Commit Graph

247 Commits

Author SHA1 Message Date
John Molakvoæ 3c6253f965 Remove old legacy SvgController and IconsCacher
Signed-off-by: John Molakvoæ <skjnldsv@protonmail.com>
2022-05-10 23:24:07 +02:00
Louis Chemineau 8a2cf5bb68 Do not dispatch postSetPassword when setPassword fails
Also Improve error message when setPassword fails

Signed-off-by: Louis Chemineau <louis@chmn.me>
2022-05-05 17:21:23 +02:00
Joas Schilling 6e4d721278 Expose shareWithDisplayNameUnique also on autocomplete endpoint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-05-03 12:51:23 +02:00
Vincent Petry 80388663af Add direct arg to login flow
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
Co-Authored-by: Carl Schwan <carl@carlschwan.eu>
2022-03-28 10:28:45 +02:00
Joas Schilling 6dd60b6d30 Only allow avatars in 64 and 512 pixel size
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-02-07 16:47:51 +01:00
Julius Härtl 61dd1d3d97 Pass username prefill through unauthenticated request redirects
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-12-29 11:52:31 +01:00
Côme Chilliet 8b271b8a12 Fix tests and avoid PHP errors in them
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2021-11-23 09:29:01 +01:00
Joas Schilling f8463e1fc6 Fix missing import of ILogger
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-11-02 16:47:16 +01:00
Vitor Mattos d613b32045 add check isFairUseOfFreePushService on login
Signed-off-by: Vitor Mattos <vitor@php.rio>
2021-10-23 00:54:50 +02:00
Julius Härtl d68f028251 Merge pull request #27733 from PhrozenByte/enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-10-05 13:06:59 +02:00
Arthur Schiwon 6857136f06 fixes missing prefix to validate password reset token
- also fixes the test which missed asserting the presence of it

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-09-10 19:06:50 +02:00
Arthur Schiwon 19cc757531 move verification token logic out of lost password controller
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-09-09 14:03:29 +02:00
Lukas Reschke 19ad636373 Resolve absolute path in tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-09-06 21:26:27 +02:00
Christoph Wurst 4b0e18ae1b Merge pull request #27294 from pjft/patch-2
Update TwoFactorChallengeController.php
2021-08-19 12:40:40 +02:00
Daniel Rudolf aa455e71d9 Merge branch 'master' into enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-08-04 18:52:55 +02:00
Daniel Rudolf e478db9161 Deprecate RedirectToDefaultAppResponse
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2021-07-01 15:13:08 +02:00
Gary Kim b78f3a57d1 Migrate HintException to OCP
Signed-off-by: Gary Kim <gary@garykim.dev>
2021-06-30 15:28:02 -04:00
Daniel Rudolf 0df68f0697 Remove unused imports
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2021-06-30 16:48:22 +02:00
Daniel Rudolf 12059eb65b Add IUrlGenerator::linkToDefaultPageUrl()
Replaces the deprecated \OC_Util::getDefaultPageUrl() and makes this API public.

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
2021-06-30 16:20:57 +02:00
pjft b1086e25bb Add logging to 2FA failure
For security reasons, we may want to monitor failures of 2FA challenges in order to ban attackers who might try to access compromised accounts but are stopped by the 2FA challenge.
Right now, the only hindrance is rate-limiting, but it's probably not enough.
Added dependency injection.

Signed-off-by: pjft <paulo.j.tavares@gmail.com>
2021-06-21 20:43:12 +01:00
Vincent Petry 95e03fba2d Fix more controller tests in Core subdir
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-24 09:02:19 +01:00
Vincent Petry 9b8ca1697a Fix more tests in the Core subdir
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-24 08:48:28 +01:00
Christoph Wurst 5026d2cca1 Merge pull request #25086 from nextcloud/dependabot/composer/nextcloud/coding-standard-0.5.0
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0
2021-02-18 14:05:54 +01:00
dependabot-preview[bot] eb502c02ff Bump nextcloud/coding-standard from 0.3.0 to 0.5.0
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-02-18 13:31:24 +01:00
Joas Schilling 6ed4aaeeea Send emails on password reset to the displayname
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-02-18 12:38:43 +01:00
Christoph Wurst 6995223b1e Add well known handlers API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-12-16 13:13:05 +01:00
Christoph Wurst d9015a8c94 Format code to a single space around binary operators
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-05 20:25:24 +02:00
Joas Schilling c2bef528ef Remove unused members and imports
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-08 10:45:35 +02:00
Joas Schilling a4b2403e29 The privacy setting is only about syncing to other servers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-09-03 15:46:21 +02:00
Morris Jobke 234b510652 Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPUnit\Framework\MockObject\MockObject
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-12 13:55:19 +02:00
Joas Schilling 35c6b1236f Move AutoComplete::filterResults to new event dispatcher and GenericEvent
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-07-01 09:57:33 +02:00
Arthur Schiwon 653162a709 use the loginname to verify the old password in user password changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-26 16:53:25 +02:00
Daniel Kesselberg df669a2936 Set etag for capabilities endpoint
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-04-29 15:26:46 +02:00
Daniel Kesselberg 72a16b1779 Make it possible to resolve svg for apps_paths outside the document root
Previous implementation assumes the app path is always a child \OC::$SERVERROOT. That's not always true.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-04-24 16:19:10 +02:00
Roeland Jago Douma 95ad9ab4ac Merge pull request #20401 from nextcloud/fix/login-sso-redirct
Fix absolute redirect
2020-04-15 11:28:40 +02:00
Christoph Wurst 28f8eb5dba Add visibility to all constants
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:54:27 +02:00
Christoph Wurst caff1023ea Format control structures, classes, methods and function
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +02:00
John Molakvoæ (skjnldsv) 6c49dc2d1f Fix absolute redirect
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-04-10 08:58:54 +02:00
Christoph Wurst 44577e4345 Remove trailing and in between spaces
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 16:07:47 +02:00
Christoph Wurst afbd9c4e6e Unify function spacing to PSR2 recommendation
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 13:54:22 +02:00
Christoph Wurst 2a529e453a Use a blank line after the opening tag
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 11:50:14 +02:00
Christoph Wurst 2fbad1ed72 Fix (array) indent style to always use one tab
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 10:16:08 +02:00
Roeland Jago Douma 53db05a1f6 Start with webauthn
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-31 22:17:07 +02:00
Christoph Wurst 463b388589 Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports
Remove unused imports
2020-03-27 17:14:08 +01:00
Christoph Wurst b80ebc9674 Use the short array syntax, everywhere
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-26 16:34:56 +01:00
Christoph Wurst 2ee65f177e Use the shorter phpunit syntax for mocked return values
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:21:27 +01:00
Christoph Wurst 74936c49ea Remove unused imports
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:08:08 +01:00
Daniel Kesselberg 68148f4073 Always use status 200 for avatar response
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-01 00:42:24 +01:00
Roeland Jago Douma da81b71f93 Only allow requesting new CSRF tokens if it passes the SameSite Cookie test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-03 13:12:03 +01:00
Roeland Jago Douma 87104ce510 Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
2019-12-12 21:59:42 +01:00