Commit Graph

2680 Commits

Author SHA1 Message Date
Thomas Müller bb02488cc2 remove deprecated strict setting 2015-12-09 12:10:12 +01:00
Thomas Müller 5c95939bf3 Merge pull request #21061 from owncloud/fix-oracle-last-insert-id-test
Fix the last insert id test by changing to an autoincremen…
2015-12-09 11:53:43 +01:00
Thomas Müller bc744ff6de Merge pull request #21038 from owncloud/share-computesharepermissions-notstore
Fix (re)share permission checks in a few code paths
2015-12-09 10:04:56 +01:00
Joas Schilling 5c0be3b565 Fix the last insert id test by changing to an autoincrement table 2015-12-09 09:51:33 +01:00
Vincent Petry 28e9bc1156 Fix more unit tests to pass a mock storage instead of null to FileInfo 2015-12-08 16:33:39 +01:00
Thomas Müller 45fe8271ab Merge pull request #21030 from owncloud/querybuilder-new-features
Querybuilder new features
2015-12-08 13:51:45 +01:00
Thomas Müller 85409b6701 Merge pull request #20786 from owncloud/systemtags-dav
DAV endpoint for system tags
2015-12-08 13:51:25 +01:00
Joas Schilling 9f98849306 Add a method to the get "to use" table and column name 2015-12-08 11:04:28 +01:00
Thomas Müller fe8dc0bd5e Merge pull request #21022 from owncloud/get-rid-of-by-reference
Get rid of by reference
2015-12-08 11:04:25 +01:00
Joas Schilling a3391248e4 Add select distinct to the query builder 2015-12-08 09:49:21 +01:00
Joas Schilling f2c7acb3c0 Allow getting the last insert id without much hassle 2015-12-08 09:40:20 +01:00
Lukas Reschke 6d3eb7673d Add unit test for nested arrays 2015-12-08 09:07:38 +01:00
Lukas Reschke 8289943a0f Do not trust casting 2015-12-08 08:50:00 +01:00
Lukas Reschke 0a89073c47 Run .htaccess updates in any case
This is the same what we also do in updater.php and thus this aligns the code. Makes the code paths more consistent.
2015-12-08 08:16:24 +01:00
Scrutinizer Auto-Fixer 453e1bf66e Scrutinizer Auto-Fixes
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-12-07 15:43:36 +00:00
Thomas Müller a9e5faf7d0 Merge pull request #20981 from owncloud/issue-19848-multiple-emails-for-sharelink
Allow sending a share email to multiple users
2015-12-07 15:17:19 +01:00
Joas Schilling 820c3b852d Add a unit test for single user case as well 2015-12-07 12:01:02 +01:00
Joas Schilling 5b87413792 Allow sending a share email to multiple users 2015-12-07 10:49:34 +01:00
Thomas Müller e44b164f40 Merge pull request #20569 from owncloud/issue_20427
Show external storage status in file list + prompt credentials if different
2015-12-07 10:27:35 +01:00
Thomas Müller 0c3d97921f Merge pull request #20904 from owncloud/view-mime-filter
Fix mimetype filter in getDirectoryContent
2015-12-07 10:20:43 +01:00
Vincent Petry 316b907a13 Fixed system tags DAV and API and docs 2015-12-04 17:30:50 +01:00
Roeland Jago Douma a619629ac0 Only try to load avatars in the user list if there is any 2015-12-04 14:56:49 +01:00
Thomas Müller 602b636d3e Merge pull request #20807 from owncloud/dont-append-redirect-url-if-user-is-already-logged-in
Don't append redirect URL if user is logged-in
2015-12-03 16:53:59 +01:00
Thomas Müller 0fe5506e91 Merge pull request #20921 from owncloud/last-OC_Config-removals-in-tests
Reduce OC_Config usage in tests/
2015-12-03 15:24:41 +01:00
Morris Jobke cbe6eeffa1 last change of OC_Config to the proper interface in tests/ 2015-12-03 14:03:05 +01:00
Thomas Müller 2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code
reuse code
2015-12-03 13:55:50 +01:00
Morris Jobke 542ce7dd0d Reduce OC_Config usage in tests/ 2015-12-03 13:48:19 +01:00
Robin Appelman 19b2fe6a3a Fix mimetype filter in getDirectoryContent 2015-12-03 13:09:13 +01:00
Jesus Macias Portela dcfbbe4737 Merge branch 'master' into issue_20427 2015-12-03 12:35:49 +01:00
Morris Jobke e9c8f82fc5 Replace OC_Config in tests with IConfig calls 2015-12-03 09:38:41 +01:00
Thomas Müller c6bda8d6ca Merge pull request #20902 from owncloud/drop-OC_Config-from-tests
Replace OC_Config in tests with IConfig calls
2015-12-03 09:30:47 +01:00
Thomas Müller e7239b6553 Merge pull request #20872 from owncloud/systemtags-better-not-found-exception
Systemtags better not found exception
2015-12-03 09:26:05 +01:00
Thomas Müller a5c80ba8bc Merge pull request #20894 from owncloud/post-delete-meta-view
Also add metadata for postDelete hooks triggered from the view
2015-12-03 09:24:54 +01:00
Morris Jobke d331e0d4f8 Replace OC_Config in tests with IConfig calls 2015-12-02 23:14:52 +01:00
Thomas Müller dcc7ff09ba Adding unit test for MailNotifications::sendInternalShareMail() 2015-12-02 21:42:14 +01:00
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Thomas Müller df5872ec50 Merge pull request #20719 from owncloud/adding-system-addressbook-of-users
Adding system addressbook for users of this instance - a occ command …
2015-12-02 16:17:58 +01:00
Thomas Müller 28ceab2f61 Fix endless recursion 2015-12-02 14:44:41 +01:00
Morris Jobke 0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Robin Appelman 0062888aaf Also add metadata for postDelete hooks triggered from the view 2015-12-02 13:51:26 +01:00
Thomas Müller 8d218bf3ef Merge pull request #20875 from owncloud/remove-changepropagator
remove old propagation logic
2015-12-02 13:03:31 +01:00
Thomas Müller c46ea30248 Merge pull request #20865 from owncloud/post-delete-meta
Add metadata to post delete hooks
2015-12-02 10:12:54 +01:00
Thomas Müller 0391cc0451 Fix getCloudId 2015-12-02 09:14:41 +01:00
Thomas Müller fe67db1ad0 Adding unit test for User::getCloudId() 2015-12-02 09:14:41 +01:00
Thomas Müller df6fc6cc70 Add the user's cloud id to the vCard 2015-12-02 09:14:41 +01:00
Thomas Müller dad6470baa Add IUser::getAvatarImage() for easy access 2015-12-02 09:14:41 +01:00
Roeland Jago Douma b00db2c933 DI in avatar code
* DI in avatar code
* Use the node API
* More unit tests
* Unit tests no longer require DB
2015-12-01 22:15:43 +01:00
Robin Appelman 62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Joas Schilling 08d07cc4db Fix the unit test by running tearDown() and cleaning tags before the test 2015-12-01 15:00:44 +01:00
Joas Schilling 1d0c041ac8 Add a method to get the list of tags from the TagNotFound Exception 2015-12-01 14:54:34 +01:00
Robin Appelman 0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller 08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Joas Schilling b8b0ae0944 Fix phpstorm complains in tests 2015-11-30 13:36:22 +01:00
Thomas Müller b94aadc440 Cleanup imports and type hinting 2015-11-30 12:45:30 +01:00
Lukas Reschke f4eb15d340 Show error template
Otherwise this leads to an endless redirection in case of a CSRF exception. Also sets user expectation right.
2015-11-30 11:25:52 +01:00
Thomas Müller dddfa6de78 Don't break app on travis 2015-11-30 10:55:13 +01:00
Thomas Müller 318e5e2864 More group DB 2015-11-30 10:55:13 +01:00
Thomas Müller f9fc254672 Add DB group to some files_external tests
Adding group Db to federation tests and ldap tests

Add group DB to Test_UrlGenerator

Adding group DB to trashbin and versions tests

Adding group DB to Test_Util_CheckServer for pg
2015-11-30 10:55:10 +01:00
Thomas Müller 757aa45db7 Adding more DB groups to test suits
Adding more DB groups to test suits
2015-11-30 10:55:06 +01:00
Thomas Müller 56170dd825 Further unit test suite tweats 2015-11-30 10:55:05 +01:00
Thomas Müller 1480964768 Adding more test suites to group DB 2015-11-30 10:55:05 +01:00
Thomas Müller 7e71d8231e Mock DIContainer to not hit the database 2015-11-30 10:55:05 +01:00
Thomas Müller 3bb6dcea64 Apply DB group annotation ... 2015-11-30 10:55:05 +01:00
Thomas Müller 03ee3b9aec A TestCase which is not annotated to be in group DB will not allow access to the database connection.
This is necessary to categorize unit test and avoid duplicate test case execution - it also allows us to closely review unit test implementations to identify unnecessary db calls.
2015-11-30 10:55:05 +01:00
Joas Schilling 24d5ce9a58 Add phpunit group for tests 2015-11-30 10:25:53 +01:00
Thomas Müller 9c1dbaf0ad Merge pull request #20788 from owncloud/catch-missing-route
Dont die when we're missing a route
2015-11-30 10:11:12 +01:00
Robin Appelman 4c4331982c Merge pull request #20789 from owncloud/scanner-skip-not-available
Skip unavailable storages in scanner
2015-11-27 22:57:47 +01:00
Vincent Petry b666367a79 Added system tags data structure and PHP side managers
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Robin Appelman aa822f76e2 fix tests 2015-11-27 17:05:58 +01:00
Robin Appelman ae71f80f4a Skip unavailable storages in scanner 2015-11-27 14:02:50 +01:00
Mitar e0e51fd79f Added tests. 2015-11-27 02:45:49 -08:00
Thomas Müller 8fe878afe9 Merge pull request #20602 from owncloud/fix-installed-apps
Always installed apps includes the hardcoded ones from shipped.json
2015-11-26 16:50:05 +01:00
Thomas Müller 80c43ffc6c Merge pull request #20702 from owncloud/move-user-principal-into-subfolder
Users are available under it's own principal resource named 'principa…
2015-11-26 16:49:49 +01:00
Thomas Müller 19d5059109 Merge pull request #20393 from owncloud/querybuilder-select-with-alias
Add a method to select a field or value with alias
2015-11-26 16:19:20 +01:00
Thomas Müller 3882cc8ef3 Merge pull request #20744 from owncloud/oc_helper-getMimeType-cleanup
Remove last occurences of OC_Helper::getMimeType()
2015-11-26 12:37:25 +01:00
Thomas Müller 5a33390a69 Merge pull request #20731 from owncloud/per-storage-updater
Make Cache\Updater per storage
2015-11-26 12:01:44 +01:00
Morris Jobke 4fcab98694 Remove unused internal methods
* removes OC_Helper::mb_substr_replace and OC_Helper::mb_str_replace
* keeps public interface wrapper working as expected
2015-11-26 10:25:43 +01:00
Morris Jobke 9318606faf Remove last occurences of OC_Helper::getMimeType()
* ref #4774
2015-11-26 10:18:32 +01:00
Thomas Müller b799e42b4e Introduce \OCP\IUser::getEMailAddress() 2015-11-25 22:23:34 +01:00
Thomas Müller 9ec2f8886e Merge pull request #20691 from owncloud/share2.0_di_fixes
[Sharing 2.0] di fixes
2015-11-25 15:25:50 +01:00
Robin Appelman b025f07fb7 Make Cache\Updater per storage 2015-11-25 14:16:00 +01:00
Thomas Müller 50f6817ce9 Merge pull request #20439 from owncloud/etag-propagate-in-storage
Take submount etag into account for folder etags
2015-11-25 12:49:54 +01:00
Roeland Jago Douma a2b8483779 [Sharing 2.0] Default share provider only generic DI
No injection of userfolders etc. Only generic DI components
(IRootFolder) etc should be used to make sure we can also run this from
the cli
2015-11-24 10:26:36 +01:00
Roeland Jago Douma aeae73b364 [Sharing 2.0] Removed unused DI stuff
The share manager etc should not care about filtering stuff. They should
return what is asked for them.
2015-11-24 10:26:36 +01:00
Joas Schilling 018bd3ee24 Make sure that object id can be a string 2015-11-23 14:18:15 +01:00
Thomas Müller df906f475b Merge pull request #20617 from owncloud/fix-usage-of-lastInsertId
lastInsertId() is properly working with Oracle if the table name is p…
2015-11-23 13:29:08 +01:00
Thomas Müller 240cc1c4ea Merge pull request #20543 from owncloud/share2.0_fix_hooks
Move hook and delete children logic to share manager
2015-11-23 13:28:49 +01:00
Joas Schilling 1c7d7288c4 Add a method to select a field or value with alias 2015-11-23 13:28:31 +01:00
Thomas Müller f85282c90a Merge pull request #20577 from owncloud/notifications-datetime-timestamp
Use a DateTime object instead of a timestamp
2015-11-23 13:14:45 +01:00
Morris Jobke bc69cb2de3 fix unit tests 2015-11-23 13:13:26 +01:00
Roeland Jago Douma 1360e22d7c [Sharing 2.0] Move hook and delete children logic to share manager
To make sure hooks are always fired and child entries are always
cleaned. This logic is moved to the share manager.

* Updated unit tests
2015-11-23 12:28:54 +01:00
Thomas Müller 9f69021691 lastInsertId() is properly working with Oracle if the table name is properly passed in 2015-11-23 11:44:08 +01:00
Joas Schilling a370c29068 Use a DateTime object instead of a timestamp 2015-11-23 11:41:48 +01:00
Morris Jobke 32ab973254 add unit tests for OC_Util::add* methods 2015-11-23 11:03:09 +01:00
Thomas Müller bf672d7e51 Merge pull request #20222 from owncloud/federated_sharing_auto_complete
federated sharing auto-complete, first step
2015-11-23 10:42:14 +01:00
Thomas Müller 79bbda994b Merge pull request #16902 from owncloud/jsocclient
Web UI uses Webdav instead of ajax/* calls
2015-11-23 09:38:01 +01:00
Thomas Müller 358858c9e3 Fix undefined HTTP_USER_AGENT 2015-11-22 16:05:50 +01:00
Vincent Petry f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00