Commit Graph

373 Commits

Author SHA1 Message Date
Morris Jobke 9d43724d45
Merge pull request #7526 from nextcloud/make-possible-for-apps-to-disable-the-navigation-bar-slide-gesture
Make possible for apps to disable the navigation bar slide gesture
2018-01-03 00:12:54 +01:00
Roeland Jago Douma 325637f4f3
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-19 18:49:27 +01:00
Daniel Calviño Sánchez de4028336a Force the drag to end when the navigation bar Snap is disabled by an app
When a Snap was disabled it stopped listening to the events, but if a
drag gesture was being performed it was kept as active. Thus, when the
Snap was enabled again move events were handled as if the Snap had never
been disabled, causing the gesture handling to continue where it was
left.

When the Snap for the navigation bar is disabled by an app it could be
as a result of a different gesture being recognized by the app (for
example, a vertical swipe) once both gestures have started. In that case
when the other gesture ends and the Snap is enabled again any pointer
movement will cause the navigation bar to slide until an "up" event is
triggered again (obviously not the desired behaviour).

Due to all this now when the Snap for the navigation bar is disabled by
an app the current drag gesture for the navigation bar is ended.

Note that this was added as a parameter to "Snap.disable()" instead of
done unconditionally to keep back-compatibility with the previous
behaviour (probably not really needed as it is unlikely that any app is
using the Snap library relying on that behaviour... but just in case).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-12-14 21:42:39 +01:00
Daniel Calviño Sánchez a5db0d2825 Make possible for apps to disallow the navigation bar slide gesture
On narrow screens a slide gesture can be used to open or close the
navigation bar. However that gesture could conflict at times with the
gestures used by certain apps (for example, if the right sidebar is open
the user may expect to close it by dragging it to the right, but that
could open the navigation bar instead depending on how the events are
handled). This commit makes possible for apps to disallow and allow
again that slide gesture.

In any case, note that applications can only disallow the gesture,
but they can not enable it. That is, they can prevent the gesture from
being used on narrow screens, but they can not make the gesture work on
wide screens; they are always limited by the base rules set by the core.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-12-14 21:41:22 +01:00
Daniel Calviño Sánchez 173f28a09d Add unit tests for the navigation bar slide gesture
The slide gesture is enabled or disabled depending on the width of the
browser window. In order to easily control that width the karma-viewport
plugin is now used in the unit tests.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-12-14 19:17:40 +01:00
Roeland Jago Douma ee20741526 Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-13 17:22:58 +01:00
blizzz 4fc8984d89
Merge pull request #6079 from nextcloud/fix-antivirus
Parse Sabre Exception in OC.Files.Client and file-upload
2017-12-11 17:12:02 +01:00
Tobias Kaminsky 430f60db21
Merge pull request #6670 from nextcloud/handle-encryption-state-in-web-interface
Handle encryption state in web interface
2017-12-06 16:19:17 +01:00
blizzz f700cd14fa
Merge pull request #7222 from nextcloud/fix-filerow-avatars
Fix filerow avatars
2017-11-27 16:46:11 +01:00
Morris Jobke 4af12dcab1
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-27 08:50:44 +01:00
Arthur Schiwon 134192d76c
fix sorting test on phantomjs
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-24 15:33:26 +01:00
Arthur Schiwon 077381c7b3
rip out obsolete recipientsDisplayName
also needs tests adjustements, and this also brings in natural sorting

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-23 13:32:14 +01:00
Arthur Schiwon 9d95391ff1
adjust tests and apply sorting
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-23 13:32:13 +01:00
Arthur Schiwon 3a1d8fa45f
adjust, fix and extend tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-23 13:32:13 +01:00
Bjoern Schiessle 7bc28f14de show e2e folder icon on encrypted folders
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-11-20 21:00:26 +01:00
Bjoern Schiessle fc456bec39 check for encryption state on propfind
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-11-20 18:24:46 +01:00
Björn Schießle f347e2e4a6
Merge pull request #7047 from nextcloud/add-support-for-files-with-no-permissions
Add support for files with no permissions
2017-11-20 16:15:52 +01:00
Vincent Petry dfc91a253c Parse Sabre Exception in OC.Files.Client and file-upload
In case of error, instead of a generic error message, an upload will
display whichever message is returned in the Sabre Exception, if
applicable.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-13 12:19:14 +01:00
Lukas Reschke 8c915baa34
Merge pull request #6788 from staabm/master
Prevent XSS in links which open a new browser window
2017-11-08 18:55:35 +01:00
Roeland Jago Douma 497cd7fa4e
Merge pull request #7064 from nextcloud/popover-fix
Fix popover layout
2017-11-08 12:47:58 +01:00
John Molakvoæ (skjnldsv) b44581e15d
Fixed sharing popover and removed unused old code
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2017-11-07 18:20:59 +01:00
Morris Jobke d790c27a19
Reduce JSHint errors/warnings
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 09:57:59 +01:00
Daniel Calviño Sánchez 3e844d3a59 Set read permission for files based on the data returned by the server
Now that the permissions returned by the server specify whether a file
is readable or not the frontend no longer needs to assume that every
file is readable.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:01 +01:00
Daniel Calviño Sánchez ec375b3d86 Fix tests for parsing of permissions
Now that these tests are executed they are revealed to be partially
obsolete; they were fixed to match the current parsing behaviour.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:01 +01:00
Daniel Calviño Sánchez e2c755a4b5 Fix asserts silently not executed
The first parameter of "apply" must be the object to act as "this", and
the Promise callback gets the parameters provided in the "resolve".

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:01 +01:00
Arthur Schiwon 3b2c9da7cc
Adjust js tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-01 15:14:45 +01:00
Jan-Christoph Borchardt 9407f6c1d0 Fix test for tooltip and local share owner
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-11-01 11:41:22 +01:00
Markus Staab db34b59238 Prevent XSS in links which open a new browser window 2017-10-19 12:16:04 +02:00
Daniel Calviño Sánchez ea10a1292a Use "?" instead of user ID as seed for the image placeholder
The seed of the image placeholder is needed to generate the background
color of the image, but as the background color is later overriden any
seed could be used. When no text is explicitly given the seed is used as
text too, so there is no need to pass the user ID and simply using "?"
as seed is enough.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-09-20 18:20:58 +02:00
Daniel Calviño Sánchez ff71dd07a6 Unify appearance of avatars for undefined and unknown users
When calling the jQuery avatar plugin with a user that did not exist
(that is, users for which "/avatar/{user}/{size}" return a JSON response
with an empty "displayname" value) "?" on a grey background was shown.
However, if the jQuery avatar plugin was called with an undefined
JavaScript value then "?" was shown on a bluish background. This commit
unifies both cases to use the grey background.

The unit tests were also modified to ensure that the grey background is
used in both cases.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-09-20 17:19:35 +02:00
Morris Jobke 582fb5d129 Update the URLs in tests to use example.org
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-01 11:16:04 +02:00
rakekniven f2d999aa70 Update setupchecks.js
Fixed typo and removed doclink symbol.
Reported at transifex

Update util.php

Another l10n improvement from transifex.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-31 13:41:45 +02:00
Morris Jobke 1fedf450ac Update Opcache recommendation
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-21 18:21:28 -05:00
Roeland Jago Douma 646db7f88d Merge pull request #4518 from nextcloud/downstream-25838
Fix share indicator handling
2017-04-26 19:23:27 +02:00
Vincent Petry 17a31a51c6
Fix share indicator handling
Properly update the fileInfoModel with the updated share types, which
also updates the file list row indicator properly
2017-04-26 13:38:12 +02:00
Georg Ehrke 6bbc682c4b
handle 404 separately
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:30:21 +02:00
Georg Ehrke 99b201a188
unit test jquery.contactsmenu
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:15 +02:00
Jan-Christoph Borchardt 0f0b04b7d9 Fix test
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:06:56 +02:00
Christoph Wurst 5c61852c25 Fix failing contacts menu js test data
When we test wheter action menus in the contacts menu close
when clicking other ones, we have to provide test data
that actually causes the view to render the menu.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Roeland Jago Douma 82c9eb1c56 Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Daniel Calviño Sánchez 58cc1251be Use "complete" callback in onPasswordEntered
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 22:18:52 +02:00
Daniel Calviño Sánchez 6e9f49f397 Add "complete" callback support for addShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:31:53 +02:00
Daniel Calviño Sánchez 488020cf2e Add "complete" callback support for updateShare
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:30 +02:00
Daniel Calviño Sánchez 726c6c73f4 Add missing unit test cases and conditions
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 21:24:05 +02:00
Daniel Calviño Sánchez 153d053ee7 Fix working icon not hidden when successfully setting a password
When a request to set the password of a shared link is sent a working
icon is shown. However, as there was no "success" callback, the icon was
never hidden again after successfully setting the password (it worked
fine if there was an error, though).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Christoph Wurst 2317d7bb49
Fix sinon.stub deprecation warnings
Calls to `sinon.stub(obj, 'meth', fn)` are deprecated and therefore
replaced by `sinon.stub(obj, 'meth).callsFake(fn)` as instructed by
the deprecation warning.

This makes the js unit testing output readable again.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-24 10:39:37 +02:00
Joas Schilling 1c0bffe87f
Fix translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Lukas Reschke 6c8d48b0f6
Harden t() with DOMPurify
This mitigates issues where developers pass untrusted user-input through t() which may lead to XSS issues.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 14:17:42 +01:00
Roeland Jago Douma bb2ec51bbb
Fix unit tests of master
Follow up to #3802

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-16 12:46:02 +01:00
Lukas Reschke b5a6f03362 Merge pull request #3643 from nextcloud/replace-deprecated-tipsy
Replace deprecated $.tipsy(...) by $.tooltip(...)
2017-02-28 10:49:14 +01:00
Morris Jobke 413d671d9e Merge pull request #3635 from individual-it/fix_quota_validation
better quota validation
2017-02-28 00:27:51 -06:00
Artur Neumann 9790fe7f5d make values with white spaces possible
a user might enter values with white spaces, and that should be possible
and valid

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 08:25:34 +05:45
Artur Neumann f1fccaca06 better quota validation
this fixes #3634

1. fixed computerFileSize to be more picky about incorrect values
2. more tests for computerFileSize
3. use computerFileSize to validate user quota

Signed-off-by: Artur Neumann <info@individual-it.net>
2017-02-28 07:38:11 +05:45
Christoph Wurst 3e7e49884e Replace deprecated $.tipsy(...) by $.tooltip(...)
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-02-27 22:25:05 +01:00
Morris Jobke cee8853658
Show info in admin settings about PHP opcache if disabled
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:45:48 -06:00
Morris Jobke 200a28255e
Always enable avatars
* we introduced this setting in the begining because our
  avatar support caused some performance issues, but we
  fixed them and should only provide one way how Nextcloud
  looks

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-13 17:53:33 -06:00
m3ntalsp00n dd9ee2db6f fix tests, longer wait time, update notification stub
Signed-off-by: m3ntalsp00n <m3ntalsp00n@gmail.com>
2017-02-04 18:51:52 +10:00
Christoph Wurst da28a1612e expect warning to be shown
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-13 11:33:12 +01:00
Christoph Wurst 9d56d5e94d add spies for l10n warnings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-13 11:20:19 +01:00
Roeland Jago Douma 6347d97c7f Merge pull request #2512 from nextcloud/cleanup-system-tag-usage
Only allow admins to delete tags
2017-01-06 16:17:09 +01:00
Vincent Petry 14256d631c
Use group display name in sharing API + UI 2016-12-22 18:35:32 +01:00
Patrick Paysant d4c088cb79
Verify input, add more unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:20 +01:00
Patrick Paysant ec4bca619d
Add test for unparseable string
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:13 +01:00
Patrick Paysant ff018d48cf
Implements all comments from @PVince81
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:29:05 +01:00
Patrick Paysant 6217393d6a
Adding computerFileSize in OC.Util
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:28:58 +01:00
Joas Schilling 9ea432f88c
Adjust the JS unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-06 17:50:57 +01:00
Morris Jobke a2867c0664
Properly check the data dir
* fixes #1364

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-05 23:35:35 +01:00
Robin Appelman e055fbd4da
adjust js tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-02 13:40:23 +01:00
Morris Jobke e7a146bd62
fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-29 13:40:41 +01:00
Morris Jobke 34849f7bd3
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-11-23 18:02:23 +01:00
Lukas Reschke d001dbd259
Adjust unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:03 +01:00
Joas Schilling 0f06034239
Replace more vendor naming
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-11 08:54:21 +01:00
Bjoern Schiessle d235c4833f
remove the 'shareapi_allow_mail_notification' setting
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-02 21:17:05 +01:00
Bjoern Schiessle f556c58c22
remove 'send mail notification' option from sharing, replaced by send-by-mail feature
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-02 18:30:38 +01:00
Roeland Jago Douma 57e61250ac
Remove notify recipient option
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-26 20:52:36 +02:00
Vincent Petry 25d9dce067
JS utility function to compare paths
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry 361f008c70
Make it possible to filter by tags with REPORT method
Enhanced the REPORT method on the Webdav endpoint and added a
"oc:favorite" filter rule. When set, it will return a flat list of
results filtered with only favorite files.

The web UI was also adjusted to use this REPORT method instead of the
private API endpoint.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-19 11:06:29 +02:00
Morris Jobke 6d688e89c1 Merge pull request #1453 from nextcloud/do-not-reload-if-connection-lost
do not reload the page if the server is (temporarily) unreachable
2016-10-06 14:58:02 +02:00
Christoph Wurst 5ae6d62811
do not reload the page if the server is (temporarily) unreachable 2016-10-03 10:24:47 +02:00
Roeland Jago Douma 5cda383460
Make can edit checkbox work for file shares 2016-10-03 09:06:51 +02:00
Arthur Schiwon 9b01574465
adjust js tests 2016-08-25 13:47:14 +02:00
Vincent Petry 0f3674a446
Group incoming shares for resharing in JS 2016-08-03 10:16:28 +02:00
Julius Haertl 217b52085d
Fix javascript tests for sidebar animation 2016-07-30 16:30:05 +02:00
William Bargent 6da54a6987 Merge pull request #374 from lpszBuffer/master
Alters 'No Internet Connection' error message. #181
2016-07-21 18:55:58 +01:00
Derek b236100619 Alters 'No Internet Connection' error message. #181 2016-07-20 19:12:10 -05:00
Thomas Müller 4d67429cf0
Use an icon to set the email instead of a button with string 2016-07-20 15:07:46 +02:00
Hendrik Leppelsack 61e604c2d9 adjusts tests to removal of svg fallback 2016-07-01 16:36:37 +02:00
Vincent Petry fb087a0261
Use temporary htaccesstest.txt for data dir security check 2016-06-07 18:36:13 +02:00
Vincent Petry 66e93561da
Rename "not-assignble" to "restricted" 2016-05-20 17:56:02 +02:00
Vincent Petry 88740f035d
Act on effective system tag canAssign permission
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.

This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Lukas Reschke 2c4ef37025 Merge pull request #24126 from owncloud/err-reload-delay
Delay reloading the page if an ajax error occurs, show notification
2016-04-22 11:23:39 +02:00
Robin McCorkell 62024d74d4 Add test for reload delay 2016-04-20 22:09:59 +01:00
Morris Jobke 6b66f2dfb4 Merge pull request #23990 from owncloud/heartbeat-debounce
Debounce heartbeat ajax calls to lower the number of requests
2016-04-20 21:23:10 +02:00
Christoph Wurst 2d772eaaa8
Debounce heartbeat ajax calls to lower the number of requests
fixes #22397
2016-04-18 14:19:26 +02:00
Christoph Wurst 5900e46f01
Turn off jQuery animations when testing 2016-04-18 10:41:02 +02:00
Christoph Wurst 3e1f1ccc76 downgrade jquery, update jquery-migrate 2016-04-15 13:55:23 +02:00
Morris Jobke e03d289b70
Use 6 months as SSL STS header threshold
* this uses 6 months (6 * 30 * 24 * 60 * 60 = 15552000)
* old value was half a year (365 / 2 * 24 * 60 * 60 = 15768000)
* fixes #23957
2016-04-13 08:47:34 +02:00
Vincent Petry 8d11c3b87b Merge pull request #23487 from owncloud/core-globalajaxerrorwhengoingaway
Detect user navigating away, don't interpret as ajax error
2016-04-01 17:03:55 +02:00
Vincent Petry 06e7856400 Adjust core unit tests for unload/reload cases 2016-03-23 10:53:40 +01:00
Thomas Müller 61c5717281 Merge pull request #23463 from owncloud/lets-consistently-use-no-referer
Consistently use rel=noreferrer
2016-03-23 09:14:54 +01:00
Thomas Müller 86581f6626 Merge pull request #22065 from owncloud/systemtags-create-same-prefix
Allow creating tags where another one with same prefix exists
2016-03-21 11:15:49 +01:00
Lukas Reschke 6ad957906e Consistently use rel=noreferrer
When linking to external entities we should consistently use rel=noreferrer
2016-03-20 15:27:20 +01:00
Lukas Reschke 2ca3c0d461 Adjust wording a bit
**Before:**
> Your PHP version (5.4.16) is no longer supported by PHP. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP.

**After:**
> You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by the PHP Group as soon as your distribution supports it.

Fixes https://github.com/owncloud/enterprise/issues/1170
2016-03-11 17:39:35 +01:00
Vincent Petry 0091df2bc8 Improved JS L10N bundle merging + tests 2016-02-29 17:39:21 +01:00
Vincent Petry 27544144ce Fix unit tests affected by side effects
The notification tests were not restoring the clock properly, but
indirectly helped other tests pass.

Since now we're restoring the clock properly, the other tests were fixed
to still work.
2016-02-22 17:25:32 +01:00
Vincent Petry 8ea80e114a Accumulate notifications instead of blinking
This makes it possible to display multiple notifications.
If the options.type is set to "error", it will also add a close button.
2016-02-22 17:25:32 +01:00
Thomas Müller 8abdcb8085 Fix error ins source language strings
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/core/50786279
https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/settings-1/50555028
2016-02-19 15:04:16 +01:00
Thomas Müller 7af7d18cfa Merge pull request #16783 from owncloud/handle-redirects-global
Adding global error handler for ajax calls which run into redirection…
2016-02-17 14:49:04 +01:00
Roeland Jago Douma e1fd86ccb6 Unlock sharee input field when sharing fails
Fixes #22441

When addShares fails (for whatever reason) we should unlock the sharee
input field so the user does not have to reload the page.
2016-02-17 09:21:12 +01:00
Vincent Petry b8b77709c0 Add handler for global ajax errors 2016-02-15 12:48:47 +01:00
Thomas Müller 2054dbd4c8 Merge pull request #22350 from owncloud/fix_22304
WebUI feedback when sharing
2016-02-15 10:45:42 +01:00
Roeland Jago Douma 33ef240b39 Search tags case insensitive
fixes: #22352

* Added unit tests
2016-02-14 20:41:39 +01:00
Roeland Jago Douma 92c131b481 Updated unit tests 2016-02-12 14:31:00 +01:00
Roeland Jago Douma 1301ec9351 Only show link shares for the current user
Currently we have no way to display multiple links in the UI.
So just display the link share for the current user.

Fixes #22275
2016-02-10 16:00:55 +01:00
Vincent Petry e378a757ff Add system tags filter section for files app 2016-02-09 10:59:29 +01:00
Vincent Petry 23f0515771 Fix JS DAV files client unit tests
Instead of trying to mock the promise, just stub davclient.js' request
object.
2016-02-04 15:39:18 +01:00
Vincent Petry 22be3867f1 Allow creating tags where another one with same prefix exists
When creating a new entry, compare the full tag name and not only the
prefix.
2016-02-02 10:42:35 +01:00
Vincent Chan faf48e42b7 Move data protection check to javascript
fixes #20199
2016-02-01 18:57:58 +01:00
Vincent Petry df3f6fee10 Properly forward error messages in share dialog 2016-01-28 17:18:33 +01:00
Vincent Petry 7e1de0e3c2 Fix share default expiration date calculation
Now using UTC dates with moment js to accurately add the number of days
2016-01-28 15:25:34 +01:00
Vincent Petry b063ddb05b Share dialog use OCS API 2016-01-28 15:25:34 +01:00
Thomas Müller de8852a760 Merge pull request #21958 from owncloud/systemtags-style
Use boxes for system tags, shorten permission text
2016-01-28 12:54:52 +01:00
Vincent Petry 1473e156f4 Use boxes for system tags, shorten permission text
Permission text now doesn't appear when all permissions are there, or
shows as "invisible" or "not assignable", which should better cover all
use cases.

Changed select2 style to use boxes in the input field.
2016-01-28 11:24:13 +01:00
Vincent Petry 714d8c2424 Fix system tags conflict situations
Does not disrupt the UX whenever a tag or association was created
concurrently. The input field will adjust itself as if the tag was
already there in the first place.
2016-01-27 15:09:59 +01:00
Vincent Petry cfba90a78d Fix system tags proppatch with booleans
Backbone webdav adapter now converts booleans and ints to strings.

Fixed system tags to use "true" / "false" strings for booleans instead
of 1 / 0.
2016-01-27 11:09:43 +01:00
Vincent Petry 0a1350d5ac System tags sidebar selector now respects permissions
For admins: display the namespace behind the tag name.
For users: no namespace, don't display non-assignable tags in the
dropdown, display already assigned non-assignable tags with a different
style
2016-01-25 10:45:02 +01:00
Joas Schilling f108dbfa6a Move getDescriptiveTag to core 2016-01-21 15:56:25 +01:00
Vincent Petry ffba6d0a7e Added system tags GUI in sidebar
Added files details sidebar panel to assign/unassign/rename/delete
system tags.
2016-01-19 16:24:26 +01:00
Morris Jobke 6e096936e5 update JS humanFileSize to use KB instead of kB 2016-01-19 10:51:57 +01:00
Vincent Petry 857c316bda Backbone transport for Webdav 2016-01-16 11:28:04 +01:00
Thomas Müller b1ee51f255 Merge pull request #21630 from owncloud/add-some-security-headers-as-hardening
Add X-Download-Options and X-Permitted-Cross-Domain-Policies
2016-01-13 10:33:58 +01:00
Thomas Müller 2493cfede9 Merge pull request #21640 from owncloud/add-config-to-disable-wellknown-check
Add config switch to disable the .well-known URL check
2016-01-12 14:46:09 +01:00
Lukas Reschke 4d0dcd3c53 Add X-Download-Options and X-Permitted-Cross-Domain-Policies
Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
2016-01-12 10:37:16 +01:00
Morris Jobke 8b6b042ffd Add config switch to disable the .well-known URL check 2016-01-12 09:53:23 +01:00
Morris Jobke a6c7cdd75e Show the well-known URL check as info instead of error
* ref https://github.com/owncloud/core/pull/21562#issuecomment-170344549
2016-01-12 09:18:20 +01:00
Morris Jobke 0161928fc3 Add check for .well-known URL in the root of the webservers URL
* fixes #20012
2016-01-08 23:27:29 +01:00
Joas Schilling 334a6d57a3 Check the correct config for displaying the "notify by email" option 2016-01-08 14:15:06 +01:00
Roeland Jago Douma 6bd15856b2 Added js tests for the Sharee API usage 2015-12-30 10:46:19 +01:00
Roeland Jago Douma 49031e0744 Fix unit tests 2015-12-30 08:58:04 +01:00
Lukas Reschke cebeb0e052 Fix unit tests
Fixes https://github.com/owncloud/core/issues/21345
2015-12-23 09:11:22 +01:00
Vincent Petry 181ba7b4e1 Fix files UI mtime parsing from webdav 2015-12-16 17:44:16 +01:00
Vincent Petry 6735005be0 Fix duplicate bogus share field when link sharing is not allowed
Whenever link share is not allowed, it was outputting a bogus sharing
field which name would conflict with the regular sharing field.

This fix makes sure that the bogus sharing field with "Resharing not
allowed" message only appears when triggered by removed share
permissions.
2015-12-07 16:53:56 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Vincent Petry a1d0682ef8 Use oc:fileid property instead of oc:id 2015-11-22 16:05:51 +01:00
Thomas Müller ab1d786d87 Fix port issue - options.host already has the port attached 2015-11-22 16:05:51 +01:00
Vincent Petry f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
Joas Schilling f04151f69b Close the user menu when clicking it again 2015-11-02 10:09:13 +01:00
Thomas Müller 774d069ff0 Merge pull request #20122 from owncloud/files-consolidateiconupdate
Fix icon update to be more consistent
2015-10-29 15:40:15 +01:00
Vincent Petry 9c9158e6b7 Fix icon update to be more consistent
Makes the details bar show the same icon as in the list.
2015-10-29 12:59:51 +01:00