* Avatar image was not vertcially aligned
* The caret was below the avatar
* The surrounding <div> exceeded the title bar
Signed-off-by: Michael Letzgus <michaelletzgus@users.noreply.github.com>
cleanup files, address review
Fix CleanupRemoteStoragesTest tests
Fix test expectation.
Added files count to check filecache deletion.
Sort by numeric id for deterministic test results
Removed precise order test and added storage check
Remove inaccurate removal message check which has a different order on
Oracle.
Added more checks to confirm that existing storages still exist.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fixed failing test which was ignoring a required (not null) column
* restored test to original, catching DriverException which also catches ConstraintViolationException
* catch ConstraintViolationException again
* removed unnecessary field from this test
* clobfield should be nullable
* clobfield now is nullable
* removed autoincrement since whenever this strategy is enabled, oracle would not throw constraint violation exceptions (needed for setValues), which mysql still does
* this field does not auto increment anymore
* mark integerfield as primary, since it is not getting marked as such through auto increment anymore,
integerfield default always has been 0 instead of null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Usually Backbone collections cannot be created and just simply exists.
But in the Webdav world they need to be creatable.
This enhancement makes it possible to use a Backbone Model to represent
such collections and when creating it, it will use MKCOL instead of PUT.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Whenever a user was deleted for encryption where the keys are stored in
the home, we can ignore user existence exceptions because it means the
keys are already gone.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
The background job that scans storages must skip failed storages to
avoid potential exceptions, especially when the failed storage comes
from a shared storage where the source is not accessible.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Many API callers will call unlink even for directories and it can mess
up with some wrappers like the encryption wrapper
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.
This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
The constructor is iniitiated already very early in base.php, thus requiring this here will break the setup and some more. For now we probably have to live with a static function call here thus.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>