averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-29 12:24:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
88,512 Commits 1,008 Branches 1,229 Tags
executeUpdateRemove
Commit Graph

336 Commits

Author SHA1 Message Date
Christoph Wurst b9720703e8 Add CSRF token controller to retrieve the current CSRF token 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-03-08 16:48:50 +01:00
Julius Härtl 16ac8eaac9 Fix tests 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-03-07 09:17:18 +01:00
Julius Härtl 11b6cc3f68 Replace logout href to avoid new etag on every request 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-03-06 09:51:28 +01:00
Julius Härtl 723b8764d1 Add ETag to NavigationController 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-03-05 12:19:20 +01:00
Roeland Jago Douma cf83eb5e77 Merge pull request #8336 from nextcloud/cleanup-unused-parameter 
Cleanup unused parameter
 2018-02-20 10:16:59 +01:00
Morris Jobke bcf1668cc8 Remove config from AutoCompleteController 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-02-13 21:40:30 +01:00
Julius Härtl 5a23b35ddb Also rewrite icon url 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-02-12 21:20:21 +01:00
Julius Härtl 922cf44c81 Move to OCS endpoint 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-02-12 17:22:33 +01:00
Julius Härtl 8ecac56543 Allow requesting absolute URLs 
They might be useful when requesting the navigation from the clients

Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-02-12 17:22:32 +01:00
Julius Härtl 6211d18dc1 Add tests for NavigationController 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-02-12 17:22:32 +01:00
Morris Jobke 4ef302c0be Request->getHeader() should always return a string 
PHPDoc (of the public API) says that this method returns string but it also returns null, which is not allowed in some method calls. This fixes that behaviour and returns an empty string and fixes all code paths that explicitly checked for null to be still compliant.

Found while enabling the strict_typing for lib/private for the PHP7+ migration.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-17 09:51:31 +01:00
Roeland Jago Douma b1d8084700 Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-15 21:43:11 +01:00
Joas Schilling 7789fbdea6 Add unit test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-01-15 00:50:52 +01:00
Roeland Jago Douma 8d1dd1945f Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-13 13:58:06 +01:00
Julius Härtl f5f6ed664d Hide stay logged in checkbox when flow authentication is used 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-12-28 11:15:26 +01:00
Roeland Jago Douma c1fcd6fc98 Merge pull request #7324 from nextcloud/no-sorters-no-instances 
don't create sorter instances when none was requested
 2017-12-11 15:27:44 +01:00
Morris Jobke ed7beb929e Merge pull request #6876 from nextcloud/always_img_avatar 
Always generate avatar
 2017-12-08 23:58:17 +01:00
Bjoern Schiessle 555fe7047f fix tests 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-12-08 13:29:33 +01:00
Roeland Jago Douma 8e8fe6b8eb Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-11-29 14:23:15 +01:00
Arthur Schiwon 96bc03a03a don't create sorter instances when none was requested 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-11-28 13:30:51 +01:00
Mario Danic c2cd5fc5d3 Fix flow 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
 2017-11-09 00:29:34 +01:00
Julius Härtl cd1bfea8c4 Theming: theme flow redirection page 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-11-08 14:56:32 +01:00
Arthur Schiwon e2805f02aa Merge branch 'master' into autocomplete-gui 2017-11-01 15:37:29 +01:00
Arthur Schiwon 25aad121e6 meanwhile we can have exact matches. also show those. 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-31 14:58:48 +01:00
Arthur Schiwon fa2f03979b add search parameter to autocomplete controller 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-25 17:26:50 +02:00
Morris Jobke 43e498844e Use ::class in test mocks 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-10-24 17:45:32 +02:00
Arthur Schiwon fd6daf8d19 AutoCompletion backend 
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-22 14:13:32 +02:00
Joas Schilling 3119fd41ce Set the data from the template 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-10-18 15:12:03 +02:00
Morris Jobke 444779ce96 Fix tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-06 16:38:24 +02:00
Morris Jobke 0326c2c54f Fix broken tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-04 14:17:03 +02:00
Joas Schilling 0aff1c9268 Return the user id in case of an error 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-29 11:10:30 +02:00
Morris Jobke 0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url 
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
 2017-08-26 18:50:52 +02:00
Joas Schilling d5c6d56170 No password reset for disabled users 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-18 13:21:53 +02:00
Lukas Reschke a04feff9a7 Properly allow \OCP\Authentication\IApacheBackend to specify logout URL 
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.

This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.

Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.

Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-18 12:22:44 +02:00
Roeland Jago Douma ba7cf03daf Fix LostControllerTest 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-09 15:51:13 +02:00
Roeland Jago Douma 3bd104ef7c Fix LoginController 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-09 15:12:02 +02:00
Morris Jobke 84c22fdeef Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call 
Add metadata to \OCP\AppFramework\Http\Response::throttle
 2017-08-01 14:43:47 +02:00
Roeland Jago Douma 2fae696d35 Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:17 +02:00
Lukas Reschke c25e782dd6 Fix settings/Controller/ 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-01 08:20:15 +02:00
Lukas Reschke f22ab3e665 Add metadata to \OCP\AppFramework\Http\Response::throttle 
Fixes https://github.com/nextcloud/server/issues/5891

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-27 14:17:45 +02:00
Julius Härtl 01093604d3 Add tests for public capabilties 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-06-30 11:21:15 +02:00
Lukas Reschke 2f87fb6b45 Add Clear-Site-Data header 
This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content.

See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types.

Ref https://twitter.com/mikewest/status/877149667909406723

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-06-20 19:46:10 +02:00
Lukas Reschke 26ee889fec Add tests for ClientFlowLoginController 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:08 +02:00
Joas Schilling 0828df5ed4 Disable the API endpoints as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-11 17:03:57 +02:00
Joas Schilling d418ea550b Automatic injection for CssController 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-10 09:42:40 +02:00
Joas Schilling 9c8fe82000 Automatic injection for JsController 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-10 09:42:15 +02:00
Mario Danic e4aac15a92 Update login flow redirection 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-04 19:21:22 +02:00
Georg Ehrke 60f9ed6241 add contactsmenu popover 
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
 2017-04-26 09:26:53 +02:00
Jan-Christoph Borchardt 241e397326 Merge branch 'master' into contactsmenu 
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
 2017-04-26 00:50:38 +02:00
Christoph Wurst 36cee1f386 Let apps register contact menu provider via info.xml 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-04-25 20:47:17 +02:00