Roeland Jago Douma
ee3dc57cbd
Merge pull request #26626 from J0WI/strict-security
...
Make Security module strict
2021-05-18 08:43:13 +02:00
blizzz
0ab5b3e265
Merge pull request #26679 from nextcloud/bugfix/noid/fix-unauthorized-ocs-status-in-provisioning
...
Fix unauthorized OCS status in provisioning
2021-05-13 23:39:20 +02:00
Joas Schilling
b6c6527705
Fix unauthorized OCS status in provisioning
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-05-12 08:16:07 +02:00
Arthur Schiwon
8413ed9475
allow to set valid scopes only in AccountProperty
...
the auto-fallback to v2-local is removed as well to react on wrong input
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-05-12 01:31:15 +02:00
Christoph Wurst
99f0b10421
Merge pull request #26591 from nextcloud/techdebt/noid/less-ilogger
...
Less ILogger
2021-04-27 15:38:12 +02:00
Joas Schilling
48c50277a9
Merge pull request #26718 from nextcloud/bugfix/noid/fix-ratelimit-template
...
Fix ratelimit template
2021-04-27 15:18:02 +02:00
Joas Schilling
c52a026f55
Merge pull request #26572 from nextcloud/bugfix/noid/throw-401-when-authentication-is-provided-and-invalid
...
Throw "401 Unauthenticated" when authentication is provided but invalid
2021-04-27 14:37:28 +02:00
Joas Schilling
df47445c01
Fix unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-27 14:34:32 +02:00
Joas Schilling
174f4dd043
Fix ratelimit template
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-27 13:55:34 +02:00
Joas Schilling
aa651fd629
Merge pull request #26259 from nextcloud/feature/noid/validate-website-to-be-valid
...
Validate the website field input to be a valid URL
2021-04-26 13:56:01 +02:00
Morris Jobke
012f791c8f
Merge pull request #26375 from nextcloud/techdebt/noid/symfony-component-translation-pluralization-rules-is-deprecated
...
"Symfony\Component\Translation\PluralizationRules" is deprecated
2021-04-22 21:20:16 +02:00
Joas Schilling
d80cc76ee7
Validate the website field input to be a valid URL
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-22 16:34:13 +02:00
Joas Schilling
4ed296db9f
Fix Authentication test
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-22 15:36:34 +02:00
Robin Appelman
effb7dc8ba
set mimetype for objects uploaded to object storages
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-04-21 15:25:58 +02:00
Joas Schilling
2a11713337
Update CredentialsManagerTest.php
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-21 08:33:10 +02:00
Morris Jobke
9e8690d912
Merge pull request #26654 from nextcloud/bugfix/noid/fix-security-credentials-manager-test
...
Fix security credentials manager test
2021-04-20 22:03:52 +02:00
Roeland Jago Douma
5ee9e1f784
Move 2FA registration to IBootstrap
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-20 21:01:16 +02:00
Joas Schilling
7f70f3e182
Fix support tests
...
2) Test\Support\Subscription\RegistryTest::testDelegateIsHardUserLimitReachedWithoutSupportAppAndUserCount with data set #0 (35, 15, 2, false)
Cannot stub or mock class or interface "Test\Support\Subscription\UserInterface" which does not exist
3) Test\Support\Subscription\RegistryTest::testDelegateIsHardUserLimitReachedWithoutSupportAppAndUserCount with data set #1 (35, 45, 15, false)
Cannot stub or mock class or interface "Test\Support\Subscription\UserInterface" which does not exist
4) Test\Support\Subscription\RegistryTest::testDelegateIsHardUserLimitReachedWithoutSupportAppAndUserCount with data set #2 (35, 45, 5, true)
Cannot stub or mock class or interface "Test\Support\Subscription\UserInterface" which does not exist
5) Test\Support\Subscription\RegistryTest::testDelegateIsHardUserLimitReachedWithoutSupportAppAndUserCount with data set #3 (35, 45, 55, false)
Cannot stub or mock class or interface "Test\Support\Subscription\UserInterface" which does not exist
Had to use the Database user backend, as using multiple interfaces is deprecated:
https://github.com/sebastianbergmann/phpunit/issues/3955
> This functionality should be deprecated as "having to use it" is almost always a symptom of bad design.
> More importantly, though, the support for the creation of test doubles that implement multiple interfaces
> resulted in code that is hard to maintain.
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-20 17:36:15 +02:00
Joas Schilling
c6978bac80
Fix security credentials manager test
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-20 17:04:24 +02:00
Joas Schilling
79ebc7f24c
Fix test by defining plurals
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-20 16:43:43 +02:00
Joas Schilling
5a514a9a41
Correctly replace all PHP placeholders with the parameters
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-20 16:42:05 +02:00
blizzz
92ca49d21d
save a whitespace today
...
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-04-20 14:03:01 +02:00
Arthur Schiwon
f8d1ee5cfa
ignore mail shares of related remote share results
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-04-20 14:02:35 +02:00
J0WI
ca7b37ce5a
Make Security module strict
...
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
2021-04-19 17:31:12 +02:00
Joas Schilling
751be29c73
Merge pull request #26555 from nextcloud/techdebt/noid/run-migrator-tests-on-OCI
...
Run migrator tests on OCI
2021-04-19 08:57:41 +02:00
Roeland Jago Douma
808e589035
Allow registering NotifierServices trough IBootstrap
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-16 13:56:28 +02:00
Joas Schilling
1670d00452
Integer 0 is not stored as Null and therefor works
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-16 09:57:27 +02:00
Joas Schilling
8b4ecdcc88
Test that oracle throws on EmptyValues in a NotNull columns
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-16 09:57:27 +02:00
Joas Schilling
e88bad4b0a
Run migrator tests on OCI
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-04-16 09:57:27 +02:00
Roeland Jago Douma
b5ffca00f7
Fix unit test
...
* Fix namespace
* Fix test
Was broken after https://github.com/nextcloud/server/pull/26529
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-04-16 09:47:52 +02:00
Vincent Petry
af61486aea
Separate settings for remote share expiration
...
Added separate settings for default and enforced expiration date for
remote shares.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-04-15 10:06:09 +02:00
Roeland Jago Douma
789bb0d0ac
Merge pull request #26266 from nextcloud/future-proof-networking
...
Improve networking checks
2021-04-12 12:42:33 +02:00
Lukas Reschke
e5a4236e68
Increase subnet matcher
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-04-07 12:28:59 +00:00
Lukas Reschke
4b4971ab52
Merge pull request #24966 from nextcloud/jknockaert-patch-1
...
avoid fread on directories and unencrypted files
2021-04-06 13:45:10 +02:00
Lukas Reschke
9dab851931
Adjust test
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-04-06 11:37:47 +00:00
Lukas Reschke
5f3abffe6f
Improve networking checks
...
Whilst we currently state that SSRF is generally outside of our threat model, this is something where we should invest to improve this.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2021-04-06 11:37:47 +00:00
Morris Jobke
5fb909faa5
Merge pull request #24055 from nextcloud/bugfix/noid/enfore-no-notnull-for-boolean-to-store-false
...
Enforce no notnull for boolean to store false
2021-04-01 18:30:26 +02:00
Julius Härtl
37591f05dc
Get the parent directory before creating a file from a template
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2021-04-01 13:48:21 +02:00
Joas Schilling
f9d4fa2d38
Rename the method to match what it does
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-03-31 10:21:18 +02:00
Joas Schilling
3696ef5b96
Don't allow Notnull for boolean columns
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-03-31 10:21:17 +02:00
kesselb
2212a67fbc
Merge pull request #25961 from nextcloud/enh/events/2fa_provider
...
Add real events for enabled 2fa providers for users
2021-03-30 23:13:36 +02:00
Roeland Jago Douma
f3738eeff7
Merge pull request #25280 from nextcloud/explicit-file-permissions
...
Set umask before operations that create local files
2021-03-30 21:55:50 +02:00
Arthur Schiwon
be3ae9a44b
gracefully handle deleteFromSelf when share is already gone
...
- handling race conditions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2021-03-30 12:59:40 +02:00
Joas Schilling
8d3fdf24c8
Merge pull request #26353 from nextcloud/techdebt/noid/make-testcase-class-compatible-with-phpunit-9.5
...
Make Testcase class compatible with phpunit-9.5
2021-03-29 10:47:37 +02:00
Joas Schilling
cd35a5c71d
Make Testcase class compatible with phpunit-9.5
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-03-29 09:43:08 +02:00
Vincent Petry
cc54f718f5
Add known user check in avatar when v2-private scope
...
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:10 +01:00
Vincent Petry
bb008be28a
Added PlaceholderAvatar with own cached images
...
When avatar scope is private, the PlaceholderAvatar is used to deliver a
placeholder avatar based on the user's initials.
This was implemented as a separate class for now to avoid messing with
the existing UserAvatar implementation and its generated vs
non-generated logic.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:09 +01:00
Vincent Petry
b73df5846c
Add property scope tests for AccountManager
...
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:09 +01:00
Vincent Petry
278a73789e
Map old account scope properties to new names
...
Use new scope values in settings page.
Adjust all consumers to use the new constants.
Map old scope values to new ones in account property getter.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:08 +01:00
Vincent Petry
b81a1c1bdb
Add new v2-private account scope
...
Added new v2-private account manager scope that restricts the scope
further by excluding public link access.
Avatars with v2-private account scope are now showing the guest avatar
instead of the real avatar.
Signed-off-by: Vincent Petry <vincent@nextcloud.com>
2021-03-26 13:07:05 +01:00