Commit Graph

4949 Commits

Author SHA1 Message Date
Christoph Wurst 83e994c11f
Make it possible to enforce mandatory 2FA for groups
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-15 08:22:52 +02:00
Roeland Jago Douma 5b61ef9213
Disallow unsafe-eval by default
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-14 20:45:34 +02:00
Evgeny Golyshev ec2f02f4a0 Check if TTY is invalid in encryption:encrypt-all and encryption:decrypt-all
Signed-off-by: Evgeny Golyshev <eugulixes@gmail.com>
2018-10-14 15:06:14 +03:00
Bjoern Schiessle 1b0b159685
add more tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-12 16:11:48 +02:00
Joas Schilling 16817f3743
Make activity events strict
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-10-12 12:12:12 +02:00
Roeland Jago Douma 2a690db553
Merge pull request #11675 from nextcloud/feature/enforce-2fa-admin-settings
Add admin interface to enforce 2FA
2018-10-10 20:40:30 +02:00
Bjoern Schiessle fd5fc24da2
some small fixes and improvements
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-10 16:07:01 +02:00
Christoph Wurst 67c3730fbb
Add admin interface to enforce 2FA
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-10 14:34:52 +02:00
Roeland Jago Douma d5bf2c4523
Move normalizePath to regexes instead of looping
This is IMO a bit more readable and it seems to make the code faster.
Tested it on the company instance where there are over 3k calls to this
function. It shaves off around 10ms.

The advantage here is that the pattern gets optimized by php itsel and
cached.
Also looking for all patterns at the same time and especially no longer
looping for /./ patterns should save time.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-10 13:23:59 +02:00
Maxence Lange 6642efa7f4 adding .well-known/webfinger
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
2018-10-10 13:01:23 +02:00
Bjoern Schiessle 9e76d4049a
adjust tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-10-09 18:31:33 +02:00
Roeland Jago Douma c97b4274cc
Add function to generate urls for OCS routes
fixes #11617

The OCS routes are only absolute for now as they are often exposed to
the outside anyway and are on a different endpoint than index.php in
anyway.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:41:50 +02:00
Roeland Jago Douma 8493f49211
fixup! fixup! Add backgroundjobs to OCP
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-09 15:25:56 +02:00
Christoph Wurst 3f2cd13beb
Remove HHVM check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-09 10:12:15 +02:00
Morris Jobke db345e4c6d
Deprecate unused, private OC_Helper::linkToPublic
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-08 18:29:52 +02:00
Morris Jobke fe2a600823
Merge pull request #10839 from nextcloud/bugfix/10212/use_class_implementation
adjust Calendar resource / room interfaces to use class implementation
2018-10-08 17:00:50 +02:00
Morris Jobke bae3ba3b25
Merge pull request #11671 from nextcloud/refactor/rename-admin-security-section
Rename admin security section
2018-10-08 13:57:38 +02:00
Christoph Wurst b1b43aa7bc
Fix reference to template in tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 11:27:22 +02:00
Morris Jobke 7971ba5cc6
Merge pull request #10898 from nextcloud/feature/10684/default-logo-color-theme-colors
Switches the default logo color depending on the primary color
2018-10-08 10:33:22 +02:00
Christoph Wurst 5d2fdfe0b5
Rename admin security section
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-08 10:31:51 +02:00
Georg Ehrke 970242b6ca
RoomManager/ResourceManager: Inject IServerContainer instead of using OC Server
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:50:17 +02:00
Georg Ehrke 1c6f666bbf
adjust Calendar resource / room interfaces to use class implementation
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2018-10-08 01:25:20 +02:00
Roeland Jago Douma 60a34179c9
Remove deprecated publishActivity function
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-05 12:55:45 +02:00
Roeland Jago Douma b574d1c814
Move files_versions to compiled handlebars templates
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-04 09:53:45 +02:00
Roeland Jago Douma d281f2625d
Move Comments to compiled handlebars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-04 09:53:44 +02:00
Roeland Jago Douma 78273cb1e6
Add an endppoint for clients to request an app password
Now that we allow enforcing 2 factor auth it make sense if we also allow
and endpoint where the clients can in the background fetch an
apppassword if they were configured before the login flow was present.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-03 19:05:20 +02:00
Morris Jobke 8ede3f6346
Merge pull request #11446 from nextcloud/bugfix/10678/pretty-urls-dont-work
Allow overwrite.cli.url without trailing slash
2018-10-02 23:39:30 +02:00
Morris Jobke 6b730b4c47
Merge pull request #11390 from nextcloud/feature/11043/apptoken_v3
Apptoken v3: imrpove token handling on external password change
2018-10-02 21:45:10 +02:00
Roeland Jago Douma 19f84f7b54
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma 00e99af586
Mark token as invalid if the password doesn't match
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:44 +02:00
Morris Jobke 7005ff420e
Fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-02 18:37:57 +02:00
Michael Weimann a45ec3d324
Refactors the scss svg functions
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:55 +02:00
Michael Weimann d855c38e07
Moves the logo files to logo
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-10-02 08:37:54 +02:00
Morris Jobke 6080d9d80a
Merge pull request #11462 from nextcloud/feature/11380/2fa_backup_code_generation
Add notification to generate 2FA backup codes
2018-10-01 18:13:23 +02:00
Roeland Jago Douma 956fe1b867
Generate backups code notification if not enable but 2fa is
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.

* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:25 +02:00
Morris Jobke 5394d4400f
Merge pull request #11501 from nextcloud/coverage_no_composer
Do not cover composer folders for code coverage
2018-10-01 14:53:44 +02:00
Roeland Jago Douma 2c8cd69b6f
Do not cover composer folders for code coverage
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 11:47:11 +02:00
Jan-Christoph Borchardt 9b8e884b19
Change wording of 'Copy URL' to more understandable 'Copy link'
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2018-10-01 11:02:12 +02:00
Daniel Kesselberg 9dae927b0c Add more test cases
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-30 12:24:38 +02:00
Christoph Wurst 259c0ce11d
Add mandatory 2FA service/class
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-30 11:47:29 +02:00
Daniel Kesselberg c275beeceb
Allow url without / for overwrite.cli.url
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-28 22:32:19 +02:00
John Molakvoæ (skjnldsv) f5f31e221c
Fix class selector for acceptance tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2018-09-28 08:20:10 +02:00
Christoph Wurst f71ffc73db
Remove unused constructor argument
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Christoph Wurst 0259792614
Reduce settings manager complexity by loading sections via DI
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-27 09:44:21 +02:00
Roeland Jago Douma 1fecea6c08
Also test enabling of the Antivirus App for files
Since there is no calendar release for 15 yet we should use an app that
we can quickly release for 15 as well.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-09-26 22:05:42 +02:00
blizzz ff55bcdad5
Merge pull request #11150 from nextcloud/feature/noid/unit-test-find-webroot
Extract logic for webroot into method and add test
2018-09-26 15:22:30 +02:00
Morris Jobke ee73f6c416
Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php
Consider openssl settings from config.php
2018-09-25 18:04:20 +02:00
Christoph Wurst 7586b19e52
Only allow 2FA state changs if providers support the operation
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-25 09:54:20 +02:00
Daniel Kesselberg 2440ee6b84
Add simple unit test for findLanguageFromLocale
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-23 20:12:00 +02:00
Daniel Calviño Sánchez bc84aa0269 Include empty directories in the default state of acceptance tests
Before each scenario of the acceptance tests is run the Nextcloud server
is reset to a default state. To do this the full directory of the
Nextcloud server is commited to a local Git repository and then reset to
that commit when needed.

Unfortunately, Git does not support including empty directories in a
commit. Due to this, when the default state was restored, it could
happen that the file cache listed an empty directory that did not exist
because it was not properly restored (for example,
"data/appdata_*/css/icons"), and that in turn could lead to an error
when the directory was used.

Currently the only way to force Git to include an empty directory is to
add a dummy file to the directory (so it will no longer be empty,
but that should not be a problem in the affected directories, even if
the dummy file is not included in the file cache); although Git FAQ
suggests using a ".gitignore" file a ".keep" file was used instead, as
it conveys better its purpose.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-09-18 10:23:35 +02:00
Daniel Kesselberg 6bdcec67ab
Add openssl to mock
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 12:38:08 +02:00
Daniel Kesselberg 3b7ac0c94d
Change visibility to private
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-13 12:24:06 +02:00
blizzz ef97ef72f6
Merge pull request #10743 from danielkesselberg/bugfix/noid/allow-password-reset-for-duplicate-email
Enable password reset for user with same email address when only one is active
2018-09-13 10:48:30 +02:00
Joas Schilling a1c969a170
Merge pull request #10840 from webfoersterei/refactor/5530-urandom-check
Refactor secure randomness check
2018-09-13 09:29:42 +02:00
Daniel Kesselberg fabd3e7ba1
Restore previous state for OC::$CLI
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-11 17:22:10 +02:00
Daniel Kesselberg 603a578a1c
Change return false to throw new
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:45:40 +02:00
Daniel Kesselberg 62c03beb1d
Extract logic for webroot into method and add test
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-10 22:33:35 +02:00
Christoph Wurst ff58732c0d
Add breadcrumb support to crash reporters
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-09-05 20:58:39 +02:00
Morris Jobke cf3f4888cc
Change password expiration time from 12h to 7d
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-31 13:31:03 +02:00
sualko 61370549f3 Allow same section class for multiple section types (fix #10764)
Signed-off-by: Klaus Herberth <klaus@jsxc.org>
2018-08-25 17:32:19 +02:00
Timo Förster 006e150c87 Change check if secure randomness is possible.
Signed-off-by: Timo Förster <tfoerster@webfoersterei.de>
2018-08-24 23:12:02 +02:00
Denis Mosolov a0b84bc0fc
Merge pull request #10334 from denismosolov/group-add
Add options to create/remove groups via occ
2018-08-24 13:46:16 +03:00
Morris Jobke bb2336f389
Merge pull request #10526 from steiny2k/HEICHEIF
Support HEIC for previews
2018-08-22 13:41:19 +02:00
Michael Weimann 2bab916c53
Adds license to files. Updates the branch.
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 20:46:23 +02:00
Morris Jobke 37869d9b2f
Merge pull request #10628 from nextcloud/feature/10154/app-directory-permission-check
Adds a permission check for app directories
2018-08-20 17:08:18 +02:00
Michael Weimann 7aed47f776
Adds tests for the memory checks
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
Michael Weimann 1d2bc9c45e
Adds tests for the setup memory limit checks
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-20 15:24:10 +02:00
blizzz 4b92a0986c
Merge pull request #10712 from nextcloud/fix/noid/check_if_provider_is_available_before_use
Check if a preview provider is available before using it
2018-08-20 13:21:16 +02:00
Daniel Kesselberg 031fdfb1fc
Enable password reset for user with same email address when only one is active
When two or more user share the same email address its not possible to
reset password by email. Even when only one account is active.

This pr reduce list of users returned by getByEmail by disabled users.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-19 16:32:46 +02:00
Roeland Jago Douma 5b103744c8
Check if a preview provider is available before using it
Else if a preview provider is registerd but not available (for example
missing support in some external lib). It will do 💥. This way the
providers can at least do the sanity checks required.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-17 20:51:35 +02:00
Sebastian Steinmetz 5a996b5f87 Address comments from @rullzer:
- implement isAvailable
 - run tests only if ImageMagick with HEIC support is available in the
   environment

Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-17 18:37:23 +02:00
Bjoern Schiessle 325e8bea16
add deck and mail to the groupware bundle, remove talk
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-17 13:27:48 +02:00
Denis Mosolov 0b18e2c75d Add an options to create and remove groups via occ
Signed-off-by: Denis Mosolov <denismosolov@gmail.com>
2018-08-16 10:31:20 +03:00
Bjoern Schiessle 3c5fb2b52b
update unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2018-08-15 15:08:36 +02:00
Michael Weimann 55cf7c35e1
Adds an acceptance test for the users settings navigation without disabled users
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-14 22:28:11 +02:00
blizzz 8601bbc35d
Merge pull request #10621 from nextcloud/feature/noid/add-tos-to-enterprise-bundle
Add the ToS app to the enterprise bundle
2018-08-13 15:47:15 +02:00
Daniel Kesselberg bfa49410a2
Drop support for xcache
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-08-12 17:14:08 +02:00
Sebastian Steinmetz 8a7bc3fb03 Testcase for HEIC image (similar to the ImageTest)
Signed-off-by: Sebastian Steinmetz <me@sebastiansteinmetz.ch>
2018-08-11 01:22:57 +02:00
Roeland Jago Douma 7aad5b7721
Merge pull request #10543 from nextcloud/ignore-deactivated-users
Do not show deactivated users in sharees and contacts
2018-08-10 15:01:14 +02:00
Christoph Wurst 5c70aa2a22
Remove unused import
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-10 09:30:17 +02:00
Christoph Wurst 1124b87bc0
Fix 2FA being enforced if only backup codes provider is active
Fixes https://github.com/nextcloud/server/issues/10634.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-10 09:26:40 +02:00
Michael Weimann 3f790bb85b
Excludes not writable app roots from the directory permission check
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-09 19:49:01 +02:00
Michael Weimann 0017cbe18a
Adds a test for the app directory permission check.
Signed-off-by: Michael Weimann <mail@michael-weimann.eu>
2018-08-09 19:48:19 +02:00
Roeland Jago Douma 8c1e75e052
Do not use file as template parameter
Using file will overwrite the $file parameter in the template base.
Leading to trying to include a file that is the exception message. Which
will of course fail.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-09 16:45:25 +02:00
Joas Schilling e1d3965883
Add the ToS app to the enterprise bundle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-08-09 16:12:48 +02:00
Christoph Wurst 8db66d5dfb
Fix double-inserts of the same provider state
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 13:56:04 +02:00
Christoph Wurst 85bc5edb5e
Add integration/unit test for the double-insert of same values
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-09 13:43:00 +02:00
Roeland Jago Douma 0757c52980
Merge pull request #10588 from nextcloud/fix/single-2fa-provider-login-redirect
Fix login redirection if only one 2FA provider is active
2018-08-09 12:27:29 +02:00
Björn Schießle 6aa6d2186c
Merge pull request #10255 from nextcloud/add-support-for-room-shares
Add support for room shares
2018-08-09 10:44:11 +02:00
Christoph Wurst d8197f2b97
Rename providerset method to get primary providers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 20:28:21 +02:00
Björn Schießle 11e99859ef
Merge pull request #10397 from nextcloud/encryption-s3-fix
make file cache updates more robust
2018-08-08 18:27:18 +02:00
Christoph Wurst c6e47e8a51
Fix login redirection if only one 2FA provider is active
Fixes https://github.com/nextcloud/server/issues/10500.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 15:25:59 +02:00
Daniel Calviño Sánchez 4b7fa4ac2e Add support for tokens in room shares
Tokens will be used to give access to a share to guests in public rooms.
Although the token itself is created in the provider of room shares and
no changes are needed for that, due to the code structure it is
necessary to explicitly call the provider from the manager when getting
a room share by token.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2018-08-08 14:25:44 +02:00
Roeland Jago Douma 6b1ba9cdaf
Merge pull request #10553 from nextcloud/bugfix/10518/disable-oracle-enforcement-for-now
Disable Oracle enforcement for now until the following issues are sol…
2018-08-08 14:10:18 +02:00
Roeland Jago Douma fe286e21ca
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-08-08 12:58:50 +02:00
Christoph Wurst d248a0bd1e
Fix 2FA provider registry population on login
If the 2FA provider registry has not been populated yet, we have to make
sure all available providers are loaded and queried on login. Otherwise
previously active 2FA providers aren't detected as enabled.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-08 06:57:52 +02:00
Thomas Citharel 03f1fef160 Ignore deactivated users in collaborators user search plugin
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2018-08-06 09:55:24 +02:00
Julius Härtl 1b4d502bfd
Adjust acceptance test to check if the correct sidebar view is shown
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-08-03 14:06:04 +02:00
Roeland Jago Douma 01298cfa72
Merge pull request #10480 from nextcloud/bugfix/10420/settings
Settings design polishing
2018-08-02 20:23:21 +02:00
Julius Härtl 0dd519cff1
Fix encryption admin section tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-08-02 10:26:09 +02:00