diff --git a/Dockerfile b/Dockerfile
index ced422cdbe1285e48390d3cc222e8e57eeca9b99..f9938d76cbb9c0165e8667eac9ae3a200396fcd3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
FROM nextcloud:29.0.16-fpm AS nextcloud
ARG BASE_DIR="/usr/src/nextcloud"
ARG TMP_PATCH_DIR="/tmp/build_patches"
-ARG THEME_HELPER_JOB_ID="1210583"
+ARG THEME_HELPER_JOB_ID="1233399"
ARG NOTES_VERSION="4.11.0"
ARG CONTACTS_JOB_ID="881946"
ARG CALENDAR_JOB_ID="991372"
@@ -16,7 +16,7 @@ ARG USER_MIGRATION_JOB_ID="1168093"
ARG MEMORIES_VERSION="7.5.2"
ARG DROP_ACCOUNT_VERSION="2.7.1"
-RUN sed -i 's/29,0,16,1/29,0,16,2/' ${BASE_DIR}/version.php
+RUN sed -i 's/29,0,16,1/29,0,16,3/' ${BASE_DIR}/version.php
COPY custom_entrypoint.sh /
RUN chmod +x /custom_entrypoint.sh
RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images
@@ -203,17 +203,11 @@ RUN sed -i "s/\['total'\]/\['quota'\]/" ${BASE_DIR}/apps/provisioning_api/lib/Co
# Fix API call in files script
RUN sed -i "s/ajax\/getstoragestats/api\/v1\/stats/g" ${BASE_DIR}/apps/files/js/files.js
-#fix for who can access data- its needed with 011-privacy-settings.patch
-RUN sed -i 's|Your home storage is encrypted using {linkopen}server-side-encryption ↗{linkclose} with a master key\. It means that administrators can access your files, but not read their content\.|Like in most cloud services, a reduced number of administrators can see your files and all the information in the database as they need to make backups, perform upgrades, reset passwords, etc.
{linkopen1}Learn more about this topic here. ↗{linkclose1}|g' ${BASE_DIR}/apps/privacy/js/privacy-main.js
-RUN sed -i 's/t((0,n\.Iu)("privacy","Your files on external storages may be encrypted using {linkopen}server-side-encryption ↗{linkclose} with a master key based on their configuration\."))/t("{linkopen}"+(0,n\.Iu)("privacy","To protect your data, we have implemented server-side-encryption on our servers which hides by default the content of your files and notes even to these administrators")+"↗{linkclose}")/g' ${BASE_DIR}/apps/privacy/js/privacy-main.js
-RUN sed -i 's|t=t=>e.push(t.replace("{linkopen}",'"'"''"'"').replace("{linkclose}",""))|t=t=>e.push(t.replace("{linkopen}",'"'"''"'"').replace("{linkclose}",""))|g' ${BASE_DIR}/apps/privacy/js/privacy-main.js
-RUN sed -i 's|.replace("{linkclose}","")|.replace("{linkclose}","").replace("{linkopen1}",'"'"''"'"').replace("{linkclose1}","")|g' ${BASE_DIR}/apps/privacy/js/privacy-main.js
-
From selfhost as ecloud
ARG BASE_DIR="/usr/src/nextcloud"
ARG TMP_PATCH_DIR="/tmp/build_patches"
-ARG THEME_VERSION="29.0.16-beta"
-ARG LDAP_WRITE_SUPPORT_VERSION="1.11.0"
+ARG THEME_VERSION="29.0.16-beta.2"
+ARG LDAP_WRITE_SUPPORT_VERSION="1.11.1"
ARG IS_SELFHOST=false
RUN curl -fsSL -o ldap_write_support.tar.gz \
@@ -232,7 +226,7 @@ RUN cd ${BASE_DIR} && patch -u ${BASE_DIR}/apps/user_ldap/lib/User_LDAP.php -i $
RUN patch -u ${BASE_DIR}/lib/private/User/Manager.php -i ${TMP_PATCH_DIR}/025-optimize-get-by-email.patch
RUN patch -u ${BASE_DIR}/apps/dav/lib/Connector/Sabre/Principal.php -i ${TMP_PATCH_DIR}/027-displayname-user-leak-dav.patch
RUN patch -u ${BASE_DIR}/apps/dav/lib/HookManager.php -i ${TMP_PATCH_DIR}/028-default-task-calendar.patch
-# RUN patch -u ${BASE_DIR}/apps/provisioning_api/lib/Controller/UsersController.php -i ${TMP_PATCH_DIR}/029-restrict-user-to-change-primary-email.patch
+RUN patch -u ${BASE_DIR}/apps/provisioning_api/lib/Controller/UsersController.php -i ${TMP_PATCH_DIR}/029-restrict-user-to-change-primary-email.patch
RUN patch -u ${BASE_DIR}/lib/private/Security/VerificationToken/VerificationToken.php -i ${TMP_PATCH_DIR}/033-verification-token-private.patch
RUN patch -u ${BASE_DIR}/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php -i ${TMP_PATCH_DIR}/034-oidc-bearer-token-auth.patch
@@ -255,7 +249,7 @@ RUN cd ${BASE_DIR}/custom_apps/memories/js && sed -i 's/Memories Settings/Galler
# autocomplete leak tweak apps frontend with sed, disable group suggestion
-RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i ' s/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js
+RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js
RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js
RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js
RUN cd ${BASE_DIR}/custom_apps/notes && sed -i 's/OCA\\Notes\\Migration\\EditorHint<\/step>//g' appinfo/info.xml
@@ -308,9 +302,6 @@ RUN sed -i ':a;N;$!ba;s/t("NcActionButton",{on:{click:e.onToggleSharing},scopedS
# Add id to delete account settings section and hide it by default
RUN sed -i 's/"NcSettingsSection",{attrs:{/"NcSettingsSection",{attrs:{id:"delete-account-settings-section",style:"visibility:hidden;",/' ${BASE_DIR}/custom_apps/drop_account/js/drop_account-personal-settings.mjs
-# Fix of https://github.com/nextcloud/server/commit/e727a3b00bd9b574279d25c006a0bc6b8fa4eec3 for availability setting
-RUN sed -i 's/n.data/await n.text()/' ${BASE_DIR}/dist/dav-settings-personal-availability.js
-
# Hide personal settings of files_external
RUN sed -i "s/'externalstorages'/null/" ${BASE_DIR}/apps/files_external/lib/Settings/Personal.php
diff --git a/patches/029-restrict-user-to-change-primary-email.patch b/patches/029-restrict-user-to-change-primary-email.patch
index f2e215da49b69e9662f736b1ed638cfd1ba8ca51..2238936660bb63ba7a76172184a088e9eaf82919 100644
--- a/patches/029-restrict-user-to-change-primary-email.patch
+++ b/patches/029-restrict-user-to-change-primary-email.patch
@@ -1,28 +1,34 @@
---- ./apps/provisioning_api/lib/Controller/UsersController.php 2023-10-03 07:14:02
-+++ ./apps/provisioning_api/lib/Controller/UsersController-new.php 2023-10-11 05:34:04
-@@ -613,10 +613,7 @@
- ) {
- $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
- }
-- $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
+--- ./apps/provisioning_api/lib/Controller/UsersController.php 2025-06-10 18:21:13.822570507 +0600
++++ ./apps/provisioning_api/lib/Controller/UsersController-new.php 2025-06-16 18:43:19.135040688 +0600
+@@ -721,7 +721,7 @@
+ $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
}
--
+
- $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
++ //$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
$permittedFields[] = IAccountManager::PROPERTY_PHONE;
$permittedFields[] = IAccountManager::PROPERTY_ADDRESS;
$permittedFields[] = IAccountManager::PROPERTY_WEBSITE;
-@@ -756,14 +753,9 @@
- $permittedFields[] = self::USER_FIELD_DISPLAYNAME;
- $permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME;
- }
-- $permittedFields[] = IAccountManager::PROPERTY_EMAIL;
+@@ -776,8 +776,8 @@
+ $permittedFields = [];
+ if ($targetUser->getUID() === $currentLoggedInUser->getUID()) {
+ // Editing self (display, email)
+- $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+- $permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
++ //$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
++ //$permittedFields[] = IAccountManager::COLLECTION_EMAIL . self::SCOPE_SUFFIX;
+ } else {
+ // Check if admin / subadmin
+ if ($isAdminOrSubadmin) {
+@@ -879,9 +879,9 @@
}
$permittedFields[] = IAccountManager::PROPERTY_DISPLAYNAME . self::SCOPE_SUFFIX;
- $permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
--
++ //$permittedFields[] = IAccountManager::PROPERTY_EMAIL . self::SCOPE_SUFFIX;
+
- $permittedFields[] = IAccountManager::COLLECTION_EMAIL;
--
++ //$permittedFields[] = IAccountManager::COLLECTION_EMAIL;
+
$permittedFields[] = self::USER_FIELD_PASSWORD;
$permittedFields[] = self::USER_FIELD_NOTIFICATION_EMAIL;
- if (
diff --git a/patches/042-exclude-reovery-from-quota.patch b/patches/042-exclude-reovery-from-quota.patch
deleted file mode 100644
index d88522736c6ff16076a8c4fe6312124fa7958e98..0000000000000000000000000000000000000000
--- a/patches/042-exclude-reovery-from-quota.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- lib/private/legacy/OC_Helper.php 2025-02-20 10:12:51.017628329 +0100
-+++ lib/private/legacy/OC_Helper-new.php 2025-02-21 15:50:32.660042704 +0100
-@@ -539,6 +539,13 @@
- if ($sourceStorage->instanceOfStorage('\OC\Files\Storage\Wrapper\Quota')) {
- /** @var \OC\Files\Storage\Wrapper\Quota $storage */
- $quota = $sourceStorage->getQuota();
-+ $recoveryFolder = \OC::$server->getConfig()->getSystemValue('murena_recovery_folder_path', '');
-+ $rootFolder = \OC::$server->get(\OCP\Files\IRootFolder::class);
-+ $userFolder = $rootFolder->getUserFolder($storage->getOwner($path));
-+ if(!empty($recoveryFolder) && $userFolder->nodeExists($recoveryFolder)){
-+ $recoverySize = $userFolder->get($recoveryFolder)->getSize();
-+ $used = max($used - $recoverySize, 0);
-+ }
- }
- try {
- $free = $sourceStorage->free_space($rootInfo->getInternalPath());
\ No newline at end of file