Commit Graph

806 Commits

Author SHA1 Message Date
Benjamin Gaussorgues e75f468029 Merge pull request #58142 from nextcloud/backport/58059/stable32 2026-02-20 16:24:30 +01:00
Salvatore Martire b6e18bf28a fix: add X-User-Id header to logout response before clearing the user session
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
2026-02-06 17:18:33 +00:00
Marcel Klehr d379130a05 fix(TextToImage): Refactor scheduling mechanism 2026-02-05 14:55:04 +00:00
Maxence Lange 367e4e1cc9 fix(team-manager): team is already teamid
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2026-01-06 15:01:39 +00:00
Côme Chilliet b51c1d7f8d feat(login): Add rememberme checkbox
Only present if allowed by configuration.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2025-11-17 13:03:56 +01:00
Maxence Lange 166f43a80f Merge pull request #55762 from nextcloud/backport/54953/stable32
[stable32] fix(team-api): get all teams details in a single request
2025-11-12 20:25:30 -01:00
Julien Veyssier d18ff2f677 fix(ai-apis): reject text inputs that are longer than 64K chars
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2025-11-11 08:09:51 +00:00
Maxence Lange 83badb3427 fix(team-api): get all teams details in a single request
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2025-11-10 16:55:55 -01:00
provokateurin c5b04713c4 fix(core): Fix TeamsApiController typing
Signed-off-by: provokateurin <kate@provokateurin.de>
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2025-11-10 16:55:55 -01:00
Luka Trovic 3c70211671 fix: translation on /unsupported screen
Signed-off-by: Luka Trovic <luka@nextcloud.com>
2025-10-21 06:35:16 +00:00
Andy Scherzinger a4df2f5770 Merge pull request #55775 from nextcloud/backport/55732/stable32
[stable32] fix(TextProcessingApiController): Set better attribute on routes
2025-10-16 10:00:04 +02:00
Marcel Klehr 9af79f2ea1 fix(TextToImage): Set better attribute for routes
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2025-10-15 11:08:19 +00:00
Marcel Klehr 8610d6f1a8 fix(TextProcessingApiController): Set better attribute on routes
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2025-10-15 07:32:33 +00:00
nfebe 14b047b921 fix(unified-search): Remove hard-coded search result limit
A change added in https://github.com/nextcloud/server/pull/45317 introduced
a hard stop (25) that prevents full search results from showing up.

If there are more than 25 search results for a query only 25 can be seen.

So two main issues:

- Only 25 results can be seen in total no matter what.
- Breaks web client pagination, which typically adds 5 results per request.

Signed-off-by: nfebe <fenn25.fn@gmail.com>
2025-10-06 08:52:51 +00:00
Louis Chemineau f320c19c85 feat(unified-search): Use existing min search length config
This setting existed already for the legacy unified search.
This commit expose that setting to the new front-end, and
also ignore non valid requests in the backend.

We also take the opportunity to register the config in the lexicon.

Signed-off-by: Louis Chemineau <louis@chmn.me>
2025-09-29 10:55:51 +02:00
provokateurin 4c9b04ed26 fix(core): Stop abusing the cache for avatar upload
Signed-off-by: provokateurin <kate@provokateurin.de>
2025-09-26 19:11:30 +02:00
Christoph Wurst 90d2f6f659 fix(auth): allow access to dynamic js files during 2FA
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2025-09-10 23:51:41 +02:00
Joas Schilling 3df6d90a4c Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-08-28 17:11:31 +02:00
John Molakvoæ d785bcdc6e Merge pull request #53920 from nextcloud/revert-53918-revert-53141-perf/files/setup-fs-basic-auth-request 2025-08-28 14:12:57 +02:00
Marcel Klehr 310cd23a6a fix(TaskProcessingApiController): Don't allow anonymous access anymore
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2025-08-28 11:46:37 +02:00
provokateurin 5057d5fcc5 fix(core): Stop abusing the cache for avatar upload
Signed-off-by: provokateurin <kate@provokateurin.de>
2025-08-28 09:28:11 +00:00
Maxence Lange fa60488ee7 feat(ocm): split ocm discovery and capacities
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2025-08-20 11:57:01 -01:00
Ferdinand Thiessen 4b2fcac882 fix: also add version to OC.config during setup
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2025-08-19 16:01:30 +00:00
Daniel 64c52006dd Merge pull request #54272 from nextcloud/enh/noid/taskprocessing-task-add-cleanup-flag
feat(taskprocessing): add cleanup flag to tasks
2025-08-15 09:48:47 +02:00
Maxence Lange cb84ccc57d feat(preset): share password protection
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2025-08-12 14:37:32 -01:00
Julien Veyssier e6adbd921e feat(taskprocessing): generate OpenAPI specs, fix lint issue, fix tests
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2025-08-07 15:12:21 +02:00
Julien Veyssier 8c52b6c0fe feat(taskprocessing): add cleanup flag to tasks to decide if they should be cleaned up automatically
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2025-08-07 15:12:21 +02:00
Marcel Klehr e2449bca6f fix(TaskProcessingApiController): Improve error handling
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2025-07-22 11:21:17 +02:00
John Molakvoæ 2b50d9b2c5 Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-07-11 17:07:44 +02:00
provokateurin 24f7a2e680 fix(core): Stop abusing the cache for avatar upload
Signed-off-by: provokateurin <kate@provokateurin.de>
2025-07-08 11:38:59 +02:00
Ferdinand Thiessen 5981b7eb51 chore: apply new CSFixer rules
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
2025-07-01 16:26:50 +02:00
skjnldsv 9806a9830c feat(files_sharing): allow viewing files with download disabled
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
2025-06-26 11:47:53 +02:00
Richard Steinmetz c690c6fbd2 fix: update request token on two-factor pages
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
2025-06-23 11:20:09 +02:00
Richard Steinmetz fa15cb8b87 fix: generate csrf tokens if two factor challenge is ongoing
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
2025-06-23 11:20:09 +02:00
Ferdinand Thiessen 495c364268 chore: use consistent casing for header names (required by openAPI)
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2025-06-09 19:24:26 +02:00
Kate cfeec72fff Merge pull request #53292 from nextcloud/fix/loginflow 2025-06-03 15:15:44 +02:00
Ferdinand Thiessen fa7310add9 fix: handle IDLE timeout
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2025-06-03 14:24:51 +02:00
Oleksander Piskun 90e8fa25a6 fix(TaskProcessingApiController): use StreamResponse to return the task file content
Signed-off-by: Oleksander Piskun <oleksandr2088@icloud.com>
2025-06-03 13:09:07 +03:00
Anna Larch 08f869dda9 fix: broken password reset form
Signed-off-by: Anna Larch <anna@nextcloud.com>
2025-05-26 19:22:07 +02:00
provokateurin 82fb8f8508 refactor: Extend rector to core/
Signed-off-by: provokateurin <kate@provokateurin.de>
2025-05-15 00:16:54 +02:00
Marcel Müller 1addd35b78 fix: Remove unneccesary etag check
Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
2025-04-29 23:15:50 +02:00
Stephan Orbaugh aa8c0a68cb Merge pull request #50650 from IONOS-Productivity/feat/login_flow_v2-user_agents-allow-list
feat(login-flow-v2): Restrict allowed apps by user agent check
2025-04-24 10:12:19 +02:00
Joas Schilling 9ed33cf6aa feat(profile): Add an API to get the profile field data
Signed-off-by: Joas Schilling <coding@schilljs.com>
2025-04-23 12:38:18 +02:00
Misha M.-Kupriyanov d1a94f3c9c feat(login-flow-v2): Restrict allowed apps by user agent check
Enable via:
./occ config:system:set core.login_flow_v2.allowed_user_agents 0  --value '/Custom Foo Client/i'
./occ config:system:set core.login_flow_v2.allowed_user_agents 1  --value '/Custom Bar Client/i'

if user agent string is unknown
the template with "Access forbidden"-"Please use original client" will be displayed

Signed-off-by: Misha M.-Kupriyanov <kupriyanov@strato.de>
2025-04-23 09:45:23 +02:00
Richard Steinmetz 246da73a36 fix(oauth2): retain support for legacy ownCloud clients
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
2025-04-01 11:25:52 +02:00
skjnldsv 0179cb4d8d feat(core): add setup cypress tests
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
2025-03-13 20:51:00 +01:00
skjnldsv cc12719df5 feat(core): migrate setup to vue
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
2025-03-13 16:00:18 +01:00
Côme Chilliet 71dc34c03c fix: Deprecate OC_Template, add proper template manager instead
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2025-03-06 15:49:25 +01:00
Louis Chemineau c6293204a2 feat: Close sessions created for login flow v2
Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser.

This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request.

Signed-off-by: Louis Chemineau <louis@chmn.me>
2025-02-26 13:42:18 +01:00
Côme Chilliet e757b649b7 fix: Fix psalm taint false-positives by small refactorings
Mostly make it clear that we trust admin input or that we correctly
 escape strings.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2025-02-17 18:08:23 +01:00