sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
82,672 Commits
618 Branches
1167 Tags
9.0 GiB
Commit Graph

1207 Commits (e2ea6d46802255cd1dcdedf0c0d5aeabdcaf283d)

Author SHA1 Message Date
SebastianKrupinski 7e92b157e3 fix: aliases and capitalization of emails 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-08-28 17:40:04 +07:00
Richard Steinmetz 40117dced3
Merge pull request #54426 from nextcloud/perf/prevent-fetching-account 
perf: prevent fetching a principal's user account if the data is not needed
 2025-08-28 16:59:38 +07:00
Richard Steinmetz 5b254ea39a
perf: prevent fetching a principal's user account if the data is not needed 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-28 14:13:29 +07:00
Richard Steinmetz e8986db7a4
perf(caldav): preload publish statuses for a whole calendar home at once 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-28 14:00:18 +07:00
Richard Steinmetz b7dc720848
feat: calendar federation 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-27 17:14:15 +07:00
SebastianKrupinski 46e624a089 feat: Calendar Import 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-08-27 08:30:33 +07:00
Carl Schwan d0f819ba99
Merge pull request #54409 from nextcloud/comments-db-multiple 
perf(comments): Add a way to get comments for multiple objects at the same time
 2025-08-27 11:57:24 +07:00
Andy Scherzinger a9635044e3
Merge pull request #54533 from nextcloud/cal-edit-private-event 
fix(caldav): show confidential event if writable
 2025-08-27 09:41:57 +07:00
Richard Steinmetz caf664ea43
fix(carddav): IAddressBook::getKey() should return a string 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-26 13:31:04 +07:00
Carl Schwan 94e2af0302 perf(comments): Also cache the comments count 
Since we now have an easy way to fetch the comments count.

Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>
 2025-08-21 11:30:56 +07:00
Arusekk b3c5707a0c
fix(caldav): show confidential event if writable 
If a party can edit the calendar/event, just display it instead of
hiding the details and risking overwrites.
This might be considered a change impacting privacy,
but it actually improves semantics.

Relevant test updates included, improving assertion correctness.

I think all the relevant use cases are solved by this.

Closes https://github.com/nextcloud/server/issues/5551
Closes https://github.com/nextcloud/calendar/issues/4044
Closes https://github.com/nextcloud/server/issues/11214

Signed-off-by: Arusekk <floss@arusekk.pl>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-20 13:34:38 +07:00
Richard Steinmetz fa80a6199d
fix(caldav): encode calendar URLs properly when formatting search results 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-08-15 14:53:49 +07:00
Salvatore Martire 75d9aaa3b5
Merge pull request #54318 from nextcloud/feat/54115/emitPreloadCollectionEvent 
Emits a `preloadCollection` event in the DAV server, so that plugins can listen to it and preload DAV properties for files inside a collection, to avoid the N+1 issue that would follow if loading properties on a per-file basis.
 2025-08-15 11:06:48 +07:00
Salvatore Martire bdcd583045 feat: make use of `preloadCollection` in core apps 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-08-15 10:46:43 +07:00
Salvatore Martire 9bbebd6034 feat: emit `preloadCollection` event in DAV 
This allows plugins to preload the content of a Collection to speed-up
subsequent per-node PROPFINDs and reduce database load.

Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-08-15 10:46:43 +07:00
Carl Schwan 46f0c6ebb5 perf(caldav): Cache calendars in CustomPropertiesBackend 
We already do that for files, we are now also doing for calendars.
With relatively small amount of calendars, I managed to reduce the
number of DB requests by 35% and from 23 DB requests touching the
oc_properties table to only 3.

Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>
 2025-08-15 09:57:58 +07:00
Salvatore Martire ec176a933a feat(dav): report inefficient DAV plugins in logs 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-08-13 19:46:18 +07:00
Christoph Wurst 0c4bb5e8c5
fix(dav): calculate permissions based on addressbook principal 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-08-06 18:15:43 +07:00
Daniel Kesselberg 13f25c9316 fix(carddav): return correct sync token for non-truncated requests 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-08-06 14:32:25 +07:00
Hamza Mahjoubi 36d9fcbb4d feat(cardav): support result truncation for addressbook federation 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2025-08-06 14:04:55 +07:00
SebastianKrupinski 49d8e29a18 fix: do not ignore move command object target uri 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-08-01 09:36:07 +07:00
John Molakvoæ 2b50d9b2c5
Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-07-11 17:07:44 +07:00
John Molakvoæ 6f0255d82a
Merge pull request #53141 from nextcloud/perf/files/setup-fs-basic-auth-request 2025-07-11 15:25:10 +07:00
Côme Chilliet 956924bdc9
chore: Remove calls to OC_App in bootstrap.php files for tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-07-10 11:40:27 +07:00
provokateurin 689a853dc6
fix(dav): Initialize the FS for the user right after authenticating 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-07-08 11:38:58 +07:00
Daniel Kesselberg 4dee17868f
test(imip): ensure charset is set for the text/calendar attachment 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-07-06 20:06:44 +07:00
Joas Schilling d67396f1b3
Merge pull request #53418 from nextcloud/fix/timedjob-execution-time 
Fix TimedJob execution time to allow job execution exactly when scheduled
 2025-07-03 14:16:56 +07:00
Robin Appelman aa15f9d16d
chore: run rector 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2025-07-01 22:45:52 +07:00
Ferdinand Thiessen 5981b7eb51
chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +07:00
Salvatore Martire 289b7ab684 test: check that UserStatusAutomation is cleaned up 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-07-01 15:15:53 +07:00
John Molakvoæ bd00b75b29
Merge pull request #53671 from nextcloud/fix/read-only-share-download 2025-07-01 15:11:06 +07:00
Julius Knorr 82e299401e perf(dav): Preload dav search with tags/favorites 
Signed-off-by: Julius Knorr <jus@bitgrid.net>
 2025-06-27 20:42:07 +07:00
Salvatore Martire 8167b07118 feat(files): automatically create directories on upload 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-06-26 15:08:11 +07:00
skjnldsv 9806a9830c feat(files_sharing): allow viewing files with download disabled 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-26 11:47:53 +07:00
Richard Steinmetz 960b3ec0eb refactor(dav): move shared logic to a dedicated example contact service 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-19 23:46:00 +07:00
Richard Steinmetz 4a6909ffef
feat: create example event when a user logs in for the first time 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-16 11:49:20 +07:00
Daniel Kesselberg 1ac85a3298 fix: use correct format for getlastmodified webdav property 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-06-10 13:15:31 +07:00
skjnldsv e41e8de0e2 fix(dav): file drop nickname 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-05 09:09:17 +07:00
Richard Steinmetz 696d76f976 fix(caldav): use direct.edit route in event activities 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-01 14:05:36 +07:00
Ferdinand Thiessen 9f8f7759a9
test(dav): adjust test cases for PHPUnit 10 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-28 09:30:21 +07:00
Joas Schilling 76e6ab1dff
test: Migrate remaining DAV tests to PHPUnit 10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-28 09:25:47 +07:00
Joas Schilling 96a1dd322b
test: Migrate DAV Systemtags tests to PHPUnit 10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-27 18:27:25 +07:00
Joas Schilling 6cccdf98f4
test: Migrate CardDAV tests to PHPUnit10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-25 22:22:57 +07:00
Joas Schilling 154d390c02
test: Migrate CalDAV tests to PHPUnit10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-25 14:11:17 +07:00
Louis a48bc55e2a
Merge pull request #52810 from nextcloud/artonge/feat/do_not_require_samesite_strict_cookie_on_public.php 2025-05-22 10:30:16 +07:00
Louis Chemineau 009d0c550c
fix: Move CSRF check from base to PublicAuth for public.php 
This currently prevent directly accessing a ressource when clicking on a link on a third party site. Example, clicking on `https://example.com/public.php/dav/files/pqLWcA269zfzXez/?accept=zip` in a GitHub comment.

Skipping the check is an issue with password protected shares, as it allows third party sites to request the ressource when the user already entered the password, aka CSRF.  So after removing the check from `base.php`, we need to add the it again in the `PublicAuth` plugin.

We also add a redirect to be helpful to the user.

**Warning**: this adds the limitation that clicking on a direct download link for password protected shares will redirect you to the password form, and then to the main share view.

Fix #52482

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-05-21 16:01:36 +07:00
Richard Steinmetz 9a74d9a1a5
fix(caldav): don't send invitations to circles 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-05-21 13:28:57 +07:00
Ferdinand Thiessen e693a5d4a5
fix(dav): correctly handle uploading folders with same name as a file 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-16 14:38:41 +07:00
provokateurin 78a175fc74
refactor: Apply rector refactorings 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-14 15:29:02 +07:00
Daniel Kesselberg c05d3fdb2e
fix(caldav): prevent unshare entry creation for owner unsharing 
- Introduces a `unshare` method in `CalDavBackend` to handle user unshares.
- Implements check to determine if unshare entry is needed based on group/circle membership.
- Ensures `updateShares` is only used when the calendar owner manages shares.
- Resolves issue where unsharing a calendar as owner created an unshare entry in `oc_dav_shares`.

Related PRs:
- https://github.com/nextcloud/server/pull/43117
- https://github.com/nextcloud/server/pull/47737

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-05-14 09:03:32 +07:00