17171 commits

Author	SHA1	Message	Date
Micke Nordin	a88fdcbed5	Merge pull request #57234 from enriquepablo/master ... Implement token exchange from OCM	2026-06-18 11:33:24 +02:00
Benjamin Gaussorgues	3048d95615	Merge pull request #61368 from nextcloud/chore/prevent_subadmin_edit ... fix: prevent editing delegated admins	2026-06-17 16:02:11 +02:00
Robin Appelman	61037332f0	Merge pull request #60988 from nextcloud/search-operator-params ... chore: fix SearchBinaryOperator constructor type hint	2026-06-17 13:16:24 +02:00
Micke Nordin	4d5841761f	fix(cloud_federation_api): accept multi-protocol share envelopes ... Shares using the OCM multi-protocol envelope (name multi, with the secret carried in a sibling protocol entry such as webdav) were rejected with Missing sharedSecret in protocol. Scan every protocol entry for the shared secret during validation, resolve the secret from the matching entry, and let the files provider serve the webdav entry of a multi envelope. Covers the file and folder resource types. Signed-off-by: Micke Nordin <kano@sunet.se>	2026-06-17 11:01:19 +02:00
Enrique Pérez Arnaud	3616212ba2	feat(files_sharing): store and refresh OCM access tokens for external shares ... Co-authored-by: Micke Nordin <kano@sunet.se> Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>	2026-06-17 11:01:16 +02:00
Enrique Pérez Arnaud	4d56c74ba7	feat(ocm): advertise exchange-token capability and token endpoint ... Co-authored-by: Micke Nordin <kano@sunet.se> Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>	2026-06-17 11:01:14 +02:00
Enrique Pérez Arnaud	ac2f9816a6	feat(auth): support permanent OCM refresh tokens and bearer login ... Co-authored-by: Micke Nordin <kano@sunet.se> Signed-off-by: Micke Nordin <kano@sunet.se> Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net>	2026-06-17 10:44:51 +02:00
Andy Scherzinger	9af6fe9500	Merge pull request #61053 from bygadd/fix/taskprocessing-worker-atomic-claim ... fix(taskprocessing): claim tasks atomically so parallel workers don't duplicate	2026-06-17 10:21:33 +02:00
Benjamin Gaussorgues	ab29b132e5	fix: prevent editing delegated admins ... Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2026-06-17 10:18:54 +02:00
Andy Scherzinger	f985b90a77	Merge pull request #61332 from nextcloud/fix/string-expected-int-given ... fix: ensure file names are string-typed	2026-06-17 07:25:09 +02:00
Andy Scherzinger	d6086c2325	Merge pull request #61308 from nextcloud/fix/noid/team-manager-resources ... fix(team-manager): ensure team resources are only retrived for members	2026-06-16 20:33:49 +02:00
Andy Scherzinger	c409abfc63	Merge pull request #61322 from nextcloud/fix/improve-password-confirmation-middleware ... fix: Do not set last-password-confirm for apptoken sessions	2026-06-16 19:49:28 +02:00
Stephan Orbaugh	03077b52f9	Merge pull request #60587 from nextcloud/fix/99281/lookup-duplicates ... fix: trim duplicate search results for external share	2026-06-16 16:10:49 +02:00
Arthur Schiwon	437952bd70	fix: ensure file names are string-typed ... - `$child` was used as an array key earlier. If they are numeric, they are automatically converted to ints, leading to type issues later. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2026-06-16 13:13:38 +02:00
Côme Chilliet	f7f9a47ceb	fix: Do not set last-password-confirm for apptoken sessions ... Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-16 11:59:13 +02:00
Micke Nordin	41e9022100	fix(ocm): merge resource types by name in discovery ... Current code blindy adds any resources to the ocm disocvery, this makes it so that different cloud federation providers can not add different protocols for the same resourceType without the resourceType being duplicated, something that OCM does not allow: ``` REQUIRED: resourceTypes (array) - A list of all resource types this server supports in both the Sending Server role and the Receiving Server role, with their access protocols. Each item in this list MUST itself be an object containing the following fields: name (string) - A supported resource type (file, calendar, contact, ...). Implementations MUST offer support for at least one resource type, where file is the commonly supported one. Each resource type is identified by its name: the list MUST NOT contain more than one resource type object per given name. ... ``` https://datatracker.ietf.org/doc/html/draft-ietf-ocm-open-cloud-mesh-04#name-fields This patch changes this behaviour from this example result: ``` { "name": "folder", "shareTypes": [ "user" ], "protocols": { "webapp": {} } }, { "name": "folder", "shareTypes": [ "user" ], "protocols": { "webapp-receive": { "targets": [ "blank", "iframe" ] } } ``` to: ``` { "name": "folder", "shareTypes": [ "user" ], "protocols": { "webapp": {}, "webapp-receive": { "targets": [ "blank", "iframe" ] } } ``` which is the correct behaviour according to OCM. Signed-off-by: Micke Nordin <kano@sunet.se>	2026-06-16 11:30:24 +02:00
Marcel Klehr	eda0de0c14	Merge pull request #61190 from nextcloud/feat/taskprocessing-update-completionexpected ... feat(TaskProcessing): Update completionExpectedAt in Manager#setTaskProgress	2026-06-16 11:19:08 +02:00
Cristian Scheid	74849c99e3	fix(team-manager): ensure team resources are only retrived for members ... Signed-off-by: Cristian Scheid <cristianscheid@gmail.com>	2026-06-15 14:12:58 -03:00
Simon L.	3881d9b1fa	refactor(CapabilitiesManager): log slow capabilities in a single message ... Instead of logging one message per slow capability (and only in debug mode), collect all slow capabilities and emit a single log entry with all timings, using the highest applicable log level. Signed-off-by: Simon L. <szaimen@e.mail.de> Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Signed-off-by: Simon L. <szaimen@e.mail.de>	2026-06-15 18:42:47 +02:00
Simon L.	3e6d2dc794	fix(CapabilitiesManager): only check execution time if debug mode is enabled ... Signed-off-by: Simon L. <szaimen@e.mail.de> Co-Authored-By: Anna <anna@nextcloud.com>	2026-06-15 18:37:11 +02:00
niv	26526ec134	fix: trim duplicate search results for external share ... Signed-off-by: Maksim Sukharev <antreesy.web@gmail.com>	2026-06-15 16:57:51 +02:00
Yoan Bozhilov	df2368896f	docs(taskprocessing): document lockTask semantic change ... Per review feedback: note in the lockTask docblock that the guard changed from `status != RUNNING` to `status = SCHEDULED`, and that callers must now treat a 0 return as "the task is no longer claimable" rather than assuming success. Signed-off-by: Yoan Bozhilov <bygadd@gmail.com> Assisted-by: Claude Code:claude-opus-4-8	2026-06-15 16:37:34 +02:00
Yoan Bozhilov	022531b997	fix(taskprocessing): guard lockTask on scheduled, record started_at, Oracle fallback ... Address review feedback (@marcelklehr, Copilot): - lockTask claims only SCHEDULED tasks (was status != RUNNING) and stamps started_at in the same atomic UPDATE, so a finished task cannot be re-claimed and the external-provider claim path records started_at as well. - claimWithBoundedRetry re-reads after lockTask instead of a follow-up UPDATE. - Oracle joins SQLite on the bounded-retry fallback: Oracle cannot combine a row-limiting clause with FOR UPDATE (ORA-02014), which failed the claim tests on Oracle CI. - Reword the worker docblock/comments to "prefer oldest available" (parallel SKIP LOCKED does not guarantee a strict global order). - Add a regression test that lockTask does not resurrect a finished task. Signed-off-by: Yoan Bozhilov <bygadd@gmail.com> Assisted-by: Claude Code:claude-opus-4-8	2026-06-15 16:37:34 +02:00
Marcel Klehr	66826df860	fix: Address review comments ... Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2026-06-15 16:37:34 +02:00
Yoan Bozhilov	0799454a1f	fix(taskprocessing): claim tasks atomically with SKIP LOCKED + composite index ... Replace the worker retry/ignore-list claim-loop with a single atomic SELECT ... FOR UPDATE SKIP LOCKED claim (SQLite bounded-retry fallback), preserving the no-duplicate guarantee while removing the thundering-herd contention that throttled backlog draining. Add a (status,type,last_updated) index via the table-creating migration + db:add-missing-indices listener. Signed-off-by: Yoan Bozhilov <bygadd@gmail.com> Assisted-by: Claude Code:claude-opus-4-8	2026-06-15 16:37:34 +02:00
Côme Chilliet	802bce0a77	fix: Use token expiration for ephemeral sessions ... This simplifies the code a lot. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-15 15:28:38 +02:00
Marcel Klehr	041013bb58	fix(TaskProcessing): Check $progress value is in (0,1) in setTaskProgress ... Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2026-06-15 10:02:34 +02:00
Côme Chilliet	1ac195d01e	Merge pull request #61245 from nextcloud/fix/fix-php-warning-in-sharehelper ... fix: Fix PHP Warning foreach() argument must be of type array|object, null given	2026-06-12 18:38:28 +02:00
Robin Appelman	09d6942c11	chore: fix SearchBinaryOperator constructor type hint ... Signed-off-by: Robin Appelman <robin@icewind.nl>	2026-06-12 17:43:42 +02:00
Côme Chilliet	d551047b8a	fix: Fix PHP Warning foreach() argument must be of type array|object, null given ... Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2026-06-12 14:28:42 +02:00
Benjamin Gaussorgues	dc5499af46	feat(jobs): clean old job runs ... Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2026-06-12 13:53:10 +02:00
Benjamin Gaussorgues	28d32d8fff	feat(snowflake): allows to generate Snowflake IDs matching a timestamp ... Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2026-06-12 13:53:10 +02:00
Benjamin Gaussorgues	3956e292b4	feat(jobs): add cleanup job for job run history ... Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2026-06-12 13:53:10 +02:00
Benjamin Gaussorgues	60ce92a697	feat(utils): add getter for serverid with proper default ... Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2026-06-12 13:53:10 +02:00
Benjamin Gaussorgues	621d1328e7	Merge pull request #57227 from lpcvoid/master ... fix: allow `occ maintenance:update:htaccess` to create .htaccess file in case it doesn't exist yet	2026-06-12 10:02:05 +02:00
provokateurin	dd8b4fb384	style(PHP): Fix ... Signed-off-by: provokateurin <kate@provokateurin.de>	2026-06-11 20:01:52 +02:00
Louis	14caffcc7b	Merge pull request #43226 from jpsn123/master ... movie preview bug fix, in some case stream reading functions may block indefinitely	2026-06-11 17:28:54 +02:00
Andy Scherzinger	2ab629fd1b	Merge pull request #53464 from nextcloud/correctParentStorageMtime-id ... fix: pass parent id to correctParentStorageMtime when known	2026-06-11 17:17:52 +02:00
cn-shell	cb8c152ed3	fix(previews): movie preview bug fix, in some case stream reading functions may block indefinitly ... Signed-off-by: cn-shell <jpsn@foxmail.com> Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>	2026-06-11 17:14:54 +02:00
Louis	97df391969	Merge pull request #49978 from nextcloud/jtr-feat-setupchecks-limit-type ... feat: Run setup checks by category or class	2026-06-11 16:58:21 +02:00
Louis	da706223e4	Merge pull request #61140 from nextcloud/fix/fix-deprecations-in-tests ... Fix deprecations in tests	2026-06-11 14:48:10 +02:00
Carl Schwan	c882abff2e	Merge pull request #60957 from nextcloud/carl/simplify-di-init ... refactor(server): Register alias when needed	2026-06-11 13:57:35 +02:00
Josh	b42fbab94d	feat: Run setup checks by category or class ... Signed-off-by: Josh <josh.t.richards@gmail.com>	2026-06-11 12:24:47 +02:00
Benjamin Gaussorgues	728644d647	Merge pull request #59731 from nextcloud/jtr/refactor-share-dry-exp-dat-validation ... refactor(share): DRY up expiration date validation and fix dispatchEvent() log message	2026-06-11 11:42:06 +02:00
Louis	86c2b912bf	Merge pull request #50835 from nextcloud/updateLastSeen ... fix(session): Update `last_seen` when user session is validated	2026-06-11 11:38:03 +02:00
Marcel Klehr	573ecd0e81	feat(TaskProcessing): Update completionExpectedAt in Manager#setTaskProgress ... Assisted-by: ClaudeCode:claopus-4-7 Signed-off-by: Marcel Klehr <mklehr@gmx.net>	2026-06-11 11:10:41 +02:00
Louis	996fcfe443	Merge pull request #57216 from Roszakos/2fa-stateless-provider-interface ... feat (2fa): Add IStatelessProvider interface	2026-06-11 11:01:23 +02:00
Louis	a8135190f3	Merge pull request #59916 from nextcloud/jtr/fix-MoveFromCacheTrait-hardening ... fix(Files/Cache): align `MoveFromCacheTrait` fallback validation with `Cache::moveFromCache`	2026-06-11 10:28:15 +02:00
Louis	5e4abd734d	Merge pull request #59984 from nextcloud/jtr/docs-lock-ILockManager-API ... docs(lock): clarify ILockManager API documentation	2026-06-11 10:26:49 +02:00
Louis	421e4de7e5	Merge pull request #59979 from elicpeter/patch-1 ... fix(repair): restrict unserialize() in RemoveBrokenProperties	2026-06-11 10:26:04 +02:00