nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-06-16 20:19:48 -04:00

Author	SHA1	Message	Date
Carl Schwan	7817845538	Add a metadata service to store file metadata Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-04-13 14:06:29 +02:00
Cyrille Bollu	c6a5c07041	Adds a "Request password" button to the public share authentication page for shares of type TYPE_EMAIL, when the "video verification" checkbox isn't checked. Users accessing non-anonymous public shares (TYPE_EMAIL shares) can now request a temporary password themselves. - Creates a migration step for the files_sharing app to add the 'password_expiration_time' attribute to the oc_shares table. - Makes share temporary passwords' expiration time configurable via a system value. - Adds a system config value to allow permanent share passwords -Fixes a typo in a comment in apps/files_sharing/src/components/SharingEntryLink.vue See https://github.com/nextcloud/server/issues/31005 Signed-off-by: Cyrille Bollu <cyrpub@bollu.be>	2022-04-11 21:58:24 +02:00
Vincent Petry	18c013d8fc	Add CSP policy merge priority for booleans When two booleans conflict when merging CSP policies, true will win. Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2022-04-01 13:56:34 +02:00
Julius Härtl	bd03dd37be	Allow to set a strict-dynamic CSP through the API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2022-03-09 15:10:27 +01:00
Carl Schwan	ac4978e715	Merge pull request #31141 from nextcloud/fix/better-cache-policy Improve caching policy use immutable when loading versionned assets	2022-02-17 16:58:35 +01:00
Christoph Wurst	cb252c5591	Add Transactional trait for atomic DB operations Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-02-17 09:58:41 +01:00
Carl Schwan	7dddbd0c35	Improve caching policy * Cache css with version in url. This makes most js and css requests to be cached by the browser * Force caching previews, the etag is in the url so that if the propfind gives a new etag, we will refresh it otherwise it's no use to try to fetch the new etag and do tons of DB queries Tested with firefox and 'debug' => false (important so that the js/css urls are generated with ?v= parameter) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-02-16 11:35:57 +01:00
Christopher Ng	e3244361ba	Allow registration of migrators Signed-off-by: Christopher Ng <chrng8@gmail.com>	2022-02-11 23:34:25 +00:00
Christoph Wurst	9a656e5b35	Move calendar resource/room backend registration to IBootstrap Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-02-07 12:51:42 +01:00
Christoph Wurst	2c356d0852	Add a Talk API for OCP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-02-04 08:53:18 +01:00
Robin Appelman	c712987878	send request id in response header Signed-off-by: Robin Appelman <robin@icewind.nl>	2022-02-01 14:24:01 +01:00
Carl Schwan	f778cbe7b9	Fix registerEventListener issues Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-01-27 11:12:45 +01:00
Christoph Wurst	3e078ffa1b	Deprecate entity slugs They are only used a single time in the whole Nextcloud Github organization. We can inline the code there and slim down the public API. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-12-14 09:50:29 +01:00
Côme Chilliet	113756db30	Fix ArrayAccess and JsonSerializable return types First round of modifications for PHP 8.1 Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:28:56 +01:00
Christoph Wurst	b193f854d1	Register missing DAV app calendar provider Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-10-28 18:33:13 +02:00
Christopher Ng	9f8eae3f50	Use more explicit naming for profile link action Signed-off-by: Christopher Ng <chrng8@gmail.com>	2021-10-25 22:20:19 +00:00
Roeland Jago Douma	8bc25e3324	Move preview provider registration to bootstrap Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-10-21 10:35:18 +02:00
Christopher Ng	309354852f	Profile backend Signed-off-by: Christopher Ng <chrng8@gmail.com>	2021-10-19 04:59:35 +00:00
Anna Larch	a58d1e6b06	Add Public Calendar Provider Signed-off-by: Anna Larch <anna@nextcloud.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-10-14 08:22:24 +02:00
Daniel Rudolf	aa455e71d9	Merge branch 'master' into enhancement/noid/IURLGenerator-linkToDefaultPageUrl	2021-08-04 18:52:55 +02:00
Carl Schwan	28970563a2	Remove some mentions of ownCloud from our api documentation Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2021-07-29 15:56:30 +02:00
Daniel Rudolf	a43de10d1e	Add RedirectToDefaultAppResponse::__construct() annotations Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:35:09 +02:00
Daniel Rudolf	e478db9161	Deprecate RedirectToDefaultAppResponse Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:13:08 +02:00
Daniel Rudolf	2c7186a15f	Remove \OC::$server->getURLGenerator() usage Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-07-01 15:12:15 +02:00
Daniel Rudolf	12059eb65b	Add IUrlGenerator::linkToDefaultPageUrl() Replaces the deprecated \OC_Util::getDefaultPageUrl() and makes this API public. Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>	2021-06-30 16:20:57 +02:00
Pytal	9ed379da22	Merge pull request #27635 from nextcloud/fix/datetime-constants Fix usage of DateTime constants	2021-06-23 09:56:28 -07:00
Christoph Wurst	6d5cfe0c66	Move DateTime::RFC2822 to DateTimeInterface::2822 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-23 15:30:43 +02:00
Lukas Reschke	25ab4059c6	Add security.txt Ref https://securitytxt.org Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-23 13:58:47 +02:00
Christoph Wurst	e49f1e4319	Phase out the controller reflector 1) PHP8 attributes will soon replace phpdoc annotations 2) Most of the class was never meant to be used by an app but internally Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-17 18:21:19 +02:00
Morris Jobke	2ae60b42ab	Merge pull request #26494 from rigrig/fix-php8-deprecations Fix some php 8 warnings	2021-06-07 23:30:59 +02:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Lukas Reschke	377514aad1	Escape filename in Content-Disposition We should escape all occurences of ' and \ in here. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-02 19:22:17 +02:00
Richard de Boer	a0d265b0b1	Fix a usort comparison function returning a boolean instead of an integer PHP 8 shows deprecation warnings about this, see #25806 Signed-off-by: Richard de Boer <git@tubul.net>	2021-05-29 14:14:52 +02:00
Anna Larch	8fcb3f33c8	Add DB exception throws tag to QBMapper PHPDoc Signed-off-by: Anna Larch <anna@nextcloud.com>	2021-05-26 15:12:41 +02:00
Morris Jobke	ed2d6eee1e	Merge pull request #26848 from nextcloud/bugfix/noid/add-datetime-support-to-qbmapper Add datetime support to QBMapper	2021-05-07 16:02:53 +02:00
Christoph Wurst	865661ed75	Rename IQueryBuilder::executeUpdate to IQueryBuilder::executeStatement Because executeUpdate wasn't a great name. And in DBAL they also use executeStatement more consistently now. Ref https://github.com/doctrine/dbal/issues/4607 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-05-05 10:31:54 +02:00
Joas Schilling	5c4c527245	Add datetime support to QBMapper Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-05-01 11:59:19 +02:00
Roeland Jago Douma	5ee9e1f784	Move 2FA registration to IBootstrap Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-04-20 21:01:16 +02:00
Roeland Jago Douma	808e589035	Allow registering NotifierServices trough IBootstrap Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-04-16 13:56:28 +02:00
Joas Schilling	25d11b5197	Fix constraint violation detection in QB Mapper Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-16 10:12:17 +02:00
Joas Schilling	02c011c4f7	Make debugging easier which header is being set Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-03-24 13:22:44 +01:00
Christoph Wurst	0d8b3baf61	Use executeQuery and executeUpdate in the QBMapper Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-03-18 15:40:18 +01:00
Roeland Jago Douma	30e096f3f5	Allow overwriting isAuthenticated * Some implementations might check for different things * IT will not change how the current ones work Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-09 09:17:30 +01:00
Roeland Jago Douma	69b26c73f3	Fix some redundant casts Happier psalm Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-08 08:51:08 +01:00
Roeland Jago Douma	cc744740b7	Remove deprecated \OCP\API Time to remove this forgood now. Remaining constant moved over The world is a tiny bit better Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-03 20:54:32 +01:00
Christoph Wurst	08d4458542	Initialize \OCP\AppFramework\Http\ZipResponse::$resources Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-17 19:59:27 +01:00
Christoph Wurst	aabd73912e	Type the service registration Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-10 09:44:24 +01:00
Julius Härtl	6c1b357973	Move TemplateProvider registration to boot context and make template type registration lazy Signed-off-by: Julius Härtl <jus@bitgrid.net>	2021-01-28 12:00:21 +01:00
Joas Schilling	b8acf2fe69	Add a hint about the direction of priority Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-01-15 08:34:24 +01:00
Christoph Wurst	9ce3ea3368	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-30 14:07:05 +01:00
Christoph Wurst	f37e150d1c	Merge pull request #24702 from nextcloud/enhancement/well-known-handler-api Add well known handlers API	2020-12-18 13:34:04 +01:00
Christoph Wurst	d89a75be0b	Update all license headers for Nextcloud 21 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 18:48:22 +01:00
Christoph Wurst	6995223b1e	Add well known handlers API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 13:13:05 +01:00
Joas Schilling	329ffa257e	Log an error when setting a custom header on "Not Modified" responses Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-12-15 11:24:15 +01:00
Thomas Citharel	71cf92697c	Update comment to reflect current CSP policy JS unsafe-eval was removed a long time ago in https://github.com/nextcloud/server/pull/11028	2020-12-12 21:11:42 +01:00
Roeland Jago Douma	1e111b2ad2	Fix DataResponse typehints We use this already in several places where we just pass strings or numbers. This all works because we just convert it to a json response in the end. So better to have the typehints reflect this. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-19 20:34:42 +01:00
Roeland Jago Douma	66013f906d	Merge pull request #24189 from nextcloud/enh/csp/frame-ancestors Set frame-ancestors to none if none are filled	2020-11-18 11:29:28 +01:00
Roeland Jago Douma	9163790b7c	Set frame-ancestors to none if none are filled frame-ancestors doesn't fall back to default-src. So when we apply a very restricted CSP we should make sure to set it to 'none' and not leave it empty. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-18 10:13:36 +01:00
Roeland Jago Douma	72a9c35be3	Remove some IRouter methods This is not the end. IRouter needs to burn. But it is a start. 🎵 we didn't start the fire 🎵 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-17 14:08:20 +01:00
Roeland Jago Douma	fa6a790859	Remove deprecated OCSResponse Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-11-01 14:12:27 +01:00
Christoph Wurst	e8e13c845c	Type the \OCP\AppFramework\Services\IInitialState::provideLazyInitialState closure with Psalm Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-28 09:04:15 +01:00
Christoph Wurst	e646d7d5a9	Add psalm types for the event dispatcher Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-15 16:23:26 +02:00
Christoph Wurst	ccfe6a9fa5	Add Psalm type for the bootstrap registration context This can potentially catch a few bugs with wrong class strings. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-12 15:16:16 +02:00
Christoph Wurst	a1b351036c	Add template typing to the QBMapper The QBMapper is kind of a generic type, though this concept does not exist in php. Hence you have a lot of type coercion in subtypes (mappers in the individual apps) because you suddenly don't expect an Entity[] but your specific type. Luckily Psalm lets us type those. Then in the subclass you can psalm-implement the mapper with a concrete type and psalm will do all the magic to ensure types are used correctly. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-12 11:10:08 +02:00
Christoph Wurst	d9015a8c94	Format code to a single space around binary operators Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-05 20:25:24 +02:00
Roeland Jago Douma	f865a3a1c2	Move initial state provider to boostrap Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-10-04 09:35:33 +02:00
Julius Härtl	8ab2422b6c	Add acutal response to BeforeTemplateRenderedEvent Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-09-24 20:00:23 +02:00
Morris Jobke	99c9423766	Remove @suppress SqlInjectionChecker Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-09-16 15:53:56 +02:00
Christoph Wurst	3bc54bfd06	Fix writing BLOBs to postgres with recent contacts interaction Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-28 14:30:33 +02:00
Roeland Jago Douma	b5e9f7e846	Merge pull request #22432 from nextcloud/enh/phpdoc Add php docs build script	2020-08-26 21:18:11 +02:00
Julius Härtl	45a474071e	Remove @package annotations from public namespace Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-26 16:59:40 +02:00
Julius Härtl	94c0ca4b8c	Remove wrongly annotated package names Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-26 12:35:27 +02:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Joas Schilling	35a8519591	Fix CS Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:36 +02:00
Joas Schilling	e66bc4a8a7	Send "429 Too Many Requests" in case of brute force protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:35 +02:00
Julius Härtl	018be662f4	Refactor API to match the widget wording Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-05 17:03:38 +02:00
Morris Jobke	0581356169	Merge pull request #22097 from nextcloud/enh/noid/empty-template Add empty renderAs template	2020-08-05 11:42:29 +02:00
Julius Härtl	b51746212e	Add base renderAs template Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-04 09:48:43 +02:00
Julius Härtl	e1b696929f	Move NotFoundResponse to a proper TemplateResponse Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-07-24 08:58:14 +02:00
Morris Jobke	7870ca0663	Use the proper IAppContainer and IServerContainer type hints to know which code runs with which container Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-21 20:44:05 +02:00
Christoph Wurst	e029055e76	Make the bootstrap context return ContainerInterface instances Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-21 20:42:24 +02:00
Morris Jobke	9ae75a3ca9	Merge pull request #21850 from nextcloud/techdebt/noid/register-alternative-logins Allow to register AlternativeLogin on RegistrationContext	2020-07-20 14:20:03 +02:00
Christoph Wurst	22ff03969e	Undeprecate IAppContainer and IServerContainer With `4152216bd8` these two interfaces got deprecated with the reasoning that we only need the base PSR interface. However, there are cases where in Nextcloud you still want to have a specific container (the one for the app vs the one for the server) when you either have a container injected or query one from a container. With a single interface that would not be possible. So it's probably better if we leave the two interfaces, but only have them extend the PSR interface. IContainer – with the custom methods – shall still be phased out, but the two other sub interfaces can stay for tagging purposes. Tagging means that no methods shall be added. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-17 10:17:18 +02:00
Joas Schilling	49970639fa	Add constants for the magic strings of template rendering Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-16 15:47:28 +02:00
Joas Schilling	0dfcc132ca	Allow to register AlternativeLogin on RegistrationContext Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-16 14:20:24 +02:00
Christoph Wurst	4152216bd8	Use PSR container interface and deprecate our own abstraction Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-16 13:35:45 +02:00
Morris Jobke	c4b53538af	Better event description for BeforeTemplateRenderedEvent in files and files_sharing Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-15 20:15:51 +02:00
Roeland Jago Douma	7d7ba61625	Add real events to load additionalscripts Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-07-15 14:07:18 +02:00
Julius Härtl	81e5593133	Move to lazy panel registration during registration context Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-07-15 09:27:57 +02:00
Roeland Jago Douma	37b2121ccf	Deprecate registerRoutes Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-07-06 15:15:20 +02:00
Christoph Wurst	4a3ea04baa	Callable parameter injection This is like what we have to DI and classes, but for callables. The motivating factor is to get rid of service locators in the `boot` method of apps as a new pattern is about to emerge where we have lots of `query` calls on the app or server container in order to fetch some services. With this little helper it's possible to call another (public) method and magically have everything injected. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-03 14:37:46 +02:00
Joas Schilling	b7060be18d	Fix robots "noindex, nofollow" signals Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-06-25 08:29:43 +02:00
Christoph Wurst	4488e846a5	Add unified search API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-24 14:20:25 +02:00
Roeland Jago Douma	fbf9772a3e	Allow to specify the cookie type for appframework responses In general it is good to set them to Lax. But also to give devs more control over them is not a bad thing. Helps with #21474 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-06-22 08:38:44 +02:00
Christoph Wurst	2b7b7144d4	Allow crash reporters registration during app bootstrap Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-19 10:38:26 +02:00
Christoph Wurst	5bc8510b3b	Load the app.php before running apps' boot method Some apps require the composer autoloader from app.php. If we run boot before including that file, classes and functions from dependencies won't be found. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-17 14:44:02 +02:00
Christoph Wurst	69571fb536	Add dedicated API for apps' bootstrapping process Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-17 09:22:21 +02:00
Roeland Jago Douma	c92c378a9c	Copy over the ETag and LastModified when formatting a Dataresponse This way the ETag checks etc are all working. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-19 09:39:51 +02:00
Roeland Jago Douma	4fbea316a7	Merge pull request #20897 from nextcloud/bugfix/httpcache Proxy server could cache http response when it is not private	2020-05-13 08:27:05 +02:00
Clement Wong	e9be3a9090	Add public argument to Http cacheFor() Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 20:24:14 +02:00
Clement Wong	401210d259	Proxy server could cache http response when it is not private Signed-off-by: Clement Wong <git@clement.hk>	2020-05-10 11:24:08 +02:00
Morris Jobke	08e78ff3b2	Fix OCPSinceChecker and php-cs Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-05-08 11:20:46 +02:00
Roeland Jago Douma	163463dea5	Add InitialState Appframework service Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-07 10:13:06 +02:00
Roeland Jago Douma	e923d7b42f	Merge pull request #20782 from nextcloud/enh/appframework/appconfig_wrapper Simple AppConfig wrapper for the AppFramework	2020-05-07 08:43:55 +02:00
Roeland Jago Douma	8a8623c569	Simple AppConfig wrapper for the AppFramework 9 out of 10 cases apps want to access their own appconfig. Hence it would be nice not to have to enter the app id all the time. This simple wrapper just passes on the appid in all calls. Basically this allows for simpler code in the apps. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-02 15:34:28 +02:00
Daniel Kesselberg	cba7219b25	PHP 7.4 excludes the arguments from stack traces by default. That leads to a false positive is not setup via query() but directly warning for every app because the check does not work anymore. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2020-04-30 17:00:56 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Joas Schilling	3f8168b6e5	Allow some apps to have root URLs in their own routing file Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-04-18 11:21:28 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +02:00
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:07:47 +02:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +02:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-08 22:24:54 +02:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +02:00
Christoph Wurst	463b388589	Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports Remove unused imports	2020-03-27 17:14:08 +01:00
Christoph Wurst	b80ebc9674	Use the short array syntax, everywhere Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-26 16:34:56 +01:00
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-25 22:08:08 +01:00
Pavel Krasikov	4c01326913	add docs for useJsNonce Signed-off-by: Pavel Krasikov <klonishe@gmail.com>	2020-03-15 17:02:11 +03:00
Joas Schilling	9c9f8fa5f7	Allow non integer ids in Entity Mapper Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-02-26 14:44:45 +01:00
TimObert	4c1834dace	Fix requested changes Signed-off-by: Tim Obert <tobert@w-commerce.de>	2020-02-14 14:16:31 +01:00
Tim Obert	058180d386	Change the route generation of AuthPublicShareController.php and adjust the routes for file sharing Signed-off-by: Tim Obert <tobert@w-commerce.de>	2020-02-14 12:12:04 +01:00
Christoph Wurst	6127c288e8	Fix license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-01-13 14:23:49 +01:00
Daniel Calviño Sánchez	883a71ce8e	Split the menu entry for external shares in two The external shares entry showed a "button" that, when pressed, replaced the button with the input to set the remote share address. The "button" was actually a label for the input, so when the label was focused it transferred the focus to the input and thus pressing enter or space did not show the input. Moreover, inputs inside links are not valid HTML, and once shown there was no way to hide the input again. Due to all this, and for consistency with the direct link input, the external share input was moved to a different menu item that is shown and hidden when the button, which nows is also a real button, is clicked. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2019-12-30 10:29:36 +01:00
Daniel Calviño Sánchez	33b2f4e295	Format HTML elements Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	2019-12-30 10:29:36 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
Roeland Jago Douma	b607e3e6f4	Merge pull request #17948 from nextcloud/enh/check-if-property-is-bool Make isXXX available for bool properties only	2019-11-26 12:25:36 +01:00
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-22 20:52:10 +01:00
Daniel Kesselberg	a27c10daa6	Make isXXX available for bool properties only Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-11-16 00:39:48 +01:00
Julius Härtl	3c09299346	Do not throw an exception for base App class Signed-off-by: Julius Härtl <jus@bitgrid.net>	2019-11-08 11:41:42 +01:00
Robin Appelman	5ca27085fc	mark getAppContainer as a valid way to construct app containers this is triggerd (and not cought by the query arm) if an item from an app is queried before the app queries it's own Application instance Signed-off-by: Robin Appelman <robin@icewind.nl>	2019-11-04 19:40:08 +01:00
Roeland Jago Douma	380563fd53	Merge pull request #17562 from nextcloud/techdebt/17509/log-error-when-setting-up-application-incorrectly Log an error in development cases when the application class was set …	2019-10-29 21:09:26 +01:00
Christoph Wurst	ce9a434fb2	Add isXXX getter to Entity Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-10-22 14:54:21 +02:00
Joas Schilling	aad535e3af	Log an error in development cases when the application class was set up incorrectly Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-10-16 12:17:09 +02:00
Roeland Jago Douma	a85f2f4165	set default CSP on NotFoundResponse Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-09-09 22:37:12 +02:00
Roeland Jago Douma	def82c5077	Remove reflect method form public interface The reflect method is (and should) only every be called internally. Since if you call it again it would otherwise start mixing and matching arguments etc. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-30 13:28:18 +02:00
Roeland Jago Douma	35db32f504	Add deprecation warning Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-29 14:52:50 +02:00
Roeland Jago Douma	c40fe8b819	Do not enforce the parent constructor of response to be called If there is no policy set we just take the default empty ones. That way no obscure errors get thrown if the constructor is not called. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-19 14:39:34 +02:00
Roeland Jago Douma	c4cafae884	frame-src doesn't respect the nonce attribute Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-16 21:29:57 +02:00
Roeland Jago Douma	b8c5008acf	Add feature policy header This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-10 14:26:22 +02:00
Roeland Jago Douma	f94ee72507	Add form-action CSP element Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-07-31 15:16:10 +02:00
Roeland Jago Douma	cd243b0876	No need to have these classes we tighten the default CSP from time to time Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-07-27 14:59:48 +02:00
Roeland Jago Douma	96e51b5f6f	Redirect to the right token on public shares If the token doesn't match (or isn't set) during the redirect. We should properly set it. Else we might redirect to a later auth display that set these values. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-05-23 13:49:04 +02:00
Roeland Jago Douma	7276735eb4	Set empty CSP by default For #14179 By default responses should have the strictest (and simplest) CSP possible. Only template responses should require an actual CSP. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-04-16 14:09:39 +02:00
Marius David Wieschollek	5aeb8eac2b	[#11236 ] Set parameter type in QBMapper Signed-off-by: Marius David Wieschollek <git.public@mdns.eu>	2019-03-24 22:43:45 +01:00
Roeland Jago Douma	4d8e1f6c67	CSP: set nonce for iframes This for now uses the jsNonce. That way we can easily backport it. For 17 I will fix it properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-03-16 20:20:03 +01:00
Joas Schilling	c5ab74348c	Avoid duplicate App container creation Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-03-05 17:55:35 +01:00
Joas Schilling	3203d3e806	Allow apps to redirect to the default app Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-03-01 09:19:46 +01:00
Roeland Jago Douma	b68567e9ba	Add StandaloneTemplateResponse This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-02-06 11:26:18 +01:00
Roeland Jago Douma	d182037bce	Emit to load additionalscripts Fixes #13662 This will fire of an event after a Template Response has been returned. There is an event for the generic loading and one when logged in. So apps can chose to load only on loged in pages. This is a more generic approach than the files app event. As some things we might want to load on other pages as well besides the files app. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-31 12:11:40 +01:00
Roeland Jago Douma	ad676c0102	Set default frame-ancestors to 'self' For #13042 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-08 15:36:40 +01:00
Roeland Jago Douma	64244e1a4f	CSP: Allow fonts to be provided in data Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-01-07 15:07:06 +01:00
Daniel Kesselberg	8a952b73d6	Access id property without getter. Some implementations typehint getId to integer but default is null. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-12-24 14:21:40 +01:00
Daniel Kesselberg	21b80a89b0	Fetch lastInsertId only when id null When id column has no autoincrement flag query for lastInsertId fails on postgres because no value has been generated. Call lastInsertId only if id is null. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-12-24 14:21:39 +01:00
Roeland Jago Douma	3ddc68f91b	Add IMapperException This way code using the DB mappers can have try catch blocks on this type of exceptions if they do not care if there was non or to many. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-06 22:26:58 +01:00
Roeland Jago Douma	58345e02d2	Basic CSP no longer deprecated Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-08 10:37:48 +01:00
Roeland Jago Douma	579822b6a5	Add report-uri to CSP Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-21 13:38:32 +02:00
Roeland Jago Douma	5b61ef9213	Disallow unsafe-eval by default Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-14 20:45:34 +02:00
Joas Schilling	840dd4b39c	Allow to inject/mock `new \DateTime()` similar to time() Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-10-09 15:38:31 +02:00
Morris Jobke	e45248c17a	Merge pull request #10967 from nextcloud/zipresponse Add zip response	2018-10-02 23:34:30 +02:00
Morris Jobke	bcbffdb644	Add PHPDoc Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-10-02 22:35:31 +02:00
Roeland Jago Douma	7d9052d4b9	fixup! Add fix response Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-02 08:17:27 +02:00
Roeland Jago Douma	a891f42a5d	fixup! Add fix response Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-02 08:16:28 +02:00
Jakob Sack	a9fa220e68	Add fix response implements #7589	2018-10-02 08:13:39 +02:00
Christoph Wurst	3f594fc1b7	Document possibly thrown excption of QBMapper::insertOrUpdate Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-02 08:09:28 +02:00
Christoph Wurst	40fdff5b80	Add QBMapper::insertOrUpdate() This allows elegant upserts where the entity ID is provided (e.g. by an external system) and when that data is fed into our database multiple times. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2018-10-02 08:09:27 +02:00
Roeland Jago Douma	8354c50911	Deprecate the childSrc functions Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-09-04 07:35:44 +02:00
Roeland Jago Douma	c8fe4b4fc8	Add workerSrc to CSP Fixes #11035 Since the child-src directive is deprecated (we should kill it at some point) we need to have the proper worker-src available Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-09-04 07:35:44 +02:00
Roeland Jago Douma	c21cee248c	Disallow eval on the StrictEvalCSP Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-07-11 21:12:36 +02:00
Roeland Jago Douma	5455045a9b	Fix direct access to authen page Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:57:13 +02:00
Roeland Jago Douma	6de656e435	Update token on regeneration for public login Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:38 +02:00
Roeland Jago Douma	1bb8bc8ff9	Add AuthPublicShareControllerTest Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:38 +02:00
Roeland Jago Douma	61e445da88	Add PublicShareControllerTests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:38 +02:00
Roeland Jago Douma	31392c2443	Move public auth page over Now this is in core so the basics (that 99% of the app will want to use) looks always the same. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:37 +02:00
Roeland Jago Douma	f36ef8ca80	Add the new PublicShareController and PublicShareMiddleware Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-20 08:53:35 +02:00
Roeland Jago Douma	b38fa573e1	Add stricter CSPs * Deprecate our default CSP * Add strict CSP that is always our strictest setting * Add strict eval CSP (disable unsafe-eval) * Add strict inline CSP (disables inline styles) This is just to move forward and have a incremental improvement of our CSP Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-13 14:47:57 +02:00
Roeland Jago Douma	a34495933e	Move caching logic to response This avoids having to do it at all the places we want cached responses. We can't inject the ITimeFactor without breaking public API. However we can perfectly overwrite the service (resulting in the same testable effect). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-04 08:48:54 +02:00
Roeland Jago Douma	ed7b4839d9	The column is not user input so suppress the phan warning Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-14 14:46:33 +02:00
Roeland Jago Douma	74d7f6d4ca	Add a QueryBuilder Mapper Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-10 19:47:43 +02:00
Julius Härtl	6ded1c46b7	Add since tags Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-04-05 13:18:17 +02:00
Julius Härtl	2e60f91ab1	Move external share saving to template Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-04-05 13:11:55 +02:00
Julius Härtl	30e76f9f14	Add footer to public page template Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-04-05 12:22:01 +02:00
Julius Härtl	eb19899f8e	Move common menu templates to public API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-04-05 11:09:19 +02:00
Roeland Jago Douma	129a608ebe	OCP\AppFramework\App strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-09 08:42:03 +01:00
Julius Härtl	36563d4a4b	Remove setters Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:53 +01:00
Julius Härtl	9cf49873fa	Rework array handling to avoid phan error Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:53 +01:00
Julius Härtl	2b6c00fc0f	Add id to list element Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:53 +01:00
Julius Härtl	7cd0340366	Sort menu by priority Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:53 +01:00
Julius Härtl	038aad73c7	Add missing phpdoc for public API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:53 +01:00
Julius Härtl	4f83462f67	Add phpdoc, typehints and sanitize HTML Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:52 +01:00
Julius Härtl	4f78980fad	Add menu item abstraction Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:52 +01:00
Julius Härtl	0655df09d6	Pass template parameters to parent template Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-02-27 12:25:52 +01:00
Roeland Jago Douma	fb41a93a95	Merge pull request #8473 from nextcloud/strict_cmr Strict OCP\AppFramework\Utility\IControllerMethodReflector	2018-02-21 22:56:40 +01:00
Roeland Jago Douma	aa060f5332	Strict OCP\AppFramework\Utility\IControllerMethodReflector Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-02-21 19:55:49 +01:00
Roeland Jago Douma	5825c27a12	Make sure that render always returns a string Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-02-21 13:28:40 +01:00
Joas Schilling	7bc9a69c3f	Remove deprecated core API Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-01-15 17:54:50 +01:00
Roeland Jago Douma	d44de92c31	Merge pull request #7838 from nextcloud/timefactory_strict Make the ITimeFactory strict + return types	2018-01-15 09:27:37 +01:00
Roeland Jago Douma	7ffd62bf95	Make the ITimeFactory strict + return types Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-14 21:55:40 +01:00

... 2 3 4 5 6 ...

395 commits