de26160778
Allow to inject the trusted domain helper by public interface
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-11-03 11:06:19 +07:00
8bc25e3324
Move preview provider registration to bootstrap
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-10-21 10:35:18 +07:00
0dcc5c0e9f
Merge pull request #28728 from nextcloud/add-database-backend-limiter
...
Add database ratelimiting backend
2021-09-13 13:07:37 +07:00
aacaad2a3f
implement verification for additional mails
...
- mails added by (sub)admins are automatically verified
- provisioning_api controller as verification endpoint
- IAccountProperty gets a locallyVerified property
- IPropertyCollection gets a method to fetch an IAccountProperty by value
- an remove equivalent was already present
- AccountManager always initiates mail verification on update if necessary
- add core success template for arbitrary title and message
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-09-09 14:03:35 +07:00
378cc922c4
Adjust logic to store period instead of current timestamp
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-09-06 17:31:36 +07:00
d4f97affc1
Add database ratelimiting backend
...
In case no distributed memory cache is specified this adds
a database backend for ratelimit purposes.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-09-06 16:31:01 +07:00
7179002600
Allow to get a local cloud id without going through the contacts manager
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-07-14 16:08:05 +07:00
12e4484dba
ensure that factoryClass exisits before instantiation
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-06-30 15:09:27 +07:00
215aef3cbd
Update php licenses
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2021-06-04 22:02:41 +07:00
0e6321957d
allow excluding groups from creating link shares
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-05-12 16:11:31 +07:00
df47445c01
Fix unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-27 14:34:32 +07:00
5f3abffe6f
Improve networking checks
...
Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-04-06 11:37:47 +07:00
65b78515bd
make ILDAPProviderFactory usable when there is no ldap setup
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-03-31 15:23:33 +07:00
cc54f718f5
Add known user check in avatar when v2-private scope
...
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:10 +07:00
b81a1c1bdb
Add new v2-private account scope
...
Added new v2-private account manager scope that restricts the scope
further by excluding public link access.
Avatars with v2-private account scope are now showing the guest avatar
instead of the real avatar.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:05 +07:00
4974404774
files: Create files from template API
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-01-28 11:59:46 +07:00
6c1e294edd
Compare and store the login name via the event
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-20 08:50:17 +07:00
90c3013d40
Cleanup the constructor
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-01-18 11:32:50 +07:00
8b64e92b92
Bump doctrine/dbal from 2.12.0 to 3.0.0
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 11:45:19 +07:00
d89a75be0b
Update all license headers for Nextcloud 21
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-12-16 18:48:22 +07:00
54e3beba16
Merge pull request #24319 from nextcloud/techdebt/noid/streamline-user-creation-and-deletion-events
...
Streamline user creation and deletion events
2020-11-26 14:09:54 +07:00
16a78f535a
set the display name of federated sharees from addressbook
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-11-24 11:30:11 +07:00
8ac9767881
Merge pull request #24312 from nextcloud/bugfix/noid/fix-router-alias
...
Add proper alias for internal router class
2020-11-24 08:43:29 +07:00
d9708ebece
Add proper alias for internal router class
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-11-24 08:01:39 +07:00
f4c1512bb7
Fix typo in @deprecated PHPDoc tag
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-24 00:13:09 +07:00
9bf76d2bad
Streamline user creation and deletion events
...
CreateUserEvent was the only one that didn't matched the naming scheme of BeforePASTTENSEEvent and PASTTENSEEvent. The event wasn't used at all so this just removes it again as there is BeforeUserCreatedEvent that is also available since 18.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-23 23:59:52 +07:00
e606c0eef4
Allow View to be used via DI
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-21 00:18:59 +07:00
5be18215fb
Auto-wire as much as possible in the encryption app
...
Also cleans up only non-classname services in the server container
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-20 23:13:22 +07:00
e187c1d778
Remove old OC_Hook for OC_Group events
...
Those mappings exist and we will remove the first ones (labeled as `old`):
old: `\OC_Hook::listen('OC_Group', 'pre_createGroup', array('run' => true, 'gid' => $gid));`
since OC 8 (owncloud/core#12618): `$groupManager->listen('\OC\Group', 'preCreate', function ($gid) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\BeforeGroupCreatedEvent`
old: `\OC_Hook::emit('OC_User', 'post_createGroup', array('gid' => $gid->getGID()));`
since OC 8 (owncloud/core#12618 ): `$groupManager->listen('\OC\Group', 'postCreate', function (\OC\Group\Group $gid) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\GroupCreatedEvent`
old: `\OC_Hook::emit('OC_Group', 'pre_deleteGroup', array('run' => true, 'gid' => $group->getGID()));`
since OC 8 (owncloud/core#12618 ): `$groupManager->listen('\OC\Group', 'preDelete', function (\OC\Group\Group $group) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\BeforeGroupDeletedEvent`
old: `\OC_Hook::emit('OC_User', 'post_deleteGroup', array('gid' => $group->getGID()));`
since OC 8 (owncloud/core#12618 ): `$groupManager->listen('\OC\Group', 'postDelete', function (\OC\Group\Group $group) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\GroupDeletedEvent`
old: `\OC_Hook::emit('OC_Group', 'pre_addToGroup', array('run' => true, 'uid' => $user->getUID(), 'gid' => $group->getGID()));`
since OC 8 (owncloud/core#12618 ): `$groupManager->listen('\OC\Group', 'preAddUser', function (\OC\Group\Group $group, \OC\User\User $user) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\BeforeUserAddedEvent`
old: `\OC_Hook::emit('OC_Group', 'post_addToGroup', array('uid' => $user->getUID(), 'gid' => $group->getGID()));`
since OC 8 (owncloud/core#12618 ): `$groupManager->listen('\OC\Group', 'postAddUser', function (\OC\Group\Group $group, \OC\User\User $user) { ... });`
since NC 17 (#18350 ): `OCP\Group\Events\UserAddedEvent`
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-10 21:58:44 +07:00
a79d7c0be0
fix: also remove use statement of UserCreatedEvent
...
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
2020-11-05 08:53:20 +07:00
ded2acc966
fix: no more translation from postCreateUser hook to UserCreatedEvent anymore, as event is already emitted in user manager
...
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
2020-11-04 09:18:35 +07:00
dc479aae2d
Improve CertificateManager to not be user context dependent
...
* removes the ability for users to import their own certificates (for external storage)
* reliably returns the same certificate bundles system wide (and not depending on the user context and available sessions)
The user specific certificates were broken in some cases anyways, as they are only loaded if the specific user is logged in and thus causing unexpected behavior for background jobs and other non-user triggered code paths.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-03 00:13:01 +07:00
49ff48fcd3
Use PSR logger in authentication
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-10-12 22:07:04 +07:00
56b67c8c13
Clean up the server
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-09 08:25:56 +07:00
6a63d7b4ee
Deprecate the named alias of IBus
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-07 18:58:05 +07:00
4e14c18192
Merge pull request #23248 from nextcloud/techdebt/server-getters-query-get
...
Use the ContainerInterface::get inside the server container
2020-10-07 11:40:22 +07:00
03d156a824
Use the correct l10n for activities
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-10-07 10:50:06 +07:00
e509c6515e
Use the ContainerInterface::get inside the server container
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-07 10:12:17 +07:00
aa95b3d71b
Add occ command to set theming values
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-09-24 08:22:07 +07:00
4cfbe0c97d
Specific version for @deprecated PHPDoc
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-09-16 15:09:00 +07:00
b5a70b31c1
Don't create a deprecation log in base.php
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-10 09:03:39 +07:00
1f7f93a695
Update license headers for Nextcloud 20 (again)
...
There are still lots of outdated headers, so time for another round of
updates.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 14:37:44 +07:00
770d12d191
Add missing alias for OCP\Settings\IManager and deprecate the old one
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-04 16:39:01 +07:00
0452877a67
Fix app password updating out of bounds
...
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates
* Added event listener to the PostLoggedInEvent so that we can act on it
- Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
token. Else it keeps being marked invalid and thus not used.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-09-03 21:13:36 +07:00
7b8364e001
Merge pull request #21288 from lmamane/master
...
Return correct loginname in credentials
2020-08-28 16:11:46 +07:00
2a054e6c04
Update the license headers for Nextcloud 20
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-08-24 14:54:25 +07:00
987f621173
Merge pull request #22331 from nextcloud/bugfix/noid/dont-use-deprecated-inigetwrapper
...
Don't use deprecated getIniWrapper() anymore
2020-08-20 19:45:47 +07:00
65b5e65185
Merge pull request #21529 from nextcloud/enh/encryption/improve_key_format
...
New SSE key format
2020-08-20 17:41:18 +07:00
b09620651c
Don't use deprecated getIniWrapper() anymore
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-08-20 16:35:38 +07:00
ac8b40b8b1
Return correct loginname in credentials,
...
even when token is invalid or has no password.
Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.
Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase
Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-08-20 16:02:22 +07:00
Joas Schilling
Roeland Jago Douma
Lukas Reschke
Arthur Schiwon
Julius Härtl
John Molakvoæ (skjnldsv)
Robin Appelman
Vincent Petry
Christoph Wurst
Christoph Wurst
Roeland Jago Douma
Morris Jobke
Tobias Assmann
Lionel Elie Mamane