Commit Graph

1455 Commits

Author SHA1 Message Date
Ralf Becker
c85f1f3d05 some fixes for warnings during phpUnit about caching 2020-03-04 20:27:10 +01:00
Ralf Becker
19a7894269 some pending changes 2020-03-04 20:19:08 +01:00
Ralf Becker
44d9fcc790 Revert "* CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar"
This reverts commit 4c6e41d479.
2020-03-04 19:16:50 +01:00
Ralf Becker
cbb1391c37 Revert "revert using files cache for cli change in order to fix failing install in Travis"
This reverts commit 1367463e6b.
2020-03-04 19:15:43 +01:00
Ralf Becker
1367463e6b revert using files cache for cli change in order to fix failing install in Travis 2020-03-04 19:08:42 +01:00
Ralf Becker
4c6e41d479 * CalDAV/OutlookSynchronizer: reject invitations when client deletes then without appropriate rights in his calendar 2020-03-04 16:58:38 +01:00
Ralf Becker
deb482aca3 suppress warning if session already active (trace logs the password) 2020-02-26 13:51:58 +01:00
Ralf Becker
4a14e0d36b ignore exception, as it blocks session creation, if database is not writable 2020-02-19 15:39:29 +01:00
Hadi Nategh
12c2984acf Fix default login logo url 2020-02-19 12:14:26 +01:00
Ralf Becker
42e62cb3eb fix one error with sharing-links having passwords (no HTML tags in Headers!) 2020-02-14 13:43:50 +01:00
Ralf Becker
90c55e013d try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement 2020-02-05 10:58:34 +01:00
Ralf Becker
9cc0eaccd4 try "PLAIN" first, in case IMAP wrongly reports some digest, it does not (correctly) implement 2020-02-05 10:51:38 +01:00
Ralf Becker
abd6f7d669 allow to specify the root for lang-files 2020-02-01 17:50:56 +01:00
Hadi Nategh
faca76f6a9 Do not run restrict validation check for type taglist-account if free entries are allowed 2020-01-31 16:13:45 +01:00
Ralf Becker
1559b017d7 validate IP address in X-Forwarded-For header 2020-01-30 13:21:56 +01:00
Ralf Becker
39be6e0b89 * Sharing: temporary disable cleaning of deleted files, causing all shares to get deleted 2020-01-29 16:30:22 +01:00
Ralf Becker
b65b21fe9c allow images and media in mail via http: and https:, but remove object tags (already forbiden via CSP) 2020-01-29 14:40:30 +01:00
Ralf Becker
cc8258cb3c use random_bytes(32) which throws for not enought entropy 2020-01-29 11:12:21 +01:00
Ralf Becker
d95894d530 use etemplate-exec-id as CSRF token for ajax requests 2020-01-29 11:08:44 +01:00
nathangray
2045c08e54 * Api: Fix SQL error from doubled table name in group statement
"Unknown column 'egw_tracker.egw_tracker.tr_id' in 'group statement'"
2020-01-28 14:05:44 -07:00
Ralf Becker
ec31d93af2 do NOT load categories.php?app=phpgw for login page
It gives an error as no user is logged in, which is served as text/html, which then gives an error in browser, as it conflicts with X-Content-Type-Options: nosniff
2020-01-28 18:56:54 +01:00
Ralf Becker
57ab6f667c adding CSP frame-ancestors 'self' policy to mitigate clickjacking 2020-01-28 18:19:40 +01:00
Ralf Becker
2ea9549dcf stricter CSP policy for mail body 2020-01-28 17:45:36 +01:00
Ralf Becker
d8289ef29d stricter CSP policy 2020-01-28 17:14:51 +01:00
Ralf Becker
e9c4d3f07e complete push implementation for timesheet incl. ACL check 2020-01-24 13:31:56 +01:00
Ralf Becker
2bae92f066 ALL and SESSION constants for push 2020-01-23 16:05:32 +01:00
Ralf Becker
6e0936bd98 first take on pushing app-changes to all clients 2020-01-23 11:26:44 +01:00
nathangray
c88bf3c4a0 Fix typo 2020-01-15 08:14:04 -07:00
Ralf Becker
f7c653832f add an iterator for objects with a get_rows method 2020-01-13 14:41:46 +01:00
Ralf Becker
257fa50a1f fix PHP Warning: Use of undefined constant EGW_ACL_READ - assumed 'EGW_ACL_READ' 2020-01-09 14:41:07 +01:00
Ralf Becker
7b30bb7b0d * Admin: optional session-action column in access-log and sessions
also no longer update access-log in session-class destructor, as it fails with skipping permanent logging for WebDAV and others
2019-12-14 13:09:22 +02:00
Hadi Nategh
4276ebbe5f * Mobile theme: fix mobile theme sidebar not showing notifications 2019-12-10 14:18:05 +01:00
nathangray
1064759020 Fix /apps/projectmanager threw SQL error Unknown column 'hash' in 'order clause' 2019-12-09 14:11:55 -07:00
Ralf Becker
2df0095579 fix typo 2019-12-05 08:57:26 +02:00
Hadi Nategh
cf2d626bca Fix replying to some mails with broken pre tags would cause infinite loop 2019-12-03 14:34:32 +01:00
Ralf Becker
e305ba1d23 ignore logging of session dla only for max. of 15 min, so session status is displayed correct 2019-12-02 16:27:17 +02:00
nathangray
83e2d70222 Mail: Fix bullet & number to text conversion failed with non-ascii characters 2019-11-22 09:44:27 -07:00
nathangray
8b503dbae3 Admin: change delete user filemanager hook to move home dir, but only search /home for other files
- Translation from Birgit
2019-11-19 10:19:04 -07:00
Ralf Becker
93b1c7f1ab fix namespace issues 2019-11-19 14:02:37 +02:00
nathangray
a39d257eac Admin: change delete user home directory back to special case, getting actual file count takes way too long. 2019-11-18 14:02:38 -07:00
Ralf Becker
7cd4169768 * all apps: fixing serveral cases of wrong Url when proxying and terminating TLS on the proxy 2019-11-15 13:54:34 +01:00
Ralf Becker
056e5c053a use hostname from setup, only if webserver-url starts with a slash, closer to previous behavior 2019-11-13 18:28:33 +01:00
Ralf Becker
2fcdcb5afe * CalDAV/Calendar: iOS also no longer allowed to accept/reject invitations
now we skip encoding href attributes with mailto: urls independent of user-agent
2019-11-13 16:12:50 +01:00
Ralf Becker
302800b414 new class Api\Header\Http to handle X-Forwarded-Host and -Schema headers
also kope now with multiple comma-separated host-names in X-Forwarded-Host header happening with multiple proxys
2019-11-12 20:13:24 +01:00
Ralf Becker
c768c9cbf7 * CalDAV/Calendar: Lightning 68 no longer allowed to accept/reject invitations
Caused by calendar-user-address-set in principal had url encoded @ in email
--> now using a minimal url-encoding for Lightning, to not encode @
2019-11-11 18:02:20 +01:00
nathangray
5acd287e8d * Mail: keep number & bullet lists when converting to plain text 2019-11-08 11:42:25 -07:00
nathangray
d8faef3503 Admin: Extend Vfs::deleteAccount hook to all the files it can find, not just home dir. 2019-11-07 13:46:14 -07:00
Ralf Becker
bf844b7598 support for new Swoole push server 2019-11-04 09:29:49 +01:00
Ralf Becker
972ebf56f2 speed up restore of database by inserting up to 500 row in one statement (was only 10) 2019-10-30 17:15:23 +01:00
Ralf Becker
bdc8e71057 * Mail: stop logging of mails to webserver error-log 2019-10-30 15:09:11 +01:00
Ralf Becker
8f6df975fe also remove /api/thumbnail.php from access-log updates 2019-10-29 13:20:23 +01:00
Ralf Becker
b926ffc5c8 fix IDE warnings 2019-10-29 09:36:49 +01:00
Ralf Becker
aecea69519 extract logic of custom-field search method
process_search modifies the parameters so search calls this method and then its parent with the modified parameters
2019-10-22 17:07:21 +02:00
Ralf Becker
cad1ec2aaf fix regular expression to not update access-log for avatar 2019-10-22 09:58:18 +02:00
Ralf Becker
5a9bc1a98a UCS 4.4 Rest API gives an error creating group "Default"
claiming a user or group with that name exists, which is not the case
(probably because other LDAP objects with cn=Default exist)
we work around that by creating it as DefaultX and rename it in LDAP to Default for now
2019-10-18 16:23:50 +02:00
Hadi Nategh
414b169791 Add missing timezone selectbox in framework 2019-10-18 15:01:08 +02:00
Hadi Nategh
b13a3a4619 * Mail: fix mails consists of both multipart/mixed and multipart/related create duplicated content 2019-10-16 17:01:02 +02:00
Ralf Becker
df1909d8c1 skip mail-accounts is user editable check for password change
some stored credentials are not event linked to mail accounts or 
might belong to by user not editable accounts like smime on a mail account for all
2019-10-15 18:34:15 +02:00
Hadi Nategh
5a1fbe7049 Use letter avatar when user have no personal avatar is set in addressbook 2019-10-15 14:06:33 +02:00
nathangray
121d5f82ef Etemplate: Fix taglist-account would reject most values 2019-10-11 11:55:10 -06:00
nathangray
a05c66f32c Api: Cleanup by moving password check to its own function 2019-10-11 10:51:40 -06:00
nathangray
56989f338b Remove duplicate method 2019-10-08 14:44:35 -06:00
nathangray
8d58409211 Get Sharing to recognize editable Collabora shares for determining class 2019-10-08 14:43:17 -06:00
Ralf Becker
5dcf1e842f fix for stable Univention 4.4-2 REST API 2019-09-30 12:37:48 +02:00
nathangray
084d2f7ac7 Etemplate: Expand VFS path attribute, if present 2019-09-27 13:40:24 -06:00
Ralf Becker
71d3e3a80c ignore updates (session creation is written) of *dav and avatar, due to possible high volume of updates 2019-09-27 15:59:10 +02:00
Ralf Becker
21a44891ed * InfoLog: fix delegation no longer shown after database restore 2019-09-24 11:23:17 +02:00
nathangray
4e339a62a4 Filemanager: Fix shared directory could not open odp (or other non-odt files) in Collabora
Also fix "Permission denied" error trying to open office files without Collabora
2019-09-18 11:54:08 -06:00
Ralf Becker
4f367e6bf1 * Univention: fix "Must change password upon next login" feature 2019-09-16 10:06:57 +02:00
Ralf Becker
c5ea1618af CalDAV/CardDAV: fix not working creation of new contacts in MacOS Addressbook
OSX Addressbook sends ?add-member url-encoded
2019-09-12 09:10:19 +02:00
Ralf Becker
e2529ea8a3 * Preferences: always show Security & Password popup, only disable password tab, if no rights to change it 2019-09-11 12:15:38 +02:00
nathangray
c0757e5e58 Api - fix typo preventing translation of exception headlines 2019-09-09 14:22:15 -06:00
Ralf Becker
3967d2a3b6 fix aborted WebAuthn not treated as failure of 2nd factor, if registered 2019-09-06 10:36:21 +02:00
Ralf Becker
b56c1ae856 hook to allow apps to modify login page, eg. for multifactor auth 2019-09-04 15:15:18 +02:00
nathangray
397b77a86d Mail - another fix for extra newlines, now with less out of memory errors 2019-08-29 11:53:40 -06:00
nathangray
c59807d861 Api - No need to make the link titles safe here, it just makes timesheet titles look weird 2019-08-23 16:01:01 -06:00
nathangray
3bec6326f9 Api - Add Sharing->get_path() so we can get the path of the share 2019-08-23 14:19:10 -06:00
nathangray
e099086151 Fix sharing only looks for addressbook templates for insert into document 2019-08-22 16:04:07 -06:00
nathangray
5bc2467de3 Api - Better handling of enabled attribute for share actions 2019-08-22 15:56:17 -06:00
nathangray
a49e3a3c15 Api - Add a Share filemanager directory context menu action 2019-08-22 15:18:40 -06:00
Ralf Becker
c706f3f09c pending translations from our translation server 2019-08-22 13:57:23 +02:00
Ralf Becker
681679382c * Api: no longer loggin last-logintime of anonymous user
to not block website and also to better cope with high rate anon endpoints 
might be called creating a bottleneck in the egw_accounts table.
2019-08-19 16:51:13 +02:00
Ralf Becker
77ca6dcece one more old eGroupWare 2019-08-14 12:13:47 +02:00
Ralf Becker
a594f9ccee add cache-buster to new login-background to force browser to load it 2019-08-13 15:01:18 +02:00
Ralf Becker
30a2c4d90f fix default "EGroupware" site_title for new login page 2019-08-09 15:52:19 +02:00
Ralf Becker
1403c7ffd0 * Login: new background and logo for login page 2019-08-09 14:41:16 +02:00
Hadi Nategh
5dcb431087 Revert commit 91f85186cd as it breaks mail reply 2019-08-06 15:51:25 +02:00
Ralf Becker
2776d215e2 * Login: RememberMe token for either automatic login or as 2. factor for 2-Factor-Auth 2019-08-03 18:37:18 +02:00
nathangray
91f85186cd Mail - fix extra newlines added when switching email from HTML to text 2019-08-02 11:50:52 -06:00
nathangray
1131d07199 Revert "Etemplate - avoid error if child is not a widget", it causes other random breaking
This reverts commit 1f63996a2c.
2019-08-02 11:08:14 -06:00
nathangray
1f63996a2c Etemplate - avoid error if child is not a widget
though it never should be...
2019-08-02 10:33:38 -06:00
Ralf Becker
92f89f93ca fix namespace in docu 2019-08-01 18:39:14 +02:00
nathangray
890cd4e4a4 Api - give error if share path is missing 2019-07-31 10:31:13 -06:00
Ralf Becker
a45c63d5ec setting a timeout of 30 seconds, as recommended by Univention 2019-07-31 12:48:59 +02:00
Ralf Becker
45d3def574 fix "405 Method not allowed" error updating users and retrying on connection failure once 2019-07-31 12:10:35 +02:00
Hadi Nategh
33aa092453 Add descriptive tooltip for avatar status 2019-07-31 11:45:39 +02:00
Ralf Becker
f4840d1d87 fix PHP Warning: count(): Parameter must be an array or an object that implements Countable 2019-07-31 10:55:46 +02:00
Ralf Becker
9370dbf116 fix Argument 2 passed to EGroupware\Api\Accounts\Univention\Udm::user2udm() must be of the type array, null given
GET to users/user/$dn returns just the entry
2019-07-30 19:44:22 +02:00
Ralf Becker
02c21fe2f9 remove commented out fixing of policies as object 2019-07-30 18:27:29 +02:00
Hadi Nategh
053a2aeefd Call no named attachment "forwarded message" only if it's a message 2019-07-30 12:14:42 +02:00
nathangray
bfc2728ad3 Add github link to Collabora key description 2019-07-29 09:36:27 -06:00
nathangray
997822182d Api - Move Collabora credential type ID into parent to avoid collisions 2019-07-29 09:26:49 -06:00
Hadi Nategh
d52410ed94 Fix icon for Share link action 2019-07-29 15:36:57 +02:00
Ralf Becker
6435eb1293 * Api: fix error adding/editing catgories or custom fields 2019-07-29 11:21:54 +02:00
Hadi Nategh
1125857730 Same fix as commit 377766293f for mail display 2019-07-29 11:18:26 +02:00
Hadi Nategh
5b420c7d0d Reduce letter avatar size by 50% 2019-07-22 15:01:25 +02:00
Ralf Becker
26a287b7d9 use new Univention UDM Rest Api, instead of univention-directory-manager cli 2019-07-22 11:18:28 +02:00
nathangray
58c53efd49 Api - When doing monthly share cleanup, check to see if share target is still valid
- removed some duplicated code
2019-07-18 15:25:28 -06:00
Ralf Becker
b433ed7037 remove some more prefixes 2019-07-18 15:43:39 +02:00
Ralf Becker
15d8e0d422 allow to search for multiple items and strip "contact_" prefix 2019-07-18 15:27:06 +02:00
nathangray
87c4f0ff9c Filemanager - Add some actions for merge-print shares into email templates 2019-07-16 13:44:20 -06:00
Ralf Becker
1b002165c4 setting required PHP version to 7.2 and recommended to 7.3 2019-07-16 11:00:16 +02:00
nathangray
f056599e5f Api - Make sure translations get loaded for share action captions 2019-07-11 12:07:20 -06:00
nathangray
6f7c939d8b Etemplate - avoid warning from method_exists if method is a callable 2019-07-11 11:25:30 -06:00
Ralf Becker
d1785a5340 MySQL 8.0 fails to create user as part of GRANT ALL statement 2019-07-10 09:19:00 +02:00
nathangray
1e23fca924 Api - Fix infinite loop if id1 parameter is an array
Triggered by linking to an unsaved entry that already has a link
2019-07-09 10:37:31 -06:00
Ralf Becker
b6bbe8c681 trying to fix not working HtmlArea / TinyMCE in 19.1
seems it's caused by - for what ever reason - caching the wrong class for "htmlarea" widget
2019-07-08 10:09:01 +02:00
Ralf Becker
a43c5d3f1f return only integer quota (im MB) as Dovecot does not deal with floats 2019-07-04 16:14:26 +02:00
Ralf Becker
2be5537276 fix case to EGroupware 2019-07-04 11:59:38 +02:00
Ralf Becker
206fdb367f quota needs a left join to report mailboxes without quota 2019-07-04 10:33:29 +02:00
Ralf Becker
027ef6bd18 fix mail compose was not showing all identities after last commit 2019-07-04 09:28:27 +02:00
Ralf Becker
624a69a6bd optionally return quota and groups too 2019-07-03 17:33:16 +02:00
Ralf Becker
690a19c77e only ask IMAP for getUserData, if quota is needed
specially imported for managementserver_imap who needs to ask mserver
2019-07-03 14:13:53 +02:00
Ralf Becker
7fb53c04c5 fix scrollbars because of missing ajax=true in url 2019-06-29 09:34:08 +02:00
Hadi Nategh
1fb1408aa1 Set calendar app as default app if nothing set 2019-06-27 14:56:04 +02:00
nathangray
48f57ba4e6 Admin - add phpgwai to list of apps excluded when counting entries an account has 2019-06-21 09:34:57 -06:00
nathangray
e08247d60a Admin - show a count of how many entries a user owns in delete dialog 2019-06-19 10:34:09 -06:00
Ralf Becker
6f1590fcaf fix unescaped dash in regular expression 2019-06-14 17:20:14 +02:00
nathangray
4d8164bb77 Clear & reset content, modifications & readonlys when resetting the request. 2019-06-13 10:14:08 -06:00
nathangray
673bd330c9 Addressbook - find titles for contacts marked deleted too
Previously returned '' if a contact was marked as deleted
2019-06-12 14:11:31 -06:00
nathangray
f11a6eb58d Move fix for missing merge into document actions into the right place, was affecting regular merge into document actions too 2019-06-11 14:37:06 -06:00
Ralf Becker
ad3576903a allow to disable or require 2-Factor-Auth 2019-06-07 20:28:49 +02:00
nathangray
8edb92f03f Strip HTML before diffing for history 2019-06-06 15:05:31 -06:00
nathangray
047af47b81 Fix missing merge into document actions for shares when the directory had many files 2019-06-06 09:31:48 -06:00
Hadi Nategh
c74d118437 Set a specific class for avatar status 2019-06-06 16:46:16 +02:00
Ralf Becker
7928fb9f4a fix PHP Warning: preg_replace(): Compilation failed: invalid range in character class 2019-06-06 09:00:25 +02:00
Ralf Becker
914de29859 improve user-agent formatting and use is also for accesslog 2019-06-05 18:18:23 +02:00
Ralf Becker
eb286c6144 missing changes in Session class for 2FA 2019-06-05 15:29:44 +02:00
Ralf Becker
44a0079b9d new user security popup incl. 2FA and token revokation 2019-06-05 13:10:25 +02:00
Hadi Nategh
e87655394d Do not add the stat DOM if the stat is not available 2019-06-05 10:22:14 +02:00
Hadi Nategh
1895eca0df Implement stat indicator for fw header avatar 2019-06-04 15:36:32 +02:00
Ralf Becker
1f7682d87a fixing two PHP Warnings 2019-06-04 09:43:59 +02:00
Hadi Nategh
56211347c9 Make sure that current user menu is an array before creating it 2019-05-29 11:44:12 +02:00
Ralf Becker
4b5890a501 do NOT used persistent connections, if they are disabled in php.ini 2019-05-29 11:28:46 +02:00
Hadi Nategh
5f58e4a23c WIP new framework style:
- Remove logout from top info menu
- More padding for icons in topmneu
- Some alignment fixes
2019-05-28 17:24:19 +02:00
Hadi Nategh
f424b1cdb6 WIP new framework style:
- Fix tab's close buttons jump while hovering
- Add search menu into info menu
- Add notifications as info menu and style it nicely
- Toggle avatar top menu by clicking away on body
- Fix notifications popup message alignment
2019-05-27 17:12:40 +02:00
Hadi Nategh
b1f4b2cb5d WIP framework new style 2019-05-24 16:11:37 +02:00
Ralf Becker
1338090a84 * CalDAV/CardDAV: encoding VT (vertical tab) as it stalls Outlook (CalDav Synchronizer) 2019-05-24 15:11:07 +02:00
nathangray
3d9a026a83 Fix Lost password, Lost login & signup links on mobile 2019-05-23 10:17:11 -06:00
Ralf Becker
cf4301a023 fix SQL error in update from 14.2 and before for newer MariaDB/MySQL
they no longer silently cut of too long content for varchar columns
2019-05-23 10:17:01 +02:00