Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide a tar ball #55

Closed
michielbdejong opened this issue May 12, 2023 · 24 comments
Closed

Provide a tar ball #55

michielbdejong opened this issue May 12, 2023 · 24 comments
Assignees
@yasharpm

Comments

@michielbdejong
Copy link
Member

michielbdejong commented May 12, 2023
edited

@mickenordin asked for a tar ball of NC-25 with our PRs applied.

I will need to be able to deploy a patched version of nextcloud, so clean patches against NC 25 would be nice to have. I have some great news about MFA support in Nextcloud as well, with this fix for the gss-app it is now possible to trigger the native MFA flow from Nextcloud for single sign on accounts, so it will be easy to test this now: SUNET/globalsiteselector@8236882?diff=unified

Sorry for the late replies by the way, we have been on a conference the last three days.

I remember the trouble we ran into when we tried to do the same thing for our ScienceMesh app: pondersource/sciencemesh-php#157 (comment)

If we provide this today then it will leave one week for setting up the server before the security audit starts.

I think we will fail to complete this task today but we will try to get as far as we can with it.
@mickenordin
Copy link

It would also be fine with Nextcloud 26 if that is easier

@yasharpm yasharpm self-assigned this May 12, 2023
@michielbdejong
Copy link
Member Author

I tried git merge of our two PRs on top of the v26.0.0 tag, and got a huge conflict:


        modified:   apps/settings/l10n/zh_CN.js
        modified:   apps/settings/l10n/zh_CN.json
        modified:   apps/settings/l10n/zh_HK.js
        modified:   apps/settings/l10n/zh_HK.json
        modified:   apps/settings/l10n/zh_TW.js
        modified:   apps/settings/l10n/zh_TW.json
        modified:   apps/settings/lib/Controller/CheckSetupController.php
        modified:   apps/settings/lib/Sections/Personal/Calendar.php
        modified:   apps/settings/lib/Settings/Admin/Sharing.php
        modified:   apps/settings/src/components/AdminDelegating.vue
        modified:   apps/settings/src/components/AdminDelegation/GroupSelect.vue
        modified:   apps/settings/src/components/AdminTwoFactor.vue
        modified:   apps/settings/src/components/AppDetails.vue
        modified:   apps/settings/src/components/AppList.vue
        modified:   apps/settings/src/components/AuthTokenList.vue
        modified:   apps/settings/src/components/AuthTokenSection.vue
        modified:   apps/settings/src/components/AuthTokenSetupDialogue.vue
        modified:   apps/settings/src/components/BasicSettings/ProfileSettings.vue
        modified:   apps/settings/src/components/Encryption.vue
        modified:   apps/settings/src/components/GroupListItem.vue
        modified:   apps/settings/src/components/PersonalInfo/AvatarSection.vue
        modified:   apps/settings/src/components/PersonalInfo/DetailsSection.vue
        modified:   apps/settings/src/components/PersonalInfo/EmailSection/Email.vue
        modified:   apps/settings/src/components/PersonalInfo/EmailSection/EmailSection.vue
        modified:   apps/settings/src/components/PersonalInfo/LanguageSection/Language.vue
        modified:   apps/settings/src/components/PersonalInfo/LocaleSection/Locale.vue
        modified:   apps/settings/src/components/PersonalInfo/ProfileSection/EditProfileAnchorLink.vue
        modified:   apps/settings/src/components/PersonalInfo/ProfileSection/ProfileCheckbox.vue
        modified:   apps/settings/src/components/PersonalInfo/ProfileSection/ProfilePreviewCard.vue
        modified:   apps/settings/src/components/PersonalInfo/ProfileVisibilitySection/ProfileVisibilitySection.vue
        modified:   apps/settings/src/components/PersonalInfo/ProfileVisibilitySection/VisibilityDropdown.vue
        modified:   apps/settings/src/components/PersonalInfo/shared/AccountPropertySection.vue
        modified:   apps/settings/src/components/PersonalInfo/shared/FederationControl.vue
        modified:   apps/settings/src/components/PersonalInfo/shared/FederationControlAction.vue
        modified:   apps/settings/src/components/PersonalInfo/shared/HeaderBar.vue
        modified:   apps/settings/src/components/UserList.vue
        modified:   apps/settings/src/components/UserList/UserRow.vue
        modified:   apps/settings/src/components/UserList/UserRowSimple.vue
        modified:   apps/settings/src/components/WebAuthn/AddDevice.vue
        modified:   apps/settings/src/components/WebAuthn/Device.vue
        modified:   apps/settings/src/components/WebAuthn/Section.vue
        modified:   apps/settings/src/main-admin-basic-settings.js
        modified:   apps/settings/src/main-admin-security.js
        modified:   apps/settings/src/main-apps-users-management.js
        modified:   apps/settings/src/main-personal-security.js
        modified:   apps/settings/src/main-personal-webauth.js
        modified:   apps/settings/src/router.js
        modified:   apps/settings/src/service/PersonalInfo/EmailService.js
        modified:   apps/settings/src/service/PersonalInfo/PersonalInfoService.js
        modified:   apps/settings/src/store/apps.js
        modified:   apps/settings/src/store/index.js
        modified:   apps/settings/src/store/oc.js
        modified:   apps/settings/src/store/users.js
        new file:   apps/settings/src/utils/handlers.js
        modified:   apps/settings/src/views/Apps.vue
        modified:   apps/settings/src/views/Users.vue
        modified:   apps/settings/templates/settings/admin/additional-mail.php
        modified:   apps/settings/tests/Controller/CheckSetupControllerTest.php
        modified:   apps/settings/tests/Settings/Admin/SharingTest.php
        modified:   apps/sharebymail/appinfo/info.xml
        modified:   apps/sharebymail/composer/composer/ClassLoader.php
        modified:   apps/sharebymail/composer/composer/InstalledVersions.php
        modified:   apps/sharebymail/composer/composer/installed.php
        modified:   apps/sharebymail/l10n/da.js
        modified:   apps/sharebymail/l10n/da.json
        modified:   apps/sharebymail/l10n/tr.js
        modified:   apps/sharebymail/l10n/tr.json
        modified:   apps/sharebymail/src/components/AdminSettings.vue
        modified:   apps/sharebymail/src/main-admin.js
        modified:   apps/systemtags/appinfo/info.xml
        modified:   apps/systemtags/composer/composer/ClassLoader.php
        modified:   apps/systemtags/composer/composer/InstalledVersions.php
        modified:   apps/systemtags/composer/composer/installed.php
        modified:   apps/systemtags/l10n/tr.js
        modified:   apps/systemtags/l10n/tr.json
        modified:   apps/systemtags/src/systemtags.js
        modified:   apps/testing/appinfo/info.xml
        modified:   apps/testing/composer/composer/ClassLoader.php
        modified:   apps/testing/composer/composer/InstalledVersions.php
        modified:   apps/testing/composer/composer/installed.php
        modified:   apps/theming/appinfo/info.xml
        new file:   apps/theming/composer/autoload.php
        new file:   apps/theming/composer/composer.json
        new file:   apps/theming/composer/composer.lock
        new file:   apps/theming/composer/composer/ClassLoader.php
        new file:   apps/theming/composer/composer/InstalledVersions.php
        new file:   apps/theming/composer/composer/LICENSE
        new file:   apps/theming/composer/composer/autoload_classmap.php
        new file:   apps/theming/composer/composer/autoload_namespaces.php
        new file:   apps/theming/composer/composer/autoload_psr4.php
        new file:   apps/theming/composer/composer/autoload_real.php
        new file:   apps/theming/composer/composer/autoload_static.php
        new file:   apps/theming/composer/composer/installed.json
        new file:   apps/theming/composer/composer/installed.php
        modified:   apps/theming/l10n/eu.js
        modified:   apps/theming/l10n/eu.json
        modified:   apps/theming/l10n/hu.js
        modified:   apps/theming/l10n/hu.json
        modified:   apps/theming/l10n/it.js
        modified:   apps/theming/l10n/it.json
        modified:   apps/theming/l10n/pt_BR.js
        modified:   apps/theming/l10n/pt_BR.json
        modified:   apps/theming/l10n/tr.js
        modified:   apps/theming/l10n/tr.json
        modified:   apps/theming/src/UserThemes.vue
        modified:   apps/theming/src/components/BackgroundSettings.vue
        modified:   apps/theming/src/components/ItemPreview.vue
        modified:   apps/twofactor_backupcodes/appinfo/info.xml
        modified:   apps/twofactor_backupcodes/composer/composer/ClassLoader.php
        modified:   apps/twofactor_backupcodes/composer/composer/InstalledVersions.php
        modified:   apps/twofactor_backupcodes/composer/composer/installed.php
        modified:   apps/twofactor_backupcodes/l10n/tr.js
        modified:   apps/twofactor_backupcodes/l10n/tr.json
        modified:   apps/twofactor_backupcodes/src/settings.js
        modified:   apps/twofactor_backupcodes/src/store.js
        modified:   apps/twofactor_backupcodes/src/views/PersonalSettings.vue
        modified:   apps/updatenotification/appinfo/info.xml
        modified:   apps/updatenotification/composer/composer/ClassLoader.php
        modified:   apps/updatenotification/composer/composer/InstalledVersions.php
        modified:   apps/updatenotification/composer/composer/installed.php
        modified:   apps/updatenotification/l10n/bg.js
        modified:   apps/updatenotification/l10n/bg.json
        modified:   apps/updatenotification/l10n/ca.js
        modified:   apps/updatenotification/l10n/ca.json
        modified:   apps/updatenotification/l10n/cs.js
        modified:   apps/updatenotification/l10n/cs.json
        modified:   apps/updatenotification/l10n/de_DE.js
        modified:   apps/updatenotification/l10n/de_DE.json
        modified:   apps/updatenotification/l10n/en_GB.js
        modified:   apps/updatenotification/l10n/en_GB.json
        modified:   apps/updatenotification/l10n/es.js
        modified:   apps/updatenotification/l10n/es.json
        modified:   apps/updatenotification/l10n/eu.js
        modified:   apps/updatenotification/l10n/eu.json
        modified:   apps/updatenotification/l10n/fi.js
        modified:   apps/updatenotification/l10n/fi.json
        modified:   apps/updatenotification/l10n/fr.js
        modified:   apps/updatenotification/l10n/fr.json
        modified:   apps/updatenotification/l10n/gl.js
        modified:   apps/updatenotification/l10n/gl.json
        modified:   apps/updatenotification/l10n/hu.js
        modified:   apps/updatenotification/l10n/hu.json
        modified:   apps/updatenotification/l10n/pt_BR.js
        modified:   apps/updatenotification/l10n/pt_BR.json
        modified:   apps/updatenotification/l10n/sr.js
        modified:   apps/updatenotification/l10n/sr.json
        modified:   apps/updatenotification/l10n/sv.js
        modified:   apps/updatenotification/l10n/sv.json
        modified:   apps/updatenotification/l10n/tr.js
        modified:   apps/updatenotification/l10n/tr.json
        modified:   apps/updatenotification/l10n/zh_HK.js
        modified:   apps/updatenotification/l10n/zh_HK.json
        modified:   apps/updatenotification/l10n/zh_TW.js
        modified:   apps/updatenotification/l10n/zh_TW.json
        modified:   apps/updatenotification/lib/Controller/AdminController.php
        modified:   apps/updatenotification/lib/Notification/BackgroundJob.php
        modified:   apps/updatenotification/lib/Notification/Notifier.php
        modified:   apps/updatenotification/lib/Settings/Admin.php
        modified:   apps/updatenotification/src/components/UpdateNotification.vue
        modified:   apps/updatenotification/src/init.js
        modified:   apps/user_ldap/appinfo/info.xml
        modified:   apps/user_ldap/composer/composer/ClassLoader.php
        modified:   apps/user_ldap/composer/composer/InstalledVersions.php
        modified:   apps/user_ldap/composer/composer/installed.php
        modified:   apps/user_ldap/js/wizard/view.js
        modified:   apps/user_ldap/l10n/bg.js
        modified:   apps/user_ldap/l10n/bg.json
        modified:   apps/user_ldap/l10n/de.js
        modified:   apps/user_ldap/l10n/de.json
        modified:   apps/user_ldap/l10n/es.js
        modified:   apps/user_ldap/l10n/es.json
        modified:   apps/user_ldap/l10n/eu.js
        modified:   apps/user_ldap/l10n/eu.json
        modified:   apps/user_ldap/l10n/gl.js
        modified:   apps/user_ldap/l10n/gl.json
        modified:   apps/user_ldap/l10n/hu.js
        modified:   apps/user_ldap/l10n/hu.json
        modified:   apps/user_ldap/l10n/pt_BR.js
        modified:   apps/user_ldap/l10n/pt_BR.json
        modified:   apps/user_ldap/l10n/tr.js
        modified:   apps/user_ldap/l10n/tr.json
        modified:   apps/user_ldap/l10n/zh_HK.js
        modified:   apps/user_ldap/l10n/zh_HK.json
        modified:   apps/user_ldap/lib/Access.php
        modified:   apps/user_ldap/lib/Handler/ExtStorageConfigHandler.php
        modified:   apps/user_ldap/lib/Jobs/Sync.php
        modified:   apps/user_ldap/lib/User/OfflineUser.php
        modified:   apps/user_ldap/lib/User/User.php
        modified:   apps/user_ldap/lib/User_LDAP.php
        modified:   apps/user_ldap/templates/part.wizard-groupfilter.php
        modified:   apps/user_ldap/templates/part.wizard-loginfilter.php
        modified:   apps/user_ldap/templates/part.wizard-server.php
        modified:   apps/user_ldap/templates/part.wizard-userfilter.php
        modified:   apps/user_ldap/templates/renewpassword.php
        modified:   apps/user_ldap/templates/settings.php
        modified:   apps/user_status/appinfo/info.xml
        modified:   apps/user_status/appinfo/routes.php
        modified:   apps/user_status/composer/composer/ClassLoader.php
        modified:   apps/user_status/composer/composer/InstalledVersions.php
        modified:   apps/user_status/composer/composer/installed.php
        modified:   apps/user_status/l10n/ko.js
        modified:   apps/user_status/l10n/ko.json
        modified:   apps/user_status/lib/Capabilities.php
        modified:   apps/user_status/lib/Controller/UserStatusController.php
        modified:   apps/user_status/lib/Service/StatusService.php
        modified:   apps/user_status/src/UserStatus.vue
        modified:   apps/user_status/src/components/OnlineStatusSelect.vue
        modified:   apps/user_status/src/components/PredefinedStatus.vue
        modified:   apps/user_status/src/components/PredefinedStatusesList.vue
        new file:   apps/user_status/src/components/PreviousStatus.vue
        modified:   apps/user_status/src/components/SetStatusModal.vue
        modified:   apps/user_status/src/dashboard.js
        modified:   apps/user_status/src/filters/clearAtFilter.js
        modified:   apps/user_status/src/services/clearAtService.js
        modified:   apps/user_status/src/services/statusService.js
        modified:   apps/user_status/src/store/index.js
        modified:   apps/user_status/src/store/predefinedStatuses.js
        new file:   apps/user_status/src/store/userBackupStatus.js
        modified:   apps/user_status/src/store/userStatus.js
        modified:   apps/user_status/src/views/Dashboard.vue
        modified:   apps/user_status/tests/Unit/CapabilitiesTest.php
        modified:   apps/weather_status/appinfo/info.xml
        modified:   apps/weather_status/composer/composer/ClassLoader.php
        modified:   apps/weather_status/composer/composer/InstalledVersions.php
        modified:   apps/weather_status/composer/composer/installed.php
        modified:   apps/weather_status/l10n/uk.js
        modified:   apps/weather_status/l10n/uk.json
        modified:   apps/weather_status/src/App.vue
        modified:   apps/weather_status/src/weather-status.js
        modified:   apps/workflowengine/appinfo/info.xml
        modified:   apps/workflowengine/composer/composer/ClassLoader.php
        modified:   apps/workflowengine/composer/composer/InstalledVersions.php
        modified:   apps/workflowengine/composer/composer/autoload_classmap.php
        modified:   apps/workflowengine/composer/composer/autoload_static.php
        modified:   apps/workflowengine/composer/composer/installed.php
        modified:   apps/workflowengine/l10n/tr.js
        modified:   apps/workflowengine/l10n/tr.json
        modified:   apps/workflowengine/lib/AppInfo/Application.php
        new file:   apps/workflowengine/lib/Check/MfaVerified.php
        modified:   apps/workflowengine/lib/Manager.php
        modified:   apps/workflowengine/src/components/Check.vue
        modified:   apps/workflowengine/src/components/Checks/FileMimeType.vue
        new file:   apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue
        modified:   apps/workflowengine/src/components/Checks/RequestTime.vue
        modified:   apps/workflowengine/src/components/Checks/RequestURL.vue
        modified:   apps/workflowengine/src/components/Checks/RequestUserAgent.vue
        modified:   apps/workflowengine/src/components/Checks/RequestUserGroup.vue
        modified:   apps/workflowengine/src/components/Checks/file.js
        modified:   apps/workflowengine/src/components/Checks/index.js
        modified:   apps/workflowengine/src/components/Checks/request.js
        modified:   apps/workflowengine/src/components/Event.vue
        modified:   apps/workflowengine/src/components/Operation.vue
        modified:   apps/workflowengine/src/components/Rule.vue
        modified:   apps/workflowengine/src/components/Workflow.vue
        modified:   apps/workflowengine/src/store.js
        modified:   apps/workflowengine/src/workflowengine.js
        deleted:    autotest-js.sh
        modified:   babel.config.js
        modified:   build/autoloaderchecker.sh
        modified:   build/files-checker.php
        modified:   build/image-optimization.sh
        modified:   build/integration/composer.lock
        modified:   build/psalm/AppFrameworkTainter.php
        new file:   build/stubs/psr_container.php
        modified:   composer.json
        modified:   config/config.sample.php
        modified:   core/Application.php
        modified:   core/Command/Db/AddMissingIndices.php
        new file:   core/Command/Preview/Generate.php
        modified:   core/Controller/AutoCompleteController.php
        modified:   core/Controller/LoginController.php
        modified:   core/Controller/LostController.php
        modified:   core/Controller/ProfileApiController.php
        modified:   core/Controller/TranslationApiController.php
        modified:   core/Db/LoginFlowV2Mapper.php
        modified:   core/Db/ProfileConfigMapper.php
        modified:   core/Migrations/Version13000Date20170718121200.php
        modified:   core/Migrations/Version24000Date20220404230027.php
        new file:   core/Migrations/Version27000Date20230309104325.php
        new file:   core/Migrations/Version27000Date20230309104802.php
        modified:   core/ajax/update.php
        modified:   core/css/apps.css
        modified:   core/css/apps.css.map
        modified:   core/css/apps.scss
        modified:   core/css/inputs.css
        modified:   core/css/inputs.css.map
        modified:   core/css/inputs.scss
        modified:   core/css/styles.scss
        modified:   core/js/setupchecks.js
        deleted:    core/js/tests/specs/appsSpec.js
        modified:   core/js/tests/specs/setupchecksSpec.js
        modified:   core/l10n/ar.js
        modified:   core/l10n/ar.json
        modified:   core/l10n/bg.js
        modified:   core/l10n/bg.json
        modified:   core/l10n/br.js
        modified:   core/l10n/br.json
        modified:   core/l10n/cs.js
        modified:   core/l10n/cs.json
        modified:   core/l10n/da.js
        modified:   core/l10n/da.json
        modified:   core/l10n/de_DE.js
        modified:   core/l10n/de_DE.json
        modified:   core/l10n/el.js
        modified:   core/l10n/el.json
        modified:   core/l10n/en_GB.js
        modified:   core/l10n/en_GB.json
        modified:   core/l10n/eo.js
        modified:   core/l10n/eo.json
        modified:   core/l10n/es.js
        modified:   core/l10n/es.json
        modified:   core/l10n/es_419.js
        modified:   core/l10n/es_419.json
        modified:   core/l10n/es_AR.js
        modified:   core/l10n/es_AR.json
        modified:   core/l10n/es_CL.js
        modified:   core/l10n/es_CL.json
        modified:   core/l10n/es_CO.js
        modified:   core/l10n/es_CO.json
        modified:   core/l10n/es_CR.js
        modified:   core/l10n/es_CR.json
        modified:   core/l10n/es_DO.js
        modified:   core/l10n/es_DO.json
        modified:   core/l10n/es_EC.js
        modified:   core/l10n/es_EC.json
        modified:   core/l10n/es_GT.js
        modified:   core/l10n/es_GT.json
        modified:   core/l10n/es_HN.js
        modified:   core/l10n/es_HN.json
        modified:   core/l10n/es_MX.js
        modified:   core/l10n/es_MX.json
        modified:   core/l10n/es_NI.js
        modified:   core/l10n/es_NI.json
        modified:   core/l10n/es_PA.js
        modified:   core/l10n/es_PA.json
        modified:   core/l10n/es_PE.js
        modified:   core/l10n/es_PE.json
        modified:   core/l10n/es_PR.js
        modified:   core/l10n/es_PR.json
        modified:   core/l10n/es_PY.js
        modified:   core/l10n/es_PY.json
        modified:   core/l10n/es_SV.js
        modified:   core/l10n/es_SV.json
        modified:   core/l10n/es_UY.js
        modified:   core/l10n/es_UY.json
        modified:   core/l10n/fa.js
        modified:   core/l10n/fa.json
        modified:   core/l10n/fr.js
        modified:   core/l10n/fr.json
        modified:   core/l10n/gl.js
        modified:   core/l10n/gl.json
        modified:   core/l10n/he.js
        modified:   core/l10n/he.json
        modified:   core/l10n/hr.js
        modified:   core/l10n/hr.json
        modified:   core/l10n/is.js
        modified:   core/l10n/is.json
        modified:   core/l10n/it.js
        modified:   core/l10n/it.json
        modified:   core/l10n/ka_GE.js
        modified:   core/l10n/ka_GE.json
        modified:   core/l10n/ko.js
        modified:   core/l10n/ko.json
        modified:   core/l10n/lo.js
        modified:   core/l10n/lo.json
        modified:   core/l10n/lt_LT.js
        modified:   core/l10n/lt_LT.json
        modified:   core/l10n/lv.js
        modified:   core/l10n/lv.json
        modified:   core/l10n/nb.js
        modified:   core/l10n/nb.json
        modified:   core/l10n/nl.js
        modified:   core/l10n/nl.json
        modified:   core/l10n/oc.js
        modified:   core/l10n/oc.json
        modified:   core/l10n/pt_PT.js
        modified:   core/l10n/pt_PT.json
        modified:   core/l10n/sc.js
        modified:   core/l10n/sc.json
        modified:   core/l10n/sk.js
        modified:   core/l10n/sk.json
        modified:   core/l10n/sl.js
        modified:   core/l10n/sl.json
        modified:   core/l10n/sr.js
        modified:   core/l10n/sr.json
        modified:   core/l10n/sv.js
        modified:   core/l10n/sv.json
        modified:   core/l10n/th.js
        modified:   core/l10n/th.json
        modified:   core/l10n/vi.js
        modified:   core/l10n/vi.json
        modified:   core/l10n/zh_CN.js
        modified:   core/l10n/zh_CN.json
        modified:   core/l10n/zh_HK.js
        modified:   core/l10n/zh_HK.json
        modified:   core/l10n/zh_TW.js
        modified:   core/l10n/zh_TW.json
        modified:   core/register_command.php
        modified:   core/src/OC/appconfig.js
        deleted:    core/src/OC/apps.js
        modified:   core/src/OC/appsettings.js
        modified:   core/src/OC/backbone.js
        modified:   core/src/OC/contactsmenu.js
        modified:   core/src/OC/contactsmenu/contact.handlebars
        modified:   core/src/OC/dialogs.js
        modified:   core/src/OC/eventsource.js
        modified:   core/src/OC/index.js
        modified:   core/src/OC/menu.js
        modified:   core/src/OC/password-confirmation.js
        modified:   core/src/OC/util-history.js
        modified:   core/src/OC/util.js
        modified:   core/src/OC/xhr-error.js
        modified:   core/src/OCA/index.js
        modified:   core/src/OCP/appconfig.js
        modified:   core/src/OCP/index.js
        modified:   core/src/components/AppMenu.vue
        modified:   core/src/components/UnifiedSearch/SearchResult.vue
        modified:   core/src/components/login/LoginButton.vue
        modified:   core/src/components/login/PasswordLessLoginForm.vue
        modified:   core/src/components/login/ResetPassword.vue
        modified:   core/src/components/setup/RecommendedApps.vue
        modified:   core/src/globals.js
        modified:   core/src/icons.js
        modified:   core/src/install.js
        modified:   core/src/jquery/avatar.js
        modified:   core/src/jquery/contactsmenu.js
        modified:   core/src/jquery/index.js
        modified:   core/src/jquery/ocdialog.js
        modified:   core/src/jquery/requesttoken.js
        modified:   core/src/login.js
        modified:   core/src/main.js
        modified:   core/src/mixins/Nextcloud.js
        modified:   core/src/recommendedapps.js
        modified:   core/src/services/BrowsersListService.js
        modified:   core/src/session-heartbeat.js
        modified:   core/src/tests/OC/requesttoken.spec.js
        modified:   core/src/views/Profile.vue
        modified:   core/src/views/UnifiedSearch.vue
        modified:   core/src/views/UnsupportedBrowser.vue
        modified:   core/templates/filepicker.html
        new file:   custom.d.ts
        modified:   cypress.config.ts
        new file:   cypress.d.ts
        modified:   cypress/dockerNode.ts
        modified:   cypress/e2e/files_versions/filesVersionsUtils.ts
        modified:   cypress/e2e/files_versions/version_creation.cy.ts
        modified:   cypress/e2e/files_versions/version_download.cy.ts
        modified:   cypress/e2e/files_versions/version_expiration.cy.ts
        modified:   cypress/e2e/files_versions/version_naming.cy.ts
        modified:   cypress/e2e/files_versions/version_restoration.cy.ts
        modified:   cypress/support/commands.ts
        modified:   cypress/support/component.ts
        modified:   dist/comments-comments-app.js
        modified:   dist/comments-comments-app.js.map
        modified:   dist/comments-comments-tab.js
        modified:   dist/comments-comments-tab.js.map
        modified:   dist/comments-comments.js
        modified:   dist/comments-comments.js.map
        modified:   dist/core-common.js
        modified:   dist/core-common.js.LICENSE.txt
        modified:   dist/core-common.js.map
        modified:   dist/core-files_fileinfo.js
        modified:   dist/core-files_fileinfo.js.map
        modified:   dist/core-install.js
        modified:   dist/core-install.js.LICENSE.txt
        modified:   dist/core-install.js.map
        modified:   dist/core-login.js
        modified:   dist/core-login.js.LICENSE.txt
        modified:   dist/core-main.js.LICENSE.txt
        modified:   dist/core-maintenance.js
        renamed:    apps/files_trashbin/src/files_trashbin.js -> dist/core-maintenance.js.LICENSE.txt
        modified:   dist/core-maintenance.js.map
        modified:   dist/core-profile.js
        modified:   dist/core-profile.js.LICENSE.txt
        modified:   dist/core-profile.js.map
        modified:   dist/core-recommendedapps.js
        modified:   dist/core-recommendedapps.js.map
        modified:   dist/core-systemtags.js
        modified:   dist/core-systemtags.js.LICENSE.txt
        modified:   dist/core-systemtags.js.map
        modified:   dist/core-unified-search.js
        modified:   dist/core-unified-search.js.map
        modified:   dist/core-unsupported-browser-redirect.js
        modified:   dist/core-unsupported-browser-redirect.js.LICENSE.txt
        modified:   dist/core-unsupported-browser-redirect.js.map
        modified:   dist/core-unsupported-browser.js
        modified:   dist/core-unsupported-browser.js.LICENSE.txt
        modified:   dist/core-unsupported-browser.js.map
        modified:   dist/dashboard-main.js
        modified:   dist/dashboard-main.js.LICENSE.txt
        modified:   dist/dashboard-main.js.map
        modified:   dist/dav-settings-admin-caldav.js
        modified:   dist/dav-settings-admin-caldav.js.map
        modified:   dist/dav-settings-personal-availability.js
        modified:   dist/dav-settings-personal-availability.js.map
        modified:   dist/federatedfilesharing-vue-settings-admin.js
        modified:   dist/federatedfilesharing-vue-settings-admin.js.map
        modified:   dist/federatedfilesharing-vue-settings-personal.js
        modified:   dist/federatedfilesharing-vue-settings-personal.js.map
        modified:   dist/files-main.js
        modified:   dist/files-main.js.LICENSE.txt
        modified:   dist/files-main.js.map
        modified:   dist/files-personal-settings.js
        modified:   dist/files-personal-settings.js.LICENSE.txt
        modified:   dist/files-personal-settings.js.map
        modified:   dist/files-reference-files.js
        modified:   dist/files-reference-files.js.map
        modified:   dist/files-sidebar.js
        modified:   dist/files-sidebar.js.map
        modified:   dist/files_sharing-collaboration.js
        modified:   dist/files_sharing-collaboration.js.map
        modified:   dist/files_sharing-files_sharing.js
        new file:   dist/files_sharing-files_sharing.js.LICENSE.txt
        modified:   dist/files_sharing-files_sharing.js.map
        modified:   dist/files_sharing-files_sharing_tab.js.LICENSE.txt
        modified:   dist/files_sharing-personal-settings.js
        modified:   dist/files_sharing-personal-settings.js.map
        deleted:    dist/files_trashbin-files_trashbin.js
        deleted:    dist/files_trashbin-files_trashbin.js.map
        new file:   dist/files_trashbin-main.js
        renamed:    dist/files_trashbin-files_trashbin.js.LICENSE.txt -> dist/files_trashbin-main.js.LICENSE.txt
        new file:   dist/files_trashbin-main.js.map
        modified:   dist/files_versions-files_versions.js
        modified:   dist/files_versions-files_versions.js.map
        modified:   dist/oauth2-oauth2.js
        modified:   dist/oauth2-oauth2.js.map
        new file:   dist/preview-service-worker.js
        modified:   dist/settings-apps-view-7418.js
        modified:   dist/settings-apps-view-7418.js.map
        modified:   dist/settings-apps.js
        modified:   dist/settings-apps.js.map
        modified:   dist/settings-legacy-admin.js
        modified:   dist/settings-legacy-admin.js.map
        modified:   dist/settings-users-8351.js
        modified:   dist/settings-users-8351.js.map
        modified:   dist/settings-vue-settings-admin-basic-settings.js
        modified:   dist/settings-vue-settings-admin-basic-settings.js.LICENSE.txt
        modified:   dist/settings-vue-settings-admin-basic-settings.js.map
        modified:   dist/settings-vue-settings-admin-delegation.js
        modified:   dist/settings-vue-settings-admin-delegation.js.LICENSE.txt
        modified:   dist/settings-vue-settings-admin-delegation.js.map
        modified:   dist/settings-vue-settings-admin-security.js
        modified:   dist/settings-vue-settings-admin-security.js.map
        modified:   dist/settings-vue-settings-nextcloud-pdf.js
        modified:   dist/settings-vue-settings-nextcloud-pdf.js.map
        modified:   dist/settings-vue-settings-personal-info.js
        modified:   dist/settings-vue-settings-personal-info.js.map
        modified:   dist/settings-vue-settings-personal-password.js
        modified:   dist/settings-vue-settings-personal-password.js.map
        modified:   dist/settings-vue-settings-personal-security.js
        modified:   dist/settings-vue-settings-personal-security.js.map
        modified:   dist/settings-vue-settings-personal-webauthn.js
        modified:   dist/settings-vue-settings-personal-webauthn.js.LICENSE.txt
        modified:   dist/settings-vue-settings-personal-webauthn.js.map
        modified:   dist/sharebymail-vue-settings-admin-sharebymail.js
        modified:   dist/sharebymail-vue-settings-admin-sharebymail.js.map
        modified:   dist/systemtags-systemtags.js
        modified:   dist/systemtags-systemtags.js.map
        modified:   dist/theming-admin-theming.js
        modified:   dist/theming-admin-theming.js.map
        modified:   dist/theming-personal-theming.js
        modified:   dist/theming-personal-theming.js.LICENSE.txt
        modified:   dist/theming-personal-theming.js.map
        modified:   dist/twofactor_backupcodes-settings.js
        modified:   dist/twofactor_backupcodes-settings.js.map
        modified:   dist/updatenotification-updatenotification.js
        modified:   dist/updatenotification-updatenotification.js.map
        modified:   dist/user-status-modal-8299.js
        new file:   dist/user-status-modal-8299.js.LICENSE.txt
        modified:   dist/user-status-modal-8299.js.map
        modified:   dist/user_status-dashboard.js
        modified:   dist/user_status-dashboard.js.map
        modified:   dist/user_status-menu.js
        modified:   dist/user_status-menu.js.map
        modified:   dist/weather_status-weather-status.js
        modified:   dist/weather_status-weather-status.js.map
        modified:   dist/workflowengine-workflowengine.js
        modified:   dist/workflowengine-workflowengine.js.LICENSE.txt
        modified:   dist/workflowengine-workflowengine.js.map
        modified:   lib/base.php
        modified:   lib/composer/composer/ClassLoader.php
        modified:   lib/composer/composer/autoload_classmap.php
        modified:   lib/composer/composer/autoload_real.php
        modified:   lib/composer/composer/autoload_static.php
        modified:   lib/l10n/af.js
        modified:   lib/l10n/af.json
        modified:   lib/l10n/ar.js
        modified:   lib/l10n/ar.json
        modified:   lib/l10n/ast.js
        modified:   lib/l10n/ast.json
        modified:   lib/l10n/az.js
        modified:   lib/l10n/az.json
        modified:   lib/l10n/bg.js
        modified:   lib/l10n/bg.json
        modified:   lib/l10n/br.js
        modified:   lib/l10n/br.json
        modified:   lib/l10n/ca.js
        modified:   lib/l10n/ca.json
        modified:   lib/l10n/cs.js
        modified:   lib/l10n/cs.json
        modified:   lib/l10n/da.js
        modified:   lib/l10n/da.json
        modified:   lib/l10n/de.js
        modified:   lib/l10n/de.json
        modified:   lib/l10n/de_DE.js
        modified:   lib/l10n/de_DE.json
        modified:   lib/l10n/el.js
        modified:   lib/l10n/el.json
        modified:   lib/l10n/en_GB.js
        modified:   lib/l10n/en_GB.json
        modified:   lib/l10n/eo.js
        modified:   lib/l10n/eo.json
        modified:   lib/l10n/es.js
        modified:   lib/l10n/es.json
        modified:   lib/l10n/es_419.js
        modified:   lib/l10n/es_419.json
        modified:   lib/l10n/es_AR.js
        modified:   lib/l10n/es_AR.json
        modified:   lib/l10n/es_CL.js
        modified:   lib/l10n/es_CL.json
        modified:   lib/l10n/es_CO.js
        modified:   lib/l10n/es_CO.json
        modified:   lib/l10n/es_CR.js
        modified:   lib/l10n/es_CR.json
        modified:   lib/l10n/es_DO.js
        modified:   lib/l10n/es_DO.json
        modified:   lib/l10n/es_EC.js
        modified:   lib/l10n/es_EC.json
        modified:   lib/l10n/es_GT.js
        modified:   lib/l10n/es_GT.json
        modified:   lib/l10n/es_HN.js
        modified:   lib/l10n/es_HN.json
        modified:   lib/l10n/es_MX.js
        modified:   lib/l10n/es_MX.json
        modified:   lib/l10n/es_NI.js
        modified:   lib/l10n/es_NI.json
        modified:   lib/l10n/es_PA.js
        modified:   lib/l10n/es_PA.json
        modified:   lib/l10n/es_PE.js
        modified:   lib/l10n/es_PE.json
        modified:   lib/l10n/es_PR.js
        modified:   lib/l10n/es_PR.json
        modified:   lib/l10n/es_PY.js
        modified:   lib/l10n/es_PY.json
        modified:   lib/l10n/es_SV.js
        modified:   lib/l10n/es_SV.json
        modified:   lib/l10n/es_UY.js
        modified:   lib/l10n/es_UY.json
        modified:   lib/l10n/et_EE.js
        modified:   lib/l10n/et_EE.json
        modified:   lib/l10n/eu.js
        modified:   lib/l10n/eu.json
        modified:   lib/l10n/fa.js
        modified:   lib/l10n/fa.json
        modified:   lib/l10n/fi.js
        modified:   lib/l10n/fi.json
        modified:   lib/l10n/fo.js
        modified:   lib/l10n/fo.json
        modified:   lib/l10n/fr.js
        modified:   lib/l10n/fr.json
        modified:   lib/l10n/gl.js
        modified:   lib/l10n/gl.json
        modified:   lib/l10n/he.js
        modified:   lib/l10n/he.json
        modified:   lib/l10n/hr.js
        modified:   lib/l10n/hr.json
        modified:   lib/l10n/hu.js
        modified:   lib/l10n/hu.json
        modified:   lib/l10n/ia.js
        modified:   lib/l10n/ia.json
        modified:   lib/l10n/id.js
        modified:   lib/l10n/id.json
        modified:   lib/l10n/is.js
        modified:   lib/l10n/is.json
        modified:   lib/l10n/it.js
        modified:   lib/l10n/it.json
        modified:   lib/l10n/ja.js
        modified:   lib/l10n/ja.json
        modified:   lib/l10n/ka_GE.js
        modified:   lib/l10n/ka_GE.json
        modified:   lib/l10n/ko.js
        modified:   lib/l10n/ko.json
        modified:   lib/l10n/lo.js
        modified:   lib/l10n/lo.json
        modified:   lib/l10n/lt_LT.js
        modified:   lib/l10n/lt_LT.json
        modified:   lib/l10n/lv.js
        modified:   lib/l10n/lv.json
        modified:   lib/l10n/mk.js
        modified:   lib/l10n/mk.json
        modified:   lib/l10n/mn.js
        modified:   lib/l10n/mn.json
        modified:   lib/l10n/nb.js
        modified:   lib/l10n/nb.json
        modified:   lib/l10n/nl.js
        modified:   lib/l10n/nl.json
        modified:   lib/l10n/nn_NO.js
        modified:   lib/l10n/nn_NO.json
        modified:   lib/l10n/oc.js
        modified:   lib/l10n/oc.json
        modified:   lib/l10n/pl.js
        modified:   lib/l10n/pl.json
        modified:   lib/l10n/pt_BR.js
        modified:   lib/l10n/pt_BR.json
        modified:   lib/l10n/pt_PT.js
        modified:   lib/l10n/pt_PT.json
        modified:   lib/l10n/ro.js
        modified:   lib/l10n/ro.json
        modified:   lib/l10n/ru.js
        modified:   lib/l10n/ru.json
        modified:   lib/l10n/sc.js
        modified:   lib/l10n/sc.json
        modified:   lib/l10n/si.js
        modified:   lib/l10n/si.json
        modified:   lib/l10n/sk.js
        modified:   lib/l10n/sk.json
        modified:   lib/l10n/sl.js
        modified:   lib/l10n/sl.json
        modified:   lib/l10n/sq.js
        modified:   lib/l10n/sq.json
        modified:   lib/l10n/sr.js
        modified:   lib/l10n/sr.json
        modified:   lib/l10n/sv.js
        modified:   lib/l10n/sv.json
        modified:   lib/l10n/th.js
        modified:   lib/l10n/th.json
        modified:   lib/l10n/tr.js
        modified:   lib/l10n/tr.json
        modified:   lib/l10n/uk.js
        modified:   lib/l10n/uk.json
        modified:   lib/l10n/uz.js
        modified:   lib/l10n/uz.json
        modified:   lib/l10n/vi.js
        modified:   lib/l10n/vi.json
        modified:   lib/l10n/zh_CN.js
        modified:   lib/l10n/zh_CN.json
        modified:   lib/l10n/zh_HK.js
        modified:   lib/l10n/zh_HK.json
        modified:   lib/l10n/zh_TW.js
        modified:   lib/l10n/zh_TW.json
        modified:   lib/private/App/AppManager.php
        modified:   lib/private/AppConfig.php
        modified:   lib/private/AppFramework/DependencyInjection/DIContainer.php
        modified:   lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php
        modified:   lib/private/AppFramework/Middleware/Security/Exceptions/StrictCookieMissingException.php
        modified:   lib/private/AppFramework/Utility/TimeFactory.php
        modified:   lib/private/Authentication/Token/Manager.php
        modified:   lib/private/Authentication/Token/PublicKeyTokenProvider.php
        modified:   lib/private/Authentication/TwoFactorAuth/Manager.php
        modified:   lib/private/Avatar/Avatar.php
        modified:   lib/private/Collaboration/Reference/LinkReferenceProvider.php
        modified:   lib/private/Collaboration/Resources/Collection.php
        modified:   lib/private/Comments/Manager.php
        modified:   lib/private/Console/TimestampFormatter.php
        modified:   lib/private/DB/Connection.php
        modified:   lib/private/Files/Cache/Cache.php
        modified:   lib/private/Files/Cache/HomeCache.php
        modified:   lib/private/Files/Cache/Scanner.php
        modified:   lib/private/Files/Cache/Wrapper/CacheWrapper.php
        modified:   lib/private/Files/Config/UserMountCache.php
        modified:   lib/private/Files/FileInfo.php
        modified:   lib/private/Files/Filesystem.php
        modified:   lib/private/Files/Node/File.php
        modified:   lib/private/Files/Node/Folder.php
        modified:   lib/private/Files/Node/LazyUserFolder.php
        modified:   lib/private/Files/Node/Node.php
        modified:   lib/private/Files/Node/NonExistingFile.php
        modified:   lib/private/Files/Node/NonExistingFolder.php
        modified:   lib/private/Files/Node/Root.php
        modified:   lib/private/Files/Search/QueryOptimizer/PathPrefixOptimizer.php
        modified:   lib/private/Files/Search/QueryOptimizer/QueryOptimizer.php
        modified:   lib/private/Files/Search/QueryOptimizer/QueryOptimizerStep.php
        modified:   lib/private/Files/SetupManager.php
        modified:   lib/private/Files/SimpleFS/NewSimpleFile.php
        modified:   lib/private/Files/SimpleFS/SimpleFile.php
        modified:   lib/private/Files/Storage/Common.php
        modified:   lib/private/Files/Storage/DAV.php
        modified:   lib/private/Files/Storage/FailedStorage.php
        modified:   lib/private/Files/Storage/Local.php
        modified:   lib/private/Files/Storage/LocalTempFileTrait.php
        modified:   lib/private/Files/Storage/Wrapper/Encoding.php
        modified:   lib/private/Files/Storage/Wrapper/EncodingDirectoryWrapper.php
        modified:   lib/private/Files/Storage/Wrapper/Encryption.php
        modified:   lib/private/Files/Storage/Wrapper/Jail.php
        modified:   lib/private/Files/Storage/Wrapper/Quota.php
        modified:   lib/private/Files/Storage/Wrapper/Wrapper.php
        modified:   lib/private/Files/Type/Loader.php
        modified:   lib/private/Files/Utils/Scanner.php
        modified:   lib/private/InitialStateService.php
        modified:   lib/private/KnownUser/KnownUserMapper.php
        modified:   lib/private/LargeFileHelper.php
        modified:   lib/private/Memcache/Redis.php
        modified:   lib/private/Metadata/FileMetadata.php
        modified:   lib/private/Metadata/FileMetadataMapper.php
        modified:   lib/private/Metadata/MetadataManager.php
        modified:   lib/private/Metadata/Provider/ExifProvider.php
        modified:   lib/private/NavigationManager.php
        modified:   lib/private/Preview/Bundled.php
        modified:   lib/private/Preview/Generator.php
        modified:   lib/private/Preview/Movie.php
        modified:   lib/private/Profile/ProfileManager.php
        modified:   lib/private/Profiler/Profiler.php
        modified:   lib/private/Repair/NC16/ClearCollectionsAccessCache.php
        modified:   lib/private/Security/CertificateManager.php
        modified:   lib/private/Security/RateLimiting/Backend/DatabaseBackend.php
        modified:   lib/private/Security/RateLimiting/Backend/MemoryCacheBackend.php
        modified:   lib/private/Server.php
        modified:   lib/private/Session/Internal.php
        modified:   lib/private/Settings/AuthorizedGroupMapper.php
        modified:   lib/private/Setup.php
        modified:   lib/private/Share/Share.php
        modified:   lib/private/Share20/DefaultShareProvider.php
        modified:   lib/private/Share20/Manager.php
        modified:   lib/private/Tagging/TagMapper.php
        modified:   lib/private/Template/JSResourceLocator.php
        modified:   lib/private/TemplateLayout.php
        modified:   lib/private/URLGenerator.php
        modified:   lib/private/Updater.php
        renamed:    lib/private/Updater/ChangesResult.php -> lib/private/Updater/Changes.php
        modified:   lib/private/Updater/ChangesCheck.php
        modified:   lib/private/Updater/ChangesMapper.php
        modified:   lib/private/Updater/VersionCheck.php
        modified:   lib/private/User/Database.php
        modified:   lib/private/legacy/OC_App.php
        modified:   lib/private/legacy/OC_Image.php
        modified:   lib/private/legacy/template/functions.php
        modified:   lib/public/Accounts/IAccountManager.php
        renamed:    lib/public/WorkflowEngine/IEntityCompat.php -> lib/public/App/Events/AppDisableEvent.php
        renamed:    lib/public/WorkflowEngine/IOperationCompat.php -> lib/public/App/Events/AppEnableEvent.php
        new file:   lib/public/App/Events/AppUpdateEvent.php
        modified:   lib/public/App/IAppManager.php
        modified:   lib/public/AppFramework/Db/IMapperException.php
        modified:   lib/public/AppFramework/Db/QBMapper.php
        new file:   lib/public/AppFramework/Http/Attribute/BruteForceProtection.php
        modified:   lib/public/AppFramework/Http/Attribute/UseSession.php
        modified:   lib/public/AppFramework/Middleware.php
        modified:   lib/public/AppFramework/Utility/ITimeFactory.php
        new file:   lib/public/Authentication/Token/IProvider.php
        modified:   lib/public/Encryption/IEncryptionModule.php
        modified:   lib/public/Federation/Exceptions/BadRequestException.php
        modified:   lib/public/Files/File.php
        modified:   lib/public/Files/FileInfo.php
        modified:   lib/public/Files/SimpleFS/ISimpleFile.php
        modified:   lib/public/Files/Storage.php
        modified:   lib/public/Files/Storage/IStorage.php
        modified:   lib/public/RichObjectStrings/Definitions.php
        modified:   ocs/v1.php
        modified:   psalm-ocp.xml
        modified:   public.php
        modified:   remote.php
        modified:   resources/app-info-shipped.xsd
        modified:   resources/app-info.xsd
        modified:   resources/config/mimetypemapping.dist.json
        modified:   tests/Core/Command/Encryption/ChangeKeyStorageRootTest.php
        modified:   tests/Core/Command/Preview/RepairTest.php
        modified:   tests/Core/Controller/LoginControllerTest.php
        modified:   tests/Core/Controller/LostControllerTest.php
        modified:   tests/acceptance/features/bootstrap/FilesAppContext.php
        modified:   tests/acceptance/features/header.feature
        modified:   tests/lib/App/AppManagerTest.php
        modified:   tests/lib/AppFramework/Middleware/MiddlewareTest.php
        modified:   tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php
        new file:   tests/lib/AppFramework/Utility/TimeFactoryTest.php
        modified:   tests/lib/AppTest.php
        modified:   tests/lib/Authentication/Token/ManagerTest.php
        modified:   tests/lib/Comments/ManagerTest.php
        modified:   tests/lib/Encryption/DecryptAllTest.php
        modified:   tests/lib/Files/Node/FileTest.php
        modified:   tests/lib/Files/Node/FolderTest.php
        modified:   tests/lib/Files/Node/NodeTest.php
        modified:   tests/lib/Files/Node/RootTest.php
        modified:   tests/lib/Files/ViewTest.php
        modified:   tests/lib/InitialStateServiceTest.php
        modified:   tests/lib/Metadata/FileMetadataMapperTest.php
        modified:   tests/lib/Preview/BackgroundCleanupJobTest.php
        modified:   tests/lib/Preview/GeneratorTest.php
        modified:   tests/lib/Security/CredentialsManagerTest.php
        modified:   tests/lib/Security/RateLimiting/Backend/MemoryCacheBackendTest.php
        modified:   tests/lib/Share20/ManagerTest.php
        modified:   tests/lib/Template/JSResourceLocatorTest.php
        modified:   tests/lib/TemplateFunctionsTest.php
        modified:   tests/lib/Updater/ChangesCheckTest.php
        modified:   tests/lib/Updater/VersionCheckTest.php
        modified:   tests/lib/UrlGeneratorTest.php
        modified:   tsconfig.json
        modified:   webpack.common.js
        modified:   webpack.modules.js

Unmerged paths:
  (use "git add <file>..." to mark resolution)
        both modified:   .drone.yml
        both added:      .github/workflows/s3-primary-integration.yml
        both modified:   apps/admin_audit/lib/Actions/Sharing.php
        both modified:   apps/dashboard/l10n/id.js
        both modified:   apps/dashboard/l10n/id.json
        both modified:   apps/dav/l10n/ca.js
        both modified:   apps/dav/l10n/ca.json
        both modified:   apps/encryption/l10n/sr.js
        both modified:   apps/encryption/l10n/sr.json
        both modified:   apps/files/l10n/ca.js
        both modified:   apps/files/l10n/ca.json
        both modified:   apps/files/l10n/da.js
        both modified:   apps/files/l10n/da.json
        both modified:   apps/files/l10n/fr.js
        both modified:   apps/files/l10n/fr.json
        both modified:   apps/files/l10n/gl.js
        both modified:   apps/files/l10n/gl.json
        both modified:   apps/files/l10n/hu.js
        both modified:   apps/files/l10n/hu.json
        both modified:   apps/files/l10n/id.js
        both modified:   apps/files/l10n/id.json
        both modified:   apps/files/l10n/ja.js
        both modified:   apps/files/l10n/ja.json
        both modified:   apps/files/l10n/mk.js
        both modified:   apps/files/l10n/mk.json
        both modified:   apps/files/l10n/ru.js
        both modified:   apps/files/l10n/ru.json
        both modified:   apps/files/l10n/tr.js
        both modified:   apps/files/l10n/tr.json
        both modified:   apps/files_sharing/l10n/ca.js
        both modified:   apps/files_sharing/l10n/ca.json
        both modified:   apps/files_sharing/l10n/hu.js
        both modified:   apps/files_sharing/l10n/hu.json
        both modified:   apps/files_sharing/l10n/ru.js
        both modified:   apps/files_sharing/l10n/ru.json
        both modified:   apps/files_sharing/lib/Controller/ShareAPIController.php
        both modified:   apps/files_sharing/src/components/SharingInput.vue
        both modified:   apps/files_trashbin/l10n/ru.js
        both modified:   apps/files_trashbin/l10n/ru.json
        both added:      apps/provisioning_api/l10n/sv.js
        both added:      apps/provisioning_api/l10n/sv.json
        both modified:   apps/settings/l10n/el.js
        both modified:   apps/settings/l10n/el.json
        both modified:   apps/settings/l10n/pt_PT.js
        both modified:   apps/settings/l10n/pt_PT.json
        both modified:   apps/settings/l10n/tr.js
        both modified:   apps/settings/l10n/tr.json
        both modified:   apps/settings/l10n/uk.js
        both modified:   apps/settings/l10n/uk.json
        both modified:   apps/theming/l10n/uk.js
        both modified:   apps/theming/l10n/uk.json
        both modified:   apps/user_ldap/l10n/ca.js
        both modified:   apps/user_ldap/l10n/ca.json
        both modified:   build/psalm-baseline.xml
        both modified:   core/css/server.css
        both modified:   core/css/server.css.map
        both modified:   core/css/styles.css
        both modified:   core/css/styles.css.map
        both modified:   core/l10n/ca.js
        both modified:   core/l10n/ca.json
        both modified:   core/l10n/de.js
        both modified:   core/l10n/de.json
        both modified:   core/l10n/eu.js
        both modified:   core/l10n/eu.json
        both modified:   core/l10n/fi.js
        both modified:   core/l10n/fi.json
        both modified:   core/l10n/hu.js
        both modified:   core/l10n/hu.json
        both modified:   core/l10n/id.js
        both modified:   core/l10n/id.json
        both modified:   core/l10n/ja.js
        both modified:   core/l10n/ja.json
        both modified:   core/l10n/mk.js
        both modified:   core/l10n/mk.json
        both modified:   core/l10n/pl.js
        both modified:   core/l10n/pl.json
        both modified:   core/l10n/pt_BR.js
        both modified:   core/l10n/pt_BR.json
        both modified:   core/l10n/ru.js
        both modified:   core/l10n/ru.json
        both modified:   core/l10n/tr.js
        both modified:   core/l10n/tr.json
        both modified:   core/l10n/uk.js
        both modified:   core/l10n/uk.json
        both modified:   core/src/OCP/accessibility.js
        both modified:   core/templates/layout.user.php
        both modified:   dist/core-files_client.js
        both modified:   dist/core-files_client.js.map
        both modified:   dist/core-login.js.map
        both modified:   dist/core-main.js
        both modified:   dist/core-main.js.map
        both modified:   dist/files_sharing-additionalScripts.js
        both modified:   dist/files_sharing-additionalScripts.js.map
        both modified:   dist/files_sharing-files_sharing_tab.js
        both modified:   dist/files_sharing-files_sharing_tab.js.map
        both modified:   dist/settings-vue-settings-apps-users-management.js
        both modified:   dist/settings-vue-settings-apps-users-management.js.LICENSE.txt
        both modified:   dist/settings-vue-settings-apps-users-management.js.map
        both modified:   lib/private/Files/ObjectStore/ObjectStoreStorage.php
        both modified:   lib/private/Files/ObjectStore/S3.php
        both modified:   lib/private/Files/View.php
        both modified:   package-lock.json
        both modified:   package.json
        both modified:   psalm.xml
        both modified:   version.php

Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git restore <file>..." to discard changes in working directory)
        modified:   3rdparty (new commits)

gitpod /workspace/server (sunet-patch|MERGING) $

@yasharpm can you try?

@yasharpm
Copy link

yasharpm commented May 14, 2023
edited

I am getting the conflict errors as well. Looking at the conflicts, some of them are identical to each other!

@yasharpm
Copy link

The only conclusion I can make is that our forks from NextCloud/master contained commits that did not make it in the future releases of NextCloud. Our fork is more that 400 commits behind the NextCloud master. I will be very difficult to compare which commits are not there. Trying to find a way...

@mickenordin
Copy link

mickenordin commented May 14, 2023
edited

Is it possible to do it the other way around? I.e. to checkout stable 26 branch and cherry-pick only your commits?

Do you have a list of commit hashes that needs to be applied to Nextcloud?

@mickenordin
Copy link

Is it just these two?

our contribution to NC MFA: nextcloud/server#35555 (pending)
our contribution to NC workflow engine: nextcloud/server#37914 (pending)

@yasharpm
Copy link

checkout stable 26 branch and cherry-pick only your commits

That's a great idea! There are only 2 commits we need in there.

Is it just these two?

Yes. https://github.com/pondersource/server is ahead and contains both commits.

@mickenordin
Copy link

So we only need these two, right?
https://github.com/nextcloud/server/commit/d9c66ba3b1038794fba85195e6d25c28b47e573b.diff

https://github.com/nextcloud/server/commit/3bc59153925d50b2dbb34df8b3c5502217d36267.diff

@yasharpm
Copy link

yasharpm commented May 14, 2023
edited

Seems right to me! I'm going to cherry pick them and see how it goes.

@mickenordin
Copy link

I did this now:

git clone https://github.com/nextcloud/server.git
cd server
git checkout v26.0.1
npm install
wget https://github.com/nextcloud/server/commit/d9c66ba3b1038794fba85195e6d25c28b47e573b.diff
wget https://github.com/nextcloud/server/commit/3bc59153925d50b2dbb34df8b3c5502217d36267.diff
patch -p1 < d9c66ba3b1038794fba85195e6d25c28b47e573b.diff
patch -p1 < 3bc59153925d50b2dbb34df8b3c5502217d36267.diff # Two hunk fails, only one needs to be fixed

then I manually added:

import MfaVerifiedValue from './MfaVerifiedValue.vue'

To line 27 of apps/workflowengine/src/components/Checks/file.js

since that hunk failed, and then ran:

make all # I think this fixes the other one which was in dist/workflowengine-workflowengine.js.map, what do you think?

@yasharpm
Copy link

I think you are doing amazing work! 😄

@yasharpm
Copy link

I followed @mickenordin 's steps. The changes apps/workflowengine/src/components/Checks/file.js most likely should be discarded since it is only an import and is not there when looking at the end result in pondersource/server repository.

Also tried calling make all and it fails with error 137 which seems to be an out of memory error. I tried calling with jobs set to one (make -j 1 all) but I am still getting the same error.

My peers are back to work today. So hopefully we will get together and get it ready ASAP.

@mickenordin
Copy link

Ok, this is the latest enterprise version:

https://download.nextcloud.com/.customers/server/26.0.1-21154162/nextcloud-26.0.1-enterprise.zip

To that, I can apply these patches:

diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 7e115cf9b422..3e71d0787b31 100644
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -52,6 +52,7 @@
 class Manager {
 	public const SESSION_UID_KEY = 'two_factor_auth_uid';
 	public const SESSION_UID_DONE = 'two_factor_auth_passed';
+	public const SESSION_UID_CONFIGURING = 'two_factor_auth_configuring';
 	public const REMEMBER_LOGIN = 'two_factor_remember_login';
 	public const BACKUP_CODES_PROVIDER_ID = 'backup_codes';
 
@@ -359,7 +360,7 @@ public function needsSecondFactor(IUser $user = null): bool {
 				$tokensNeeding2FA = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
 
 				if (!\in_array((string) $tokenId, $tokensNeeding2FA, true)) {
-					$this->session->set(self::SESSION_UID_DONE, $user->getUID());
+					$this->session->set(self::SESSION_UID_CONFIGURING, $user->getUID());
 					return false;
 				}
 			} catch (InvalidTokenException|SessionNotAvailableException $e) {
 

diff --git a/apps/workflowengine/composer/composer/autoload_classmap.php b/apps/workflowengine/composer/composer/autoload_classmap.php
index 39a6c6c47036..4485c7308f08 100644
--- a/apps/workflowengine/composer/composer/autoload_classmap.php
+++ b/apps/workflowengine/composer/composer/autoload_classmap.php
@@ -19,6 +19,7 @@
     'OCA\\WorkflowEngine\\Check\\RequestURL' => $baseDir . '/../lib/Check/RequestURL.php',
     'OCA\\WorkflowEngine\\Check\\RequestUserAgent' => $baseDir . '/../lib/Check/RequestUserAgent.php',
     'OCA\\WorkflowEngine\\Check\\TFileCheck' => $baseDir . '/../lib/Check/TFileCheck.php',
+    'OCA\\WorkflowEngine\\Check\\MfaVerified' => $baseDir . '/../lib/Check/MfaVerified.php',
     'OCA\\WorkflowEngine\\Check\\UserGroupMembership' => $baseDir . '/../lib/Check/UserGroupMembership.php',
     'OCA\\WorkflowEngine\\Command\\Index' => $baseDir . '/../lib/Command/Index.php',
     'OCA\\WorkflowEngine\\Controller\\AWorkflowController' => $baseDir . '/../lib/Controller/AWorkflowController.php',
diff --git a/apps/workflowengine/composer/composer/autoload_static.php b/apps/workflowengine/composer/composer/autoload_static.php
index e867bfa4feb7..9cecf8e7760d 100644
--- a/apps/workflowengine/composer/composer/autoload_static.php
+++ b/apps/workflowengine/composer/composer/autoload_static.php
@@ -35,6 +35,7 @@ class ComposerStaticInitWorkflowEngine
         'OCA\\WorkflowEngine\\Check\\RequestUserAgent' => __DIR__ . '/..' . '/../lib/Check/RequestUserAgent.php',
         'OCA\\WorkflowEngine\\Check\\TFileCheck' => __DIR__ . '/..' . '/../lib/Check/TFileCheck.php',
         'OCA\\WorkflowEngine\\Check\\UserGroupMembership' => __DIR__ . '/..' . '/../lib/Check/UserGroupMembership.php',
+        'OCA\\WorkflowEngine\\Check\\MfaVerified' => __DIR__ . '/..' . '/../lib/Check/MfaVerified.php',
         'OCA\\WorkflowEngine\\Command\\Index' => __DIR__ . '/..' . '/../lib/Command/Index.php',
         'OCA\\WorkflowEngine\\Controller\\AWorkflowController' => __DIR__ . '/..' . '/../lib/Controller/AWorkflowController.php',
         'OCA\\WorkflowEngine\\Controller\\GlobalWorkflowsController' => __DIR__ . '/..' . '/../lib/Controller/GlobalWorkflowsController.php',
diff --git a/apps/workflowengine/lib/Check/MfaVerified.php b/apps/workflowengine/lib/Check/MfaVerified.php
new file mode 100644
index 000000000000..cabb7118c315
--- /dev/null
+++ b/apps/workflowengine/lib/Check/MfaVerified.php
@@ -0,0 +1,95 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016 Joas Schilling <coding@schilljs.com>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Joas Schilling <coding@schilljs.com>
+ * @author Julius Härtl <jus@bitgrid.net>
+ * @author Richard Steinmetz <richard@steinmetz.cloud>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OCA\WorkflowEngine\Check;
+
+use OCP\IL10N;
+use OCP\WorkflowEngine\ICheck;
+use OCP\ISession;
+
+/** @psalm-suppress PropertyNotSetInConstructor */
+class MfaVerified implements ICheck{
+
+	/** @var IL10N */
+	protected $l;
+
+	/** @var ISession */
+	protected $session;
+
+	/**
+	 * @param IL10N $l
+	 * @param ISession $session
+	 */
+	public function __construct(IL10N $l, ISession $session) {
+		$this->l = $l;
+		$this->session = $session;
+	}
+
+	/**
+	 * @param string $operator
+	 * @param string $value
+	 * @return bool
+	 */
+	public function executeCheck($operator, $value): bool {
+		$mfaVerified = false;
+		if (!empty($this->session->get('globalScale.userData'))) {
+			$attr = $this->session->get('globalScale.userData')["userData"];
+			$mfaVerified = $attr["mfaVerified"];
+		}
+		if (!empty($this->session->get('user_saml.samlUserData'))) {
+			$attr = $this->session->get('user_saml.samlUserData');
+			$mfaVerified = $attr["mfa_verified"][0];
+		}
+		if (!empty($this->session->get("two_factor_auth_passed"))){
+			$mfaVerified = true;
+		}
+		
+		if ($operator === 'is') {
+			return $mfaVerified === '1'; // checking whether the current user is MFA-verified
+		} else {
+			return $mfaVerified !== '1'; // checking whether the current user is not MFA-verified
+		}
+	}
+
+	/**
+	 * @param string $operator
+	 * @param string $value
+	 * @throws \UnexpectedValueException
+	 */
+	public function validateCheck($operator, $value): void {
+		if (!in_array($operator, ['is', '!is'])) {
+			throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
+		}
+	}
+
+	public function supportedEntities(): array {
+		return [];
+	}
+
+	public function isAvailableForScope(int $scope): bool {
+		return true;
+	}
+}
diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php
index 674cfc653136..c4aebe1226c5 100644
--- a/apps/workflowengine/lib/Manager.php
+++ b/apps/workflowengine/lib/Manager.php
@@ -36,6 +36,7 @@
 use OCA\WorkflowEngine\Check\FileName;
 use OCA\WorkflowEngine\Check\FileSize;
 use OCA\WorkflowEngine\Check\FileSystemTags;
+use OCA\WorkflowEngine\Check\MfaVerified;
 use OCA\WorkflowEngine\Check\RequestRemoteAddress;
 use OCA\WorkflowEngine\Check\RequestTime;
 use OCA\WorkflowEngine\Check\RequestURL;
@@ -486,6 +487,13 @@ public function deleteOperation($id, ScopeContext $scopeContext) {
 		return $result;
 	}
 
+	/**
+	 * @param string $entity
+	 * @param array $events
+	 * @param IOperation $operation
+	 * @return void
+	 * @throws \UnexpectedValueException
+	 */
 	protected function validateEvents(string $entity, array $events, IOperation $operation) {
 		try {
 			/** @var IEntity $instance */
@@ -769,6 +777,7 @@ protected function getBuildInChecks(): array {
 				$this->container->query(FileName::class),
 				$this->container->query(FileSize::class),
 				$this->container->query(FileSystemTags::class),
+				$this->container->query(MfaVerified::class),
 				$this->container->query(RequestRemoteAddress::class),
 				$this->container->query(RequestTime::class),
 				$this->container->query(RequestURL::class),
@@ -784,4 +793,4 @@ protected function getBuildInChecks(): array {
 	public function isUserScopeEnabled(): bool {
 		return $this->config->getAppValue(Application::APP_ID, 'user_scope_disabled', 'no') === 'no';
 	}
-}
+}
\ No newline at end of file
diff --git a/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue b/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue
new file mode 100644
index 000000000000..d423f8467fc1
--- /dev/null
+++ b/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue
@@ -0,0 +1,5 @@
+<template>
+	<div>
+		<!-- Only for remove default input -->
+	</div>
+</template>
\ No newline at end of file

Is that correct?

As you can see I removed some hunks that references these files:

  • tests/lib/Authentication/TwoFactorAuth/ManagerTest.php since that is not there
  • apps/workflowengine/src/components/Checks/file.js
  • dist/workflowengine-workflowengine.js
  • dist/workflowengine-workflowengine.js.map

The two last ones seems strange though, since the original patch removes them, and they are present in the enterprise zip. That leads me to believe that they are created after a build step, which must be run first, so maybe the idea to patch the enterprise zip directly did not pan out...

@mickenordin
Copy link

dist/workflowengine-workflowengine.js(.map) does not differ after applying the patches and running make all in the git repo and checking aginst the files in the enterprise zip.

@mickenordin
Copy link

So applying these two patches to the v26.0.1 tag of the official nextcloud git repo, running npm install and make all, produces these changes:

 micke@mickes-riktiga-datta  ~/sources/nextcloud/server  ➦ 8cfcb8e2a2f ±  git status
HEAD detached at v26.0.1
Changes not staged for commit:
  (use "git add <file>..." to update what will be committed)
  (use "git restore <file>..." to discard changes in working directory)
	modified:   apps/workflowengine/composer/composer/autoload_classmap.php
	modified:   apps/workflowengine/composer/composer/autoload_static.php
	modified:   apps/workflowengine/lib/Manager.php
	modified:   lib/private/Authentication/TwoFactorAuth/Manager.php
	modified:   package-lock.json

Untracked files:
  (use "git add <file>..." to include in what will be committed)
	apps/workflowengine/lib/Check/MfaVerified.php
	apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue

no changes added to commit (use "git add" and/or "git commit -a")

@mickenordin
Copy link

mickenordin commented May 15, 2023
edited

This is one patch that applies cleanly to nextcloud-26.0.1-enterprise.zip

wget https://download.nextcloud.com/.customers/server/26.0.1-21154162/nextcloud-26.0.1-enterprise.zip
wget https://sunet.drive.sunet.se/index.php/s/4erRieGXp8rCKdM/download/mfa_verified.patch

unzip nextcloud-26.0.1-enterprise.zip
cd nextcloud
patch -p1 < ../mfa_verified.patch

Can you verify that this is all that is needed? In that case, I think we are good to go :)

For future use, I will leave the patch inline here as well:

diff --git a/apps/workflowengine/composer/composer/autoload_classmap.php b/apps/workflowengine/composer/composer/autoload_classmap.php
index 39a6c6c4703..4485c7308f0 100644
--- a/apps/workflowengine/composer/composer/autoload_classmap.php
+++ b/apps/workflowengine/composer/composer/autoload_classmap.php
@@ -19,6 +19,7 @@ return array(
     'OCA\\WorkflowEngine\\Check\\RequestURL' => $baseDir . '/../lib/Check/RequestURL.php',
     'OCA\\WorkflowEngine\\Check\\RequestUserAgent' => $baseDir . '/../lib/Check/RequestUserAgent.php',
     'OCA\\WorkflowEngine\\Check\\TFileCheck' => $baseDir . '/../lib/Check/TFileCheck.php',
+    'OCA\\WorkflowEngine\\Check\\MfaVerified' => $baseDir . '/../lib/Check/MfaVerified.php',
     'OCA\\WorkflowEngine\\Check\\UserGroupMembership' => $baseDir . '/../lib/Check/UserGroupMembership.php',
     'OCA\\WorkflowEngine\\Command\\Index' => $baseDir . '/../lib/Command/Index.php',
     'OCA\\WorkflowEngine\\Controller\\AWorkflowController' => $baseDir . '/../lib/Controller/AWorkflowController.php',
diff --git a/apps/workflowengine/composer/composer/autoload_static.php b/apps/workflowengine/composer/composer/autoload_static.php
index e867bfa4feb..9cecf8e7760 100644
--- a/apps/workflowengine/composer/composer/autoload_static.php
+++ b/apps/workflowengine/composer/composer/autoload_static.php
@@ -35,6 +35,7 @@ class ComposerStaticInitWorkflowEngine
         'OCA\\WorkflowEngine\\Check\\RequestUserAgent' => __DIR__ . '/..' . '/../lib/Check/RequestUserAgent.php',
         'OCA\\WorkflowEngine\\Check\\TFileCheck' => __DIR__ . '/..' . '/../lib/Check/TFileCheck.php',
         'OCA\\WorkflowEngine\\Check\\UserGroupMembership' => __DIR__ . '/..' . '/../lib/Check/UserGroupMembership.php',
+        'OCA\\WorkflowEngine\\Check\\MfaVerified' => __DIR__ . '/..' . '/../lib/Check/MfaVerified.php',
         'OCA\\WorkflowEngine\\Command\\Index' => __DIR__ . '/..' . '/../lib/Command/Index.php',
         'OCA\\WorkflowEngine\\Controller\\AWorkflowController' => __DIR__ . '/..' . '/../lib/Controller/AWorkflowController.php',
         'OCA\\WorkflowEngine\\Controller\\GlobalWorkflowsController' => __DIR__ . '/..' . '/../lib/Controller/GlobalWorkflowsController.php',
diff --git a/apps/workflowengine/lib/Check/MfaVerified.php b/apps/workflowengine/lib/Check/MfaVerified.php
new file mode 100644
index 00000000000..cabb7118c31
--- /dev/null
+++ b/apps/workflowengine/lib/Check/MfaVerified.php
@@ -0,0 +1,95 @@
+<?php
+/**
+ * @copyright Copyright (c) 2016 Joas Schilling <coding@schilljs.com>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ * @author Christoph Wurst <christoph@winzerhof-wurst.at>
+ * @author Joas Schilling <coding@schilljs.com>
+ * @author Julius Härtl <jus@bitgrid.net>
+ * @author Richard Steinmetz <richard@steinmetz.cloud>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OCA\WorkflowEngine\Check;
+
+use OCP\IL10N;
+use OCP\WorkflowEngine\ICheck;
+use OCP\ISession;
+
+/** @psalm-suppress PropertyNotSetInConstructor */
+class MfaVerified implements ICheck{
+
+	/** @var IL10N */
+	protected $l;
+
+	/** @var ISession */
+	protected $session;
+
+	/**
+	 * @param IL10N $l
+	 * @param ISession $session
+	 */
+	public function __construct(IL10N $l, ISession $session) {
+		$this->l = $l;
+		$this->session = $session;
+	}
+
+	/**
+	 * @param string $operator
+	 * @param string $value
+	 * @return bool
+	 */
+	public function executeCheck($operator, $value): bool {
+		$mfaVerified = false;
+		if (!empty($this->session->get('globalScale.userData'))) {
+			$attr = $this->session->get('globalScale.userData')["userData"];
+			$mfaVerified = $attr["mfaVerified"];
+		}
+		if (!empty($this->session->get('user_saml.samlUserData'))) {
+			$attr = $this->session->get('user_saml.samlUserData');
+			$mfaVerified = $attr["mfa_verified"][0];
+		}
+		if (!empty($this->session->get("two_factor_auth_passed"))){
+			$mfaVerified = true;
+		}
+		
+		if ($operator === 'is') {
+			return $mfaVerified === '1'; // checking whether the current user is MFA-verified
+		} else {
+			return $mfaVerified !== '1'; // checking whether the current user is not MFA-verified
+		}
+	}
+
+	/**
+	 * @param string $operator
+	 * @param string $value
+	 * @throws \UnexpectedValueException
+	 */
+	public function validateCheck($operator, $value): void {
+		if (!in_array($operator, ['is', '!is'])) {
+			throw new \UnexpectedValueException($this->l->t('The given operator is invalid'), 1);
+		}
+	}
+
+	public function supportedEntities(): array {
+		return [];
+	}
+
+	public function isAvailableForScope(int $scope): bool {
+		return true;
+	}
+}
diff --git a/apps/workflowengine/lib/Manager.php b/apps/workflowengine/lib/Manager.php
index 674cfc65313..c4aebe1226c 100644
--- a/apps/workflowengine/lib/Manager.php
+++ b/apps/workflowengine/lib/Manager.php
@@ -36,6 +36,7 @@ use OCA\WorkflowEngine\Check\FileMimeType;
 use OCA\WorkflowEngine\Check\FileName;
 use OCA\WorkflowEngine\Check\FileSize;
 use OCA\WorkflowEngine\Check\FileSystemTags;
+use OCA\WorkflowEngine\Check\MfaVerified;
 use OCA\WorkflowEngine\Check\RequestRemoteAddress;
 use OCA\WorkflowEngine\Check\RequestTime;
 use OCA\WorkflowEngine\Check\RequestURL;
@@ -486,6 +487,13 @@ class Manager implements IManager {
 		return $result;
 	}
 
+	/**
+	 * @param string $entity
+	 * @param array $events
+	 * @param IOperation $operation
+	 * @return void
+	 * @throws \UnexpectedValueException
+	 */
 	protected function validateEvents(string $entity, array $events, IOperation $operation) {
 		try {
 			/** @var IEntity $instance */
@@ -769,6 +777,7 @@ class Manager implements IManager {
 				$this->container->query(FileName::class),
 				$this->container->query(FileSize::class),
 				$this->container->query(FileSystemTags::class),
+				$this->container->query(MfaVerified::class),
 				$this->container->query(RequestRemoteAddress::class),
 				$this->container->query(RequestTime::class),
 				$this->container->query(RequestURL::class),
@@ -784,4 +793,4 @@ class Manager implements IManager {
 	public function isUserScopeEnabled(): bool {
 		return $this->config->getAppValue(Application::APP_ID, 'user_scope_disabled', 'no') === 'no';
 	}
-}
+}
\ No newline at end of file
diff --git a/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue b/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue
new file mode 100644
index 00000000000..d423f8467fc
--- /dev/null
+++ b/apps/workflowengine/src/components/Checks/MfaVerifiedValue.vue
@@ -0,0 +1,5 @@
+<template>
+	<div>
+		<!-- Only for remove default input -->
+	</div>
+</template>
\ No newline at end of file
diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index d62556465df..bc3bd161318 100644
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -52,6 +52,7 @@ use function array_filter;
 class Manager {
 	public const SESSION_UID_KEY = 'two_factor_auth_uid';
 	public const SESSION_UID_DONE = 'two_factor_auth_passed';
+	public const SESSION_UID_CONFIGURING = 'two_factor_auth_configuring';
 	public const REMEMBER_LOGIN = 'two_factor_remember_login';
 	public const BACKUP_CODES_PROVIDER_ID = 'backup_codes';
 
@@ -359,7 +360,7 @@ class Manager {
 				$tokensNeeding2FA = $this->config->getUserKeys($user->getUID(), 'login_token_2fa');
 
 				if (!\in_array((string) $tokenId, $tokensNeeding2FA, true)) {
-					$this->session->set(self::SESSION_UID_DONE, $user->getUID());
+					$this->session->set(self::SESSION_UID_CONFIGURING, $user->getUID());
 					return false;
 				}
 			} catch (InvalidTokenException|SessionNotAvailableException $e) {

@yasharpm
Copy link

Ah well that's awesome!

I will test our mfa app against this new NextCloud and make sure everything works fine. I'll keep you posted.

@yasharpm
Copy link

The mfa app also requires the File access control to also be installed.

@mickenordin do you need the tar ball with only the NextCloud or the two apps (mfa, file_accesscontrol) also installed on it?

@mickenordin
Copy link

If you can verify that the patch above works, it is fine for me, I can use the enterprise tarball and patch it when building the docker image.

I will use this tar ball for file access controll: https://github.com/nextcloud-releases/files_accesscontrol/releases/download/v1.16.0/files_accesscontrol-v1.16.0.tar.gz
And should I use this one from the Nextcloud appstore for the mfa-app? https://github.com/pondersource/mfazones/blob/main/release/mfazones.tar.gz?raw=true

@yasharpm
Copy link

@mickenordin good news! We just checked everything and we are OK to move forward with the above patch. 👍

@mickenordin
Copy link

Perfect, I can package it up and supply it to radically open security 👍

@mickenordin
Copy link

@yasharpm can you confirm that this is the version of the app I should use:
https://github.com/pondersource/mfazones/blob/main/release/mfazones.tar.gz?raw=true

@yasharpm
Copy link

This is the one. I confirm!

@michielbdejong
Copy link
Member Author

Resolved in https://github.com/SUNET/nextcloud-custom/blob/main/40235.diff and https://github.com/SUNET/nextcloud-custom/blob/main/39411.diff

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yasharpm yasharpm

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@michielbdejong @mickenordin @yasharpm