6c93fe08f5
dont get bruteforce delay twice
2016-08-29 13:36:49 +02:00
4d85ffc27c
Merge pull request #1054 from nextcloud/less-cache-hits
...
Reduce the number of cache operations for dav operations
2016-08-27 22:44:29 +02:00
8bf9be2167
Merge pull request #1058 from nextcloud/avatarController_cleanup
...
Avatar controller cleanup
2016-08-27 22:25:34 +02:00
89c78bbce4
Merge pull request #1031 from nextcloud/2fa-infinite-redirect-loop
...
prevent infinite redirect loops if the there is no 2fa provider to pass
2016-08-26 16:03:05 +02:00
ad4cab130e
Merge pull request #1069 from nextcloud/l10ntest_nodb
...
L10N tests do not require DB
2016-08-25 23:38:27 +02:00
c5bdb4d4e8
L10N tests do not require DB
...
* Makes CI a bit more efficient
* Cleanup getMock warning
2016-08-25 22:41:23 +02:00
04cffe6d81
CappedMemoryCacheTest does not require DB
...
Makes CI a bit more efficient
2016-08-25 22:32:39 +02:00
2f03853fb9
AvatarController cleanup
...
* Use all DI components
* Let the AppFramework resolve the AvatarController
* Update unit tests
* Unit tests no longer require DB
2016-08-25 21:39:14 +02:00
2693ae870e
cache user folders
2016-08-25 17:22:25 +02:00
a27a8d733b
Merge pull request #1024 from nextcloud/remove-password-reset-link-after-successful-login
...
Remove "password reset token" after successful login
2016-08-24 13:44:41 +02:00
6af2efb679
prevent infinite redirect loops if the there is no 2fa provider to pass
...
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
2016-08-24 10:49:23 +02:00
2f1b17d44a
Merge pull request #1007 from nextcloud/shared-storage-non-recursive
...
Fix shared storage recursive setup
2016-08-23 22:15:38 +02:00
736e884e9a
Move the reset token to core app
2016-08-23 15:01:38 +02:00
a0c2342c20
prevent infinite recursion while getting storage from mount
2016-08-23 14:52:18 +02:00
139fb8de94
Remove "password reset token" after successful login
2016-08-23 12:54:45 +02:00
3ed102497e
Merge pull request #995 from nextcloud/workflow-section
...
Workflow section + hidden empty sections
2016-08-23 11:20:43 +02:00
5cd3f4e4dc
add test
2016-08-22 16:56:00 +02:00
baa91809bd
adjust test
2016-08-22 08:29:49 +02:00
7972fa5527
enlist only registered sections that also have settings registered to
2016-08-22 08:29:49 +02:00
d50e7ee36c
Remove reading PATH_INFO from server variable
...
Having two code paths for this is unreliable and can lead to bugs. Also, in some cases Apache isn't setting the PATH_INFO variable when mod_rewrite is used.
Fixes https://github.com/nextcloud/server/issues/983
2016-08-19 14:48:13 +02:00
162b153f22
Fix loading of ThemingDefaults
2016-08-19 11:26:22 +02:00
fe80bb1aff
Merge pull request #867 from nextcloud/notification-primary-action-always-first
...
Make sure the primary action is always the first one
2016-08-17 19:31:14 +02:00
df9b509ed3
Improve regexp to detect duplicate folders when repairing unmerged shares
2016-08-17 15:31:47 +02:00
7a2d25fab4
Fix unmerged shares repair with mixed group and direct shares
...
Whenever a group share is created after a direct share, the stime order
needs to be properly considered in the repair routine, considering that
the direct user share is appended to the $subShares array and breaking
its order.
2016-08-17 15:31:36 +02:00
56b94b220d
Improve file_target finding logic when repairing unmerged shares
...
Pick the most recent subshare that has no parenthesis from duplication
which should match whichever name the user picked last. If all
subshares have duplicate parenthesis names, use the least recent group
share's target instead.
2016-08-17 15:31:35 +02:00
c5d0a056de
Merge pull request #868 from nextcloud/changepasswordcontroller
...
Make ChangePassword a real Controller
2016-08-17 11:50:41 +02:00
027069cbae
Merge pull request #846 from nextcloud/provisioning_api_ocs
...
Move Provisioning API to the AppFramework
2016-08-17 10:23:13 +02:00
789082e014
Add tests for ChangePasswordController
2016-08-17 10:21:18 +02:00
c1632c3abd
Merge pull request #893 from nextcloud/ie8_be_gone
...
IE8 be gone!
2016-08-17 09:02:58 +02:00
fd95985a21
Remove IE8 support in CertificateController
...
* Also fix getMock warnings in tests
2016-08-16 20:51:43 +02:00
4943441bde
adjust tests to latest changes
2016-08-16 18:59:45 +02:00
717e22267a
Merge branch 'master' into implement_712
2016-08-16 18:31:59 +02:00
6dc956b192
Merge pull request #886 from nextcloud/capabilities_error_proof
...
Make the capabilities manager more error proof
2016-08-16 11:40:42 +02:00
6c6338b810
Merge branch 'master' into implement_712
2016-08-15 21:55:09 +02:00
c044aa34fa
Make the capabilities manager more error proof
...
If an app registers an invalid capabilty we should not crash hard.
Instead we should catch the exception. Log it (error) and carry on.
* Added tests
2016-08-15 20:37:19 +02:00
87ac72d004
We have to mock the is_uploaded_file in the OC\Core\Controller namespace
2016-08-15 20:08:20 +02:00
09f4ce4389
Fix mock call in AvatarControllerTest
2016-08-15 20:07:07 +02:00
cf3cfca356
Use generated URL
2016-08-15 17:37:55 +02:00
910176c540
Fix CheckSetupController tests
2016-08-15 17:36:45 +02:00
d6992e3f9f
Fix template test
2016-08-15 17:19:50 +02:00
75d135d8d4
Fix tests for LoginController
2016-08-15 17:19:32 +02:00
1c7fa3333e
Add reference to current user
2016-08-15 17:15:14 +02:00
c16c411275
Add new dependency
2016-08-15 17:13:58 +02:00
65d1472005
Don't use create mock
...
Not compatible with this PHPunit version
2016-08-15 17:08:27 +02:00
166a7667d3
Use proper casing
2016-08-15 17:00:35 +02:00
7ffb7b0d84
Use MockBuilder instead of createMock
...
CI uses an older PHPUnit
2016-08-15 16:43:22 +02:00
8a7a0f3287
Add unit tests
2016-08-15 16:25:34 +02:00
3ed05f8769
Make sure the primary action is always the first one
2016-08-15 11:13:54 +02:00
a0b22227fc
Add tests
2016-08-14 18:34:01 +02:00
72b5f9bfac
Use createMock instead of deprecated getMock
2016-08-11 15:22:29 +02:00
9ca25e857c
Redirect users when already logged-in on login form
2016-08-11 15:22:29 +02:00
1f370c97ed
OCSController requires DataResponse
...
The OCS Controller requires a DataResponse object to be returned.
This means that all error handling will have to be done via exceptions
thrown and handling in the middleware.
2016-08-10 12:40:26 +02:00
9fbdb0efe8
Merge pull request #529 from nextcloud/vendor-maintenance-downgrade
...
Allow downgrades of maintenance accross vendors
2016-08-10 00:25:53 +02:00
5214b62d55
Merge pull request #691 from nextcloud/ocs_allow_all_old_routes
...
Allow ocs/v2.php/cloud/... routes
2016-08-09 20:52:49 +02:00
b53ea18ea5
Match only for actual session cookie
...
OVH has implemented load balancing in a very questionable way where the reverse proxy actually internally adds some cookies which would trigger a security exception. To work around this, this change only checks for the session cookie.
2016-08-09 19:23:08 +02:00
b4ed4e152e
Merge pull request #746 from nextcloud/jail-root
...
getJailedPath expects $path to have a trailing /
2016-08-09 11:04:11 +02:00
0032a5c2d1
Hanlde Core and Settings app in AppFramework
...
'core' and 'settings' are just apps but we treat them slightly
different. Make sure that we construct the correct namespace so we can
actually do automatic AppFramework stuff.
2016-08-08 20:48:16 +02:00
63f6d2d558
Allow ocs/v2.php/cloud/... routes
...
One of the possibilities of the old OCS API is that you can define the
url yourself.
This PR makes this possible again by adding an optional root elemenet to
the route. Routes are thus:
.../ocs/v2.php/<root>/<url>
By default <root> = apps/<app>
This will allow for example the provisioning API etc to be in
../ovs/v2/php/cloud/users
2016-08-08 15:01:26 +02:00
f37fa6e45c
Move Share backends to PSR-4 instead of using class path ( #24941 )
2016-08-05 14:13:41 +02:00
f1cd68d713
Adding test case for getPathById including a jailed cache where root is just empty
2016-08-05 14:06:05 +02:00
0c6352e095
Fix RepairUnmergedShares to not skip valid repair cases
...
The repair step was a bit overeager to skip repairing so it missed the
case where a group share exists without subshares but with an
additional direct user share.
2016-08-03 10:16:28 +02:00
67fa6bf9bc
Add repair step for unmerged shares (WIP)
2016-08-03 10:16:28 +02:00
5c718b13b8
We should properly check for 'true' instaed of the bool
2016-08-01 08:52:50 +02:00
f7f5216aa3
Dark hackery to not always disable CSRF for OCS controllers
2016-07-29 15:49:27 +02:00
54ae8eede3
Merge pull request #556 from nextcloud/nextcloud-version-check
...
Allow apps to check for a given nextcloud version
2016-07-29 09:26:25 +02:00
351cab6bce
skip shared files, if files get decrypted only for a specific user we shouldn't touch files owned by a different user.
2016-07-27 15:39:24 +02:00
8bdd0adcee
Support subdir in the OCS v2 endpoint
...
We should check against the ending substring since people could
run their nextcloud in a subfolder.
* Added test
2016-07-27 15:28:35 +02:00
9c21067c19
fix enabled apps tests
2016-07-27 08:36:03 +02:00
6482be040b
fix unit tests
2016-07-26 16:43:58 +02:00
0fcc39cd8e
Translate the server version for nextcloud
2016-07-26 14:40:18 +02:00
2f42a3fc31
Add workflowengine
2016-07-26 11:16:34 +02:00
352e24e703
Merge pull request #292 from nextcloud/recent-files
...
Add "Recent" file listing
2016-07-25 15:25:02 +01:00
4ad0c383ad
Merge pull request #523 from Faldon/master
...
Renamed file logging
2016-07-25 11:41:24 +02:00
81e103074e
use limit instead of since when listing recent files
2016-07-22 15:20:55 +02:00
a4ba3eadd0
fix test
2016-07-22 15:20:55 +02:00
5c34346479
Allow downgrades of maintenance accross vendors
2016-07-22 14:51:43 +02:00
61a1d56d27
Renamed test classes for file logging tests.
2016-07-22 14:47:50 +02:00
e321ecd592
add recent files to node api
2016-07-22 14:39:32 +02:00
72b06d250d
Add tests
2016-07-22 12:53:47 +02:00
ba3f4f118e
Changed logtype to file instead of owncloud.
...
- Updated the config sample to point to log_type='file'
- Renamed the Class for logfile logging to File in namespace 'OC\Log\'.
Changed the occurrences of 'OC\Log\Owncloud' to 'OC\Log\File'.
- Renamed the Class for log:file command to File in namespace 'OC\Core\Command\Log\File'.
Changed registration of the command to use 'OC\Core\Command\Log\File'.
- Changed default Syslog tag to Nextcloud
- Retained backwards compatibility for configs with 'logtype' => 'owncloud'
- Adjusted tests for the new file log.
Closes #490 .
2016-07-22 11:44:19 +02:00
c385423d10
Merge pull request #479 from nextcloud/add-bruteforce-throttler
...
Implement brute force protection
2016-07-21 00:31:02 +02:00
c1589f163c
Mitigate race condition
2016-07-20 23:09:27 +02:00
ba4f12baa0
Implement brute force protection
...
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.
It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
020a2a6958
Merge pull request #476 from nextcloud/port-same-site-cookies
...
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
78cad699fe
Merge pull request #475 from nextcloud/ocs-middleware
...
Add OCS Middleware
2016-07-20 21:04:25 +02:00
e08278494d
Merge pull request #471 from nextcloud/storage-fopenspecialchars
...
Added storage tests for fopen with special chars
2016-07-20 20:56:59 +02:00
5f32b57332
Add unit tests
2016-07-20 20:03:49 +02:00
a299fa38a9
[master] Port Same-Site Cookies to master
...
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
1264e9644f
Merge pull request #402 from nextcloud/smb-notifications
...
smb update notifications
2016-07-20 16:19:21 +02:00
631af42b3a
Added storage tests for fopen with special chars
...
This makes it possible to test special chars with unit tests.
There is already a test for directories but there was none for file
names.
2016-07-20 15:13:24 +02:00
0bda09236e
Add route tests
2016-07-18 11:09:49 +02:00
6f9236fb3b
Merge pull request #381 from nextcloud/postgres-setup
...
use pdo for postgres setup
2016-07-15 21:30:51 +02:00
f8167c0f9a
Merge pull request #395 from nextcloud/user-preferences-occ
...
Allow to change user preferences via occ
2016-07-15 21:26:07 +02:00
aaf2be4c3d
Use argument instead of value
2016-07-14 15:09:47 +02:00
a3fa0d00c3
Cleanup ManagerTest
...
* Fix deprecated getMock call
* No longer requires DB
2016-07-14 13:49:18 +02:00
4656b79c8e
FIx my email
2016-07-13 18:46:27 +02:00
dcacdde1ea
Add tests for set/get/delete/list
2016-07-13 18:43:57 +02:00
f574a9d44f
Make sure the exception is catched
2016-07-13 18:43:53 +02:00
01899b8cf1
Add tests for checkInput()
2016-07-13 18:43:50 +02:00
c04e7b13c3
Merge pull request #392 from nextcloud/roottest_nodb
...
RootTest does not require DB
2016-07-13 16:54:19 +02:00
Robin Appelman
Lukas Reschke
Joas Schilling
Roeland Jago Douma
Christoph Wurst
Arthur Schiwon
Julius Haertl
Roeland Jago Douma
Vincent Petry
Marius Blüm
Björn Schießle
Thomas Müller
Morris Jobke
William Bargent
Robin Appelman
Thomas Pulzer