extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-02-04 04:19:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
41,581 Commits 32 Branches 358 Tags 243 MiB
b75f850197
Commit Graph

74 Commits

Author SHA1 Message Date
ralf
83a2729cf0 another big chunk of PHP Warnings 2024-02-08 12:30:39 +02:00
ralf
d3c4e868c4 fixing some PHP deprecated filling the install log 2023-10-05 10:01:20 +02:00
ralf
da49ce2924 if authenticated via token we have to use the admin connection, but only for the user authenticated as 2023-08-03 10:22:45 +02:00
ralf
9359e3eee5 WIP REST API: using tokens to authenticate as user or impersonate a user without the password and optional limited application rights 2023-06-30 20:45:45 +02:00
ralf
dfef4ce0c5 WIP REST API for mail 
currently we can launch (interactive) compose windows, if user is online
ToDo:
- send mails for a user
- authentication as arbitrary user with an API token
 2023-06-29 12:50:04 +02:00
ralf
608963aa9b fix lots of warnings filling zpush logs 2023-06-09 18:28:57 +02:00
ralf
4b342db97e fix some warnings / notices in session creation 2023-02-03 09:57:37 +01:00
ralf
55054024b6 fix PHP Deprecated errors visible in egroupware-docker-install.log 2023-01-26 10:42:33 +01:00
ralf
ce5e30dc4c remove all private IP addresses from X-Forwarded-For header, not just 10.0.0.0/8 2022-10-27 14:54:59 +02:00
ralf
49ac54b365 Revert "json requests now close the PHP session immediately again and reopen it, if there was an update to the session" as it breaks Collabora editing 
This reverts commit fe4d0dbbe3.
 2022-09-27 19:02:20 +02:00
ralf
fe4d0dbbe3 json requests now close the PHP session immediately again and reopen it, if there was an update to the session 
this allows to run more PHP requests in parallel
 2022-09-24 15:50:44 +02:00
Ralf Becker
b1af39be37 fix big chunk of PHP 8.0 warnings 2021-10-21 10:39:57 +02:00
Ralf Becker
91bd7c7aeb an other chunk of fixed PHP 8.0 Warnings 2021-10-07 10:14:43 +02:00
Ralf Becker
ddddc5ba05 next big chunk of fixed PHP 8.0 Warnings 2021-10-05 14:11:11 +02:00
Ralf Becker
1747a2236a fixing a ton of PHP Warnings slowing us down in PHP 8.0 2021-10-04 18:50:51 +02:00
Ralf Becker
621d69f921 missing files from filemanager mount GUI 2021-09-13 17:41:21 +02:00
Ralf Becker
b3f1738f05 fix typo causing number of failed attempts on IP whitelist not to be used 2021-05-11 11:20:25 +02:00
Ralf Becker
8df0ba3d70 fixes required for EPL firewall 2021-04-20 15:51:36 +02:00
Ralf Becker
fed41622c2 fixing all sorts of PHP 8 errors and PHPStorm errors 2021-03-31 17:50:01 +02:00
Ralf Becker
4886583cc1 change sharing to allow mounting shared into existing user sessions 
without the need to destroy the session, if the sharee is a different user

This is accomplished by keeping the sharee in the stream context / attribute of the vfs class(es) instead of static Vfs::$user.
Later is still used for the current user - identical to egw_info[user][account_id].

This commit / merge of the vfs-context feature branch also added the abilty to mount WebDAV sources, eg. a sharing link from an other EGroupware instance
or any WebDAV server
 2020-10-08 11:24:34 +02:00
Ralf Becker
ca73a54d89 * Security: allow to configure SameSite cookie attribute 2020-07-27 14:03:48 +02:00
Ralf Becker
4c131c1866 SAML/Shibboleth with multiple IdP or optional on regular login page 2020-06-10 15:19:24 +02:00
Ralf Becker
1ac0ff826e missed commit from SimpleSAMLphp 2020-04-20 12:55:19 +02:00
nathangray
1fcd502d57 Api: Fix sharing lost session ID causing logout 2020-03-05 14:08:57 -07:00
nathangray
0df0777484 Revert "Api: Fix sharing lost session ID causing logout" 
This reverts commit 07561bf01d.
 2020-03-05 14:07:24 -07:00
nathangray
07561bf01d Api: Fix sharing lost session ID causing logout 2020-03-05 13:58:09 -07:00
Ralf Becker
7283d33a93 fold Apache error.log and ignored PHP syntax errors, plus remove some warnings 2020-03-05 11:53:26 +01:00
Ralf Becker
5154bc2f70 fix warnings, if headers are already sent, eg. in phpUnit/Travis 2020-03-05 10:23:29 +01:00
Ralf Becker
df263c22a3 some fixes for warnings during phpUnit about session+translation 2020-03-04 20:28:30 +01:00
Ralf Becker
44d9fcc790 Revert "* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar" 
This reverts commit 4c6e41d479.
 2020-03-04 19:16:50 +01:00
Ralf Becker
4c6e41d479 * CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar 2020-03-04 16:58:38 +01:00
Ralf Becker
deb482aca3 suppress warning if session already active (trace logs the password) 2020-02-26 13:51:58 +01:00
Ralf Becker
4a14e0d36b ignore exception, as it blocks session creation, if database is not writable 2020-02-19 15:39:29 +01:00
Ralf Becker
1559b017d7 validate IP address in X-Forwarded-For header 2020-01-30 13:21:56 +01:00
Ralf Becker
7b30bb7b0d * Admin: optional session-action column in access-log and sessions 
also no longer update access-log in session-class destructor, as it fails with skipping permanent logging for WebDAV and others
 2019-12-14 13:09:22 +02:00
Ralf Becker
2df0095579 fix typo 2019-12-05 08:57:26 +02:00
Ralf Becker
e305ba1d23 ignore logging of session dla only for max. of 15 min, so session status is displayed correct 2019-12-02 16:27:17 +02:00
Ralf Becker
7cd4169768 * all apps: fixing serveral cases of wrong Url when proxying and terminating TLS on the proxy 2019-11-15 13:54:34 +01:00
Ralf Becker
302800b414 new class Api\Header\Http to handle X-Forwarded-Host and -Schema headers 
also kope now with multiple comma-separated host-names in X-Forwarded-Host header happening with multiple proxys
 2019-11-12 20:13:24 +01:00
Ralf Becker
8f6df975fe also remove /api/thumbnail.php from access-log updates 2019-10-29 13:20:23 +01:00
Ralf Becker
cad1ec2aaf fix regular expression to not update access-log for avatar 2019-10-22 09:58:18 +02:00
Ralf Becker
71d3e3a80c ignore updates (session creation is written) of *dav and avatar, due to possible high volume of updates 2019-09-27 15:59:10 +02:00
Ralf Becker
3967d2a3b6 fix aborted WebAuthn not treated as failure of 2nd factor, if registered 2019-09-06 10:36:21 +02:00
Ralf Becker
681679382c * Api: no longer loggin last-logintime of anonymous user 
to not block website and also to better cope with high rate anon endpoints 
might be called creating a bottleneck in the egw_accounts table.
 2019-08-19 16:51:13 +02:00
Ralf Becker
2776d215e2 * Login: RememberMe token for either automatic login or as 2. factor for 2-Factor-Auth 2019-08-03 18:37:18 +02:00
Ralf Becker
ad3576903a allow to disable or require 2-Factor-Auth 2019-06-07 20:28:49 +02:00
Ralf Becker
eb286c6144 missing changes in Session class for 2FA 2019-06-05 15:29:44 +02:00
Ralf Becker
bf2de7f653 * Admin: white-list IP addresses from blocking or set higher number of attempts 2019-04-26 17:11:54 +02:00
Ralf Becker
983bf15041 remove further private IPs from proxys (incl. space after comma) 2019-04-22 23:44:51 +02:00
Ralf Becker
4622c28bb2 remove further private IPs from proxys 2019-04-22 23:20:41 +02:00