You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The following sections list the changes in ownCloud core 10.4.0 relevant to
ownCloud admins and users.
Summary
❓ Bugfix - Fix links in setupchecks.js: #36315@davitol Documentation is not ready yet.
❓ Bugfix - Inform the admin if they enable an enterprise app without valid key: #36351@davitol Works and message is shown when I set a invalid EE key from scratch.
Bugfix - Set 599 HTTP code on error: #36413@davitol Note: Blank page is show now in the browser
Bugfix - Fix "files:transfer-ownership" in S3 multibucket setups: #36464
-❓ Bugfix - Fix Trash-bin api access: #36378@davitol I'm getting a 405
Bugfix - Files shared with user cause purge of the trashbin content: #36494@davitol
Bugfix - Enhance validation for sender e-mail address for e-mail notifications: #36505@davitol User uses the e-mail notification mechanism in order to notify other users when creating public links as well as internal shares, an d no error is triggered @davitol
Bugfix - Suppress warning when resetting user password with masterkey encryption: #36523@davitol
Bugfix - Receive multiple users for user sync command: #36576@davitol
Bugfix - Fix null for empty path on Oracle: #36610@davitol
Bugfix - Inform the admin if they enable an enterprise app without valid key: #36351
Previously no message was displayed but the app was not enabled.
Now, when the admin tries to enable an enterprise app when the enterprise key is invalid, the
message "cannot be enabled because of invalid enterprise key" is displayed.
Previously, a hard crash, such as DB being down, was being reported with a stacktrace and a 200
HTTP code. In order to homogenize the behaviour with all the endpoints, we've changed the
behaviour to return a 599 HTTP code and an empty content.
In addition, we've included a new option in the config.php, "crashdirectory", which defaults
to the "datadirectory" set, where the crash logs will be created. Note that normal errors will
still be reported normally and will log into the owncloud.log file.
Bugfix - Fix "files:transfer-ownership" in S3 multibucket setups: #36464
There were problems using the files:transfer-ownership in setups using files_primary_s3
against S3 storage with multibucket configuration, when some of the transferred files were
shared with other people. This PR fixes that problem with the shares while transferring the
files, allowing the files:transfer-ownership to finish correctly
Bugfix - Files shared with user cause purge of the trashbin content: #36494
Files_trashbin app counted incoming shares on calculation of the occupied space. It caused
purge of the trashbin content when trashbin_retention_obligation is auto, user has quota set
and incoming shares exceed 50% of this quota.
Bugfix - Enhance validation for sender e-mail address for e-mail notifications: #36505
If a user wanted to use the e-mail notification mechanism in order to notify other users when
creating public links as well as internal shares, an error was triggered if the e-mail address
for this user was not set. The behavior has now been fixed.
Bugfix - Suppress warning when resetting user password with masterkey encryption: #36523
When an admin wanted to reset user's password over the Users management page with masterkey
encryption in place, a warning was displayed about data recovery not being available. The
behavior has now been fixed.
Bugfix - Receive multiple users for user sync command: #36576
Recieve multiple users for user sync command. Previously when multiple users were returned,
an exception was thrown and the command was aborted. In this fix we allow multiple users to be
returned, and we check for the uid provided by the admin matches with the returned users. And if
we find matches of more than one users with same uid, then we throw the exception that was thrown
previously. The messages are kept intact.
Bugfix - Fix null for empty path on Oracle: #36610
An empty path was fetched as null and not as an empty string. Due to the strict comparison it
caused the list of mounts for the existing fileId to be empty. So the higher level code relaying
on the mounts list got an empty list and did nothing.
Change - Validate reshare permissions and attributes based on supershare: #36265
This change provides a uniform way that reshare permissions and attributes are internally
checked and enforced. There is no change to external behaviour.
Change - Don't report locking support in public.php and public-files endpoints: #36402
Public endpoints were reporting locking support even though the backend were rejecting those
requests. This was causing a problem accessing a publicly shared document using libreoffice
opening the file through webdav (libreoffice was complaining about a Forbidden error trying
to lock the file)
With these changes, libreoffice will show a warning while opening the remote file (from a
public link) if the file is already locked, letting the user choose what to do. If there is no
lock, the file will be opened normally, but it won't be locked.
Following changes are expected: * LOCK and UNLOCK methods won't be reported as allowed * Lock
information (d:lockdiscovery) and support (d:supportedlock) will be shown in the propfind
if requested (lock support is needed for libreoffice to try to lock the file) * Trying to lock the
file through public link will either throw a Locked exception if there is a lock in place, or
MethodNotAllowed if there are no locks (the Locked exception is needed for libreoffice to show
a popup warning the user that the file is locked)
Change - Update Symfony polyfill components to 1.13.0: #36485
The following Symfony polyfill components have been updated to version 1.13.0: -
polyfill-iconv - polyfill-php72 - polyfill-mbstring - polyfill-intl-idn - polyfill-util -
polyfill-php56 - polyfill-ctype
Change - Update Symfony components to 3.4.36: #36503
The following Symfony components have been updated to version 3.4.36: - console - debug -
event-dispatcher - polyfill-mbstring - process - translation - routing
The following Symfony polyfill components have been updated to 1.31.1: - polyfill-util -
polyfill-php56 - polyfill-iconv - polyfill-php72 - polyfill-intl-idn - polyfill-ctype
Change - Consolidate user/group share actions into single dropdown: #36587
User and group share actions are grouped inside a dropdown which can be toggled via the
cogwheel. This dropdown holds all related additional info and actions such as permissions,
expiration, etc.
Enhancement - Regex version for blacklisted_files and excluded_directories: #36360
Adds two config options blacklisted_files_regex and excluded_directories_regex to enable
more flexible pattern matches. With this you can, for example, disable the upload of Microsoft
Outlook .pst files or the creation of directories containing _backup.
Enhancement - Add an option to provide a mount in read only mode: #36397
Adds a new option in the mount settings to provide a mount in read only mode. This enables users or
admins to provide a write protected mount independent of any backend settings. The sync client
automatically respects this mount setting without any additional intervention.
The file list in the webUI now shows a share indicator on files and folders that reside inside a
shared folder. The sidebar sharing tab reveals a detailed view of the share-tree including
share-recipients and the parent folder that has been shared.
Enhancement - Expiration date for user and group shares: #36573
Shares with users and/or groups can now be given an expiration date. If the default expiration
date is enabled then the default expiration is 7 days in the future. The default expiration date
can be modified by the administrator. The default expiration date can be enforced as the
maximum expiration date of a share. In that case the user can select a shorter expiration, but
not longer.
The settings are disabled by default, preserving the existing behavior. They can be enabled on
the admin sharing settings page. They can be set independently for user and group shares.
Changelog for ownCloud Core [10.4.0] (2020-01-03)
The following sections list the changes in ownCloud core 10.4.0 relevant to
ownCloud admins and users.
Summary
-❓ Bugfix - Fix Trash-bin api access: #36378 @davitol I'm getting a 405
Details
Bugfix - Fix links in setupchecks.js: #36315
Security tips at Settings -> Admin -> General had two broken links to the owncloud docs in the
messages performing HTTPS and HSTS checks
Broken Links in setupchecks.js #36238
[For 10.4] Fix doc links in the admin settings #36315
Bugfix - Inform the admin if they enable an enterprise app without valid key: #36351
Previously no message was displayed but the app was not enabled.
Now, when the admin tries to enable an enterprise app when the enterprise key is invalid, the
message "cannot be enabled because of invalid enterprise key" is displayed.
occ app:enable should exit with proper error message if enterprise key is invalid #36351
Fix for app:enable in case of not valid/not existing enterprise key #36399
Bugfix - Set 599 HTTP code on error: #36413
Previously, a hard crash, such as DB being down, was being reported with a stacktrace and a 200
HTTP code. In order to homogenize the behaviour with all the endpoints, we've changed the
behaviour to return a 599 HTTP code and an empty content.
In addition, we've included a new option in the config.php, "crashdirectory", which defaults
to the "datadirectory" set, where the crash logs will be created. Note that normal errors will
still be reported normally and will log into the owncloud.log file.
[For 10.4] Set 599 HTTP code on error #36413
Bugfix - Fix "files:transfer-ownership" in S3 multibucket setups: #36464
There were problems using the files:transfer-ownership in setups using files_primary_s3
against S3 storage with multibucket configuration, when some of the transferred files were
shared with other people. This PR fixes that problem with the shares while transferring the
files, allowing the files:transfer-ownership to finish correctly
[For 10.4] Fix "files:transfer-ownership" in S3 multibucket setups #36464
Bugfix - Fix Trash-bin api access: #36378
Trash-bin API had allowed users to see the trash-bin content of other users.
Trashbin api allows users to see trashbin content of other users. #36378
[For 10.4] user is only allowed to see their own home trashbin #36488
Bugfix - Files shared with user cause purge of the trashbin content: #36494
Files_trashbin app counted incoming shares on calculation of the occupied space. It caused
purge of the trashbin content when trashbin_retention_obligation is auto, user has quota set
and incoming shares exceed 50% of this quota.
Do not count shared files on trashbin free space calculation #36494
Bugfix - Enhance validation for sender e-mail address for e-mail notifications: #36505
If a user wanted to use the e-mail notification mechanism in order to notify other users when
creating public links as well as internal shares, an error was triggered if the e-mail address
for this user was not set. The behavior has now been fixed.
[For 10.4] Add validation for sender email address #36505
Bugfix - Suppress warning when resetting user password with masterkey encryption: #36523
When an admin wanted to reset user's password over the Users management page with masterkey
encryption in place, a warning was displayed about data recovery not being available. The
behavior has now been fixed.
Fix warning when resetting user's password with masterkey encryption #36523
Bugfix - Receive multiple users for user sync command: #36576
Recieve multiple users for user sync command. Previously when multiple users were returned,
an exception was thrown and the command was aborted. In this fix we allow multiple users to be
returned, and we check for the uid provided by the admin matches with the returned users. And if
we find matches of more than one users with same uid, then we throw the exception that was thrown
previously. The messages are kept intact.
[for 10.4] Receive multiple users from backend for user sync #36576
Bugfix - Fix null for empty path on Oracle: #36610
An empty path was fetched as null and not as an empty string. Due to the strict comparison it
caused the list of mounts for the existing fileId to be empty. So the higher level code relaying
on the mounts list got an empty list and did nothing.
Cast path to string #36610
Change - Validate reshare permissions and attributes based on supershare: #36265
This change provides a uniform way that reshare permissions and attributes are internally
checked and enforced. There is no change to external behaviour.
Validate reshare permissions and attributes based on supershare #36265
Change - Drop PHP 7.0 support across the platform: #36290
Support for security fixes for PHP 7.0 ended 1 Jan 2019 ownCloud core no longer supports PHP 7.0.
Ensure that you are using PHP 7.1 or later.
[For 10.4] Drop php 7.0 bump phpunit7 #36290
https://www.php.net/supported-versions.php
Change - Don't report locking support in public.php and public-files endpoints: #36402
Public endpoints were reporting locking support even though the backend were rejecting those
requests. This was causing a problem accessing a publicly shared document using libreoffice
opening the file through webdav (libreoffice was complaining about a Forbidden error trying
to lock the file)
With these changes, libreoffice will show a warning while opening the remote file (from a
public link) if the file is already locked, letting the user choose what to do. If there is no
lock, the file will be opened normally, but it won't be locked.
Following changes are expected: * LOCK and UNLOCK methods won't be reported as allowed * Lock
information (d:lockdiscovery) and support (d:supportedlock) will be shown in the propfind
if requested (lock support is needed for libreoffice to try to lock the file) * Trying to lock the
file through public link will either throw a Locked exception if there is a lock in place, or
MethodNotAllowed if there are no locks (the Locked exception is needed for libreoffice to show
a popup warning the user that the file is locked)
public.php and public-files endpoints won't report locking support #36402
Change - Update handlebars library to 4.5.3: #36439
The @bower_components/handlebars library has been updated from 4.1.2 to 4.5.3.
Bump @bower_components/handlebars from v4.1.2 to v4.5.3 in /build #36439
Bump handlebars from 4.1.2 to 4.5.3 in /build #36438
Change - Update Symfony polyfill components to 1.13.0: #36485
The following Symfony polyfill components have been updated to version 1.13.0: -
polyfill-iconv - polyfill-php72 - polyfill-mbstring - polyfill-intl-idn - polyfill-util -
polyfill-php56 - polyfill-ctype
Update symfony/polyfill* (v1.12.0 => v1.13.0) #36485
https://github.com/symfony/polyfill/releases/tag/v1.13.0
Change - Update sabre/http (5.0.2 => 5.0.5): #36490
Includes functionality to significantly improve file download speed by enabling mmap based
stream_copy_to_stream.
Bump sabre/http from 5.0.2 to 5.0.5 #36490
Change - Update doctrine/cache (1.9.1 => 1.10.0): #36503
PHP symfony 3.4.36 and doctrine/cache 1.10.0 #36503
Change - Update Symfony components to 3.4.36: #36503
The following Symfony components have been updated to version 3.4.36: - console - debug -
event-dispatcher - polyfill-mbstring - process - translation - routing
The following Symfony polyfill components have been updated to 1.31.1: - polyfill-util -
polyfill-php56 - polyfill-iconv - polyfill-php72 - polyfill-intl-idn - polyfill-ctype
PHP symfony 3.4.36 and doctrine/cache 1.10.0 #36503
https://symfony.com/blog/symfony-3-4-36-released
Change - Update punic/punic (3.4.0 => 3.5.0): #36508
Updating punic/punic (3.4.0 => 3.5.0) #36508
Change - Update patchwork/utf8 (1.3.1 => 1.3.2): #36552
Bump patchwork/utf8 from 1.3.1 to 1.3.2 #36552
Change - Update league/flysystem (1.0.57 => 1.0.61): #36553
Bump league/flysystem from 1.0.57 to 1.0.61 #36553
Change - Update pear/archive_tar (1.4.8 => 1.4.9): #36554
Bump pear/archive_tar from 1.4.8 to 1.4.9 #36554
Change - Protect public preview with password: #36571
The preview route for password protected shares was accessible without the password.
[For 10.4] On the public preview route the share password needs to be verified a… #36571
Change - Consolidate user/group share actions into single dropdown: #36587
User and group share actions are grouped inside a dropdown which can be toggled via the
cogwheel. This dropdown holds all related additional info and actions such as permissions,
expiration, etc.
Consolidate user/group share actions into single dropdown #36587
Change - Update pear/pear_exception (v1.0.0 => v1.0.1): #36599
Dependency bumps 20191217 #36599
Change - Update myclabs/deep-copy (1.9.3 => 1.9.4): #36599
Dependency bumps 20191217 #36599
Change - Update phpspec/prophecy (1.9.0 => 1.10.0): #36603
Updating phpspec/prophecy (1.9.0 => 1.10.0) #36603
Change - Update sabre/vobject (4.2.0 => 4.2.1): #36614
Updating sabre/vobject (4.2.0 => 4.2.1) #36614
Change - Update league/flysystem (1.0.61 => 1.0.62): #36659
Bump league/flysystem from 1.0.61 to 1.0.62 #36659
Change - Update zendframework/zend-validator (2.12.2 => 2.13.0): #36660
Bump zendframework/zend-validator from 2.12.2 to 2.13.0 #36660
Change - Update egulias/email-validator (2.1.11 => 2.1.13): #36661
Dependency bumps 20191231 #36661
Change - Update phpdocumentor/reflection-docblock (4.3.2 => 4.3.4): #36661
Dependency bumps 20191231 #36661
Change - Update phpspec/prophecy (1.10.0 => 1.10.1): #36661
Dependency bumps 20191231 #36661
Change - Zendframework dependency to laminas: #36677
Zend framework changed to be known as laminas. The dependencies are updated.
switch dependency from zendframework to laminas #36677
Enhancement - MariaDb 10.3 support: #29483
MariaDb 10.3 is now supported
MariaDB 10.3 compatibility in regard to mb4 #29483
[For 10.4] Drop php 7.0 bump phpunit7 #36290
Enhancement - PostgreSQL 10 support: #33187
PostgreSQL 10 is now supported
Postgres 10 support #33187
[For 10.4] Drop php 7.0 bump phpunit7 #36290
Enhancement - Regex version for blacklisted_files and excluded_directories: #36360
Adds two config options blacklisted_files_regex and excluded_directories_regex to enable
more flexible pattern matches. With this you can, for example, disable the upload of Microsoft
Outlook .pst files or the creation of directories containing _backup.
Add new regex config parameter version to blacklisted files and excluded directories #36360
Enhancement - Add an option to provide a mount in read only mode: #36397
Adds a new option in the mount settings to provide a mount in read only mode. This enables users or
admins to provide a write protected mount independent of any backend settings. The sync client
automatically respects this mount setting without any additional intervention.
New mount setting: read only mount #36397
Enhancement - Support Oracle connection strings: #36489
To be able to use Oracle specific configuration settings like fail over support for Oracle
connection strings has been added.
https://docs.oracle.com/database/121/HABPT/config_fcf.htm#HABPT4967
[For 10.4] Support Oracle connect string #36489
Enhancement - Add enabled and disabled filter options to occ app:list command: #36520
The occ app:list command now supports the --enabled and --disabled options
Occ app:list --enabled Displays just the enabled apps.
Occ app:list --disabled Displays just the disabled apps.
If a disabled app was enabled in the past, then the previously-enabled version of the app is now
displayed in the disabled apps list.
[For 10.4] Filter app:list for just enabled or disabled apps #36520
Enhancement - Share indicator on webUI: #36572
The file list in the webUI now shows a share indicator on files and folders that reside inside a
shared folder. The sidebar sharing tab reveals a detailed view of the share-tree including
share-recipients and the parent folder that has been shared.
[For 10.4] Add share indicator in webUI #36572
Enhancement - Expiration date for user and group shares: #36573
Shares with users and/or groups can now be given an expiration date. If the default expiration
date is enabled then the default expiration is 7 days in the future. The default expiration date
can be modified by the administrator. The default expiration date can be enforced as the
maximum expiration date of a share. In that case the user can select a shorter expiration, but
not longer.
The settings are disabled by default, preserving the existing behavior. They can be enabled on
the admin sharing settings page. They can be set independently for user and group shares.
[For 10.4] Include expiration option for user and group shares #36573
Enhancement - Allow plus sign in username: #36613
The plus sign is now allowed in a username, e.g. John+Smith
Allow "+" character in usernames #36613
The text was updated successfully, but these errors were encountered: