Requests without Authorization header should be rejected by isRequestValid().
Merge with 6e728a7cfa0b1004acb2613421e261890e560813
Double the retry attempts and the retry timeout in an attempt to better handle the load on the app servers. Also log the final failed retry so that it is greppable in the logs.
- Add constraint in order to avoid double entries due to concurrency. (Happened twice in production.)- Add versioning to avoid lost updates. (Impossible to tell if it has already happened.)
Don't cache the API responses, since we do it in the various operation handlers.
Don't cache the login, nonce, token and policy paths.
Make sure nocache files are never cached and cache files are cached for a year. This way redeployments should never require cleaning the browser cache again. Also, cache everything else for 40 days, to make the application startup snappier.
Use the modification date for files in search results, too.
Send and display modification dates for shared, others and trash namespaces, since the UI file list code is the same for both the files namespace and these virtual namespaces. It is also more consistent to use the same reduced file representation for every namespace.
Allow setting the modification date when updating a file.
Update the FileHeader auditInfo when uploading a new body.
merge
better matching of MS Office mime types (in showing file icons and indexing)
Retry transactions in the face of optimistic locking exceptions for all "write" transactions in WebDAV API.Move TransactionHelper class to EJBs so it is visible from both REST and WebDAV WARs.
Retry transactions in the face of optimistic locking exceptions for all "write" transactions in REST API.
Change to folder modification semantics: When anything inside a folder is updated (including file and folder metadata), modification user and date should be updated also for all parent folders up to root.
Fixed broken caching in IE.
Prevent any client from creating group including / in name (by sending BAD REQUEST response.)
Added the groupURI parameter when parsing permissions, which precedes the group parameter. This allows the unique identification of groups throughout the application. We keep the group parameter for backwards compatibility with old clients
Fix bug: Delete user didn't work for group with international name.
Fix wrong encoding in new folder names, by returning the already constructed URI. This required that createFolder() returns the newly-created folder, which was always a good idea (builder pattern).
Retry transactions in the face of optimistic locking exceptions when creating folders or modifying resources. Also avoid an extra EJB call by returning the modified folder after the fact.
Avoid a NPE when the next parameter is empty.
Fix multiple file uploads in IE using Google Gears. It needed a POST instead of PUT, which required accommodating it in the server-side code. Also, error codes from file uploads are not handled in IE, since merely accessing the request.status field throws an internal error.
Parse the nextUrl parameter with URI instead of URL so that chrome: URIs can be used for redirection. This should simplify the login process for Firefox extensions.
- added a few more mime-types when attempting to identify mime-type from the file extension- remove warnings (uneeded throws declarations)
Merge with d1e79f3c8c8779d14ab5297049bdc0812f942654
ignore case when examining the file extension for guessing the mime-type
Fixed bug that prevented tags with international characters from being indexed properly, causing search to fail. (Bug #864 #2)
Fixed broken search for international characters. (Bug #864)
Merge with 24c6efe7ed90856868433076609836d2a95f7154
Fixed bug: When copying a versioned file, destination versioned flag wasn't set, causing only last version to be copied.
Fixed problems copying/moving via drag-and-drop had with international characters in file / folder names.
dropped SOAP
Merge with f948e955504b0f4f31c1fe813f97f0297cd64cdb
- more efficient moveFile implementation- code clean up for better maintenance and easier implementation of future file storage layering
Move create new WebDAV password URL from /users to plain / for user.
Merge with 2a2d62f9da9674f80214a52654521f9e6d807b99
Switch reset WebDAV password from GET to POST.
Use a different strategy for login in development environments that does not require me to recompile the web client for production deployment. Now, if the testUsername property is found in gss.properties the server treats the value as an authenticated username....
Merge with 7326fe16b35cbc65c6c6e1c59d8f7e107cd351ce
Fix a typo.
If no WebDAV password has ever been generated, copy token to it at initial login, to make sure user sees value in Show Credentials dialog.
Properly update others shares when refreshing / expanding tree after other user has changed sharing. (Bug #703)
- Remove completely Permission entry for user that get assigned no permissions at all when updating file / folder permissions.- Delete orphan Permission entries when updating file / folder permissions. (Used to stay behind)
When using token as WebDAV password (fallback case), also copy it to webdavpassword field so it will never expire.
Fallback for transition to new WebDAV password: If no password has been created, use token as before.
Add system-generated password for WebDAV. (Bug #705)
Minor cleanups.
Uploaded files should be counted towards owner's (i.e. namespace owner's) quota, not uplolader's.
Use an exponential backoff strategy for retrying rolled back transactions.
Introduce TransactionHelper, a utility class for retrying the supplied transactional command in the face of rollbacks caused by optimistic lock exceptions. This allows multiple file uploads to succeed, even in a single core system.
Also make hitting the ENTER key behave the same as clicking the Upload button.
- Add "Save file as" menu that forces browser to download file instead of opening it inline.- Fix broken international characters in browser Save As dialog.
Uploaded files should be checked against owner's (i.e. namespace owner's) quota, not uplolader's.
Fixed bug: Uploading a new version of a versioned file with no quota left would leave file without any bodies at all.
Centralize quota retrieval.
Decode file names received by PUT, as we do with file names received by multipart POST.
Use application/json content type for all JSON responses.
Remove the redundant gss top-level directory.