In some cases it might happen that you have an argument that deep down
somewhere has an array with a lot of entries (think thousands). Now
before we would just happily print them all. Which would fill the log.
Now it will just print the first 5. And add a line that there are N
more.
If you are on debug level we will still print them all.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The upload progress is based on the "totalToUpload" variable. However,
as the variable is set when an upload is submitted, if another upload is
submitted before the previous one finished the upload progress only took
into account the size of the new upload (although the upload itself
worked fine; the files of the new submitted upload are added to the
active one). Now "totalToUpload" is either increased or set depending on
whether an upload is active or not.
Note that although "data.total" holds the total size of the files being
uploaded "totalToUpload" needs to be used in "fileuploadprogressall"
instead; "totalToUpload" is calculated when the upload is submitted, but
since 7c4c5fe6ae the actual upload of the files, and thus updating the
value of "data.total", may be deferred until the parent folders were
created.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The threads option for the password_hash function does not define the maximum allowed number of CPU threads to be used by the hashing algorithm but the exact number of threads that is used.
Similarly the memory_cost option for the password_hash function does not define the maximum allowed memory to be used by the hashing algorithm, but the exact amount of memory that is used by the hashing table. The minimum value is 8 KiB per thread.
The time_cost option for the password_hash function does not define the allowed time in seconds, but the number of iterations for the hash function.
If the minimum values are understood, the minimum values are used instead.
Signed-off-by: MichaIng <micha@dietpi.com>
instead of using the sabredav fallback (which does a read+write stream copy)
this greatly speeds up dav copies
Signed-off-by: Robin Appelman <robin@icewind.nl>
While technically they are stored the same. This session variable is
used to indicate that a user is using an app password to authenticate.
Like from a client. Or when having it generated automatically.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The main issue with using the general theming- prefix is that with APCu caching
the cache is not shared between processes, so when trying to reset the cache
through the CLI, e.g. when updating the theming config the old cache is never
invalidated.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
The circles app depends on a valid userId. A public shared calender might be viewed by guests without a user session. For such requests the principal is null.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
"Exception: substr() expects parameter 3 to be int, bool given" can occur on Line 378 $mimePart = substr($icon, 0, strpos($icon, '-'));
This happens, when '-' is not found and strpos returns false instead of an int.
When this occurs, e.g., Activity hangs.
Signed-off-by: lui87kw <lukas.ifflaender@uni-wuerzburg.de>
External storage with session credentials is not accessible without a
user session, hence background jobs and CLI commands can't work with
them. The previously unhandled exception causes logged errors in the
nextcloud log. This patch catches the specific exception and logs it as
warnings. So for a production instance the error won't spam their logs
for this non-recoverable and technically unsolvable error if the minimum
log level is set to the default of 3 (error).
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
We don't use `shareapi_internal_enforce_expire_date` anywhere.
`shareapi_enforce_internal_expire_date` is the one we want.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This avoids the need to keep the default values in the integration tests
in sync with the code, and also makes possible to reset values with
"dynamic" defaults (defaults that depend on other values).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The default expiration date for internal shares was set from the default
link expiration date instead of the internal one.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This shows in a clearer way that the expected expiration date is the
original one, but without time.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This adds back what was being actually tested in the unit test fixed in
the previous commit.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The expiration date was explicitly given, so it was not testing what it
should. Moreover, "link_defaultExpDays" needs to be mapped when testing
the default value (even if it will just fallback to the value of
"shareapi_expire_after_n_days").
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The enforced expiration date was not actually enabled, as for that
"shareapi_default_expire_date" needs to be explicitly set to "yes".
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The test should fail if no exception was thrown, and no exception was
thrown due to a missing configuration parameter. However, the use of
"addToAssertionCount(1)" made the test pass even if no exception was
thrown and, therefore, to silently fail.
Now the missing configuration parameter was added and the test will fail
if the expected exception is not thrown.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Apparently the fetched column can be a string or resource. Hence we have
to catch the resource type and convert it to a string.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
In certain cases changeLock to EXCLUSIVE fails
and throws LockedException. This leaves the
file locked as SHARED in file_put_contents,
which prevents retrying (because on second
call file_put_contents takes another SHARED
lock on the same file, and changeLock doesn't
allow more than a single SHARED lock to promote
to EXCLUSIVE).
To avoid this case, we catch the LockedException
and unlock before re-throwing.
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
There might be cases where multiple requests trigger the key generation
at the same time and the instance ends up with a non-fitting
public/private key pair. Therefore the whole key generation should be
locked. Other than that this makes sure that user key generation return
values are properly validated.
Signed-off-by: Julius Härtl <jus@bitgrid.net>
It seems that in some recent upgrade here. Not always the entries we
expect are returned. So we should first check if they exist. As to not
spam the log.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The comparisson of NULL is a bit special.
So we need to handle this a tad beter else it might not replace NULL
values. or allow you to set NULL values on updates.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fix disabled default file action to still use an anchor element, as this
is used in many other places (and potentially apps).
Adjusted anchor style to not look like it's clickable and added extras
to make sure everything inside still looks clickable as before.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
- helps performance, but skipping unnecessary entries
- reduces reoccuring info-level log output against groups that do not
qualify ("no or empty name")
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This is within the failed lock acquiring branch. So the lock is free by another process and should not be removed because the cached file (that was created by the process having the lock) appeared on the filesystem.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
If the user has no space and there are no versions, there won't be an
`all` index in the versions entry. Hence this triggers a warning and
becomes `null`, afterwards `count`, `foreach` and friends will happily
throw even more warnings and errors because they don't want to play with
`null`. Thus adding a fallback to an empty array.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Fix the removal of user from the group in UI.
Signed-off-by: Sujith Haridasan <sujith.h@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
The QBMapper is kind of a generic type, though this concept does not
exist in php. Hence you have a lot of type coercion in subtypes (mappers
in the individual apps) because you suddenly don't expect an Entity[]
but your specific type.
Luckily Psalm lets us type those. Then in the subclass you can
psalm-implement the mapper with a concrete type and psalm will do all
the magic to ensure types are used correctly.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When the user is created, the provisioning api
was not adding the email address of the user
when provided if the `send email to new user`
is not set.
Signed-off-by: Sujith Haridasan <sujith.h@gmail.com>
because moving to trash can take a long time, keeping a transaction active for the duration can lead to issues
Signed-off-by: Robin Appelman <robin@icewind.nl>
When asking for sharees we compare not only UID and displayname but also
the email address. And if that matches we return the sharee as an exact
match. This logic had a flaw as in that it also matched the empty string
to users with no email address.
This is most noticeable when you disable sharee enumeration and open the
ownership transfer dialog. It suggested other users of the instance
before. This has stopped now.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Before when you have a user "smith" and a federated user "smith@example.com"
you could see the federation result with "smit" but not with "smith" anymore.
With most LDAP configurations and local backend setups this is disturbing and
causes issues.
The idea of not showing the email and federation on a matching user was with:
Local user registered with "smith@example.com" user id and having that same
email / cloud id in your contacts addressbook. So we now only hide those
"side results" when the search does contain an @
Signed-off-by: Joas Schilling <coding@schilljs.com>
TypeError: strpos() expects parameter 1 to be string, int given
The problem is that in cacheNode() we strip of any slashes, so
a folder "0/" will be trimmed to "0" and be used as an array key.
Since PHP automatically casts numeric array keys to integers,
you afterwards get $nodePath as int(0). Since it's now a number,
the strpos() function does not accept it anymore. Simply casting
$nodePath to a string again in the foreach solves the issue
Signed-off-by: Joas Schilling <coding@schilljs.com>
- they show up previously with / typed – end user needs to know about it
- inconsistent with some other fields, that show it directly
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Until recently (it was fixed in ac2999a26a) when a path was transferred
other shares with the target user were removed, so a test was added to
ensure that it does not happen again.
Besides that a test to ensure that other files with the target user are
not transferred was added too (it did not fail before, but seemed
convenient to have that covered too :-) ).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The files:transfer-ownership performs a sanitization of users with
"risky" display names (including characters like "\" or "/").
In order to allow (escaped) double quotes in the display name the
regular expression used in the "user XXX with displayname YYY exists"
step had to be adjusted.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Currently only transferring ownership of a reshare with a group to a
user in the group is possible.
When transferring ownership of a reshare with another user or with a
group to a user not in the group restoring the share fails (but the
command succeeds, it only fails for the specific files that are
reshares).
When transferring ownership of a path that is a reshare the command
fails (as when a specific path is provided the path tries to move the
file, it does not take into account reshares).
The added integration tests reflect the above behaviours.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The integration tests did not verify that the shares were actually
transferred between the users (or that they were removed due to being
transferred to the sharee).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The integration tests did not verify that the files were actually
transferred between the users, only that the files were downloadable.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
if a directory is empty, only the 'marker' object `/` exists.
since not all s3 implementations return just the prefix when listing objects by prefix,
when listing objects by the folder prefix, nothing will be returned if the directory is empty.
by not including the trailing slash in the prefix, the folder marked will always be returned if it exists
Signed-off-by: Robin Appelman <robin@icewind.nl>
Since we try to do range requests this will fail hard.
However since empty files are not that interesting to read anyways we
just read from an emptry memory stream.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Empty strings are stored as null in Oracle,
so a column with NotNull can not have an empty string as default
Signed-off-by: Joas Schilling <coding@schilljs.com>
Since all the compiled routes are based on the server webroot,
we have to use this, independent from which app this belongs to.
Signed-off-by: Joas Schilling <coding@schilljs.com>
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates
* Added event listener to the PostLoggedInEvent so that we can act on it
- Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
token. Else it keeps being marked invalid and thus not used.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Else we might run into the issue that for an external storage where the
size is not known yet we do not use zip64. Which then of course fails on
large zip files.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If the object store errors we should not always delete the filecache
entry. As this might lead to people losing access to their files.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When a row is added to the file list the opacity of the file row is
animated from transparent to fully opaque. As the file actions menu is a
descendant of the row but overflows it when the row is not fully opaque
clicks on the menu entries "fall-through" and are received instead by
the rows behind.
The opacity animation is a CSS animation, and it is not possible to know
if a row is appearing or not except from its opacity (the row will have
the "appear" CSS class even after the animation ended). Therefore it
should be waited until the row of the file is fully opaque before using
the menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
instead of showing the generic 'Your storage is full' message, better explain that it's the group folder/external storage that is full
Signed-off-by: Robin Appelman <robin@icewind.nl>
- a configured flow can be brought into consideration, despite its event
was not fired
- it could either run through
- or run into a RuntimeException and killing processing of valid flows
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Systems that upgrade have this enabled by default
* New systems disable it
* We'll have to add some wargning in the setup checks if this is enabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
the exception caught is not an error, but due to valid configuration and
code flow is expecting this. For an admin it is confusing, and it carries
no information worth for debugging.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Do not blind concatenate ints. Lets add a _ between them. So that we can
distrinquis them properly
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
- the detection relies that the first, requested result is not empty
- it might be empty though – groups without members
- protect switching from available to unavailable
- switching the other way around was also not envisaged either
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
having the "cache rename" after the "storage move" caused the target
to get the fileid from the source file, without taking care that the object
is stored under the original file id.
By doing the "cache rename" first, we trigger the "update existing file"
logic while moving the file to the object store and the object gets stored for the
correct file id
Signed-off-by: Robin Appelman <robin@icewind.nl>
I removed the tests completely because they just test that the constructor assigns the values to the internal properties. Nothing that should be cared about from the outside.
See https://github.com/sebastianbergmann/phpunit/issues/3339#issuecomment-428843322
It is seen as bad practice to test internal stuff of objects instead of the actual input and output of mathod calls.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
this allows an admin to configure the max trashbin size instead of always relying on the users quota.
The trashbin size can be configured using the `occ trash:size` command and can be set both globally and per-user
Signed-off-by: Robin Appelman <robin@icewind.nl>
* Else login fails with webauthn devices that send the userid
- Like windows hello
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
Else people might have the feeling this is also doing 2FA. And since it
is only prefered it can be ignored and hacked around.
Once we have proper 2FA with webauthn in one go this probably needs to
be revisted.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
even when token is invalid or has no password.
Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.
Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
If we use the owners mount point this results in null. And then the rest
of the checks get called with null. Which doesn't work.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When uploading new files, getNodeForPath() will not succeed
yet so the lock cannot be acquired.
In that case, don't try to unlock it either.
Signed-off-by: Jaakko Salo <jaakkos@gmail.com>
fix issue with third-party apps like rocket.chat
where browser in external window is opened
and thus oauth2 login does not work
Signed-off-by: Fabian Helm <firlevapz@gmail.com>
A sharee can reshare a file and set the edit, create, delete and share
permissions of the reshare only if the received share has edit, create,
delete and share permissions, or if they were revoked in the received
share after being set in the reshare. Therefore, the permission
checkboxes in the share menu should be enabled only if the user can set
them (otherwise trying to check them will lead to an error).
Note that "sharePermissions" has all the permissions if the file is not
a reshare but a file owned by the user.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
The problem is that despite it's name IGroup::searchDisplayName()
only searches by userid and this is less fixable than changing back to this method here
Signed-off-by: Joas Schilling <coding@schilljs.com>
In general it is good to set them to Lax. But also to give devs more
control over them is not a bad thing.
Helps with #21474
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The S3 client enables this by default and then tries to read
`.aws/config`. This causes `open_basedir` restriction related error for
some setups. So this patch disables the CSM because it's most likely
unused anyway.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Only OCS exceptions have a getResult method. Any other exception will
cause another error due to this invalid method call.
This splits the catch into a specific one for OCS and then a generic one
for anything else that can't be handled.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Some S3 providers need a custom upload part size (500 MB static value in Nextcloud).
Here is a commit to change this value via S3 configuration, instead of using S3_UPLOAD_PART_SIZE constant.
A new parameter is added for an S3 connection : uploadPartSize
Signed-off-by: Florent <florent@coppint.com>
Fixes#21188
This way we do not run into the share permission issue
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
When video verification can not be enabled or disabled the previous
state is set again in the JavaScript share object. This ensures that the
UI will not reflect a misleading state.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
When enabling or disabling Talk verification in mail shares the server
expects also a new password to be set. As we always just update one
property at a time this means the Talk verification was impossible to
activate or deactivate. With this patch, we send the talk option AND the
new password. If there is no new password, the Talk option is disabled
(in mail shares; in link shares it is possible to enable or disable the
video verification without changing the password).
When we finally have descriptive text on ActionCheckbox'es we should
definitely add some explanatory text for the user. Right now this is as
good as it gets.
We'll have to backport to 18.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
When a remote share is deleted, we notify the remove instance. This may
trigger various error conditions, which we want to catch in order to
avoid undeletable shares. The try-catch, however, did only capture
exceptions, so things like TypeErrors were not caught and caused the
process to fail hard.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Enabling the "send password by Talk" property of shares require that
Talk is installed and enabled, so the Drone step that runs them has to
first clone the Talk repository.
When the integration tests are run on a local development instance,
however, it is not guaranteed that Talk is installed. Due to this the
"@Talk" tag was added, which ensures that any feature or scenario marked
with it will first check if Talk is installed and, if not, skip the
scenario (instead of failing).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
In most cases, when a mail share is created or updated an e-mail is sent
to the sharee, which is done by connecting to the SMTP server set in the
configuration. If the server can not be contacted then the creation or
update of the mail share fails.
To make possible to test mail shares without using a real SMTP server a
fake one has been added. The original script, which is MIT licensed, was
based on inetd, so it was slightly modified to run on its own.
In order to use it from the integration tests the "Given dummy mail
server is listening" step has to be called in the scenarios in which the
mail server is needed.
For now that is the only available step; things like checking the sent
mails, while possible (as the script can log the mails to certain file),
have not been added yet.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Note that the "last link share can be downloaded" step was kept as it
tests the "url" property specific of link shares.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).
However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".
Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When a mail share was created with a password the given password was not
hashed, so it was not possible to open the share with that password.
Moreover, if passwords were enforced the given password was ignored and
a new one was set (although in this case it was hashed so it worked as
expected). Now the given password is properly hashed and not overriden.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
\OCP\IShare does not exist; the right name is \OCP\Share\IShare,
although it is already imported as IShare.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Else if a lot of writes happen. It might happen that an old stat result
is used. Resulting in a wrong file size for the file. For example the
text app when a lot of people edit at the same time.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Before the resources/config/ca-bundle.crt was only used when the list of custom
certificates was empty and the instance was not installed. But it should also
be used when the list is empty and the instance is installed.
This is inverting the logic to stop if the instance is not installed to use the
default bundle. And it also does this when the list is empty.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Before we'd also get the diplayname for each group in the backend. In a
separate query. This is of course not ideal as this information is
obtained on each and every query. Now this is queried once and properly
cached.
Also added more caching to the manager.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
In test it reduced the transfered data from 5 MB to 2 MB. This should reduce the load on the appstore significantly.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
When opening a shared text document, the files_sharing app uses
internal preview support in case no other app to open the text file is
available.
So far, it only checks for the old files_texteditor app, not for the new
new text app. This commit fixes this by checking for both.
Signed-off-by: Jonas Meurer <jonas@freesources.org>
Since we don't care if it is human readbale.
The code is backwards compatible with the old format.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Make sure you have the [VSCode DevContainer](https://code.visualstudio.com/docs/devcontainers/containers) extensions installed. If you open the project, VSCode will ask you if you want to open it inside of the DevContainer. If that's not the case, use <kbd>F1</kbd>→*Dev Containers: Open Folder in Container*.
Alternatively open the project directly in [GitHub Codespaces](https://github.com/features/codespaces).
That's already it. Everything else will be configured automatically by the Containers startup routine.
## Credentials
On first start the Container installs and configures Nextcloud with the following credentials:
**Nextcloud Admin Login**
Username: `admin` <br>
Password: `admin`
**Postgres credentials**
Username: `postgres` <br>
Password: `postgres` <br>
Database: `postgres`
## Services
The following services will be started:
| Service | Local port | Description |
|---------|------------|-------------|
| Nextcloud (served via Apache) | `80` | The main application |
description:"Submit a report and help us improve Nextcloud Server"
title:"[Bug]: "
labels:["bug","0. Needs triage"]
body:
- type:markdown
attributes:
value:|
### 👍 Thank you for contributing to our project!
Please note this is a **free and open-source** project. Most people take on their own time to help you, so please, be patient.
You can obtain [Enterprise support](https://nextcloud.com/support/) if you run Nextcloud Server in a mission critical environment.
- type:checkboxes
id:before-posting
attributes:
label:"⚠️ This issue respects the following points: ⚠️"
description:All conditions are **required**. Your issue can be closed if these are checked incorrectly.
options:
- label:This is a **bug**, not a question or a configuration/webserver/proxy issue.
required:true
- label:This issue is **not** already reported on [Github](https://github.com/nextcloud/server/issues?q=is%3Aopen+is%3Aissue+label%3Abug) OR [Nextcloud Community Forum](https://help.nextcloud.com/) _(I've searched it)_.
required:true
- label:Nextcloud Server **is** up to date. See [Maintenance and Release Schedule](https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule) for supported versions.
required:true
- label:I agree to follow Nextcloud's [Code of Conduct](https://nextcloud.com/contribute/code-of-conduct/).
required:true
- type:textarea
id:bug-description
attributes:
label:Bug description
description:|
Provide a description of the bug you're experiencing.
Don't just expect someone will guess what your specific problem is and provide full details.
validations:
required:true
- type:textarea
id:reproduce
attributes:
label:Steps to reproduce
description:|
Describe the steps to reproduce the bug.
The better your description is _(go 'here', click 'there'...)_ the fastest you'll get an _(accurate)_ answer.
value:|
1.
2.
3.
validations:
required:true
- type:textarea
id:expected-behavior
attributes:
label:Expected behavior
description:Describe what you expected to happen instead.
validations:
required:true
- type:dropdown
id:install-method
attributes:
label:Installation method
description:|
Select installation method you've used.
_Describe the method in the "Additional info" section if you chose "Other"._
options:
- "Community Web installer on a VPS or web space"
- "Community Manual installation with Archive"
- "Community Docker image"
- "Community NextcloudPi appliance"
- "Community SNAP package"
- "Community VM appliance"
- "Other Community project"
- "Official All-in-One appliance"
- type:dropdown
id:nextcloud-version
attributes:
label:Nextcloud Server version
description:|
Select Nextcloud Server version.
_Versions not listed here are not maintained and not supported anymore_
options:
- "25"
- "26"
- "27"
- "master"
validations:
required:true
- type:dropdown
id:system
attributes:
label:Operating system
description:|
Select operating system where Nextcloud Server is installed.
_Describe in the "Additional info" section if you chose "Other"._
options:
- "Debian/Ubuntu"
- "RHEL/CentOS"
- "Other"
- type:dropdown
id:php
attributes:
label:PHP engine version
description:|
Select PHP engine version serving Nextcloud Server.
_Describe in the "Additional info" section if you chose "Other"._
options:
- "PHP 7.4"
- "PHP 8.0"
- "PHP 8.1"
- "PHP 8.2"
- "Other"
- type:dropdown
id:webserver
attributes:
label:Web server
description:|
Select Webserver serving Nextcloud Server.
_Describe in the "Additional info" section if you chose "Other"._
options:
- "Apache (supported)"
- "Nginx"
- "Other"
- type:dropdown
id:database
attributes:
label:Database engine version
description:|
Select Database engine serving Nextcloud Server.
_Describe in the "Additional info" section if you chose "Other"._
options:
- "MySQL"
- "MariaDB"
- "PostgreSQL"
- "SQlite"
- "Oracle"
- "Other"
- type:dropdown
id:fresh
attributes:
label:Is this bug present after an update or on a fresh install?
description:|
Select if bug is present after an update or on a fresh install.
options:
- "Updated from a MINOR version (ex. 22.1 to 22.2)"
- "Upgraded to a MAJOR version (ex. 22 to 23)"
- "Fresh Nextcloud Server install"
- type:dropdown
id:encryption
attributes:
label:Are you using the Nextcloud Server Encryption module?
description:Select if encryption is Enabled on your Nextcloud Server.
options:
- "Encryption is Enabled"
- "Encryption is Disabled"
- type:checkboxes
id:users
attributes:
label:What user-backends are you using?
description:|
Select **all** user-backends Enabled on your Nextcloud Server.
_Describe in the "Additional info" section if you chose "Other"._
options:
- label:"Default user-backend _(database)_"
- label:"LDAP/ Active Directory"
- label:"SSO - SAML"
- label:"Other"
- type:textarea
id:configs
attributes:
label:Configuration report
description:|
Provide information about your configuration.
To get this information, execute one of the following commands on the CLI:
```shell
sudo -u www-data php occ config:list system
php occ config:list system
./occ config:list system
```
> NOTE: This will be automatically formatted into code for better readability.
render:shell
- type:textarea
id:apps
attributes:
label:List of activated Apps
description:|
Provide information about your apps.
To get this information, execute one of the following commands on the CLI:
```shell
sudo -u www-data php occ app:list
php occ app:list
./occ app:list
```
> NOTE: This will be automatically formatted into code for better readability.
render:shell
- type:textarea
id:nextcloud-signingstatus
attributes:
label:Nextcloud Signing status
description:|
Provide Nextcloud Signing status.
First, login as Admin user into your Nextcloud, then access this URL:
Note: This is the **issue tracker of Nextcloud**, please do NOT use this to get answers to your questions or get help for fixing your installation. This is a place to report bugs to developers, after your server has been debugged. You can find help debugging your system on our home user forums: https://help.nextcloud.com or, if you use Nextcloud in a large organization, ask our engineers on https://portal.nextcloud.com. See also https://nextcloud.com/support for support options.
Nextcloud is an open source project backed by Nextcloud GmbH. Most of our volunteers are home users and thus primarily care about issues that affect home users. Our paid engineers prioritize issues of our customers. If you are neither a home user nor a customer, consider paying somebody to fix your issue, do it yourself or become a customer.
Guidelines for submitting issues:
* Please search the existing issues first, it's likely that your issue was already reported or even fixed.
- Go to https://github.com/nextcloud and type any word in the top search/command bar. You probably see something like "We couldn’t find any repositories matching ..." then click "Issues" in the left navigation.
- You can also filter by appending e. g. "state:open" to the search string.
- More info on search syntax within github: https://help.github.com/articles/searching-issues
* This repository https://github.com/nextcloud/server/issues is *only* for issues within the Nextcloud Server code. This also includes the apps: files, encryption, external storage, sharing, deleted files, versions, LDAP, and WebDAV Auth
* SECURITY: Report any potential security bug to us via our HackerOne page (https://hackerone.com/nextcloud) following our security policy (https://nextcloud.com/security/) instead of filing an issue in our bug tracker.
* The issues in other components should be reported in their respective repositories: You will find them in our GitHub Organization (https://github.com/nextcloud/)
* You can also use the Issue Template app to prefill most of the required information: https://apps.nextcloud.com/apps/issuetemplate
-->
<!--- Please keep this note for other contributors -->
### How to use GitHub
* Please use the 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to show that you are affected by the same issue.
* Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
* Subscribe to receive notifications on status change and new comments.
### Steps to reproduce
1.
2.
3.
### Expected behaviour
Tell us what should happen
### Actual behaviour
Tell us what happens instead
### Server configuration
**Operating system:**
**Web server:**
**Database:**
**PHP version:**
**Nextcloud version:** (see Nextcloud admin page)
**Updated from an older Nextcloud/ownCloud or fresh install:**
**Where did you install Nextcloud from:**
**Signing status:**
<details>
<summary>Signing status</summary>
```
Login as admin user into your Nextcloud and access
about:Configuration, webserver/proxy or performance issues and other questions
about:I have a question …
- name:💼 Nextcloud Enterprise
url:https://portal.nextcloud.com/
about:If you are a Nextcloud Enterprise customer, or need Professional support, so it can be resolved directly by our dedicated engineers more quickly
about:If you are a customer and are using Nextcloud Enterprise, please submit your issue directly in the Nextcloud Portal so it can be resolved by our dedicated engineers more quickly.
- Code is [properly formatted](https://docs.nextcloud.com/server/latest/developer_manual/digging_deeper/continuous_integration.html#linting)
- [Sign-off message](https://github.com/src-d/guide/blob/master/developer-community/fix-DCO.md) is added to all commits
- [ ] Tests ([unit](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#unit-tests), [integration](https://docs.nextcloud.com/server/latest/developer_manual/app_development/tutorial.html#integration-tests), api and/or acceptance) are included
- [ ] Screenshots before/after for front-end changes
- [ ] Documentation ([manuals](https://github.com/nextcloud/documentation/) or wiki) has been updated or is not required
- [ ] [Backports requested](https://github.com/nextcloud/backportbot/#usage) where applicable (ex: critical bugfixes)
if [[ "${{ matrix.ftpd }}" == 'proftpd' ]]; then echo '$6$Q7V2n3q2GRVv5YeQ$/AhLu07H76Asojy7bxGXMY1caKLAbp5Vt82LOZYMkD/8uDzyMAEXwk0c1Bdz1DkBsk2Vh/9SF130mOPavRGMo.' > /tmp/secret.txt; fi
if [[ "${{ matrix.ftpd }}" == 'proftpd' ]]; then echo 'FTP_ROOT=/home/test' > $GITHUB_ENV; fi
if [[ "${{ matrix.ftpd }}" == 'proftpd' ]]; then docker run --name ftp -d --net host -e PASV_ADDRESS=127.0.0.1 -e FTPUSER_NAME=test -v /tmp/secret.txt:/run/secrets/ftp-user-password-secret -v /tmp/ftp:/home/test instantlinux/proftpd; fi
if [[ "${{ matrix.ftpd }}" == 'vsftpd' ]]; then docker run --name ftp -d --net host -e FTP_USER=test -e FTP_PASS=test -e PASV_ADDRESS=127.0.0.1 -v /tmp/ftp:/home/vsftpd/test fauria/vsftpd; fi
if [[ "${{ matrix.ftpd }}" == 'pure-ftpd' ]]; then docker run --name ftp -d --net host -e "PUBLICHOST=localhost" -e FTP_USER_NAME=test -e FTP_USER_PASS=test -e FTP_USER_HOME=/home/test -v /tmp/ftp:/home/test -v /tmp/ftp:/etc/pure-ftpd/passwd stilliard/pure-ftpd; fi
- name:Set up npm ${{ steps.versions.outputs.npmVersion }}
run:npm i -g npm@"${{ steps.versions.outputs.npmVersion }}"
- name:Install dependencies & build
node-version:${{ matrix.node-version }}
- name:Install dependencies
run:|
npm ci
npm run build --if-present
- name:Check webpack build changes
run:|
bash -c "[[ ! \"`git status --porcelain `\" ]] || (echo 'Please recompile and commit the assets, see the section \"Show changes on failure\" for details' && exit 1)"
Thank you so much for taking the time and effort to create a pull request to our Nextcloud project.
We hope that the reviewing process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR reviewing process.
Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6
Thank you for contributing to Nextcloud and we hope to hear from you soon!
At Nextcloud we want to make sure to have everything in place to enable designers to contribute – making our apps universally accessible and easy to use.
## 🚢 How to contribute design
We have a dedicated page with more in-detail guidelines on our website:
https://nextcloud.com/design/
**TL;DR**
1. Check out open [issues](https://github.com/nextcloud/server/issues) here on GitHub (we label them with `design`)
2. Make sure create publicly accessible assets
3. Add your contributions to an issue and we promise we will review your contribution carefully and foster discussions
[This issue](https://github.com/nextcloud/desktop/issues/877) has examples of other apps, some simple mockups, and specifications about the design. In the discussions in the comments there are updates to the design as well.
[This pull request](https://github.com/nextcloud/desktop/pull/1565) by a developer has the implementation of that issue, the changes they made, and more design discussions and adjustments.
**We encourage you to:**
- Get in touch with the team by joining our [public Talk channel](https://cloud.nextcloud.com/call/gqff69i8)
* 📁 **Access your Data** You can store your files, contacts, calendars, and more on a server of your choosing.
* 🔄 **Sync your Data** You keep your files, contacts, calendars, and more synchronized amongst your devices.
* 📁 **Access your Data** You can store your files, contacts, calendars and more on a server of your choosing.
* 🔄 **Sync your Data** You keep your files, contacts, calendars and more synchronized amongst your devices.
* 🙌 **Share your Data** …by giving others access to the stuff you want them to see or to collaborate with.
* 🚀 **Expandable with hundreds of Apps** ...like [Calendar](https://github.com/nextcloud/calendar), [Contacts](https://github.com/nextcloud/contacts), [Mail](https://github.com/nextcloud/mail), [Video Chat](https://github.com/nextcloud/spreed) and all those you can discover in our [App Store](https://apps.nextcloud.com)
* 🔒 **Security** with our encryption mechanisms, [HackerOne bounty program](https://hackerone.com/nextcloud) and two-factor authentication.
Do you want to learn more about how you can use Nextcloud to access, share and protect your files, calendars, contacts, communication & more at home and in your organization? [**Learn about all our Features**](https://nextcloud.com/athome/).
You want to learn more about how you can use Nextcloud to access, share and protect your files, calendars, contacts, communication & more at home and at your organization? [**Learn about all our Features**](https://nextcloud.com/athome/).
## Get your Nextcloud 🚚
- ☑️ [**Simply sign up**](https://nextcloud.com/signup/) at one of our providers either through our website or through the apps directly.
- 🖥 [**Install** a server by yourself](https://nextcloud.com/install/#instructions-server) on your hardware or by using one of our ready to use **appliances**
- 🖥 [**Install** a server by yourself](https://nextcloud.com/install/#instructions-server) on your own hardware or by using one of our ready to use **appliances**
- 📦 Buy one of the [awesome **devices** coming with a preinstalled Nextcloud](https://nextcloud.com/devices/)
- 🏢 Find a [service **provider**](https://nextcloud.com/providers/) who hosts Nextcloud for you or your company
@@ -30,7 +29,7 @@ Enterprise? Public Sector or Education user? You may want to have a look into [*
@@ -39,16 +38,16 @@ You can also [get support for Nextcloud](https://nextcloud.com/support)!
## Join the team 👪
There are many ways to contribute, of which development is only one! Find out [how to get involved](https://nextcloud.com/contribute/), including as a translator, designer, tester, helping others, and much more! 😍
There are many ways to contribute, of which development is only one! Find out [how to get involved](https://nextcloud.com/contribute/), including as translator, designer, tester, helping others and much more! 😍
### Development setup 👩💻
1. 🚀 [Set up your local development environment](https://docs.nextcloud.com/server/latest/developer_manual/getting_started/devenv.html)
1. 🚀 [Set up your local development environment](https://docs.nextcloud.com/server/latest/developer_manual/general/devenv.html)
2. 🐛 [Pick a good first issue](https://github.com/nextcloud/server/labels/good%20first%20issue)
3. 👩🔧 Create a branch and make your changes. Remember to sign off your commits using `git commit -sm "Your commit message"`
4. ⬆ Create a [pull request](https://opensource.guide/how-to-contribute/#opening-a-pull-request) and `@mention` the people from the issue to review
5. 👍 Fix things that come up during a review
5. 👍 Fix things that come up during review
6. 🎉 Wait for it to get merged!
Third-party components are handled as git submodules which have to be initialized first. So aside from the regular git checkout invoking `git submodule update --init` or a similar command is needed, for details see Git documentation.
@@ -57,13 +56,12 @@ Several apps that are included by default in regular releases such as [First run
Otherwise, git checkouts can be handled the same as release archives, by using the `stable*` branches. Note they should never be used on production systems.
### Working with front-end code 🏗
#### Building Vue components and scripts
### Building front-end code 🏗
We are moving more and more toward using Vue.js in the front-end, starting with Settings. For building the code on changes, use these terminal commands in the root folder:
We are moving more and more towards using Vue.js in the frontend, starting with Settings. For building the code on changes, use these terminal commands in the root folder:
```bash
``` bash
# install dependencies
make dev-setup
@@ -77,79 +75,36 @@ make watch-js
make build-js-production
```
#### Building styles
Styles are written in SCSS and compiled to css.
```bash
# install dependencies
make dev-setup
# compile style sheets
npm run sass
# compile style sheets and watch edits
npm run sass:watch
```
#### Committing changes
**When making changes, also commit the compiled files!**
We still use Handlebars templates in some places in Files and Settings. We will replace these step-by-step with Vue.js, but in the meantime, you need to compile them separately.
We still use Handlebars templates some places in Files and Settings. We will replace these step-by-step with Vue.js, but in the meantime you need to compile them separately.
If you don’t have Handlebars installed yet, you can do it with this terminal command:
```bash
```
sudo npm install -g handlebars
```
Then inside the root folder of your local Nextcloud development installation, run this command in the terminal every time you changed a `.handlebars` file to compile it:
```bash
```
./build/compile-handlebars-templates.sh
```
Before checking in JS changes, make sure to also build for production:
```bash
make build-js-production
```
Then add the compiled files for committing.
To save some time, to only rebuild for a specific app, use the following and replace the module with the app name:
```bash
MODULE=user_status make build-js-production
```
Please note that if you used `make build-js` or `make watch-js` before, you'll notice that a lot of files were marked as changed, so might need to clear the workspace first.
### Working with back-end code 🏗
When changing back-end PHP code, in general, no additional steps are needed before checking in.
However, if new files were created, you will need to run the following command to update the autoloader files:
```bash
build/autoloaderchecker.sh
```
After that, please also include the autoloader file changes in your commits.
### Tools we use 🛠
- [👀 BrowserStack](https://browserstack.com) for cross-browser testing
- [🌊 WAVE](https://wave.webaim.org/extension/) for accessibility testing
- [🚨 Lighthouse](https://developers.google.com/web/tools/lighthouse/) for testing performance, accessibility, and more
- [🚨 Lighthouse](https://developers.google.com/web/tools/lighthouse/) for testing of performance, accessibility and more
#### Helpful bots at github :robot:
- Comment on a pull request with `/update-3rdparty` to update the 3rd party submodule. It will update to the last commit of the 3rd party branch named like the PR target.
## Contribution guidelines 📜
All contributions to this repository from June 16, 2016, and onward are considered to be
All contributions to this repository from June, 16 2016 on are considered to be
licensed under the AGPLv3 or any later version.
Nextcloud doesn't require a CLA (Contributor License Agreement).
The copyright belongs to all the individual contributors. Therefore we recommend
that every contributor adds the following line to the header of a file if they
that every contributor adds following line to the header of a file, if they
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Roeland Jago Douma