averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
60,040 Commits 712 Branches 1,186 Tags
f432dd2e2ea9fe4e7c19d5ea9d60481e662a0367
Commit Graph

463 Commits

Author SHA1 Message Date
Julius Härtl
d68f028251 Merge pull request #27733 from PhrozenByte/enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-10-05 13:06:59 +02:00
Pytal
3a94d7c2ea Merge pull request #28794 from nextcloud/fix/noid/guest-activation-pwd-reset-disabled 
allow using of disabled password reset mechanism for special cases
 2021-09-14 18:29:10 -07:00
Arthur Schiwon
a843d3c5db allow using of disabled password reset mechanism for special cases 
- LostController has three endpoints
- door opener email() still rejects
- resetform(), reachable from mail, checks the token first and may report
  that password reset is disabled
- setPassword() got its check removed as it is behind CSFR anyway and still
  requires a valid token
- this allows special cases like activating a freshly created guest account

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-10 22:48:16 +02:00
Arthur Schiwon
6857136f06 fixes missing prefix to validate password reset token 
- also fixes the test which missed asserting the presence of it

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-10 19:06:50 +02:00
Arthur Schiwon
a20de15b43 add a job to clean up expired verification tokens 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:35 +02:00
Arthur Schiwon
19cc757531 move verification token logic out of lost password controller 
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:29 +02:00
Lukas Reschke
2994dbe215 Fix codestyle 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 10:53:01 +00:00
Lukas Reschke
dd054b2ee8 Check if SVG path is valid 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2021-09-06 10:46:12 +00:00
Christoph Wurst
4b0e18ae1b Merge pull request #27294 from pjft/patch-2 
Update TwoFactorChallengeController.php
 2021-08-19 12:40:40 +02:00
Jonas Meurer
7c76e85dde Use IURLGenerator function to get value of \OC::$WEBROOT global 
Signed-off-by: Jonas Meurer <jonas@freesources.org>
 2021-08-16 10:56:47 +02:00
Jonas Meurer
5f5bacde8f UnifiedSearchController: strip webroot from URL before finding a route 
This should fix route matching in UnifiedSearchController on setups with
Nextcloud in a subfolder (webroot).

Fixes: #24144
Signed-off-by: Jonas Meurer <jonas@freesources.org>
 2021-08-16 10:56:25 +02:00
Daniel Rudolf
4d7430949a Remove usage of \OC_Util::getDefaultPageUrl() and \OC_Util::redirectToDefaultPage() 
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-08-04 19:02:57 +02:00
Daniel Rudolf
aa455e71d9 Merge branch 'master' into enhancement/noid/IURLGenerator-linkToDefaultPageUrl 2021-08-04 18:52:55 +02:00
Daniel Rudolf
e478db9161 Deprecate RedirectToDefaultAppResponse 
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-07-01 15:13:08 +02:00
Gary Kim
b78f3a57d1 Migrate HintException to OCP 
Signed-off-by: Gary Kim <gary@garykim.dev>
 2021-06-30 15:28:02 -04:00
Daniel Rudolf
12059eb65b Add IUrlGenerator::linkToDefaultPageUrl() 
Replaces the deprecated \OC_Util::getDefaultPageUrl() and makes this API public.

Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
 2021-06-30 16:20:57 +02:00
pjft
b1086e25bb Add logging to 2FA failure 
For security reasons, we may want to monitor failures of 2FA challenges in order to ban attackers who might try to access compromised accounts but are stopped by the 2FA challenge.
Right now, the only hindrance is rate-limiting, but it's probably not enough.
Added dependency injection.

Signed-off-by: pjft <paulo.j.tavares@gmail.com>
 2021-06-21 20:43:12 +01:00
Julius Härtl
c0474ba364 Use product name in places where it is appropriate rather than the instance name 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-06-16 11:42:53 +02:00
Morris Jobke
2ae60b42ab Merge pull request #26494 from rigrig/fix-php8-deprecations 
Fix some php 8 warnings
 2021-06-07 23:30:59 +02:00
John Molakvoæ (skjnldsv)
215aef3cbd Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +02:00
Richard de Boer
f23d057ad9 Fix functions taking optional parameters before required ones 
PHP 8 shows deprecation warnings about this, see #25806
Removes the "default" values, as they actually are required parameters anyway.

Signed-off-by: Richard de Boer <git@tubul.net>
 2021-05-29 14:14:52 +02:00
Joas Schilling
69290781ff Handle device login like an alternative login 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-04-20 09:11:33 +02:00
Roeland Jago Douma
b43e21d186 Merge pull request #26401 from nextcloud/enh/handle-avatar-upload-errors 
Show informative errors on avatar upload error
 2021-04-08 16:12:36 +02:00
Robin Appelman
c232a40bdf remove leftover debug @NoCSRFRequired introduced with #26198 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-04-01 13:51:53 +02:00
Julien Veyssier
7b69897474 show informative errors in log and UI on avatar upload error in user settings 
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
 2021-04-01 11:55:13 +02:00
Robin Appelman
b38618c813 use node search api for legacy file search endpoint 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-03-19 16:08:01 +01:00
Roeland Jago Douma
4076dfb019 Allow admins to disable the login form 
In case they want to not allow this because they use SSO (and do not
want the users to enter their credentials there by accident).

?direct=1 still works.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-03-08 15:36:47 +01:00
Christoph Wurst
7be2ce82e7 Merge pull request #25544 from nextcloud/refactor/app-password-created-event 
Move app_password_created to a typed event
 2021-03-02 08:18:59 +01:00
Christoph Wurst
5026d2cca1 Merge pull request #25086 from nextcloud/dependabot/composer/nextcloud/coding-standard-0.5.0 
Bump nextcloud/coding-standard from 0.3.0 to 0.5.0
 2021-02-18 14:05:54 +01:00
dependabot-preview[bot]
eb502c02ff Bump nextcloud/coding-standard from 0.3.0 to 0.5.0 
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-02-18 13:31:24 +01:00
Joas Schilling
6ed4aaeeea Send emails on password reset to the displayname 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-02-18 12:38:43 +01:00
Joas Schilling
83755b7b02 Make new result parts optional 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-02-12 16:21:47 +01:00
Christoph Wurst
f8808e260d Move app_password_created to a typed event 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2021-02-09 18:49:35 +01:00
Julius Härtl
d7a80293ab Keep direct login active when redirecting 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2021-02-01 14:25:56 +01:00
Roeland Jago Douma
f57b93098b Do not redirect to logout after login 
This can happen when the session was killed due to a timeout. Then
logout was triggered. Nobody wants to login only to be logged out again.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2021-01-15 09:35:51 +01:00
Christoph Wurst
9ce3ea3368 Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-30 14:07:05 +01:00
Christoph Wurst
f37e150d1c Merge pull request #24702 from nextcloud/enhancement/well-known-handler-api 
Add well known handlers API
 2020-12-18 13:34:04 +01:00
Christoph Wurst
d89a75be0b Update all license headers for Nextcloud 21 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 18:48:22 +01:00
Christoph Wurst
6995223b1e Add well known handlers API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-12-16 13:13:05 +01:00
Julius Härtl
df769c025a Do not load nonexisting setup.js 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2020-12-07 07:39:25 +01:00
John Molakvoæ (skjnldsv)
e7f5516b4d Init vue comments tab 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2020-10-20 13:58:06 +02:00
Christoph Wurst
d9015a8c94 Format code to a single space around binary operators 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-05 20:25:24 +02:00
Joas Schilling
a8d9b22beb Add an ETag for the search providers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-15 09:19:53 +02:00
Morris Jobke
22ff60e088 Merge pull request #22564 from nextcloud/bugfix/noid/show-avatars-again 
The privacy setting is only about syncing to other servers
 2020-09-09 17:35:13 +02:00
Joas Schilling
c2bef528ef Remove unused members and imports 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-08 10:45:35 +02:00
Joas Schilling
fea294bb29 Move unified search to OCS api 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-07 11:06:46 +02:00
Joas Schilling
a4b2403e29 The privacy setting is only about syncing to other servers 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-09-03 15:46:21 +02:00
Christoph Wurst
2a054e6c04 Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +02:00
Joas Schilling
ea8f68bea6 Hand in the route and the parameters of the request 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
 2020-08-05 12:52:16 +00:00
John Molakvoæ (skjnldsv)
d98f7c1bd8 Make apps handle the order logic 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2020-08-05 11:37:45 +02:00