Commit Graph

53888 Commits

Author SHA1 Message Date
Roeland Jago Douma 532f4c41da
Merge pull request #20970 from nextcloud/td/js/escape-html-global
Remove the escape-html global
2020-05-29 13:36:55 +02:00
Roeland Jago Douma 251a4d3097
Merge pull request #21143 from nextcloud/fix-password-changes-in-link-and-mail-shares
Fix password changes in link and mail shares
2020-05-29 13:36:09 +02:00
Roeland Jago Douma b9e7fd2418 Remove the escape-html global
Already announced for 19 that it would go. So now it realy does go.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-29 08:34:10 +00:00
Roeland Jago Douma efd025cbc3
Merge pull request #21118 from nextcloud/td/move_systemtags
Move systemtags to a proper location
2020-05-29 09:14:25 +02:00
Roeland Jago Douma ca606cea5c
Merge pull request #21146 from nextcloud/fix-reference-to-wrong-class-name
Fix reference to wrong class name
2020-05-29 08:46:23 +02:00
Nextcloud bot ebd387e89a
[tx-robot] updated from transifex 2020-05-29 02:16:30 +00:00
Daniel Calviño Sánchez b192c04dc2 Add integration tests for video verification
Enabling the "send password by Talk" property of shares require that
Talk is installed and enabled, so the Drone step that runs them has to
first clone the Talk repository.

When the integration tests are run on a local development instance,
however, it is not guaranteed that Talk is installed. Due to this the
"@Talk" tag was added, which ensures that any feature or scenario marked
with it will first check if Talk is installed and, if not, skip the
scenario (instead of failing).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:50:30 +02:00
Daniel Calviño Sánchez a2f80d4f4c Add integration tests for creating and updating a mail share
In most cases, when a mail share is created or updated an e-mail is sent
to the sharee, which is done by connecting to the SMTP server set in the
configuration. If the server can not be contacted then the creation or
update of the mail share fails.

To make possible to test mail shares without using a real SMTP server a
fake one has been added. The original script, which is MIT licensed, was
based on inetd, so it was slightly modified to run on its own.

In order to use it from the integration tests the "Given dummy mail
server is listening" step has to be called in the scenarios in which the
mail server is needed.

For now that is the only available step; things like checking the sent
mails, while possible (as the script can log the mails to certain file),
have not been added yet.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:50:29 +02:00
Daniel Calviño Sánchez 7817f8578b Generalize integration test steps to download last share
Note that the "last link share can be downloaded" step was kept as it
tests the "url" property specific of link shares.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 6e49d3bb94 Remove unused variables
The step names were adjusted accordingly.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 45de42a6b8 Fix disabling send password by Talk without new password in mail shares
When "send password by Talk" was disabled in a mail share it was
possible to keep the same password as before, as it does not pose any
security issue (unlike keeping it when "send password by Talk" is
enabled, as in that case the password was already disclosed by mail).

However, if a mail share is updated but the password is not set again
only the hashed password will be available. In that case it would not
make sense to send the password by mail, so now the password must be
changed when disabling "send password by Talk".

Note that, even if explicitly setting the same password again along with
the "send password by Talk" property would work, this was also prevented
for simplicity.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 02:46:12 +02:00
Daniel Calviño Sánchez 37f231333f Fix reference to wrong class name
\OCP\IShare does not exist; the right name is \OCP\Share\IShare,
although it is already imported as IShare.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-29 01:41:06 +02:00
Morris Jobke 077c1a9b9f
Merge pull request #21140 from nextcloud/enhancement/oc-get-all-apps-return-type-doc
Document \OC_App::getAllApps return type
2020-05-28 22:37:35 +02:00
Daniel Calviño Sánchez a426f84dbe Fix enabling send password by Talk with same password in mail shares
When "send password by Talk" is enabled in a mail share a new password
must be also set. However, when the passwords of the original and the
new share were compared it was not taken into account that the original
password is now hashed, while the new one is not (unless no new password
was sent, in which case the password of the original share was set in
the new share by the controller, but that was already prevented due to
both passwords being literally the same), so it was possible to set the
same password again.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez 7569590514 Fix enabling send password by Talk with empty password in link shares
When "send password by Talk" is enabled in a link share now a non empty
password is enforced.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:28 +02:00
Daniel Calviño Sánchez e59e283cc2 Fix creating a mail share with a password
When a mail share was created with a password the given password was not
hashed, so it was not possible to open the share with that password.
Moreover, if passwords were enforced the given password was ignored and
a new one was set (although in this case it was hashed so it worked as
expected). Now the given password is properly hashed and not overriden.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:51:22 +02:00
Daniel Calviño Sánchez a2b0a7c30e Extend mail shares unit tests to check the password and mail template
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-05-28 21:50:08 +02:00
Roeland Jago Douma 28f8a445e4 Move the systemtags to core/src
* Move to the handlebar loader from webpack

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-28 19:05:09 +00:00
Christoph Wurst adf7d17cb2
List ext-pdo as hard requirement for composer
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-28 20:43:50 +02:00
Christoph Wurst 97e9823787
Document \OC_App::getAllApps return type
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-28 20:37:24 +02:00
Roeland Jago Douma b638c6ee09
Merge pull request #20597 from nextcloud/enh/lazy_node_events
Add lazy events for the Node API
2020-05-28 14:15:59 +02:00
Roeland Jago Douma 77c1aeb84e
Merge pull request #21124 from nextcloud/feature/20612/add-capability-for-file-comments
Add a capability when file comments are enabled
2020-05-28 14:13:48 +02:00
Joas Schilling ff381dda08
Add a capability when file comments are enabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-28 12:43:53 +02:00
Roeland Jago Douma 6aa6ab3e02
Add lazy events for the Node API
Right now if you want to get events via the Node API you have to have a
real instance of the Root. Which in turns sets up the whole FS.

We should make sure this is done lazy. Else enabling the preview
generator for example makes you setup the whole FS on each and every
authenticated call.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-05-28 12:35:45 +02:00
Nextcloud bot 1d469fc06e
[tx-robot] updated from transifex 2020-05-28 02:16:38 +00:00
Roeland Jago Douma 3ee2dbeff9
Merge pull request #21122 from nextcloud/enhancement/auth-token-exception-reporting
Improve traces of invalid token exceptions
2020-05-27 19:37:22 +02:00
Roeland Jago Douma 778ef84ee2
Merge pull request #21123 from nextcloud/fix/noid/fix-retrieval-of-groups
simplify getGroups, fixing wrong chunking logic
2020-05-27 19:36:49 +02:00
Robin Appelman 41fdfc9966
update icewind/smb to 3.2.5
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-05-27 17:44:54 +02:00
Joas Schilling 675ec93e25
Merge pull request #21112 from nextcloud/techdebt/noid/remove-db-prefix
Remove db prefix option from cli install command
2020-05-27 16:19:38 +02:00
Christoph Wurst 052ddc3c10
Merge pull request #20976 from nextcloud/fix/make-translation-sanitization-optional
Make the translation sanitization optional
2020-05-27 15:47:28 +02:00
Christoph Wurst 069d02aaec
Fix devices & sessions sanitization
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 15:06:56 +02:00
Christoph Wurst 74db91910c
Make the translation sanitization optional
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 15:06:54 +02:00
Arthur Schiwon aed6f0f71e
simplify getGroups, fixing wrong chunking logic
pagination is taken care of properly in the search logic in Access class

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-27 14:41:10 +02:00
Roeland Jago Douma a0771a389a
Merge pull request #21079 from nextcloud/dependabot/npm_and_yarn/moment-2.26.0
Bump moment from 2.25.3 to 2.26.0
2020-05-27 12:55:50 +02:00
Morris Jobke b9222ff596
Merge pull request #21117 from nextcloud/design/text-variables-simplify
Simplify text variables from 4 to 2, map -lighter to -maxcontrast
2020-05-27 10:50:43 +02:00
Christoph Wurst 5b92f35fe2
Log why a token is not valid during password check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:58:44 +02:00
Christoph Wurst 2006a6dd0e
Improve traces of invalid token exceptions
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:21:47 +02:00
Nextcloud bot b9d17cfdec
[tx-robot] updated from transifex 2020-05-27 02:16:10 +00:00
Jan-Christoph Borchardt 9aff5355e6
Simplify text variables from 4 to 2, map -lighter to -maxcontrast
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2020-05-26 21:42:11 +02:00
dependabot-preview[bot] 3535204ce8 Bump moment from 2.25.3 to 2.26.0
Bumps [moment](https://github.com/moment/moment) from 2.25.3 to 2.26.0.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.25.3...2.26.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-05-26 19:40:18 +00:00
Roeland Jago Douma 9bb07d3fbd
Merge pull request #21106 from nextcloud/fix/10809/user-pwd-change-loginname
use the loginname to verify the old password in user password changes
2020-05-26 21:18:57 +02:00
Joas Schilling 027808c019
Remove the prefix setting attempt from our CI
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-26 16:56:41 +02:00
Arthur Schiwon 653162a709
use the loginname to verify the old password in user password changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-26 16:53:25 +02:00
Joas Schilling 5f88380c44
Remove db prefix option from cli install command
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-05-26 14:10:39 +02:00
Roeland Jago Douma 69e2aa029b
Merge pull request #21108 from nextcloud/fix/20745/eor-old-php-api
fixes infinitely repeating LDPA search results with PHP <= 7.2
2020-05-26 11:54:20 +02:00
Nextcloud bot fda71a9979
[tx-robot] updated from transifex 2020-05-26 02:16:03 +00:00
Arthur Schiwon 15008a1798
fixes infinitely repeating LDPA search results with PHP <= 7.2
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-05-26 00:37:46 +02:00
Roeland Jago Douma 4bada5c732
Merge pull request #21092 from nextcloud/enh/noid/recommended-apps
Update recommended apps
2020-05-25 20:47:20 +02:00
Roeland Jago Douma a6b0bed585
Merge pull request #21090 from nextcloud/bug/noid/do-not-read-cert-from-datadir-by-default
Do not read certificate bundle from data dir by default
2020-05-25 19:48:00 +02:00
Roeland Jago Douma d695bad205
Merge pull request #21078 from nextcloud/dependabot/npm_and_yarn/vue-router-3.2.0
Bump vue-router from 3.1.6 to 3.2.0
2020-05-25 19:45:53 +02:00