This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.
The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
fixes#11617
The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.
* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Since there is no calendar release for 15 yet we should use an app that
we can quickly release for 15 as well.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Before each scenario of the acceptance tests is run the Nextcloud server
is reset to a default state. To do this the full directory of the
Nextcloud server is commited to a local Git repository and then reset to
that commit when needed.
Unfortunately, Git does not support including empty directories in a
commit. Due to this, when the default state was restored, it could
happen that the file cache listed an empty directory that did not exist
because it was not properly restored (for example,
"data/appdata_*/css/icons"), and that in turn could lead to an error
when the directory was used.
Currently the only way to force Git to include an empty directory is to
add a dummy file to the directory (so it will no longer be empty,
but that should not be a problem in the affected directories, even if
the dummy file is not included in the file cache); although Git FAQ
suggests using a ".gitignore" file a ".keep" file was used instead, as
it conveys better its purpose.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
When two or more user share the same email address its not possible to
reset password by email. Even when only one account is active.
This pr reduce list of users returned by getByEmail by disabled users.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
Else if a preview provider is registerd but not available (for example
missing support in some external lib). It will do 💥. This way the
providers can at least do the sanity checks required.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
- implement isAvailable
- run tests only if ImageMagick with HEIC support is available in the
environment
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
Using file will overwrite the $file parameter in the template base.
Leading to trying to include a file that is the exception message. Which
will of course fail.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Tokens will be used to give access to a share to guests in public rooms.
Although the token itself is created in the provider of room shares and
no changes are needed for that, due to the code structure it is
necessary to explicitly call the provider from the manager when getting
a room share by token.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
If the 2FA provider registry has not been populated yet, we have to make
sure all available providers are loaded and queried on login. Otherwise
previously active 2FA providers aren't detected as enabled.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
only update the encrypted version after the write operation is finished and the stream is closed
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This is required to not break compatibility with existing consumers of that endpoint like the apps management or the client
Signed-off-by: Julius Härtl <jus@bitgrid.net>
When a password was set for a mail share an e-mail was sent to the
recipient with the password. Now the e-mail is no longer sent if the
password is meant to be sent by Talk.
However, before the e-mail was not sent when the share was updated but
the password was not changed. Now an e-mail is sent in that case too if
switching from a password sent by Talk to a password sent by mail.
On the other hand, when switching from a password sent by mail to a
password sent by Talk it is mandatory to change the password; otherwise
the recipient would already have access to the share without having to
call the sharer to verify her identity.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The share link UI no longer uses its own layout below the other shares;
now it is shown as a share row with a menu for the actions (except
enabling it, which is shown in the row itself), just like the other
shares.
The share link is no longer shown, either; now the link is got by
clicking on a "Copy URL" menu item, which copies the link to the
clipboard. As the clipboard is not accessible from the acceptance tests
the URL is now extracted from the attributes of that menu item (although
the menu item is clicked anyway to mimic the user behaviour).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Before, each section of the Files app ("All files", "Favorites"...) had
its own sidebar element. Now there is a single sidebar element for all
the sections in the Files app.
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
This can be caused by the code releasing more locks then it acquires,
once the lock value becomes negative it's likely that it will never be able
to change into an exclusive lock again.
Signed-off-by: Robin Appelman <robin@icewind.nl>
As "selenium.server" is a simulated variable it is not recognized by
Mink, so it must be always replaced by its value in "behat.yml" before
the file is parsed by Behat.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The "wd_host" parameter of Selenium2 sessions specify the URL used by
the Selenium driver to connect with the Selenium server. Thus, when the
Selenium server is at a different host or port than the default one (for
example, when run on Drone) the "wd_host" parameter must be set for each
of the Selenium2 sessions defined in "behat.yml".
The "BEHAT_PARAMS" environment variable, which extends the "behat.yml"
configuration file, was used for that. However, this required adding to
the "BEHAT_PARAMS" in "run-local.sh" each new session added to
"behat.yml", including those added in the acceptance tests of apps.
To address that limitation, this commit introduces a simulated variable,
"selenium.server"; just before the acceptance tests are run the
"selenium.server" variable in the "wd_host" parameter is replaced in the
"behat.yml" file used by the acceptance tests. Note that the file that
is modified is the one inside the Docker container used to run the
acceptance tests, so the original file is not touched.
Note that a simulated variable is needed because Behat does not support
overridding nor setting configuration parameters with environment
variables.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Before, the acceptance tests checked the header colour just once, as the
header colour was immediately changed once the new theming colour was
saved. This is no longer the case, as currently a transition is used to
change between the original colour and the new one, so now the
acceptance tests check repeteadly for the expected header colour until
it matches or the timeout expires.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This adds persistence to the Nextcloud server 2FA logic so that the server
knows which 2FA providers are enabled for a specific user at any time, even
when the provider is not available.
The `IStatefulProvider` interface was added as tagging interface for providers
that are compatible with this new API.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
According to the array_merge documentation, "If the input arrays have
the same string keys, then the later value for that key will overwrite
the previous one." Thus, the default options must be the first parameter
passed to array_merge.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* gives the admin a chance to discover the missing indexes and improve the performance of the instance without digging through the manual
* nicely integrated in the setup checks where this kind of hints belong to
* also adds an option to integrate this from an app based on events
* fix style of setting warnings
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This avoids having to do it at all the places we want cached responses.
We can't inject the ITimeFactor without breaking public API.
However we can perfectly overwrite the service (resulting in the same
testable effect).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Although in the case of the acceptance tests for the server it is not
strictly needed it was modified for consistency with the configuration
used for the acceptance tests in apps.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Due to a bug in the Mink Extension for Behat it is not possible to use
the "paths.base" parameter in the path to the custom Firefox profile.
"paths.base" is a special parameter in the Behat configuration that
refers to the directory in which "behat.yml" is stored. This comes in
very handy to set the path to custom Firefox profiles in the acceptance
tests for apps, as even if the "behat.yml" file belongs to an app its
paths are relative to the directory in which the tests are run, that is,
the "tests/acceptance" directory of the server.
Until the bug is fixed, just before the acceptance tests are run the
"paths.base" parameter in the path to the custom Firefox profile is
replaced by its value in the "behat.yml" file used by the acceptance
tests. Note that the file that is modified is the one inside the Docker
container used to run the acceptance tests, so the original file is not
touched.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The acceptance tests are currently run on Firefox 47; in that version
the CSS grid support was not enabled by default, but it could be enabled
through a setting in the Firefox profile.
By default Selenium uses a clean Firefox profile when a new session is
started, but it also allows the customization of the profile through a
zipped "user.js" file. The contents of that file have to be provided in
the "firefox_profile" capability when the Firefox session is created.
In the Mink extension for Behat several Mink sessions can be defined in
the "behat.yml" file. Each Mink session uses a different browser session
in Selenium, and each of those browser sessions is initialized with the
capabilities provided in the "behat.yml" file.
From the point of view of the acceptance tests each Mink session is an
actor, so different actors can use different browsers with different
capabilities.
Due to all this a new actor was introduced, "Rubeus", who uses a Firefox
browser that has CSS grid support; this actor is meant to be used only
in those acceptance tests that require proper support for CSS grids.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#4577
Users with a quota of 0 are a special case. Since they can't (ever)
create files on their own storage. Therefor it makes no real that they
can create folders (and possible share those etc).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The offset is based on the last known comment instead of limit-offset,
so new comments don't mess up requests which get the history of an object-
Signed-off-by: Joas Schilling <coding@schilljs.com>
Before there was a button to "quickly" add the untrusted domain to the config. This button often didn't worked, because the generated URL was often untrusted as well. Thus removing it and providing proper docs seems to be the better approach to handle this rare case.
Also the log should not be spammed by messages for the untrusted domain accesses, because they are user related and not necessarily an administrative issue.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
If an app requires a specific minor or path level server version,
the version_compare prevented the installation as only the major
version had been compared and that checks obviously returns `false`.
Now the full version is used for comparison, making it possible to
release apps for a specific minor or patch level version of Nextcloud.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
For consistency with the helper for the Apache web server the helper for
the PHP built-in web server was renamed too.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The default and only helper to run acceptance tests run them on the PHP
built-in web server. This commit introduces a new helper that can be
used to run them on an Apache web server instead.
This helper is meant to be used by the acceptance tests of apps that
require a multi-threaded web server to run (like Talk, due to its use of
long polling). To use the helper it is only needed to set it in the
Behat configuration for the acceptance tests of the app, as explained in
the "NextcloudTestServerContext" documentation.
It is assumed that the acceptance tests are run using the default setup,
and therefore inside a Docker container based on the image for
acceptance tests from Nextcloud. Due to that the helper is expected to
have root permissions, and thus it starts and stops the Apache web
server directly using "service start/stop apache2". In the same way it
also restores the owner and group for "apps", "config" and "data" to
"www-data", as it is the user that Apache sub-processes are run as.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Before, the domain was automatically added assuming that the
NextcloudTestServerContext had no parameters defined in the Behat
configuration. However, in order to use a helper for Apache it would
need to be specified in the configuration with something like:
- NextcloudTestServerContext:
nextcloudTestServerHelper: NextcloudTestServerLocalApacheHelper
The substitution now works both when a helper is specified and when it
is not; note, however, that providing custom parameters to the helper is
not supported, although they are not needed anyway so it is not really a
problem.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Apache sub-processes are run as the www-data user, and they need to be
able to write to the "apps", "config" and "data" directories, so they
have to belong to that user, and therefore the Nextcloud server has to
be installed and configured too as the www-data user. The PHP built-in
web server will still be run as the root user, but in that case the
owner of those directories makes no difference, so this is compatible
with both cases.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The Docker image for acceptance tests provides support for both the PHP
built-in web server and the Apache web server; the acceptance tests for
the server are run on the PHP built-in web server, but the acceptance
tests for some apps will have to be run on the Apache web server (for
example, Talk, as it uses long polling), so a Docker image to support
both cases has to be used in "run.sh". ".drone.yml" was just updated for
consistency, although it was not really needed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When the acceptance tests were run they were always loaded from the
"tests/acceptance" directory of the Nextcloud server. Now it is possible
to set the directory used to look for the Behat configuration and the
Nextcloud installation script, which makes possible to run acceptance
tests for the apps too instead of only for the server (although if no
directory is explicitly given the tests for the server are the ones
run).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
In order to autoload the server context classes the "bootstrap"
directory was explicitly listed in Behat autoload configuration. This is
fine in the configuration of acceptance tests for the server, but it
would force the configuration of acceptance tests for the apps to
explicitly include the path for the server context classes to be able to
use them (for example, for the login step).
Besides with its own configuration Behat also supports autoloading
classes using Composer, so now context classes are autoloaded using
Composer instead; thanks to this the server context classes are
autoloaded also in the acceptance tests for apps without any explicit
configuration in them.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When on php7.2 we can use the new and improved ARGON2I hashing.
This adds support for that to the hasher. When verifying an old hash
we'll update rehash to move all hashes eventually to the new hash
function.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Remove the HTTP Helper
* Remove from Server Containter
* Removed legacy share tests that use it
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The "FileListContext" provides steps to interact with and check the
behaviour of a file list. However, the "FileListContext" does not know
the right file list ancestor that has to be used by the file list steps,
so until now the file list steps were explicitly wired to the Files app
and they could be used only in that case.
Instead of duplicating the steps with a slightly different name (for
example, "I create a new folder named :folderName in the public shared
folder" instead of "I create a new folder named :folderName") the steps
were generalized; now contexts that "know" that certain file list
ancestor has to be used by the FileListContext steps performed by
certain actor from that point on (until changed again) set it
explicitly. For example, when the current page is the Files app then the
ancestor of the file list is the main view of the current section of the
Files app, but when the current page is a shared link then the ancestor
is set to null (because there will be just one file list, and thus its
ancestor is not relevant to differentiate between instances)
A helper trait, "FileListAncestorSetter", was introduced to reduce the
boilerplate needed to set the file list ancestor from other contexts.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The file list is used in other places besides the Files app (for
example, the File sharing app); in those cases the locators for the file
list elements are the same, but not for the ancestor of the file list.
To make possible to reuse the file list locators in those cases too now
they receive the ancestor to use.
Note that the locators for the file actions menu were not using an
ancestor locator because it is expected that there is only one file
actions menu at a time in the whole page; that may change in the future,
but for the time being it is a valid assumption and thus the ancestor
was not added to those locators in this commit.
Although the locators were generalized the steps themselves still use
the "FilesAppContext::currentSectionMainView" locator as ancestor; the
steps will be generalized in a following commit.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Besides the extraction some minor adjustments (sorting locators for file
action menu entries to reflect the order of the menu entries in the UI,
moving parametrized locators like "createMenuItemFor" above the locators
that use them and placing "descendantOf" calls always in a new line)
were made too.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
NoSuchElement exceptions are sometimes thrown instead of
StaleElementReference exceptions. This can happen when the Selenium2
driver for Mink performs an action on an element through the WebDriver
session instead of directly through the WebDriver element. In that case,
if the element with the given ID does not exist, a NoSuchElement
exception would be thrown instead of a StaleElementReference exception,
so those cases are handled like StaleElementReference exceptions.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
MoveTargetOutOfBounds exceptions are sometimes thrown instead of
ElementNotVisible exceptions. This can happen when the Selenium2 driver
for Mink moves the cursor on an element using the "moveto" method of the
Webdriver session, for example, before clicking on an element. In that
case, if the element is not visible, "moveto" would throw a
MoveTargetOutOfBounds exception instead of an ElementNotVisible
exception, so those cases are handled like ElementNotVisible exceptions.
Note that MoveTargetOutOfBounds exceptions could be thrown too if the
element was visible but "out of reach"; there is no problem in handling
those cases as if the element was not visible, as the exception will be
thrown again anyway once it is verified that the element is indeed
visible.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
if file_get_contents fails remove the file. And traverse up the tree
checking if the other folders are there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This is more of a hack. But one of the nodes won't properly run this. No
sense in waiting 60 minutes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
1. Local users should not be returned when searching for empty string
2. The limit of the response should be respected
Signed-off-by: Joas Schilling <coding@schilljs.com>
Instead of checking that the list contains one comment it is now checked
that a comment with certain message is visible. This makes the step (and
the locator) more reusable in future tests and also simplifies the code.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Depending on the previous steps the new comment field may be already
shown or not when the step to create a new comment is executed.
Therefore, the timeout was increased from 2 to the "standard" 10 seconds
used in other tests.
If the new comment field was found there is no need to use a timeout
when looking for the new comment button; it is either there or not, it
will not appear after some time.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The locators are moved above the step definitions for consistency with
other context files; besides that I made some minor adjustments for
consistency too in the locator descriptions and identation, and moved
the locators for ".newCommentRow" descendants together.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This caused more troubles then it had benefits, especially
when an app got disabled or was removed without being disabled.
Signed-off-by: Joas Schilling <coding@schilljs.com>
it is used by clients for formatting reasons, there is no reason not format
the author if her handle is included in the comment body.
It is unrelated to sending out notifications.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
PHPDoc (of the public API) says that this method returns string but it also returns null, which is not allowed in some method calls. This fixes that behaviour and returns an empty string and fixes all code paths that explicitly checked for null to be still compliant.
Found while enabling the strict_typing for lib/private for the PHP7+ migration.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add typehints
* Add return types
* Opcode opts from phpstorm
* Made strict
* Fixed tests: No need to test bogus values anymore strict typing fixes
this
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
For legacy reasons we stored all the previews with a png extention.
However we did not put png data in them all the time.
This caused the preview endpoints to always report that a preview is a
png file. Which was a lie.
Since we abstract away from the storage etc in the previewmanager. There
is no need anymore to store them as .png files and instead we can use
the actual file extention.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
- With root installation
- Core css
- App inside server root
- Secondary apps directory outside server root
- With an installation in a sub directory
- Core css
- App inside server root
- Secondary apps directory outside server root
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
When clicking on "Share link" in the "Sharing" tab of the Files app an
input field with the link appears. That input field already exists in
the DOM, although empty, before clicking on "Share link", and when that
is done the proper value is set and then the input field is shown.
In the acceptance tests "getValue()" can return the value of hidden
elements too, so as long as an element exists its value is returned
without waiting for the field to be visible. Due to this if the test
code runs too fast the "I write down the shared link" step could be
executed before the proper value was set, so the shared link got in that
case would be an empty value, and this would lead to failures when the
following steps were executed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
If the parsed data is not a valid response we should not cache it and only cache the preprocessed result set.
Fixes#7442
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fixes#7175.
- Updated the query to fetch the users in users > everyone tab.
- Updated the query to fetch the users in users > admin tab.
- Tested to ensure that the disabled users are also being fetched.
- Added test cases.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
The slide gesture is enabled or disabled depending on the width of the
browser window. In order to easily control that width the karma-viewport
plugin is now used in the unit tests.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Fixes#7158. Adds a # on the color if missing.
Increased maxlength, added hash:true for jscolor, and adding a # if not present on the change event.
Since the input element now allows a hex code, changed values to hexcode.
In addition, added a function to get RGB array from hex or rgb values. Calling it in both methods and using it to perform comparison.
Also changed the way we were determining whether the jscolor component had loaded.
Changed the control to use data-jscolor rather than defining opts in the class.
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
This should allow better reports as often the app id is passed
as context. While this is not used right now, I'd like to have this
for NC13 as adding it later will break the interface for existing apps
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This adds a crash reporter registry, which is meant for third party apps
to hook into the error logging/reporting chain. This way, external tools
like Sentry can be used to track and aggregate system crashes.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This seems to be the only way to have the same helpers used between
tests in a manner that works for both standalone phpunit and
autotest.sh.
Signed-off-by: Kyle Fazzari <kyrofa@ubuntu.com>
background: we have a flat hierarchy of comments, not a tree. therefore we
can also remove again the unnecessary additions.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Object storage instances always fall back to the content based mimetype detection, because the file name for object storage was always random due to the fact that it was temporarily storage in a generated temp file. This patch adds a check before that to make sure to use the original file name for this purpose and also remove possible other extensions like the versioning or part file extension.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Firefox and Chrome drivers for Selenium refuse to click on an element if
the point to be clicked is covered by a different element, throwing an
UnknownError exception with message "Element is not clickable at point
({x}, {y}). Other element would receive the click: {element}". Although
in general that would be a legit error (as the user would not be able to
click on the element) due to a bad layout, sometimes this can be just a
temporal issue caused by an animation, in which case there would be no
problem once the animation finished and the elements are all in their
final location.
Unfortunately, automatically handling those situations in which the
problem is caused by an animation by just retrying a few times if the
element to be clicked is covered before giving up would probably cause
confusion instead of easing test writing.
The reason is that if the center of the element is covered by another
one the Firefox driver for Selenium tries to click on the corners of the
element instead. The problem is that the coordinates used for the click
are integer values, but Firefox has sub-pixel accuracy, so sometimes
(depending on which corner is not covered and whether the left, top,
width or height properties of the element to be clicked have a decimal
component or not) the clicks silently land on a different HTML element
(and that is with squared borders; with round borders they always land
on a different HTML element. That was partially addressed for Selenium
3.0 by clicking first on the edges, but it would still fail if the
middle point of the edges is covered but not the corners).
It is not possible to fix or even detect all that from the tests (except
maybe with some extreme hacks involving accessing private PHP members
from Mink and bypassing or replacing the standard JavaScript executed by
the Firefox driver with a custom implementation...), so it is not
possible to ensure that clicks during an animation will land on the
right element (in fact it is not possible even on static elements,
although except when the layout is wrong there should be no problem);
sometimes retrying a click when the element is covered would solve the
problem, sometimes it would cause a different element to be clicked (and
sometimes there would be even no retry, as the first click would have
silently landed on a different element than the expected one).
Therefore, a different approach must be used. Instead of trying to
automatically handle clicks during animations the tests must be written
being aware of the problem and thus waiting somehow for the animations
that can cause a problem to end before performing the clicks.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This is a preparatory step for a following commit in which the position
of the favorite icon and the checkbox will be swapped; in that new
design the favorite icon is no longer expected to be an action but just
a simple mark on whether the file is favorited or not (the action is
expected to be triggered then only from the file actions menu).
The favorite icon is now fully shown or completely hidden depending on
whether the file is favorited or not. As the icon is just informative
but no longer an action now it does not change when hovered or focus. In
the same way, the alternative text when the file is not favorited now it
is not "Favorite" (an action) but "Not favorited" instead.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Currently a file can be favorited either through the inline action or
through the file actions menu. However, the inline action will be
removed in a following commit and then it will be possible to do it only
through the file actions menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.
Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.
Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.
The easiest way to reproduce is on MySQL:
1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707
Recently there was also a bug report about a non-visible last cron execution
(#6088) - let's better remove this.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
In some cases the acceptance tests have to explicitly wait for something
to happen without using the "find" method from the actor; in those cases
the timeout multiplier needs to be taken into account too, so the test
cases must be able to retrieve it from the actor.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Nextcloud is not properly loaded in the standalone version (especially the theming)
* it is already not listed anymore in the Nginx config (see nextcloud/documentation#392)
* the index.php-free version doesn't support this
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* PrivateData is an app now: https://github.com/nextcloud/privatedata
* No need to load the OCS routes.php (as there is none!)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
- This kind of hook signal used to be emitted in the old Share library but it was missing from Share 2.0
Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
By default "127.0.0.1:4444" is used, so nothing needs to be set when the
acceptance tests and the Selenium server share the same network (like
when called by "run.sh").
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
By default "127.0.0.1" is used, so nothing needs to be set when the
Selenium server and the Nextcloud test server share the same network
(like when called by "run.sh").
Besides passing the domain to the acceptance tests the Nextcloud test
server configuration must be modified to see the given domain as a
trusted domain; otherwise the access would be forbidden.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The NextcloudTestServerLocalHelper started the PHP built-in web server
for the Nextcloud test server at 127.0.0.1; as the Selenium server has
to access the Nextcloud test server they were forced to share the same
network. Now, the domain at which the PHP built-in web server is started
can be specified when the NextcloudTestServerLocalHelper is created,
which removes the need of sharing the same network, as the Selenium
server now can access the Nextcloud test server at an arbitrary domain.
However, by default "127.0.0.1" is still used if no domain is given.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
- When a file was unshared, the legacy hook pre_unshare fired twice and the hook post_unshare did not fire at all. This was obviously a copy-paste error.
Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
Fix service container host name
check current folder
fix redis for integration test
Fix more hostnames
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
The app navigation is not exclusive to the Files app but a generic
component used by other apps too, so its locators and steps should be in
its own context.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Fixme:
- Install and update of apps
- No revert on live systems (debug only)
- Service adjustment to our interface
- Loading via autoloader
Signed-off-by: Joas Schilling <coding@schilljs.com>
The SystemTagsInfoViewToggleView is a basic view that renders a label
that, when clicked, toggles the visibility of an associated
SystemTagsInfoView.
In order to keep the view parent agnostic its attachment and detachment
to/from the MainfFileInfoView is done in the FilesPlugin.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Acceptance tests opened the details view by clicking on the middle of
the file row, but due to the changes made in issue #4921 that now opens
the file instead; this commit updates the acceptance tests to open the
details view through the "Details" item in the file actions menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Commands executed on Mink elements may fail for several reasons.
ElementWrapper is introduced to automatically handle some of those
situations, like StaleElementReference exceptions and ElementNotVisible
exceptions.
StaleElementReference exceptions are thrown when the command is executed
on an element that is no longer attached to the DOM. When that happens
the ElementWrapper finds again the element and executes the command
again on the new element.
ElementNotVisible exceptions are thrown when the command requires the
element to be visible but the element is not. When that happens the
ElementWrapper waits for the element to be visible before executing the
command again.
These changes are totally compatible with the current acceptance tests.
They just make the tests more robust, but they do not change their
behaviour. In fact, this should minimize some of the sporadic failures
in the acceptance tests caused by their concurrent nature with respect
to the web browser executing the commands.
However, the ElementWrapper is not a silver bullet; it handles the most
common situations, but it does not handle every possible scenario. For
example, the acceptance tests would still fail sporadically if an
element can become staled several times in a row (uncommon) or if it
does not become visible before the timeout expires (which could still
happen in a loaded system even if the components under test work right,
but obviously it is not possible to wait indefinitely for them).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Starting a session for an Actor can fail, typically, due to a timeout
connecting with the web browser. Now if the session fails to start it
will be tried again up to "actorTimeoutMultiplier" times in total before
giving up.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The timeout passed to the "find" method was multiplied by the
"findTimeoutMultiplier" attribute. However, as "find" used
"findAncestor" and "findAncestor", in turn, used "find" itself the
timeout was increased exponentially for ancestor elements. Now "find"
was split in "find" and "findInternal"; the first method is the public
one and modifies the given parameters as needed and then calls the
second method, private, that performs the find itself.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The "named" Mink selector first tries to find an exact match for its
locator and then, if not found, tries to find a partial match. Besides
other harder to track problems (see comment in the commit in which the
"content" locator was removed), this could cause, for example, finding
an action link titled "Favorited" when looking for the action link
titled "Favorite" (that is, one that conveys the opposite state to the
one found).
Although currently all the acceptance tests are compatible with both the
"named" and the "named_exact" Mink selectors the predefined locators are
modified to use the "named_exact" Mink selector to make them more
future-proof; the "named" Mink selector can still be used if needed
through the "customSelector" method in the builder object.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The "content" locator uses the "named" Mink selector and the "content"
Mink locator to find the element. The "named" Mink first tries to find
the elements whose content match exactly the given content but, if none
is found, then it tries to find elements that just contain the given
content.
This behaviour can lead to hard to track issues. Finding the exact match
and, if not found, finding the partial match is done in quick
succession. In most cases, when looking for an exact match the element
is already there, it is returned, and everything works as expected. Or
it may not be there, but then it is not there either when finding the
partial match, so no element is returned, and everything works as
expected (that is, the actor tries to find again the element after some
time).
However, it can also happen that when looking for an exact match there
is no element yet, but it appears after trying to find the exact match
but before trying to find the partial match. In that situation the
desired element would be returned along with its ancestors. However, as
only the first found element is taken into account and the ancestors
would appear first the find action would be successful, but the returned
element would not be the expected one. This is highly unlikely, yet
possible, and can cause sporadic failures in acceptance tests that,
apparently, work as expected.
Using a "named_exact" Mink selector instead of the "named" Mink selector
does not provide the desired behaviour in most cases either. As it finds
any element whose content matches exactly the given content, looking for
"Hello world" in "<div><p><a>Hello world</a></p></div>" would match the
"div", "p" and "a" elements; in that situation the "div" element would
be the one returned, when typically the "a" element would be the
expected one.
As it is error prone and easily replaceable by more robust locators the
"content" locator was removed from the predefined ones (although it can
still be used if needed through the "customSelector" method in the
builder object).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling.
This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:
1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.
If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)
If the user chooses to use the regular login the following happens:
1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.
This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The data storage (the "notebook") is shared between all the actors, so
the data can be stored and retrieved between different steps by any
actor in the same scenario.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
As requested by Morris Jobke, the passwords in the acceptance tests were
modified to make them valid both for a clean Nextcloud server and one
with the password_policy app enabled.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static
Signed-off-by: Joas Schilling <coding@schilljs.com>
While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.
Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Also adds `\OCP\Mail\IMailer::createEMailTemplate` as helper so the functionality can easily be used within apps.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* thanks to @espina2 for make this nice design
* the button says "Set password" if the admin didn't specified a password
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This is not intended anymore, since it falls back to force english
when the header is not set. Also 0228bc6e66
makes clear that the order should be:
1. User setting
2. Accept language
3. Admin default
This is the case since the commit from above, unless via OCS and DAV.
Both forced to accept-language falling back to english.
By removing the force, it now also matches the w3 priority list:
https://www.w3.org/International/questions/qa-lang-priorities
Signed-off-by: Joas Schilling <coding@schilljs.com>
* added functionality to override config.php values with 'OC_' prefixed environment variables
* use getenv to read environment variables since apache does not set $_ENV variables, fixed test
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fixes#3890
If we do a put request without a body the current code still tries to
read the body. This patch makes sure that we do not try to read the body
if the content length is 0.
See RFC 2616 Section 4.3
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This adds the bruteforce settings app that allows to configure (for now)
subnets that are to be ignored when doing brute force analysis. This can
for example be the LAN since we trust people from there.
* Add app
* Add php tests
* Add js tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When the instance is not installed don't run the JSCombiner as the appdata folder does not yet exist.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Since reading a file from disks can be costly. Lets store the dependency
json also in memcache.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* success on SQLite and Postgres
* failure on MySQL due to the limited charset that only supports up to 3 bytes
Add config option to update charset of mysql to utf8mb4
* fully optional
* requires additional options set in the database
only disable unicode test on mysql
Fixing ctor call
Adding docker based unit test execution for mysql utf8mb4
Add mysqlmb4 test configuration to Jenkinsfile
fix collation on utf8mb4
Properly setup charset and collation in the doctrine connection
Allow files containing 4-byte chars in case the database supports it
During setup of a mysql database we try to detect if charset 'utf8mb4' can be used
Fix mysql settings
Add console command to migrate the charset
Set ROW_FORMAT before setting collation to mb4
Also select tables with wrong collation
Faster MySQL docker
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Moved some interface definitions to Server.php (more to come)
* Build/Query only for existing classes in the AppContainer
* Build/Query only for classes of the App in the AppContainer
* Offload other stuff to the servercontainer
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Use a helper class to listen to the eventDispatcher calls from the share
manager to emit the old \OC_Hooks
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fixed failing test which was ignoring a required (not null) column
* restored test to original, catching DriverException which also catches ConstraintViolationException
* catch ConstraintViolationException again
* removed unnecessary field from this test
* clobfield should be nullable
* clobfield now is nullable
* removed autoincrement since whenever this strategy is enabled, oracle would not throw constraint violation exceptions (needed for setValues), which mysql still does
* this field does not auto increment anymore
* mark integerfield as primary, since it is not getting marked as such through auto increment anymore,
integerfield default always has been 0 instead of null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Skip null groups in group manager (#26871)
* Skip null groups in group manager
* Also skip null groups in group manager's search function
* Add more group null checks in sharing code
* Add unit tests for null group safety in group manager
* Add unit tests for sharing code null group checks
* Added tests for null groups handling in sharing code
* Ignore moveShare optional repair in mount provider
In some cases, data is inconsistent in the oc_share table due to legacy
data. The mount provider might attempt to make it consistent but if the
target group does not exist any more it cannot work. In such case we
simply ignore the exception as it is not critical. Keeping the
exception would break user accounts as they would be unable to use
their filesystem.
* Adjust null group handing + tests
* Fix new group manager tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Many API callers will call unlink even for directories and it can mess
up with some wrappers like the encryption wrapper
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* then the language is not that specific and get also matched for fi
* fallback from fi_FI to fi is supported - the other way around not
* contains repair script
* contains tests for repair script
* fixes#869
Order results to make postgres happy
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
It's 'getRemember' instead of 'getRememberMe', hence some warnings
were generated by phpunit.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Single user mode basically disables WebDAV, OCS and cron execution. Since
we heavily rely on WebDAV and OCS also in the web UI it's basically useless.
An admin only sees a broken interface and can't even change any settings nor
sees any files. Also sharing is not possible.
As this is at least the case since Nextcloud 9 and we haven't received any
reports for this it seems that this feature is not used at all so I removed it.
The encryption commands now rely on the well tested maintenance mode.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* we introduced this setting in the begining because our
avatar support caused some performance issues, but we
fixed them and should only provide one way how Nextcloud
looks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>