nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-06-14 03:02:01 -04:00

Author	SHA1	Message	Date
Carl Schwan	5b7b972882	Fix security issues when copying groupfolder with advanced ACL Using advanced ACL, it is possible that an user has access to a directory but not to a subdirectory, so the copying use Common::copyFromStorage instead of Local::copyFromStorage. Fix https://github.com/nextcloud/groupfolders/issues/1692 Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2021-11-02 13:57:12 +00:00
Lukas Reschke	dcdc654bed	Add database ratelimiting backend In case no distributed memory cache is specified this adds a database backend for ratelimit purposes. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-09-13 17:38:02 +02:00
Lukas Reschke	159762d54a	Merge pull request #27618 from nextcloud/backport/27610/stable19 [stable19] Throttle on public DAV endpoint	2021-06-23 18:50:09 +02:00
Lukas Reschke	6f23221efb	Add newline to satisfy phpcs Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-23 12:27:34 +02:00
Joas Schilling	0b443a7adf	Send "429 Too Many Requests" in case of brute force protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-06-23 12:17:04 +02:00
Lukas Reschke	ab605b7218	Remove throwing annotation This class was just introduced in Nc 21. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-22 13:51:17 +00:00
Lukas Reschke	9f63ce182f	Use execute instead of executeStatement Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-22 13:51:16 +00:00
Morris Jobke	dba013f428	Properly cleanup entries of WebAuthn on user deletion Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2021-06-22 13:51:14 +00:00
Julius Härtl	728e5ef966	Merge pull request #27307 from nextcloud/backport/27062/stable19 [stable19] properly use limit and offset for search in Jail wrapper	2021-06-09 08:10:27 +02:00
Morris Jobke	6f0233b9ea	Merge pull request #27210 from nextcloud/backport/27199/stable19 [stable19] Use noreply@ as email address for share emails	2021-06-07 10:47:20 +02:00
Lukas Reschke	1292bd90c9	Propagate throttling on OCS response The BaseResponse converter did not take over any throttling state from the DataResponse. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-06-01 19:46:43 +00:00
Robin Appelman	8246f097de	properly use limit and offset for search in Jail wrapper Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-05-31 13:54:19 +00:00
Morris Jobke	5e8f5a0d85	Use noreply@ as email address for share emails Fixes #26683 Before it used the instance name, which a) doesn't make sense to randomly guess email addresses and b) could contain characters that are not allowed in email addresses like spaces. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2021-05-28 11:46:25 +00:00
Roeland Jago Douma	75d668818e	Use proper query method. No get yet on stable19	2021-05-20 12:40:23 +02:00
Lukas Reschke	845a67c02b	Limit size of properties to 2048 characters It is unreasonable to expect that one of these fields would be longer than 2048 characters. Whilst some have definitely lower limits (such as for phone numbers or domain names), a upper bound as sanity check makes sense. Backport of https://github.com/nextcloud/server/pull/26433 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-04-29 20:50:14 +02:00
Morris Jobke	a3fb7914c5	Merge pull request #26825 from nextcloud/backport/26811/stable19 [stable19] Do not try to contact lookup server if not needed	2021-04-29 15:50:14 +02:00
Roeland Jago Douma	ecab69d513	Merge pull request #26787 from nextcloud/backport/26718/stable19 [stable19] Fix ratelimit template	2021-04-29 10:10:54 +02:00
Roeland Jago Douma	c022e923ff	Do not try to contact lookup server if not needed In some cases (for example you never send data to the lookup server) there is no need for this job to even try. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-04-29 09:21:08 +02:00
Joas Schilling	43d6921772	429 template is NC20+ and fix getDelay for CLI Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-29 08:44:53 +02:00
Morris Jobke	3aabf5eca8	Merge pull request #26807 from nextcloud/backport/26647/stable19 [stable19] Fail when creating new files with an empty path	2021-04-28 20:26:55 +02:00
Robin Appelman	bbaf4ced3a	catch notfound and forbidden exception in smb::getmetadata Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-04-28 11:53:12 +00:00
Julius Härtl	5bbf281371	Fail when creating new files with an empty path Signed-off-by: Julius Härtl <jus@bitgrid.net>	2021-04-28 10:05:41 +00:00
Joas Schilling	f585fbc391	Fix Nextcloud19 compatibility Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-28 09:59:53 +02:00
Joas Schilling	aa178f9e25	Do not allow to overwrite some variables Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-27 13:39:52 +00:00
Joas Schilling	167a4c7a0a	Fix ratelimit template Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-27 13:39:50 +00:00
Joas Schilling	59ab20972d	Log deprecation only as debug Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-26 15:17:12 +00:00
Joas Schilling	e3e4bfb163	Respect the error level when logging Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-04-26 15:17:11 +00:00
Roeland Jago Douma	418dab9b98	Merge pull request #26646 from nextcloud/backport/26625/stable19 [stable19] Fix empty password check for mail shares	2021-04-20 20:47:52 +02:00
Arthur Schiwon	9d4a52e07c	ensure redis returns bool for hasKey Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-04-20 08:39:30 +00:00
Vincent Petry	4b5a05cfee	Fix empty password check for mail shares Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2021-04-20 10:35:58 +02:00
Lukas Reschke	a55715d9ed	Increase subnet matcher Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2021-04-12 10:36:24 +00:00
Morris Jobke	2814fc6442	Merge pull request #26264 from nextcloud/unified-search-node-19 [stable19] Handle limit offset and sorting in files search	2021-04-01 18:17:50 +02:00
Robin Appelman	9c046efd2d	use node search api for legacy file search endpoint Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-04-01 13:49:45 +02:00
Arthur Schiwon	85225cce0a	gracefully handle deleteFromSelf when share is already gone - handling race conditions Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-03-30 20:25:43 +00:00
John Molakvoæ (skjnldsv)	c74a10ddb4	Catch invalid cache source storage path Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-03-24 11:07:34 +00:00
Robin Appelman	854697818c	handle ordering in folder search Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:29 +01:00
Robin Appelman	245d3b2162	folder filtering in sql Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:26 +01:00
Robin Appelman	d257108409	cleanup fileinfo creation Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:22 +01:00
Robin Appelman	de65e8187b	handle limit and offset in folder file search Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:19 +01:00
Robin Appelman	b8d64d67fe	only require user to be set in a query that handles tags Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:15 +01:00
Robin Appelman	549db744dc	unify handling of Folder::search methods into "new" query objects Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-23 18:02:12 +01:00
Morris Jobke	ceed64154f	Merge pull request #26148 from nextcloud/backport/26013/stable19 [stable19] Return the fileid from `copyFromCache` and use it instead of doing an extra query	2021-03-19 15:29:14 +01:00
Vincent Petry	ecaa02678a	Update user share must use correct expiration validation Updating a user or group share now uses the correct method for the validation of the expiration date. Instead of using the one from links it uses the one for internal shares. To avoid future confusion, the method "validateExpirationDate" has been renamed to "validateExpirationDateLink". Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2021-03-19 11:07:04 +01:00
Robin Appelman	df77c7d37c	limit constructing of result objects in file search even thought we currently have no proper way of limiting the search itself, we can at least limit the construction of the result objects. this saves about 40% of the time spend in the search request in my local testing Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-18 08:23:16 +01:00
Morris Jobke	f302616544	Merge pull request #26092 from nextcloud/backport/25722/stable19 [stable19] apply object store copy optimization when 'cross storage' copy is wit…	2021-03-17 20:09:11 +01:00
Robin Appelman	68fb72b028	remove explicit fclose from S3->writeStream streams get closed automatically when dropped, and in some cases the stream seems to be already closed by the S3 library, in which case trying to close it again will raise an error Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-17 09:36:15 +00:00
Robin Appelman	300c4dd6b8	verify that cache entry is valid Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-16 16:18:13 +00:00
Robin Appelman	53dcc7b1ca	also implement for FailedCache and NullCache Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-16 16:18:11 +00:00
Robin Appelman	cc1a5d5ced	use returned file id for object store copy Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-16 16:18:09 +00:00
Robin Appelman	603ec9be0c	add ICopyFromCache trait to expose existing implementation Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-16 16:18:06 +00:00

1 2 3 4 5 ...

10378 commits