sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
83,070 Commits
596 Branches
1167 Tags
8.8 GiB
Commit Graph

792 Commits (f320c19c853d74acde60b59ad610cb37f65daeee)

Author SHA1 Message Date
Louis Chemineau f320c19c85 feat(unified-search): Use existing min search length config 
This setting existed already for the legacy unified search.
This commit expose that setting to the new front-end, and
also ignore non valid requests in the backend.

We also take the opportunity to register the config in the lexicon.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-09-29 10:55:51 +07:00
provokateurin 4c9b04ed26
fix(core): Stop abusing the cache for avatar upload 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-09-26 19:11:30 +07:00
Christoph Wurst 90d2f6f659 fix(auth): allow access to dynamic js files during 2FA 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-09-10 23:51:41 +07:00
Joas Schilling 3df6d90a4c
Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-08-28 17:11:31 +07:00
John Molakvoæ d785bcdc6e
Merge pull request #53920 from nextcloud/revert-53918-revert-53141-perf/files/setup-fs-basic-auth-request 2025-08-28 14:12:57 +07:00
Marcel Klehr 310cd23a6a fix(TaskProcessingApiController): Don't allow anonymous access anymore 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-08-28 11:46:37 +07:00
provokateurin 5057d5fcc5 fix(core): Stop abusing the cache for avatar upload 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-08-28 09:28:11 +07:00
Maxence Lange fa60488ee7 feat(ocm): split ocm discovery and capacities 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2025-08-20 11:57:01 +07:00
Ferdinand Thiessen 4b2fcac882 fix: also add `version` to `OC.config` during setup 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-08-19 16:01:30 +07:00
Daniel 64c52006dd
Merge pull request #54272 from nextcloud/enh/noid/taskprocessing-task-add-cleanup-flag 
feat(taskprocessing): add cleanup flag to tasks
 2025-08-15 09:48:47 +07:00
Maxence Lange cb84ccc57d feat(preset): share password protection 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2025-08-12 14:37:32 +07:00
Julien Veyssier e6adbd921e
feat(taskprocessing): generate OpenAPI specs, fix lint issue, fix tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-07 15:12:21 +07:00
Julien Veyssier 8c52b6c0fe
feat(taskprocessing): add cleanup flag to tasks to decide if they should be cleaned up automatically 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-07 15:12:21 +07:00
Marcel Klehr e2449bca6f fix(TaskProcessingApiController): Improve error handling 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2025-07-22 11:21:17 +07:00
John Molakvoæ 2b50d9b2c5
Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-07-11 17:07:44 +07:00
provokateurin 24f7a2e680
fix(core): Stop abusing the cache for avatar upload 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-07-08 11:38:59 +07:00
Ferdinand Thiessen 5981b7eb51
chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +07:00
skjnldsv 9806a9830c feat(files_sharing): allow viewing files with download disabled 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-26 11:47:53 +07:00
Richard Steinmetz c690c6fbd2
fix: update request token on two-factor pages 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-23 11:20:09 +07:00
Richard Steinmetz fa15cb8b87
fix: generate csrf tokens if two factor challenge is ongoing 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-23 11:20:09 +07:00
Ferdinand Thiessen 495c364268
chore: use consistent casing for header names (required by openAPI) 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-06-09 19:24:26 +07:00
Kate cfeec72fff
Merge pull request #53292 from nextcloud/fix/loginflow 2025-06-03 15:15:44 +07:00
Ferdinand Thiessen fa7310add9
fix: handle IDLE timeout 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-06-03 14:24:51 +07:00
Oleksander Piskun 90e8fa25a6 fix(TaskProcessingApiController): use StreamResponse to return the task file content 
Signed-off-by: Oleksander Piskun <oleksandr2088@icloud.com>
 2025-06-03 13:09:07 +07:00
Anna Larch 08f869dda9 fix: broken password reset form 
Signed-off-by: Anna Larch <anna@nextcloud.com>
 2025-05-26 19:22:07 +07:00
provokateurin 82fb8f8508
refactor: Extend rector to core/ 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-15 00:16:54 +07:00
Marcel Müller 1addd35b78 fix: Remove unneccesary etag check 
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
 2025-04-29 23:15:50 +07:00
Stephan Orbaugh aa8c0a68cb
Merge pull request #50650 from IONOS-Productivity/feat/login_flow_v2-user_agents-allow-list 
feat(login-flow-v2): Restrict allowed apps by user agent check
 2025-04-24 10:12:19 +07:00
Joas Schilling 9ed33cf6aa
feat(profile): Add an API to get the profile field data 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-04-23 12:38:18 +07:00
Misha M.-Kupriyanov d1a94f3c9c feat(login-flow-v2): Restrict allowed apps by user agent check 
Enable via:
./occ config:system:set core.login_flow_v2.allowed_user_agents 0  --value '/Custom Foo Client/i'
./occ config:system:set core.login_flow_v2.allowed_user_agents 1  --value '/Custom Bar Client/i'

if user agent string is unknown
the template with "Access forbidden"-"Please use original client" will be displayed

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
 2025-04-23 09:45:23 +07:00
Richard Steinmetz 246da73a36
fix(oauth2): retain support for legacy ownCloud clients 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-04-01 11:25:52 +07:00
skjnldsv 0179cb4d8d feat(core): add setup cypress tests 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-03-13 20:51:00 +07:00
skjnldsv cc12719df5 feat(core): migrate setup to vue 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-03-13 16:00:18 +07:00
Côme Chilliet 71dc34c03c fix: Deprecate OC_Template, add proper template manager instead 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-06 15:49:25 +07:00
Louis Chemineau c6293204a2
feat: Close sessions created for login flow v2 
Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser.

This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-02-26 13:42:18 +07:00
Côme Chilliet e757b649b7
fix: Fix psalm taint false-positives by small refactorings 
Mostly make it clear that we trust admin input or that we correctly
 escape strings.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-02-17 18:08:23 +07:00
skjnldsv 2c13259093 feat(files): add mime icon endpoint 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-01-22 16:29:36 +07:00
SebastianKrupinski 332fa63850 feat: Two Factor API 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-01-16 08:31:58 +07:00
Julien Veyssier 24332e2a06
fix(taskprocessing): /tasktypes endpoint was broken by #49015 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-01-09 10:06:25 +07:00
Côme Chilliet f52b4c5eb2 fix: Remove skip of grant page, only skip first step 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +07:00
Côme Chilliet e7be008dc1 feat(oauth2): Skip page before login as well for authorized applications 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +07:00
Côme Chilliet 9b366c65d4 feat(oauth): Allow to skip the grant step for selected applications 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +07:00
provokateurin 085d4c9364
refactor(OpenAPI): Adjust scopes to match previous behavior 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-01-06 14:30:40 +07:00
Stephan Orbaugh d4715c61f2
Merge pull request #49560 from nextcloud/fix/login-origin 
feat(login): add origin check at login
 2024-12-20 14:53:11 +07:00
Jonas dd5f560246
fix(ReferenceApiController): Bump rate limit for public resolve endpoint 
E.g. text documents might contain hundreds of links whose previews need
to get loaded.

Fixes: nextcloud/collectives#1607

Signed-off-by: Jonas <jonas@freesources.org>
 2024-12-16 13:01:55 +07:00
Benjamin Gaussorgues 22051a73c1
feat(login): add origin check at login 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-12-05 09:51:53 +07:00
Maxence Lange 4591430c9c feat(ocm): signing ocm requests 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-12-04 09:30:55 +07:00
Marcel Klehr 3ac14af26b fix(TaskProcessing): Set up fs in getFileContentsInternal 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2024-11-26 11:07:20 +07:00
skjnldsv b15fdfd40e chore(profile): move profile app from core to apps 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2024-11-14 10:25:02 +07:00
John Molakvoæ 452e4be4f5
Merge pull request #46222 from nextcloud/fix/task-processing-api-controller/dont-use-plus 2024-11-06 09:02:23 +07:00