sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
73,377 Commits
619 Branches
1167 Tags
9.0 GiB
Commit Graph

379 Commits (ba94de2510b3858f10d60f0230a58b1252346372)

Author SHA1 Message Date
Louis Chemineau 8a2cf5bb68 Do not dispatch postSetPassword when setPassword fails 
Also Improve error message when setPassword fails

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2022-05-05 17:21:23 +07:00
Joas Schilling 6e4d721278
Expose shareWithDisplayNameUnique also on autocomplete endpoint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-05-03 12:51:23 +07:00
John Molakvoæ 3c75a99267
Phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2022-04-21 19:00:28 +07:00
Vincent Petry 576e4e8f2a
Merge pull request #31592 from nextcloud/fix/direct-arg-flow-v2 
Add direct arg to login flow
 2022-03-29 18:21:40 +07:00
Vincent Petry 80388663af Add direct arg to login flow 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Co-Authored-by: Carl Schwan <carl@carlschwan.eu>
 2022-03-28 10:28:45 +07:00
Joas Schilling d078d53683
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-23 11:01:58 +07:00
Joas Schilling 6dd60b6d30
Only allow avatars in 64 and 512 pixel size 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-07 16:47:51 +07:00
Julius Härtl 61dd1d3d97
Pass username prefill through unauthenticated request redirects 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-12-29 11:52:31 +07:00
Côme Chilliet 8b271b8a12
Fix tests and avoid PHP errors in them 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2021-11-23 09:29:01 +07:00
Joas Schilling f8463e1fc6
Fix missing import of ILogger 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-11-02 16:47:16 +07:00
Vitor Mattos d613b32045
add check isFairUseOfFreePushService on login 
Signed-off-by: Vitor Mattos <vitor@php.rio>
 2021-10-23 00:54:50 +07:00
Julius Härtl d68f028251
Merge pull request #27733 from PhrozenByte/enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-10-05 13:06:59 +07:00
Daniel Kesselberg e6ab948949
Make AppsEnableTest and AppsDisableTest independet of the app version number 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2021-10-01 23:08:59 +07:00
Joas Schilling a586739e17
Fix unit tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-09-29 10:02:21 +07:00
Arthur Schiwon 6857136f06
fixes missing prefix to validate password reset token 
- also fixes the test which missed asserting the presence of it

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-10 19:06:50 +07:00
Arthur Schiwon 19cc757531
move verification token logic out of lost password controller 
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:29 +07:00
Lukas Reschke c21a721fc1
Merge pull request #28725 from nextcloud/disallow-public-page-in-2fa-flow 
Remove 2FA exemption from PublicPage annotation
 2021-09-07 10:44:34 +07:00
Lukas Reschke 19ad636373 Resolve absolute path in tests 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 21:26:27 +07:00
Lukas Reschke 8da6a9bea9
Adjust tests 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 09:09:42 +07:00
Christoph Wurst 4b0e18ae1b
Merge pull request #27294 from pjft/patch-2 
Update TwoFactorChallengeController.php
 2021-08-19 12:40:40 +07:00
Daniel Rudolf aa455e71d9
Merge branch 'master' into enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-08-04 18:52:55 +07:00
Daniel Rudolf e478db9161
Deprecate RedirectToDefaultAppResponse 
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-07-01 15:13:08 +07:00
Gary Kim b78f3a57d1
Migrate HintException to OCP 
Signed-off-by: Gary Kim <gary@garykim.dev>
 2021-06-30 15:28:02 +07:00
Daniel Rudolf 0df68f0697
Remove unused imports 
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-06-30 16:48:22 +07:00
Daniel Rudolf 12059eb65b
Add IUrlGenerator::linkToDefaultPageUrl() 
Replaces the deprecated \OC_Util::getDefaultPageUrl() and makes this API public.

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-06-30 16:20:57 +07:00
Joas Schilling a651dbd2c0
Fix app version check 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-06-25 11:49:32 +07:00
pjft b1086e25bb Add logging to 2FA failure 
For security reasons, we may want to monitor failures of 2FA challenges in order to ban attackers who might try to access compromised accounts but are stopped by the 2FA challenge.
Right now, the only hindrance is rate-limiting, but it's probably not enough.
Added dependency injection.

Signed-off-by: pjft <paulo.j.tavares@gmail.com>
 2021-06-21 20:43:12 +07:00
Johannes Leuker d606799ee2 Add commands to manage tags via OCC 
list, add, delete, edit

Signed-off-by: Johannes Leuker <j.leuker@hosting.de>
 2021-05-25 11:29:32 +07:00
Johannes Leuker e9ca59ef0a Change my email address 
Signed-off-by: Johannes Leuker <j.leuker@hosting.de>
 2021-03-24 15:13:56 +07:00
Vincent Petry 95e03fba2d
Fix more controller tests in Core subdir 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-24 09:02:19 +07:00
Vincent Petry 9b8ca1697a
Fix more tests in the Core subdir 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-24 08:48:28 +07:00
Vincent Petry c467f64848
Fix core tests command for app enabling/disabling 
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2021-03-23 20:40:28 +07:00
Roeland Jago Douma 54cffefed4
Merge pull request #25660 from hosting-de/feature/add-backend-list-groups 
Show group backends in occ group:list --info and group:info
 2021-03-05 08:49:43 +07:00
Johannes Leuker 2796ef80ff Show group backends in occ group:list --info and group:info 
Signed-off-by: Johannes Leuker <j.leuker@hosting.de>
 2021-03-01 16:02:08 +07:00
Christoph Wurst 5026d2cca1
Merge pull request #25086 from nextcloud/dependabot/composer/nextcloud/coding-standard-0.5.0 
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0
 2021-02-18 14:05:54 +07:00
dependabot-preview[bot] eb502c02ff
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0 
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-02-18 13:31:24 +07:00
Joas Schilling 6ed4aaeeea
Send emails on password reset to the displayname 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-02-18 12:38:43 +07:00
Konrad Abicht 330315f03e refined name of getOpenSSLEncryptedAndPrivateKey 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-12 13:01:37 +07:00
Konrad Abicht 0bc49d67cd added unit tests for LoginFlowV2Service::createTokens 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-12 12:57:24 +07:00
Konrad Abicht c755165dd4 added unit tests for LoginFlowV2Service::flowDone 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-11 10:45:47 +07:00
Konrad Abicht d60dd8a208 added unit tests for LoginFlowV2Service::startLoginFlow 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-11 09:56:09 +07:00
Konrad Abicht f29748a5e1 added unit tests for LoginFlowV2Service::getByLoginToken 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-11 09:49:39 +07:00
Konrad Abicht b0a2278a7e added unit tests for LoginFlowV2Service::poll 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-11 09:38:29 +07:00
Konrad Abicht a50c615d37 simplified tests 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-09 15:48:37 +07:00
Konrad Abicht a28705064b fixed coding style issue 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-09 15:40:19 +07:00
Konrad Abicht b38a619212 added tests for OC\Core\Data\LoginFlowV2Credentials 
Signed-off-by: Konrad Abicht <hi@inspirito.de>
 2021-02-09 15:25:37 +07:00
Christoph Wurst 6995223b1e
Add well known handlers API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 13:13:05 +07:00
Christoph Wurst d9015a8c94
Format code to a single space around binary operators 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-05 20:25:24 +07:00
Joas Schilling c2bef528ef
Remove unused members and imports 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-08 10:45:35 +07:00
Joas Schilling a4b2403e29
The privacy setting is only about syncing to other servers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-03 15:46:21 +07:00
Morris Jobke 234b510652
Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPUnit\Framework\MockObject\MockObject 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-12 13:55:19 +07:00
John Molakvoæ (skjnldsv) 9e962fb69f
Allow to update to nightly 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2020-08-07 13:51:39 +07:00
Morris Jobke 97c49b0b15
Add tests for occ preview:migrate - initial check for empty directories 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-07 10:42:09 +07:00
Morris Jobke 0123cd0ae3
Use assertStringContainsString instead of assertContains on strings 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-07-23 17:11:29 +07:00
Joas Schilling 35c6b1236f
Move AutoComplete::filterResults to new event dispatcher and GenericEvent 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-07-01 09:57:33 +07:00
Arthur Schiwon 653162a709
use the loginname to verify the old password in user password changes 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2020-05-26 16:53:25 +07:00
Daniel Kesselberg df669a2936
Set etag for capabilities endpoint 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-04-29 15:26:46 +07:00
Morris Jobke a64681a0fe
Merge pull request #19514 from sndrr/already-enabled-apps 
Already enabled apps
 2020-04-27 11:00:16 +07:00
Sander Ruitenbeek 3d9cd00c7b
Updated test to check for already enabled apps 
Signed-off-by: Sander Ruitenbeek <s.ruitenbeek@getgoing.nl>
 2020-04-24 16:30:45 +07:00
Daniel Kesselberg 72a16b1779
Make it possible to resolve svg for apps_paths outside the document root 
Previous implementation assumes the app path is always a child \OC::$SERVERROOT. That's not always true.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-04-24 16:19:10 +07:00
Roeland Jago Douma 95ad9ab4ac
Merge pull request #20401 from nextcloud/fix/login-sso-redirct 
Fix absolute redirect
 2020-04-15 11:28:40 +07:00
Christoph Wurst 28f8eb5dba
Add visibility to all constants 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 16:54:27 +07:00
Christoph Wurst caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +07:00
Christoph Wurst 14c996d982
Use elseif instead of else if 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 10:35:09 +07:00
John Molakvoæ (skjnldsv) 6c49dc2d1f
Fix absolute redirect 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2020-04-10 08:58:54 +07:00
Christoph Wurst 44577e4345
Remove trailing and in between spaces 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 16:07:47 +07:00
Christoph Wurst afbd9c4e6e
Unify function spacing to PSR2 recommendation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 13:54:22 +07:00
Christoph Wurst 2a529e453a
Use a blank line after the opening tag 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:50:14 +07:00
Christoph Wurst 41b5e5923a
Use exactly one empty line after the namespace declaration 
For PSR2

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:48:10 +07:00
Christoph Wurst 2fbad1ed72
Fix (array) indent style to always use one tab 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 10:16:08 +07:00
Roeland Jago Douma 53db05a1f6
Start with webauthn 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2020-03-31 22:17:07 +07:00
Christoph Wurst 463b388589
Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports 
Remove unused imports
 2020-03-27 17:14:08 +07:00
Christoph Wurst b80ebc9674
Use the short array syntax, everywhere 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-26 16:34:56 +07:00
Christoph Wurst 2ee65f177e
Use the shorter phpunit syntax for mocked return values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:21:27 +07:00
Christoph Wurst 74936c49ea
Remove unused imports 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:08:08 +07:00
Daniel Kesselberg 68148f4073
Always use status 200 for avatar response 
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-03-01 00:42:24 +07:00
Roeland Jago Douma 52e4ecd66e
Merge pull request #18644 from nextcloud/harden/csrf_endpoint 
Only allow requesting new CSRF tokens if it passes the SameSite Cooki…
 2020-01-07 13:43:46 +07:00
Kim Brose 9c5fe8fca4
Fix CI 
Signed-off-by: Kim Brose <kim.brose@rwth-aachen.de>
 2020-01-03 18:06:59 +07:00
Roeland Jago Douma da81b71f93
Only allow requesting new CSRF tokens if it passes the SameSite Cookie test 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-01-03 13:12:03 +07:00
Roeland Jago Douma 87104ce510
Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config 
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
 2019-12-12 21:59:42 +07:00
Daniel Kesselberg 48a130c2a8
Fix: Using assertContains() with string haystacks is deprecated and will not be supported in PHPUnit 9. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-12-08 22:33:17 +07:00
Joas Schilling 738e6bf079
Merge pull request #17715 from nextcloud/fix/5456/respect_avatar_privacy 
Honor avatar visibility settings
 2019-12-04 10:28:45 +07:00
Daniel Kesselberg 9378a6b411
Send Clear-Site-Data expect for Chrome 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-11-30 15:17:22 +07:00
Roeland Jago Douma 3a7cf40aaa
Mode to modern phpunit 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 15:27:18 +07:00
Roeland Jago Douma ef4b59d341
More fixes 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:42 +07:00
Roeland Jago Douma c007ca624f
Make phpunit8 compatible 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:41 +07:00
Roeland Jago Douma 68748d4f85
Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +07:00
Roeland Jago Douma 54eb27dab2
Update tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-13 20:43:20 +07:00
RussellAult 19791b2460
Check getRedirectUri() for queries 
Resolves Issue #17885

Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.

Signed-off-by: RussellAult <russellault@users.noreply.github.com>
 2019-11-13 14:05:03 +07:00
Roeland Jago Douma 2cf068463f
Harden middleware check 
These annotations will allow for extra checks. And thus make it harder
to break things.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-10-25 15:44:37 +07:00
Roeland Jago Douma a02a626606
Merge pull request #17411 from kinolaev/fix-oauth2-redirect 
Fix oauth client redirect
 2019-10-07 12:03:52 +07:00
Sergej Nikolaev 1b5d85a4ca fix oauth client redirect 
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
 2019-10-04 21:09:13 +07:00
Tim Terhorst 2ad33bc06e Add Fatal logging option 
Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
 2019-10-02 21:18:29 +07:00
Christoph Wurst de6940352a Move settings to an app 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2019-09-28 09:39:28 +07:00
Daniel Kesselberg 9c4c5ee818
Add test case for existing user with token null 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-08-18 23:27:03 +07:00
Daniel Kesselberg 7f7c6e49b6
Return the disabled user mock instead of the existing 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-08-18 23:18:39 +07:00
Roeland Jago Douma 6dc179ee12
Fix login flow form actions 
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-08-11 19:53:49 +07:00
Roeland Jago Douma 436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540 
Add missing password reset page to vue
 2019-07-31 11:02:20 +07:00
Julius Härtl 3b0d13944a
Move actual password reset to vue 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2019-07-31 09:19:07 +07:00
Roeland Jago Douma b6dd2ebd39
Use proper exception in lostController 
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.

This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-27 20:12:16 +07:00