* currently there are two ways to access default values:
OCP\Defaults or OC_Defaults (which is extended by
OCA\Theming\ThemingDefaults)
* our code used a mixture of both of them, which made
it hard to work on theme values
* this extended the public interface with the missing
methods and uses them everywhere to only rely on the
public interface
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
cleanup files, address review
Fix CleanupRemoteStoragesTest tests
Fix test expectation.
Added files count to check filecache deletion.
Sort by numeric id for deterministic test results
Removed precise order test and added storage check
Remove inaccurate removal message check which has a different order on
Oracle.
Added more checks to confirm that existing storages still exist.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Skip null groups in group manager (#26871)
* Skip null groups in group manager
* Also skip null groups in group manager's search function
* Add more group null checks in sharing code
* Add unit tests for null group safety in group manager
* Add unit tests for sharing code null group checks
* Added tests for null groups handling in sharing code
* Ignore moveShare optional repair in mount provider
In some cases, data is inconsistent in the oc_share table due to legacy
data. The mount provider might attempt to make it consistent but if the
target group does not exist any more it cannot work. In such case we
simply ignore the exception as it is not critical. Keeping the
exception would break user accounts as they would be unable to use
their filesystem.
* Adjust null group handing + tests
* Fix new group manager tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Fixes the following:
1. user0 shares folder with user1 (RO but with sharing permissions)
2. user1 shares by link
3. user1 send 'publicUpload=true' OCS request to the link share
before this increased the permissions of the link share. Which should
not happen.
now: API reponds with an error that the permissions can't be increased.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
- uses PUT method with jquery.fileupload for regular and public file
lists
- for IE and browsers that don't support it, use POST with iframe
transport
- implemented Sabre plugin to handle iframe transport and redirect the
embedded PUT request to the proper handler
- added RFC5995 POST to file collection with "add-member" property to
make it possible to auto-rename conflicting file names
- remove obsolete ajax/upload.php and obsolete ajax routes
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
It was already a controller just still residing in its old location.
* Moved ShareAPIController to user plain userID instead of user object
* Moved Share20OCS to ShareAPIController
* Removed initisation of class from Application.php and leave it to the
AppFramework
* Fixed tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
When unsharing from self in a group share situation, the share items
passed to the post_unshareFromSelf hook were using the wrong format in
which the attribute names (ex: "share_type") have non camel-case format.
This fix makes sure that in group sharing case we use the correct
format. It looks like the code was already producing it but in
array_merge it was not using it and adding the unprocessed one.
This adds the "QUICKDB" group which excludes some tests that abuse unit tests as integration tests as displayed in https://github.com/nextcloud/server/issues/1626
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Fixes an issue where retrying a previously failed federated share would
not properly reset the availability flag because the return value was
undefined instead of "true".
In some situations, a group share is created before a user share, and
the recipient renamed the received share before the latter is created.
In this situation, the "file_target" was already modified and the second
created share must align to the already renamed share.
To achieve this, the MountProvider now groups only by "item_source"
value and sorts by share time. This makes it so that the least recent
share is selected as super-share and its "file_target" value is then
adjusted in all grouped shares.
This fixes the issue where this situation would have different
"file_target" values resulting in two shared folders appearing instead
of one.
* Wait for socket to be open
* Fix call on null
* Allow DB access for MountProviderTest
Makes unit tests pass when using object store, since their FS access is
actually oc_filecache DB access. It is currently not possible to mock
or bypass the logic from "SharedMount::verifyMountPoint()" triggered by
this test.
Link shares always allowed deletion, however internally the permissions
were stored as 7 which lacked delete permissions. This created an
inconsistency in the Webdav permissions.
This fix makes sure we include delete permissions in the share
permissions, which now become 15.
In case a client is still passing 7 for legacy reasons, it gets
converted automatically to 15.
* Move used OC_Group_xx to \OC\Group
* Add (deprecated) legacy wrapper in legacy, OC_Group_xx
* Replace deprecated use of OC_Group_xx with \OC\Group\xx
E-tag propagation replies on the mtime of the file. Order of events:
1. add file 'foo.txt' with content 'bar'
2. Set mtime to now() - 1
3. Check if etag changed.
Now this goes right often when 1 and 2 happen in the same second.
However imagine
1. add file 'foo.txt' with content 'bar' (at t=0.999)
2. Set mtime to now() - 1 (at t=1.001)
Now the mtime will be set to the same time. Thus not chaning the etag.
Fixes#17243
This is done in the OCS Share API instead of the share manager since we
want lazy shares in general. However when doing modifying calls via the
OCS Share API it is fine to force real nodes.
* Updated unit tests to work with logging
Fixes#22675
Since we only get a share id we do not know the path for the sharer.
Now if we edit a share we start searching for shares for that user of
that node. And deduce the permissions that way.
* Intergration test added
* Fix unit tests
Adds autodiscovery support to server-to-server sharing as specified in the specification. If no discovery data is found it is using the fallback ownCloud endpoints for legacy support.
An incomming federated share is just a mount point. Therefor if we
request the permissions on the mountpoint DELETE permissions will be
returned (among others). Since we can always remove a mountpoint, update
a mount point.
However now when trying to reshare we will try to reshare with DELETE
permissions. Which is false.
This PR removes the delete permissions if it is a shared storage.
Basically a quick hack.
Fixes#22587
Since we have lazy shares it can happen that a share is actually
invalid. See https://github.com/owncloud/core/issues/20908
This add checks for the get methods to handle the NotFound exception.
Now that we support multiple managers we communicate shares to the
outside as 'providerId:shareId'. This makes sures that id's are unique
when references from the OCS API.
However, since we do not want to break the OCS API v1 we need to
somewhat hack around this.
When we switch to OCS API v2 (which we should when we support more
custom providers). We will change the id to always be the fullShareId.
When a file/folder is shared with a group and one of the group members
moves this file/folder an extra entry is created in the share table.
When the permission of the group share is updated we used to only
sometimes update the shares for individual users.
* Added intergration tests
Instead of prepending the token as username in the URL, use the
Authorization header instead. This is because IE9 considers this a
cross-domain call and refuses to do it in the first place.
This is for apps that use getDownloadUrl() to access the Webdav endpoint
for example for streaming.
Also happens when clicking on the download action of a file.
Note that the regular visible download URL is still the same.
The public page now uses the public.php/webdav endpoint.
Also enabled more file operations like rename, move, delete and create
folder from the public page, which are now all possible thanks to the
public.php/webdav endpoint.
Currently the `getPath` methods returned `NULL` in case when a file with the specified ID does not exist. This however mandates that developers are checking for the `NULL` case and if they do not the door for bugs with all kind of impact is widely opened.
This is especially harmful if used in context with Views where the final result is limited based on the result of `getPath`, if `getPath` returns `NULL` PHP type juggles this to an empty string resulting in all possible kind of bugs.
While one could argue that this is a misusage of the API the fact is that it is very often misused and an exception will trigger an immediate stop of execution as well as log this behaviour and show a pretty error page.
I also adjusted some usages where I believe that we need to catch these errors, in most cases this is though simply an error that should hard-fail.
use default config for swift primary storage test config
allow testsuite to complete
fix timeout, script cleanup, enable debug for now
use btrfs loopback device, requires privileged container and absolute path
throw exception when storage has problems
debug by echo ...
sleep more, more debug
Added new annotations for the externalsharescontroller class
* @NoOutgoingFederatedSharingRequired
* @NoIncomingFederatedSharingRequired
By default both are required for all functions in the
externalSharesController.
A proper exception is thrown and then a 405 is returned instead of the
default error page. Since it is only an API endpoint this makes more
sense.
Unit tests added and updated
Since for external shares there is no need for link shares to be enabled
we should check which controller is actually being called.
This makes sure that in all cases we verify that the files_sharing app
is enabled. But only for the share controller (public shares) we check
if the API is enabled and if links are enabled.
TODO: add checks for federated sharing as well
The sharing backend may throw another exception for example when the activity app encounters a problem. Previously this just triggered a 404 error page and the exception got not logged at all. With this change such exceptions get not intercepted and regularly handled as exceptions so that we have meaningful log data. Also the user will be shown a window informing him that an error happened.
Helps to debug cases such as https://github.com/owncloud/core/issues/19465
This makes it possible for the recipient to still trigger the sidebar
and share tab to see information about the share.
In the case where the file is not shared and no permissions exists, no
action icon will be displayed.