nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Marcel Müller	234f183f8e	feat: Add option to update the public key of a user Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>	2025-11-19 10:51:43 +07:00
Ferdinand Thiessen	d6d6747a73	refactor: apply rector rules for PHPUnit 10 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-10-27 21:56:04 +07:00
Christoph Wurst	3e90ce89eb	test(net): include test for localhost by IP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2025-10-14 10:33:35 +07:00
Joas Schilling	51f596e0c2	test: Fix double space Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-25 13:29:17 +07:00
Joas Schilling	894fda1a4d	ci: Update testing certificates that expired after 10 years Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-08-25 12:15:57 +07:00
Marcel Müller	520d8beaf5	feat: Cache user keys Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>	2025-08-05 16:42:14 +07:00
Maxence Lange	484491e7cc	fix(bruteforce): limit appconfig lazy loading Signed-off-by: Maxence Lange <maxence@artificial-owl.com>	2025-07-20 00:49:11 +07:00
Robin Appelman	aa15f9d16d	chore: run rector Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-07-01 22:45:52 +07:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +07:00
Robin Appelman	29e39c0a2e	chore: run rector on tests Signed-off-by: Robin Appelman <robin@icewind.nl>	2025-06-12 18:31:58 +07:00
Joas Schilling	f474b5b3a9	test: Fix tests/lib/Security/ Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-05-15 08:24:59 +07:00
Daniel Kesselberg	a53e15c971	fix: log requests exceeding the rate limiting Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2025-05-14 12:23:40 +07:00
Joas Schilling	b77011a918	test: Prepare more tests for PHPUnit 10 Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-04-30 09:18:01 +07:00
Benjamin Gaussorgues	9f666c2b73	feat(ip): add configurable IPv6 subnet for BFP and throttling Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-17 08:12:03 +07:00
Benjamin Gaussorgues	c4021c8d38	feat(ip): use larger IPv6 range by default Some providers assign `/48` IPv6 blocks instead of `/64` so it sounds safer to use this mask by default. Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2025-04-08 10:08:28 +07:00
Joas Schilling	c1655bcde7	fix(ratelimit): Allow to bypass rate-limit from bruteforce allowlist Signed-off-by: Joas Schilling <coding@schilljs.com>	2025-01-27 12:46:15 +07:00
Christoph Wurst	1323e5bcb1	fix(migration): Decrypt ownCloud secrets v2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-11-28 09:00:33 +07:00
Josh	97421fb143	fix(tests): Add RemoteAddress v6 zone ID test Signed-off-by: Josh <josh.t.richards@gmail.com>	2024-11-04 09:30:21 +07:00
Côme Chilliet	280f6df66c	Merge pull request #32018 from nextcloud/cleanup/event/trashbin Port files trashbin events to IEventDispatcher/IEventListener	2024-09-24 17:15:39 +07:00
Richard Steinmetz	19ad13571c	fix: gracefully parse non-standard trusted certificates Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2024-09-24 12:36:09 +07:00
Côme Chilliet	af0b8fbd17	fix(tests): Fix tests now that trashbin listens to events properly Hooks are cleared in test bootstrap so switching to events activates them in tests. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-23 18:13:29 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Christoph Wurst	49dd79eabb	refactor: Add void return type to PHPUnit test methods Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-09-15 22:32:31 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
Ferdinand Thiessen	127cacdd19	feat(Security): Allow setting password context for validation and generation Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-22 19:16:50 +07:00
Ferdinand Thiessen	009761be58	test: Adjust tests for CSP nonce Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-13 10:06:32 +07:00
Stephan Orbaugh	9ed2d3e495	Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidator refactor: Migrate some legacy and core functions to `IFilenameValidator`	2024-07-22 10:40:50 +07:00
Ferdinand Thiessen	9716b0d735	refactor: Migrate some legacy and core functions to `IFilenameValidator` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-07-19 19:41:46 +07:00
Joas Schilling	047479ccf9	feat(security): Add public API to allow validating IP Ranges and checking for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Benjamin Gaussorgues	202e5b1e95	feat(security): restrict admin actions to IP ranges Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Christopher Ng	48b69c53dc	test: Test hash validation Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-07-04 17:05:50 +07:00
Andy Scherzinger	1f7e2ba599	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-13 17:41:36 +07:00
Joas Schilling	33e1c8b236	fix(security): Handle idn_to_utf8 returning false Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-12-04 10:38:46 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Ferdinand Thiessen	ecf9f0a872	fix(CSP): Only add `strict-dynamic` when using nonces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 22:01:02 +07:00
Ferdinand Thiessen	e231abd9bf	fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on `script-src-elem` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2023-11-17 14:42:36 +07:00
Joas Schilling	124588d4a6	fix: Make bypass function public API Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:40:24 +07:00
Joas Schilling	fd9b2d488e	feat: Expose if the own IP is allowed to bypass bruteforce protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:36:04 +07:00
Joas Schilling	a95800c647	feat(security): Add a bruteforce protection backend base on memcache Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:36:03 +07:00
Joas Schilling	030e8d8916	fix: Align doc type with creation Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-27 23:13:38 +07:00
Christoph Wurst	08a3f37695	chore(appframework)!: Drop \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-06-12 10:03:59 +07:00
Côme Chilliet	8d5165e8dc	Adapt tests to config value typing Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-05 17:42:14 +07:00
Joas Schilling	c5339fa336	Merge pull request #37542 from nextcloud/bugfix/noid/allow-to-opt-out-of-ratelimit-for-testing feat(security): Allow to opt-out of ratelimit protection, e.g. for te…	2023-04-03 14:19:41 +07:00
Joas Schilling	454281af03	feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CI Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-04-03 09:06:45 +07:00
Arthur Schiwon	997c2a2a79	fix DBAL exception handling in setValues This seems to be a left over after abstracting DBAL. Nowadays, IQueryBuilder::executeStatement() only throws a \OCP\DB\Exception, where previously original DBAL exceptions where thrown. These are now wrapped, the orignal classes are now mapped to a reason. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-03-31 17:01:17 +07:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +07:00
Côme Chilliet	0f7e56b3b3	Fix syntax in VerificationTokenTest.php Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-15 09:25:56 +07:00
Côme Chilliet	70e2217d1c	Fix dynamic properties and other problems in tests for PHP 8.2 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-14 16:14:35 +07:00
Christoph Wurst	8aea25b5b9	Add remote host validation API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-31 16:13:28 +07:00
Côme Chilliet	6f80fe6ada	Remove deprecated at matcher from tests/lib Only 15 warnings left in there Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-08-29 16:36:40 +07:00

1 2 3

144 Commits (fac380fb886d6f1b9cf645870f999230c05155d5)