nathangray
316adfab5e
Fix some bugs in hidden uploads
...
- Creating the share couldn't handle sqlfs://user@path style paths
- UI namespace issues
2020-10-21 09:13:37 -06:00
nathangray
5bf4d4866f
WIP on sharing prompt to ask about mounting new share
2020-10-20 16:47:26 -06:00
Ralf Becker
7c9e1c98ec
fix umount to deal with user-specific mounts too
2020-10-20 20:16:57 +02:00
Ralf Becker
9eae0333ad
allow for user specific mounts
2020-10-20 20:13:36 +02:00
Ralf Becker
496c168db4
* Api: setting configured server-timezone for the databases connection, to fix cases were they do not match
2020-10-19 17:25:07 +02:00
Ralf Becker
3292e478b6
creating a new dir from filemanager-select dialog always gave an error
2020-10-19 13:00:05 +02:00
Hadi Nategh
72769e7a43
* HTML Editor: fix bug in editing uploaded image
2020-10-19 11:14:52 +02:00
Ralf Becker
37be9f40d0
WIP contact sharing: context menu to share and filter for shared contacts
2020-10-16 21:34:42 +02:00
Ralf Becker
884ae7fe94
fix error creating new accounts
2020-10-16 13:32:17 +02:00
Ralf Becker
ff91be903a
sharing ACL: need explicit new ACL or edit rights, to share into an addressbook
2020-10-15 13:03:14 +02:00
Ralf Becker
6b57ddac00
only save sharing information if its given, eg. not the case for CardDAV
2020-10-15 13:02:32 +02:00
Ralf Becker
9567a1fed3
fix contacts shared with a user are not visible in his personal AB, but when all addressbooks selected
2020-10-15 11:35:53 +02:00
nathangray
ea41ab8e77
Api: Add charset parameter to tidy->repairString() to avoid mangling some non-ascii characters when merging into document
2020-10-14 14:53:37 -06:00
Ralf Becker
175d94f3e3
* Api: detect if framework data is missing for popups too and redirect to cd=popup to load it
2020-10-14 17:31:36 +02:00
Hadi Nategh
43600426c7
* Api: Add table button into html editor's toolbar
2020-10-14 11:05:51 +02:00
nathangray
05ee7eba37
Avoid some 'array_key_exists() expects parameter 2 to be array' warnings by checking first
2020-10-13 15:20:33 -06:00
Ralf Becker
1f7ce98c50
WIP contact sharing
2020-10-13 16:54:35 +02:00
Ralf Becker
4886583cc1
change sharing to allow mounting shared into existing user sessions
...
without the need to destroy the session, if the sharee is a different user
This is accomplished by keeping the sharee in the stream context / attribute of the vfs class(es) instead of static Vfs::$user.
Later is still used for the current user - identical to egw_info[user][account_id].
This commit / merge of the vfs-context feature branch also added the abilty to mount WebDAV sources, eg. a sharing link from an other EGroupware instance
or any WebDAV server
2020-10-08 11:24:34 +02:00
Ralf Becker
3ca5c80534
some ideas/todos
2020-10-07 11:45:13 +02:00
Ralf Becker
b960a24c32
implement UDM_REST_INSECURE environment variable to UCS appliance with no valid cert yet
2020-10-07 10:22:27 +02:00
nathangray
151889b39c
Api: Move list of common merge placeholders into parent class to reduce duplication, add link/<format> options
2020-10-06 10:56:08 -06:00
Ralf Becker
77b1c0ac33
* Admin: fix session list did NOT show interactive sessions, if push is used
2020-10-06 11:59:19 +02:00
Ralf Becker
094a60d7f7
doc fix
2020-10-06 11:52:29 +02:00
nathangray
81cdf759a3
Api: Fix links got escaped when put into mail templates
2020-10-05 14:14:54 -06:00
nathangray
baebf56fb2
Merge: Fix {{link}} placeholder was incorrectly wrapped in HREF tag. Use {{link/href}} for that now.
2020-10-02 12:37:37 -06:00
Ralf Becker
7db25dce5e
* Admin: push server test to diagnose problems and improved recovery from failed requests / network problems
2020-10-02 20:28:02 +02:00
Ralf Becker
55b615af5f
config got "lost" after deleting the cache, caused by it being automatic unserialized
2020-10-02 08:38:51 +02:00
Hadi Nategh
7f4535cf1d
WIP multitabs and CRM view
2020-09-30 13:19:36 +02:00
Ralf Becker
7fa1e7cd80
* ActiveDirectory: fix unwilling to perform error when saving an account
2020-09-27 10:02:22 +02:00
Hadi Nategh
acbd23a60a
* Mail: Add custom html toolbar settings in mail site-configuration in order to be able to add/remove certain actions only for mail-compose dialog.
2020-09-25 14:17:29 +02:00
Hadi Nategh
4bf65486ef
WIP of framework's multitab implementation
2020-09-23 16:55:35 +02:00
nathangray
b5ef5126c6
- Send push messages for account delete
...
- Send actual push type for contact changes
- Handle push deletes for admin
2020-09-22 13:53:08 -06:00
Ralf Becker
8df5371ffa
fix wrong OID for mail attribute
2020-09-22 19:21:14 +02:00
nathangray
94a57d6902
Api: Some tests for filesystem
2020-09-16 11:48:40 -06:00
Ralf Becker
da27403b1b
* eSyncPro: fix SQL error in device list
2020-09-16 16:45:01 +02:00
Alexandros Sigalas
55c9487517
Fixed: Declaration of EGroupware\Api\Mail\Smime::extractSignedContents($data) should be compatible with Horde_Crypt_Smime::extractSignedContents($data, $sslpath = NULL)
2020-09-15 08:36:17 +02:00
Ralf Becker
612a991c85
fix illegal string offset
2020-09-15 08:30:45 +02:00
nathangray
372eadcff3
Api: Fix fstab overlap when accessing a share while logged in
2020-09-10 11:11:39 -06:00
Ralf Becker
3ee7574294
* Authentication: allow using multiple backends, even same backend multiple times with different configuration
2020-09-10 17:12:53 +02:00
Ralf Becker
ca9526988f
missing file from #9f9cce8 fix account-selection type groupmembers
2020-09-10 11:26:14 +02:00
Ralf Becker
9f9cce88b2
* ActiveDirectory: fix account-selection type groupmembers (applies only to non-admins!) and ignore Domain Users group
...
not setting caseIgnoreMatch for sorting, as its not supported for Windows ActiveDirectory
2020-09-08 15:29:51 +02:00
Ralf Becker
5afe7ddbca
* ActiveDirectory: support huge directories by using server-side sorted and limited queries and no caching in session
2020-09-05 13:11:26 +02:00
Ralf Becker
7614e3e851
* ActiveDirectory: users not found when search starting with A-F and fixed attribute-names: company, department, ...
2020-09-03 15:47:07 +02:00
Ralf Becker
c3000beb5f
* ActiveDirectory: implement addtional user or group filter
2020-09-02 14:14:11 +02:00
Ralf Becker
eb812dad01
* PostgreSQL: fix SQL error opening ProjectManager
...
caused by exploding SQL expression by comma --> keep colums as array, to not have the need to explode it
2020-09-01 10:24:46 +02:00
Ralf Becker
4f2ad476a6
* Calendar/CalDAV: config to replace email-domain eg. for a migration
2020-08-14 18:03:44 +02:00
Hadi Nategh
50a34d9c42
Make sure path is not empty before using it, fixes error "an error happened! File '' is not an absolute path!"
2020-08-14 11:06:06 +02:00
Ralf Becker
a9dc772e14
* Mail: fix not shown folder tree for some Cyrus servers
...
since 20.1 uses Horde_Imap_Client::MBOX_ALL_SUBSCRIBED to query subscribed and unsubscribed folders in one command
2020-08-13 18:51:24 +02:00
Ralf Becker
a14a21fa49
* Tracker/Notifications: send mail after response to user and push errors
2020-08-01 15:10:07 +02:00
Ralf Becker
3972abdf52
* Notifications: taking push server into account for checking user is online for popup or email notifications
2020-07-31 17:50:01 +02:00
Ralf Becker
0e3143d45d
fix SQL error in ranking caused by automatic added ambigous column which app code had already aliased "$table.$col AS $col"
2020-07-31 13:39:05 +02:00
Ralf Becker
33e88d25ae
* Preferences: use push to ask every affected client to reload preferences, if affected
2020-07-31 09:47:49 +02:00
nathangray
5b5bb12d02
Calendar exception no longer needed
2020-07-27 10:14:00 -06:00
Ralf Becker
2a500333ed
explicit call Egw::__destruct() to fix calendar notifications not send, if dialog is Saved not Applied
2020-07-27 16:08:00 +02:00
Ralf Becker
ca73a54d89
* Security: allow to configure SameSite cookie attribute
2020-07-27 14:03:48 +02:00
Ralf Becker
074b884133
calendar non-list views need refresh calls, even using push
2020-07-27 09:45:37 +02:00
Ralf Becker
6007fb5363
fix broken token/syntax, if no metadata yet
2020-07-24 16:55:58 +02:00
Ralf Becker
8bb9111cd5
fix double message in popup and none in main window
2020-07-24 09:23:44 +02:00
Ralf Becker
b60a9ffff4
add check if only fallback push and skip full refresh (Framework::refresh_opener) for push and supporting apps
2020-07-24 09:07:13 +02:00
Ralf Becker
efaf9771d0
do NOT push participants of type email for privacy reasons
2020-07-23 19:06:08 +02:00
Ralf Becker
0f799acd75
fix multiple accounts could not subscribe for push on the same mailbox
2020-07-23 16:56:45 +02:00
Ralf Becker
cf06054fd7
move configuration of imap servers supporting push to mail site config and stadard imap server
2020-07-23 14:17:32 +02:00
Ralf Becker
25f942c431
fix accidently commited host-name
2020-07-22 18:21:07 +02:00
Ralf Becker
0f8a2668fb
fix token was only updated on account-change, not new login or daily token rotation, also support now multiple tokens/instances registring tokens for same account
2020-07-22 17:01:19 +02:00
nathangray
32b061919f
Etemplate: Change default for password widget suggest to off
...
Customfields still default to on
2020-07-21 15:36:45 -06:00
Ralf Becker
bf44ee753a
WIP push for mail (currently only Dovecot with further configuration!)
2020-07-20 12:09:08 +02:00
nathangray
bd7b916811
Api: log on_shutdown() messages to its own log file
2020-07-16 14:54:02 -06:00
Ralf Becker
502d423885
fix PHP Warning: substr() expects parameter 1 to be string, array given
2020-07-10 11:08:38 +02:00
Ralf Becker
7428e2d7cd
do not add path of url to CSP
2020-07-07 13:18:28 +02:00
nathangray
4c7709d49f
Etemplate: Get vfsUpload values to use expose so they work like links
2020-07-03 14:23:41 -06:00
nathangray
ee498f703d
Etemplate: Fix password widget could not be cleared entirely
2020-07-03 09:25:51 -06:00
Hadi Nategh
6ba8210d83
Avoid requesting external images with mixed content
2020-06-30 15:54:21 +02:00
Ralf Becker
27ad7772de
add AGPL license for smallpart
2020-06-28 11:35:44 +02:00
Ralf Becker
4959281164
fix optional SAML/Shibboleth login fails when proxying as form field with name "auth=saml" get lost
2020-06-24 08:56:13 +02:00
nathangray
f0e074093c
Ralf's fix for Saml for PHP 7.2
2020-06-23 10:21:07 -06:00
Ralf Becker
08b039c4fb
fix some SAML/Shibboleth problems caused by EGroupware running in container behind proxy on host
2020-06-21 08:17:00 +02:00
Hadi Nategh
b95e9be02a
Cleanup widget browser
2020-06-18 14:58:24 +02:00
Ralf Becker
7e81b733e1
fix typo in directory permissions
2020-06-18 10:48:56 +02:00
nathangray
b56a8f9901
Default password customfield plaintext attribute to false
2020-06-16 09:23:54 -06:00
Ralf Becker
2c489ef5b8
change default for password attribute plaintext back to true, to not break every existing usage of that widget
2020-06-16 08:37:51 +02:00
nathangray
d7d5837ecf
Nicer password widget on account edit dialog
...
- Added plain-text attribute to avoid encrypting password
- Suggest password now fills both fields the same
2020-06-15 16:08:24 -06:00
Ralf Becker
e996b2c0cf
reverting 2 changes around sessions which break our installation
...
checking for the not existing (new) database runs into an invinit recursion
the checks not to use $_SESSION, if no session is active was added in an attempt to get SimpleSAMLphp discovery working, but seems unneccessary for what we currently use
2020-06-15 10:11:31 +02:00
nathangray
aab5415873
* Etemplate: Password widget improvements - suggest password button, added as custom field type (stored encrypted)
2020-06-12 10:56:53 -06:00
Ralf Becker
b7ed148371
* SAML: support joining a SAML account to an existing one, if configured in setup
...
notification of user does not yet work, as redirect on login page looses Api\Framework::message() :(
2020-06-11 16:03:54 +02:00
nathangray
a993938134
Etemplate: Fix VFS & file widgets were not properly handling files
2020-06-10 10:20:30 -06:00
Ralf Becker
19f52cd1de
fix regular login, if optional SAML one is enabled for multiple IdP
2020-06-10 16:17:20 +02:00
Ralf Becker
4c131c1866
SAML/Shibboleth with multiple IdP or optional on regular login page
2020-06-10 15:19:24 +02:00
Ralf Becker
a0760f6b96
* Mail: fix creating a folder on level of inbox gave an error (if imap server supports it)
2020-06-08 11:59:49 +02:00
Ralf Becker
1ea45e6591
Mime-Type check can only work for the first chunk, further ones will always fail
2020-06-02 13:46:46 +02:00
Ralf Becker
4d2d14dd99
make running / generating SAML/Shibboleth config depending on an IPD configured
2020-05-29 10:25:31 +02:00
Ralf Becker
b1f79d1c40
* SAML/Shibboleth/SimpleSAMLphp authentication configurable through setup
2020-05-28 23:24:09 +02:00
Hadi Nategh
8d022c5908
do not try to push notifications for api.queue requests
2020-05-22 10:16:59 +02:00
Ralf Becker
7226f0f753
allow to set a css class on body tag for (different) styling of an embeded window
2020-05-19 09:43:53 +02:00
Ralf Becker
d04e6ebdec
do NOT check eT2 popups for missing framework
2020-05-19 09:02:47 +02:00
Ralf Becker
9b17fa7871
fix typo
2020-05-18 20:56:50 +02:00
Ralf Becker
46a3818e92
* ActiveDirectory: consider security local groups as groups too
2020-05-13 13:16:08 +02:00
Ralf Becker
319ae2637c
an other case of not automatic fixed ambigious auto-id
2020-05-08 12:35:09 +02:00
Ralf Becker
c50fd8e6bf
* API: new data-minimizing account display options "Firstname Inital" and "Firstname [ID]"
2020-05-04 09:25:32 +02:00
Ralf Becker
474d63a79b
support hashes generated by password_hash($pwd, PASSWORD_BCRYPT)
2020-05-04 09:01:11 +02:00
Ralf Becker
cdf5d939e9
docu update
2020-05-04 08:56:32 +02:00
Ralf Becker
b4db228c96
fix typo
2020-04-30 17:33:37 +02:00
Ralf Becker
7bf6b33ab2
move adding CSP frame-src of OpenIDConnect clients managed as apps to OpenID app
2020-04-30 17:32:30 +02:00
Ralf Becker
9a548dca68
fix csp-*-source hook not run, if Api\Header\ContenSecurity::add() was called
2020-04-30 17:31:46 +02:00
Ralf Becker
ab20dbb70c
* Mail: automatic remove some invisible Unicode chars breaking email addresses: zero width space, variation selectors
2020-04-30 10:16:24 +02:00
nathangray
0fdd8f87cb
Api: Fix out of memory error when deleting users and filesystem is large
...
Fixed by not deleting the files, just changing owner
2020-04-28 14:16:09 -06:00
Ralf Becker
42b78ab708
quiten warning in login / no user-apps
2020-04-28 10:15:01 +02:00
nathangray
631be5769d
Api: Switch double quotes to single quotes to be standard SQL and avoid Postresql errors
2020-04-27 09:17:16 -06:00
Ralf Becker
4d4eb5e654
remove left over (unnecessary) call to addGeneric adding an empty push
2020-04-22 22:19:58 +02:00
Ralf Becker
9817d25a47
move who is available via push to push class and backends
2020-04-20 13:07:58 +02:00
Ralf Becker
1ac0ff826e
missed commit from SimpleSAMLphp
2020-04-20 12:55:19 +02:00
Ralf Becker
9211d81732
suppress warning and trace (containing passwords) if userPassword attribute is not accessible
2020-04-16 12:16:04 +02:00
nathangray
a3c6eba952
Fix sharing of of a file inside a symlinked directory failed.
2020-04-14 11:19:12 -06:00
Ralf Becker
e3ede597dc
* API: add SimpleSAMLphp for SAML/Shibboleth authentication and many more
2020-04-14 14:10:33 +02:00
Ralf Becker
655f1f1f6a
fix wrong Gravatar URL
2020-04-11 10:11:10 +02:00
nathangray
0fb4176067
Fix sharing a single file gave 404
...
Added test to check that this works for a single file
2020-04-08 11:39:12 -06:00
Ralf Becker
a6e6393943
disable avatar sharing link, as it currently destroys sessions for already logged in users, plus some more fixes for VC
2020-04-07 16:16:49 +02:00
Ralf Becker
1c135b2da3
some fixes around videoconference avatars and adding an automatic alarm 5min before the conference
2020-04-07 11:10:49 +02:00
Ralf Becker
72116b9587
Jitsi avatars: shareing url for pictures, anonymous letter-avatar or gravatar if none
2020-04-06 20:15:00 +02:00
nathangray
b1cb9c10ef
Case insensitive check for vCard BEGIN & END flags fixes lowercase vcards would not import
...
https://tools.ietf.org/id/draft-ietf-vcarddav-vcardrev-02.html#anchor3
2020-04-06 10:54:59 -06:00
Ralf Becker
8c0fb193e1
fix wrong condition
2020-04-06 09:05:50 +02:00
nathangray
fb4e6c0dfe
Some improvements to sharing when multiple shares are involved
2020-04-03 16:20:47 -06:00
nathangray
6664aea901
Etemplate: Register time_or_date widget, fixes wrong timestamps in mobile template mail list
2020-04-01 15:03:58 -04:00
Ralf Becker
d830e048e4
loading filemanager translations for sharing
2020-04-01 10:46:32 +02:00
nathangray
174737cc67
English translation of 'share filemanager directory'
2020-03-31 10:49:36 -06:00
nathangray
0664df4921
Add some hints to sharing actions
2020-03-31 10:36:50 -06:00
nathangray
d24c6f2b7d
Avoid error if extra parameter is not set
2020-03-31 10:21:26 -06:00
Ralf Becker
3750711cdf
* OpenIdConnect/OAuth: manage access and display OAuth apps inside EGroupware
2020-03-30 21:03:19 +02:00
nathangray
c937f50193
Make sure share cleanup job doesn't remove shares just because of access rights
2020-03-30 09:35:59 -06:00
nathangray
d3eb2d9b22
Change the hidden upload message
2020-03-27 13:40:48 -06:00
nathangray
93a7166710
Add hidden upload directory as mail action
2020-03-26 13:20:20 -06:00
Ralf Becker
aa566e12fa
translation for "Hidden uploads" and move it between readonly and writable shares
2020-03-26 10:38:34 +01:00
nathangray
895b1ebee9
Cleanup, bugfix & refactoring of hidden upload folder.
2020-03-25 11:39:40 -06:00
nathangray
7163acfe1d
* Add action to share filemanager folder (readonly) with hidden upload folder
2020-03-24 20:34:04 -06:00
nathangray
6aec7858cc
* Api: If addressbook event column is disabled, disable next / last dates in edit dialog as well.
2020-03-24 09:42:10 -06:00
Hadi Nategh
3330bb6747
Use svg icon version for sidebox bullet points
2020-03-23 14:13:44 +01:00
Ralf Becker
e9c3533c93
avoid misconfiguration of user "anonymous" NOT flaged as such
2020-03-21 11:43:54 +01:00
nathangray
7631eb83aa
Fix some account changes were not saved
2020-03-20 10:31:46 -06:00
nathangray
a7593b2f83
Add some comment so we know what's going on
2020-03-19 10:41:45 -06:00
nathangray
4078154237
Remove permanent error_log
2020-03-09 15:29:51 -06:00
nathangray
173b695cf2
Api: Sharing listens to Vfs hooks to stay up-to-date with deleted or renamed files
2020-03-06 14:48:26 -07:00
Ralf Becker
4fe466f4f9
deals with some rows share_path have "vfs://default" prefix, some are just path
2020-03-06 15:08:34 +01:00
Ralf Becker
4c987e7dd8
fix all shares (not files) got deletes, if one was expired
2020-03-06 14:33:50 +01:00
nathangray
9b2e6b5012
Api: Fix Sharing missing temp file cleanup
2020-03-05 15:03:34 -07:00
nathangray
1fcd502d57
Api: Fix sharing lost session ID causing logout
2020-03-05 14:08:57 -07:00
nathangray
0df0777484
Revert "Api: Fix sharing lost session ID causing logout"
...
This reverts commit 07561bf01d
.
2020-03-05 14:07:24 -07:00
nathangray
07561bf01d
Api: Fix sharing lost session ID causing logout
2020-03-05 13:58:09 -07:00
Ralf Becker
7283d33a93
fold Apache error.log and ignored PHP syntax errors, plus remove some warnings
2020-03-05 11:53:26 +01:00
Ralf Becker
5154bc2f70
fix warnings, if headers are already sent, eg. in phpUnit/Travis
2020-03-05 10:23:29 +01:00
Ralf Becker
b448f9a021
adding phpUnit 8.x as dev-requirement and try staring Apache in Travis for CalDAV tests
2020-03-04 22:43:09 +01:00
Ralf Becker
e360932bdf
fix warning in tests
2020-03-04 22:31:30 +01:00
Ralf Becker
df263c22a3
some fixes for warnings during phpUnit about session+translation
2020-03-04 20:28:30 +01:00
Ralf Becker
c85f1f3d05
some fixes for warnings during phpUnit about caching
2020-03-04 20:27:10 +01:00
Ralf Becker
19a7894269
some pending changes
2020-03-04 20:19:08 +01:00
Ralf Becker
44d9fcc790
Revert "* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar"
...
This reverts commit 4c6e41d479
.
2020-03-04 19:16:50 +01:00
Ralf Becker
cbb1391c37
Revert "revert using files cache for cli change in order to fix failing install in Travis"
...
This reverts commit 1367463e6b
.
2020-03-04 19:15:43 +01:00
Ralf Becker
1367463e6b
revert using files cache for cli change in order to fix failing install in Travis
2020-03-04 19:08:42 +01:00
Ralf Becker
4c6e41d479
* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar
2020-03-04 16:58:38 +01:00
Ralf Becker
deb482aca3
suppress warning if session already active (trace logs the password)
2020-02-26 13:51:58 +01:00
Ralf Becker
4a14e0d36b
ignore exception, as it blocks session creation, if database is not writable
2020-02-19 15:39:29 +01:00
Hadi Nategh
12c2984acf
Fix default login logo url
2020-02-19 12:14:26 +01:00
Ralf Becker
42e62cb3eb
fix one error with sharing-links having passwords (no HTML tags in Headers!)
2020-02-14 13:43:50 +01:00
Ralf Becker
90c55e013d
try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement
2020-02-05 10:58:34 +01:00
Ralf Becker
9cc0eaccd4
try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement
2020-02-05 10:51:38 +01:00
Ralf Becker
abd6f7d669
allow to specify the root for lang-files
2020-02-01 17:50:56 +01:00
Hadi Nategh
faca76f6a9
Do not run restrict validation check for type taglist-account if free entries are allowed
2020-01-31 16:13:45 +01:00
Ralf Becker
1559b017d7
validate IP address in X-Forwarded-For header
2020-01-30 13:21:56 +01:00
Ralf Becker
39be6e0b89
* Sharing: temporary disable cleaning of deleted files, causing all shares to get deleted
2020-01-29 16:30:22 +01:00
Ralf Becker
b65b21fe9c
allow images and media in mail via http: and https:, but remove object tags (already forbiden via CSP)
2020-01-29 14:40:30 +01:00
Ralf Becker
cc8258cb3c
use random_bytes(32) which throws for not enought entropy
2020-01-29 11:12:21 +01:00
Ralf Becker
d95894d530
use etemplate-exec-id as CSRF token for ajax requests
2020-01-29 11:08:44 +01:00
nathangray
2045c08e54
* Api: Fix SQL error from doubled table name in group statement
...
"Unknown column 'egw_tracker.egw_tracker.tr_id' in 'group statement'"
2020-01-28 14:05:44 -07:00
Ralf Becker
ec31d93af2
do NOT load categories.php?app=phpgw for login page
...
It gives an error as no user is logged in, which is served as text/html, which then gives an error in browser, as it conflicts with X-Content-Type-Options: nosniff
2020-01-28 18:56:54 +01:00
Ralf Becker
57ab6f667c
adding CSP frame-ancestors 'self' policy to mitigate clickjacking
2020-01-28 18:19:40 +01:00
Ralf Becker
2ea9549dcf
stricter CSP policy for mail body
2020-01-28 17:45:36 +01:00
Ralf Becker
d8289ef29d
stricter CSP policy
2020-01-28 17:14:51 +01:00
Ralf Becker
e9c4d3f07e
complete push implementation for timesheet incl. ACL check
2020-01-24 13:31:56 +01:00
Ralf Becker
2bae92f066
ALL and SESSION constants for push
2020-01-23 16:05:32 +01:00
Ralf Becker
6e0936bd98
first take on pushing app-changes to all clients
2020-01-23 11:26:44 +01:00
nathangray
c88bf3c4a0
Fix typo
2020-01-15 08:14:04 -07:00
Ralf Becker
f7c653832f
add an iterator for objects with a get_rows method
2020-01-13 14:41:46 +01:00
Ralf Becker
257fa50a1f
fix PHP Warning: Use of undefined constant EGW_ACL_READ - assumed 'EGW_ACL_READ'
2020-01-09 14:41:07 +01:00
Ralf Becker
7b30bb7b0d
* Admin: optional session-action column in access-log and sessions
...
also no longer update access-log in session-class destructor, as it fails with skipping permanent logging for WebDAV and others
2019-12-14 13:09:22 +02:00
Hadi Nategh
4276ebbe5f
* Mobile theme: fix mobile theme sidebar not showing notifications
2019-12-10 14:18:05 +01:00
nathangray
1064759020
Fix /apps/projectmanager threw SQL error Unknown column 'hash' in 'order clause'
2019-12-09 14:11:55 -07:00
Ralf Becker
2df0095579
fix typo
2019-12-05 08:57:26 +02:00
Hadi Nategh
cf2d626bca
Fix replying to some mails with broken pre tags would cause infinite loop
2019-12-03 14:34:32 +01:00
Ralf Becker
e305ba1d23
ignore logging of session dla only for max. of 15 min, so session status is displayed correct
2019-12-02 16:27:17 +02:00
nathangray
83e2d70222
Mail: Fix bullet & number to text conversion failed with non-ascii characters
2019-11-22 09:44:27 -07:00
nathangray
8b503dbae3
Admin: change delete user filemanager hook to move home dir, but only search /home for other files
...
- Translation from Birgit
2019-11-19 10:19:04 -07:00
Ralf Becker
93b1c7f1ab
fix namespace issues
2019-11-19 14:02:37 +02:00
nathangray
a39d257eac
Admin: change delete user home directory back to special case, getting actual file count takes way too long.
2019-11-18 14:02:38 -07:00
Ralf Becker
7cd4169768
* all apps: fixing serveral cases of wrong Url when proxying and terminating TLS on the proxy
2019-11-15 13:54:34 +01:00
Ralf Becker
056e5c053a
use hostname from setup, only if webserver-url starts with a slash, closer to previous behavior
2019-11-13 18:28:33 +01:00
Ralf Becker
2fcdcb5afe
* CalDAV/Calendar: iOS also no longer allowed to accept/reject invitations
...
now we skip encoding href attributes with mailto: urls independent of user-agent
2019-11-13 16:12:50 +01:00
Ralf Becker
302800b414
new class Api\Header\Http to handle X-Forwarded-Host and -Schema headers
...
also kope now with multiple comma-separated host-names in X-Forwarded-Host header happening with multiple proxys
2019-11-12 20:13:24 +01:00
Ralf Becker
c768c9cbf7
* CalDAV/Calendar: Lightning 68 no longer allowed to accept/reject invitations
...
Caused by calendar-user-address-set in principal had url encoded @ in email
--> now using a minimal url-encoding for Lightning, to not encode @
2019-11-11 18:02:20 +01:00
nathangray
5acd287e8d
* Mail: keep number & bullet lists when converting to plain text
2019-11-08 11:42:25 -07:00
nathangray
d8faef3503
Admin: Extend Vfs::deleteAccount hook to all the files it can find, not just home dir.
2019-11-07 13:46:14 -07:00
Ralf Becker
bf844b7598
support for new Swoole push server
2019-11-04 09:29:49 +01:00
Ralf Becker
972ebf56f2
speed up restore of database by inserting up to 500 row in one statement (was only 10)
2019-10-30 17:15:23 +01:00