a

the current implementation limits number of possible backed actions
to 8 as it uses pow of 16 for constants. This change introduces pow
of two and allows up-to 32 actions to be defined.

The old values are preserved for backward compatibility.

Previously a JSON error page was shown to the user in-case the CSRF token was not valid. This was confusing and prevented people from login.

With this at least the login page is shown again and not a JSON error message. I consider this as sufficient since adding a new error page just for this sake would uneededly make lib/base.php even more cluttered and this is a edge-case which optimally should anyways not happen that often.

This can be tested by opening the login page, then clearing the cookies, and trying to login.

- Added setup checks in JavaScript
- Moved isWebDAVWorking to JS using SetupChecks
- Moved internet connection checks to an ajax call that goes through the
  server

Fixes https://github.com/owncloud/core/issues/11239

We do not want to follow redirects to other protocols since they might allow an adversary to bypass network restrictions. (i.e. a redirect to ftp:// might be used to access files of a FTP server which might be in a secure zone and not be reachable from the net but from the ownCloud server)

Get final redirect manually using get_headers()

Migrate to HTTPHelper class and add unit tests

Assume a permission issue whenever a file could not be deleted.

This is because some storages are not able to return permissions, so a
permission denied situation can only be triggered during direct
deletion.

Fix #11209

This function is also used in a way such as:

```
	$preview = new \OC\Preview(\OC_User::getUser(), 'files');
	$info = \OC\Files\Filesystem::getFileInfo($file);
	if (!$always and !$preview->isAvailable($info)) {
		\OC_Response::setStatus(404);
	} else {
		$preview->setFile($file);
		$preview->setMaxX($maxX);
		$preview->setMaxY($maxY);
		$preview->setScalingUp($scalingUp);
		$preview->setKeepAspect($keepAspect);
	}
```

Which won't work anymore since `setFile` is used instead of passing the file in the constructor. Fixes a regression in master.

Ref https://github.com/owncloud/core/issues/11078

2. use count instead of sizeof. Latter is an alias to first one, practically we stick to count everywhere. Having it consistent helps with readability.
3. move whitespace so we have $groupUsers[] = $filteredUser; instead of $groupUsers []= $filteredUser;

Ensures that Basic Auth works properly for APIs and removes the need for some even uglier lines of code.

Resolves https://github.com/owncloud/core/issues/10991 failure 4

Fixes https://github.com/owncloud/core/issues/11133

At the previous point not all apps were initialized. Now the basic auth check happens together at the same location as all others.

Fixes https://github.com/owncloud/core/issues/11129