mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
36,468 Commits 349 Branches 696 Tags 1.6 GiB
Commit Graph

3698 Commits

Author SHA1 Message Date
Joas Schilling cf849e621b
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-02-07 17:00:10 +01:00
Joas Schilling 275db05a46 Merge pull request #2953 from nextcloud/backport-2797-sudo-password-with-ldap 
[stable11] Use login name to fix password confirm with ldap users
 2017-01-23 12:09:38 +01:00
Lukas Reschke 2382bf9011
Apply DOMPurify over HTML 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-01-17 11:37:16 +01:00
Morris Jobke 45c12d26ce
Fix JSUnit tests 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-01-17 11:37:06 +01:00
Joas Schilling 964d7b2389
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-17 11:36:57 +01:00
Joas Schilling 78e685ce8f
Better fallback for unknown log types 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-10 13:01:00 +01:00
Joas Schilling acf62afe2d
Add tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-10 13:00:47 +01:00
Robin Appelman daa4f393cb
dont write a certificate bundle if the shipped ca bundle is empty 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-01-09 21:11:50 +01:00
Christoph Wurst 2625b6297b
Set redirect_url on 2FA challenge page 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-01-09 10:42:23 +01:00
Joas Schilling a3d8442835
Remove warning 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-05 15:16:32 +01:00
Joas Schilling 1179471e41
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-05 15:16:24 +01:00
Lukas Reschke 5bf56f67be
Increase version to 11.0.1 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-12-29 18:36:31 +01:00
Joas Schilling a7aa7de6c2
Add a unit test 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-12-13 13:54:18 +01:00
Lukas Reschke 32bf8ec826
Don't use cached informations for app version 
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:

- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)

This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.

While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-12-09 18:01:45 +01:00
Joas Schilling 924358ef96
Save the timezone on login again 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-12-08 10:45:24 +01:00
Morris Jobke 7aa510b2f0
Document updater channel & check for correct PHP version in updater 
* see https://github.com/nextcloud/updater/issues/53

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2016-12-06 00:19:13 +01:00
Morris Jobke aac3024878 Merge pull request #2505 from nextcloud/sudo-mode-provisioning-api 
Require sudo mode on the provisioning API
 2016-12-05 22:29:29 +01:00
Roeland Jago Douma e368a745aa
Set last-login-check on basic auth 
Else the last-login-check fails hard because the session value is not
set and thus defaults to 0.

* Started with tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-12-05 20:57:15 +01:00
Christoph Wurst 0478db6506 Merge pull request #2484 from nextcloud/fix-wrong-update-of-email-address 
make sure that we only update the email address if it really changed
 2016-12-05 17:14:23 +01:00
Morris Jobke 1253d1008a Merge pull request #2411 from nextcloud/fix-encryption-home-storage 
check if the file should really be encrypted before we update the file cache
 2016-12-05 15:38:12 +01:00
Bjoern Schiessle f25ad2e404
make sure that we only update the email address if it really changed 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-12-02 18:07:08 +01:00
Robin Appelman 1a379b0fdc
update test 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-12-02 18:04:21 +01:00
Lukas Reschke 2ca29f709b
Add tests 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-12-01 18:52:32 +01:00
Morris Jobke 01a62dee30
Language 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2016-11-30 15:20:04 +01:00
Morris Jobke 62ec31eb7b Merge pull request #2152 from nextcloud/preview_cleanupjob 
Adds background job to cleanup all previews.
 2016-11-30 10:39:21 +01:00
Bjoern Schiessle 0f8fe77b3a
check if the file should really be encrypted before we update the file cache 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-29 20:34:45 +01:00
Morris Jobke d86b29b42b Merge pull request #2066 from nextcloud/fix-redirect-double-encoding 
do not double encode the redirect url
 2016-11-29 17:21:43 +01:00
Lukas Reschke 3950ce9223 Merge pull request #2351 from nextcloud/remember-session-default 
do not remember session tokens by default
 2016-11-28 14:05:04 +01:00
Lukas Reschke 0cc771ce19 Merge pull request #2353 from nextcloud/renew-session-token-remember 
copy remember-me value when renewing a session token
 2016-11-28 14:04:13 +01:00
Christoph Wurst 6543182d13 fix parameter order 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-28 10:00:53 +01:00
Christoph Wurst ad610ae772 Merge pull request #2327 from nextcloud/exclude-pre-releases 
Exclude pre-release versions as per SemVer
 2016-11-28 09:55:24 +01:00
Christoph Wurst 2183a1f3e6 copy remember-me value when renewing a session token 
On renew, a session token is duplicated. For some reason we did
not copy over the remember-me attribute value. Hence, the new token
was deleted too early in the background job and remember-me did
not work properly.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-27 14:19:57 +01:00
Christoph Wurst 9b808c4014 do not remember session tokens by default 
We have to respect the value of the remember-me checkbox. Due to an error
in the source code the default value for the session token was to remember
it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-27 14:03:28 +01:00
Morris Jobke 64fb0fb3dd Merge pull request #2276 from nextcloud/update-email-address 
Update email address
 2016-11-25 11:40:20 +01:00
Lukas Reschke 29402e2c0a
Exclude pre-release versions as per SemVer 
As SemVer can be used apps could define a release like "10.0.0-alpha". This is something that we don't support at the moment in the server and we should filter all prereleases.

Ref https://github.com/nextcloud/server/pull/2307#issuecomment-262911588

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-25 11:32:46 +01:00
Bjoern Schiessle 0de685c562
bring back setEmailAddress for the user management 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-25 10:26:48 +01:00
Bjoern Schiessle 3fc75073b8
update accounts table if email address or display name changes from outside 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-25 10:26:47 +01:00
Roeland Jago Douma 72f9920a58
Add Identityproof tests 
* Add tests for Key
* Add tests for Manager
* Add tests for Signer
* Removed URLGenerator from Signer

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-11-24 21:50:19 +01:00
Lukas Reschke 6a4c0cf237
Loop for newest version in appstore response 
The current implementation when fetching apps from the appstore is to assume that the first element is the newest version, this is now always applicable and leads to the fact that for some apps (e.g. nextant) the newest version is not delivered. This can be easily tested by comparing the version of the downloaded Nextant version.

This change will loop over all releases delivered by the appstore and chooses the newest compatible one. While not the cleanest solution, it does its job.

Most of the code are actually unit tests. Whereas I have copied the whole original response from the appstore and also have performed the transformation. So that's why the diff looks so huge.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-24 14:29:57 +01:00
Bjoern Schiessle 546989959c
update email address correctly 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-23 20:19:31 +01:00
Lukas Reschke a05b8b7953
Harden cookies more appropriate 
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.

See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.

Fixes https://github.com/nextcloud/server/issues/1412

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-23 12:53:44 +01:00
Roeland Jago Douma df215625f1 Merge pull request #1972 from nextcloud/invalid-files-from-scanner 
Make sure we don't scan files that can not be accessed
 2016-11-22 12:55:54 +01:00
Robin Appelman cd24010fa4 Merge pull request #2214 from nextcloud/remove-logging 
remove old logging section
 2016-11-21 17:17:02 +01:00
Robin Appelman 0048b3aa2e
update tests 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-11-21 15:59:08 +01:00
Lukas Reschke d001dbd259
Adjust unit tests 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-21 11:30:03 +01:00
Lukas Reschke 8bf4111368
Fix changing display names for subadmins 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-21 11:30:00 +01:00
Lukas Reschke fb91bf6a5b
Add a signer class for signing 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-21 11:30:00 +01:00
Bjoern Schiessle a32d6e481f
fix unit tests 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-21 11:30:00 +01:00
Bjoern Schiessle b23a4ca96b
push public user data to the lookup server 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-21 11:29:59 +01:00
Bjoern Schiessle c5e61947a9
remove old test class 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2016-11-21 11:29:59 +01:00