43e498844e
Use ::class in test mocks
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 17:45:32 +02:00
ce0c45a4ea
Use proper DI for security middleware for app enabled check
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 15:36:28 +02:00
ca4278a4d7
Provide tests for future timestamp formatting
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-23 14:20:21 +02:00
fd6daf8d19
AutoCompletion backend
...
* introduce a Controller for requests
* introduce result sorting mechanism
* extend Comments to retrieve commentors (actors) in a tree
* add commenters sorter
* add share recipients sorter
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-22 14:13:32 +02:00
1a99e0dab4
Merge pull request #6602 from nextcloud/s3-multipart-upload
...
Add multipart upload for s3
2017-10-11 16:10:58 +02:00
6292f665d7
Allow multiple settings and sections per app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-10-05 11:34:03 +02:00
2d62f97f1b
Merge pull request #6328 from nextcloud/split-sharees-api-logic
...
Splits off the logic from sharees endpoint thus making it available from within Nc/via PHP.
2017-10-04 15:43:44 +02:00
7525c387ce
dont run invalid path repair step when upgrading from 11.0.5.2 and later
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-10-03 16:27:26 +02:00
a3bdb318e9
Fix bigint handling on postgres
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
3db3e65121
add tests for Lookup Plugin
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
a7a651f4a4
move splitUserRemote unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
a28b1d91f9
split off former searchSharee unit test
...
also moves registering default plugins to Server for proper unit testing
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
3d1d03a511
split off getEmail tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
c92f7ee767
split off getRemote unit tests
...
adds two small fixes → they actually work \o/
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
b35760de27
split off getGroups unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
dd9e191d37
split off getUsers unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
292a704648
Merge pull request #6544 from nextcloud/fix/duplicate-session-token
...
Fix duplicate session token after remembered login
2017-09-25 17:39:02 +02:00
c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-24 21:07:16 +02:00
38568c362b
Merge pull request #6605 from nextcloud/oc_ocs_response_is_dep
...
OC_OCS_Response is deprecated
2017-09-21 20:38:18 +02:00
eb00dbb593
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 18:30:20 +02:00
87e10f9e6a
OC_OCS_Response is deprecated
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:00 +02:00
385d6f098c
Add tests for multipart upload
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:47:34 +02:00
38bb6e1477
Fix duplicate session token after remembered login
...
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
53057f2bd0
Merge pull request #5462 from nextcloud/add-frameancestor-support
...
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
705432ca6f
Add filter for `shareapi_allow_share_dialog_user_enumeration`
...
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.
Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
ecf347bd1a
Add CSP frame-ancestors support
...
Didn't set the @since annotation yet.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
fa402c74d2
Add tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
473a1ecad1
Fix tests
...
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
9163cf9241
Fix AppPassword 2FA auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
8a79d0cc70
Merge pull request #6414 from nextcloud/share-notification-wrong-language
...
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
8e46e6b827
Improve text: 'you have now' -> 'you now have'
...
Signed-off-by: Leon Klingele <leon@struktur.de>
2017-09-08 13:47:11 +02:00
7e625a8d22
Use the language of the recipient for the share notification
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
5d4540f179
Merge pull request #6364 from nextcloud/fix_login_loop
...
Fix login with basic auth
2017-09-06 17:04:00 +02:00
15cd21d252
Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
...
Set the meta data before everything
2017-09-05 16:08:57 +02:00
4e3c39c1d1
Fix tests
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-05 13:55:36 +02:00
b96485b6bd
Fix login with basic auth
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
dea011243e
Fix unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 17:01:31 +02:00
4fd3240b5f
Merge pull request #6254 from nextcloud/async-bus-split
...
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
1ebf91ec16
Add proper EOL
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
84ea66dca8
Merge pull request #6296 from nextcloud/improve_2fa
...
Improve 2FA
2017-08-31 10:52:40 +02:00
84b7022118
Improve 2FA
...
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
0b652648cc
Merge pull request #6177 from nextcloud/properly-add-slo-url
...
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
60ee450809
Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
...
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
9731350ace
split async test bus for easier subclassing
2017-08-24 16:06:37 +02:00
9357cf735a
Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
...
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
2e4cd44556
Inject \OCP\IURLGenerator to make tests work
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
...
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.
This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5nextcloud/user_saml#112 ,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.
Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
ed8a98eaa1
Prevent SQL error message in case of error
...
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.
The easiest way to reproduce is on MySQL:
1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
1c38a83927
Always log cron execution
...
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707
Recently there was also a bug report about a non-visible last cron execution
(#6088 ) - let's better remove this.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
a55e794bfd
Cleanup unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 14:29:26 +02:00
cf7c4a4439
Merge pull request #6123 from nextcloud/cleanup-shareItem
...
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
c5f14ac884
Merge pull request #6121 from nextcloud/cleanup-registerBackend
...
Use proper methods for registerBackend
2017-08-15 13:52:49 +02:00
8366dfa50b
Cleanup usage of shareItem in internal code base
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
895b9c2309
Use proper methods for registerBackend
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:29:15 +02:00
3e13e94254
Use proper methods for checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00
f640b56bfa
Cleanup unused methods
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 10:09:47 +02:00
bae5be3dc1
add prefix to user and system keys to avoid name collisions
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
9524badccc
extend the identity proof manager to allow system wide key pairs
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
1ea7f14f0a
Fix SessionTest
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:13:54 +02:00
26bf0ca9d4
Fix RepairMimeTypeTest
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:04:57 +02:00
db27bbf90d
Fix CacheTest
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:01:09 +02:00
8b0051eb40
Fix encryption test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:08 +02:00
ed3b391e47
Use symfony/translation for L10N plurals
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-07 19:53:36 +02:00
4633717f04
Move pre_shared and post_shared events to EventDispatcher
...
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-03 15:14:29 +02:00
2f8756754f
Fix last failures with oracle
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
293dea0625
Fix querybuilder and functionbuilder tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
20f8d1094a
Can not insert auto increment on oracle
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
106df7bc33
Fix missing escape on column and table name
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
f93a82b8b0
Remove explicit type hints for Controller
...
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 17:32:03 +02:00
84c22fdeef
Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call
...
Add metadata to \OCP\AppFramework\Http\Response::throttle
2017-08-01 14:43:47 +02:00
6010c4f267
Merge pull request #5877 from nextcloud/typehint_middleware
...
Prop argument type for Middleware
2017-08-01 14:28:16 +02:00
c8452803ef
Merge pull request #5897 from nextcloud/add-share-mail-for-user-share
...
Send an email once a file/folder is shared with a user
2017-08-01 13:27:15 +02:00
582fb5d129
Update the URLs in tests to use example.org
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-01 11:16:04 +02:00
dfd8125aeb
Replace wrong PHPDocs
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
e1f52fc901
Stricter phan config fixes
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
f71dc7523f
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
3548603a88
Fix middleware implementations signatures
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
c43abe43b0
Send an email once a file/folder is shared with a user
...
* only if user has set an email address
* only for user shares (no group shares for now)
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-28 08:36:11 +02:00
f22ab3e665
Add metadata to \OCP\AppFramework\Http\Response::throttle
...
Fixes https://github.com/nextcloud/server/issues/5891
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-27 14:17:45 +02:00
c27498db71
Use IConfig instead of static OCP\Config
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
013d7483bf
Add new bundle
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 11:49:03 +02:00
3faef644a1
Merge pull request #5864 from nextcloud/legacy_user
...
Remove legacy OC_User_Backend and OC_User_Interface
2017-07-25 17:15:11 +02:00
b930f32e89
Remove legacy OC_User_Backend and OC_User_Interface
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:42:55 +02:00
89aaded07f
add tests for renaming paths with multibyte utf8 characters
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-22 11:05:05 +02:00
06a4d6b5b9
Also repair storage id's when repairing invalid entries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 14:06:13 +02:00
1c1ff82c06
Merge pull request #5802 from nextcloud/rm_dep_controller_functions
...
Remove deprecated Controller Functions
2017-07-21 10:12:20 +02:00
e5bedd8947
Merge pull request #5818 from nextcloud/ocs_privatedata
...
PrivateData to app
2017-07-21 09:47:49 +02:00
b1954bed97
Merge pull request #5797 from paulijar/share20-postUnshareFromSelf
...
Dispatch event postUnshareFromSelf when the recipient of a share unshares it
2017-07-21 09:32:49 +02:00
7753b93aa6
PrivateData to app
...
* PrivateData is an app now: https://github.com/nextcloud/privatedata
* No need to load the OCS routes.php (as there is none!)
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-21 08:51:14 +02:00
7c4a15f215
Emit hook postUnshareFromSelf when the recipient of a share unshares it
...
- This kind of hook signal used to be emitted in the old Share library but it was missing from Share 2.0
Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-20 14:45:46 +03:00
0b495ceff8
Remove deprecated Controller Functions
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-20 11:03:12 +02:00
49c622fcba
Merge pull request #5719 from nextcloud/improve-jscombiner
...
Properly handle if the deps file if for some reason empty
2017-07-19 16:31:29 +02:00
2ebafb06fd
Properly handle if the deps file if for some reason empty
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-19 00:10:46 +02:00
8dce97a3e1
Fix emitting of legacy hook post_unshare
...
- When a file was unshared, the legacy hook pre_unshare fired twice and the hook post_unshare did not fire at all. This was obviously a copy-paste error.
Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-16 13:13:15 +03:00
a79447c6fd
Merge pull request #5699 from nextcloud/bruteforce_capability
...
Add bruteforce capabilities
2017-07-14 15:20:31 +02:00
1f1504e071
Merge pull request #5708 from nextcloud/nested-permissions-mask
...
Fix scan permissions with nested permissions masks
2017-07-13 23:27:01 +02:00
350e036c56
chunk getting invalid paths and reuse queries
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:38 +02:00
03f27b4c2c
Fix scan permissions with nested permissions masks
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 14:29:04 +02:00
6a1f2ac076
Add bruteforce capabilities
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-13 11:23:08 +02:00
04f2090698
Write cert bundle to tmp file first
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-12 19:24:20 +02:00
Morris Jobke
Arthur Schiwon
Robin Appelman
Joas Schilling
Roeland Jago Douma
Christoph Wurst
Lukas Reschke
Thomas Citharel
Tobia De Koninck
Leon Klingele
Roeland Jago Douma
Björn Schießle
Pauli Järvinen