upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-19 16:39:59 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 13
61591 commits 1001 branches 1208 tags 8.5 GiB
Commit graph

11815 commits

Author SHA1 Message Date
szaimen
53787e2d3b fix external storages access 
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-10-23 09:32:56 +00:00
Côme Chilliet
e4ce2e71cc Correctly handle Redis::keys returning false 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-09-30 08:27:28 +00:00
blizzz
0ba3d38c8c
Merge pull request #33750 from nextcloud/backport/33734/stable23 
[stable23] remove leading slash for search results at mountpoint root
 2022-09-28 10:37:11 +02:00
blizzz
67181d6b01
Merge pull request #33786 from nextcloud/backport/33772/stable23 
[stable23] Log if cookie login failed with token mismatch or session unavailability
 2022-09-27 23:26:55 +02:00
Vincent Petry
187aeb6c36
Merge pull request #34102 from nextcloud/backport/33700/stable23 
[stable23] make groupfolders use system wide encryption keys
 2022-09-27 09:51:42 +02:00
Robin Appelman
35cc27ed21 dont try email login if the provider username is not a valid email 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-09-16 13:31:53 +00:00
Robin Appelman
5580ead535 make groupfolders use system wide encryption keys 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-09-15 21:02:16 +00:00
Carl Schwan
39ef21a6b8
Merge pull request #33982 from nextcloud/backport/33788/stable23 
[stable23] Improve getting recent files performance
 2022-09-13 12:23:10 +02:00
szaimen
5851c265a1 Do not empty config.php file if reading failed for any reason 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Signed-off-by: szaimen <szaimen@e.mail.de>
 2022-09-12 11:01:38 +02:00
Carl Schwan
4d4a6727fc Filter out old files when trying to get recent files 
Only do so when asking for less than 100 files and having an offset
equal to 0.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-09-08 14:44:00 +00:00
blizzz
fe0756a7e1
Revert "[stable23] Compare lowercase email when updating from ldap" 2022-09-07 12:27:37 +02:00
Louis Chemineau
0b5619f132 I dug into it again, and the issue is much simpler than I previously though. 
- LDAP has an email address with capital letters
- NC store this address in lower case
- When the user logs in, we compare the [stored email with the new lower case email](https://github.com/nextcloud/server/blob/master/lib/private/AllConfig.php#L259-L261) before storing it. Here, both email will be the same, so we won't store the new email address with upper case letters. Which is what we want.
- We then [compare emails as they are before triggering an event](https://github.com/nextcloud/server/blob/master/lib/private/User/User.php#L202-L204), they won't match, so the user will receive an email signaling an email change every time he logs in.

The fix is to compare the old email with the new lower case email before sending the event.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2022-09-06 15:24:01 +00:00
blizzz
55f07a4d46
Merge pull request #32985 from nextcloud/backport/32242/stable23 
[stable23] Fix logging data context to file
 2022-09-01 09:47:35 +02:00
Christoph Wurst
2fbcc9184b Log if cookie login failed with token mismatch or session unavailability 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-09-01 07:34:30 +00:00
blizzz
9d9d5cb458
Merge pull request #33763 from nextcloud/backport/33603/stable23 
[stable23] optimize search post-processing for jail wrapper
 2022-08-31 16:46:46 +02:00
Joas Schilling
67ec2f4d8b
Merge pull request #32751 from nextcloud/backport/32744/stable23 
[stable23] Always log errors from sending federation api requests to ease debugging
 2022-08-30 20:36:14 +02:00
Thomas Citharel
54b0b53295
Fix logging data context to file 
It was only logged when an exception was provided or when using
logData (which is not being much used).

We make sure the interpolated parameters are not logged.

Only tested with file write logger, but shouldn't work differently.

Crash reporters always had the context.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
 2022-08-30 18:58:20 +02:00
Robin Appelman
d7858bfcf3 optimize search post-processing for jail wrapper 
don't both asking the wrapped cache if we know it's not in our jail anyway

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-08-30 15:51:29 +00:00
blizzz
1e80b33fa7
Merge pull request #33515 from nextcloud/backport/33513/stable23 
[stable23] Recover installation when creating the database user fails and improve password strength
 2022-08-30 17:37:29 +02:00
Robin Appelman
d414008b13 remove leading slash for search results at mountpoint root 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-08-30 10:28:02 +00:00
Arthur Schiwon
71394fc8cb logger ignore args of sharepoint-related methods 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-08-25 14:31:32 +00:00
Joas Schilling
2a206cd927
Create more secure passwords by default 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-08-12 11:28:10 +02:00
Joas Schilling
9a53d02ac2
Recover installation when creating the user failed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-08-12 11:27:31 +02:00
Julius Härtl
f5d91e9b28 Do not update passwords if nothing changed 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2022-08-09 18:54:21 +00:00
blizzz
d7c442deaa
Merge pull request #33443 from nextcloud/backport/33407/stable23 
[stable23] Handle one time and large passwords
 2022-08-04 11:16:46 +02:00
Carl Schwan
bc29ff5567
Handle one time and large passwords 
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.

This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-08-03 13:50:29 +02:00
blizzz
bc0ab0c4f8
Merge pull request #33354 from nextcloud/backport/33031/stable23 
[stable23] Improve local IP detection
 2022-08-03 11:28:54 +02:00
Joas Schilling
5d9f56417f
Always log errors from sending federation api requests to ease debugging 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-08-02 08:40:02 +02:00
blizzz
105bdbeaac
Merge pull request #33156 from nextcloud/backport/32997/stable23 
[stable23] load dashboard widgets of enabled apps only
 2022-08-01 20:42:29 +02:00
Arthur Schiwon
f955faba1c
fix PHP 7.3 compat 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-08-01 15:32:02 +02:00
Côme Chilliet
4664375cbc
Remove call to undefined function, fix typing 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-01 15:31:38 +02:00
Côme Chilliet
f41425c9ee
Align copied file with our code style 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-01 15:31:30 +02:00
Côme Chilliet
28dd116b92
Copy IpUtils from Symfony to avoid new dependency on backport 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-01 15:30:56 +02:00
Arthur Schiwon
5c757f31e1 avoid early DI of IAppManager 
- might break install

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-07-27 15:11:50 +00:00
Arthur Schiwon
8c87c0bb28 load widgets only of enabled apps 
- per design, all enabled apps have their registration run
- limitations, e.g. enabled by group, are not considered in that state,
  because we do not have a session (and might need apps?)
- before instantiation of widget it has to be checked whether the providing
  app is actually enabled for the logged in user.
- a public interface is being changed, but it is not meant to be
  implemented or used outside of the core handling. Therefore save to
  backport.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-07-27 15:11:50 +00:00
Robin Appelman
db86e92d05 don't set null as a bundle path 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-07-27 13:50:05 +00:00
Côme Chilliet
91a244e77e Use Symfony IpUtils to check for local IP ranges 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-26 09:45:33 +00:00
Côme Chilliet
a04cb4dfa6 Check for local IPs nested in IPv6 as well 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-26 09:45:31 +00:00
Côme Chilliet
8ad9a15514 Refactor local IP if and set strict to true for in_array 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-26 09:45:29 +00:00
Côme Chilliet
342934e9c2 Improve local IP detection 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-07-26 09:45:27 +00:00
blizzz
82bb1fd241
Merge pull request #33253 from nextcloud/backport/32963/stable23 
[stable23] also use nextcloud certificate bundle when downloading from s3
 2022-07-22 23:55:19 +02:00
Arthur Schiwon
1ec1321c26 fix loading legacy app.php with multi app dir 
- requireAppFile() only appends /appinfo/app.php
- without the absolute path, require_once looks into include_path
- the first match in inlcude_path however migth be different from appPath
- fixed by providing the tested(!), full path to the app


Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2022-07-19 06:22:19 +00:00
Robin Appelman
87b7f2683f only use nextcloud bundle when explicitly enabled 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-07-18 07:57:48 +00:00
Robin Appelman
9d4b0e2265 also use nextcloud certificate bundle when downloading from s3 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-07-18 07:57:46 +00:00
John Molakvoæ
b93bde1c76
Merge pull request #33158 from nextcloud/backport/33153/stable23 2022-07-08 08:28:39 +02:00
blizzz
c7e9a59124
Merge pull request #32987 from nextcloud/backport/stable23/31771 
[stable23] Fix hook encryption with cron job
 2022-07-07 12:02:09 +02:00
Joas Schilling
3c24ba359f Only ignore attempts of the same action 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-07 09:09:23 +00:00
Carl Schwan
c8967c5b88
Merge pull request #33114 from nextcloud/backport/stable23/31194 
[stable23] Allow to disable password policy enforcement for selected groups
 2022-07-07 09:12:38 +02:00
Christopher Ng
e218746c8c Do not save invalid display name to the database 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2022-07-06 20:57:29 +00:00
Carl Schwan
003b2a4e4f Fix hook encryption with cron job 
Make sure the setup fs is set before using the Update service

Backport of #29674

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-07-06 17:42:49 +02:00