sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
82,231 Commits
633 Branches
1168 Tags
9.1 GiB
Commit Graph

779 Commits (dcc6c1956ac7d6d5cf4781cb00a1055dee47d599)

Author SHA1 Message Date
Marcel Klehr 7a947980db fix: Fix psalm issues 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +07:00
Marcel Klehr 3b0925a064 chore: Regenerate openapi.json 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +07:00
Marcel Klehr 29cbb3cf71 chore: Run cs:fix 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +07:00
Marcel Klehr b2b93e4219 feat: Add getFileContents endpoint to TaskProcessing OCS API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +07:00
Marcel Klehr 44b896f999 feat: TaskProcessing OCS API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-05-14 11:38:39 +07:00
provokateurin dd997b6ac7
docs(preview): Improve API parameter descriptions 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-05-13 12:47:24 +07:00
Christoph Wurst 22dc27810e
fix(auth): Keep redirect URL during 2FA setup and challenge 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-04-19 10:24:26 +07:00
Côme Chilliet ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +07:00
Ferdinand Thiessen 3fede00732
feat(login): Clear login form (password) after IDLE timeout 
For security reasons it is recommended to stop the login process at a defined time,
this could prevent password leaks by e.g. user forgetting that they entered their password on public devices.

Enforced e.g. by the BSI ORP.4.A13 rule.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-03-25 12:22:53 +07:00
fenn-cs 2792d8b3f5 feat: Limit email input on auth pages to 255 chars 
Excessively long emails reported make server unresponsive.

We could at some point, consider adding a configuration for sysadmins to bypass this setting
on their instance if they want.

Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
 2024-03-21 10:34:55 +07:00
Eduardo Morales 0de6cc7472 feat: added login's initial possible email-states 
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
 2024-03-10 10:32:21 +07:00
Robin Appelman fd4ca13867
Merge pull request #43471 from nextcloud/cache-path-by-id 
Cache path by id
 2024-03-05 17:26:25 +07:00
Julius Härtl c7813bfdaf
feat: Implement team provider api 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-05 08:13:58 +07:00
Robin Appelman e7a7b4a401 perf: switch places that always use the first getById result to getFirstNodeById 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-03-04 13:57:31 +07:00
provokateurin 2c51933b6b
refactor(core): Switch to attribute based routing 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-21 12:07:50 +07:00
provokateurin 6243a9471d
feat(core): Add OCS endpoint for confirming the user password 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 14:28:00 +07:00
provokateurin d95e500e45
feat(core): Expose the confirm password endpoint 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-02-20 08:04:13 +07:00
John Molakvoæ 4a509dfe8e
fix: phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +07:00
John Molakvoæ 9593f4d6f9
fix: openapi 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2024-02-13 21:06:31 +07:00
Vincent Petry 839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +07:00
Côme Chilliet 6fc5cef6e9 fix: Support other schemes than HTTP and HTTPS in app navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +07:00
Côme Chilliet 4f69f49a75 fix: Revert external url support in icon as it’s not allowed 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +07:00
Côme Chilliet 4fb5c15db5 Allow application to pass external links in navigation 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-02-06 09:36:39 +07:00
provokateurin b64ab5fba8
refactor: Migrate IgnoreOpenAPI attributes to OpenAPI 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-01-18 16:14:17 +07:00
Côme Chilliet 95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Joas Schilling 0b591916d6
fix(openapi): Make OpenAPI CI green again 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-11 12:29:19 +07:00
Ferdinand Thiessen 949e09ccb7 enh(core): Refactor profile page to use vue components 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-01-10 11:22:27 +07:00
Gaspard d'Hautefeuille 08ff644f3c Keep https check 
https://github.com/nextcloud/server/issues/41196 + keep https check

Co-authored-by: Louis <louis@chmn.me>
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +07:00
Gaspard d'Hautefeuille 85911cbab2 Cancel PR #37405, remove regression code 
Signed-off-by: Gaspard d'Hautefeuille <github@dhautefeuille.eu>
 2024-01-05 04:20:26 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Benjamin Gaussorgues 33837e7d6f
Fix invalid users/groups handling in advanced search 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-15 10:17:43 +07:00
Joas Schilling 0feb55ee93
Merge pull request #41271 from nextcloud/enh/text-processing-iprovider2 
enh(TextProcessing): Add two new provider interfaces
 2023-11-13 10:49:14 +07:00
Benjamin Gaussorgues c753eefb21
feat(search): Allow multiple search terms in UnifiedController 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-10 09:21:16 +07:00
Marcel Klehr b45007f38f
Merge branch 'master' into enh/text-processing-iprovider2 2023-11-09 13:46:18 +07:00
Christoph Wurst a5422a3998
fix: Show error message when CSRF check fails at login 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-08 15:18:34 +07:00
Marcel Klehr 8c0c426538
Merge branch 'master' into enh/text-processing-iprovider2 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-08 11:52:47 +07:00
Marcel Klehr d11b9cbd79 fix(TextProcessing/Manager): Throw TaskFailureException upon failure 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-06 12:50:16 +07:00
Marcel Klehr 181f819e41 enh(TextProcessing): Add IProvider2 
- allow providers to obtain current task's userId
- allow providers to expose average task runtime

Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-11-03 16:22:54 +07:00
Christopher Ng 7f530d22e1 fix: Only highlight profile entry when viewing own profile 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-11-02 15:43:56 +07:00
Joas Schilling 2b8114d59d
feat(events): Add typed event for filtering autocompletion suggestions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-02 11:08:53 +07:00
Robin Appelman 1fffa3eae0
load script and styles on setup page 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-31 10:03:09 +07:00
Marcel Müller c2393fb712 Reset BFP for sudo action 
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
 2023-10-28 18:36:43 +07:00
Christopher Ng d899e676de fix: Set profile as active nav entry 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-10-26 10:30:22 +07:00
Joas Schilling 2b7f78fc2e
Merge pull request #40326 from nextcloud/enh/text-to-image-api 
Implement TextToImage OCP API
 2023-10-26 15:53:30 +07:00
Marcel Klehr 154bb53538
Update core/Controller/TextToImageApiController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-26 11:35:55 +07:00
Marcel Klehr 47e13cd55b en(TextToImage): Use specific exception class instead of generic RuntimeException 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-26 11:16:15 +07:00
Joas Schilling 2353d3cd5c
feat(profile): Add public interface for profile manager so apps can check config 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-23 12:56:31 +07:00
Marcel Klehr 7b7f552a6e fix(Text2Image): Fix OpenAPI types 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-20 13:33:05 +07:00
Marcel Klehr b7fd5185b6 enh(TextToImage): Allow generating multiple images with one task 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-20 13:13:15 +07:00
Marcel Klehr 8968573d9f enh(TextToImage): Add getExpectedRuntime to IProvider and run tasks during request lifetime if possible 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-20 12:17:17 +07:00
Marcel Klehr 92cc171a61 fix(TextToImage): Fix OpenAPI definitions 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-19 11:07:03 +07:00
Marcel Klehr 6238aca6c5 fix(TextToImage): Fix bruteforce protection 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 14:46:40 +07:00
Marcel Klehr e57e94e11a fix(TextToImage): Add bruteforce protection to API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 14:09:19 +07:00
Marcel Klehr d3da49de44 fix(TextToImage): Fix docblock of getImage route 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:31:00 +07:00
Marcel Klehr c5fbe5a7bc enh(TextToImage): Add bruteforce protection for anonymous API usage 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:31:00 +07:00
Marcel Klehr e5efbc88d8 enh(TextToImage): Address review comments 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +07:00
Marcel Klehr 1e36d74c3e Update core/Controller/TextToImageApiController.php 
Co-authored-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +07:00
Marcel Klehr 2d44c7c1ed Small fixes 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +07:00
Marcel Klehr c8cab9d2fd Implement TextToImage OCP API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-10-18 13:21:50 +07:00
Ferdinand Thiessen 154a9989a7
Merge pull request #39852 from nextcloud/pragmaHeader 
Stop sending deprecated Pragma header
 2023-10-18 03:30:21 +07:00
Julien Veyssier c6da99474e
rename oauth2_access_token's created_at to code_created_at 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +07:00
Julien Veyssier 807f173dec
make oauth2 authorization code expire after 10 minutes 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +07:00
Joas Schilling c88b02abff
Merge pull request #40660 from nextcloud/bugfix/noid/fix-missing-user-status-on-autocomplete-api 
fix(autocomplete): Fix missing user status on autocomplete endpoint
 2023-10-04 10:12:14 +07:00
Joas Schilling a7018bc5e8
fix(autocomplete): Fix missing user status on autocomplete endpoint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-09-28 14:02:18 +07:00
Christoph Wurst dbd666e82b
fix(unifiedsearch): Allow searching for "0" 
empty("0") evaluates to true

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-09-28 10:53:07 +07:00
jld3103 c2d45cb172
Add single status code descriptions for OpenAPI 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-09-27 08:05:21 +07:00
Côme Chilliet f68d4f7300
Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +07:00
jld3103 c72ca72cde
core: Fix OCM OpenAPI 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-09-23 13:00:58 +07:00
Maxence Lange b5dcd048ae small fixes 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-09-20 08:23:45 +07:00
Maxence Lange 8b9e7e235d ocm controller 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-09-20 08:23:45 +07:00
jld3103 79b8b5c0f2
core: Fix OpenAPI for reference API 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-09-14 15:49:13 +07:00
jld3103 8b9b637ec6
ProfileApi: Fix typo 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-09-03 11:45:48 +07:00
Joas Schilling 25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +07:00
Git'Fellow 066f6ef16c Stop sending deprecated Pragma header 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2023-08-28 15:11:22 +07:00
John Molakvoæ 266fb31180
fix(tests): preview phpunit 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2023-08-17 18:58:21 +07:00
John Molakvoæ 28725c46a8
feat: redirect to the mime icon if no preview available 
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
 2023-08-17 18:56:38 +07:00
jld3103 902e0396e0
Fix text processing OpenAPI 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-08-11 11:37:56 +07:00
Julien Veyssier f154fe7f8e
fix psalm issue 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-08-07 18:28:58 +07:00
Julius Härtl fca1c309a0
feat: Add delete task API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-08-07 13:27:53 +07:00
Julien Veyssier 41b19cf969
allow anon text processing scheduling 
add a textprocessing_tasks index
convert anotations to method attributes
refactor TP manager
add mapper methods

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-08-07 13:27:53 +07:00
Julien Veyssier 9986e02097
start implementing ocs endpoint to get task list from user+appId+identifier 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-08-07 13:27:53 +07:00
jld3103 dca22c1d2c core: Document text processing API 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-31 14:09:12 +07:00
Marcel Klehr 7c80d66ee5
Merge pull request #38854 from nextcloud/enh/llm-api 2023-07-21 11:20:31 +07:00
Marcel Klehr 6d568b0d32 Fix tests: Adjust constructor signature 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-19 17:33:11 +07:00
Marcel Klehr 7389567c7d Remove Task::factory method 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-19 13:15:14 +07:00
Joas Schilling 0d51d8fbcb
fix(core): Add password confirmation requirement for getapppassword 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-17 12:07:22 +07:00
Marcel Klehr 95d2d3af5c Fix psalm errors 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-14 16:10:39 +07:00
Marcel Klehr ffe27ce14c Massive refactoring: Turn LanguageModel OCP API into TextProcessing API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-14 16:00:31 +07:00
jld3103 1be836273d
core: Add OpenAPI spec 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-13 07:24:15 +07:00
Marcel Klehr bd45c436eb
Update core/Controller/LanguageModelApiController.php 
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-11 15:28:37 +07:00
Marcel Klehr d430cbbfca
Update core/Controller/LanguageModelApiController.php 
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-11 15:28:22 +07:00
Marcel Klehr 48c8206538 Fix openapi docs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-11 14:37:14 +07:00
Marcel Klehr b7c3b50e41
Update core/Controller/LanguageModelApiController.php 
Co-authored-by: Kate <26026535+provokateurin@users.noreply.github.com>
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-11 12:41:31 +07:00
Marcel Klehr 49ea56b306 LanguageModelApiController: Use jsonSerialize method to help psalm 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr a4578cd995 cs:fix 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr ea4dc4cba8 LLM OCP API: Fix OpenApi docs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr de1cfaae9c LLM OCP API: Fix psalm issues 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr 61b9b4f474 LLM OCS API: Add OpenAPI docs 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr d33b7a8da4 LLM OCS API: s/tasks/tasktypes/ 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr d6d4e0ffe3 LLM OCP API: Fix psam errors 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr f7e1e79880 LLM OCP API: Fix security issue 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr 94fcf88892 LLM OCP API: Fix copyright 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr b00a9a6eae LLM OCP API: Use OCP\Common\Exception\NotFoundException 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Marcel Klehr 795b097122 LLM OCP API: Implement ocs API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-07-07 13:39:10 +07:00
Faraz Samapoor 4ce7173f7e Update core/Controller/SetupController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor 2800436948 Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor 9eedeb4012 Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-20 10:38:46 +07:00
Faraz Samapoor d64aa85b04 Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 73b7096850 Fixes psalm error. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 468aefc649 Fixes php-cs-fixer error. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor 4bf610ebaf Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-16 19:29:40 +07:00
Faraz Samapoor fc0e2a938f Applies agreed-upon indentation convention to the changed controllers. 
Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753

Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 18:35:32 +07:00
Faraz Samapoor 25cdc35473
Update core/Controller/AppPasswordController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 18:26:27 +07:00
Faraz Samapoor 05784c3244
Update core/Controller/CollaborationResourcesController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 16:45:21 +07:00
Faraz Samapoor 2713ab023f
Update core/Controller/AppPasswordController.php 
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-05 16:45:01 +07:00
Faraz Samapoor 450bf5c99e Refactors controllers by using PHP8's constructor property promotion. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-04 23:20:35 +07:00
Faraz Samapoor a1ef0285f8 Refactors "strpos" calls in /core to improve code readability. 
Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
 2023-06-02 13:13:19 +07:00
Joas Schilling 7ee81b6555
fix(lostpassword): Also rate limit the setPassword endpoint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-15 09:21:07 +07:00
Joas Schilling 9d6ec68b59
feat(translation): Return the detected language so clients can show more details 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-05-02 16:38:33 +07:00
Joas Schilling e5d0ff0c19
feat(translation): Allow guests to use translations as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:46 +07:00
Joas Schilling 032821d2b5
fix(translation): Use 400 as status code to be distinguishable from server errors 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:42 +07:00
Joas Schilling b7c1e61d0b
fix(translation): Properly set the numbers as HTTP status code 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 09:02:38 +07:00
Joas Schilling 21b056ee2d
fix(translation): Translate error messages on translations API 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-04-13 08:53:15 +07:00
Côme Chilliet 5063b76c8a
Merge pull request #37495 from joshtrichards/jr-trim-pw-reset-username 
Trim the user/email provided for password resets
 2023-04-05 11:36:53 +07:00
Josh Richards 9899b12478
Trim user earlier 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2023-04-04 10:03:15 +07:00
Christopher Ng 7bc8b543be Improve handling of profile fields 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2023-03-30 17:11:41 +07:00
Josh Richards 203b9131ec
Trim the user/email provided for password resets 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2023-03-30 11:59:13 +07:00
jld3103 02f9c3a06f
Use implementations instead of interfaces for accessing private methods 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-30 12:33:46 +07:00
Git'Fellow cfd7a57184 Send header to all browsers under HTTPS 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Don't send Clear-Site-Data to Safari

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>

Fix lint

Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2023-03-26 15:29:01 +07:00
jld3103 79507435fa
Fix controller class import for autocomplete 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-03-16 09:50:43 +07:00
Julius Härtl a0ecc37d03
fix(translation): Allow regular users to use translation api endpoints 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-28 09:29:57 +07:00
Julius Härtl 3e63298381
feat(translations): Add translation provider API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-27 16:52:03 +07:00
MichaIng 0d67fc23f4
Merge pull request #36634 from nextcloud/fix/client-login-flow/state-token-missing-response 
fix(client-login-flow): Use correct response for missing state token
 2023-02-27 16:34:07 +07:00
Julien Veyssier 01cefbd6d6
[reference preview] fix getting null mimetype if the cached reference lacks an image content type 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-02-22 12:39:26 +07:00
Simon L a747be3544
Merge pull request #36443 from nextcloud/fix/23063/fix-login-log-entry 
fix the login log entry
 2023-02-15 18:13:59 +07:00
Christoph Wurst 024adc14b1
fix(client-login-flow): Use correct response for missing state token 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-02-09 14:11:28 +07:00
Joas Schilling 59578817f5
Merge pull request #36489 from nextcloud/bugfix/noid/brute-force-protection-password-reset 
Add bruteforce protection to password reset page
 2023-02-06 22:12:25 +07:00
Christoph Wurst 88d116ba84
fix(client-login-flow): Handle missing stateToken gracefully 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-02-06 09:42:15 +07:00
Joas Schilling 704eb3aa6c
Add bruteforce protection to password reset page 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-02 06:13:49 +07:00
Simon L 6496748971 fix the login log entry 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-01-30 17:07:44 +07:00
Christoph Wurst 7269766e05
Merge pull request #36363 from nextcloud/feat/app-framework/usesession-attribute 
feat(app-framework): Add UseSession attribute to replace annotation
 2023-01-27 16:59:14 +07:00
Julien Veyssier 8766e4f242
handle and return touchProvider errors 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:56 +07:00
Julien Veyssier 946a1af9fd
add 'last used timestamp' management for reference providers 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:56 +07:00
Julien Veyssier 6431c5a559
extend the reference API for the new link picker 
- add 2 interfaces for discoverable and searchable reference providers
- new OCS route to get info on discoverable/searchable reference providers
- new abstract ADiscoverableReferenceProvider that only implements jsonSerialize
- listen to RenderReferenceEvent to inject provider list with initial state

Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-01-27 11:10:55 +07:00
Christoph Wurst 20e00cdf17
feat(app-framework): Add UseSession attribute to replace annotation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-27 09:40:35 +07:00
Côme Chilliet f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +07:00
Simon L 06a572ff55
Merge pull request #27492 from cyclops8456/feature/24301-remove-can-install-on-occ-maintenance-install 
Remove the CAN_INSTALL file when occ maintenance:install is complete
 2023-01-18 19:53:02 +07:00
Christoph Wurst 20fcfb5739
feat(app framework)!: Inject services into controller methods 
Usually Nextcloud DI goes through constructor injection. This has the
implication that each instance of a class builds the full DI tree. That
is the injected services, their services, etc. Occasionally there is a
service that is only needed for one controller method. Then the DI tree
is build regardless if used or not.

If services are injected into the method, we only build the DI tree if
that method gets executed.

This is also how Laravel allows injection.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 14:00:38 +07:00
Christoph Wurst f22101d421
Fix login loop if login CSRF fails and user is not logged in 
If CSRF fails but the user is logged in that they probably logged in in
another tab. This is fine. We can just redirect.
If CSRF fails and the user is also not logged in then something is
fishy. E.g. because Nextcloud contantly regenrates the session and the
CSRF token and the user is stuck in an endless login loop.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-01-18 09:39:17 +07:00