Commit Graph

32314 Commits

Author SHA1 Message Date
Ralf Becker
3689b3d645 * Filemanager/Sharing: deny rename, move, mkdir and rmdir on readonly share 2017-11-02 13:34:10 +01:00
Ralf Becker
3a24416eb9 suppress notice screwing up thumbmails, if notices are on 2017-11-02 13:23:36 +01:00
Ralf Becker
d6ab0dbc12 * All apps: get sharing working with files attached to application entries 2017-11-02 13:23:06 +01:00
Hadi Nategh
3465c40b50 Remove unsafe-eval CSP for CKEditor 2017-11-02 11:02:16 +01:00
Ralf Becker
a32162fa0b allow to not set password for an existing anonymous user, as it will screw up SiteMgr sites and others assuming a fixed anonymous password 2017-11-02 10:33:38 +01:00
Nathan Gray
23dddc2adc
Merge pull request #27 from filkaris/add-default-image
Add discard image to buttons
2017-11-01 16:03:50 +01:00
A Sigalas
df6898a11c Add discard image to buttons 2017-11-01 11:59:11 +00:00
nathangray
1b64ccc996 Admin ACL export
- Suppress 'All customfields' field, it's not applicable
- Add default definition
2017-10-31 11:22:47 -06:00
nathangray
1159f4bb45 Less restrictions on anonymous user, use permissions instead 2017-10-31 10:39:01 -06:00
Ralf Becker
0813403b5b * All apps: get sharing working with files attached to application entries 2017-10-31 10:51:59 +01:00
Ralf Becker
b9594ea357 fix typo 2017-10-31 10:49:12 +01:00
Ralf Becker
b5574da397 remove system call used for PHP < 5.3.1 2017-10-31 09:55:23 +01:00
Ralf Becker
789080c663 * All apps: update CKeditor to 4.7.3 and other dependencies like Horde 2017-10-30 20:33:17 +01:00
nathangray
7e7733e4e9 Restrict anonymous user, fix noEdit class not set on all rows 2017-10-30 11:25:12 -06:00
nathangray
6272adfa16 Make group members & applications fully visible when printing 2017-10-30 10:14:50 -06:00
Ralf Becker
a4526c98cb store CalDAV/CardDAV log in user spezific log directories 2017-10-30 15:00:42 +01:00
Hadi Nategh
324f0b664b Embed attached images of Notification html message as inline image 2017-10-27 19:04:09 +02:00
nathangray
616c11c1fb Fix wrong table name 2017-10-27 17:48:42 +02:00
nathangray
0d14155472 Fix minimum fs_id was not returning proper value 2017-10-27 17:43:40 +02:00
nathangray
90ce0cc7b6 Add a function to get the lowest fs_id for a path 2017-10-27 17:43:40 +02:00
Hadi Nategh
f42801236a Override the globalEval to mitigate potential execution of script tag 2017-10-27 17:42:44 +02:00
Ralf Becker
12dbfca137 check cookies for XSS attempts 2017-10-27 16:52:34 +02:00
Ralf Becker
5d6deed27d add token to deny access 2017-10-27 16:22:56 +02:00
Ralf Becker
10b37454f8 show application title instead of (directory-)name 2017-10-27 16:13:21 +02:00
nathangray
5750904809 Fix setlocale to be able to find locales on Ubuntu 2017-10-27 10:54:39 +02:00
Ralf Becker
92584a61ad * Update: fix not finishing update for more then 100 photos in addressbook
caused by contact_jpegphoto was not set to NULL, as column no longer exists in tables_current
2017-10-26 21:27:16 +02:00
Ralf Becker
5b573abef7 do not allow path traversal and htmlencode displayed path 2017-10-26 13:16:52 +02:00
Hadi Nategh
f5af05ffd2 Fix delete all notifications action does not reset the counter 2017-10-26 10:26:10 +02:00
nathangray
fdb47ab168 Merge calendar events into user account if there is one over user contact 2017-10-26 09:16:02 +02:00
nathangray
66738e21c3 Give demo user an email 2017-10-26 09:07:49 +02:00
Ralf Becker
77b42dd9a4 always send X-Content-Type-Options: nosniff
It does not harm and stops unpredictable results from browsers changing our content-types
(FF 50+ now also supports nosniff)
2017-10-25 17:35:30 +02:00
Ralf Becker
d11fe532d8 Changelog for 17.1.20171023 2017-10-23 17:27:18 +00:00
Hadi Nategh
aed114e3c9 Fix couple of styling problems in traditional theme:
- Fix link_to widget style
- Fix Notification popup
2017-10-23 18:10:55 +02:00
nathangray
b2f2acc38c Remove debug 2017-10-23 17:56:43 +02:00
nathangray
1d98f0b2ab Try to figure out what goes wrong on Travis 2017-10-23 17:31:09 +02:00
nathangray
9e48fe5ac2 Turn on some more debugging to try to figure out what goes wrong on Travis 2017-10-23 17:02:33 +02:00
nathangray
7ee539ab3a Turn on some more debugging to try to figure out what goes wrong on Travis 2017-10-23 16:11:41 +02:00
nathangray
23d44785a9 Turn on some debugging to try to figure out what goes wrong on Travis 2017-10-23 15:40:58 +02:00
Hadi Nategh
ed50b91ca4 Fix reply flag does not get refreshed after mail reply action 2017-10-23 15:36:22 +02:00
nathangray
b155c616b8 Turn on some debugging to try to figure out what goes wrong on Travis 2017-10-23 15:27:23 +02:00
Hadi Nategh
fdb3202b6b Add new config to the admin site configuration in order to be able to upload a custom header logo 2017-10-23 13:23:52 +02:00
nathangray
1fe95ec07e Move all tests under api/src into api/tests 2017-10-23 13:09:25 +02:00
nathangray
b381a9aa0c Timestamp widget fixes:
- Remove new line before timestamp
- Fix focus not going to where it should
2017-10-23 12:10:45 +02:00
Hadi Nategh
c88e3b8a69 Disable new button and new action in filemanager when there's no writable right 2017-10-23 12:08:33 +02:00
nathangray
b8f8a014fa Move all tests under api/src into api/tests 2017-10-23 10:14:14 +02:00
nathangray
3c096b3466 An example from Sebastian Bergmann of how we can inject dependancies 2017-10-23 09:52:39 +02:00
nathangray
24de1dff3b Move PHPUnit tests from test to tests subdirectory 2017-10-23 09:51:28 +02:00
Ralf Becker
65b02c0246 bump verison to 17.1 2017-10-22 12:56:58 +02:00
Ralf Becker
aed58a38cd fix offset causing openSUSE and SLE builds to fail 2017-10-21 16:46:51 +02:00
Ralf Becker
837fe39a0c fix preg_replace(): No ending delimiter '/' found on line 904 2017-10-21 14:35:05 +02:00