upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-09 00:32:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 35
70054 commits 1038 branches 1221 tags 7.6 GiB
Commit graph

6786 commits

Author SHA1 Message Date
Robin Appelman
9678a1853c fix: handle NAT64 addresses in isLocalAddress 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2026-05-19 15:41:38 +00:00
Côme Chilliet
4ba417c11b
fix: Reduce the mixups between apptokens and session ids 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-04-21 15:41:47 +02:00
Joas Schilling
820755dc21
ci: Update testing certificates that expired after 10 years 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-08-26 08:59:37 +02:00
Christoph Wurst
57463df26a
fix(session): Only mark sessions of permanent tokens as app passwords 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-04-09 07:50:12 +02:00
Ferdinand Thiessen
703f38ce67
fix(lookup-server): disable lookup server for non-global scale setups 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-03-12 11:53:07 +01:00
Ferdinand Thiessen
12232a5e41 fix(lookup-server): do not query data by default 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-03-12 10:09:53 +00:00
provokateurin
a6ff24b4e2
refactor(TempManager): Simplify and unify implementations and remove legacy behavior 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-03-04 07:53:19 +01:00
Ferdinand Thiessen
b30b1de680
fix(sharing): Move permission validation to share manager 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-01-31 20:45:52 +01:00
Robin Appelman
3b655e6de7 fix: fix mimetype not being updated when changing file extention on object store 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-12-11 07:54:24 +00:00
Christoph Wurst
0b8355449d fix(migration): Decrypt ownCloud secrets v2 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-11-28 09:32:18 +00:00
Côme Chilliet
bcb1bbb1bd fix: Remove call to non-existing method in 28 and add missing use in test 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-27 11:02:57 +02:00
Côme Chilliet
3904bf5651 fix(tests): Fix PHP 8.0 compatibility 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-27 11:02:57 +02:00
Côme Chilliet
2655f931ea fix(tests): Adapt tests to change of DefaultShareProvider constructor 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-08-27 11:02:57 +02:00
Julius Härtl
4ba1154cb6 fix: Ignore preview requests for invalid file ids 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-07-28 12:15:44 +02:00
Robin Appelman
b724b111cc test: update DummyJobList 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-06-17 13:25:52 +02:00
Arthur Schiwon
6738cd61e9
Merge pull request #45824 from nextcloud/backport/45811/stable27 
[stable27] test: add tests for ProfilePageController
 2024-06-13 15:29:10 +02:00
Arthur Schiwon
3b840dfb79
fix(Token): make new scope future compatible 
- "password-unconfirmable" is the effective name for 30, but a draft
  name was backported.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 19:28:57 +02:00
Arthur Schiwon
02313013ad
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 19:28:57 +02:00
Daniel Kesselberg
6739eb1715
test: add tests for ProfilePageController 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-06-12 18:34:01 +02:00
Benjamin Gaussorgues
00130d740a
Merge pull request #45369 from nextcloud/backport/44763/stable27 2024-06-04 12:42:06 +02:00
Christoph Wurst
8429993328 fix(session): Do not update authtoken last_check for passwordless 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-06-02 22:07:28 +02:00
Benjamin Gaussorgues
a2746a64da
fix(groups): allows to save group names with more than 64 characters 
Mimic behaviour from LDAP users and add a hard limit to 255 characters

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-05-16 17:59:36 +02:00
Joas Schilling
6ced51d628
fix: Extend SVG reference check 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-05-16 10:05:07 +02:00
Benjamin Gaussorgues
65e0bc7aff
feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-05-07 14:54:06 +02:00
Robin Appelman
85d7620033
test: add test for jail watcher 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-04-09 13:20:42 +02:00
Christopher Ng
99a1e299f6 test: Update tests 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-04-08 17:10:31 -07:00
Côme Chilliet
606f25871e fix(tests): Fix tests when daytime saving time change happened recently 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 11:14:22 +00:00
Christoph Wurst
112b8bcbfb fix(config): Make sure user keys are strings 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-03-19 17:32:57 +00:00
Julius Härtl
0b1fcf0a5c fix: Fetch custom app store url without internet connection 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-04 20:18:32 +00:00
John Molakvoæ
7b9fed1cb5
Merge pull request #43789 from nextcloud/backport/39607/stable27 2024-02-29 11:36:12 +01:00
Benjamin Gaussorgues
1b30da153c feat(share): save date and time for expiration 
Because of timezones, not saving time can lead to unexpected behaviour
when sharing an item sooner than timezone offset
Example: sharing a file before 9am when in UTC+9

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-26 09:10:26 +00:00
FedericoHeichou
e61f0b82c7 Add "-i" to MailTest's pipe 
Signed-off-by: FedericoHeichou <federicoheichou@gmail.com>

[skip ci]
 2024-02-23 15:17:11 +00:00
Robin Appelman
14678e6bca add test for updating etag with unchanged mtime in child folder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:28:05 +00:00
Robin Appelman
0b0efed67a add test for updating etag with unchanged mtime 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:28:05 +00:00
Arthur Schiwon
6490e50bb9 test(unit): fix RequestTest 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-01-29 09:59:35 +00:00
Julien Veyssier
3f19bf7660
make OAuth2 authorization code expire 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-01-22 13:26:01 +01:00
Git'Fellow
27af03c92d fix(session): Avoid two useless authtoken DB queries for every anonymous request 
Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-01-17 09:27:17 +00:00
Joas Schilling
0148dab1e7
fix(appstore): Only send subscription keys to valid appstores 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-16 10:16:38 +01:00
Julius Härtl
9112904206
perf: Use more performant way to obtain and check the email as a login name with token login 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-01-09 11:56:45 +01:00
Robin Appelman
4b74d315b6
adjust redis compareSetTTL to use a lua script 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-02 15:40:34 +01:00
Robin Appelman
0e98f1eb8d
restore shared lock ttl when releasing 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-02 15:40:32 +01:00
Alexander Piskun
12257ac765
AppAPI: allowed to bypass Two-Factor 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>

fix php-cs

Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2023-12-29 14:46:58 +02:00
Joas Schilling
6b895462ac
fix(security): Handle idn_to_utf8 returning false 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-12-07 06:39:34 +01:00
Joas Schilling
5d12f12319 fix: Fix linkToOCSRouteAbsolute() without index.php and subfolder 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-20 16:15:39 +00:00
Robin Appelman
43ef6da11e
optimize UserMountCache::registerStorage 
Signed-off-by: Robin Appelman <robin@icewind.nl>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-16 16:40:57 +01:00
Benjamin Gaussorgues
1af4301997
Merge pull request #41363 from nextcloud/optmize-storage-wrappers-27 
[27] optimize builtin storage wrappers
 2023-11-16 14:21:56 +01:00
Joas Schilling
335369f3f4
Reverse X-Forwarded-For list to read the correct proxy remote address 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-16 07:48:09 +01:00
Robin Appelman
81d625d44d
optimize isShared and isMounted 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-11-09 15:42:41 +01:00
Robin Appelman
155fd0b86a apply known mtime wrapper for external storages 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-10 09:34:20 +02:00
Robin Appelman
36eef0be67 add wrapper to ensure we don't get an mtime that is lower than we know it is 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-10 09:34:20 +02:00