Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a1776866 authored by Arnau Vàzquez's avatar Arnau Vàzquez
Browse files

Merge branch 'updates-to-nc22' into 'nc-22' 

Updates to apps

See merge request !83
parents 06d0b468 4f1dc405

Dockerfile

+18 −124
Original line number Diff line number Diff line 
FROM nextcloud:22.2.6-fpm AS nextcloud

FROM nextcloud:22.2.7-fpm AS nextcloud

ARG BASE_DIR="/usr/src/nextcloud"

ARG TMP_PATCH_DIR="/tmp/build_patches"

ARG THEME_VERSION="21.1.1"

ARG THEME_HELPER_VERSION="1.0.2"

ARG NEWS_VERSION="17.0.1"

ARG QUOTA_WARN_VERSION="1.13.0"

ARG THEME_VERSION="22.0.0"

ARG THEME_HELPER_VERSION="1.1.0"

ARG NEWS_VERSION="18.0.1"

ARG QUOTA_WARN_VERSION="1.14.0"

ARG NOTES_VERSION="4.3.1"

ARG CONTACTS_VERSION="4.0.8"

ARG CALENDAR_VERSION="3.1.0"

ARG CONTACTS_VERSION="4.1.0"

ARG CALENDAR_VERSION="3.2.2"

ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1"

ARG EMAIL_RECOVERY_JOB_ID="199763"

ARG RAINLOOP_VERSION="7.1.2"

ARG RAINLOOP_COMMIT_SHA="e9da581c"

ARG EA_TAG="1.0.0"

ARG ECLOUD_LAUNCHER_JOB_ID="222001"

ARG EMAIL_RECOVERY_JOB_ID="294828"

ARG RAINLOOP_VERSION="7.2.5"

ARG RAINLOOP_COMMIT_SHA="ddece71a"

ARG EA_TAG="1.2.0"

ARG ECLOUD_LAUNCHER_JOB_ID="294845"

ARG GOOGLE_INTEGRATION_VERSION="1.0.6"



RUN sed -i 's/22,2,6,2/22,2,6,5/' ${BASE_DIR}/version.php

RUN sed -i 's/22,2,7,1/22,2,7,3/' ${BASE_DIR}/version.php

COPY custom_entrypoint.sh /

RUN chmod +x /custom_entrypoint.sh

RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images

# Install unzip for unzipping artifacts

RUN apt-get update && apt-get install unzip
@@ -96,7 +99,7 @@ RUN sed -i "s/\$systemConfig->setValue('theme', '');/\$systemConfig->setValue('t 


# Patches

COPY patches/ ${TMP_PATCH_DIR}/

RUN patch -u ${BASE_DIR}/core/Controller/LoginController.php -i ${TMP_PATCH_DIR}/002-login-without-domain.patch

RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/002-login-without-domain.patch

RUN patch -u ${BASE_DIR}/core/templates/layout.user.php -i ${TMP_PATCH_DIR}/003-contact-search-removal.patch

RUN patch -u ${BASE_DIR}/core/Controller/ContactsMenuController.php -i ${TMP_PATCH_DIR}/004-contact-search-controller-removal.patch

RUN cd ${BASE_DIR} && patch -p0 < ${TMP_PATCH_DIR}/005-autocomplete-user-leak-core.patch
@@ -126,8 +129,6 @@ RUN sed -i 's/recommendations,spreed,mail,calendar/calendar,tasks,notes/' ${BASE 
# Remove colored background from email template logo

RUN sed -i 's/$this->header, \[$this->themingDefaults->getColorPrimary()/$this->header, \["none"/' ${BASE_DIR}/lib/private/Mail/EMailTemplate.php



# fix min version of google data migration app

RUN sed -i "s/min-version=\"22\"/min-version=\"21\"/" ${BASE_DIR}/custom_apps/integration_google/appinfo/info.xml

RUN sed -i 's/ in Nextcloud/ /' ${BASE_DIR}/custom_apps/integration_google/js/integration_google-personalSettings.js

RUN sed -i 's/Nextcloud administrator/administrator/' ${BASE_DIR}/custom_apps/integration_google/js/integration_google-personalSettings.js
@@ -142,112 +143,5 @@ RUN curl -fsSL -o eCloud-theme.tar.gz \ 
# Replace "Get your own free account" NC link with /e/ Account link in public pages

RUN sed -i 's/https:\/\/nextcloud.com\/signup\//https:\/\/e\.foundation\/<?php p(\$_\[\x27language\x27\]); ?>\/e-email-invite\//' ${BASE_DIR}/core/templates/layout.public.php



# Use php 8 image

FROM php:8.0.12-fpm-bullseye

RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images



# Copy all the required files from the nextcloud stage

COPY --from=nextcloud /usr/src/nextcloud /usr/src/nextcloud

COPY --from=nextcloud /usr/local/etc/php/conf.d/ /usr/local/etc/php/conf.d/

COPY --from=nextcloud /*.sh /

COPY --from=nextcloud /upgrade.exclude /

COPY --from=nextcloud /var/spool/cron/crontabs /var/spool/cron/crontabs

COPY --from=nextcloud /entrypoint.sh /



# Copy entrypoints and add correct permissions

COPY custom_entrypoint.sh /

RUN chmod +x /custom_entrypoint.sh

RUN chmod +x /entrypoint.sh



# Install required dependencies of nextcloud

RUN set -ex; \

    \

    apt-get update; \

    apt-get install -y --no-install-recommends \

        rsync \

        bzip2 \

        busybox-static \

        libldap-common \

    ; \

    rm -rf /var/lib/apt/lists/*;



# install the PHP extensions we need

# see https://docs.nextcloud.com/server/stable/admin_manual/installation/source_installation.html

ENV PHP_MEMORY_LIMIT 512M

ENV PHP_UPLOAD_LIMIT 512M

RUN set -ex; \

    \

    savedAptMark="$(apt-mark showmanual)"; \

    \

    apt-get update; \

    apt-get install -y --no-install-recommends \

        libcurl4-openssl-dev \

        libevent-dev \

        libfreetype6-dev \

        libicu-dev \

        libjpeg-dev \

        libldap2-dev \

        libmcrypt-dev \

        libmemcached-dev \

        libpng-dev \

        libpq-dev \

        libxml2-dev \

        libmagickwand-dev \

        libzip-dev \

        libwebp-dev \

        libgmp-dev \

    ; \

    \

    debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \

    docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp; \

    docker-php-ext-configure ldap --with-libdir="lib/$debMultiarch"; \

    docker-php-ext-install -j "$(nproc)" \

        bcmath \

        exif \

        gd \

        intl \

        ldap \

        opcache \

        pcntl \

        pdo_mysql \

        pdo_pgsql \

        zip \

        gmp \

    ; \

    \

# pecl will claim success even if one install fails, so we need to perform each install separately

    pecl install APCu-5.1.21; \

    pecl install memcached-3.1.5; \

    pecl install redis-5.3.4; \

    pecl install imagick-3.5.1; \

    \

    docker-php-ext-enable \

        apcu \

        memcached \

        redis \

        imagick \

    ; \

    rm -r /tmp/pear; \

    \

# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies

    apt-mark auto '.*' > /dev/null; \

    apt-mark manual $savedAptMark; \

    ldd "$(php -r 'echo ini_get("extension_dir");')"/*.so \

        | awk '/=>/ { print $3 }' \

        | sort -u \

        | xargs -r dpkg-query -S \

        | cut -d: -f1 \

        | sort -u \

        | xargs -rt apt-mark manual; \

    \

    apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false;



# Install imagemagick

RUN apt-get -y install imagemagick;\

    rm -rf /var/lib/apt/lists/*;



VOLUME /var/www/html

ENV NEXTCLOUD_VERSION 22.2.6



ENTRYPOINT ["/custom_entrypoint.sh"]

CMD ["php-fpm"]
 
 No newline at end of file

patches/002-login-without-domain.patch

+41 −9
Original line number Diff line number Diff line
@@ -6,22 +6,54 @@ This patch auto append the domain handled by nc, configured in env var. 


only the admin user (also configured in env var) will not have his login appended with a @domain suffix



diff --git files/LoginController.php files/LoginController-new.php

--- files/LoginController.php	2021-02-04 11:20:48.000000000 +0100

+++ files/LoginController-new.php	2021-02-04 11:24:27.000000000 +0100

@@ -299,6 +299,15 @@

diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php

--- ./core/Controller/LoginController.php	2022-05-11 11:09:58.346364031 +0530

+++ ./core/Controller/LoginController-new.php	2022-05-11 11:21:08.460617172 +0530

@@ -302,7 +302,22 @@

 		if (!$this->request->passesCSRFCheck()) {

 			return $this->generateRedirect($redirect_url);

 		}

 

+		$user = trim($user);

+		$user = mb_strtolower($user, 'UTF-8');

+		$domain = $this->config->getSystemValue("mail_domain");

+		$domain_suffix = "@$domain";

+		$domain = $this->config->getSystemValue('mail_domain', '');

+		$domain_suffix = !empty($domain) ? '@' . $domain : '';

+		$alt_domain = $this->config->getSystemValue('alt_mail_domain', '');

+		$alt_domain_suffix = !empty($alt_domain) ? '@'  . $alt_domain : '';

+		$admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"];

+		if (stristr($user, $domain_suffix) === FALSE && strcmp($user, $admin_username) != 0) {

+			$user = $user . $domain_suffix;

+		$is_admin = strcmp($user, $admin_username) === 0;

 

+		if(!$is_admin) {

+				$user = str_replace($alt_domain_suffix, $domain_suffix, $user);

+		}

+

+		if (!$is_admin && stristr($user, $domain_suffix) === FALSE) {

+				$user = $user . $domain_suffix;

+		}

 		$data = new LoginData(

 			$this->request,

 			trim($user),

--- ./core/Controller/WebAuthnController.php	2022-05-11 11:11:55.469731468 +0530

+++ ./core/Controller/WebAuthnController-new.php	2022-05-11 11:27:43.978963021 +0530

@@ -73,6 +73,22 @@

 

 		$this->logger->debug('Converting login name to UID');

 		$uid = $loginName;

+                $uid = trim($uid);

+                $uid = mb_strtolower($uid, 'UTF-8');

+                $domain = \OC::$server->getConfig()->getSystemValue('mail_domain', '');

+                $domain_suffix = !empty($domain) ? '@' . $domain : '';

+                $alt_domain = \OC::$server->getConfig()->getSystemValue('alt_mail_domain', '');

+                $alt_domain_suffix = !empty($alt_domain) ? '@'  . $alt_domain : '';

+                $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"];

+                $is_admin = strcmp($uid, $admin_username) === 0;

+

+                if(!$is_admin) {

+                                                $uid = str_replace($alt_domain_suffix, $domain_suffix, $uid);

+                }

+

+                if (!$is_admin && stristr($uid, $domain_suffix) === FALSE) {

+                                                $uid = $uid . $domain_suffix;

+                }

 		Util::emitHook(

 			'\OCA\Files_Sharing\API\Server2Server',

 			'preLoginNameUsedAsUserName',

patches/006-recovery-email-changes.patch

+26 −28
Original line number Diff line number Diff line
@@ -7,44 +7,42 @@ This patch adds the necessary changes to core NC controller and template for "em 
diff --git ./core/Controller/LostController.php ./core/Controller/LostController.new.php

--- ./core/Controller/LostController.php	2022-03-23 12:00:12.000000000 +0100

+++ ./core/Controller/LostController.new.php	2022-03-23 12:06:45.000000000 +0100

@@ -173,9 +173,19 @@

 	 * @throws \Exception

@@ -174,8 +174,20 @@

 	 */

 	protected function checkPasswordResetToken(string $token, string $userId): void {

+		$domain = $this->config->getSystemValue("mail_domain");

+		$domainSuffix = "@$domain";

 		try {

+			$domain = $this->config->getSystemValue('mail_domain', '');

+			$domainSuffix = !empty($domain) ? '@' . $domain : '';

+			$altDomain = $this->config->getSystemValue('alt_mail_domain', '');

+			$altDomainSuffix = !empty($altDomain) ? '@' . $altDomain : '';

+		

+			$userId = str_replace($altDomainSuffix, $domainSuffix, $userId);

+			if(stristr($userId, $domainSuffix) === FALSE ) {

+				$userId = $userId . $domainSuffix;

+			}

+

 			$user = $this->userManager->get($userId);

-			$this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true);

+			$recoveryEmail = $this->config->getUserValue($userId, 'email-recovery', 'recovery-email');

+			$mailAddress = is_null($recoveryEmail) ? '' : $recoveryEmail;

+

 		try {

 			$user = $this->userManager->get($userId);

-			$this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true);

+			$this->verificationToken->check($token, $user, 'lostpassword', $mailAddress, true);

 		} catch (InvalidTokenException $e) {

 			$error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED

 				? $this->l10n->t('Could not reset password because the token is expired')

@@ -214,6 +224,13 @@

 			return new JSONResponse($this->error($this->l10n->t('Password reset is disabled')));

 		}



+		$domain = $this->config->getSystemValue("mail_domain");

+        $domainSuffix = "@$domain";

@@ -287,8 +299,18 @@

 	 * @throws \OCP\PreConditionNotMetException

 	 */

 	protected function sendEmail($input) {

+		$domain = $this->config->getSystemValue('mail_domain', '');

+		$domainSuffix = !empty($domain) ? '@' . $domain : '';

+		$altDomain = $this->config->getSystemValue('alt_mail_domain', '');

+		$altDomainSuffix = !empty($altDomain) ? '@' . $altDomain : '';

+		

+		$input = str_replace($altDomainSuffix, $domainSuffix, $input);

+		if(stristr($input, $domainSuffix) === FALSE ) {

+			$input = $input . $domainSuffix;

+		}

+

 		\OCP\Util::emitHook(

 			'\OCA\Files_Sharing\API\Server2Server',

 			'preLoginNameUsedAsUserName',

@@ -288,7 +305,7 @@

 	 */

 	protected function sendEmail($input) {

 		$user = $this->findUserByIdOrMail($input);

-		$email = $user->getEMailAddress();

+		$email = $this->config->getUserValue($user->getUID(), 'email-recovery', 'recovery-email');

patches/009-help-links.patch

+2 −2
Original line number Diff line number Diff line
@@ -28,10 +28,10 @@ help links are shown 
-} ?>"

-				href="<?php print_unescaped($_['urlUserDocs']); ?>">

+			<a class="icon-user" 

+				href="https://docs.nextcloud.com/server/21/user_manual/en" target="_blank" rel="noreferrer noopener">

+				href="https://docs.nextcloud.com/server/<?php print_unescaped($_['ncVersion']); ?>/user_manual/en" target="_blank" rel="noreferrer noopener">

 				<span class="help-list__text">

-					<?php p($l->t('User documentation')); ?>

+					<?php p('Nextcloud ' . $_['ncVersion'] . ' ' . $l->t('User documentation')); ?>

+					<?php p('Nextcloud ' . $_['ncVersion'] . ' ' . $l->t('User documentation')); ?>

 				</span>

 			</a>

 		</li>