averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
54,337 Commits 712 Branches 1,186 Tags
2e4cc6da17028e777dc223689f1b9964ff2a4d8f
Commit Graph

412 Commits

Author SHA1 Message Date
Roeland Jago Douma
ba648eecdf Move avatar code to Avatar Class 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-11-29 14:23:15 +01:00
Roeland Jago Douma
604596ec16 Always generate avatar 
Even if no avatar is set we should just generate the image. This to not
duplicate the code on all the clients. And only server images from the
avtar endpoint.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-11-29 14:23:15 +01:00
Arthur Schiwon
96bc03a03a don't create sorter instances when none was requested 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-11-28 13:30:51 +01:00
Mario Danic
c2cd5fc5d3 Fix flow 
Signed-off-by: Mario Danic <mario@lovelyhq.com>
 2017-11-09 00:29:34 +01:00
Julius Härtl
cd1bfea8c4 Theming: theme flow redirection page 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-11-08 14:56:32 +01:00
Morris Jobke
31c5c2a592 Change @georgehrke's email 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 20:38:59 +01:00
Morris Jobke
0eebff152a Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +01:00
Roeland Jago Douma
6ce095b166 Add 204 endpoint 
Fixes #6967

This allows clients to check for Walled Garden connections.
The endpoint just responds with a 204 (which is very unlikely with such
a connection)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-11-02 10:30:16 +01:00
Arthur Schiwon
25aad121e6 meanwhile we can have exact matches. also show those. 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-31 14:58:48 +01:00
Arthur Schiwon
ca72c0150b configurable amount of autocomplete results in comments 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-27 13:50:38 +02:00
Arthur Schiwon
fa2f03979b add search parameter to autocomplete controller 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-25 17:26:50 +02:00
Arthur Schiwon
fd6daf8d19 AutoCompletion backend 
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-10-22 14:13:32 +02:00
Joas Schilling
3119fd41ce Set the data from the template 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-10-18 15:12:03 +02:00
Joas Schilling
8b37fe7f65 Set the subject with the email template to allow theming 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-10-18 15:12:03 +02:00
Lukas Reschke
8ad17a66d6 Exclude avatar from Same-Site Cookie requirement 
Required to work with the upcoming Collabora avatar integration.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-10-11 14:41:34 +02:00
Lukas Reschke
0bccd5a0d9 Fix "Uninitialized string offset: 0 at \/media\/psf\/stable9\/lib\/private\/URLGenerator.php#224" 
The URLGenerator doesn't support `` as target for absolute URLs, we need to link to `/` thus.

Regression introduced with 46229a00f3

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-09-07 08:34:02 +02:00
Morris Jobke
504c1abee0 Fix undefined index oauthState 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-06 16:38:24 +02:00
Morris Jobke
15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name 
Set the meta data before everything
 2017-09-05 16:08:57 +02:00
Joas Schilling
6dbb64c4a2 Merge setMetaData into constructor 
This ensures that the meta data is set in the beginning

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-04 15:07:41 +02:00
Morris Jobke
30ca3b70ed Merge pull request #6196 from nextcloud/downstream-26539-2 
Handle invalid ext storage backend to keep mount point visible
 2017-09-04 14:17:28 +02:00
Morris Jobke
0326c2c54f Fix broken tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-09-04 14:17:03 +02:00
Julius Härtl
46229a00f3 Add rich link preview to the login page 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-09-02 21:39:38 +02:00
Joas Schilling
0aff1c9268 Return the user id in case of an error 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-29 11:10:30 +02:00
Morris Jobke
2bf15eda26 Merge pull request #6255 from nextcloud/email-meta-data 
Add meta information to emails for better customisation
 2017-08-26 18:53:52 +02:00
Morris Jobke
0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url 
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
 2017-08-26 18:50:52 +02:00
Christoph Wurst
6676232a56 Allow 2FA providers to specify their custom CSP 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-08-26 13:48:08 +02:00
Joas Schilling
6a130d01e7 Also for reset password 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-24 18:02:37 +02:00
Lukas Reschke
2e4cd44556 Inject \OCP\IURLGenerator to make tests work 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-18 15:32:40 +02:00
Joas Schilling
d5c6d56170 No password reset for disabled users 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-08-18 13:21:53 +02:00
Lukas Reschke
a04feff9a7 Properly allow \OCP\Authentication\IApacheBackend to specify logout URL 
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.

This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.

Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.

Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-18 12:22:44 +02:00
Morris Jobke
84c22fdeef Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call 
Add metadata to \OCP\AppFramework\Http\Response::throttle
 2017-08-01 14:43:47 +02:00
Roeland Jago Douma
75771a108b Fix OCSController 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:15 +02:00
Roeland Jago Douma
e945f2bc3a Fix ContactsMenuController 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:15 +02:00
Roeland Jago Douma
aa6d8fcdbf Fix AvatarController 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-01 08:20:15 +02:00
Lukas Reschke
f22ab3e665 Add metadata to \OCP\AppFramework\Http\Response::throttle 
Fixes https://github.com/nextcloud/server/issues/5891

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-07-27 14:17:45 +02:00
Morris Jobke
188b87e03b Cleanup legacy user class from unused methods 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-07-24 12:17:53 +02:00
Julius Härtl
51a0741005 Add public capabilities API 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2017-06-30 11:08:04 +02:00
Lukas Reschke
2f87fb6b45 Add Clear-Site-Data header 
This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content.

See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types.

Ref https://twitter.com/mikewest/status/877149667909406723

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-06-20 19:46:10 +02:00
Lukas Reschke
26ee889fec Add tests for ClientFlowLoginController 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:08 +02:00
Lukas Reschke
b07a0f51ba Add OAuth state to session 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:08 +02:00
Bjoern Schiessle
23b296b66e use name of oauth app to identify auth token 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-05-18 20:49:07 +02:00
Bjoern Schiessle
a74d67b69c show error page if no valid client identifier is given and if it is not a API request 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-05-18 20:49:06 +02:00
Lukas Reschke
e86749121c Remove special characters 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:05 +02:00
Lukas Reschke
5f71805c35 Add basic implementation for OAuth 2.0 Authorization Code Flow 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:03 +02:00
Joas Schilling
0828df5ed4 Disable the API endpoints as well 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-11 17:03:57 +02:00
Ujjwal Bhardwaj
7c23414eef Disable reset password link. Issue: #27440 2017-05-11 10:27:33 +02:00
Joas Schilling
d418ea550b Automatic injection for CssController 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-10 09:42:40 +02:00
Joas Schilling
9c8fe82000 Automatic injection for JsController 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-10 09:42:15 +02:00
Mario Danic
e4aac15a92 Update login flow redirection 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-04 19:21:22 +02:00
Morris Jobke
23cc309606 Handle more error cases 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-05-02 13:43:48 +02:00