Commit Graph

2614 Commits

Author SHA1 Message Date
Thomas Müller a9e5faf7d0 Merge pull request #20981 from owncloud/issue-19848-multiple-emails-for-sharelink
Allow sending a share email to multiple users
2015-12-07 15:17:19 +01:00
Joas Schilling 820c3b852d Add a unit test for single user case as well 2015-12-07 12:01:02 +01:00
Joas Schilling 5b87413792 Allow sending a share email to multiple users 2015-12-07 10:49:34 +01:00
Thomas Müller e44b164f40 Merge pull request #20569 from owncloud/issue_20427
Show external storage status in file list + prompt credentials if different
2015-12-07 10:27:35 +01:00
Thomas Müller 0c3d97921f Merge pull request #20904 from owncloud/view-mime-filter
Fix mimetype filter in getDirectoryContent
2015-12-07 10:20:43 +01:00
Roeland Jago Douma a619629ac0 Only try to load avatars in the user list if there is any 2015-12-04 14:56:49 +01:00
Thomas Müller 602b636d3e Merge pull request #20807 from owncloud/dont-append-redirect-url-if-user-is-already-logged-in
Don't append redirect URL if user is logged-in
2015-12-03 16:53:59 +01:00
Thomas Müller 0fe5506e91 Merge pull request #20921 from owncloud/last-OC_Config-removals-in-tests
Reduce OC_Config usage in tests/
2015-12-03 15:24:41 +01:00
Morris Jobke cbe6eeffa1 last change of OC_Config to the proper interface in tests/ 2015-12-03 14:03:05 +01:00
Thomas Müller 2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code
reuse code
2015-12-03 13:55:50 +01:00
Morris Jobke 542ce7dd0d Reduce OC_Config usage in tests/ 2015-12-03 13:48:19 +01:00
Robin Appelman 19b2fe6a3a Fix mimetype filter in getDirectoryContent 2015-12-03 13:09:13 +01:00
Jesus Macias Portela dcfbbe4737 Merge branch 'master' into issue_20427 2015-12-03 12:35:49 +01:00
Morris Jobke e9c8f82fc5 Replace OC_Config in tests with IConfig calls 2015-12-03 09:38:41 +01:00
Thomas Müller c6bda8d6ca Merge pull request #20902 from owncloud/drop-OC_Config-from-tests
Replace OC_Config in tests with IConfig calls
2015-12-03 09:30:47 +01:00
Thomas Müller e7239b6553 Merge pull request #20872 from owncloud/systemtags-better-not-found-exception
Systemtags better not found exception
2015-12-03 09:26:05 +01:00
Thomas Müller a5c80ba8bc Merge pull request #20894 from owncloud/post-delete-meta-view
Also add metadata for postDelete hooks triggered from the view
2015-12-03 09:24:54 +01:00
Morris Jobke d331e0d4f8 Replace OC_Config in tests with IConfig calls 2015-12-02 23:14:52 +01:00
Thomas Müller dcc7ff09ba Adding unit test for MailNotifications::sendInternalShareMail() 2015-12-02 21:42:14 +01:00
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Thomas Müller df5872ec50 Merge pull request #20719 from owncloud/adding-system-addressbook-of-users
Adding system addressbook for users of this instance - a occ command …
2015-12-02 16:17:58 +01:00
Thomas Müller 28ceab2f61 Fix endless recursion 2015-12-02 14:44:41 +01:00
Morris Jobke 0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Robin Appelman 0062888aaf Also add metadata for postDelete hooks triggered from the view 2015-12-02 13:51:26 +01:00
Thomas Müller 8d218bf3ef Merge pull request #20875 from owncloud/remove-changepropagator
remove old propagation logic
2015-12-02 13:03:31 +01:00
Thomas Müller c46ea30248 Merge pull request #20865 from owncloud/post-delete-meta
Add metadata to post delete hooks
2015-12-02 10:12:54 +01:00
Thomas Müller 0391cc0451 Fix getCloudId 2015-12-02 09:14:41 +01:00
Thomas Müller fe67db1ad0 Adding unit test for User::getCloudId() 2015-12-02 09:14:41 +01:00
Thomas Müller df6fc6cc70 Add the user's cloud id to the vCard 2015-12-02 09:14:41 +01:00
Thomas Müller dad6470baa Add IUser::getAvatarImage() for easy access 2015-12-02 09:14:41 +01:00
Roeland Jago Douma b00db2c933 DI in avatar code
* DI in avatar code
* Use the node API
* More unit tests
* Unit tests no longer require DB
2015-12-01 22:15:43 +01:00
Robin Appelman 62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Joas Schilling 08d07cc4db Fix the unit test by running tearDown() and cleaning tags before the test 2015-12-01 15:00:44 +01:00
Joas Schilling 1d0c041ac8 Add a method to get the list of tags from the TagNotFound Exception 2015-12-01 14:54:34 +01:00
Robin Appelman 0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller 08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Joas Schilling b8b0ae0944 Fix phpstorm complains in tests 2015-11-30 13:36:22 +01:00
Thomas Müller b94aadc440 Cleanup imports and type hinting 2015-11-30 12:45:30 +01:00
Lukas Reschke f4eb15d340 Show error template
Otherwise this leads to an endless redirection in case of a CSRF exception. Also sets user expectation right.
2015-11-30 11:25:52 +01:00
Thomas Müller dddfa6de78 Don't break app on travis 2015-11-30 10:55:13 +01:00
Thomas Müller 318e5e2864 More group DB 2015-11-30 10:55:13 +01:00
Thomas Müller f9fc254672 Add DB group to some files_external tests
Adding group Db to federation tests and ldap tests

Add group DB to Test_UrlGenerator

Adding group DB to trashbin and versions tests

Adding group DB to Test_Util_CheckServer for pg
2015-11-30 10:55:10 +01:00
Thomas Müller 757aa45db7 Adding more DB groups to test suits
Adding more DB groups to test suits
2015-11-30 10:55:06 +01:00
Thomas Müller 56170dd825 Further unit test suite tweats 2015-11-30 10:55:05 +01:00
Thomas Müller 1480964768 Adding more test suites to group DB 2015-11-30 10:55:05 +01:00
Thomas Müller 7e71d8231e Mock DIContainer to not hit the database 2015-11-30 10:55:05 +01:00
Thomas Müller 3bb6dcea64 Apply DB group annotation ... 2015-11-30 10:55:05 +01:00
Thomas Müller 03ee3b9aec A TestCase which is not annotated to be in group DB will not allow access to the database connection.
This is necessary to categorize unit test and avoid duplicate test case execution - it also allows us to closely review unit test implementations to identify unnecessary db calls.
2015-11-30 10:55:05 +01:00