averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
53,128 Commits 712 Branches 1,186 Tags
eea282ccc0d9dfae2d321efddce99cdb18158338
Commit Graph

267 Commits

Author SHA1 Message Date
Christoph Wurst
28f8eb5dba Add visibility to all constants 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 16:54:27 +02:00
Christoph Wurst
caff1023ea Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +02:00
Christoph Wurst
14c996d982 Use elseif instead of else if 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 10:35:09 +02:00
Christoph Wurst
44577e4345 Remove trailing and in between spaces 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 16:07:47 +02:00
Christoph Wurst
afbd9c4e6e Unify function spacing to PSR2 recommendation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 13:54:22 +02:00
Christoph Wurst
2a529e453a Use a blank line after the opening tag 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:50:14 +02:00
Christoph Wurst
41b5e5923a Use exactly one empty line after the namespace declaration 
For PSR2

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:48:10 +02:00
Christoph Wurst
2fbad1ed72 Fix (array) indent style to always use one tab 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 10:16:08 +02:00
Roeland Jago Douma
53db05a1f6 Start with webauthn 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2020-03-31 22:17:07 +02:00
Christoph Wurst
463b388589 Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports 
Remove unused imports
 2020-03-27 17:14:08 +01:00
Christoph Wurst
b80ebc9674 Use the short array syntax, everywhere 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-26 16:34:56 +01:00
Christoph Wurst
2ee65f177e Use the shorter phpunit syntax for mocked return values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:21:27 +01:00
Christoph Wurst
74936c49ea Remove unused imports 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:08:08 +01:00
Daniel Kesselberg
68148f4073 Always use status 200 for avatar response 
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2020-03-01 00:42:24 +01:00
Roeland Jago Douma
52e4ecd66e Merge pull request #18644 from nextcloud/harden/csrf_endpoint 
Only allow requesting new CSRF tokens if it passes the SameSite Cooki…
 2020-01-07 13:43:46 +01:00
Kim Brose
9c5fe8fca4 Fix CI 
Signed-off-by: Kim Brose <kim.brose@rwth-aachen.de>
 2020-01-03 18:06:59 +01:00
Roeland Jago Douma
da81b71f93 Only allow requesting new CSRF tokens if it passes the SameSite Cookie test 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-01-03 13:12:03 +01:00
Roeland Jago Douma
87104ce510 Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config 
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
 2019-12-12 21:59:42 +01:00
Daniel Kesselberg
48a130c2a8 Fix: Using assertContains() with string haystacks is deprecated and will not be supported in PHPUnit 9. 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-12-08 22:33:17 +01:00
Joas Schilling
738e6bf079 Merge pull request #17715 from nextcloud/fix/5456/respect_avatar_privacy 
Honor avatar visibility settings
 2019-12-04 10:28:45 +01:00
Daniel Kesselberg
9378a6b411 Send Clear-Site-Data expect for Chrome 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-11-30 15:17:22 +01:00
Roeland Jago Douma
3a7cf40aaa Mode to modern phpunit 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 15:27:18 +01:00
Roeland Jago Douma
ef4b59d341 More fixes 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:42 +01:00
Roeland Jago Douma
c007ca624f Make phpunit8 compatible 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:41 +01:00
Roeland Jago Douma
68748d4f85 Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +01:00
Roeland Jago Douma
54eb27dab2 Update tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-13 20:43:20 +01:00
RussellAult
19791b2460 Check getRedirectUri() for queries 
Resolves Issue #17885

Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.

Signed-off-by: RussellAult <russellault@users.noreply.github.com>
 2019-11-13 14:05:03 +01:00
Roeland Jago Douma
2cf068463f Harden middleware check 
These annotations will allow for extra checks. And thus make it harder
to break things.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-10-25 15:44:37 +02:00
Roeland Jago Douma
a02a626606 Merge pull request #17411 from kinolaev/fix-oauth2-redirect 
Fix oauth client redirect
 2019-10-07 12:03:52 +02:00
Sergej Nikolaev
1b5d85a4ca fix oauth client redirect 
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
 2019-10-04 21:09:13 +03:00
Tim Terhorst
2ad33bc06e Add Fatal logging option 
Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
 2019-10-02 21:18:29 -05:00
Christoph Wurst
de6940352a Move settings to an app 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2019-09-28 09:39:28 +00:00
Daniel Kesselberg
9c4c5ee818 Add test case for existing user with token null 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-08-18 23:27:03 +02:00
Daniel Kesselberg
7f7c6e49b6 Return the disabled user mock instead of the existing 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-08-18 23:18:39 +02:00
Roeland Jago Douma
6dc179ee12 Fix login flow form actions 
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-08-11 19:53:49 +02:00
Roeland Jago Douma
436f7b92d5 Merge pull request #16544 from nextcloud/bugfix/16540 
Add missing password reset page to vue
 2019-07-31 11:02:20 +02:00
Julius Härtl
3b0d13944a Move actual password reset to vue 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2019-07-31 09:19:07 +02:00
Roeland Jago Douma
b6dd2ebd39 Use proper exception in lostController 
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.

This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-27 20:12:16 +02:00
Morris Jobke
5c21b29d7f Merge pull request #16308 from nextcloud/fix/undefined-offset-0 
Prevent undefined offset 0 in findByUserIdOrMail
 2019-07-10 12:16:36 +02:00
Daniel Kesselberg
d57540ac84 Return first value from $users 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-07-09 19:29:14 +02:00
Daniel Kesselberg
6235a66aac Don't send executionContexts for Clear-Site-Data 
There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59

Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034

Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2019-07-09 15:08:25 +02:00
Julius Härtl
d5805df6c2 Fix subscription tests 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2019-06-17 16:36:24 +02:00
Christoph Wurst
64c4bb5bce Vueify the login page 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-29 11:05:16 +02:00
Ruben Homs
98047e8c1c Stop decryption when maintenance mode is enabled, fixes #8311 
Signed-off-by: Ruben Homs <ruben@homs.codes>
 2019-05-21 09:24:50 +02:00
Roeland Jago Douma
f03eb7ec3c Remote wipe support 
This allows a user to mark a token for remote wipe.
Clients that support this can then wipe the device properly.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-20 20:50:27 +02:00
Roeland Jago Douma
528eb1b223 Merge pull request #15304 from nextcloud/enh/2fa_setup_at_login 
2FA setup during login
 2019-05-17 11:04:42 +02:00
Roeland Jago Douma
579162d7b9 Allow 2FA to be setup on first login 
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-17 10:11:53 +02:00
Roeland Jago Douma
2dcb4cfbd6 Allow clients to delete their own apptoken 
Fixes #15480

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-05-17 09:52:06 +02:00
Christoph Wurst
170582d4f5 Add a login chain to reduce the complexity of LoginController::tryLogin 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-07 18:04:36 +02:00
Morris Jobke
5b4155bd12 Make appstore app:enable test more robust by using only shipped apps 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-03-14 13:39:20 +01:00