Merge branch 'master' into artonge/fix/versions_init

nextcloud · May 26, 2023 · 9fa42c0 · 9fa42c0
2 parents c3475f4 + 7d9d99d
commit 9fa42c0
Show file tree

Hide file tree

Showing 201 changed files with 393 additions and 199 deletions.
diff --git a/apps/comments/l10n/it.js b/apps/comments/l10n/it.js
@@ -19,6 +19,7 @@ OC.L10N.register(
     "No comments yet, start the conversation!" : "Ancora nessun commento, inizia la conversazione!",
     "No more messages" : "Non ci sono altri messaggi",
     "Retry" : "Riprova",
+    "Failed to mark comments as read" : "Impossibile segnare i commenti come letti",
     "Unable to load the comments list" : "Impossibile caricare l'elenco dei commenti",
     "_%n unread comment_::_%n unread comments_" : ["%n commento non letto","%n commenti non letti","%n commenti non letti"],
     "_1 new comment_::_{unread} new comments_" : ["1 nuovo commento","{unread} nuovi commenti","{unread} nuovi commenti"],

diff --git a/apps/comments/l10n/it.json b/apps/comments/l10n/it.json
@@ -17,6 +17,7 @@
     "No comments yet, start the conversation!" : "Ancora nessun commento, inizia la conversazione!",
     "No more messages" : "Non ci sono altri messaggi",
     "Retry" : "Riprova",
+    "Failed to mark comments as read" : "Impossibile segnare i commenti come letti",
     "Unable to load the comments list" : "Impossibile caricare l'elenco dei commenti",
     "_%n unread comment_::_%n unread comments_" : ["%n commento non letto","%n commenti non letti","%n commenti non letti"],
     "_1 new comment_::_{unread} new comments_" : ["1 nuovo commento","{unread} nuovi commenti","{unread} nuovi commenti"],

diff --git a/apps/comments/l10n/pt_BR.js b/apps/comments/l10n/pt_BR.js
@@ -19,6 +19,7 @@ OC.L10N.register(
     "No comments yet, start the conversation!" : "Nenhum comentário ainda, inicie uma conversa!",
     "No more messages" : "Sem mais mensagens",
     "Retry" : "Tentar novamente",
+    "Failed to mark comments as read" : "Falha ao marcar comentários como lidos",
     "Unable to load the comments list" : "Não foi possível carregar a lista de comentários",
     "_%n unread comment_::_%n unread comments_" : ["%n comentários não lidos","%n comentários não lidos","%n comentários não lidos"],
     "_1 new comment_::_{unread} new comments_" : ["1 novo comentário","{unread} novos comentários","{unread} novos comentários"],

diff --git a/apps/comments/l10n/pt_BR.json b/apps/comments/l10n/pt_BR.json
@@ -17,6 +17,7 @@
     "No comments yet, start the conversation!" : "Nenhum comentário ainda, inicie uma conversa!",
     "No more messages" : "Sem mais mensagens",
     "Retry" : "Tentar novamente",
+    "Failed to mark comments as read" : "Falha ao marcar comentários como lidos",
     "Unable to load the comments list" : "Não foi possível carregar a lista de comentários",
     "_%n unread comment_::_%n unread comments_" : ["%n comentários não lidos","%n comentários não lidos","%n comentários não lidos"],
     "_1 new comment_::_{unread} new comments_" : ["1 novo comentário","{unread} novos comentários","{unread} novos comentários"],

diff --git a/apps/dav/l10n/pt_BR.js b/apps/dav/l10n/pt_BR.js
@@ -118,6 +118,8 @@ OC.L10N.register(
     "{actor} updated contact {card} in address book {addressbook}" : "{actor} updated contact {card} no livro de endereço {addressbook}",
     "You updated contact {card} in address book {addressbook}" : "Você atualizou o contato  {card} no livro de endereços  {addressbook}",
     "A <strong>contact</strong> or <strong>address book</strong> was modified" : "O <strong>contato</strong> ou <strong>livro de endereço</strong> foi modificado",
+    "Accounts" : "Contas",
+    "System address book which holds all accounts" : "Catálogo de endereços do sistema que contém todas as contas",
     "File is not updatable: %1$s" : "O arquivo não é atualizável: %1$s",
     "Could not write to final file, canceled by hook" : "Não foi possível gravar no arquivo final, cancelado pelo gancho",
     "Could not write file contents" : "Não foi possível gravar o conteúdo do arquivo",

diff --git a/apps/dav/l10n/pt_BR.json b/apps/dav/l10n/pt_BR.json
@@ -116,6 +116,8 @@
     "{actor} updated contact {card} in address book {addressbook}" : "{actor} updated contact {card} no livro de endereço {addressbook}",
     "You updated contact {card} in address book {addressbook}" : "Você atualizou o contato  {card} no livro de endereços  {addressbook}",
     "A <strong>contact</strong> or <strong>address book</strong> was modified" : "O <strong>contato</strong> ou <strong>livro de endereço</strong> foi modificado",
+    "Accounts" : "Contas",
+    "System address book which holds all accounts" : "Catálogo de endereços do sistema que contém todas as contas",
     "File is not updatable: %1$s" : "O arquivo não é atualizável: %1$s",
     "Could not write to final file, canceled by hook" : "Não foi possível gravar no arquivo final, cancelado pelo gancho",
     "Could not write file contents" : "Não foi possível gravar o conteúdo do arquivo",

diff --git a/apps/dav/l10n/zh_HK.js b/apps/dav/l10n/zh_HK.js
@@ -174,7 +174,7 @@ OC.L10N.register(
     "Failed to save availability" : "未能保存可用時間",
     "Calendar server" : "日曆伺服器",
     "Send invitations to attendees" : "發送邀請函給參加者",
-    "Automatically generate a birthday calendar" : "自動建立生日日曆",
+    "Automatically generate a birthday calendar" : "自動生成生日日曆",
     "Birthday calendars will be generated by a background job." : "生日日曆將由後台作業生成。",
     "Hence they will not be available immediately after enabling but will show up after some time." : "因此，啟用後不會立即可用，但會在一段時間後顯示。",
     "Send notifications for events" : "發送活動通知",

diff --git a/apps/dav/l10n/zh_HK.json b/apps/dav/l10n/zh_HK.json
@@ -172,7 +172,7 @@
     "Failed to save availability" : "未能保存可用時間",
     "Calendar server" : "日曆伺服器",
     "Send invitations to attendees" : "發送邀請函給參加者",
-    "Automatically generate a birthday calendar" : "自動建立生日日曆",
+    "Automatically generate a birthday calendar" : "自動生成生日日曆",
     "Birthday calendars will be generated by a background job." : "生日日曆將由後台作業生成。",
     "Hence they will not be available immediately after enabling but will show up after some time." : "因此，啟用後不會立即可用，但會在一段時間後顯示。",
     "Send notifications for events" : "發送活動通知",

diff --git a/apps/dav/lib/CardDAV/SystemAddressbook.php b/apps/dav/lib/CardDAV/SystemAddressbook.php
@@ -92,7 +92,7 @@ public function getChildren() {
 			// Should never happen because we don't allow anonymous access
 			return [];
 		}
-		if (!$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
+		if ($user->getBackendClassName() === 'Guests' || !$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
 			$name = SyncService::getCardUri($user);
 			try {
 				return [parent::getChild($name)];
@@ -135,8 +135,8 @@ public function getMultipleChildren($paths): array {
 		$shareEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
 		$shareEnumerationGroup = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
 		$shareEnumerationPhone = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
-		if (!$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
-			$user = $this->userSession->getUser();
+		$user = $this->userSession->getUser();
+		if (($user !== null && $user->getBackendClassName() === 'Guests') || !$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
 			// No user or cards with no access
 			if ($user === null || !in_array(SyncService::getCardUri($user), $paths, true)) {
 				return [];
@@ -149,7 +149,6 @@ public function getMultipleChildren($paths): array {
 			}
 		}
 		if ($shareEnumerationGroup) {
-			$user = $this->userSession->getUser();
 			if ($this->groupManager === null || $user === null) {
 				// Group manager or user is not available, so we can't determine which data is safe
 				return [];
@@ -196,19 +195,18 @@ public function getMultipleChildren($paths): array {
 	 * @throws Forbidden
 	 */
 	public function getChild($name): Card {
+		$user = $this->userSession->getUser();
 		$shareEnumeration = $this->config->getAppValue('core', 'shareapi_allow_share_dialog_user_enumeration', 'yes') === 'yes';
 		$shareEnumerationGroup = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_group', 'no') === 'yes';
 		$shareEnumerationPhone = $this->config->getAppValue('core', 'shareapi_restrict_user_enumeration_to_phone', 'no') === 'yes';
-		if (!$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
-			$currentUser = $this->userSession->getUser();
-			$ownName = $currentUser !== null ? SyncService::getCardUri($currentUser) : null;
+		if (($user !== null && $user->getBackendClassName() === 'Guests') || !$shareEnumeration || (!$shareEnumerationGroup && $shareEnumerationPhone)) {
+			$ownName = $user !== null ? SyncService::getCardUri($user) : null;
 			if ($ownName === $name) {
 				return parent::getChild($name);
 			}
 			throw new Forbidden();
 		}
 		if ($shareEnumerationGroup) {
-			$user = $this->userSession->getUser();
 			if ($user === null || $this->groupManager === null) {
 				// Group manager is not available, so we can't determine which data is safe
 				throw new Forbidden();

diff --git a/apps/dav/tests/unit/CardDAV/SystemAddressBookTest.php b/apps/dav/tests/unit/CardDAV/SystemAddressBookTest.php
@@ -90,6 +90,46 @@ protected function setUp(): void {
 		);
 	}
 
+	public function testGetChildrenAsGuest(): void {
+		$this->config->expects(self::exactly(3))
+			->method('getAppValue')
+			->willReturnMap([
+				['core', 'shareapi_allow_share_dialog_user_enumeration', 'yes', 'yes'],
+				['core', 'shareapi_restrict_user_enumeration_to_group', 'no', 'no'],
+				['core', 'shareapi_restrict_user_enumeration_to_phone', 'no', 'no'],
+			]);
+		$user = $this->createMock(IUser::class);
+		$user->method('getUID')->willReturn('user');
+		$user->method('getBackendClassName')->willReturn('Guests');
+		$this->userSession->expects(self::once())
+			->method('getUser')
+			->willReturn($user);
+		$vcfWithScopes = <<<VCF
+BEGIN:VCARD
+VERSION:3.0
+PRODID:-//Sabre//Sabre VObject 4.4.2//EN
+UID:admin
+FN;X-NC-SCOPE=v2-federated:admin
+N;X-NC-SCOPE=v2-federated:admin;;;;
+ADR;TYPE=OTHER;X-NC-SCOPE=v2-local:Testing test test test;;;;;;
+EMAIL;TYPE=OTHER;X-NC-SCOPE=v2-federated:miau_lalala@gmx.net
+TEL;TYPE=OTHER;X-NC-SCOPE=v2-local:+435454454544
+CLOUD:admin@http://localhost
+END:VCARD
+VCF;
+		$originalCard = [
+			'carddata' => $vcfWithScopes,
+		];
+		$this->cardDavBackend->expects(self::once())
+			->method('getCard')
+			->with(123, 'Guests:user.vcf')
+			->willReturn($originalCard);
+
+		$children = $this->addressBook->getChildren();
+
+		self::assertCount(1, $children);
+	}
+
 	public function testGetFilteredChildForFederation(): void {
 		$this->config->expects(self::exactly(3))
 			->method('getAppValue')
@@ -172,6 +212,24 @@ public function testGetChildWithoutEnumeration(): void {
 		$this->addressBook->getChild("LDAP:user.vcf");
 	}
 
+	public function testGetChildAsGuest(): void {
+		$this->config->expects(self::exactly(3))
+			->method('getAppValue')
+			->willReturnMap([
+				['core', 'shareapi_allow_share_dialog_user_enumeration', 'yes', 'yes'],
+				['core', 'shareapi_restrict_user_enumeration_to_group', 'no', 'no'],
+				['core', 'shareapi_restrict_user_enumeration_to_phone', 'no', 'no'],
+			]);
+		$user = $this->createMock(IUser::class);
+		$user->method('getBackendClassName')->willReturn('Guests');
+		$this->userSession->expects(self::once())
+			->method('getUser')
+			->willReturn($user);
+		$this->expectException(Forbidden::class);
+
+		$this->addressBook->getChild("LDAP:user.vcf");
+	}
+
 	public function testGetChildWithGroupEnumerationRestriction(): void {
 		$this->config->expects(self::exactly(3))
 			->method('getAppValue')
@@ -322,6 +380,26 @@ public function testGetMultipleChildrenWithGroupEnumerationRestriction(): void {
 		self::assertCount(2, $cards);
 	}
 
+	public function testGetMultipleChildrenAsGuest(): void {
+		$this->config
+			->method('getAppValue')
+			->willReturnMap([
+				['core', 'shareapi_allow_share_dialog_user_enumeration', 'yes', 'yes'],
+				['core', 'shareapi_restrict_user_enumeration_to_group', 'no', 'no'],
+				['core', 'shareapi_restrict_user_enumeration_to_phone', 'no', 'no'],
+			]);
+		$user = $this->createMock(IUser::class);
+		$user->method('getUID')->willReturn('user');
+		$user->method('getBackendClassName')->willReturn('Guests');
+		$this->userSession->expects(self::once())
+			->method('getUser')
+			->willReturn($user);
+
+		$cards = $this->addressBook->getMultipleChildren(['Database:user1.vcf', 'LDAP:user2.vcf']);
+
+		self::assertEmpty($cards);
+	}
+
 	public function testGetMultipleChildren(): void {
 		$this->config
 			->method('getAppValue')

diff --git a/apps/encryption/lib/Crypto/Crypt.php b/apps/encryption/lib/Crypto/Crypt.php
@@ -70,9 +70,9 @@ class Crypt {
 	// default cipher from old Nextcloud versions
 	public const LEGACY_CIPHER = 'AES-128-CFB';
 
-	public const SUPPORTED_KEY_FORMATS = ['hash', 'password'];
+	public const SUPPORTED_KEY_FORMATS = ['hash2', 'hash', 'password'];
 	// one out of SUPPORTED_KEY_FORMATS
-	public const DEFAULT_KEY_FORMAT = 'hash';
+	public const DEFAULT_KEY_FORMAT = 'hash2';
 	// default key format, old Nextcloud version encrypted the private key directly
 	// with the user password
 	public const LEGACY_KEY_FORMAT = 'password';
@@ -371,22 +371,20 @@ private function addPadding($data) {
 	 * @param string $uid only used for user keys
 	 * @return string
 	 */
-	protected function generatePasswordHash($password, $cipher, $uid = '') {
+	protected function generatePasswordHash(string $password, string $cipher, string $uid = '', int $iterations = 600000): string {
 		$instanceId = $this->config->getSystemValue('instanceid');
 		$instanceSecret = $this->config->getSystemValue('secret');
 		$salt = hash('sha256', $uid . $instanceId . $instanceSecret, true);
 		$keySize = $this->getKeySize($cipher);
 
-		$hash = hash_pbkdf2(
+		return hash_pbkdf2(
 			'sha256',
 			$password,
 			$salt,
-			100000,
+			$iterations,
 			$keySize,
 			true
 		);
-
-		return $hash;
 	}
 
 	/**
@@ -431,8 +429,10 @@ public function decryptPrivateKey($privateKey, $password = '', $uid = '') {
 			$keyFormat = self::LEGACY_KEY_FORMAT;
 		}
 
-		if ($keyFormat === self::DEFAULT_KEY_FORMAT) {
-			$password = $this->generatePasswordHash($password, $cipher, $uid);
+		if ($keyFormat === 'hash') {
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 100000);
+		} elseif ($keyFormat === 'hash2') {
+			$password = $this->generatePasswordHash($password, $cipher, $uid, 600000);
 		}
 
 		$binaryEncoding = isset($header['encoding']) && $header['encoding'] === self::BINARY_ENCODING_FORMAT;

diff --git a/apps/encryption/tests/Crypto/CryptTest.php b/apps/encryption/tests/Crypto/CryptTest.php
@@ -137,7 +137,7 @@ public function testGenerateHeaderInvalid() {
 	 */
 	public function dataTestGenerateHeader() {
 		return [
-			[null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash:encoding:binary:HEND'],
+			[null, 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash2:encoding:binary:HEND'],
 			['password', 'HBEGIN:cipher:AES-128-CFB:keyFormat:password:encoding:binary:HEND'],
 			['hash', 'HBEGIN:cipher:AES-128-CFB:keyFormat:hash:encoding:binary:HEND']
 		];

diff --git a/apps/files/l10n/cs.js b/apps/files/l10n/cs.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Prázdný",
     "Unable to create new file from template" : "Nedaří se vytvořit soubor ze šablony",
     "Delete permanently" : "Nadobro smazat",
+    "Open folder {displayName}" : "Otevřít složku {displayName}",
     "Set up templates folder" : "Vytvořit složku pro šablony",
     "Templates" : "Šablony",
     "Create new templates folder" : "Vytvořit novou složku šablon",

diff --git a/apps/files/l10n/cs.json b/apps/files/l10n/cs.json
@@ -226,6 +226,7 @@
     "Blank" : "Prázdný",
     "Unable to create new file from template" : "Nedaří se vytvořit soubor ze šablony",
     "Delete permanently" : "Nadobro smazat",
+    "Open folder {displayName}" : "Otevřít složku {displayName}",
     "Set up templates folder" : "Vytvořit složku pro šablony",
     "Templates" : "Šablony",
     "Create new templates folder" : "Vytvořit novou složku šablon",

diff --git a/apps/files/l10n/de_DE.js b/apps/files/l10n/de_DE.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Leer",
     "Unable to create new file from template" : "Neue Datei kann nicht aus Vorlage erstellt werden",
     "Delete permanently" : "Endgültig löschen",
+    "Open folder {displayName}" : "Ordner {displayName} öffnen",
     "Set up templates folder" : "Vorlagenordner einrichten",
     "Templates" : "Vorlagen",
     "Create new templates folder" : "Neuen Vorlagenordner erstellen",

diff --git a/apps/files/l10n/de_DE.json b/apps/files/l10n/de_DE.json
@@ -226,6 +226,7 @@
     "Blank" : "Leer",
     "Unable to create new file from template" : "Neue Datei kann nicht aus Vorlage erstellt werden",
     "Delete permanently" : "Endgültig löschen",
+    "Open folder {displayName}" : "Ordner {displayName} öffnen",
     "Set up templates folder" : "Vorlagenordner einrichten",
     "Templates" : "Vorlagen",
     "Create new templates folder" : "Neuen Vorlagenordner erstellen",

diff --git a/apps/files/l10n/en_GB.js b/apps/files/l10n/en_GB.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Blank",
     "Unable to create new file from template" : "Unable to create new file from template",
     "Delete permanently" : "Delete permanently",
+    "Open folder {displayName}" : "Open folder {displayName}",
     "Set up templates folder" : "Set up templates folder",
     "Templates" : "Templates",
     "Create new templates folder" : "Create new templates folder",

diff --git a/apps/files/l10n/en_GB.json b/apps/files/l10n/en_GB.json
@@ -226,6 +226,7 @@
     "Blank" : "Blank",
     "Unable to create new file from template" : "Unable to create new file from template",
     "Delete permanently" : "Delete permanently",
+    "Open folder {displayName}" : "Open folder {displayName}",
     "Set up templates folder" : "Set up templates folder",
     "Templates" : "Templates",
     "Create new templates folder" : "Create new templates folder",

diff --git a/apps/files/l10n/es.js b/apps/files/l10n/es.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Vacío",
     "Unable to create new file from template" : "No se ha podido crear un nuevo archivo desde la plantilla",
     "Delete permanently" : "Eliminar de forma definitiva",
+    "Open folder {displayName}" : "Abrir carpeta {displayName}",
     "Set up templates folder" : "Configura una carpeta para plantillas",
     "Templates" : "Plantillas",
     "Create new templates folder" : "Crear nueva carpeta de plantillas",

diff --git a/apps/files/l10n/es.json b/apps/files/l10n/es.json
@@ -226,6 +226,7 @@
     "Blank" : "Vacío",
     "Unable to create new file from template" : "No se ha podido crear un nuevo archivo desde la plantilla",
     "Delete permanently" : "Eliminar de forma definitiva",
+    "Open folder {displayName}" : "Abrir carpeta {displayName}",
     "Set up templates folder" : "Configura una carpeta para plantillas",
     "Templates" : "Plantillas",
     "Create new templates folder" : "Crear nueva carpeta de plantillas",

diff --git a/apps/files/l10n/fi.js b/apps/files/l10n/fi.js
@@ -222,6 +222,7 @@ OC.L10N.register(
     "Blank" : "Tyhjä",
     "Unable to create new file from template" : "Uutta tiedostoa mallipohjasta ei voi luoda",
     "Delete permanently" : "Poista pysyvästi",
+    "Open folder {displayName}" : "Avaa kansio {displayName}",
     "Set up templates folder" : "Aseta mallipohjien kansio",
     "Templates" : "Mallipohjat",
     "Create new templates folder" : "Luo uusi mallipohjien kansio",

diff --git a/apps/files/l10n/fi.json b/apps/files/l10n/fi.json
@@ -220,6 +220,7 @@
     "Blank" : "Tyhjä",
     "Unable to create new file from template" : "Uutta tiedostoa mallipohjasta ei voi luoda",
     "Delete permanently" : "Poista pysyvästi",
+    "Open folder {displayName}" : "Avaa kansio {displayName}",
     "Set up templates folder" : "Aseta mallipohjien kansio",
     "Templates" : "Mallipohjat",
     "Create new templates folder" : "Luo uusi mallipohjien kansio",

diff --git a/apps/files/l10n/it.js b/apps/files/l10n/it.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Vuoto",
     "Unable to create new file from template" : "Impossibile creare un nuovo file dal modello",
     "Delete permanently" : "Elimina permanentemente",
+    "Open folder {displayName}" : "Apri la cartella {displayName}",
     "Set up templates folder" : "Configura la cartella dei modelli",
     "Templates" : "Modelli",
     "Create new templates folder" : "Crea una nuova cartella dei templates",

diff --git a/apps/files/l10n/it.json b/apps/files/l10n/it.json
@@ -226,6 +226,7 @@
     "Blank" : "Vuoto",
     "Unable to create new file from template" : "Impossibile creare un nuovo file dal modello",
     "Delete permanently" : "Elimina permanentemente",
+    "Open folder {displayName}" : "Apri la cartella {displayName}",
     "Set up templates folder" : "Configura la cartella dei modelli",
     "Templates" : "Modelli",
     "Create new templates folder" : "Crea una nuova cartella dei templates",

diff --git a/apps/files/l10n/sv.js b/apps/files/l10n/sv.js
@@ -228,6 +228,7 @@ OC.L10N.register(
     "Blank" : "Tom",
     "Unable to create new file from template" : "Kunde inte skapa fil från mall",
     "Delete permanently" : "Ta bort permanent",
+    "Open folder {displayName}" : "Öppna mappen {displayName}",
     "Set up templates folder" : "Skapa en mapp för mallar",
     "Templates" : "Mallar",
     "Create new templates folder" : "Skapa ny mallmapp",