Commit Graph

2856 Commits

Author SHA1 Message Date
Lukas Reschke 2ae08d6fc2
Match only for actual session cookie
OVH has implemented load balancing in a very questionable way where the reverse proxy actually internally adds some cookies which would trigger a security exception. To work around this, this change only checks for the session cookie.
2016-09-08 21:07:05 +02:00
Morris Jobke 520bfa872b Merge pull request #1324 from nextcloud/backport-1323-show-download-button-for-updates-atm
[stable10] Show an download button instead of the updater
2016-09-08 15:41:45 +02:00
Joas Schilling 280a452055
Change updater URL 2016-09-08 12:29:37 +02:00
Joas Schilling 810f99c1c9
Correctly remove the charset from finfo mimetype 2016-09-08 09:20:34 +02:00
Morris Jobke 17dc2c344f
fix tests 2016-09-07 19:58:20 +02:00
Joas Schilling 7d54d03e40
Allow downgrades of maintenance accross vendors 2016-08-30 10:19:40 +02:00
Lukas Reschke 4fb2810add
Remove reading PATH_INFO from server variable
Having two code paths for this is unreliable and can lead to bugs. Also, in some cases Apache isn't setting the PATH_INFO variable when mod_rewrite is used.

Fixes https://github.com/nextcloud/server/issues/983
2016-08-27 22:16:30 +02:00
Lukas Reschke 805fc22276 Merge pull request #1008 from nextcloud/shared-storage-non-recursive-10
[10] Fix shared storage recursive setup
2016-08-23 22:15:21 +02:00
Robin Appelman fa980af53c prevent infinite recursion while getting storage from mount 2016-08-23 13:59:01 +02:00
Arthur Schiwon ff2f5ecbf7
Backport Workflow section + hidden empty sections #995 to stabble10
add section to worklfowengine

enlist only registered sections that also have settings registered to

adjust test

Move admin settings to workflow section

fix wrong var name

Save the container with the app's namespace so we can resolve it
2016-08-22 16:37:48 +02:00
blizzz 379260732c Merge pull request #918 from nextcloud/stable10_891
[Stable10] [OC] Fix unmerged shares repair targetdecision
2016-08-22 12:09:27 +02:00
Julius Haertl fe15940233
Fix loading of ThemingDefaults 2016-08-19 11:29:58 +02:00
Joas Schilling e1ec3964c8
Make sure the primary action is always the first one 2016-08-18 09:27:14 +02:00
Vincent Petry 11e9ce669a
Improve regexp to detect duplicate folders when repairing unmerged shares 2016-08-17 19:39:08 +02:00
Vincent Petry c1ad88a777
Fix unmerged shares repair with mixed group and direct shares
Whenever a group share is created after a direct share, the stime order
needs to be properly considered in the repair routine, considering that
the direct user share is appended to the $subShares array and breaking
its order.
2016-08-17 19:38:33 +02:00
Vincent Petry 837dc0b336
Improve file_target finding logic when repairing unmerged shares
Pick the most recent subshare that has no parenthesis from duplication
which should match whichever name the user picked last. If all
subshares have duplicate parenthesis names, use the least recent group
share's target instead.
2016-08-17 19:38:19 +02:00
Lukas Reschke 6ed721dde3
Rename class reference
File has been renamed only on master
2016-08-16 21:28:26 +02:00
Arthur Schiwon f4aa676cb0
adjust tests to latest changes 2016-08-16 21:11:29 +02:00
Lukas Reschke 436e6c1078
Use MockBuilder instead of createMock
CI uses an older PHPUnit
2016-08-16 21:10:47 +02:00
Lukas Reschke 687f5bee94
Add unit tests 2016-08-16 21:10:41 +02:00
Lukas Reschke 93677b2ca3 Merge pull request #817 from nextcloud/jail-root-stable10
[stable10] getJailedPath expects $path to have a trailing /
2016-08-10 16:04:13 +02:00
Roeland Jago Douma a54f9c6aef
OCSController requires DataResponse
The OCS Controller requires a DataResponse object to be returned.
This means that all error handling will have to be done via exceptions
thrown and handling in the middleware.
2016-08-10 13:09:01 +02:00
Thomas Müller 2e0e2064e8
Adding test case for getPathById including a jailed cache where root is just empty 2016-08-10 11:29:11 +02:00
Björn Schießle 7321baa108 Merge pull request #713 from nextcloud/stable10_474
[Stable 10] Group shares with same source and target
2016-08-08 10:55:26 +02:00
Joas Schilling 9bc13eb7eb Translate the server version for nextcloud 2016-08-06 10:42:26 +02:00
Vincent Petry 21907c4f3e
Fix RepairUnmergedShares to not skip valid repair cases
The repair step was a bit overeager to skip repairing so it missed the
case where a group share exists without subshares but with an
additional direct user share.
2016-08-04 19:50:16 +02:00
Vincent Petry 6638e1857a
Add repair step for unmerged shares (WIP) 2016-08-04 19:50:16 +02:00
Joas Schilling 713e201074 Merge pull request #602 from nextcloud/backport-workflow-engine
🚧 [WIP] Backport workflow engine 🚧
2016-08-04 14:20:14 +02:00
Roeland Jago Douma 6990a4e550
Support subdir in the OCS v2 endpoint
We should check against the ending substring since people could
run their nextcloud in a subfolder.

* Added test
2016-07-28 13:12:01 +02:00
Morris Jobke 01ec62e3d2
fix enabled apps tests 2016-07-27 14:11:53 +02:00
Morris Jobke b2e4a8c0d3
fix unit tests 2016-07-27 14:11:46 +02:00
Morris Jobke bc6c05afb6
Add workflowengine 2016-07-27 14:10:43 +02:00
Lukas Reschke c385423d10 Merge pull request #479 from nextcloud/add-bruteforce-throttler
Implement brute force protection
2016-07-21 00:31:02 +02:00
Lukas Reschke c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke ba4f12baa0
Implement brute force protection
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
2016-07-20 22:08:56 +02:00
Lukas Reschke 020a2a6958 Merge pull request #476 from nextcloud/port-same-site-cookies
[master] Port Same-Site Cookies to master
2016-07-20 21:35:02 +02:00
Roeland Douma 78cad699fe Merge pull request #475 from nextcloud/ocs-middleware
Add OCS Middleware
2016-07-20 21:04:25 +02:00
Morris Jobke e08278494d Merge pull request #471 from nextcloud/storage-fopenspecialchars
Added storage tests for fopen with special chars
2016-07-20 20:56:59 +02:00
Roeland Jago Douma 5f32b57332
Add unit tests 2016-07-20 20:03:49 +02:00
Lukas Reschke a299fa38a9
[master] Port Same-Site Cookies to master
Fixes https://github.com/nextcloud/server/issues/50
2016-07-20 18:37:57 +02:00
Morris Jobke 1264e9644f Merge pull request #402 from nextcloud/smb-notifications
smb update notifications
2016-07-20 16:19:21 +02:00
Vincent Petry 631af42b3a
Added storage tests for fopen with special chars
This makes it possible to test special chars with unit tests.
There is already a test for directories but there was none for file
names.
2016-07-20 15:13:24 +02:00
Roeland Jago Douma 0bda09236e
Add route tests 2016-07-18 11:09:49 +02:00
Roeland Douma 6f9236fb3b Merge pull request #381 from nextcloud/postgres-setup
use pdo for postgres setup
2016-07-15 21:30:51 +02:00
Roeland Jago Douma a3fa0d00c3
Cleanup ManagerTest
* Fix deprecated getMock call
* No longer requires DB
2016-07-14 13:49:18 +02:00
Joas Schilling c04e7b13c3 Merge pull request #392 from nextcloud/roottest_nodb
RootTest does not require DB
2016-07-13 16:54:19 +02:00
Robin Appelman 29eeeb2273 Save the files external mount id in the mount cache table 2016-07-13 16:34:08 +02:00
Roeland Jago Douma 927be847b9
RootTest does not require DB
* Removed from DB group
* Also mock the manager
* Fixed deprecated getMock warnings
2016-07-13 14:35:34 +02:00
Robin Appelman b288c6796a fix test 2016-07-13 14:33:04 +02:00
Roeland Jago Douma f2d091a963
Fix failing tests after db split 2016-07-13 09:26:19 +02:00