upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-19 08:25:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11
69676 commits 951 branches 1208 tags 8.3 GiB
Commit graph

6769 commits

Author SHA1 Message Date
Arthur Schiwon
3b840dfb79
fix(Token): make new scope future compatible 
- "password-unconfirmable" is the effective name for 30, but a draft
  name was backported.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 19:28:57 +02:00
Arthur Schiwon
02313013ad
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-12 19:28:57 +02:00
Benjamin Gaussorgues
00130d740a
Merge pull request #45369 from nextcloud/backport/44763/stable27 2024-06-04 12:42:06 +02:00
Christoph Wurst
8429993328 fix(session): Do not update authtoken last_check for passwordless 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-06-02 22:07:28 +02:00
Benjamin Gaussorgues
a2746a64da
fix(groups): allows to save group names with more than 64 characters 
Mimic behaviour from LDAP users and add a hard limit to 255 characters

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-05-16 17:59:36 +02:00
Joas Schilling
6ced51d628
fix: Extend SVG reference check 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-05-16 10:05:07 +02:00
Benjamin Gaussorgues
65e0bc7aff
feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-05-07 14:54:06 +02:00
Robin Appelman
85d7620033
test: add test for jail watcher 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-04-09 13:20:42 +02:00
Christopher Ng
99a1e299f6 test: Update tests 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-04-08 17:10:31 -07:00
Côme Chilliet
606f25871e fix(tests): Fix tests when daytime saving time change happened recently 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 11:14:22 +00:00
Christoph Wurst
112b8bcbfb fix(config): Make sure user keys are strings 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-03-19 17:32:57 +00:00
Julius Härtl
0b1fcf0a5c fix: Fetch custom app store url without internet connection 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-03-04 20:18:32 +00:00
John Molakvoæ
7b9fed1cb5
Merge pull request #43789 from nextcloud/backport/39607/stable27 2024-02-29 11:36:12 +01:00
Benjamin Gaussorgues
1b30da153c feat(share): save date and time for expiration 
Because of timezones, not saving time can lead to unexpected behaviour
when sharing an item sooner than timezone offset
Example: sharing a file before 9am when in UTC+9

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-26 09:10:26 +00:00
FedericoHeichou
e61f0b82c7 Add "-i" to MailTest's pipe 
Signed-off-by: FedericoHeichou <federicoheichou@gmail.com>

[skip ci]
 2024-02-23 15:17:11 +00:00
Robin Appelman
14678e6bca add test for updating etag with unchanged mtime in child folder 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:28:05 +00:00
Robin Appelman
0b0efed67a add test for updating etag with unchanged mtime 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-31 18:28:05 +00:00
Arthur Schiwon
6490e50bb9 test(unit): fix RequestTest 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-01-29 09:59:35 +00:00
Julien Veyssier
3f19bf7660
make OAuth2 authorization code expire 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-01-22 13:26:01 +01:00
Git'Fellow
27af03c92d fix(session): Avoid two useless authtoken DB queries for every anonymous request 
Co-Authored-By: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-01-17 09:27:17 +00:00
Joas Schilling
0148dab1e7
fix(appstore): Only send subscription keys to valid appstores 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-01-16 10:16:38 +01:00
Julius Härtl
9112904206
perf: Use more performant way to obtain and check the email as a login name with token login 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-01-09 11:56:45 +01:00
Robin Appelman
4b74d315b6
adjust redis compareSetTTL to use a lua script 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-02 15:40:34 +01:00
Robin Appelman
0e98f1eb8d
restore shared lock ttl when releasing 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2024-01-02 15:40:32 +01:00
Alexander Piskun
12257ac765
AppAPI: allowed to bypass Two-Factor 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>

fix php-cs

Signed-off-by: Andrey Borysenko <andrey18106x@gmail.com>
 2023-12-29 14:46:58 +02:00
Joas Schilling
6b895462ac
fix(security): Handle idn_to_utf8 returning false 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-12-07 06:39:34 +01:00
Joas Schilling
5d12f12319 fix: Fix linkToOCSRouteAbsolute() without index.php and subfolder 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-20 16:15:39 +00:00
Robin Appelman
43ef6da11e
optimize UserMountCache::registerStorage 
Signed-off-by: Robin Appelman <robin@icewind.nl>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-16 16:40:57 +01:00
Benjamin Gaussorgues
1af4301997
Merge pull request #41363 from nextcloud/optmize-storage-wrappers-27 
[27] optimize builtin storage wrappers
 2023-11-16 14:21:56 +01:00
Joas Schilling
335369f3f4
Reverse X-Forwarded-For list to read the correct proxy remote address 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-11-16 07:48:09 +01:00
Robin Appelman
81d625d44d
optimize isShared and isMounted 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-11-09 15:42:41 +01:00
Robin Appelman
155fd0b86a apply known mtime wrapper for external storages 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-10 09:34:20 +02:00
Robin Appelman
36eef0be67 add wrapper to ensure we don't get an mtime that is lower than we know it is 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-10-10 09:34:20 +02:00
Robin Appelman
ee8c1a5c60
only determine quota_include_external_storage once for quota wrapper 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-09-07 16:25:23 +02:00
Robin Appelman
fc21ecbd2a
cleanup di for share permissions wrapper 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2023-09-04 14:13:57 +02:00
fenn-cs
1d74d62d2a Improve sharing flow 
This commit introduces the following changes:

- Does not create new share once user is selected for internal shares
- Adds a `SharingDetails` view for share configurations
- Adds a quick share select to enable fast changes in share permisions.

Resolves: https://github.com/nextcloud/server/issues/26691

Signed-off-by: fenn-cs <fenn25.fn@gmail.com>
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2023-08-31 14:28:13 +02:00
Daniel Kesselberg
4338d0747d feat: add switch to disable dns pinning 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-08-30 13:07:55 +00:00
Côme Chilliet
eb61f94807 Fix tests, add test for the new feature 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-08-28 13:50:26 +00:00
Joas Schilling
759fc11f39
fix: Make bypass function public API 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-23 06:44:08 +02:00
Joas Schilling
b55359b23c
feat: Expose if the own IP is allowed to bypass bruteforce protection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-23 06:44:07 +02:00
Joas Schilling
befa2f6d51
feat(security): Add a bruteforce protection backend base on memcache 
Similar to the ratelimit backend

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-23 06:44:05 +02:00
Ferdinand Thiessen
258a85d5c7 tests: Add test for CacheEntry getters 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2023-08-17 09:48:53 +00:00
Ferdinand Thiessen
376f46e475 fix: Move broken filepicker selenium tests to cypress 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2023-08-10 23:47:56 +02:00
Marcel Klehr
41918cc8b2 Fix TextProcessing test for 32bit 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
 2023-08-09 10:43:59 +02:00
Daniel Kesselberg
4bae251baf fix: missing argument for TextProcessing Manager 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2023-08-09 10:40:51 +02:00
Marcel Klehr
cf2c42ae36 Massive refactoring: Turn LanguageModel OCP API into TextProcessing API 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>

(cherry picked from commit ffe27ce14c)
 2023-08-09 10:05:05 +02:00
Marcel Klehr
6b2687eb11 LLM OCP API: Change Tests to use EventDispatcher mock 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
(cherry picked from commit bf2dcd67f3)
 2023-08-09 10:02:20 +02:00
Marcel Klehr
70e65ff7a3 LLM OCP API: s/getAvailableTasks/getAvailableTaskClasses/ 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
(cherry picked from commit d56286b8ac)
 2023-08-09 10:02:00 +02:00
Marcel Klehr
09a8541d74 Add test for task cleanup 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
(cherry picked from commit c568c4a464)
 2023-08-09 10:01:23 +02:00
Marcel Klehr
d21f7bf1fb Fix tests 
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
(cherry picked from commit 20cb9935ca)
 2023-08-09 10:01:20 +02:00