a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
...
workflow overhaul
2019-09-11 13:14:06 +02:00
41cbb05aea
Split personal security settings in code
...
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
1cc6f34d88
adapt file hooks test to eventdispatcher utilization
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
...
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
...
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
8ef5a366ec
add MAX and MIN to functionbuilder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
0ff08810d9
Log/FileTest does not require the DB
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
d33e0be2f1
adjust test expectations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
2fdf946dae
Merge pull request #16454 from nextcloud/bugfix/noid/sharelink-shouldnt-open-menu-automatically
...
Dont show menu automatically when share link is clicked
2019-09-04 10:36:04 +02:00
773778dd8c
Add default timeout to expected request options
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
1993984769
Adjust acceptance tests to changes in link share menu behaviour
...
Now the link share menu is not automatically opened after a link share
is created, so waiting until it was opened failed in iShareTheLinkFor.
Note that the steps that interact with the link share menu take care
themselves of showing the menu if needed, so there is no need to
explicitly show it despite the change. Also, the waiting in
iShareTheLinkFor was introduced when the link share menu was changed
to automatically open after creating a link share, as that caused some
issues with the steps that opened the menu by themselves (fec8d12fc5
2019-08-29 10:19:03 +02:00
3f12ec95f0
SessionMiddleware: declare session property
...
* Remove request since we don't useit
* Update tests as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
caf32d25f8
Merge pull request #16879 from only-run-integration-tests-on-php-changes
...
Only run integration tests when PHP was modified
2019-08-27 18:12:40 +02:00
495f94e558
Merge pull request #16875 from nextcloud/bugfix/16874/welcome-mail-client-url
...
Use custom client URL in welcome emails
2019-08-27 13:48:11 +02:00
23a0cbe6ef
Only run integration tests when PHP was modified
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-27 11:31:15 +02:00
52dc36fb88
Mock client URL in new user mail tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-27 10:22:54 +02:00
505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
...
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
4bd83c9a28
adjust tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
db968cb1d4
Cleanup the Settings class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
...
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
6d20876eb2
Merge pull request #16782 from nextcloud/fix/16729/stop-if-encrypted-token-null
...
Stop if there is no encrypted token
2019-08-21 12:31:12 +02:00
7927aebdeb
Fix report of phpstan in Limiter
...
* unneeded arguments to constructor
* added return types
* let automatic DI do its work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
9c4c5ee818
Add test case for existing user with token null
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:27:03 +02:00
7f7c6e49b6
Return the disabled user mock instead of the existing
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:18:39 +02:00
e5a305b9d8
Allow Context subclasses in acceptance tests to access parent actor
...
Although uncommon, in some cases a Context may need to be extended (for
example, to override a step defined in the server with a specific
behaviour in the acceptance tests of an app); in those cases the
subclass should be able to access the actor attribute defined in the
Context it is extending.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-08-16 08:20:41 +02:00
fced73aa37
Merge pull request #16711 from nextcloud/fix/csp/form_actions/loginflow
...
Fix login flow form actions
2019-08-12 08:24:53 +02:00
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
6dc179ee12
Fix login flow form actions
...
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-11 19:53:49 +02:00
f81817b47d
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
cf647451e5
Update CSP test cases to handle the new form-action
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540
...
Add missing password reset page to vue
2019-07-31 11:02:20 +02:00
3b0d13944a
Move actual password reset to vue
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 09:19:07 +02:00
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
0ea7fbae54
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
...
Split up security middleware
2019-07-29 12:13:55 +02:00
b6dd2ebd39
Use proper exception in lostController
...
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
...
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
71e5300f84
Merge pull request #16551 from nextcloud/fix/12735/displayname-email
...
supresses disclosing the userid for LDAP users in the welcome mail
2019-07-26 15:14:59 +02:00
78201bcb72
treat sensitive config keys by pattern
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
0487144b26
Remove deprecated searchByTag
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
898430b6b1
supresses disclosing the userid for LDAP users in the welcome mail
...
The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 10:48:34 +02:00
3674f6fa2d
Check the if we can actually access the storage cache for recent files
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
...
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
8bed3021bd
Exclude .rnd files from integrity check
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
ea935f65fd
Add support for CSP_NONCE server variable
...
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.
Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
...
Notifications overhaul
2019-07-17 20:22:03 +02:00
782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
...
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
99f2c82222
Properly inject the logger
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
565838da9c
Update unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
55f5bc79a1
Keep the old method as a fallback and adjust the tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
f8aeef7ae9
Lock SCSS so we only run 1 job at a time
...
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
c193c0d466
Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentions
...
Allow guest mentions of talk to be parsed
2019-07-12 10:35:54 +02:00
092d34d9df
Add a unit test for guests as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 10:24:27 +02:00
5c21b29d7f
Merge pull request #16308 from nextcloud/fix/undefined-offset-0
...
Prevent undefined offset 0 in findByUserIdOrMail
2019-07-10 12:16:36 +02:00
d57540ac84
Return first value from $users
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 19:29:14 +02:00
6a088d6800
Merge pull request #16310 from nextcloud/enh/drop-execution-context
...
Don't send executionContexts for Clear-Site-Data
2019-07-09 19:20:50 +02:00
6235a66aac
Don't send executionContexts for Clear-Site-Data
...
There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59
Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034
Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 15:08:25 +02:00
d058ef2b6c
Make it possible to wipe all tokens/devices of a user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
1c261675ad
Refactor: move remote wipe token logic to RW service
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
...
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
5ac857bcdc
Add an event to edit the CSP
...
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
53d2d95478
Remove one time repair steps that have already run when updating to 17
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
5a03189ce7
Mimetype list integrity check should not fail if it's changed ( #15810 )
...
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
9211e34aec
Added Tests for modified mimetypelist
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
857fae288c
Always set the display name for user shares
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00
85a80b05ac
Unify the permission checking in one place only
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 16:34:00 +02:00
e4addbae3e
Better check reshare permissions when creating a share
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-03 14:00:13 +02:00
c50fe2a9c9
Send emails when remote wipe starts/finishes
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-02 21:59:23 +02:00
9f7fca49bb
Merge pull request #15775 from nextcloud/refactor/decouple-remote-wipe-notifications
...
Decouple remote wipe notifcation channels with events
2019-07-02 08:58:21 +00:00
5db328cc15
Remove fs package
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-01 11:24:58 +02:00
2c449469d3
Merge pull request #16070 from nextcloud/fix/setup-check-no-internet-no-error
...
Do not show a internet connectivity warning if internet access is dis…
2019-06-28 10:54:29 +02:00
5898e87e0f
Remove deleted groups from app restrictions fixes #15823
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-06-27 20:17:50 +02:00
aa6622ccef
Decouple remote wipe notifcation channels with events
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 17:16:18 +02:00
dd79eda8a0
Use correct test avatar
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-27 13:27:03 +02:00
20afe94297
Do not show a internet connectivity warning if internet access is disabled
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-27 10:51:59 +02:00
b466127b1f
Merge pull request #16055 from nextcloud/design/native-fonts
...
Use native font stack
2019-06-26 00:08:16 +02:00
d4a44d9b78
Merge pull request #15870 from nextcloud/preview-provider-v2
...
Add new Provider interface for preview providers
2019-06-25 15:05:54 +02:00
335af0c46c
Merge pull request #15971 from nextcloud/dependabot/npm_and_yarn/tests/ui-regression/pixelmatch-tw-5.0.2
...
Update pixelmatch requirement from ^4.0.2 to ^5.0.2 in /tests/ui-regression
2019-06-25 14:25:29 +02:00
5fbf304c2a
Merge pull request #15777 from nextcloud/feature/ocp-event-dispatcher
...
Add event dispatcher to OCP
2019-06-25 11:48:16 +02:00
3174012adf
Add event dispatcher to OCP
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-06-25 10:02:27 +02:00
d14c0f2ed7
Move font from Nunito to Noto Sans
...
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2019-06-22 11:23:44 +02:00
1ad95caf24
Merge pull request #15889 from nextcloud/touch-handle-backend-exceptions
...
handle storage exceptions when trying to set mtime
2019-06-21 17:14:27 +02:00
000898d932
fix tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-21 16:23:47 +02:00
d5805df6c2
Fix subscription tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-06-17 16:36:24 +02:00
6150614374
Add new Provider interface for preview providers
...
the main difference is passing the `File` object to the provider
instead of a `View` + path
Old providers will still continue to work as before
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-06-17 14:09:09 +02:00
f5709c130b
Update pixelmatch requirement in /tests/ui-regression
...
Updates the requirements on [pixelmatch](https://github.com/mapbox/pixelmatch ) to permit the latest version.
- [Release notes](https://github.com/mapbox/pixelmatch/releases )
- [Commits](https://github.com/mapbox/pixelmatch/compare/v4.0.2...v5.0.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-06-16 01:13:18 +00:00
bf18f1ee93
Add strict type on Notifications tests ( #15935 )
...
Add strict type on Notifications tests
2019-06-14 14:12:50 +02:00
e9351ef779
Add strict type on Notifications tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-06-13 14:58:38 +02:00
b3bfae8cfe
Adjust acceptance tests to notifications based on toastify ( #15938 )
...
Adjust acceptance tests to notifications based on toastify
2019-06-13 14:04:50 +02:00
e65fd11419
Add messages to assertFalse/True to clarify the failed assertion
...
Otherwise the output would just read "Failed asserting that true is
false." or "Failed asserting that false is true.", which is not very
informative when there are several assertFalse/True in a row.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-06-12 15:32:40 +02:00
df8406dbae
Adjust acceptance tests to notifications based on toastify
...
The old notifications were added as ".row" elements to the
"#notification-container" element; the new notifications based on
toastify are added as ".toastify .on .toast..." elements to the
"#content" element. Besides that, they also include a span element with
an X to close the notification, so now only the first child text node
should be compared to the expected message.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-06-12 14:32:15 +02:00
Christoph Wurst
Roeland Jago Douma
Roeland Jago Douma
Arthur Schiwon
Robin Appelman
Daniel Kesselberg
Greta Doci
John Molakvoæ
Joas Schilling
Julius Härtl
Daniel Calviño Sánchez
Scott Shambarger
Joas Schilling
Morris Jobke
Sam Bull
Xheni Myrtaj
Georg Ehrke
Jan-Christoph Borchardt
dependabot-preview[bot]
John Molakvoæ (skjnldsv)