nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Robin Appelman	434835b326	also set user in UserSession when doing OC_User::setUserId	11 years ago
Lukas Reschke	025110821f	URLEncode logout attribute Otherwise logout can fail if the requesttoken contains a +	11 years ago
Lukas Reschke	476579b9c6	Fix WebDAV auth for session authentication only \Sabre\DAV\Auth\Backend\AbstractBasic::authenticate was only calling \OC_Connector_Sabre_Auth::validateUserPass when the response of \Sabre\HTTP\BasicAuth::getUserPass was not null. However, there is a case where the value can be null and the user could be authenticated anyways: The authentication via ownCloud web-interface and then accessing WebDAV resources. This was not possible anymore with this patch because it never reached the code path in this scenario. This patchs allows authenticating with a session without isDavAuthenticated value stored (this is for ugly WebDAV clients that send the cookie in any case) and thus the functionality should work again. To test this go to the admin settings and test if the WebDAV check works fine. Furthermore all the usual stuff (WebDAV / Shibboleth / etc...) needs testing as well.	11 years ago
Lukas Reschke	e3230b5bc2	Add ultra-slim hack for incognito mode As discussed at https://github.com/owncloud/core/pull/12912#issuecomment-67391155	11 years ago
Lukas Reschke	b91a435ed4	Move basic auth login out of `isLoggedIn` Potentially fixes https://github.com/owncloud/core/issues/12915 and opens the door for potential other bugs... Please test very carefully, this includes: - Testing from OCS via cURL (as in #12915) - Testing from OCS via browser (Open the "Von Dir geteilt" shares overview) - WebDAV - CalDAV - CardDAV	11 years ago
Lukas Reschke	f6820406b6	Move the Null-Byte LDAP check to the user manager The existing method is deprecated and just a wrapper around the manager method. Since in the future other code paths might call this function instead we need to perform that check here. Related to http://owncloud.org/security/advisory/?id=oc-sa-2014-020	11 years ago
Lukas Reschke	5dc6406b70	Add filter for 'backend' to user REST route This adds a "backend" type filter to the index REST route which is a pre-requisite for https://github.com/owncloud/core/issues/12620 For example when calling `index.php/settings/users/users?offset=0&limit=10&gid=&pattern=&backend=OC_User_Database` only users within the backend `OC_User_Database` would be shown. (requires sending a CSRF token as well) Depends upon https://github.com/owncloud/core/pull/12711	11 years ago
Lukas Reschke	fe7d9a7ca0	Add REST route for user & group management First step of a somewhat testable user management. - I know, the JSON returns are in an ugly format but the JS expects it that way. So let's keep it that way until we have time to fix the JS in the future.	11 years ago
Craig Morrissey	541344d880	logging changes	11 years ago
Robin Appelman	1eefc21329	Remove confusingly names \OC\User\Manager::delete and fix the automatic cache cleanup instead	11 years ago
Arthur Schiwon	993376fb6f	better variable name	11 years ago
Arthur Schiwon	e0342db47c	set up FS by username, not login name\!	11 years ago
Lukas Reschke	d0d3b7457b	Move BasicAuth check to "isLoggedIn()" Ensures that Basic Auth works properly for APIs and removes the need for some even uglier lines of code.	11 years ago
Lukas Reschke	63a90a129b	Use proper RNG generator OC_Util::generateRandomBytes() only returns lowercase alphanumeric values. We should use the new RNG which has a broader characterset.	12 years ago
Robin Appelman	a9a37b5363	Don't automatically setup the filesystem the moment we load OC\Files\FileSystem	12 years ago
Jörn Friedrich Dreyer	f551917a3c	kill OC::$session maintain deprecated \OC::$session when getting or setting the session via the server container or UserSession restore order os OC::$session and OC::$CLI remove unneded initialization of dummy session write back session when $useCustomSession is true log warning when deprecated app is used	12 years ago
Jörn Friedrich Dreyer	fd798fd982	update deprecation docs	12 years ago
Joas Schilling	4865c52aa6	Fix isLoggedIn() check for user '0' Fix #9972	12 years ago
Arthur Schiwon	2c89962919	clean up tryRememberLogin and save the timestamp of users last login	12 years ago
Morris Jobke	dc36d30953	Remove all occurences of @brief and @returns from PHPDoc * test case added to avoid adding them later	12 years ago
Robin McCorkell	3bed3d2a23	Change parameter type for useBackend	12 years ago
Robin McCorkell	a7ae2e874a	Squash 'a \| b' into 'a\|b', in /lib	12 years ago
Robin McCorkell	b5bc37d2e4	Fix @return array PHPDocs, in /lib	12 years ago
Robin McCorkell	b653ad164b	Replace @returns with @return , in /lib	12 years ago
Lukas Reschke	73b914ddbc	Add CSRF check on login and logout This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.	12 years ago
Lukas Reschke	e88731a477	Some more PHPDoc fixes	12 years ago
Lukas Reschke	69325c5eeb	Move session_regenerate_id to `login()`	12 years ago
Scrutinizer Auto-Fixer	adaee6a5a1	Scrutinizer Auto-Fixes This patch was automatically generated as part of the following inspection: https://scrutinizer-ci.com/g/owncloud/core/inspections/cdfecc4e-a37e-4233-8025-f0d7252a8720 Enabled analysis tools: - PHP Analyzer - JSHint - PHP Copy/Paste Detector - PHP PDepend	12 years ago
Jörn Friedrich Dreyer	2a6a9a8cef	polish documentation based on scrutinizer patches	12 years ago
Thomas Müller	79fc4f3126	Within OC:init() the minimum set of apps is loaded - which is filesystem, authentication and logging	12 years ago
Robin Appelman	8d6a3a00b4	Revert "Use Cache->clear to cleanup the filecache for removed users" This reverts commit `5a5b6f187e`.	12 years ago
Robin Appelman	5a5b6f187e	Use Cache->clear to cleanup the filecache for removed users	12 years ago
Robin Appelman	374e3475c9	Also remove the user's home storage from the storage table when deleting a user	12 years ago
Thomas Müller	22bd69f75c	set login name within apache auth backend	12 years ago
nhirokinet	c2e2c59ca7	Update user.php to fix duplicate session-duplicate	12 years ago
Bjoern Schiessle	6deda1b9f6	return false if user is in incognito mode	12 years ago
Bjoern Schiessle	7e4f50d4e3	add incognito mode, allows to hide my user ID. For example, this is useful to access public resources while a user is still logged in	12 years ago
Arthur Schiwon	8ccac86c98	Enable user backends to provide avatar images	12 years ago
Bjoern Schiessle	f021dad204	remove user from cache if he was deleted successfully	12 years ago
Bjoern Schiessle	db0fa6c529	use getHome() to delete users data	12 years ago
Andreas Fischer	06f9b7b862	Fix logout link HTML. <a id="logout" href=/projects/owncloud/core/index.php?logout=true>	12 years ago
Victor Dubiniuk	77f43c357c	User::delete should return bool	12 years ago
Andreas Fischer	47ed6a5135	Move backend finding into its own method.	12 years ago
Thomas Müller	131d82e41e	move call to print_unescaped() to template	12 years ago
Andreas Fischer	aa34438d06	Also replace ApacheBackend with Authentication\IApacheBackend in user.	12 years ago
Thomas Müller	621ab1c7ee	fixing various PHPDoc comments	12 years ago
Thomas Müller	4cecede13d	code cleanup - remove special case for webdav in handleApacheAuth()	12 years ago
Thomas Müller	9c9dc276b7	move the private namespace OC into lib/private - OCP will stay in lib/public Conflicts: lib/private/vcategories.php	12 years ago
Thomas Müller	e515509a81	prelogin apps have to be loaded within setupBackend() otherwise required classes cannot be loaded	12 years ago
Arthur Schiwon	1c976a7c9b	manager checkPassword now returns User object, adjust internal user class accordingly.	12 years ago

1 2

58 Commits (434835b326bddcd2e53a9ee46734e4f358a9d1f1)