upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-20 17:43:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 51
82231 commits 748 branches 1188 tags 6.5 GiB
Commit graph

1190 commits

Author SHA1 Message Date
Christoph Wurst
0c4bb5e8c5
fix(dav): calculate permissions based on addressbook principal 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-08-06 18:15:43 +02:00
Daniel Kesselberg
13f25c9316 fix(carddav): return correct sync token for non-truncated requests 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-08-06 14:32:25 +02:00
Hamza Mahjoubi
36d9fcbb4d feat(cardav): support result truncation for addressbook federation 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2025-08-06 14:04:55 +02:00
SebastianKrupinski
49d8e29a18 fix: do not ignore move command object target uri 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-08-01 09:36:07 -04:00
John Molakvoæ
2b50d9b2c5
Revert "perf(base): Stop setting up the FS for every basic auth request" 2025-07-11 17:07:44 +02:00
John Molakvoæ
6f0255d82a
Merge pull request #53141 from nextcloud/perf/files/setup-fs-basic-auth-request 2025-07-11 15:25:10 +02:00
Côme Chilliet
956924bdc9
chore: Remove calls to OC_App in bootstrap.php files for tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-07-10 11:40:27 +02:00
provokateurin
689a853dc6
fix(dav): Initialize the FS for the user right after authenticating 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-07-08 11:38:58 +02:00
Daniel Kesselberg
4dee17868f
test(imip): ensure charset is set for the text/calendar attachment 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-07-06 20:06:44 +02:00
Joas Schilling
d67396f1b3
Merge pull request #53418 from nextcloud/fix/timedjob-execution-time 
Fix TimedJob execution time to allow job execution exactly when scheduled
 2025-07-03 14:16:56 +02:00
Robin Appelman
aa15f9d16d
chore: run rector 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2025-07-01 22:45:52 +02:00
Ferdinand Thiessen
5981b7eb51
chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +02:00
Salvatore Martire
289b7ab684 test: check that UserStatusAutomation is cleaned up 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-07-01 15:15:53 +02:00
John Molakvoæ
bd00b75b29
Merge pull request #53671 from nextcloud/fix/read-only-share-download 2025-07-01 15:11:06 +02:00
Julius Knorr
82e299401e perf(dav): Preload dav search with tags/favorites 
Signed-off-by: Julius Knorr <jus@bitgrid.net>
 2025-06-27 20:42:07 +02:00
Salvatore Martire
8167b07118 feat(files): automatically create directories on upload 
Signed-off-by: Salvatore Martire <4652631+salmart-dev@users.noreply.github.com>
 2025-06-26 15:08:11 +02:00
skjnldsv
9806a9830c feat(files_sharing): allow viewing files with download disabled 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-26 11:47:53 +02:00
Richard Steinmetz
960b3ec0eb refactor(dav): move shared logic to a dedicated example contact service 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-19 23:46:00 +02:00
Richard Steinmetz
4a6909ffef
feat: create example event when a user logs in for the first time 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-16 11:49:20 +02:00
Daniel Kesselberg
1ac85a3298 fix: use correct format for getlastmodified webdav property 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-06-10 13:15:31 +02:00
skjnldsv
e41e8de0e2 fix(dav): file drop nickname 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-06-05 09:09:17 +02:00
Richard Steinmetz
696d76f976 fix(caldav): use direct.edit route in event activities 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-06-01 14:05:36 +02:00
Ferdinand Thiessen
9f8f7759a9
test(dav): adjust test cases for PHPUnit 10 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-28 09:30:21 +02:00
Joas Schilling
76e6ab1dff
test: Migrate remaining DAV tests to PHPUnit 10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-28 09:25:47 +02:00
Joas Schilling
96a1dd322b
test: Migrate DAV Systemtags tests to PHPUnit 10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-27 18:27:25 +02:00
Joas Schilling
6cccdf98f4
test: Migrate CardDAV tests to PHPUnit10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-25 22:22:57 +02:00
Joas Schilling
154d390c02
test: Migrate CalDAV tests to PHPUnit10 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-25 14:11:17 +02:00
Louis
a48bc55e2a
Merge pull request #52810 from nextcloud/artonge/feat/do_not_require_samesite_strict_cookie_on_public.php 2025-05-22 10:30:16 +02:00
Louis Chemineau
009d0c550c
fix: Move CSRF check from base to PublicAuth for public.php 
This currently prevent directly accessing a ressource when clicking on a link on a third party site. Example, clicking on `https://example.com/public.php/dav/files/pqLWcA269zfzXez/?accept=zip` in a GitHub comment.

Skipping the check is an issue with password protected shares, as it allows third party sites to request the ressource when the user already entered the password, aka CSRF.  So after removing the check from `base.php`, we need to add the it again in the `PublicAuth` plugin.

We also add a redirect to be helpful to the user.

**Warning**: this adds the limitation that clicking on a direct download link for password protected shares will redirect you to the password form, and then to the main share view.

Fix #52482

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-05-21 16:01:36 +02:00
Richard Steinmetz
9a74d9a1a5
fix(caldav): don't send invitations to circles 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-05-21 13:28:57 +02:00
Ferdinand Thiessen
e693a5d4a5
fix(dav): correctly handle uploading folders with same name as a file 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-16 14:38:41 +02:00
provokateurin
78a175fc74
refactor: Apply rector refactorings 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-14 15:29:02 +02:00
Daniel Kesselberg
c05d3fdb2e
fix(caldav): prevent unshare entry creation for owner unsharing 
- Introduces a `unshare` method in `CalDavBackend` to handle user unshares.
- Implements check to determine if unshare entry is needed based on group/circle membership.
- Ensures `updateShares` is only used when the calendar owner manages shares.
- Resolves issue where unsharing a calendar as owner created an unshare entry in `oc_dav_shares`.

Related PRs:
- https://github.com/nextcloud/server/pull/43117
- https://github.com/nextcloud/server/pull/47737

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-05-14 09:03:32 +02:00
John Molakvoæ (skjnldsv)
4495794a0b
feat(dav): allow uploading folders to public shares 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2025-05-13 16:03:20 +02:00
Daniel
1c2b4f2a41
Merge pull request #52586 from nextcloud/bugfix/noid/remove-sleep-from-throttler 
fix(throttler): Always use the sleepDelayOrThrowOnMax instead of deprecated sleepDelay
 2025-05-06 19:22:53 +02:00
John Molakvoæ
24c6a1ff0b
Merge pull request #52182 from nextcloud/feat/dav/public-share-chunked-upload 2025-05-06 14:25:28 +02:00
SebastianKrupinski
a2d4f8d3f1
feat: Calendar Export 
Signed-off-by: SebastianKrupinski <krupinskis05@gmail.com>
 2025-05-06 11:09:33 +02:00
provokateurin
46f5b07322
feat(dav): Enable chunked upload for public shares 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-05 13:23:11 +02:00
provokateurin
7f0953d520
refactor(dav): Replace baseuri manipulation with RootCollection for public shares 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-05-05 13:23:11 +02:00
Richard Steinmetz
d0fcb7e638
fix(dav): move orphan cleaning logic to a chunked background job 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-05-05 12:13:09 +02:00
Joas Schilling
7964f338dc
fix(throttler): Remove the sleep from the throttler that throws 
The sleep is not adding benefit when it's being aborted with 429
in other cases anyway.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-05-02 11:27:29 +02:00
skjnldsv
58aaddeca5 fix(dav): check the owner displayName scope before giving attribute 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-04-30 08:37:08 +02:00
Hamza Mahjoubi
58ffd9d06e fix: check if config is enabled before creating a default contact 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2025-04-28 11:46:32 +02:00
Louis
b2a187d296
Merge pull request #51729 from nextcloud/artonge/support_oc_checksum_in_bulk_upload 
feat: Support OC-Checksum in bulk upload
 2025-04-15 09:49:38 +02:00
Louis Chemineau
3bb2a92962
feat: Support OC-Checksum in bulk upload 
To align with the rest of Nextcloud.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-04-01 14:35:21 +02:00
Richard Steinmetz
246da73a36
fix(oauth2): retain support for legacy ownCloud clients 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-04-01 11:25:52 +02:00
Hamza Mahjoubi
099d9fb9be feat: add example contact on first login 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2025-03-26 10:57:39 +01:00
skjnldsv
6fc453540b fix(dav): filter user files when updating tags 
Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
 2025-03-25 12:30:03 +01:00
Hamza Mahjoubi
c9d9abd46e fix(cardav): only show useres from enabled addressBooks in contacts menu 
Signed-off-by: Hamza Mahjoubi <hamzamahjoubi221@gmail.com>
 2025-03-17 11:56:34 +01:00
Daniel Kesselberg
db86cf8db1 fix: skip caching lastSeenQuotaUsage for remote shares 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2025-03-14 10:24:34 +01:00