Commit Graph

5616 Commits

Author SHA1 Message Date
Roeland Jago Douma 6ea1aef031
Merge pull request #19723 from nextcloud/bug/18603/avatar-response
Always use status 200 for avatar response
2020-03-03 16:15:14 +01:00
blizzz b54069189c
Merge pull request #19742 from nextcloud/bug/19740/add-msg-for-exception
Add message for DoesNotExistException
2020-03-02 16:19:30 +01:00
Daniel Kesselberg 5ce9e73bad
Add message for DoesNotExistException
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-02 13:24:06 +01:00
Daniel Kesselberg 68148f4073
Always use status 200 for avatar response
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.

Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-01 00:42:24 +01:00
Mohammed Abdellatif 98d6415264 Add support for GuzzleHTTP 'no' proxy
The custom config allows to setup a proxy URI that is passed to
GuzzleHTTP client as request options. Guzzle has the option to receive
an array of proxies for each URI scheme as well as 'no' key value pair
to provide a list of host names that should not be proxied to.

Guzzle would automatically populate these options with HTTPS_PROXY
and NO_PROXY environment variables. However, when providing a 'proxy'
request option, default values will be overriden and it is required to
explicitly provide the 'no' value if needed.

More info:
http://docs.guzzlephp.org/en/stable/request-options.html#proxy

This commit will add support for a new config 'proxyexclude', which
takes a list of host names to be excluded.

It will also provide 'proxy' request option as an array instead of a
string to Guzzle, and populate 'http' and 'https' URI schemes with
proxy URI, and 'no' with 'proxyexclude' list.

Also, if no 'proxy' is configured, it will leave out 'proxy' request
option, so it won't override Guzzle default values.

Sample config file includes a hint on how to explicitly sync
'proxyexclude' with NO_PROXY, and a note about default values.

Signed-off-by: Mohammed Abdellatif <m.latief@gmail.com>
2020-02-29 19:19:23 +02:00
Robin Appelman fed86e8382
better tests for SimpleFolder
test behavior, not implementation

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-02-28 12:55:20 +01:00
Joas Schilling e97d643969
Strip of users home path from share api message
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-02-20 14:56:58 +01:00
Arthur Schiwon b1a6f66fd9
when we receive intentional empty whats new info, do not try to show it
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-02-13 22:03:44 +01:00
Arthur Schiwon d06ef07a97
disable timeout on app install via cli
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-02-12 16:52:45 +01:00
John Molakvoæ (skjnldsv) 0687b9ed8a
[3rdparty] Bump guzzlehttp/guzzle from 6.3.3 to 6.5.2
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-02-11 20:49:27 +01:00
Roeland Jago Douma 12e1c469cf
Add Argon2id support
When available we should use argon2id for hashing.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-07 07:52:33 +01:00
Joas Schilling 3a0bfbd558
Merge pull request #18926 from nextcloud/fix/18689/int-array-access
Array access on int will fail on php7.4
2020-02-06 21:31:03 +01:00
Roeland Jago Douma 0d651f106c
Allow selecting the hashing algorithm
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-03 21:41:17 +01:00
Roeland Jago Douma 1b33116e8f
Merge pull request #19241 from nextcloud/bug/noid/job-catch-throwable
Make sure to catch php errors during job execution
2020-02-03 09:54:26 +01:00
Roeland Jago Douma bfaf3fff33
Move Admin Settings also to info.xml
More cleanup of the Settings apps. Makes the manager cleaner and a
proper manager.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-31 16:55:17 +01:00
Daniel Kesselberg 018020108b
Make sure to catch php errors during job execution
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-31 16:04:04 +01:00
Roeland Jago Douma c9253cce6c
Move personal settings to proper registration
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-30 22:06:28 +01:00
Roeland Jago Douma dc1979903e
Move password settings
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-30 14:03:28 +01:00
Roeland Jago Douma 9ed106f69a
Merge pull request #19176 from nextcloud/fix/contacts-menu-mailt-encoding
Do not encode contacts menu mailto links
2020-01-30 09:45:13 +01:00
Christoph Wurst 87ec729f34
Do not encode contacts menu mailto links
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-28 14:57:45 +01:00
Roeland Jago Douma 03df1b4c51
Move admin sections to settings app
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-28 12:38:11 +01:00
Roeland Jago Douma d8e9cefcfe
Move the Personal sections to the settings app
There is no need to have weird magic in the manager. This should be
properly registered in the right way. The settings code is messy
anyways. This is a start to make it a tad more clean.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-28 08:45:07 +01:00
Sergey Shliakhov acc0df1d13 Change avatar placeholder from single letter to 2 letters
https://github.com/nextcloud/server/issues/18717
Signed-off-by: Sergey Shliakhov <husband.sergey@gmail.com>
2020-01-27 09:42:45 +01:00
Arthur Schiwon 5b18f684e7
add hub bundle for easy post-installation
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-26 21:23:42 +01:00
Daniel Kesselberg 7af3bcb4bc
Add test to trigger "Trying to access array offset on value of type int"
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-23 10:18:14 +01:00
Roeland Jago Douma 8056bbeae3
Merge pull request #19035 from nextcloud/bugfix/noid/increase-timeout-for-downloads
Adjust unit test for #19017
2020-01-21 10:53:08 +01:00
Joas Schilling 827f3228a3
Adjust unit test for #19017
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-01-21 08:44:35 +01:00
Daniel Kesselberg 8331d8296b
Make getServerHost more robust to faulty user input
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-16 11:26:29 +01:00
Robin Appelman 47fd6730e0
use `nodeExists` instead of catching exceptions
makes the intent of the code more clear imo

Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-01-14 11:03:14 +01:00
Roeland Jago Douma e7b308cf0a
Merge pull request #18805 from nextcloud/bugfix/direct-edit-create
Check if file already exists during file creation
2020-01-14 08:34:39 +01:00
Julius Härtl ab4b9a6df5
CHeck if file already exists during file creation
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-13 18:10:12 +01:00
Georg Ehrke 2f89f5fd13
AppFetcher: Distinguish between fileName and endpointName
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-01-09 17:29:00 +01:00
Christoph Wurst 60d4b45e89
Clean up 2FA provider registry when a user is deleted
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-08 10:51:44 +01:00
Roeland Jago Douma 52e4ecd66e
Merge pull request #18644 from nextcloud/harden/csrf_endpoint
Only allow requesting new CSRF tokens if it passes the SameSite Cooki…
2020-01-07 13:43:46 +01:00
Roeland Jago Douma a673c597ed
Fix the LoggerTests for phpunit
Less deprecation warnings. YAY.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-06 09:06:52 +01:00
Kim Brose 9c5fe8fca4
Fix CI
Signed-off-by: Kim Brose <kim.brose@rwth-aachen.de>
2020-01-03 18:06:59 +01:00
Roeland Jago Douma da81b71f93
Only allow requesting new CSRF tokens if it passes the SameSite Cookie test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-03 13:12:03 +01:00
Daniel Kesselberg d393b1612b
Modify regex to match some other chromium browsers
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-27 17:24:52 +01:00
Georg Ehrke f0bef8881d
Restore old behavior allowing to set custom appstore
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2019-12-22 15:06:31 +01:00
GretaD 455013c309
fix the folder share
Signed-off-by: GretaD <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-12-19 16:14:47 +01:00
Julius Härtl de5384466c
Return empty template for default creators
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-16 17:22:53 +01:00
Joas Schilling faf58e4cac
Merge pull request #17018 from nextcloud/feature/noid/allow-to-force-enable-via-cli
Allow to force enable apps via CLI
2019-12-16 12:34:27 +01:00
Roeland Jago Douma 3b8fbf129e
Merge pull request #18384 from nextcloud/fix/18255/global_config_to_always_accept
config.php setting to always accept internal shares
2019-12-16 09:50:45 +01:00
Roeland Jago Douma bb4264c565
config.php setting to always accept internal shares
Part of #18255

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-16 09:07:25 +01:00
blizzz f7674c592c
Merge pull request #17494 from nextcloud/fix/16340/ignore-invalid-json
Return a default user record if json is broken
2019-12-13 15:43:36 +01:00
Joas Schilling 3eee359d7f
Allow to force enable apps via CLI
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 13:06:12 +01:00
Christoph Wurst b97d90e0c3
Log critical fallback to user default if we can't parse the JSON
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 12:39:29 +01:00
Christoph Wurst b81b824da1
Add typed events for the filesystem/scanner
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 09:41:05 +01:00
Roeland Jago Douma 87104ce510
Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
2019-12-12 21:59:42 +01:00
Greta Doci c864bc8321
Move users management to multi line
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-12-12 12:25:13 +01:00
Roeland Jago Douma c6e51924c8
Merge pull request #18236 from nextcloud/bugfix/noid/always-detect-mimetype-by-content-in-workflows
Allow to detect mimetype by content
2019-12-12 11:19:55 +01:00
Roeland Jago Douma 8473a09499
REVERT ME: comment out failing gz detection test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-12 08:24:46 +01:00
John Molakvoæ (skjnldsv) edf8893479
Fix tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-12-10 23:44:17 +01:00
Roeland Jago Douma eb8ca3783c
Viewer should be always enabled
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 20:06:30 +01:00
Joas Schilling 059968e1c7
Pick a shorter name for the transfer ownership table
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 11:01:26 +01:00
Joas Schilling 6ad7e75708
Update the unit test to dataProviders
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-10 09:11:44 +01:00
Roeland Jago Douma 72155009fa
Merge pull request #18184 from nextcloud/bugfix/noid/is-trusted-domain
Move overwritehost check to isTrustedDomain
2019-12-09 21:37:22 +01:00
Daniel Kesselberg 29575c4d36
Move custom definition logic into method
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-09 12:10:19 +01:00
Daniel Kesselberg 64aba49461
Ensure that we don't merge broken json.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-09 12:09:43 +01:00
Christoph Wurst 8bc4295cfa
Merge pull request #17325 from nextcloud/enh/decouple-register-resource-provider
Decouple resource provider registration
2019-12-09 09:51:25 +01:00
Daniel Kesselberg 48a130c2a8
Fix: Using assertContains() with string haystacks is deprecated and will not be supported in PHPUnit 9.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-08 22:33:17 +01:00
Daniel Kesselberg 0016480370
Decouple resource provider registration
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-07 22:04:07 +01:00
Julius Härtl d05f131929
Move overwritehost check to isTrustedDomain
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-07 09:53:06 +01:00
Roeland Jago Douma 04c2b5fcb1
Merge pull request #18130 from nextcloud/bugfix/noid/prevent-creating-users-with-existing-files
Prevent creating users with existing files
2019-12-05 10:30:00 +01:00
Joas Schilling 6004f62085
I love unit tests that mock unnecessary stuff
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-04 15:22:02 +01:00
Roeland Jago Douma 76b78edd40
Merge pull request #17833 from nextcloud/propagator-no-negative-sizes
dont set folder size to negative values during propagation
2019-12-04 11:49:26 +01:00
Joas Schilling 738e6bf079
Merge pull request #17715 from nextcloud/fix/5456/respect_avatar_privacy
Honor avatar visibility settings
2019-12-04 10:28:45 +01:00
Roeland Jago Douma 1d707cc349
Merge pull request #18028 from nextcloud/enhancement/user-create-events
Add typed create user events
2019-12-03 08:57:51 +01:00
Christoph Wurst cc80339b39
Add typed create user events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-03 08:03:57 +01:00
John Molakvoæ (skjnldsv) 5cb11ca642
Fix tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-12-02 13:08:43 +01:00
Daniel Kesselberg 9378a6b411
Send Clear-Site-Data expect for Chrome
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-30 15:17:22 +01:00
Julius Härtl 0c6c12deae
Adjust tags acceptance tests to moved admin section
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-28 18:26:15 +01:00
Julius Härtl fc51425790
Adjust DirectEditing test to PHPUnit8
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-28 10:59:22 +01:00
Roeland Jago Douma 4173d9d749
Merge pull request #17625 from nextcloud/enh/noid/direct-editing
Direct editing API to allow file editing using a one-time token
2019-11-28 08:49:57 +01:00
Roeland Jago Douma 62dc320191
Merge pull request #17725 from nextcloud/enh/share_exp_internal
Allow internal shares to have a default expiration date
2019-11-28 08:37:19 +01:00
Roeland Jago Douma 669302e570
Merge pull request #18064 from nextcloud/feature/php74
Add php7.4 support
2019-11-28 08:36:10 +01:00
Julius Härtl e18397284b
Use person icon for personal settings
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 21:06:14 +01:00
Julius Härtl 329e8c2604
Add mimetype to creators
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 19:56:44 +01:00
Julius Härtl 9a2694fcb0
Code style fixes and cleanup
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 19:56:40 +01:00
Roeland Jago Douma 0e14bdc0d0
remove test case
Because we test very naively we matched also on def in default...

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma 469c06be15
TO REVERT LATER: disable decimaltest from LegacyDBTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma b656693db2
TO REVERT LATER: disable tests in LargeFileHelperGetFileSizeTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma 3a7cf40aaa
Mode to modern phpunit
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:18 +01:00
Roeland Jago Douma 078f4efb20
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 14:51:14 +01:00
Julius Härtl c8d3e32190
Direct editing token tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 14:36:20 +01:00
Roeland Jago Douma ec14d95292
Fix lockprivider test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma 8d4346d656
Fix more tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma bc16b05243
Fix signCoretests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma 305481688b
SignApp fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma ef4b59d341
More fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma 799f58391e
More fixes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 3aa5f105fa
Fix more tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 385ec2947d
Skip redis if not configured
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma c007ca624f
Make phpunit8 compatible
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma 0532f8116d
Merge pull request #18019 from nextcloud/enhancement/password-policy-events
Add typed events for password_policy
2019-11-27 11:11:17 +01:00
blizzz d2f9deba51
Merge pull request #17834 from nextcloud/enh/noid/generic-event-replacement-tk2
Public API's GenericEvent replacement (take 2)
2019-11-27 10:50:07 +01:00
Christoph Wurst 1a886b1472
Add typed events for password_policy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00
Roeland Jago Douma d09f8c7423
Merge pull request #17939 from nextcloud/fix/token-insert-conflict-handling
Handle token insert conflicts
2019-11-26 19:47:59 +01:00
Arthur Schiwon fc16b09a2c
Files first to use own GenericEvent
* those are added to 18 only anyway :)

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-26 14:48:59 +01:00
Roeland Jago Douma b607e3e6f4
Merge pull request #17948 from nextcloud/enh/check-if-property-is-bool
Make isXXX available for bool properties only
2019-11-26 12:25:36 +01:00
Christoph Wurst 0299ea0a96
Handle token insert conflicts
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.

As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-26 12:07:12 +01:00
Robin Appelman 74c6beb603
dont set folder size to negative values during propagation
normally this shouldn't be a problem, but cache/storage desync might cause this
so this adds some failsafe to ensure we dont corrupt the cache further

the minimum value is set to -1 instead of 0 in order to triger a background scan
on the folder and figure out the size properly

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
Robin Appelman 9e450d727a
add LEAST and GREATER to db function builder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
blizzz b1dffc5c2d
Merge pull request #17896 from nextcloud/fix/noid/consider-create-group-result
take group creation result into consideration
2019-11-25 17:16:40 +01:00
Arthur Schiwon 7b1eedb11e
take group creation result into consideration
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-25 14:01:20 +01:00
Roeland Jago Douma 68748d4f85
Some php-cs fixes
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Roeland Jago Douma 3c1bcd551d
Fix the tests after #18029
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-21 22:31:45 +01:00
Roeland Jago Douma 5c4b2a2436
Merge pull request #18029 from nextcloud/feature/public-post-login-event
Make the post login event public
2019-11-21 12:39:42 +01:00
Daniel Calviño Sánchez f402e23448 Accept incoming shares in acceptance tests
Incoming shares are no longer automatically added to the file list of
the sharee. Instead, the user now needs to explictly accept the share.

Currently shares can be accepted only from the Notifications app, so it
must be explicitly cloned before installing Nextcloud if it is not found
in the "apps" directory. Note that the development branches are already
built, so there is no need to explicitly build the app.

With the new sharing behaviour the "share a skeleton file with another
user before first login" scenario is no longer valid (as the user will
need to log in to accept the share, so at that point the skeleton is
already created), so it was removed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Daniel Calviño Sánchez 0abff19aa9 Rename "Notification" to "Toast"
Since Nextcloud 17 the proper name for the old built-in notifications is
"Toast". Moreover, this will reduce ambiguity when using the
"notification" term to refer to elements in the Notifications app.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Roeland Jago Douma da25ed997e
Do not check for updates if we have no internet
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:30:59 +01:00
Christoph Wurst 535000aac6
Make the post login event public
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-20 18:43:09 +01:00
Roeland Jago Douma b367027798
Do pagination on the dummy group backend
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 08:08:01 +01:00
Roeland Jago Douma 1bd688a9d1
Use dummy backend in test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-18 11:54:26 +01:00
Roeland Jago Douma a184e350d7
Merge remote-tracking branch 'origin/master' into filecache-extension 2019-11-18 11:06:17 +01:00
Daniel Kesselberg a27c10daa6
Make isXXX available for bool properties only
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-16 00:39:48 +01:00
Roeland Jago Douma 54eb27dab2
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-13 20:43:20 +01:00
RussellAult 19791b2460
Check getRedirectUri() for queries
Resolves Issue #17885

Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.

Signed-off-by: RussellAult <russellault@users.noreply.github.com>
2019-11-13 14:05:03 +01:00
Robin Appelman 066faaec05
fix folder delete
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:46 +01:00
Robin Appelman 43fa746ad9
dont create empty filecache extended rows
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:43 +01:00
Robin Appelman 1b6e647b63
expose filecache extension data in FileInfo
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:32 +01:00
Robin Appelman 842da3f183
store filecache extension fields
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 11:30:44 +01:00
Daniel Calviño Sánchez 2f49806c20 Add unit tests for "getAllShares()"
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-30 14:27:41 +01:00
John Molakvoæ (skjnldsv) 12eba18bdf Adjust acceptance tests to new OCA.Sidebar
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 13:20:08 +01:00
John Molakvoæ (skjnldsv) ea6f423e2c Extend data returned when searching remote shares
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma 2cf068463f
Harden middleware check
These annotations will allow for extra checks. And thus make it harder
to break things.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 15:44:37 +02:00
Daniel Calviño Sánchez 81d0b70791 Run acceptance tests on PHP 7.3
There is no difference (as far as I know) between running the acceptance
tests on PHP 7.1 or on PHP 7.3; this is simply a preparatory step to be
ready when PHP 7.1 support is dropped in Nextcloud server.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-22 16:48:55 +02:00
Roeland Jago Douma 5122629bb0
Make renewSessionToken return the new token
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Roeland Jago Douma 075a0b24d5
Merge pull request #17431 from johkoenig/bugfix/17377/trusted_domain_helper_case_insensitive
make TrustedDomainHelper case insensitive
2019-10-08 08:51:11 +02:00
Roeland Jago Douma a02a626606
Merge pull request #17411 from kinolaev/fix-oauth2-redirect
Fix oauth client redirect
2019-10-07 12:03:52 +02:00
Johannes Koenig 2df8d646c1 make TrustedDomainHelper case insensitive
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
Sergej Nikolaev 1b5d85a4ca fix oauth client redirect
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
2019-10-04 21:09:13 +03:00
John Molakvoæ 6d819e2820
Fix master testing and update eslint-config (#17367)
Fix master testing and update eslint-config
2019-10-04 08:18:13 +02:00
John Molakvoæ (skjnldsv) 4293ede565
Fix tag acceptance tests after #16682
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-04 07:48:45 +02:00
Tim Terhorst 2ad33bc06e Add Fatal logging option
Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
2019-10-02 21:18:29 -05:00
blizzz 47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst de6940352a Move settings to an app
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
John Molakvoæ (skjnldsv) f737dc9a86 Remove input id on login form
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 08:15:03 +00:00
Roeland Jago Douma cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Roeland Jago Douma 6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman 35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that

Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this

Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman 733d4b6cca
dont delete cache entries if deleting an object from object store failed
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Roeland Jago Douma 210a0554a2
Use the actual password to update the tokens
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Greta Doci 68ef242a0a
Fixed the SecurityTest error
Signed-off-by: Greta Doci <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-15 12:04:28 +02:00
Greta Doci 4ff7551574
Fixed the test
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-09-15 12:04:28 +02:00
Roeland Jago Douma 2b98eea129
Harden identifyproof openssl code
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
Roeland Jago Douma 2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma 41cbb05aea
Split personal security settings in code
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Arthur Schiwon 1cc6f34d88
adapt file hooks test to eventdispatcher utilization
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
Roeland Jago Douma bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma 1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman 8ef5a366ec
add MAX and MIN to functionbuilder
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Roeland Jago Douma 0ff08810d9
Log/FileTest does not require the DB
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
Arthur Schiwon d33e0be2f1
adjust test expectations
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
Roeland Jago Douma 2fdf946dae
Merge pull request #16454 from nextcloud/bugfix/noid/sharelink-shouldnt-open-menu-automatically
Dont show menu automatically when share link is clicked
2019-09-04 10:36:04 +02:00
Daniel Kesselberg 773778dd8c
Add default timeout to expected request options
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
Greta Doci 1993984769 Adjust acceptance tests to changes in link share menu behaviour
Now the link share menu is not automatically opened after a link share
is created, so waiting until it was opened failed in iShareTheLinkFor.

Note that the steps that interact with the link share menu take care
themselves of showing the menu if needed, so there is no need to
explicitly show it despite the change. Also, the waiting in
iShareTheLinkFor was introduced when the link share menu was changed
to automatically open after creating a link share, as that caused some
issues with the steps that opened the menu by themselves (fec8d12fc5).
Due to all this, now that the link share menu is again not automatically
opened the wait can be simply removed.

Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-08-29 10:19:03 +02:00
Roeland Jago Douma 3f12ec95f0
SessionMiddleware: declare session property
* Remove request since we don't useit
* Update tests as well

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
John Molakvoæ caf32d25f8
Merge pull request #16879 from only-run-integration-tests-on-php-changes
Only run integration tests when PHP was modified
2019-08-27 18:12:40 +02:00
Roeland Jago Douma 495f94e558
Merge pull request #16875 from nextcloud/bugfix/16874/welcome-mail-client-url
Use custom client URL in welcome emails
2019-08-27 13:48:11 +02:00
Joas Schilling 23a0cbe6ef
Only run integration tests when PHP was modified
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-27 11:31:15 +02:00
Julius Härtl 52dc36fb88
Mock client URL in new user mail tests
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-27 10:22:54 +02:00
Roeland Jago Douma 505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
Arthur Schiwon 4bd83c9a28
adjust tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
Joas Schilling db968cb1d4
Cleanup the Settings class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
John Molakvoæ 40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
blizzz 6d20876eb2
Merge pull request #16782 from nextcloud/fix/16729/stop-if-encrypted-token-null
Stop if there is no encrypted token
2019-08-21 12:31:12 +02:00
Roeland Jago Douma 7927aebdeb
Fix report of phpstan in Limiter
* unneeded arguments to constructor
* added return types
* let automatic DI do its work

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Daniel Kesselberg 9c4c5ee818
Add test case for existing user with token null
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:27:03 +02:00
Daniel Kesselberg 7f7c6e49b6
Return the disabled user mock instead of the existing
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:18:39 +02:00
Daniel Calviño Sánchez e5a305b9d8 Allow Context subclasses in acceptance tests to access parent actor
Although uncommon, in some cases a Context may need to be extended (for
example, to override a step defined in the server with a specific
behaviour in the acceptance tests of an app); in those cases the
subclass should be able to access the actor attribute defined in the
Context it is extending.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-08-16 08:20:41 +02:00
Roeland Jago Douma fced73aa37
Merge pull request #16711 from nextcloud/fix/csp/form_actions/loginflow
Fix login flow form actions
2019-08-12 08:24:53 +02:00
Roeland Jago Douma f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Scott Shambarger edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
 "cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.

Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
Roeland Jago Douma 6dc179ee12
Fix login flow form actions
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-11 19:53:49 +02:00
Roeland Jago Douma f81817b47d
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
Roeland Jago Douma b8c5008acf
Add feature policy header
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma 2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma cf647451e5
Update CSP test cases to handle the new form-action
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl 22b81ac1e4
Fix permission check on incoming federated shares
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail

Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma 436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540
Add missing password reset page to vue
2019-07-31 11:02:20 +02:00
Julius Härtl 3b0d13944a
Move actual password reset to vue
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 09:19:07 +02:00
Joas Schilling d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma 135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma 0ea7fbae54
Update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke 98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Roeland Jago Douma 51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
Split up security middleware
2019-07-29 12:13:55 +02:00
Roeland Jago Douma b6dd2ebd39
Use proper exception in lostController
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.

This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
Roeland Jago Douma 37a4282c7a
Split up security middleware
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.

I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Morris Jobke 2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Morris Jobke 71e5300f84
Merge pull request #16551 from nextcloud/fix/12735/displayname-email
supresses disclosing the userid for LDAP users in the welcome mail
2019-07-26 15:14:59 +02:00
Arthur Schiwon 78201bcb72
treat sensitive config keys by pattern
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma 0487144b26
Remove deprecated searchByTag
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Arthur Schiwon 898430b6b1
supresses disclosing the userid for LDAP users in the welcome mail
The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 10:48:34 +02:00
Julius Härtl 3674f6fa2d
Check the if we can actually access the storage cache for recent files
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Morris Jobke d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Daniel Kesselberg 8bed3021bd
Exclude .rnd files from integrity check
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Sam Bull ea935f65fd
Add support for CSP_NONCE server variable
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.

Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00