): invalid translation of a number 
fix https://github.com/nextcloud/server/issues/35252

Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2023-10-21 11:48:46 +07:00
Joas Schilling 7998afe8b3
Talk federation authentication 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-09 15:44:56 +07:00
Côme Chilliet f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +07:00
Arthur Schiwon 603a659a37
fix(autoloader): no apcu no side effects 
apcu lead to side effects especially with app management and (soft)
inter-dependencies, and lead also to 500 server errors. While we could
add management to clear apcu cache in many cases (may stil leave edge
cases) the performance benefit is marginally as also class maps are
already cached in opcache. Hence, the simple and effective way to go is
to not use apcu for autoloading.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-09-08 16:55:39 +07:00
Alexander Piskun 01a11641f4 new name of AppEcosystem is AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-09-06 16:53:53 +07:00
Joas Schilling 25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +07:00
Andrey Borysenko f7b2dc8ccc
Merge branch 'master' into appecosystem-auth 2023-08-10 17:21:35 +07:00
Andrey Borysenko d3583d3f30
Fix psalm ci (stub). Wrap server container with try-catch 
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2023-08-02 17:40:58 +07:00
Alexander Piskun ca76ab98bd added Application Ecosystem V2 login handler 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-08-01 14:50:59 +07:00
Joas Schilling 0c5d0c2127
fix: Migrate collaboration listener and remove legacy adapter 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-28 14:11:21 +07:00
Joas Schilling 2014e7b836
fix(apps): Fix loading info.xml file 
Ref: https://bugs.php.net/bug.php?id=62577

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-20 10:40:09 +07:00
Simon L 918859cafd allow to specify upgrade.cli-upgrade-link in order to link to the correct documentation 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-06-10 10:05:36 +07:00
Simon L d293293cda Fixed bug which 'overwritewebroot' does not work with 'overwritecondaddr'. 
Signed-off-by: Takahiro Nagai <78393959+takahiro-blab@users.noreply.github.com>
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-16 11:39:39 +07:00
Simon L 84b88c01c7 adjust wording 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-09 11:19:48 +07:00
Simon L 6e5a307757 adjust wording for update hint when files of a specific app are not there 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-09 10:56:02 +07:00
Arthur Schiwon bb4b34ff69 Read mtime of version.php only once 
- in most cases it would read again in \OC_Util::loadVersion anyway
- remove some unused use statements

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-04-21 14:10:47 +07:00
Arthur Schiwon 7519949f37 add the server roots and version info hash to apcu prefix 
fixes collissions when more than one instance is running on the same
system

For the memcaches we use a more complex prefix, where version and
instance ID are incorporated. We do not have this data at hand at this
point of time. But we can get the mtime of the version.php file
relatively cheap.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-04-21 14:10:46 +07:00
Côme Chilliet b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +07:00
Christoph Wurst a06898a2d0 fix(security)!: Use consistent HTTP status for strict cookie checks 
Before: 503/412
Now: 412 + json body explaining the error

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-17 16:06:37 +07:00
Maxence Lange fc29b0d1b7 app type extended_authentication 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-04-12 09:34:49 +07:00
Côme Chilliet 426c0341ff
Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +07:00
Julius Härtl c3a39cbc75
Merge pull request #37305 from nextcloud/fix/security/log-failing-strict-cookie-check 
fix(security): Log failing strict cookie check
 2023-03-21 19:05:39 +07:00
Joas Schilling 705165d3d1
fix(session): Fix DAVx5 sync problems by partial reverting session changes 
Temporary disabled the short cut again to solve issues with CalDAV/CardDAV
clients like DAVx5 that use cookies and need a session. See
https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147
and the other comments for further information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-20 16:30:42 +07:00
Christoph Wurst 0e6fccf9e1
fix(security): Log failing strict cookie check 
The error is silent otherwise and makes it very hard to debug on a
production system.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-03-20 16:26:41 +07:00
Julius Härtl bbc6eee803
fix: Avoid log spam on 404 routes not using GET 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-03-03 09:40:43 +07:00
Joas Schilling 98ed72b3ed
Revert "fix(performance): Do not set up filesystem on every call" 2023-02-21 07:36:43 +07:00
Anna Larch 5d4efb4d5f
Do not set up filesystem on every call 
Also remove old Oc_FileChunking logis that produced GC- collectable chunks

Signed-off-by: Anna Larch <anna@nextcloud.com>
 2023-02-17 19:18:37 +07:00
Julien Veyssier 6431c5a559
extend the reference API for the new link picker 
- add 2 interfaces for discoverable and searchable reference providers
- new OCS route to get info on discoverable/searchable reference providers
- new abstract ADiscoverableReferenceProvider that only implements jsonSerialize
- listen to RenderReferenceEvent to inject provider list with initial state

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:55 +07:00
Julius Härtl 842f4d530f
fix(session): Always setup the session if a session cookie is passed 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-12-22 11:33:23 +07:00
Julius Härtl 6abb37317f
Do not setup a session when not required on WebDAV requests 
If basic auth is used on WebDAV endpoints, we will not setup a session
by default but instead set a test cookie. Clients which handle session
cookies properly will send back the cookie then on the second request
and a session will be initialized which can be resued for
authentication.

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-12-21 21:17:16 +07:00
Côme Chilliet a529aa79d8 Strong type singletons from lib/base.php 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:41 +07:00
Côme Chilliet e1d324f7eb Migrate lib/base.php to LoggerInterface 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:40 +07:00
Côme Chilliet 26d75add8f Put back cast to string now that timelimit is an int 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:40 +07:00
Côme Chilliet 7372da6c6d Fixing more psalm errors from lib/base.php 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:40 +07:00
Côme Chilliet 444811b0fe Use Server::get some more 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:40 +07:00
Côme Chilliet cf508c1e47 Use strict typing in base.php 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-12-19 09:10:40 +07:00
Julius Härtl be4c061b75
Set apcu prefix for composer 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-12-07 22:32:06 +07:00
Christoph Wurst 052dcdebe8
Refactor the ErrorHandler into a dynamic class 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-11-02 09:49:37 +07:00
Julius Härtl 11bedf1c3b
Use proper error pages instead of always redirecting 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-10-21 15:12:21 +07:00
Simon L f97f13b136
Merge pull request #33737 from andyxheli/patch-4 
Makes untrusted domain error on info
 2022-10-01 18:06:44 +07:00
Arthur Schiwon 9b7ef2962e
remove listeners to OC_Filesystem::(write|rename) old style hooks 
- the events are not emitted anymore
- OC_Filesystem::isBlacklisted() is not called from anywhere else

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-09-26 21:07:08 +07:00
Julius Härtl 80f6a5834a
Refactor cache handling 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-08-31 16:24:35 +07:00
Andy Xheli 12c8123873
Makes untrusted domain error on info 
Signed-off-by: Andy Xheli <axheli@axtsolutions.com>

Since e6d9ef2e38 was applied logs get filled up with Trusted domain error. "X.X.X.X tried to access using "X.X.X.X" as host alot of users missed important errors do toe6d9ef2e38   please see https://github.com/nextcloud/server/issues/32599

This should fix. 
https://github.com/nextcloud/server/issues/32599#event-7281164903


Signed-off-by: Andy Xheli <axheli@axtsolutions.com>
 2022-08-29 13:27:12 +07:00
Julius Härtl 1b43fbe06c
Move setting of gc_maxlifetime to initSession 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-08-17 12:10:27 +07:00
Julius Härtl 9e1d431255
Add config option to disable strict session timeout to be able to use read_and_close 
Fixed https://github.com/nextcloud/server/issues/29356

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-08-17 12:10:27 +07:00
Julius Härtl 9b4b72826a
Reopen sessions if we need to write to them instead of keeping them open 
Sessions are a locking operation until we write close them, so close
them early and reopen later in case we want to write to them

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-08-17 12:10:26 +07:00
Christoph Wurst d17e0699f3
Merge pull request #33173 from nextcloud/enhancement/maintenance-mode-http-header 
Set special header for 503 maintenance mode
 2022-08-10 09:16:02 +07:00
Christoph Wurst 0ed987a8dd
Set special header for 503 maintenance mode 
This removes ambiguity with a 503 returned by app code, web server or
similar. Front-end and clients can then handle this state accordingly.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-08-08 14:26:11 +07:00
Christoph Wurst a1149b0378
Do not redirect if requested CSS can not be found 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-08-08 14:09:58 +07:00
Christoph Wurst 222a9523b5
Fix 404 handling of requested JSON/XML 
If front-end or an application requests JSON/XML, there is no point in
redirecting to the default page if that response doesn't exist. In the
worst case that would just cause another request, therefore server load,
traffic and a response that is meaningless to the requester.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-07-08 19:14:05 +07:00
Joas Schilling 8e59d49701
Merge pull request #32435 from nextcloud/revert-32278-remove-default-php 
Revert "Remove call to already default php.ini values"
 2022-06-03 14:16:24 +07:00
Carl Schwan e4378fd18c
Merge pull request #32349 from nextcloud/enh/projects-event 
Add event to load additional scripts for projects
 2022-05-27 18:36:40 +07:00
Robin Appelman 83f831c263
Merge pull request #32427 from nextcloud/boot-event-ordering 
reorder startup events to fix overlapping
 2022-05-17 11:55:00 +07:00
Louis 8ed92ad4f7
Merge pull request #32216 from SUNET/master 
Respect user settings in php.ini if they are big enough
 2022-05-17 10:14:56 +07:00
Joas Schilling a6ca9d592d
Revert "Remove call to already default php.ini values" 2022-05-16 15:54:18 +07:00
Robin Appelman a67bf03ac0
reorder startup events to fix overlapping 
current the `request` and `runtime` events overlap with the `init` event which makes it hard to create usefull visualizations.

this reorders things a bit to remove an overlap

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-05-16 13:26:38 +07:00
Micke Nordin 0ace1831f4
Fix suggestions by @artonage 
Signed-off-by: Micke Nordin <kano@sunet.se>
 2022-05-16 10:15:45 +07:00
Julius Härtl d3acf8203d
Properly import maintenance script 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-05-16 09:28:15 +07:00
Julius Härtl 9a6869943e
Introduce event for loading additional script on projects 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-05-12 10:50:13 +07:00
Git'Fellow f110ff9f4d
Remove default values 
These values are already the default on supported PHP versions.
I suggest to remove these calls.
 2022-05-05 13:46:09 +07:00
Mikael Nordin 30fe91a77f
Simpler version as proposed by @artonage 
Co-authored-by: Louis <6653109+artonge@users.noreply.github.com>
Signed-off-by: Micke Nordin <kano@sunet.se>
 2022-04-30 16:41:35 +07:00
Micke Nordin 259664468a
Respect user settings in php.ini if they are big enough 
In the admin guide:
* https://docs.nextcloud.com/server/latest/admin_manual/configuration_files/big_file_upload_configuration.html

it is mentioned that you can tweek:
* max_input_time
* max_execution_time

in order to enable larger file uploads. However, the current codebase
will hard code these values to one hour, no matter what the user sets in
php.ini.

This patch will allow the user to set these settings in php.ini and they
will be respected, if and only if, they are set to something bigger than
3600 seconds.

Signed-off-by: Micke Nordin <kano@sunet.se>
 2022-04-29 14:50:57 +07:00
Carl Schwan 7d272c54d0 Add a built-in profiler inside Nextcloud 
The webui is provided by a seperate application named profiler

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-04-04 10:28:26 +07:00
Joas Schilling 0acd4b5f82
Merge pull request #31235 from nextcloud/techdebt/noid/extract-request-id 
Extract request id handling to dedicated class so it can be injected without DB dependency
 2022-03-22 12:08:45 +07:00
Julius Härtl 2ff0c972c9
Merge pull request #31124 from nextcloud/enh/diagnostics-logging 
Diagnostics event logging to log
 2022-03-02 12:00:44 +07:00
Julius Härtl eede608c0e
Add event logging to app loading 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-02-28 11:24:41 +07:00
Côme Chilliet 63d7e7c798
Build OC\Core\Application when running occ or cron to register listeners correctly 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-02-28 10:31:52 +07:00
Joas Schilling 07a9f34385
Extract request id handling to dedicated class so it can be injected manually 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-23 11:01:58 +07:00
Pierre Ozoux e6d9ef2e38 Makes untrusted domain error a warning. 
It sends a 400 to the client, so I could even argue that it should be an error.

But currently as an admin, I'm quiet surprised that I get a 400 in the UI, and nothing in the log with the default level.

I saw this commit that explains the reason why info. But I disagree.

Feel free to close the PR if you don't agree with it.

Signed-off-by: Pierre Ozoux <pierre@ozoux.net>
 2022-01-25 10:33:31 +07:00
Louis Chemineau b46ff973e0 Use less deprecated methods in base.php 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2022-01-19 11:07:12 +07:00
Joas Schilling c8bfd8a559
Load core before the update script 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-01-18 14:55:13 +07:00
John Molakvoæ (skjnldsv) b664aad7ab
Move bundles to /dist 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2022-01-08 10:11:58 +07:00
Valdnet 03889d1297
l10n: Separate words 
Signed-off-by: Valdnet <47037905+Valdnet@users.noreply.github.com>
 2021-12-15 17:27:26 +07:00
Joas Schilling 03936d7762
Fix basic auth for OAuth token endpoint 
Don't try to login when a client is trying to get a OAuth token.
OAuth needs to support basic auth too, so the login is not valid
inside Nextcloud and the Login exception would ruin it.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-10-19 13:03:23 +07:00
Daniel Rudolf 4d7430949a
Remove usage of \OC_Util::getDefaultPageUrl() and \OC_Util::redirectToDefaultPage() 
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-08-04 19:02:57 +07:00
Gary Kim b78f3a57d1
Migrate HintException to OCP 
Signed-off-by: Gary Kim <gary@garykim.dev>
 2021-06-30 15:28:02 +07:00
Arthur Schiwon 638c04d6e0
accounts event handler to use eventdispatcher, DI and Accounts API 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-06-30 00:41:11 +07:00
Joas Schilling cebfe4ba0e
Merge pull request #27190 from nextcloud/bugfix/noid/deduplicate-translation 
Deduplicate translations and fix double .
 2021-06-16 16:50:19 +07:00
John Molakvoæ (skjnldsv) 215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +07:00
Joas Schilling b4b2947248
Deduplicate translations and fix double . 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-06-04 09:47:17 +07:00
Christoph Wurst 6a5d89c1ac
Merge pull request #26758 from J0WI/more-strict 
Some more strict_types
 2021-04-28 09:28:19 +07:00
Joas Schilling 167efa19d7
Fix psalm errors 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-04-27 14:34:32 +07:00
J0WI a369933084 Fix ini_set() type 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-04-26 12:44:05 +07:00
Joas Schilling f35d7adf7d
Don't hardcode the product name to Nextcloud but use the theming value 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-03-22 16:32:35 +07:00
Roeland Jago Douma d4d33e3095
Merge pull request #25238 from nextcloud/enh/noid/apps-defacto-in-root 
Apps folder is defacto in root folder and not above
 2021-01-21 09:08:54 +07:00
Morris Jobke d84e1f1951
Re-use fetched dependencies in lib/base.php 
Reduces calls to DI container by reusing already fetched dependencies.

For status.php it went from 355 to 344.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-01-20 21:55:16 +07:00
Morris Jobke 5b0e69828f
Apps folder is defacto in root folder and not above 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2021-01-20 21:22:39 +07:00
Roeland Jago Douma d13f2d984f
Merge pull request #25015 from nextcloud/fix/no-double-intl-polyfill 
Replace patchwork/utf8 with symfony-polyfill-*
 2021-01-08 08:25:31 +07:00
Christoph Wurst 287c26bda3
Replace patchwork/utf8 with symfony-polyfill-* 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-01-07 21:22:41 +07:00
Carlos Ferreira bc1b5d7892
Remove useless ini_set functions 2021-01-07 15:24:49 +07:00
Christoph Wurst d89a75be0b
Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +07:00
Daniel Kesselberg 8ebd31d686
Make $vars and $secureRandom required. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-12-10 17:06:32 +07:00
Christoph Wurst 3cf39c573f
Allow lazy app registration 
During app installation we run migration steps. Those steps may use
services the app registers or classes from composer. Hence we have to
make sure the app runs through the registration.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-11-18 08:48:45 +07:00
Roeland Jago Douma 72a9c35be3
Remove some IRouter methods 
This is not the end. IRouter needs to burn.
But it is a start.

🎵 we didn't start the fire 🎵

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-11-17 14:08:20 +07:00
John Molakvoæ 3bacb4780b
Removed config.js 2020-11-09 12:23:51 +07:00
Roeland Jago Douma 48d843858d
Do not setup the default FS on normal routes 
This should help with load times hopefully. Only initialize the FS if we
actually ned it.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-11-06 09:03:32 +07:00
Joas Schilling f2541e7a8b
Use auto-wiring on most outer level 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-10-20 17:43:50 +07:00
Joas Schilling 4bc821edd9
PSR logger for accounts 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-10-20 17:41:47 +07:00