The local date and time value was converted into a string, just to be converted
into another string, to be converted to a value once again, returning zero as
the result. This caused the widget to always display "now".
Looks like this was a simply copy and paste mistake from this line in
ActivityListModel::slotActivitiesReceived:
a._dateTime = QDateTime::fromString(json.value("date").toString(), Qt::ISODate);
Signed-off-by: Michael Schuster <michael@schuster.ms>
With QtKeychain on Windows, storing larger keys or certs in one keychain entry causes the
following error due to limits in the Windows APIs:
Error: "Credential size exceeds maximum size of 2560"
This fix implements the new wrapper class KeychainChunk with wrapper jobs ReadJob and WriteJob
to encapsulate the QKeychain handling of ReadPasswordJob and WritePasswordJob with binaryData
but split every supplied keychain entry's data into 2048 byte chunks, on Windows only.
The wrapper is used for all keychain operations in WebFlowCredentials, except for the server password.
All finished keychain jobs now get deleted properly, to avoid memory leaks.
For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394
This should finally fix the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Improve status messages
- Add a counter to make sure that "Link copied to clipboard." is visible for
three seconds and to not enable the buttons too early
- Add more space between buttons and status
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Flow2AuthCredsPage:
- Remove .ui file and embed Flow2AuthWidget into layout
- Flow2AuthWidget:
- Make use generic for Flow2AuthCredsPage and WebFlowCredentialsDialog
- Fix _errorLabel to render HTML tags instead of dumping them as plain text
- Flow2Auth:
- Explicitly start auth with startAuth(account) instead of using constructor
- Take control of copying the auth link to clipboard
- Request a new auth link on copying, to avoid expiry invalidation
- Use signals statusChanged() and result() to be more verbose (status, errors)
- Change timer invocation and add safety bool's to avoid weird behaviour when
the user triggers multiple link-copy calls (fetchNewToken)
Signed-off-by: Michael Schuster <michael@schuster.ms>
New widget on top of the layout, based on Qt's own modern wizard header banner.
This should improve the user's perception of the dialog.
Encapsulate the existing layout into a container layout to allow the banner taking
the full width of the dialog.
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Add new signal to let WebFlowCredentials know and emit asked() to also
tell AccountState that the user won't authenticate, and triggering
log-out state in the settings window.
- Use deleteLater() to safely delete WebFlowCredentialsDialog, so
that Qt can free it at the right time and without crashes.
Do the same with it's _webView and _flow2AuthWidget on closeEvent().
Signed-off-by: Michael Schuster <michael@schuster.ms>
Also enable / disable buttons during polling.
This aims to make the authentication status more transparent and should avoid the
impression that the client is perhaps doing nothing.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Since the default remote poll interval has been re-raised recently to 30 seconds,
the delay between clicking "Grant access" in the browser and fetch and showing success
in the dialog may seem erroneous to the users and tempt them to click "Re-open browser"
again, causing the whole login process to restart.
This commit implements an event handler to pass the dialog's window activation
event down to the Login Flow v2 widget, in order to allow it to poll earlier.
See previous commits for dependent implementation details.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Purpose: The floating re-auth windows of the WebFlowCredentialsDialog often get hidden behind
the SettingsDialog, and the users have to minimize a lot of other windows to find them again.
See previous commit for dependent implementation details.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Signal the SettingsDialog's window activation event down to ownCloudGui and Application,
so that other classes can hook in to get notified when the SettingsDialog is being shown
again.
This approach has been chosen because we otherwise would have to deal with new instance
pointers of the current SettingsWindow - but Application is already there ;-)
Purpose: The floating re-auth windows of the WebFlowCredentialsDialog often get hidden
behind the SettingsDialog, and the users have to minimize a lot of other windows to find
them again. This commit implements the preparation for the upcoming fix commit.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Since the default remote poll interval has been re-raised recently to 30 seconds,
the delay between clicking "Grant access" in the browser and fetch and showing success
in the wizard may seem erroneous to the users and tempt them to click "Re-open browser"
again, causing the whole login process to restart.
This commit implements an event handler to pass the wizard's window activation
event down to the Login Flow v2 page, in order to allow it to poll earlier.
Signed-off-by: Michael Schuster <michael@schuster.ms>
After fixing the crash in the previous commit, double-clicking on Activity list rows still didn't work.
This fix partly reverts commit 8546d53b05 in ActivityItemDelegate::PathRole
of ActivityListModel::data, but adds a new check for relPath's existence in line 74.
I'm assuming the previous change there has been done to shorten the code and avoid opening the user's home
folder upon clicking entries which file value is "App Password". The new path-check takes care of that too now.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Also implement cached member icons in ActivityListModel and return their enums to
ActivityItemDelegate instead of always recreating them for each call to paint().
Signed-off-by: Michael Schuster <michael@schuster.ms>
Add checks to ActivityListModel::combineActivityLists in order to avoid adding
empty Activity entries to the _finalList.
The previous implementation always added an empty entry to the top of the list because
_notificationIgnoredFiles was appended without checking (_listOfIgnoredFiles.size() > 0).
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Rename it to 'Finder' on macOS.
- This way we also avoid having the whole string re-translated on Transifex.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Use customizeStyle() to change link colours, icons and pixmaps in the ShareDialog and notify
it's widgets via slots.
TODO - known issue (macOS):
- The background and font colours in the ShareUserLine widget still stay the same.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Use customizeStyle() to change link colours in the SettingsDialog and notify it's widgets via slots.
Also modify the background colour of the errors messages in AccountSettings::showConnectionLabel
to always use an appropiate colour for it's custom-defined background.
Signed-off-by: Michael Schuster <michael@schuster.ms>
This introduces a new method to change the colours in the links in QLabel's.
Utilizes a custom crafted RegEx function to replace already-coloured links.
Moved code is based on stuff from the SettingsDialog class.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Reverts back to the SettingsDialog class because of bugs and glitches with
more recent Qt versions (Qt 5.12) and with the macOS Dark Mode.
See upstream: https://github.com/owncloud/client/pull/7492
Signed-off-by: Michael Schuster <michael@schuster.ms>
Clear the key chunk buffer, but don't set _clientSslKeyChunkCount to zero because we need it later for deleteKeychainEntries
Signed-off-by: Michael Schuster <michael@schuster.ms>
Client SSL certificates and keys cannot be deleted at this time because there is
no UI for selecting them on re-login.
We introduce this dirty hack here, to allow deleting them upon Remote Wipe.
Signed-off-by: Michael Schuster <michael@schuster.ms>
WebFlowCredentials:
- Remove _clientSslCaKeyWriteQueue and simply use _clientSslKeyChunkBufferPEM
- Store key's sub-chunks in slots with "." (dot) suffix
- Implement deletion of the key chunks in WebFlowCredentials::deleteKeychainEntries
- Remove spaces in log messages
- Improve code readability
Signed-off-by: Michael Schuster <michael@schuster.ms>
With QtKeychain on Windows, storing larger keys in one keychain entry causes the
following error due to limits in the Windows APIs:
Error: "Credential size exceeds maximum size of 2560"
To avoid overhead on the other platforms and balance code duplication, this
approach puts some read- and write-parts into Windows-only defines.
For reference also see previous fixes:
- https://github.com/nextcloud/desktop/pull/1389
- https://github.com/nextcloud/desktop/pull/1394
This (again) fixes the re-opened issue:
- https://github.com/nextcloud/desktop/issues/863
Signed-off-by: Michael Schuster <michael@schuster.ms>
This commit ensures that the check also occurs on re-authorization in case
the user gets logged out.
See: https://github.com/nextcloud/desktop/pull/1644
Signed-off-by: Michael Schuster <michael@schuster.ms>
There is no need to call toMSecsSinceEpoch() as QDateTime implements an
comparison operator itself. This is more efficient, because the
QDateTime comparison operator doesn't call localtime() in all cases. Thus, we
don't read /etc/localtime for every comparison. This improves
performance in some cases.
Signed-off-by: David Kahles <david.kahles96@gmail.com>
The app password for the remote wipe was constantly being written in
WebFlowCredentials::slotFinished to the keychain, leading to unnecessary
write and log overhead on the system.
This fix introduces a check to only store the app password once in
a lifetime of the Account class. Also the method used to store the
password will be renamed from setAppPassword to writeAppPasswordOnce
to be more expressive.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Provide a download link to the new version instead of the confusing message that
users should use their "system's update tool to install it".
Signed-off-by: Michael Schuster <michael@schuster.ms>
- When the the users logs because of 401 or 403 errors, it checks if the
server requested the remote wipe. If yes, locally deletes account and folders
connected to the account and notify the server. If no, proceeds to ask the
user to login again.
- The app password is restored in the keychain.
- WIP: The change also includes a test class for RemoteWipe.
Signed-off-by: Camila San <hello@camila.codes>
The webserver lighttpd rejected POST requests without a Content-length
header with "411 Length Required".
See: https://github.com/nextcloud/desktop/issues/1473
Signed-off-by: Michael Schuster <michael@schuster.ms>
Sets the target version from "15" to "latest" and removes
"index.html" because this could get obsolete in the future too.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Instead of adding the "Apps" menu after the apps are fetched, add it
from the start (together with other actions) but in a disabled state,
and enable it after the apps data is ready.
Signed-off-by: Sergey Zolotarev <sryze@protonmail.com>
This reverts commit 8f616969ab.
Turns out that with the upgrade to the new released Qt 5.12.5 the issue
has been solved by the Qt developers, so this fix becomes obsolete.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Qt 5.12.4 seems to introduce a new bug on Windows, causing the settings window
to not be redrawn when re-opening it, for example by clicking at the tray icon.
As a workaround this fix starts a 100 ms timer to be fired once upon
QDialog::showEvent is called.
Signed-off-by: Michael Schuster <michael@schuster.ms>
Sanitize URL paths to elaminate double-slashes in the URL path string,
used for the first connection by the account setup wizard.
Example: https://cloud.example.com/remote.php/webdav//
Signed-off-by: Michael Schuster <michael@schuster.ms>
Removes the right-click function for the "Re-open browser" buttons because
they are not intuitive for the user.
Adds a dedicated "Copy link" button.
Implements Qt 5.5 fixes based on: https://github.com/nextcloud/desktop/pull/1392
Signed-off-by: Michael Schuster <michael@schuster.ms>
MD5 has been broken for a long time now and SHA1 has been
deprecated as well. SHA1 is not used when issuing new
publicly trusted certificates since 1 January 2016[1] and
there are more and more effective attacks[2][3] against it,
so display SHA1 fingerprint only for old certificates
to encourage use of safer digests by users.
So, we display SHA-256 and SHA-512 fingerprints instead in
the common case.
[1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.5.pdf
[2] https://shattered.io/static/shattered.pdf
[3] https://eprint.iacr.org/2019/459.pdf
Signed-off-by: Martin Sucha <git@mm.ms47.eu>
Saving all client CA's within one credential may result in:
Error: "Credential size exceeds maximum size of 2560"
Client CA certificates are now being stored in separate slots
within the keychain and are being processed by a queue mechanism.
IMPORTANT TODO:
forgetSensitiveData(): Invoked by "Log out" & "Remove account"
- Remove client CA certs and KEY!
(uncomment "//deleteKeychainEntries();" )
Disabled as long as selecting another cert is not supported by the UI.
Signed-off-by: Michael Schuster <michael@schuster.ms>
The previous commit 50cd6af394 - Build a webflowcredentials
changed:
src/gui/wizard/flow2authcredspage.cpp in line 135 to use WebFlowCredentials
instead of HttpCredentials.
But the WebFlowCredentials class didn't include code to store and load SSL client
certificates and keys from the keychain.
This commit migrates the useful stuff from the old HttpCredentials class
into WebFlowCredentials.
Successfully tested on Windows. Please test on other systems and verify it's safe! :)
Signed-off-by: Michael Schuster <michael@schuster.ms>
- Implements re-auth upon logout -> login
- Improves UI and security
TODO:
- SSL: Client certificate login is possible at the first time only but missing after relaunch
Signed-off-by: Michael Schuster <michael@schuster.ms>
This is the first draft of the Login Flow V2 authorization method.
See: https://docs.nextcloud.com/server/latest/developer_manual/client_apis/LoginFlow/index.html#login-flow-v2
- Adds the Login Fĺow V2 auth method
- Adds ability to reinitiate a new request via UI
TODO:
- Implement re-auth upon logout -> login
- Improve UI
- SSL: Client certificate login is possible at the first time only but missing after relaunch
Signed-off-by: Michael Schuster <michael@schuster.ms>
`clearContents()` will leave the number of rows as is. This was causing
a segfault when trying to loop over the items of the widget.
Signed-off-by: Samir Benmendil <me@rmz.io>
It filters the error out of the list of blocking errors. It now shows up
in the Activities and Notificattions list as a warning.
Signed-off-by: Camila San <hello@camila.codes>
If the initiator or the recipient is not the current user,
show the list of sharees without any options to edit it.
Minor change: updates api to v2.
Signed-off-by: Camila San <hello@camila.codes>
The path returned from the server encodes a space in the username with `+` and if the username contains a `+` sign it is encoded as `%2B` (cf. https://www.php.net/manual/function.urlencode.php).
Fix: Don't (double) decode the URL path and then replace `+` with space (introduced in issue #279 resp. commit 9ec61a84ce). Instead first replace `+` with space, then decode percent encoding.
Tested with a username containing a space, a username containing a `+`sign and a username containing just A-Za-z0-9- (with Nextcloud 16).
(fixes issue #1266)
Signed-off-by: Sven Strickroth <email@cs-ware.de>
- Text changed to "Enable..." instead of "Setup"
- The close icon follows NC style
- "end-to-end" instead of "end to end"
Signed-off-by: Ivan Čukić <ivan.cukic@kde.org>
Instead of immediately popping up the mnemonic dialogue,
only show a notification bar on the account setup page.
For the cases where the user does not want to use E2E,
this is significantly less intrusive than the old approach.
The quota retrieval process might not be finished by the time
the used space on the server (`_rSize`) is compared against
the locally available disk space which might end up in
a "There isn't enough free space in the local folder!" message
even if there is enough free space.
This patch updates the status after the quota has been retrieved.
It also initializes `_rSize` to `-1` so that errors like this
are easier to catch in the future.
Qt recommends to register a URL scheme before installing it.
I don't know the impact of the not registering before instaling but I
think the change is pretty harmles.
See:
https://doc.qt.io/qt-5/qwebengineurlscheme.html#registerScheme
Signed-off-by: Björn Bidar <theodorstormgrade@gmail.com>
This is a quick hack to make self signed certificates work.
I'm not to fond of it the real solution should be to request the url
with QNAM and then see if it fails.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
I must admit why this works is puzzling me. However if I just use a system
proxy without this it doesn't work. I suspect a Qt bug but will have to
dig deeper to find out if that is the case.
For now this little hack will have to do.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Stylesheet String was not correctly defined (missing ";" after "%2") and caused an error in logging output.
After checking the fixed Style I removed it since it does not really look good.
We should stop fetching the moment the activity stream is empty when
fetched. It doesn't matter if the current list is empty.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#788Fixes#834
If the activity app is not enabled we should not try to fetch the
activities at all.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
NOTE: The progress indicator is temporarily moved one line up to avoid
inserting it on its own line, which would cause the content pushed down
and the dialog size jump back and forth.
Remove hard-coded fixed sizes, size constraints, and other unnecessary
property assignments. This works with any dialog width, meaning that
the width can be defined in one place higher up in the widget hierachy.
SettingsDialog::accountAdded() uses the height of the toolbar to
calculate the desired default size for toolbuttons. Make sure to have
the "General" and "Network" tool buttons in place before calling
accountAdded() to avoid cramped first button.
The original non-animated slide show was running at 2500ms interval.
The new animated slide show was using the same interval, but used
1000ms to animate the slides. This left significantly less time for
the user to read the slides.
... in addition to fixing up the scheme and host.
For example, the survey app sends "/settings/admin/survey_client" as
a link. Clicking the "More information" button wouldn't lead to the
correct place if NC was running on a custom port.
For some reason, QLabel with rich text and word wrapping enabled
calculates quite a bit too large size hint. Luckily, it's rich text
that is already divided to paragraphs so that wrapping makes actually
very little visual difference. For example, on my screen, when the
settings dialog is resized horizontally to the minimum, the only word
that actually wrapped was "2017". After this patch, it naturally won't
wrap anymore, but the General Settings page also doesn't leave a large
gap at the bottom. As a result, the minimum height of the dialog went
down from 581 to 525. The exact values depend on the style and fonts.
Fixes#91.
This makes the bottom margin aligned with horizontal margins, and
eliminates a warning on startup:
[unknown QObject::connect: Cannot connect (null)::clicked() to OCC::SettingsDialog::accept()
This moves all the basic http auth over to the webflow mechanism.
This thus also makes sure that if the password changes a webflow page
pops up. And thus will directly move them over to apptokens then.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>