Commit Graph

4197 Commits

Author SHA1 Message Date
Lukas Reschke 2f87fb6b45
Add Clear-Site-Data header
This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content.

See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types.

Ref https://twitter.com/mikewest/status/877149667909406723

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-20 19:46:10 +02:00
Joas Schilling ca3a6ec607
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 14:25:24 +02:00
Julius Härtl 41621d3b59
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-06-16 11:06:26 +02:00
Julius Härtl f039ba7480
Add tests and inject IRequest
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-06-16 10:51:31 +02:00
Robin Appelman 2e8e6f95b9
show used space in user list
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-15 14:06:54 +02:00
Robin Appelman fa81759917
fix moving folders out of a cache jail
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-15 13:59:06 +02:00
Joas Schilling 0f8c1b13a3
Fix unknown share token
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-13 18:44:50 +02:00
Morris Jobke 6a06df824e Merge pull request #5027 from nextcloud/require-nextcloud-version-as-per-docs
Version and dependency are now required
2017-06-12 22:33:16 -05:00
Morris Jobke aa243376ef Merge pull request #5271 from nextcloud/use-mailer-to-create-email-template
Also use IMailer interface to generate the email template
2017-06-12 17:52:52 -05:00
Lukas Reschke a4b48d55ad
Fix tests
return is not defined

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-12 22:19:44 +02:00
Daniel Calviño Sánchez 6bcace4609 Extract toggle visibility of a SystemTagsInfoView to its own view
The SystemTagsInfoViewToggleView is a basic view that renders a label
that, when clicked, toggles the visibility of an associated
SystemTagsInfoView.

In order to keep the view parent agnostic its attachment and detachment
to/from the MainfFileInfoView is done in the FilesPlugin.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 09:13:29 +02:00
Daniel Calviño Sánchez 423136d319 Extract duplicated code to a method
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 03:03:47 +02:00
Daniel Calviño Sánchez be02b3df28 Add acceptance tests for showing the input field for tags
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 03:02:33 +02:00
Morris Jobke b58928b4c1 Also use IMailer interface to generate the email template
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-06 10:47:48 -05:00
Morris Jobke 15314b6f5b Merge pull request #5223 from nextcloud/do-not-allow-to-set-invisible-fields
Don't allow the user to set fields they can't see
2017-06-06 08:06:39 -05:00
Joas Schilling f39fdaf46e
adjust the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-06 11:42:48 +02:00
blizzz 2e2d406bf5 Merge pull request #5213 from nextcloud/fix-change-hook
Trigger changeUser hook only on real changes
2017-06-02 13:14:33 +02:00
Arthur Schiwon 999455c1aa
emit changeUser only if there really was a change (quota, displayname)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-01 11:34:17 +02:00
Bjoern Schiessle 7c2d473d76
add new config switched for the global scale architecture
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-29 18:19:28 +02:00
Joas Schilling eebd2811dc
Version and dependency are now required
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-22 09:54:44 +02:00
Roeland Jago Douma 43eb424da1 Merge pull request #5009 from nextcloud/update-acceptance-tests-for-issue-4921
Update acceptance tests for issue #4921
2017-05-22 08:36:11 +02:00
Daniel Calviño Sánchez 41412088db Update acceptance tests for issue #4921
Acceptance tests opened the details view by clicking on the middle of
the file row, but due to the changes made in issue #4921 that now opens
the file instead; this commit updates the acceptance tests to open the
details view through the "Details" item in the file actions menu.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-21 14:45:43 +02:00
Lukas Reschke 7a8bd73547 Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-20 16:38:32 -05:00
Lukas Reschke 7976927628 Merge pull request #4894 from nextcloud/generic-security-activities
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
Lukas Reschke 8c624bdef9 Merge pull request #4792 from nextcloud/fix-storage-wrappers-on-scanner
Make sure we use the passed-in storage when there is one
2017-05-19 00:49:58 +02:00
Roeland Jago Douma e43649e67e
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:10:57 +02:00
Christoph Wurst 1632bb4557
Move activities test code
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Lukas Reschke 7927aed991
Adjust token name
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke 691646bdae
Add tests for OAuth2 app
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke 59e968977c
Add test for DefaultTokenMapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 77827ebf11
Rename table back to lowercase
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 26ee889fec
Add tests for ClientFlowLoginController
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Bjoern Schiessle 1eb7f4956b
delete auth token when client gets deleted
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Robin Appelman 1f1e1b0d00
use unmasked permissions during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-18 16:38:54 +02:00
Morris Jobke 78e6c2dea4 Merge pull request #4666 from nextcloud/enable-redis-cluster
Add redis cluster tests to our CI jobs
2017-05-16 10:10:25 -05:00
Morris Jobke 3bf9503070 Merge pull request #4816 from nextcloud/Ardinis-quota-files_external
Correctly calculate used space for quota with external storage
2017-05-12 11:33:54 -05:00
Morris Jobke 51c55a867d fix quota tests for external storage
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-12 11:32:16 -05:00
Lukas Reschke 4f752ed1fc Merge pull request #4809 from nextcloud/downstream-27676
Disable reset password link
2017-05-12 12:39:07 +02:00
Lukas Reschke 48a9a4bd81 Merge pull request #4825 from nextcloud/add-timeout-appstore
Add timeout for requests to appstore
2017-05-12 12:37:18 +02:00
Joas Schilling e6a0ad4701
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 10:02:15 +02:00
Joas Schilling adad4281af
Fix failed assertions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 09:58:18 +02:00
Morris Jobke f73ca1b77f Add redis cluster tests to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-11 17:07:20 -05:00
Joas Schilling 0828df5ed4
Disable the API endpoints as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-11 17:03:57 +02:00
Joas Schilling 538d32fe87
Automatic injection into the Fetchers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:56:38 +02:00
Joas Schilling ca39940614
Automatic creation of Identity manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:45:11 +02:00
Joas Schilling d418ea550b
Automatic injection for CssController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:40 +02:00
Joas Schilling 9c8fe82000
Automatic injection for JsController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:15 +02:00
Morris Jobke 1a83f11925 Merge pull request #4718 from nextcloud/handle-stalled-or-invisible-elements-automatically-in-acceptance-tests
Handle stale or invisible elements automatically in acceptance tests
2017-05-08 12:52:30 -05:00
Fabrizio Steiner f2a2b34e46 Increase device password entropy. Use lower- and upper-case characters and digits, but exclude ambiguous characters. The number of digits has also been increased to 25.
Signed-off-by: Fabrizio Steiner <fabrizio.steiner@gmail.com>
2017-05-08 14:04:40 +02:00
Daniel Calviño Sánchez 9313c9797f Add automatic handling of common command failures of Mink elements
Commands executed on Mink elements may fail for several reasons.
ElementWrapper is introduced to automatically handle some of those
situations, like StaleElementReference exceptions and ElementNotVisible
exceptions.

StaleElementReference exceptions are thrown when the command is executed
on an element that is no longer attached to the DOM. When that happens
the ElementWrapper finds again the element and executes the command
again on the new element.

ElementNotVisible exceptions are thrown when the command requires the
element to be visible but the element is not. When that happens the
ElementWrapper waits for the element to be visible before executing the
command again.

These changes are totally compatible with the current acceptance tests.
They just make the tests more robust, but they do not change their
behaviour. In fact, this should minimize some of the sporadic failures
in the acceptance tests caused by their concurrent nature with respect
to the web browser executing the commands.

However, the ElementWrapper is not a silver bullet; it handles the most
common situations, but it does not handle every possible scenario. For
example, the acceptance tests would still fail sporadically if an
element can become staled several times in a row (uncommon) or if it
does not become visible before the timeout expires (which could still
happen in a loaded system even if the components under test work right,
but obviously it is not possible to wait indefinitely for them).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 64f9c56224 Extract element finding to a command object
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 7642a4b727 Make internal find methods static
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 16e3e81635 Add missing type hints
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Morris Jobke 0896d2b006 Make cache tests a bit more clear
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-04 19:37:40 -03:00
Mario Danic e4aac15a92
Update login flow redirection
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-04 19:21:22 +02:00
Morris Jobke 61379c9165 Merge pull request #4682 from nextcloud/try-to-start-browser-sessions-again-when-they-fail-in-acceptance-tests
Try to start browser sessions again when they fail in acceptance tests
2017-05-04 00:02:18 -03:00
Daniel Calviño Sánchez 4fc9a7146b Add option to acceptance test runners to set a custom timeout multiplier
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez b10478ff19 Try again to start browser sessions when they fail
Starting a session for an Actor can fail, typically, due to a timeout
connecting with the web browser. Now if the session fails to start it
will be tried again up to "actorTimeoutMultiplier" times in total before
giving up.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez e355e953b5 Generalize attribute name
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:45:52 +02:00
Daniel Calviño Sánchez 97bedb94af Fix exponential increase of timeout when finding ancestor elements
The timeout passed to the "find" method was multiplied by the
"findTimeoutMultiplier" attribute. However, as "find" used
"findAncestor" and "findAncestor", in turn, used "find" itself the
timeout was increased exponentially for ancestor elements. Now "find"
was split in "find" and "findInternal"; the first method is the public
one and modifies the given parameters as needed and then calls the
second method, private, that performs the find itself.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:34:04 +02:00
Morris Jobke dbe11916fa Merge pull request #4662 from nextcloud/remove-named-selectors-from-acceptance-tests
Remove named selectors from acceptance tests
2017-05-02 20:44:23 -03:00
Morris Jobke f233e856bf Merge pull request #4665 from nextcloud/enable-redis
Add redis support to our CI jobs
2017-05-02 17:16:19 -03:00
Roeland Jago Douma 24ff230f93 Merge pull request #4620 from nextcloud/preview-error-handling
better handling of preview generation errors
2017-05-02 21:49:14 +02:00
Morris Jobke ecb369b5e8
Add redis support to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 15:55:42 -03:00
Lukas Reschke 121cb4bcfc Merge pull request #4659 from nextcloud/fix/ignore-empty-email-contacts-menu
Do not show an email action for contacts with emtpy email addresses
2017-05-02 17:02:16 +02:00
Daniel Calviño Sánchez 1381f6c131 Replace "named" Mink selectors with "named_exact" Mink selectors
The "named" Mink selector first tries to find an exact match for its
locator and then, if not found, tries to find a partial match. Besides
other harder to track problems (see comment in the commit in which the
"content" locator was removed), this could cause, for example, finding
an action link titled "Favorited" when looking for the action link
titled "Favorite" (that is, one that conveys the opposite state to the
one found).

Although currently all the acceptance tests are compatible with both the
"named" and the "named_exact" Mink selectors the predefined locators are
modified to use the "named_exact" Mink selector to make them more
future-proof; the "named" Mink selector can still be used if needed
through the "customSelector" method in the builder object.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:38 +02:00
Daniel Calviño Sánchez 762a8e0b76 Remove "content" locator from acceptance tests
The "content" locator uses the "named" Mink selector and the "content"
Mink locator to find the element. The "named" Mink first tries to find
the elements whose content match exactly the given content but, if none
is found, then it tries to find elements that just contain the given
content.

This behaviour can lead to hard to track issues. Finding the exact match
and, if not found, finding the partial match is done in quick
succession. In most cases, when looking for an exact match the element
is already there, it is returned, and everything works as expected. Or
it may not be there, but then it is not there either when finding the
partial match, so no element is returned, and everything works as
expected (that is, the actor tries to find again the element after some
time).

However, it can also happen that when looking for an exact match there
is no element yet, but it appears after trying to find the exact match
but before trying to find the partial match. In that situation the
desired element would be returned along with its ancestors. However, as
only the first found element is taken into account and the ancestors
would appear first the find action would be successful, but the returned
element would not be the expected one. This is highly unlikely, yet
possible, and can cause sporadic failures in acceptance tests that,
apparently, work as expected.

Using a "named_exact" Mink selector instead of the "named" Mink selector
does not provide the desired behaviour in most cases either. As it finds
any element whose content matches exactly the given content, looking for
"Hello world" in "<div><p><a>Hello world</a></p></div>" would match the
"div", "p" and "a" elements; in that situation the "div" element would
be the one returned, when typically the "a" element would be the
expected one.

As it is error prone and easily replaceable by more robust locators the
"content" locator was removed from the predefined ones (although it can
still be used if needed through the "customSelector" method in the
builder object).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:25 +02:00
Christoph Wurst b13c741cb3
Do not show an email action for contacts with emtpy email addresses
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:12:04 +02:00
Robin Appelman 2847e9f2e3
fix preview tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-02 13:43:48 +02:00
Roeland Jago Douma ae7c1504a9
Fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 11:38:21 +02:00
Roeland Jago Douma 762284ce93
Fix and update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 08:59:53 +02:00
Lukas Reschke dd03fdebec
Add missing space
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 20:36:25 +02:00
Lukas Reschke a5ccb31e85
Mark IP as whitelisted if brute force protection is disabled
Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling.

This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 18:31:45 +02:00
Marius Blüm f26764c790
Rename “Server settings” to “Basic settings”
* fixes #4587

Signed-off-by: Marius Blüm <marius@lineone.io>
2017-04-29 17:13:21 +02:00
Arthur Schiwon 99e97f135d
consolidate setEnabled method
and fix a unit test

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Arthur Schiwon 668fe7df51
UserManager can now count disabled users
Users page takes advantage of that

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 4c37c38051
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 485d6d6577
use proper return codes and handle failure cases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 2507e7459d
Improve wording of error messages
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke a8457df064
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 72550377b4
add unit tests for enable method 2017-04-29 00:59:09 -03:00
Morris Jobke e521b6799f
add unit tests for disable method 2017-04-29 00:59:09 -03:00
Morris Jobke 79d74a1425
adjust tests to have at least one disabled user 2017-04-29 00:54:30 -03:00
Roeland Jago Douma 84b4d448d0
Fix unit tests 2017-04-29 00:54:30 -03:00
Morris Jobke a0bf706983
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:13:41 -03:00
Bjoern Schiessle 9b36f2d9ea
fix unit test
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:38 -03:00
Bjoern Schiessle 5fa0e6df39
fix email verification status
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:37 -03:00
Bjoern Schiessle 71657db4be
updated unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Bjoern Schiessle cbf5acca45
check verification proof and update account table
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Morris Jobke f000e22a97 Merge pull request #4522 from nextcloud/downstream-27596
Allow to create a user for a specific backend
2017-04-27 16:41:08 -03:00
Joas Schilling 9212089151
Use the new method in the old one to remove duplicate code
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 08:56:51 +02:00
Morris Jobke 4dab01d9ed Merge pull request #4501 from nextcloud/downstream-27144
Add duration of last job execution to the table
2017-04-26 23:16:21 -03:00
Morris Jobke 01705b1b6a Merge pull request #4515 from nextcloud/downstream-27643
Adjust query/event logging code in favour of more complex owncloud/di…
2017-04-26 22:58:01 -03:00
Morris Jobke 4a9cb81486 Merge pull request #4526 from nextcloud/downstream-27269
Don`t allow upload of files with extension .part
2017-04-26 18:21:13 -03:00
Morris Jobke aad0794500 Merge pull request #4454 from nextcloud/add-bundles-to-install-page
Add app bundles to the apps page and unbundle enterprise apps
2017-04-26 18:20:40 -03:00
Morris Jobke 58fe27f092 Merge pull request #4461 from danxuliu/fix-closing-details-view-when-viewing-file-in-folder
Fix details view not closed when viewing a file in its folder
2017-04-26 17:42:55 -03:00
Lukas Reschke d0e0bc55c8
Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:08:44 +02:00
Lukas Reschke 3df99d8fd6
Add SocialSharingBundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:53 +02:00
Lukas Reschke 0c5a48c4a4
Add tests for repairstep
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00
Lukas Reschke a05295fca3
Add spreed to Groupware bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00