nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Andy Scherzinger	90a6b82579	Merge pull request #47940 from nextcloud/backport/47933/stable30 [stable30] fix(config): Throw PreconditionException always when it didn't match	2024-09-15 21:29:14 +07:00
Andy Scherzinger	fa355386f7	Merge pull request #47796 from nextcloud/backport/47756/stable30 [stable30] fix(files): Check if target path is a descendant of the shared folder	2024-09-15 21:25:30 +07:00
Joas Schilling	66a6b442b5	fix(config): Throw PreconditionException always when it didn't match Previously even when the precondition did not match, the call "passed" when the after value was the expected one. This however can lead to race conditions, duplicate code excutions and other things. Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-09-13 11:40:13 +07:00
Julius Knorr	80eec3f0ef	fix: Add whiteboard to education and public sector bundle Signed-off-by: Julius Knorr <jus@bitgrid.net>	2024-09-12 09:08:22 +07:00
Git'Fellow	2bb8c023c2	fix(files): Check if the target path is a descendant of the shared folder path Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: fix tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: add tests Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com> fix: tests	2024-09-06 02:00:43 +07:00
provokateurin	b9aaa9f2e0	fix(files): Create non-existent parents of mountpoints Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-04 18:04:13 +07:00
Ferdinand Thiessen	6ea52ed218	fix: Adjust filename validation messages Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-30 14:48:23 +07:00
Marcel Klehr	77464a4a0d	fix(TaskProcessing): Fix namespace of TaskProcessingTest.php Signed-off-by: Marcel Klehr <mklehr@gmx.net> Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-08-30 14:06:15 +07:00
Julien Veyssier	d2ec025fa4	fix(taskprocessing): fix tests Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-08-30 14:06:15 +07:00
Arthur Schiwon	656412daa4	test(phpunit): skip sharding tests on 32bit Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-08-29 20:19:33 +07:00
Ferdinand Thiessen	183fcef39b	fix: Renaming does not need update but delete permissions Renaming is basically copy + delete (a move), so no need to update permissions. Especially if the node is in a invalid directory the node should be moveable but not editable. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-28 20:23:50 +07:00
Louis Chemineau	140b36fcea	fix: Backport to 30 Signed-off-by: Louis Chemineau <louis@chmn.me>	2024-08-28 14:54:14 +07:00
Louis Chemineau	e5a8f996bd	chore: Apply php:cs recommendations Signed-off-by: Louis Chemineau <louis@chmn.me> [skip ci]	2024-08-28 14:54:14 +07:00
Robin Appelman	b2645590ce	fix: implement sharding compatible cleanup for various bits Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	1b6d76aa1b	test: fix share provider tests for sharding Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	ecf1cc2c3c	test: mark share test cleanup as running across all shards Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	82d7eaf80a	feat: implement distributing partitioned queries over multiple shards Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	4ec53e723e	feat: add option to automatically partition queries by specific tables Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	8f57d46a0b	fix: delay calculating global cache prefix untill a cache is created Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-28 14:54:14 +07:00
Robin Appelman	3e35e62f6b	feat: add negative compare-and-delete to imemcache Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-23 11:37:57 +07:00
Ferdinand Thiessen	1e49c83556	fix: `FilenameValidator::isForbidden` should only check forbidden files And not forbidden basenames as this is used for different purposes. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-22 08:51:58 +07:00
Joas Schilling	eea5378344	ci: Skip flaky test on PHP 8.3 Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-08-21 13:55:13 +07:00
Ferdinand Thiessen	3e409fd342	Merge pull request #43573 from nextcloud/HolgerHees-fix-csp-nonce-handling Fix for ignored `CSP_NONCE` in ContentSecurity Header	2024-08-13 17:53:30 +07:00
Christoph Wurst	5100e3152d	feat(auth): Clean-up unused auth tokens and wipe tokens Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-08-13 12:39:11 +07:00
Ferdinand Thiessen	2916e5df7e	feat: Provide CSP nonce as `<meta>` element This way we use the CSP nonce for dynamically loaded scripts. Important to notice: The CSP nonce must NOT be injected in `content` as this can lead to value exfiltration using e.g. side-channel attacts (CSS selectors). Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:32:44 +07:00
Ferdinand Thiessen	009761be58	test: Adjust tests for CSP nonce Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:06:32 +07:00
Côme Chilliet	1cfc25d08c	fix(tests): Adapt tests to change of DefaultShareProvider constructor Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-08-12 15:20:21 +07:00
Ferdinand Thiessen	0563757ea4	fix(SetupCheck): Properly check public access to data directory When checking for public (web) access to the data directory the status is not enough as you might have a webserver that forwards to e.g. a login page. So instead check that the content of the file matches. For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content to allow checking. ¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-08 22:08:42 +07:00
Christoph Wurst	2b38d6ae7e	fix(session): Log when session_* calls are slow Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-08-07 09:02:10 +07:00
skjnldsv	db28aa8cd1	fix(files_sharing): show proper share not found error message Signed-off-by: skjnldsv <skjnldsv@protonmail.com>	2024-08-06 16:25:10 +07:00
Jérôme Herbinet	c221090c86	fix: unify bundle naming Signed-off-by: Jérôme Herbinet <33763786+Jerome-Herbinet@users.noreply.github.com> Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-08-06 11:14:07 +07:00
Robin Appelman	9af6184af6	chore: delete repair step for 8y old oc_mounts issue Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-08-02 17:21:54 +07:00
Julius Härtl	a6d421e767	chore: Remove deprecated legacy search backend Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-08-01 12:33:18 +07:00
Stephan Orbaugh	18c0bcb2da	Merge pull request #46476 from nextcloud/enh/noid/migration-attributes Migration Attributes	2024-07-30 15:54:56 +07:00
Joas Schilling	710a69b4b5	feat(log): Allow to combine log.conditions to only log (app&user) Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-07-30 13:18:09 +07:00
Ferdinand Thiessen	21f558b12b	Merge pull request #46379 from nextcloud/fix/folder-search-owner fix: `OCP\Files\Node\Folder::search` was not setting the owner	2024-07-30 13:04:15 +07:00
Maxence Lange	ad490c963b	feat(migration-attributes): tests Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2024-07-29 12:44:52 +07:00
provokateurin	9d1705259c	fix(AppFramework): Allow requests with OCS-APIRequest header to pass CSRF checks Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-25 17:31:49 +07:00
Marcel Klehr	799ee8fd51	feat(TaskProcessing): Implement enums and default values Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2024-07-25 10:10:31 +07:00
Ferdinand Thiessen	57ed738af2	Merge pull request #46644 from nextcloud/cast-bigint fix: cast to bigint on postgresql	2024-07-24 20:39:04 +07:00
Louis	7266a9ef33	Merge pull request #46418 from nextcloud/artonge/feat/user_admin_delegation feat(users): Add users and group management to admin delegation	2024-07-24 11:15:54 +07:00
SebastianKrupinski	fc0b694d37	feat: mail provider backend Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>	2024-07-23 16:20:36 +07:00
Robin Appelman	16c184e2cb	fix: cast to bigint on postgresql Signed-off-by: Robin Appelman <robin@icewind.nl>	2024-07-23 14:41:13 +07:00
Louis Chemineau	dff8815449	feat(users): Add support for admin delegation for users and groups management Signed-off-by: Louis Chemineau <louis@chmn.me>	2024-07-22 17:17:35 +07:00
Julien Veyssier	fffc784769	feat(taskprocessing): add support for webhooks (http or AppAPI) in the task processing API Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-07-22 11:34:29 +07:00
Stephan Orbaugh	9ed2d3e495	Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidator refactor: Migrate some legacy and core functions to `IFilenameValidator`	2024-07-22 10:40:50 +07:00
Andy Scherzinger	c2a571e435	Merge pull request #46473 from nextcloud/feat/restrict_admin_to_ips feat(security): restrict admin actions to IP ranges	2024-07-22 10:10:42 +07:00
Ferdinand Thiessen	9716b0d735	refactor: Migrate some legacy and core functions to `IFilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-07-19 19:41:46 +07:00
Joas Schilling	7395211c1a	Merge pull request #46605 from nextcloud/bugfix/noid/test-more-oracle-versions fix(deps): Deprecate functionality deprecated by doctrine and test on more oracle versions	2024-07-19 16:40:49 +07:00
Joas Schilling	047479ccf9	feat(security): Add public API to allow validating IP Ranges and checking for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00

1 2 3 4 5 ...

5667 Commits (f83cebf79ea25beff7a758798f1bf6c1ef3ffdb1)