For #14179
By default responses should have the strictest (and simplest) CSP
possible. Only template responses should require an actual CSP.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
File names are no longer shown directly in the ".filename" element, but
split in two "span" elements inside a ".filename-parts" element, so now
the texts in those span elements need to be concatenated to get the file
name.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Fixes#14793
This is caused by the mess we have with OC\Settings mapping to settings
and lib/private/Settings.
Anyway this is the quick fix. Moving stuff around for 17 seems better.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
The bundle acceptance tests fails after #14578 sometimes. This is
because of a race condition. not all apps have compatible 16 versions
yet. So trying to enable them results in those apps doing 💥.
Because of #14578 we do show them now. So we try to enable them. However
depending on which requests finishes first the disable button for the
audit app either shows up or now.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* tests/acceptance/features/login.feature:15
<details><summary>Show full log</summary>
```
Scenario: log in with valid user and invalid password once fixed by admin # /drone/src/github.com/nextcloud/server/tests/acceptance/features/login.feature:15
Given I act as John # ActorContext::iActAs()
And I can not log in with user user0 and password 654231 # LoginPageContext::iCanNotLogInWithUserAndPassword()
When I act as Jane # ActorContext::iActAs()
And I am logged in as the admin # LoginPageContext::iAmLoggedInAsTheAdmin()
And I open the User settings # SettingsMenuContext::iOpenTheUserSettings()
And I set the password for user0 to 654321 # UsersSettingsContext::iSetTheFieldForUserTo()
And I act as John # ActorContext::iActAs()
And I log in with user user0 and password 654321 # LoginPageContext::iLogInWithUserAndPassword()
Then I see that the current page is the Files app # FilesAppContext::iSeeThatTheCurrentPageIsTheFilesApp()
Failed asserting that 'http://acceptance-login/index.php/login?user=user0' starts with "http://acceptance-login/index.php/apps/files/".
```
</details>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fails with:
* tests/acceptance/features/app-files.feature:90
<details><summary>Show full log</summary>
```
Scenario: show favorites # /drone/src/github.com/nextcloud/server/tests/acceptance/features/app-files.feature:90
Given I am logged in # LoginPageContext::iAmLoggedIn()
And I mark "welcome.txt" as favorite # FileListContext::iMarkAsFavorite()
When I open the "Favorites" section # AppNavigationContext::iOpenTheSection()
Then I see that the current section is "Favorites" # AppNavigationContext::iSeeThatTheCurrentSectionIs()
Then I see that the file list contains a file named "welcome.txt" # FileListContext::iSeeThatTheFileListContainsAFileNamed()
Row for file welcome.txt in file list could not be found after 100 seconds (NoSuchElementException)
```
</details>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fails with:
* tests/acceptance/features/apps.feature:66
<details><summary>Show full log</summary>
```
Scenario: Show section from app store # /drone/src/github.com/nextcloud/server/tests/acceptance/features/apps.feature:66
Given I act as Jane # ActorContext::iActAs()
And I am logged in as the admin # LoginPageContext::iAmLoggedInAsTheAdmin()
And I open the Apps management # SettingsMenuContext::iOpenTheAppsManagement()
And I see that the current section is "Your apps" # AppNavigationContext::iSeeThatTheCurrentSectionIs()
When I open the "Files" section # AppNavigationContext::iOpenTheSection()
Files section item in App Navigation could not be found after 100 seconds (NoSuchElementException)
Then I see that there some apps listed from the app store # AppsManagementContext::iSeeThatThereSomeAppsListedFromTheAppStore()
And I see that the current section is "Files" # AppNavigationContext::iSeeThatTheCurrentSectionIs()
```
</details>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fails with:
* tests/acceptance/features/app-files-tags.feature:42
<details><summary>Show full log</summary>
```
Scenario: add tags using the dropdown in the details view # /drone/src/github.com/nextcloud/server/tests/acceptance/features/app-files-tags.feature:42
Given I am logged in as the admin # LoginPageContext::iAmLoggedInAsTheAdmin()
And I visit the settings page # SettingsMenuContext::iVisitTheSettingsPage()
And I open the "Tag management" section # AppNavigationContext::iOpenTheSection()
And I see that the button to select tags is shown # SettingsContext::iSeeThatTheButtonToSelectTagsIsShown()
And I create the tag "tag1" in the settings # SettingsContext::iCreateTheTagInTheSettings()
And I create the tag "tag2" in the settings # SettingsContext::iCreateTheTagInTheSettings()
And I create the tag "tag3" in the settings # SettingsContext::iCreateTheTagInTheSettings()
And I create the tag "tag4" in the settings # SettingsContext::iCreateTheTagInTheSettings()
And I see that the dropdown for tags in the settings eventually contains the tag "tag1" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
And I see that the dropdown for tags in the settings eventually contains the tag "tag2" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
And I see that the dropdown for tags in the settings eventually contains the tag "tag3" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
And I see that the dropdown for tags in the settings eventually contains the tag "tag4" # SettingsContext::iSeeThatTheDropdownForTagsInTheSettingsEventuallyContainsTheTag()
And I log out # SettingsMenuContext::iLogOut()
And I am logged in # LoginPageContext::iAmLoggedIn()
And I open the details view for "welcome.txt" # FileListContext::iOpenTheDetailsViewFor()
And I open the input field for tags in the details view # FilesAppContext::iOpenTheInputFieldForTagsInTheDetailsView()
When I check the tag "tag2" in the dropdown for tags in the details view # FilesAppContext::iCheckTheTagInTheDropdownForTagsInTheDetailsView()
And I check the tag "tag4" in the dropdown for tags in the details view # FilesAppContext::iCheckTheTagInTheDropdownForTagsInTheDetailsView()
Then I see that the tag "tag2" in the dropdown for tags in the details view is checked # FilesAppContext::iSeeThatTheTagInTheDropdownForTagsInTheDetailsViewIsChecked()
And I see that the tag "tag4" in the dropdown for tags in the details view is checked # FilesAppContext::iSeeThatTheTagInTheDropdownForTagsInTheDetailsViewIsChecked()
And I see that the input field for tags in the details view contains the tag "tag2" # FilesAppContext::iSeeThatTheInputFieldForTagsInTheDetailsViewContainsTheTag()
Failed asserting that false is true.
And I see that the input field for tags in the details view contains the tag "tag4" # FilesAppContext::iSeeThatTheInputFieldForTagsInTheDetailsViewContainsTheTag()
```
</details>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This adds the new login flow. The desktop client will open up a browser
and poll a returned endpoint at regular intervals to check if the flow
is done.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This can be used by pages that do not have the full Nextcloud UI.
So notifications etc do not load there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
There already is a separate event for this. This will make it possible
to only inject code with the logged in one on default rendered pages.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#13662
This will fire of an event after a Template Response has been returned.
There is an event for the generic loading and one when logged in. So
apps can chose to load only on loged in pages.
This is a more generic approach than the files app event. As some things
we might want to load on other pages as well besides the files app.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Some code cleanup
- willReturn instead of will(returnValue)
- Annotation for mocked objects
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.
The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
By requesting the plain logout url we allow it to be properly cached by
the caching router. We just add the requesttoken manually.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
If the remember_login_cookie_lifetime is set to 0 this means we do not
want to use remember me at all. In that case we should also not creatae
a remember me cookie and should create a proper temp token.
Further this specifies that is not 0 the remember me time should always
be larger than the session timeout. Because else the behavior is not
really defined.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Fixes#12224
Since we only use the middleware at 1 location it makes no sense to
register them in each and every container.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When run with php's build-in server (for instance on localhost:8080), IP provided through $this->server['REMOTE_ADDR'] is [::1], which is not an acceptable format for \inet_pton. This removes the brackets if there's any.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Fixes#7084
Now entering wrongly cased email (roeland@ instead of Roeland@) for
password reset etc. Will also work.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Admin should _not_ be able to change password when:
- if an encryption module is loaded and it uses per-user keys
- if encryption is enabled but no encryption modules are loaded
Admin should be able to change the password when:
- no encryption module is loaded and encryption is disabled
- encryption module is loaded but it doesn't require per user keys
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This prevent the object store and cache from getting out of sync
when an objectstore silently fails or the php process get's killed
during the upload without giving us the chance to cleanup
Signed-off-by: Robin Appelman <robin@icewind.nl>
If the server is too slow, changing to a different file immediately
after sending a new comment but without waiting for the comment to be
shown for the original file could cause the new comment to be shown for
the current file instead.
This is, indeed, a bug in the comments. However, it is not possible to
test it reliably in the acceptance tests, as it depends on how fast the
server adds the message and how fast the client changes to a different
file; sometimes the test would fail and sometimes it would not.
Therefore, now it is waited for the comment to be added before changing
to another file, as in this case it can be reliably tested that changing
to a different file does not cause the comments from the previous file
to be shown in the current file (this was a different bug already fixed
and due to which this test was added in the first place).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When the "Comments" tab is open the empty content element is always in
the DOM, although it is only shown once the message collection was
fetched and there were no messages. Due to this it is necessary to
explicitly wait for it to be shown instead of relying on the implicit
wait made to find the element; otherwise it would be found immediately
and if the collection was not fetched yet it would not be visible,
causing the test to fail.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Having both "FilesAppSharingContext" and "FilesSharingAppContext" was
confusing, so "FilesSharingAppContext" was renamed to a more descriptive
name.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
To reshare a file there must be at least three enabled users in the
system; although it would be possible to run the steps to create a third
user in the scenarios that need it for convenience a third enabled user
besides "admin" and "user0" was added to the default setup.
In a similar way, a new step was added too to login as a given user
name, similar to the steps to log in as "user0" and as "admin".
Finally, another actor, "Jim", was introduced for those scenarios which
should be played by three standard actors (that is, without a special
configuration like "Rubeus").
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>