Commit Graph

4298 Commits

Author SHA1 Message Date
Joas Schilling 7816c54625
Allow to force a language and set it via the ocs api
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-21 11:34:52 +02:00
Lukas Reschke 2f87fb6b45
Add Clear-Site-Data header
This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content.

See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types.

Ref https://twitter.com/mikewest/status/877149667909406723

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-20 19:46:10 +02:00
Joas Schilling ca3a6ec607
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 14:25:24 +02:00
Julius Härtl 41621d3b59
Fix tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-06-16 11:06:26 +02:00
Julius Härtl f039ba7480
Add tests and inject IRequest
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-06-16 10:51:31 +02:00
Robin Appelman 2e8e6f95b9
show used space in user list
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-15 14:06:54 +02:00
Robin Appelman fa81759917
fix moving folders out of a cache jail
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-06-15 13:59:06 +02:00
Joas Schilling 0f8c1b13a3
Fix unknown share token
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-13 18:44:50 +02:00
Morris Jobke 6a06df824e Merge pull request #5027 from nextcloud/require-nextcloud-version-as-per-docs
Version and dependency are now required
2017-06-12 22:33:16 -05:00
Morris Jobke aa243376ef Merge pull request #5271 from nextcloud/use-mailer-to-create-email-template
Also use IMailer interface to generate the email template
2017-06-12 17:52:52 -05:00
Lukas Reschke a4b48d55ad
Fix tests
return is not defined

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-12 22:19:44 +02:00
Daniel Calviño Sánchez 6bcace4609 Extract toggle visibility of a SystemTagsInfoView to its own view
The SystemTagsInfoViewToggleView is a basic view that renders a label
that, when clicked, toggles the visibility of an associated
SystemTagsInfoView.

In order to keep the view parent agnostic its attachment and detachment
to/from the MainfFileInfoView is done in the FilesPlugin.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 09:13:29 +02:00
Daniel Calviño Sánchez 423136d319 Extract duplicated code to a method
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 03:03:47 +02:00
Daniel Calviño Sánchez be02b3df28 Add acceptance tests for showing the input field for tags
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-06-09 03:02:33 +02:00
Morris Jobke b58928b4c1 Also use IMailer interface to generate the email template
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-06-06 10:47:48 -05:00
Morris Jobke 15314b6f5b Merge pull request #5223 from nextcloud/do-not-allow-to-set-invisible-fields
Don't allow the user to set fields they can't see
2017-06-06 08:06:39 -05:00
Joas Schilling f39fdaf46e
adjust the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-06 11:42:48 +02:00
blizzz 2e2d406bf5 Merge pull request #5213 from nextcloud/fix-change-hook
Trigger changeUser hook only on real changes
2017-06-02 13:14:33 +02:00
Arthur Schiwon 999455c1aa
emit changeUser only if there really was a change (quota, displayname)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-01 11:34:17 +02:00
Bjoern Schiessle 7c2d473d76
add new config switched for the global scale architecture
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-29 18:19:28 +02:00
Joas Schilling eebd2811dc
Version and dependency are now required
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-22 09:54:44 +02:00
Roeland Jago Douma 43eb424da1 Merge pull request #5009 from nextcloud/update-acceptance-tests-for-issue-4921
Update acceptance tests for issue #4921
2017-05-22 08:36:11 +02:00
Daniel Calviño Sánchez 41412088db Update acceptance tests for issue #4921
Acceptance tests opened the details view by clicking on the middle of
the file row, but due to the changes made in issue #4921 that now opens
the file instead; this commit updates the acceptance tests to open the
details view through the "Details" item in the file actions menu.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-21 14:45:43 +02:00
Lukas Reschke 7a8bd73547 Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-20 16:38:32 -05:00
Lukas Reschke 7976927628 Merge pull request #4894 from nextcloud/generic-security-activities
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
Lukas Reschke 8c624bdef9 Merge pull request #4792 from nextcloud/fix-storage-wrappers-on-scanner
Make sure we use the passed-in storage when there is one
2017-05-19 00:49:58 +02:00
Roeland Jago Douma e43649e67e
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:10:57 +02:00
Christoph Wurst 1632bb4557
Move activities test code
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Lukas Reschke 7927aed991
Adjust token name
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke 691646bdae
Add tests for OAuth2 app
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke 59e968977c
Add test for DefaultTokenMapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 77827ebf11
Rename table back to lowercase
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 26ee889fec
Add tests for ClientFlowLoginController
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Bjoern Schiessle 1eb7f4956b
delete auth token when client gets deleted
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Robin Appelman 1f1e1b0d00
use unmasked permissions during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-18 16:38:54 +02:00
Morris Jobke 78e6c2dea4 Merge pull request #4666 from nextcloud/enable-redis-cluster
Add redis cluster tests to our CI jobs
2017-05-16 10:10:25 -05:00
Morris Jobke 3bf9503070 Merge pull request #4816 from nextcloud/Ardinis-quota-files_external
Correctly calculate used space for quota with external storage
2017-05-12 11:33:54 -05:00
Morris Jobke 51c55a867d fix quota tests for external storage
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-12 11:32:16 -05:00
Lukas Reschke 4f752ed1fc Merge pull request #4809 from nextcloud/downstream-27676
Disable reset password link
2017-05-12 12:39:07 +02:00
Lukas Reschke 48a9a4bd81 Merge pull request #4825 from nextcloud/add-timeout-appstore
Add timeout for requests to appstore
2017-05-12 12:37:18 +02:00
Joas Schilling e6a0ad4701
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 10:02:15 +02:00
Joas Schilling adad4281af
Fix failed assertions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 09:58:18 +02:00
Morris Jobke f73ca1b77f Add redis cluster tests to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-11 17:07:20 -05:00
Joas Schilling 0828df5ed4
Disable the API endpoints as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-11 17:03:57 +02:00
Joas Schilling 538d32fe87
Automatic injection into the Fetchers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:56:38 +02:00
Joas Schilling ca39940614
Automatic creation of Identity manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:45:11 +02:00
Joas Schilling d418ea550b
Automatic injection for CssController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:40 +02:00
Joas Schilling 9c8fe82000
Automatic injection for JsController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:15 +02:00
Morris Jobke 1a83f11925 Merge pull request #4718 from nextcloud/handle-stalled-or-invisible-elements-automatically-in-acceptance-tests
Handle stale or invisible elements automatically in acceptance tests
2017-05-08 12:52:30 -05:00
Fabrizio Steiner f2a2b34e46 Increase device password entropy. Use lower- and upper-case characters and digits, but exclude ambiguous characters. The number of digits has also been increased to 25.
Signed-off-by: Fabrizio Steiner <fabrizio.steiner@gmail.com>
2017-05-08 14:04:40 +02:00
Daniel Calviño Sánchez 9313c9797f Add automatic handling of common command failures of Mink elements
Commands executed on Mink elements may fail for several reasons.
ElementWrapper is introduced to automatically handle some of those
situations, like StaleElementReference exceptions and ElementNotVisible
exceptions.

StaleElementReference exceptions are thrown when the command is executed
on an element that is no longer attached to the DOM. When that happens
the ElementWrapper finds again the element and executes the command
again on the new element.

ElementNotVisible exceptions are thrown when the command requires the
element to be visible but the element is not. When that happens the
ElementWrapper waits for the element to be visible before executing the
command again.

These changes are totally compatible with the current acceptance tests.
They just make the tests more robust, but they do not change their
behaviour. In fact, this should minimize some of the sporadic failures
in the acceptance tests caused by their concurrent nature with respect
to the web browser executing the commands.

However, the ElementWrapper is not a silver bullet; it handles the most
common situations, but it does not handle every possible scenario. For
example, the acceptance tests would still fail sporadically if an
element can become staled several times in a row (uncommon) or if it
does not become visible before the timeout expires (which could still
happen in a loaded system even if the components under test work right,
but obviously it is not possible to wait indefinitely for them).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 64f9c56224 Extract element finding to a command object
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 7642a4b727 Make internal find methods static
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 16e3e81635 Add missing type hints
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Morris Jobke 0896d2b006 Make cache tests a bit more clear
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-04 19:37:40 -03:00
Mario Danic e4aac15a92
Update login flow redirection
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-04 19:21:22 +02:00
Morris Jobke 61379c9165 Merge pull request #4682 from nextcloud/try-to-start-browser-sessions-again-when-they-fail-in-acceptance-tests
Try to start browser sessions again when they fail in acceptance tests
2017-05-04 00:02:18 -03:00
Daniel Calviño Sánchez 4fc9a7146b Add option to acceptance test runners to set a custom timeout multiplier
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez b10478ff19 Try again to start browser sessions when they fail
Starting a session for an Actor can fail, typically, due to a timeout
connecting with the web browser. Now if the session fails to start it
will be tried again up to "actorTimeoutMultiplier" times in total before
giving up.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez e355e953b5 Generalize attribute name
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:45:52 +02:00
Daniel Calviño Sánchez 97bedb94af Fix exponential increase of timeout when finding ancestor elements
The timeout passed to the "find" method was multiplied by the
"findTimeoutMultiplier" attribute. However, as "find" used
"findAncestor" and "findAncestor", in turn, used "find" itself the
timeout was increased exponentially for ancestor elements. Now "find"
was split in "find" and "findInternal"; the first method is the public
one and modifies the given parameters as needed and then calls the
second method, private, that performs the find itself.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:34:04 +02:00
Morris Jobke dbe11916fa Merge pull request #4662 from nextcloud/remove-named-selectors-from-acceptance-tests
Remove named selectors from acceptance tests
2017-05-02 20:44:23 -03:00
Morris Jobke f233e856bf Merge pull request #4665 from nextcloud/enable-redis
Add redis support to our CI jobs
2017-05-02 17:16:19 -03:00
Roeland Jago Douma 24ff230f93 Merge pull request #4620 from nextcloud/preview-error-handling
better handling of preview generation errors
2017-05-02 21:49:14 +02:00
Morris Jobke ecb369b5e8
Add redis support to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 15:55:42 -03:00
Lukas Reschke 121cb4bcfc Merge pull request #4659 from nextcloud/fix/ignore-empty-email-contacts-menu
Do not show an email action for contacts with emtpy email addresses
2017-05-02 17:02:16 +02:00
Daniel Calviño Sánchez 1381f6c131 Replace "named" Mink selectors with "named_exact" Mink selectors
The "named" Mink selector first tries to find an exact match for its
locator and then, if not found, tries to find a partial match. Besides
other harder to track problems (see comment in the commit in which the
"content" locator was removed), this could cause, for example, finding
an action link titled "Favorited" when looking for the action link
titled "Favorite" (that is, one that conveys the opposite state to the
one found).

Although currently all the acceptance tests are compatible with both the
"named" and the "named_exact" Mink selectors the predefined locators are
modified to use the "named_exact" Mink selector to make them more
future-proof; the "named" Mink selector can still be used if needed
through the "customSelector" method in the builder object.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:38 +02:00
Daniel Calviño Sánchez 762a8e0b76 Remove "content" locator from acceptance tests
The "content" locator uses the "named" Mink selector and the "content"
Mink locator to find the element. The "named" Mink first tries to find
the elements whose content match exactly the given content but, if none
is found, then it tries to find elements that just contain the given
content.

This behaviour can lead to hard to track issues. Finding the exact match
and, if not found, finding the partial match is done in quick
succession. In most cases, when looking for an exact match the element
is already there, it is returned, and everything works as expected. Or
it may not be there, but then it is not there either when finding the
partial match, so no element is returned, and everything works as
expected (that is, the actor tries to find again the element after some
time).

However, it can also happen that when looking for an exact match there
is no element yet, but it appears after trying to find the exact match
but before trying to find the partial match. In that situation the
desired element would be returned along with its ancestors. However, as
only the first found element is taken into account and the ancestors
would appear first the find action would be successful, but the returned
element would not be the expected one. This is highly unlikely, yet
possible, and can cause sporadic failures in acceptance tests that,
apparently, work as expected.

Using a "named_exact" Mink selector instead of the "named" Mink selector
does not provide the desired behaviour in most cases either. As it finds
any element whose content matches exactly the given content, looking for
"Hello world" in "<div><p><a>Hello world</a></p></div>" would match the
"div", "p" and "a" elements; in that situation the "div" element would
be the one returned, when typically the "a" element would be the
expected one.

As it is error prone and easily replaceable by more robust locators the
"content" locator was removed from the predefined ones (although it can
still be used if needed through the "customSelector" method in the
builder object).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:25 +02:00
Christoph Wurst b13c741cb3
Do not show an email action for contacts with emtpy email addresses
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:12:04 +02:00
Robin Appelman 2847e9f2e3
fix preview tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-02 13:43:48 +02:00
Roeland Jago Douma ae7c1504a9
Fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 11:38:21 +02:00
Roeland Jago Douma 762284ce93
Fix and update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 08:59:53 +02:00
Lukas Reschke dd03fdebec
Add missing space
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 20:36:25 +02:00
Lukas Reschke a5ccb31e85
Mark IP as whitelisted if brute force protection is disabled
Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling.

This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 18:31:45 +02:00
Marius Blüm f26764c790
Rename “Server settings” to “Basic settings”
* fixes #4587

Signed-off-by: Marius Blüm <marius@lineone.io>
2017-04-29 17:13:21 +02:00
Arthur Schiwon 99e97f135d
consolidate setEnabled method
and fix a unit test

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Arthur Schiwon 668fe7df51
UserManager can now count disabled users
Users page takes advantage of that

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 4c37c38051
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 485d6d6577
use proper return codes and handle failure cases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 2507e7459d
Improve wording of error messages
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke a8457df064
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke 72550377b4
add unit tests for enable method 2017-04-29 00:59:09 -03:00
Morris Jobke e521b6799f
add unit tests for disable method 2017-04-29 00:59:09 -03:00
Morris Jobke 79d74a1425
adjust tests to have at least one disabled user 2017-04-29 00:54:30 -03:00
Roeland Jago Douma 84b4d448d0
Fix unit tests 2017-04-29 00:54:30 -03:00
Morris Jobke a0bf706983
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:13:41 -03:00
Bjoern Schiessle 9b36f2d9ea
fix unit test
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:38 -03:00
Bjoern Schiessle 5fa0e6df39
fix email verification status
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:37 -03:00
Bjoern Schiessle 71657db4be
updated unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Bjoern Schiessle cbf5acca45
check verification proof and update account table
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Morris Jobke f000e22a97 Merge pull request #4522 from nextcloud/downstream-27596
Allow to create a user for a specific backend
2017-04-27 16:41:08 -03:00
Joas Schilling 9212089151
Use the new method in the old one to remove duplicate code
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 08:56:51 +02:00
Morris Jobke 4dab01d9ed Merge pull request #4501 from nextcloud/downstream-27144
Add duration of last job execution to the table
2017-04-26 23:16:21 -03:00
Morris Jobke 01705b1b6a Merge pull request #4515 from nextcloud/downstream-27643
Adjust query/event logging code in favour of more complex owncloud/di…
2017-04-26 22:58:01 -03:00
Morris Jobke 4a9cb81486 Merge pull request #4526 from nextcloud/downstream-27269
Don`t allow upload of files with extension .part
2017-04-26 18:21:13 -03:00
Morris Jobke aad0794500 Merge pull request #4454 from nextcloud/add-bundles-to-install-page
Add app bundles to the apps page and unbundle enterprise apps
2017-04-26 18:20:40 -03:00
Morris Jobke 58fe27f092 Merge pull request #4461 from danxuliu/fix-closing-details-view-when-viewing-file-in-folder
Fix details view not closed when viewing a file in its folder
2017-04-26 17:42:55 -03:00
Lukas Reschke d0e0bc55c8
Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:08:44 +02:00
Lukas Reschke 3df99d8fd6
Add SocialSharingBundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:53 +02:00
Lukas Reschke 0c5a48c4a4
Add tests for repairstep
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00
Lukas Reschke a05295fca3
Add spreed to Groupware bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00
Lukas Reschke 0651d66181
Add tests for bundle code
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:51 +02:00
Lukas Reschke 3f9aaac4a2
Adjust tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:51 +02:00
Vincent Petry 1c771c097a
Use regex to detect part files 2017-04-26 16:12:48 +02:00
Piotr Mrówczyński 9fec4031b3
Adjust query/event logging code in favour of more complex owncloud/diagnostics (#27643)
* Adjust query/event logging code in favour of more complex owncloud/diagnostics
* Add descriptions to IQueryLogger and IEventLogger interfaces
2017-04-26 13:19:43 +02:00
Georg Ehrke f32fc97533
fix ContactsStoreTest
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:15 +02:00
Georg Ehrke 60f9ed6241
add contactsmenu popover
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:26:53 +02:00
Morris Jobke d4329f3355 Merge pull request #4449 from stweil/mimetypes
Add mimetypes for jp2 and webp
2017-04-26 01:22:49 -03:00
Morris Jobke 215573fe3c Merge pull request #4486 from nextcloud/fix-js-unit
Remove DOMPurify from srcFiles
2017-04-25 22:39:55 -03:00
Jan-Christoph Borchardt 241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Morris Jobke 255c7df3bd Merge pull request #4499 from nextcloud/downstream-26984
Trigger change when a user is enabled/disabled
2017-04-25 18:27:38 -03:00
Christoph Wurst 98f02fad60 Adjust entry unit test to newly added avatar property
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst 2c2e1f7988 Use absolute URI for action icons
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst b8c2a8ae36 Don't show contacts an entry for themselves
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst 36cee1f386 Let apps register contact menu provider via info.xml
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Roeland Jago Douma aae079aa29
AppToken to 72 chars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
Lukas Reschke 6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Stefan Weil 8ba67fbe1e Add test code for new image mime types
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-04-25 19:22:46 +02:00
Lukas Reschke 16c8fdece3
Remove DOMPurify from srcFiles
It is already included via core.json

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 12:50:15 -03:00
Daniel Calviño Sánchez 16b4eecb05 Add acceptance tests for closing details view in Files app
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-25 17:45:37 +02:00
Noveen Sachdeva 1b1f403a5d
Add duration of last job execution to the table 2017-04-25 17:39:58 +02:00
Joas Schilling ac0c21f4a7
Trigger change when a user is enabled/disabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 17:20:35 +02:00
Morris Jobke 5a9224fb4c Merge pull request #3531 from nextcloud/theming-scss
Theming using SCSS variables
2017-04-25 10:56:13 -03:00
Morris Jobke 6f2df5e495 Merge pull request #3195 from nextcloud/settings-apps-tabular
Make apps settings tabular
2017-04-25 10:25:29 -03:00
Roeland Jago Douma 82c9eb1c56 Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Julius Haertl 68a63ad3f3
Implement scss variable injection by OC_Defaults
Signed-off-by: Julius Haertl <jus@bitgrid.net>

Add Scss variables to example theme and theming app

Signed-off-by: Julius Haertl <jus@bitgrid.net>

Use SCSSCacher to build theming css

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Update theming.scss

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Code cleanup

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Fix tests

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Inject SCSSCacher for easier testing

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Fix typehint

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Generate absolute URLs

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Fix tests to always use absolute urls for theming images

Signed-off-by: Julius Härtl <jus@bitgrid.net>

MailheaderColor -> ColorPrimary

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 11:39:45 +02:00
Christoph Wurst bb1d191f82
Fix remember redirect_url on failed login attempts
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 09:38:19 +02:00
Felix A. Epp 2fbf1114ac Add installed category in AppSettingsControlerTest
Signed-off-by: Felix A. Epp <work@felixepp.de>
2017-04-25 00:22:57 +02:00
Roeland Jago Douma 41f492ada7 Merge pull request #4477 from danxuliu/acceptance-macos-nitpicking
Fix minor code style issues in acceptance test runner
2017-04-24 19:30:03 +02:00
Joas Schilling 6300be160a
Add unit tests for mounts of delete users
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-24 16:43:25 +02:00
blizzz 42e805f057 Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00
Daniel Calviño Sánchez a56fb75e69 Add missing unit test for updateShare with email share
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez de6b05a911 Add missing hook check
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez dcc8cce28b Fix double hashing of shared link passwords
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez 316710bcb1 Add acceptance tests for sharing password protected links
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez 13c84f6629 Add system to share data between acceptance test steps
The data storage (the "notebook") is shared between all the actors, so
the data can be stored and retrieved between different steps by any
actor in the same scenario.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez b0b32eff1f Fix minor code style issues (also known as nitpicking)
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-22 17:50:37 +02:00
Morris Jobke db7eedccc9
Run acceptance tests on macOS
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-21 14:11:56 -05:00
Roeland Jago Douma eaa6f766e6 Merge pull request #4208 from danxuliu/add-basic-acceptance-test-system
Add basic acceptance test system
2017-04-21 20:53:32 +02:00
Daniel Calviño Sánchez e970b5261f Make test passwords valid for the password_policy app
As requested by Morris Jobke, the passwords in the acceptance tests were
modified to make them valid both for a clean Nextcloud server and one
with the password_policy app enabled.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-21 14:47:44 +02:00
Daniel Calviño Sánchez 2f80025ec2 Move acceptance tests from build/acceptance to tests/acceptance
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-21 14:44:29 +02:00
Joas Schilling ec2f2b75be
Make sure we use a new encryption module all the time
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:48:14 +02:00
Joas Schilling 06e60f88c5
Don't assume the admin didn't configure Opcache correctly...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:17:21 +02:00
Joas Schilling b2deb6deb0
Use the correct class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:55:11 +02:00
Joas Schilling 0de5fc9020
Import some classes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:54:14 +02:00
Joas Schilling ada615eb86
Use the correct Dummy and Backend class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:48:51 +02:00
Joas Schilling 9871e4eaee
Kill dead code
> No tests found in class "Test\Share\MailNotificationsTest".

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:43:19 +02:00
Joas Schilling d2d9f74707
Fix warning with undefined method
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:37:59 +02:00
Joas Schilling a0ada9aab4
Don't use deprecated getMock() anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:30:21 +02:00
Joas Schilling 24789ba0f4
Restoring the error handler within the error handler causes unexpected results
See http://php.net/manual/en/function.restore-error-handler.php#120879
for more information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:23:34 +02:00
Joas Schilling 38c901fadf
Delete the correct config value
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:23:12 +02:00
Joas Schilling 140580f9d8 Merge pull request #4398 from nextcloud/fix_accesslistcode
Get proper accesslist for userFolder
2017-04-20 11:03:22 +02:00
Joas Schilling b469882595 Merge pull request #4212 from individual-it/master
validate file name before uploading in upload only folder
2017-04-20 10:50:56 +02:00
Roeland Jago Douma ae2db5e60d
Get proper accesslist for userFolder
If the accesslist is requested for a users root folder we should
properly construct the path

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 10:28:32 +02:00
Morris Jobke 16c4755e03
Rename renderHTML to renderHtml
* fixes #4383
* improves consistency

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-19 15:46:41 -05:00
Roeland Jago Douma ad24b86013 Merge pull request #4350 from nextcloud/adjust-old-bruteforce-protection-annotations
Adjust existing bruteforce protection code
2017-04-19 09:27:23 +02:00
Morris Jobke f1ddb939a0 Merge pull request #4371 from nextcloud/dont-allow-dot-usernames
Better validation of allowed user names
2017-04-18 20:04:32 -05:00
Morris Jobke 269600a04f Merge pull request #4369 from nextcloud/fix-translations
Fix translations
2017-04-18 18:01:50 -05:00
Joas Schilling 1c0bffe87f
Fix translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Lukas Reschke 0a54d5a5dd
Beautify test email
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 16:18:00 -05:00
Morris Jobke d379ac7545 Merge pull request #4372 from nextcloud/smtp-password
Don't put the SMTP password into the HTML code
2017-04-18 16:13:31 -05:00
Morris Jobke d2c4440ed6
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-18 15:08:38 -05:00
Lukas Reschke 805419bb95
Add bruteforce protection to changePersonalPassword
While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 17:55:51 +02:00
Artur Neumann 88f02f27a3 JS tests for upload only function
Signed-off-by: Artur Neumann <info@individual-it.net>
2017-04-18 20:43:25 +05:45
Joas Schilling fcaa315c96
Fix some more stuff
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:11:29 +02:00
Joas Schilling dfca672378
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:08:29 +02:00
Joas Schilling a3922bbcdc
Better validation of allowed user names
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 14:29:34 +02:00
Morris Jobke 10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager
Access list to share manager
2017-04-15 13:06:24 -05:00
Lukas Reschke 727688ebd9
Adjust existing bruteforce protection code
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Lukas Reschke 8149945a91
Make BruteForceProtection annotation more clever
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
Lukas Reschke 81d3732bf5 Merge pull request #4308 from nextcloud/lost-password-email
Update email template for lost password email
2017-04-13 20:02:15 +02:00
Morris Jobke d36751ee38 Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login
Fix login controller test and consolidate login
2017-04-13 12:16:38 -05:00
Joas Schilling e1d54e3b48
Add more tests for the share helper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling 7d416ac1dd
Activate the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling 629b7c0fc3
Adjust docs and make !$currentAccess simpler
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling 4eeb194ae5
Fix share manager test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling 5b57bb955b
Fix default share provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling 2fcf334c6a
Fix tests for ShareHelper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Roeland Jago Douma 4437e00f16
Add shareHelper test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma 12afd7d1d5
Add mail element to access list
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma 2cbac3357b
Offload acceslist creation to providers
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma 553b3b2928
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma 7dcc98eb20
Add owner to access list
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma d84df15590
Add getAccessList to ShareManager
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:48 +02:00
Lukas Reschke e39e6d0605
Remove expired attempts
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:18 +02:00
Lukas Reschke 31ae39c569
Add tests for multiple parameters
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:18 +02:00
Lukas Reschke a1ae5275f9
Move to dedicated MiddleWare
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Lukas Reschke 66835476b5
Add support for ratelimiting via annotations
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Lukas Reschke 01f3698175 Merge pull request #3966 from nextcloud/downstream-26570
Override config.php values through environment variables
2017-04-13 10:51:09 +02:00
Morris Jobke 7cb6038fca Merge pull request #3043 from nextcloud/issue-3038-no-logentry-on-email-login
Dont create a log entry on email login
2017-04-13 01:04:11 -05:00
Morris Jobke 1f962f9115
Update email template for lost password email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 15:19:53 -05:00
Roeland Jago Douma b3b24172e4 Merge pull request #4307 from nextcloud/sharing-emails
New emails for sharebymail
2017-04-12 21:23:11 +02:00
Morris Jobke ae4c2893a2
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 12:42:23 -05:00
Joas Schilling 1c8c62272c
Use instance name as alt-text
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 17:16:26 +02:00
Morris Jobke 050ce1d40b
Add addBodyButton to add a single button to email templates
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 17:16:26 +02:00
Roeland Jago Douma dccb8928a1 Merge pull request #4325 from nextcloud/downstream-27522
Optimize put - Dont try to fetch filecache for not existing filecache…
2017-04-12 16:04:03 +02:00
Björn Schießle b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints
Discover federatedsharing endpoints
2017-04-12 16:01:07 +02:00
Joas Schilling 30817fa319
Simplify the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 13:23:55 +02:00
Piotr M dc78f1251e
Optimize put - Dont try to fetch filecache for not existing filecache in encription 2017-04-12 12:54:20 +02:00