Commit Graph

58 Commits

Author SHA1 Message Date
Lukas Reschke 12181aa6de Don't perform checks for outdated TLS libs when no internet connection
This change makes the check return a positive result when:

- The instance has been configured to not use the internet
AND/OR
- S2S AND the appstore is disabled
2015-10-08 18:26:03 +02:00
Morris Jobke b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Lukas Reschke 36ce254ffd Move dummy backend to Tests namespace 2015-09-22 11:01:11 +02:00
Morris Jobke c86cac6a2b use config.php value instead of version string 2015-09-02 08:16:27 +02:00
Morris Jobke 15da671349 [test] more tests for UserController::setMailAddress
* fixes #12885
2015-08-17 11:53:03 +02:00
Robin McCorkell 2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Thomas Müller 9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Bjoern Schiessle dc5e89e624 also block certificate management in the back-end if external storages are disabled for the user 2015-08-04 18:33:19 +02:00
Roeland Jago Douma 72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Robin McCorkell 6d54d2fad7 Merge pull request #17912 from owncloud/detect-old-openssl-versions
Detect old NSS and OpenSSL versions
2015-07-28 21:26:44 +01:00
Lukas Reschke 7f6c5e456b Add unit tests 2015-07-28 16:32:11 +02:00
Lukas Reschke 0d515de13e Detect old NSS and OpenSSL versions
This will detect old NSS and OpenSSL versions and show appropriate errors in the admin interface.

Fixes https://github.com/owncloud/core/issues/17901
2015-07-28 15:32:19 +02:00
Joas Schilling 171f86ca2e Only sort by group name when LDAP is involved 2015-06-16 11:10:00 +02:00
Thomas Müller f051b7381b Merge pull request #16402 from owncloud/issue-15956-slow-group-usercount
Sort user groups by group name and hide the user count
2015-06-08 12:11:22 +02:00
Joas Schilling d3e3a84cae Move the helpful method to the TestCase class 2015-06-03 12:33:29 +02:00
Lukas Reschke bc6d17ed74 Add check for availability of /dev/urandom
Without /dev/urandom being available to read the medium RNG will rely only on the following components on a Linux system:

1. MicroTime: microtime() . memory_get_usage() as seed and then a garbage collected microtime for loop
2. MTRand: chr((mt_rand() ^ mt_rand()) % 256)
3. Rand: chr((rand() ^ rand()) % 256)
4. UniqId: Plain uniqid()

An adversary with the possibility to predict the seed used by the PHP process may thus be able to predict future tokens which is an unwanted behaviour.

One should note that this behaviour is documented in our documentation to ensure that users get aware of this even without reading our documentation this will add a post setup check to the administrative interface.

Thanks to David Black from d1b.org for bringing this again to our attention.
2015-05-26 14:16:07 +02:00
Joas Schilling d683752b37 Sort user groups by group name and hide the user count 2015-05-18 12:55:19 +02:00
Thomas Müller 257ee205bb Merge pull request #15978 from owncloud/feature/fix-encryption-tooltips
[enc2]fixing recovery tooltip
2015-05-15 22:39:17 +02:00
Clark Tomlinson 9727386d8b fixing test 2015-05-11 09:38:23 -04:00
Joas Schilling d36d14366b Add test for setEmailAddress 2015-05-05 13:53:00 +02:00
Lukas Reschke 9bc48451b9 Adjust tests and statuscode 2015-04-20 13:00:02 +02:00
Lukas Reschke 20a6073a9f Migrate personal certificate handling into AppFramework controllers
Also added unit-tests and better error-handling
2015-04-20 12:58:58 +02:00
Lukas Reschke ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Joas Schilling 81ec1c8a1a Remove hardcoded link to performance docs 2015-04-07 12:25:30 +02:00
Lukas Reschke 0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Lukas Reschke 65202d2a18 Add check for activated local memcache
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.

Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Thomas Müller b5545932e7 use StreamResponse to download the log file - fixes #14268 2015-03-27 11:30:32 +01:00
Lukas Reschke e32f1582c7 Show more detailed error message 2015-03-16 12:47:06 +01:00
Lukas Reschke dfd70337d6 Adjust unit test 2015-03-16 12:47:05 +01:00
Lukas Reschke 13486a5ada Migrate to SwiftMail
Replaces the OC_Mail and phpmailer with SwiftMail allowing us to mock it properly.

Fixes the unit test execution on master on local machines and https://github.com/owncloud/core/issues/12014

Conflicts:
	3rdparty
	lib/private/server.php
	lib/public/iservercontainer.php
	tests/lib/mail.php
	tests/settings/controller/mailsettingscontrollertest.php

Conflicts:
	3rdparty
	lib/private/mail.php
	lib/private/server.php
	lib/public/iservercontainer.php
	settings/ajax/lostpassword.php
	settings/application.php
2015-03-16 12:47:05 +01:00
Lukas Reschke bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Thomas Müller 4910f3e202 fixing unit tests in UsersControllerTest 2015-02-16 19:45:40 +01:00
Morris Jobke 485e2a282b Merge pull request #13753 from owncloud/use-403-instead-of-200
Use 403 instead of 200 response
2015-02-07 13:25:15 +01:00
Lukas Reschke 0f7634eadc Switch to a factory and add unit tests 2015-01-30 17:24:42 +01:00
Lukas Reschke 7e7dd92f6b Add unit tests 2015-01-30 14:29:46 +01:00
Lukas Reschke b9f180e001 Use 403 instead of 200 response
A forbidden should throw a 403 and this makes it easier for me to do some automated testing.
2015-01-29 12:04:54 +01:00
Morris Jobke 9fbeaf0fd9 Add value if restore of data is possible for a user
* reason: nice to know before password change in user management
* restore is possible:
	* encryption is disabled
	* encryption is enabled, admin and user has checked the
	  restore option
* if not possible:
	* highlight users row in red once the admin wants to change the password
	* show also a little tipsy
2015-01-27 13:23:19 +01:00
Joas Schilling 039397bd31 Use setConfigs() instead of calling setConfig() multiple times 2015-01-23 14:52:21 +01:00
Lukas Reschke 2272bcedeb Fix filtering for users when $gid is empty
Previously when $gid was empty the users were not filtered at all. Rendering the search function in the user management pretty useless.

Fixes itself
2015-01-18 18:31:03 +01:00
Georg Ehrke f579f2bd94 add Download logfile button to admin settings
add logSettingsController

add download logfile button

move getEntries to LogSettingsController

move set log level to logsettingscontroller.php

add warning if logfile is bigger than 100MB

add unit test for set log level

fix typecasting, add new line at EoF

show log and logfile download only if log_type is set to owncloud

add unit test for getFilenameForDownload
2015-01-07 14:55:53 +01:00
Morris Jobke 5913af8a72 Mail address of users is now changable in the user management
* introduced new route settings/users/{id}/mailAddress
* kept old responses
* better error messages
* dropped lostpassword.php from settings/ajax
* cleaned up the UserList.add() and hand in user object instead of
  each attribute as another parameter
* check for change permission of mail address
* proper response messages
2014-12-18 22:43:09 +01:00
Morris Jobke 04e172c2ce add unit tests for new user create mail 2014-12-16 17:54:30 +01:00
Morris Jobke efb495b09f Merge pull request #12726 from owncloud/add-filter-for-backend-to-rest-index
Add filter for backend to rest index
2014-12-13 08:50:15 +01:00
Lukas Reschke d5b26e682c Use array key instead of value 2014-12-12 16:42:25 +01:00
Morris Jobke 04aaa72810 Show user backend in user management
* add switch to settings to show user backend
* user classes for headers and rows to unify the show/hide statement
* add user backend to response of user create request
* proper markup in settings area
2014-12-12 14:19:29 +01:00
Lukas Reschke 26b0a89874 Add test for user without backend 2014-12-12 12:39:31 +01:00
Lukas Reschke 5dc6406b70 Add filter for 'backend' to user REST route
This adds a "backend" type filter to the index REST route which is a pre-requisite for https://github.com/owncloud/core/issues/12620

For example when calling `index.php/settings/users/users?offset=0&limit=10&gid=&pattern=&backend=OC_User_Database` only users within the backend `OC_User_Database` would be shown. (requires sending a CSRF token as well)

Depends upon https://github.com/owncloud/core/pull/12711
2014-12-10 12:07:34 +01:00
Lukas Reschke 4c13918bd8 Expose backend type via REST API
This change will expose the user backend via the REST API which is a pre-requisite for https://github.com/owncloud/core/issues/12620.

For example:
````json
[{"name":"9707A09E-CA9A-4ABE-A66A-3F632F16C409","displayname":"Document Conversion User Account","groups":[],"subadmin":[],"quota":"default","storageLocation":"\/Users\/lreschke\/Programming\/core\/data\/9707A09E-CA9A-4ABE-A66A-3F632F16C409","lastLogin":0,"backend":"OCA\\user_ldap\\USER_LDAP"},{"name":"ED86733E-745C-4E4D-90CB-278A9737DB3C","displayname":"Hacker","groups":[],"subadmin":[],"quota":"default","storageLocation":"\/Users\/lreschke\/Programming\/core\/data\/ED86733E-745C-4E4D-90CB-278A9737DB3C","lastLogin":0,"backend":"OCA\\user_ldap\\USER_LDAP"},{"name":"71CDF45B-E125-450D-983C-D9192F36EC88","displayname":"admin","groups":[],"subadmin":[],"quota":"default","storageLocation":"\/Users\/lreschke\/Programming\/core\/data\/71CDF45B-E125-450D-983C-D9192F36EC88","lastLogin":0,"backend":"OCA\\user_ldap\\USER_LDAP"},{"name":"admin","displayname":"admin","groups":["admin"],"subadmin":[],"quota":"default","storageLocation":"\/Users\/lreschke\/Programming\/core\/data\/admin","lastLogin":"1418057287","backend":"OC_User_Database"},{"name":"test","displayname":"test","groups":[],"subadmin":[],"quota":"default","storageLocation":"\/Users\/lreschke\/Programming\/core\/data\/test","lastLogin":0,"backend":"OC_User_Database"}]
```
2014-12-09 12:04:19 +01:00
Lukas Reschke c23957811d React on other statuscodes than 200 2014-12-08 16:35:13 +01:00
Lukas Reschke 8b3e389062 Add statuscodes 2014-12-08 15:32:59 +01:00