averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
79,563 Commits 712 Branches 1,186 Tags
71759bf856f5b419ee248729bbbba0b5fb80dc87
Commit Graph

1181 Commits

Author SHA1 Message Date
Stephan Orbaugh
3bc3d03048 Merge pull request #51000 from nextcloud/fix/federatedfilesharing/group-cleanup 
fix(FederatedShareProvider): Delete external shares when groups are deleted or users removed from a group
 2025-03-03 16:29:10 +01:00
provokateurin
dd47daa4a8 fix(Share20): Convert broken hooks to IEventListener 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-03-03 12:49:01 +01:00
DaleBCooper
e1e0b68feb Fix A+ rating when checking with Nextcloud Security Scan. 
Due to commit 33d7019 session.cookie_secure=true is not set when accessing /status.php.
This results in a degration from A+ to A rating due to missing  __Host prefix for nc_sameSiteCookielax and nc_sameSiteCookiestrict cookies.
 2025-03-02 11:33:13 +00:00
Côme Chilliet
34139987d6 fix: Replace OC_App calls by IAppManager 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-02-24 17:48:34 +01:00
Julius Knorr
8c69bf1219 Merge pull request #48738 from nextcloud/perf/log-high-memory-requests 
perf: Log requests using high amount of memory as warning
 2025-02-13 19:50:32 +01:00
Julius Knorr
d31bc88a23 perf: Log requests using high amount of memory as warning 
Signed-off-by: Julius Knorr <jus@bitgrid.net>
 2025-02-13 13:43:10 +01:00
Côme Chilliet
a3685551f7 fix: Replace isInstalled calls with isEnabledForAnyone or isEnabledForUser 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-02-13 10:19:19 +01:00
Côme Chilliet
b45bc2a462 fix: Use the new countUsersTotal method where it makes sense 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-14 12:38:02 +01:00
Git'Fellow
33d7019f58 fix(status): Avoid session creation for status requests 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2024-11-21 15:00:24 +01:00
Ferdinand Thiessen
0cd626a059 fix: Do not check for strict cookie when running webcron 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-11-07 16:34:10 +01:00
Julius Knorr
606241caeb chore(legacy): Introduce public version ct plass and drop version methods from OC_Util 
Signed-off-by: Julius Knorr <jus@bitgrid.net>
 2024-09-20 14:53:34 +02:00
provokateurin
9836e9b164 chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +02:00
Ferdinand Thiessen
9e979d42b4 fix(setup-checks): Ensure URL with webroot works 
We basically mock the way `URLGenerator::getAbsoluteURL` works,
so we must make sure that the URL might already contain the webroot.
Because `baseURL` and `cliURL` also contain the webroot we need to remove
the webroot from the URL first.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Daniel <mail@danielkesselberg.de>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-13 13:06:24 +02:00
Maxence Lange
9100b8757e fix(setup): ignore long session login during installation 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2024-08-27 12:29:42 -01:00
Daniel Kesselberg
af6de04e9e style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +02:00
Josh Richards
8032b6ac63 (base) Give a hint in web interface if SimpleXML (php-xml) is missing 
Fixes #2180
And prevents #31473, #23970, #18610, #15708

Avoids a 500 error and also gives a useful error message on the web interface if this module isn't installed, gets overlooked during a PHP upgrade, etc.

While we check for it later, it's too late for session.

Inspired by #17163

Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
 2024-08-16 11:06:21 +02:00
Christoph Wurst
2b38d6ae7e fix(session): Log when session_* calls are slow 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-07 09:02:10 +02:00
Côme Chilliet
5b9966feba fix(occ): Use the const instead of hardcoded string for --debug-log option 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-07-08 16:09:39 +02:00
Côme Chilliet
9baf8fea8c fix(occ): Move debug log listener setup to a static method, add option for level 
Also changed option from --debug to --debug-log to avoid conflicts

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-07-02 16:02:44 +02:00
Côme Chilliet
2ba0819243 feat(occ): Add a --debug option to output all log levels to the output 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-07-02 15:03:18 +02:00
Andy Scherzinger
dae7c159f7 chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +02:00
Daniel Kesselberg
fedc80d4ea chore: remove unnecessary ini_set 
Changing gc_maxlifetime cannot have any effect because this configuration option does not exist. There is a configuration option named session.gc_maxlifetime.

I removed the ini_set call because autoconfiguring is error-prone, and the current code could never have worked as intended.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-04-30 12:45:25 +02:00
Côme Chilliet
b7acecd006 fix: Fix default values for ini var in lib/base.php 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-30 09:23:59 +02:00
Côme Chilliet
f2c36a55fe fix: Remove unused endpoint from base.php 
It’s not called anymore, and app loading cannot break boot anymore

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-03-06 00:05:15 +01:00
MichaIng
7b137ddd75 feat(updater): hide overwrites from disabled apps list on upgrade 
If an incompatible app is enabled manually, it is added to the "app_install_overwrite" array in config.php. Nextcloud upgrades won't disable any app in this array, but they were still shown on the upgrade page and logs as being disabled.

This commit assures that only apps which are really disabled, i.e. which are not in the "app_install_overwrite" array, are shown and logged as disabled during upgrades.

Signed-off-by: MichaIng <micha@dietpi.com>
 2024-02-27 20:19:56 +01:00
Côme Chilliet
ccc66e912b fix: Use DI for Setup class and move away from deprecated methods 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-29 15:28:00 +01:00
John Molakvoæ
3214324b72 fix(l10n): invalid translation of a number 
fix https://github.com/nextcloud/server/issues/35252

Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>
 2023-10-21 11:48:46 +02:00
Joas Schilling
7998afe8b3 Talk federation authentication 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-10-09 15:44:56 +02:00
Côme Chilliet
f68d4f7300 Remove deprecated methods Util::writeLog and DIContainer::log 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-09-25 10:37:12 +02:00
Arthur Schiwon
603a659a37 fix(autoloader): no apcu no side effects 
apcu lead to side effects especially with app management and (soft)
inter-dependencies, and lead also to 500 server errors. While we could
add management to clear apcu cache in many cases (may stil leave edge
cases) the performance benefit is marginally as also class maps are
already cached in opcache. Hence, the simple and effective way to go is
to not use apcu for autoloading.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-09-08 16:55:39 +02:00
Alexander Piskun
01a11641f4 new name of AppEcosystem is AppAPI 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-09-06 16:53:53 +03:00
Joas Schilling
25309bcb45 techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
Andrey Borysenko
f7b2dc8ccc Merge branch 'master' into appecosystem-auth 2023-08-10 17:21:35 +03:00
Andrey Borysenko
d3583d3f30 Fix psalm ci (stub). Wrap server container with try-catch 
Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2023-08-02 17:40:58 +03:00
Alexander Piskun
ca76ab98bd added Application Ecosystem V2 login handler 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-08-01 14:50:59 +03:00
Joas Schilling
0c5d0c2127 fix: Migrate collaboration listener and remove legacy adapter 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-28 14:11:21 +02:00
Joas Schilling
2014e7b836 fix(apps): Fix loading info.xml file 
Ref: https://bugs.php.net/bug.php?id=62577

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-07-20 10:40:09 +02:00
Simon L
918859cafd allow to specify upgrade.cli-upgrade-link in order to link to the correct documentation 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-06-10 10:05:36 +02:00
Simon L
d293293cda Fixed bug which 'overwritewebroot' does not work with 'overwritecondaddr'. 
Signed-off-by: Takahiro Nagai <78393959+takahiro-blab@users.noreply.github.com>
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-16 11:39:39 +02:00
Simon L
84b88c01c7 adjust wording 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-09 11:19:48 +02:00
Simon L
6e5a307757 adjust wording for update hint when files of a specific app are not there 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-05-09 10:56:02 +02:00
Arthur Schiwon
bb4b34ff69 Read mtime of version.php only once 
- in most cases it would read again in \OC_Util::loadVersion anyway
- remove some unused use statements

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-04-21 14:10:47 +00:00
Arthur Schiwon
7519949f37 add the server roots and version info hash to apcu prefix 
fixes collissions when more than one instance is running on the same
system

For the memcaches we use a more complex prefix, where version and
instance ID are incorporated. We do not have this data at hand at this
point of time. But we can get the mtime of the version.php file
relatively cheap.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2023-04-21 14:10:46 +00:00
Côme Chilliet
b294edad80 Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +02:00
Christoph Wurst
a06898a2d0 fix(security)!: Use consistent HTTP status for strict cookie checks 
Before: 503/412
Now: 412 + json body explaining the error

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-17 16:06:37 +00:00
Maxence Lange
fc29b0d1b7 app type extended_authentication 
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
 2023-04-12 09:34:49 -01:00
Côme Chilliet
426c0341ff Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +02:00
Julius Härtl
c3a39cbc75 Merge pull request #37305 from nextcloud/fix/security/log-failing-strict-cookie-check 
fix(security): Log failing strict cookie check
 2023-03-21 19:05:39 +01:00
Joas Schilling
705165d3d1 fix(session): Fix DAVx5 sync problems by partial reverting session changes 
Temporary disabled the short cut again to solve issues with CalDAV/CardDAV
clients like DAVx5 that use cookies and need a session. See
https://github.com/nextcloud/server/issues/37277#issuecomment-1476366147
and the other comments for further information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-03-20 16:30:42 +01:00
Christoph Wurst
0e6fccf9e1 fix(security): Log failing strict cookie check 
The error is silent otherwise and makes it very hard to debug on a
production system.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-03-20 16:26:41 +01:00