Commit Graph

2961 Commits

Author SHA1 Message Date
Thomas Müller 0c3d97921f Merge pull request #20904 from owncloud/view-mime-filter
Fix mimetype filter in getDirectoryContent
2015-12-07 10:20:43 +01:00
Vincent Petry 316b907a13 Fixed system tags DAV and API and docs 2015-12-04 17:30:50 +01:00
Roeland Jago Douma a619629ac0 Only try to load avatars in the user list if there is any 2015-12-04 14:56:49 +01:00
Thomas Müller 602b636d3e Merge pull request #20807 from owncloud/dont-append-redirect-url-if-user-is-already-logged-in
Don't append redirect URL if user is logged-in
2015-12-03 16:53:59 +01:00
Thomas Müller 0fe5506e91 Merge pull request #20921 from owncloud/last-OC_Config-removals-in-tests
Reduce OC_Config usage in tests/
2015-12-03 15:24:41 +01:00
Morris Jobke cbe6eeffa1 last change of OC_Config to the proper interface in tests/ 2015-12-03 14:03:05 +01:00
Thomas Müller 2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code
reuse code
2015-12-03 13:55:50 +01:00
Morris Jobke 542ce7dd0d Reduce OC_Config usage in tests/ 2015-12-03 13:48:19 +01:00
Robin Appelman 19b2fe6a3a Fix mimetype filter in getDirectoryContent 2015-12-03 13:09:13 +01:00
Jesus Macias Portela dcfbbe4737 Merge branch 'master' into issue_20427 2015-12-03 12:35:49 +01:00
Morris Jobke e9c8f82fc5 Replace OC_Config in tests with IConfig calls 2015-12-03 09:38:41 +01:00
Thomas Müller c6bda8d6ca Merge pull request #20902 from owncloud/drop-OC_Config-from-tests
Replace OC_Config in tests with IConfig calls
2015-12-03 09:30:47 +01:00
Thomas Müller e7239b6553 Merge pull request #20872 from owncloud/systemtags-better-not-found-exception
Systemtags better not found exception
2015-12-03 09:26:05 +01:00
Thomas Müller a5c80ba8bc Merge pull request #20894 from owncloud/post-delete-meta-view
Also add metadata for postDelete hooks triggered from the view
2015-12-03 09:24:54 +01:00
Morris Jobke d331e0d4f8 Replace OC_Config in tests with IConfig calls 2015-12-02 23:14:52 +01:00
Thomas Müller dcc7ff09ba Adding unit test for MailNotifications::sendInternalShareMail() 2015-12-02 21:42:14 +01:00
Thomas Müller eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Thomas Müller df5872ec50 Merge pull request #20719 from owncloud/adding-system-addressbook-of-users
Adding system addressbook for users of this instance - a occ command …
2015-12-02 16:17:58 +01:00
Thomas Müller 28ceab2f61 Fix endless recursion 2015-12-02 14:44:41 +01:00
Morris Jobke 0a6db3ada6 Remove OC_Config from app management template
* add unit test for this case
2015-12-02 14:35:38 +01:00
Robin Appelman 0062888aaf Also add metadata for postDelete hooks triggered from the view 2015-12-02 13:51:26 +01:00
Thomas Müller 8d218bf3ef Merge pull request #20875 from owncloud/remove-changepropagator
remove old propagation logic
2015-12-02 13:03:31 +01:00
Thomas Müller c46ea30248 Merge pull request #20865 from owncloud/post-delete-meta
Add metadata to post delete hooks
2015-12-02 10:12:54 +01:00
Thomas Müller 0391cc0451 Fix getCloudId 2015-12-02 09:14:41 +01:00
Thomas Müller fe67db1ad0 Adding unit test for User::getCloudId() 2015-12-02 09:14:41 +01:00
Thomas Müller df6fc6cc70 Add the user's cloud id to the vCard 2015-12-02 09:14:41 +01:00
Thomas Müller dad6470baa Add IUser::getAvatarImage() for easy access 2015-12-02 09:14:41 +01:00
Roeland Jago Douma b00db2c933 DI in avatar code
* DI in avatar code
* Use the node API
* More unit tests
* Unit tests no longer require DB
2015-12-01 22:15:43 +01:00
Robin Appelman 62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Lukas Reschke 2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Joas Schilling 08d07cc4db Fix the unit test by running tearDown() and cleaning tags before the test 2015-12-01 15:00:44 +01:00
Joas Schilling 1d0c041ac8 Add a method to get the list of tags from the TagNotFound Exception 2015-12-01 14:54:34 +01:00
Robin Appelman 0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Lukas Reschke 4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller 08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Joas Schilling b8b0ae0944 Fix phpstorm complains in tests 2015-11-30 13:36:22 +01:00
Thomas Müller b94aadc440 Cleanup imports and type hinting 2015-11-30 12:45:30 +01:00
Lukas Reschke f4eb15d340 Show error template
Otherwise this leads to an endless redirection in case of a CSRF exception. Also sets user expectation right.
2015-11-30 11:25:52 +01:00
Thomas Müller dddfa6de78 Don't break app on travis 2015-11-30 10:55:13 +01:00
Thomas Müller 318e5e2864 More group DB 2015-11-30 10:55:13 +01:00
Thomas Müller f9fc254672 Add DB group to some files_external tests
Adding group Db to federation tests and ldap tests

Add group DB to Test_UrlGenerator

Adding group DB to trashbin and versions tests

Adding group DB to Test_Util_CheckServer for pg
2015-11-30 10:55:10 +01:00
Thomas Müller 757aa45db7 Adding more DB groups to test suits
Adding more DB groups to test suits
2015-11-30 10:55:06 +01:00
Thomas Müller 56170dd825 Further unit test suite tweats 2015-11-30 10:55:05 +01:00
Thomas Müller 1480964768 Adding more test suites to group DB 2015-11-30 10:55:05 +01:00
Thomas Müller 7e71d8231e Mock DIContainer to not hit the database 2015-11-30 10:55:05 +01:00
Thomas Müller 3bb6dcea64 Apply DB group annotation ... 2015-11-30 10:55:05 +01:00
Thomas Müller 03ee3b9aec A TestCase which is not annotated to be in group DB will not allow access to the database connection.
This is necessary to categorize unit test and avoid duplicate test case execution - it also allows us to closely review unit test implementations to identify unnecessary db calls.
2015-11-30 10:55:05 +01:00
Joas Schilling 24d5ce9a58 Add phpunit group for tests 2015-11-30 10:25:53 +01:00
Thomas Müller 9c1dbaf0ad Merge pull request #20788 from owncloud/catch-missing-route
Dont die when we're missing a route
2015-11-30 10:11:12 +01:00
Robin Appelman 4c4331982c Merge pull request #20789 from owncloud/scanner-skip-not-available
Skip unavailable storages in scanner
2015-11-27 22:57:47 +01:00
Vincent Petry b666367a79 Added system tags data structure and PHP side managers
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Robin Appelman aa822f76e2 fix tests 2015-11-27 17:05:58 +01:00
Robin Appelman ae71f80f4a Skip unavailable storages in scanner 2015-11-27 14:02:50 +01:00
Mitar e0e51fd79f Added tests. 2015-11-27 02:45:49 -08:00
Thomas Müller 8fe878afe9 Merge pull request #20602 from owncloud/fix-installed-apps
Always installed apps includes the hardcoded ones from shipped.json
2015-11-26 16:50:05 +01:00
Thomas Müller 80c43ffc6c Merge pull request #20702 from owncloud/move-user-principal-into-subfolder
Users are available under it's own principal resource named 'principa…
2015-11-26 16:49:49 +01:00
Thomas Müller 19d5059109 Merge pull request #20393 from owncloud/querybuilder-select-with-alias
Add a method to select a field or value with alias
2015-11-26 16:19:20 +01:00
Thomas Müller 3882cc8ef3 Merge pull request #20744 from owncloud/oc_helper-getMimeType-cleanup
Remove last occurences of OC_Helper::getMimeType()
2015-11-26 12:37:25 +01:00
Thomas Müller 5a33390a69 Merge pull request #20731 from owncloud/per-storage-updater
Make Cache\Updater per storage
2015-11-26 12:01:44 +01:00
Morris Jobke 4fcab98694 Remove unused internal methods
* removes OC_Helper::mb_substr_replace and OC_Helper::mb_str_replace
* keeps public interface wrapper working as expected
2015-11-26 10:25:43 +01:00
Morris Jobke 9318606faf Remove last occurences of OC_Helper::getMimeType()
* ref #4774
2015-11-26 10:18:32 +01:00
Thomas Müller b799e42b4e Introduce \OCP\IUser::getEMailAddress() 2015-11-25 22:23:34 +01:00
Thomas Müller 9ec2f8886e Merge pull request #20691 from owncloud/share2.0_di_fixes
[Sharing 2.0] di fixes
2015-11-25 15:25:50 +01:00
Robin Appelman b025f07fb7 Make Cache\Updater per storage 2015-11-25 14:16:00 +01:00
Thomas Müller 50f6817ce9 Merge pull request #20439 from owncloud/etag-propagate-in-storage
Take submount etag into account for folder etags
2015-11-25 12:49:54 +01:00
Roeland Jago Douma a2b8483779 [Sharing 2.0] Default share provider only generic DI
No injection of userfolders etc. Only generic DI components
(IRootFolder) etc should be used to make sure we can also run this from
the cli
2015-11-24 10:26:36 +01:00
Roeland Jago Douma aeae73b364 [Sharing 2.0] Removed unused DI stuff
The share manager etc should not care about filtering stuff. They should
return what is asked for them.
2015-11-24 10:26:36 +01:00
Joas Schilling 018bd3ee24 Make sure that object id can be a string 2015-11-23 14:18:15 +01:00
Thomas Müller df906f475b Merge pull request #20617 from owncloud/fix-usage-of-lastInsertId
lastInsertId() is properly working with Oracle if the table name is p…
2015-11-23 13:29:08 +01:00
Thomas Müller 240cc1c4ea Merge pull request #20543 from owncloud/share2.0_fix_hooks
Move hook and delete children logic to share manager
2015-11-23 13:28:49 +01:00
Joas Schilling 1c7d7288c4 Add a method to select a field or value with alias 2015-11-23 13:28:31 +01:00
Thomas Müller f85282c90a Merge pull request #20577 from owncloud/notifications-datetime-timestamp
Use a DateTime object instead of a timestamp
2015-11-23 13:14:45 +01:00
Morris Jobke bc69cb2de3 fix unit tests 2015-11-23 13:13:26 +01:00
Roeland Jago Douma 1360e22d7c [Sharing 2.0] Move hook and delete children logic to share manager
To make sure hooks are always fired and child entries are always
cleaned. This logic is moved to the share manager.

* Updated unit tests
2015-11-23 12:28:54 +01:00
Thomas Müller 9f69021691 lastInsertId() is properly working with Oracle if the table name is properly passed in 2015-11-23 11:44:08 +01:00
Joas Schilling a370c29068 Use a DateTime object instead of a timestamp 2015-11-23 11:41:48 +01:00
Morris Jobke 32ab973254 add unit tests for OC_Util::add* methods 2015-11-23 11:03:09 +01:00
Thomas Müller bf672d7e51 Merge pull request #20222 from owncloud/federated_sharing_auto_complete
federated sharing auto-complete, first step
2015-11-23 10:42:14 +01:00
Thomas Müller 79bbda994b Merge pull request #16902 from owncloud/jsocclient
Web UI uses Webdav instead of ajax/* calls
2015-11-23 09:38:01 +01:00
Thomas Müller 358858c9e3 Fix undefined HTTP_USER_AGENT 2015-11-22 16:05:50 +01:00
Vincent Petry f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
Roeland Jago Douma 0265bcfdae Moved changedisplayname to usercontroller
Killed the old static route to change a users display name and moved it
to a properly testable controller.
2015-11-20 16:05:43 +01:00
Vincent Petry 5b9a693fbc Added some unit tests for the status manager 2015-11-20 16:00:16 +01:00
Thomas Müller 427d107b9f Merge pull request #20614 from owncloud/use-mocks-when-testing-isSharingDisabledForUser
Use mocks when testing isSharingDisabledForUser
2015-11-20 15:22:52 +01:00
Björn Schießle ed039ee5eb added app "federation", allows you to connect ownClouds and exchange user lists 2015-11-19 18:06:38 +01:00
Thomas Müller c565a7b042 Fix failing unit test 💀 2015-11-19 16:44:43 +01:00
Thomas Müller 9ec2850c78 Use mocks when testing isSharingDisabledForUser 2015-11-19 15:36:16 +01:00
Robin Appelman a95d4c2b22 update tests 2015-11-19 13:32:04 +01:00
Robin Appelman 888df3933d take the etag of child mounts into account for the folder etag
this replaces shared etag propagation
2015-11-19 13:32:00 +01:00
Joas Schilling 0b8335ff2f Make the JobList test more robust by sorting the result of getAll before comparison 2015-11-19 09:25:34 +01:00
Thomas Müller 8db9c49cda Merge pull request #20551 from owncloud/notification-fix-tests
Notification - Add tests for the "return $this" and fix it on the new method
2015-11-18 09:12:27 +01:00
Thomas Müller 74ce6d29e1 Merge pull request #20544 from owncloud/move-index-to-appframework
Move index.php from files to AppFramework
2015-11-17 12:49:38 +01:00
Joas Schilling 2fde6a77d7 Add tests for the "return $this" and fix it on the new method 2015-11-17 09:26:13 +01:00
Thomas Müller 705d208a8a Merge pull request #20539 from owncloud/notification-api-adjustment
Notification api update
2015-11-17 08:39:06 +01:00
Lukas Reschke daa388ce8d Move index.php from files to AppFramework
1. Allows it to use the more secure CSP rules of the AppFramework.
2. Adds some unit tests.
2015-11-16 21:10:11 +01:00
Joas Schilling 40d5d55124 Remove the icon for now 2015-11-16 16:17:23 +01:00
Joas Schilling 1666af89c2 Add "is primary action" to actions 2015-11-16 16:14:52 +01:00
Roeland Jago Douma 1e9fc33212 [Share2.0] OCS Share API getShare uses new code 2015-11-16 13:32:28 +01:00
Roeland Jago Douma fee6847f48 [Avatar] No need to setup FS for avatar tests 2015-11-14 14:52:51 +01:00
Christian Schnidrig d0464bf772 enable microseconds in log timestamps 2015-11-12 10:33:20 +01:00
Robin Appelman 20cad09f7f Add tests for FileInfo owner 2015-11-10 11:06:48 +01:00
Robin Appelman 960c8cb5bc Merge pull request #16604 from owncloud/cache-escape-like
escape like parameter in cache operations
2015-11-10 09:45:00 +01:00
Roeland Jago Douma 87e3402ef5 Fix autoloader unit test output
Removed leftover print statement
2015-11-09 15:54:40 +01:00
Roeland Jago Douma 0bb5eadf89 [autoloader] Make sure to load construct full paths
This reduces a lot of the autoloader magic and makes sure that we
generate full paths in the autoloader.
2015-11-06 13:36:19 +01:00
Thomas Müller cc4f4f222d Merge pull request #20348 from owncloud/issue-20303-integer-group-names
Make sure that group names are strings not integers
2015-11-06 11:48:40 +01:00
Thomas Müller 8047597a81 Merge pull request #20288 from owncloud/fix_20234
make sure that we update the unencrypted size for the versions
2015-11-06 11:17:17 +01:00
Joas Schilling 292dc553c3 Make sure that group names are strings not integers 2015-11-06 10:40:09 +01:00
Robin Appelman 556fabf15d Add test for special character during move 2015-11-05 16:29:38 +01:00
Roeland Jago Douma 532b8a1ad0 Fix oracle 2015-11-05 15:59:09 +01:00
Roeland Jago Douma 0be05fdddd Add unshare hooks 2015-11-05 15:59:09 +01:00
Roeland Jago Douma 6624fa212a The new sharing code now handles deletion
OCS -> ShareManager -> DefaultShareProvider
2015-11-05 15:59:09 +01:00
Arthur Schiwon 51ead4e59b subadmin methods should not return any null user or group 2015-11-05 11:50:57 +01:00
Björn Schießle 6d0a324144 make sure that we update the unencrypted size for the versions 2015-11-04 10:59:05 +01:00
Thomas Müller b162761124 Merge pull request #20157 from owncloud/users-fixeveryonecount
Fix everyone count for subadmins
2015-11-04 10:28:56 +01:00
Morris Jobke a91572b7f3 Use proper statement to retrieve the IP of an docker instance 2015-10-30 09:28:33 +01:00
Vincent Petry 781bca2437 Fix everyone count for subadmins
Also moved the logic to the UsersController
2015-10-29 17:41:49 +01:00
Thomas Müller 73d9699be9 Merge pull request #20135 from owncloud/check-if-null-subadmin
Drop OC_SubAdmin and replace usages
2015-10-29 17:07:45 +01:00
Thomas Müller b840fc7c58 Merge pull request #20134 from owncloud/pass-with-skipping
Make Travis CI pass when DAV was not touched
2015-10-29 14:14:36 +01:00
Thomas Müller 530f7229e7 Merge pull request #19869 from owncloud/cache-adjustcurrentmtimeonrename
On rename, also refresh storage_mtime of the target file
2015-10-29 11:57:00 +01:00
Lukas Reschke c6f6a8758b Drop OC_SubAdmin and replace usages 2015-10-29 11:31:18 +01:00
Joas Schilling 9d35cacfda Make Travis CI pass when DAV was not touched 2015-10-29 10:14:45 +01:00
Joas Schilling 6043f0afdb Use the method 2015-10-29 09:26:26 +01:00
Joas Schilling e5a7e3124a Add a repair step that checks for group membership on shares 2015-10-29 09:26:26 +01:00
Joas Schilling ca2fd30073 Remove shares where the parent does not exist anymore 2015-10-29 09:26:26 +01:00
Thomas Müller 09fff15021 run litmus scripts only if code in the dav app did change changed 2015-10-28 09:59:09 +01:00
Thomas Müller b753e7631b Enable DAV app testing on travis 2015-10-27 23:00:04 +01:00
Joas Schilling e19c49295a Use speaking ids 2015-10-26 16:15:15 +01:00
Joas Schilling a9a6d4c182 Stay on the same category when refreshing the page on the apps list 2015-10-26 16:15:14 +01:00
Vincent Petry f355d4e51a Fix locking unit tests due to filemtime addition 2015-10-26 15:41:23 +01:00
Vincent Petry b900782513 Also adjust storage_mtime of target after rename
Some storages like Dropbox change their mtime on rename...
2015-10-26 15:41:23 +01:00
Lukas Reschke 13e817e901 Throw exception on `getPath` if file does not exist
Currently the `getPath` methods returned `NULL` in case when a file with the specified ID does not exist. This however mandates that developers are checking for the `NULL` case and if they do not the door for bugs with all kind of impact is widely opened.

This is especially harmful if used in context with Views where the final result is limited based on the result of `getPath`, if `getPath` returns `NULL` PHP type juggles this to an empty string resulting in all possible kind of bugs.

While one could argue that this is a misusage of the API the fact is that it is very often misused and an exception will trigger an immediate stop of execution as well as log this behaviour and show a pretty error page.

I also adjusted some usages where I believe that we need to catch these errors, in most cases this is though simply an error that should hard-fail.
2015-10-25 17:58:21 +01:00
Lukas Reschke 8133d46620 Remove dependency on ICrypto + use XOR 2015-10-21 17:33:41 +02:00
Roeland Jago Douma 02af4269f2 Fix unit test
Now that OC_SubAdmin is just a wrapper around OC\SubAdmin some unit
tests had to be fixed because they expected different behaviour.

Eventually they should move to properly mocked instances of OC\SubAdmin
of course
2015-10-21 11:41:25 +02:00
Roeland Jago Douma 0e9ab13943 New \OC\SubAdmin class
* DI
* Tests
* moved OC_SubAdmin to legacy
* Added to private OC\GroupManager
2015-10-21 11:32:38 +02:00
Thomas Müller cf9b8fc182 Merge pull request #18184 from owncloud/ocs-merge-headers
Merge headers of ocs results
2015-10-21 10:36:37 +02:00
Jörn Friedrich Dreyer 2895c91291 Merge pull request #17641 from owncloud/fix_objectstore_rename
don't move files in cache twice, fixes renaming for objectstores
2015-10-19 17:18:57 +02:00
Jörn Friedrich Dreyer c530c9c322 Merge pull request #19864 from owncloud/fix-objectstore-btrfs-host
skip btrfs hack for objectstore docker container on btrfs host
2015-10-19 16:49:35 +02:00
Robin Appelman 9c5337ca3e Merge pull request #19833 from owncloud/fix_view_rmdir
Removemount expects absolutePath
2015-10-19 16:22:42 +02:00
Morris Jobke 6d3a9bf03a skip btrfs hack for objectstore docker container on btrfs host 2015-10-19 10:32:51 +02:00
Thomas Müller de55f6afbf Fix error in stop script 2015-10-16 21:54:09 +02:00
Robin Appelman ef179331bb Add tests for double cache rename 2015-10-16 21:41:51 +02:00
Robin Appelman a87368acb9 Skip checkupdate test for swift 2015-10-16 21:41:51 +02:00
Roeland Jago Douma 8fdb12f8fb Check for error when resharing 2015-10-16 20:43:17 +02:00
Roeland Jago Douma 9e86d71cc5 When sharing with the owner show the path
The error message should contain the path that is being shared not the
numeric id.
2015-10-16 20:43:17 +02:00
Roeland Jago Douma d8798877df Added test for rmdir on moveablemount 2015-10-16 16:51:44 +02:00
Thomas Müller 8fa59033ac Fix uni tests 2015-10-16 13:17:12 +02:00
Thomas Müller f2889dc6e4 Consolidate webdav code - move all to one app 2015-10-16 13:17:12 +02:00
Lukas Reschke e0d6bd5b6d Run test only when idn is available
IDN is not installed on all machines making the unit test execution fail on those without. Let's make IDN thus a pre-requirement for the text execution.
2015-10-16 11:02:10 +02:00
Joas Schilling d904a09a04 The constant is now deprecated 2015-10-14 15:29:38 +02:00
Thomas Müller 28d6da8158 Merge pull request #19738 from owncloud/proppatch-lastmodified
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
2015-10-14 12:49:33 +02:00
Thomas Müller bfac6c5eb7 Merge pull request #19730 from owncloud/fix_17560
Squash collection shares
2015-10-14 12:38:16 +02:00
Lukas Reschke 5d53fb4bc8 Reference v2 in the provider list 2015-10-13 16:45:16 +02:00
Lukas Reschke abdbf10ebc Do not print exception message
In case of an error the error message often contains sensitive data such as the full path which potentially leads to a full path disclosure.

Thus the error message should not directly get displayed to the user and instead be logged.
2015-10-13 14:12:10 +02:00
Vincent Petry 02513f8d04 Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
Fix regression that makes PROPPATCH of mtime work like it did in OC <=
8.0.
The PROPPATCH must be done on the "lastmodified" property.
The "getlastmodified" now return 403 again.
2015-10-13 12:51:21 +02:00
Thomas Müller 3891cd9068 Merge pull request #19677 from owncloud/silently-fail-app-upgrade-exceptions-master
Silently fail app upgrade exceptions
2015-10-13 11:04:02 +02:00
Roeland Jago Douma 06aaa059d1 Squash collection shares
If folder1 is shared to user2 and user3. And folder1/folder2 is shared
to user4 and user5 then getting all the users with access to
folder1/folder2 should only list user2 and user 3 once.

Previously this was done twice since we request the info two times.

This fix makes sure that we only append unique results to the array.

* Added test
2015-10-13 10:05:49 +02:00
Lukas Reschke e03f0542e4 Strip directory from scriptName
`\OCP\IRequest::getScriptName` will also return the directory, so if ownCloud is installed in a subfolder such as `owncloud/` it will resolve to `/owncloud/ocs/v2.php`. This made this check fail and also made it return invalid status codes.
2015-10-12 23:39:16 +02:00
Thomas Müller 64a8d01694 Merge pull request #19683 from owncloud/repair-donotrepairfoldermimetypes
Do not update mime types for folders with extension
2015-10-12 15:08:19 +02:00
Bjoern Schiessle 8185eaa6dd also detect files in a .part folder as part file 2015-10-12 13:59:16 +02:00
Thomas Müller 0036c637fc Merge pull request #19657 from owncloud/setup-transport
Setup sendmail transport
2015-10-12 13:44:26 +02:00
Vincent Petry 8098c06e70 Do not update mime types for folders with extension
Some folders might have an extension like "test.conf".
This fix prevents to overwrite the folder's mime type with another mime
type while running the mimetype repair step.
2015-10-09 18:16:36 +02:00
Thomas Müller 4cb5970947 Always pass in ILogger 2015-10-09 14:08:22 +02:00
Jörn Friedrich Dreyer c8640cdcb0 adjust filesystem tests to objectstore 2015-10-09 12:35:37 +02:00
Thomas Müller 020bb33150 Merge pull request #19034 from owncloud/http-request-warning
Prevent warning decoding content
2015-10-08 21:51:47 +02:00
Lukas Reschke 12181aa6de Don't perform checks for outdated TLS libs when no internet connection
This change makes the check return a positive result when:

- The instance has been configured to not use the internet
AND/OR
- S2S AND the appstore is disabled
2015-10-08 18:26:03 +02:00
Lukas Reschke 18394205c2 Setup sendmail transport
Replaces https://github.com/owncloud/core/pull/19047 and fixes https://github.com/owncloud/enterprise/issues/854  and https://github.com/owncloud/core/issues/19110
2015-10-08 16:48:18 +02:00
Thomas Müller 17ffa4a244 Merge pull request #19414 from owncloud/swift_primary_storage_tests
Swift primary storage tests
2015-10-08 14:08:56 +02:00
Thomas Müller 2fda4e38e2 Merge pull request #19546 from owncloud/fix-search-for-node-api
Fix search operations for the Node API
2015-10-08 13:17:26 +02:00
Roeland Jago Douma 1ee56c702d [WEBDAV] check if delete of source is allowed on move
Fixes #5251

If we perform a move we need to make sure first that the source can be
deleted. Else the dest might be cleared but the move will fail later.

* Added unit tests

Eventually we need more and better checking here.
2015-10-07 11:58:16 +02:00
Jörn Friedrich Dreyer 5646e39248 test objectstore with ceph docker
use default config for swift primary storage test config

allow testsuite to complete

fix timeout, script cleanup, enable debug for now

use btrfs loopback device, requires privileged container and absolute path

throw exception when storage has problems

debug by echo ...

sleep more, more debug
2015-10-06 16:27:25 +02:00
Robin Appelman e28a2ff888 Add unit test for searching in storage root 2015-10-06 15:54:17 +02:00
Lukas Reschke 80a232da6a Add \OCP\IRequest::getHttpProtocol
Only allow valid HTTP protocols.

Ref https://github.com/owncloud/core/pull/19537#discussion_r41252333 + https://github.com/owncloud/security-tracker/issues/119
2015-10-06 14:18:46 +02:00
Thomas Müller da640adf68 Merge pull request #19577 from owncloud/share-donotreturnentrieswhenusernotingroup
Remove invalid share items from result when missing group membership
2015-10-06 09:24:22 +02:00
Thomas Müller 822e8fbfe1 Merge pull request #19535 from owncloud/check-memcache-module
[admin] check for correct PHP memcached module
2015-10-06 09:24:03 +02:00
Morris Jobke b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Vincent Petry 1c7244c120 Remove invalid share items from result when missing group membership
Group shares usually have subshare entries for every user. In some
situations it can happen that the user was removed from the group but
the subshare entries still exist.

This fix makes sure that such subshare entries are not returned any more
as the user isn't in the group any more.
2015-10-05 17:21:34 +02:00
Joas Schilling ac5b3161e4 Add a unit test for "share a file inside a folder that is already shared" 2015-10-05 12:36:16 +02:00
Thomas Müller 34951efed6 Merge pull request #19574 from owncloud/fix-sharing-tests-assuming-empty-share-table
Clear the shares after the test like storages and files
2015-10-05 11:00:34 +02:00
Thomas Müller 56c35da8d5 Merge pull request #19416 from owncloud/node-hook-connector
pass view hooks trough to the node hooks
2015-10-05 10:25:04 +02:00
Joas Schilling 42b29e39c1 Clear the shares after the test like storages and files 2015-10-05 10:13:45 +02:00
Thomas Müller ff89824135 Merge pull request #19272 from owncloud/mimetypes-enhanced
Introduce a few new mimetypes for code, fix recursive mimetype aliases
2015-10-02 17:50:34 +02:00
Robin Appelman 8bdffb5ed3 Merge pull request #19525 from owncloud/share-preventmovemountpointintosharedfolder
Prevent moving mount point into already shared folder (outgoing)
2015-10-02 16:50:38 +02:00
Vincent Petry 64ca00925b Prevent moving mount point into already shared folder (outgoing)
It is already not allowed to share a folder containing mount points /
incoming shares.

This fixes an issue that made it possible to bypass the check by moving
the incoming share mount point into an existing outgoing share folder.
2015-10-02 16:14:42 +02:00
Roeland Jago Douma c80dd82fe4 Added mimetype repair step
* Version number increased
2015-10-02 16:06:56 +02:00
Morris Jobke 6b53f7c40e [l10n] remove unused static methods 2015-10-02 12:51:45 +02:00
Thomas Müller 8944cb539e Merge pull request #19510 from owncloud/json-grouplist-sharing-exclude
save excluded groups in json format
2015-10-02 12:14:36 +02:00
Thomas Müller b6591084a1 Merge pull request #19463 from owncloud/fix_18132
encryption: versions should always use the keys of the original file, no need to …
2015-10-01 16:56:28 +02:00
Thomas Müller b2dd5cb616 save excluded groups in json format - fixes #10983 2015-10-01 15:37:55 +02:00
Robin Appelman 1c3e28a73b Add tests 2015-10-01 13:17:22 +02:00
Bjoern Schiessle e7232a848b versions should always use the keys of the original file, no need to create new one 2015-10-01 10:10:19 +02:00
Joas Schilling 8f2600a0ea Also delete all shares before the test, so the count matches 2015-10-01 08:32:24 +02:00
Vincent Petry 6e104bc933 Repair step to remove bogus expiration dates from non-link shares 2015-10-01 08:27:12 +02:00
Thomas Müller ff75652cb7 Merge pull request #19299 from owncloud/fixgetRawPathInfo
Fix get raw path info, always return a string
2015-09-30 22:17:02 +02:00
Thomas Müller 1d8c10cf63 Merge pull request #19468 from owncloud/fix-36-vs-32-previews
Change small thumbnails to 32 px
2015-09-30 15:47:34 +02:00
Thomas Müller 10978a7a61 Merge pull request #19373 from owncloud/sidebar-preview-cover
Cover both width and height for the sidebar preview
2015-09-30 11:07:18 +02:00
Morris Jobke 1051a3c6f5 Change small thumbnails to 32 px
* fixes #16913
* fixes issues in IE8 where the thumbnail is too big
2015-09-30 10:49:48 +02:00
Individual IT Services fbe43e6a26 cache result of \OCP\Util::needUpgrade()
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement

move caching to \OCP\Util::needUpgrade

renaming variable

fixing testNeedUpgradeCore()

cache result of checkUpgrade() in self::$needUpgrade

reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement

move caching to \OCP\Util::needUpgrade

renaming variable

fixing testNeedUpgradeCore()

fix typo in variable name

deleting tabs
2015-09-29 15:34:42 +02:00
Lukas Reschke e735a9915c Add blob: scheme to default CSP policy
Fixes https://github.com/owncloud/core/issues/19438
2015-09-29 14:27:35 +02:00
Robin Appelman f41a38ba15 Cover both width and height for the sidebar preview 2015-09-29 13:07:03 +02:00
Robin Appelman e21a025887 remove unused use 2015-09-28 17:20:44 +02:00
Robin Appelman 1e5a41f008 Add hook connector to connect view and node hooks 2015-09-28 17:18:40 +02:00
Thomas Müller d68079f932 Merge pull request #18548 from owncloud/repair-mimetype-limitversion
Repair mime types only when upgrading from OC 8.0
2015-09-28 12:56:36 +02:00
Robin Appelman b50d1aae56 rename config test to prevent autoloader issue 2015-09-28 10:47:49 +02:00
Thomas Müller 0aaece7de7 Merge pull request #19346 from owncloud/drop-passwords-from-exception-log
Remove passwords from logged exception stack traces
2015-09-25 20:04:01 +02:00
Thomas Müller 8f2a14c5d6 Merge pull request #19297 from owncloud/fix_19119
Do not blindy copy expiration date on reshare
2015-09-25 14:36:07 +02:00
Roeland Jago Douma 9a373cb5bb Do not blindy copy expiration date on reshare
If a file/folder is reshared we should not blindly copy the expiration
date of the parent share. User/Group shares do not have expiration dates
currently, and thus this is always set to null.

Fixes #19119

* Added testcase
2015-09-25 13:06:05 +02:00
Joas Schilling faba02564a Move the filtering of sensitive data to the config class 2015-09-25 11:08:33 +02:00
Morris Jobke db8e7ce8b9 Remove passwords from logged exception stack traces
* fixed #16318
* create logException in ILogger
* add unit tests
2015-09-24 20:01:30 +02:00
Thomas Müller ebdd6d96ce Merge pull request #19306 from owncloud/app-code-check-version
[App Code Check] add check for version and mandatory fields
2015-09-24 17:38:48 +02:00
Thomas Müller bf4c144c6f Merge pull request #19335 from owncloud/phil-davis-view-typos
Comment typos in tests/lib/files/view.php
2015-09-24 14:54:21 +02:00
Bjoern Schiessle d697ea58a4 only check if the user exists if a user was added as parameter 2015-09-24 12:21:40 +02:00
Morris Jobke 9b652ed5d5 [App Code Check] add check for version and mandatory fields
* ref #17598
* including unit tests for mandatory fields/versions
2015-09-24 11:58:12 +02:00
Thomas Müller 330ea18996 Merge pull request #19303 from owncloud/usecorrectvariable
Use correct variable
2015-09-24 11:34:19 +02:00
Phil Davis 9f9bdd8f90 Comment typos in tests/lib/files/view.php
Correct a comment typo just introduced at line 892, plus another and some white space at EOL.
2015-09-24 15:01:45 +05:45
Thomas Müller 11974477bd Merge pull request #19326 from owncloud/issue-19314-querybuilder-set-null
Allow `set('column', 'null')` to work like in Doctrine's QueryBuilder
2015-09-24 10:57:49 +02:00
Thomas Müller df75c17e52 Merge pull request #16479 from owncloud/core-fixgetrelativepathwrongmatches
Prevent wrong matches in getRelativePath
2015-09-24 10:25:00 +02:00
Joas Schilling 70572c1e3c Allow `set('column', 'null')` to work like in Doctrine 2015-09-24 09:53:09 +02:00
Jörn Friedrich Dreyer 17ef187681 add is* storage tests 2015-09-23 23:41:39 +02:00
Robin McCorkell ebe9bea709 Unit test for preventing warning decoding content 2015-09-23 14:16:41 +01:00
Jörn Friedrich Dreyer ca8d589f27 use assertSame, add failing case 2015-09-23 12:31:45 +02:00
Thomas Müller bcdb3c26da Merge pull request #19236 from owncloud/call_dot_directories_function
Replaces if ($file === '.' || $file === '..') by public function call isIgnoredDir
2015-09-23 11:34:23 +02:00
Thomas Müller ad71d92acf Merge pull request #19247 from owncloud/fix_locking_copy_operation
locking: handle exceptions correctly during copy operation
2015-09-23 11:28:27 +02:00
Vincent Petry 0bda4d54c5 Repair mime types only when upgrading from OC 8.0 2015-09-23 10:51:37 +02:00
Martin 491250320a Replaces if ($file === '.' || $file === '..') by if(\OC\Files\Filesystem::isIgnoredDir($file)). Eases to find where this operation is used. 2015-09-22 17:53:15 +02:00
Lukas Reschke 63b2bc136a Move mimetype files into /resources/config/ 2015-09-22 16:43:28 +02:00
Joas Schilling d26c49b995 Add more tests for relativePath 2015-09-22 11:34:37 +02:00
Vincent Petry b9cd5bc1dc Prevent wrong matches in getRelativePath
Before this fix, the root "/files" with path "/files_trashbin" would
return "_trashbin" as relative path...
2015-09-22 11:34:37 +02:00
Bjoern Schiessle 17a64360e5 catch excexptions during the copy operation and make sure that we free the lock correctly 2015-09-22 11:32:10 +02:00
Lukas Reschke 36ce254ffd Move dummy backend to Tests namespace 2015-09-22 11:01:11 +02:00
Thomas Müller d8901cf7cd Merge pull request #19221 from owncloud/improved_error_messages
decrypt-all: improved error message if user doesn't exists
2015-09-21 16:06:43 +02:00
Robin Appelman b520a1e520 Merge pull request #19081 from owncloud/prevent0bytedownloads
prevent 0 byte downloads when storage returns false
2015-09-21 13:50:35 +02:00
Bjoern Schiessle d2e90b6050 improved error message if user doesn't exists 2015-09-21 13:19:35 +02:00
Thomas Müller 2c8eaacec7 Merge headers of ocs results 2015-09-21 11:54:46 +02:00
Thomas Müller d2e701d74f Merge pull request #19148 from owncloud/issue-19113-stop-setting-single-user-in-constructor
Do not set single user in constructor of encryption occ commands
2015-09-21 09:58:38 +02:00
Thomas Müller bbf128f1b2 Merge pull request #19098 from owncloud/db-lock-no-transaction
Remove the need for the transaction in the database locking backend
2015-09-18 17:02:18 +02:00
Thomas Müller d62cffbc9a Merge pull request #18901 from owncloud/encryption-dav-tests
Add tests for doing dav requests with encryption enabled
2015-09-18 14:54:06 +02:00
Lukas Reschke 947e3d7ab5 Add repair step for outdated OCS IDs
There is the case where OCs IDs might become outdated such as it has been with the calendar and contacts app which refer to the old dummy entry. This means that users with the old OCS id can't update updates as well will receive invalid state flags. (e.g. "experimental" instead of "approved")

To allow instances to properly update the applications in the future we need to migrate the OCS IDs for now manually.
2015-09-18 13:27:26 +02:00
Thomas Müller 3ca61db63b Merge pull request #19017 from owncloud/dav-download-tests
Add tests for downloading files over dav
2015-09-18 11:57:28 +02:00
Robin Appelman 485ea316a1 reuse the same datadir 2015-09-18 11:55:15 +02:00
Robin Appelman dc870cb450 Add tests for doing dav requests with encryption enabled 2015-09-18 11:55:15 +02:00
Robin Appelman a3d734f6cd Add trait to enable encryption for a unit test 2015-09-18 11:55:15 +02:00
Robin Appelman e3e78f809d create new mounts every time the mount provider is called
important for storage wrappers
2015-09-18 11:55:15 +02:00
Robin Appelman 5247a0685d clear up tests a bit 2015-09-18 11:55:15 +02:00
Joas Schilling 2f102c1f0d Do not set single user in constructor 2015-09-18 08:55:59 +02:00
Joas Schilling 5eddde6486 Add a Sabre plugin that emits an event for apps 2015-09-17 13:59:27 +02:00
Robin Appelman 05fddec022 expire old lock rows 2015-09-17 13:55:04 +02:00
Robin Appelman 2839ef3439 add unit test 2015-09-17 11:16:00 +02:00
Joas Schilling 82eb3f8027 Fix the singleuser config casing in new encryption code 2015-09-17 08:48:25 +02:00
Robin Appelman 3cf4fc02f9 fix tests with empty response body 2015-09-16 15:27:22 +02:00
Robin Appelman 953b64f3f2 Add tests for downloading files over dav 2015-09-16 12:59:15 +02:00
Vincent Petry 886f1ed660 Update JS unit tests for share dialog (WIP) 2015-09-16 07:23:29 +02:00
Thomas Müller f6f7d8cf94 Merge pull request #18938 from owncloud/occ_decrypt_all2
occ script to disable encryption and to decrypt all files again
2015-09-16 00:11:41 +02:00
Thomas Müller ac1239220d Merge pull request #19052 from owncloud/revert-14856-remote_avatars
Revert "Allow Remote avatars"
2015-09-16 00:10:00 +02:00
Bjoern Schiessle 9bd4f2d41e occ script to disable encryption and to decrypt all files again 2015-09-15 22:39:44 +02:00
Robin Appelman 9883d5b85d Merge pull request #18915 from owncloud/node-getfoldercontents-use-view-logic
Use the view logic for getFolderContent for the node api
2015-09-15 18:04:01 +02:00
Thomas Müller a446b43bcc Revert "Allow Remote avatars" 2015-09-15 16:52:12 +02:00
Robin Appelman 9202d2f45a fix chunking tests 2015-09-14 20:35:33 +02:00
Robin Appelman 80f054ddd3 also verify cache in dav upload tests 2015-09-14 20:35:33 +02:00
Robin Appelman 17b671ee25 adjust tests to handle before/after locking 2015-09-14 20:35:33 +02:00
Joas Schilling 2d0f0e898d Only check the "was updated/inserted" when not on Oracle... 2015-09-14 15:27:06 +02:00
Frank Karlitschek 7562e4959b Merge pull request #18658 from owncloud/configurable-temp
Configurable temporary directory
2015-09-12 22:04:41 +02:00
Robin McCorkell 188d0e09b8 Add reset method to mimetype loader
Used to solve concurrency issues
2015-09-11 12:44:53 +01:00
Robin McCorkell 620173c792 Merge pull request #18851 from owncloud/memcached-getallkeys-fallback
Fallback to complete Memcached flush if getAllKeys fails
2015-09-10 20:33:18 +01:00
Lukas Reschke fb717f254f Merge pull request #18699 from owncloud/notification-manager
Notification manager
2015-09-10 15:26:36 +02:00
Morris Jobke 7445afdb6f Merge pull request #18925 from owncloud/change-risky-test
Rename data provider to avoid risky test warning
2015-09-09 16:05:01 +02:00
Lukas Reschke 0943781ccf Rename data provider to avoid risky test warning
```
06:49:56 There was 1 risky test:
06:49:56
06:49:56 1) OC\AppFramework\Http\JSONResponseTest::testRenderProvider
06:49:56 This test did not perform any assertions
```
2015-09-09 12:52:54 +02:00
Lukas Reschke 0b91087489 Write to session in batch at the end of the request 2015-09-09 12:48:37 +02:00
Lukas Reschke e579dd62fd Write session data to single key
This prevents decrypting values multiple times.
2015-09-09 12:48:08 +02:00
Morris Jobke c4c9c5ffad Merge pull request #18684 from owncloud/explicit-upgrade-version
Explicit upgrade version + prevent downgrades
2015-09-09 11:08:55 +02:00
Robin Appelman 9f11b27797 Use the view logic for getFolderContent for the node api 2015-09-08 22:38:50 +02:00
Joas Schilling 38001d824b Move interfaces to private until they are no longer experimental 2015-09-08 09:01:02 +02:00
Joas Schilling 59f37a8dfb Add tests for the query() 2015-09-08 09:01:02 +02:00
Joas Schilling 190d2c3d5b Add tests for the notification manager 2015-09-08 09:01:02 +02:00
Joas Schilling 270b0bd91b Add more action tests 2015-09-08 09:01:02 +02:00
Joas Schilling c6469be8bd Add tests for notification 2015-09-08 09:01:02 +02:00
Joas Schilling acf8149f17 Add tests for Action 2015-09-08 09:01:01 +02:00
Robin McCorkell 08d2202abb Load all enabled apps in test bootstrap 2015-09-07 16:06:53 +01:00
Morris Jobke f2ca0f6677 Merge pull request #18748 from owncloud/files-versions-tab
Add versions tab to files sidebar
2015-09-07 00:53:57 +02:00
Roeland Douma 24f5f50b20 Merge pull request #18742 from owncloud/mimetype-updatedb
Introduce mimetype DB update occ command
2015-09-06 16:56:35 +02:00
Robin McCorkell b64e3f8db6 Fallback to complete Memcached flush if getAllKeys fails
Newer Memcached's do not support the underlying protocol commands that
getAllKeys() is implemented with. We should fallback to clearing
everything in that case, as causing (temporary) performance problems for
other applications on the server is better than having stale cached data.
2015-09-05 20:02:49 +01:00
Robin McCorkell c6314fc699 Unit tests for mimetype loader 2015-09-04 17:37:10 +01:00
Robin McCorkell cdf01f0419 Split mimetype handling to new class 2015-09-04 17:28:20 +01:00
Vincent Petry 310d797284 Add versions tab to files sidebar
- move versions to a tab in the files sidebar
- added mechanism to auto-update the row in the FileList whenever values
  are set to the FileInfoModel given to the sidebar
- updated tags/favorite action to make use of that new mechanism
2015-09-03 16:47:24 +02:00
Morris Jobke e54513cddd Merge pull request #18799 from owncloud/appconfig-with-one-request
Only query the appconfig once per request
2015-09-03 16:13:14 +02:00
Joas Schilling 21ba3b8737 Only query the appconfig once 2015-09-03 11:30:57 +02:00
Lukas Reschke f9e90e92d4 Encode HTML tags in JSON
While not encoding the HTML tags in the JSON response is perfectly fine since we set the proper mimetype as well as disable content sniffing a lot of automated code scanner do report this as security bug. Encoding them leads to less discussions and a lot of saved time.
2015-09-03 00:44:46 +02:00
Morris Jobke c86cac6a2b use config.php value instead of version string 2015-09-02 08:16:27 +02:00
Vincent Petry 87b3e28f06 Merge pull request #18730 from owncloud/appframework_proper_304
Properly return 304 in AppFramework
2015-09-01 15:39:59 +02:00
Robin Appelman e9b91b1798 verify the path in the autoloader 2015-09-01 15:03:28 +02:00
Roeland Jago Douma f12caf930e Properly return 304
The ETag set in the IF_NONE_MODIFIED header is wraped in quotes (").
However the ETag that is set in response is not (yet). Also we need to
cast the ETag to a string.

* Added unit test
2015-09-01 11:04:41 +02:00
Robin McCorkell 5a1619d80d Unit test getting temp dir from config 2015-08-30 23:34:38 +01:00
Robin McCorkell a0dfaf9be3 Clean up TempManager to follow code guidelines
tmpBaseDir can be overridden for unit testing purposes
2015-08-30 23:30:56 +01:00
Bjoern Schiessle 37513f9411 don't read certificates if ownCloud is not installed 2015-08-30 19:00:03 +02:00
Bjoern Schiessle 289e9130f3 make system root of key storage configurable 2015-08-30 19:00:03 +02:00
Vincent Petry 2b08659f7d Restrict upgrades to explicit allowed version
version.php now contains the previous ownCloud version from which
upgrades are allowed. Any other upgrades will show a message that the
upgrade/downgrade is not supported.
2015-08-30 18:04:18 +02:00
Morris Jobke 90dfa981c5 Merge pull request #14856 from rullzer/remote_avatars
Allow Remote avatars
2015-08-29 18:05:32 +02:00
root acae208f2f moved code to /lib/private/tempmanager.php
fix for unit test

some fixes
2015-08-29 16:59:02 +01:00
Vincent Petry 723f8c8f1b Merge pull request #18620 from owncloud/add-public-interface-for-factory
Add a public interface for the language factory so apps can use it
2015-08-29 16:44:08 +02:00
Roeland Jago Douma ae62537adf Allow remote avatars 2015-08-29 15:22:13 +02:00
Björn Schießle 6e210d960c Merge pull request #18423 from owncloud/occ_encrypt_all
occ command line tool to encrypt all files
2015-08-28 20:44:55 +02:00
Joas Schilling bd1215c1dd Add a test for the interface 2015-08-28 12:08:54 +02:00
Lukas Reschke ab87274930 Use certificates that expire in 10 years
🙊 🙊 🙊
2015-08-27 22:23:08 +02:00
Bjoern Schiessle e51fe617d8 copy always file by file to encrypt/decrypt it if needed 2015-08-26 14:58:22 +02:00
Bjoern Schiessle 8c08dd0ac2 occ tool to encrypt all files 2015-08-26 14:58:22 +02:00
Thomas Müller 534b2e407a Merge pull request #17662 from owncloud/locking-db
Database backend for locking
2015-08-26 03:56:37 +02:00
Lukas Reschke f3561e2349 Explicitly specify status code 200 as response code
Potentially fixes https://github.com/owncloud/core/issues/17586
2015-08-25 18:07:40 +02:00
Lukas Reschke a67a2272e7 Merge pull request #18491 from owncloud/expire-token-after-12h-or-login
Expire token after 12h and if user logged-in again
2015-08-24 14:08:46 +02:00
Morris Jobke b3495a1dc9 Merge pull request #18482 from owncloud/encrypt-session-data
Add a session wrapper to encrypt the data before storing it on disk
2015-08-24 12:10:15 +02:00
Morris Jobke 40b1054530 Merge pull request #18254 from owncloud/mitigate-breach
Add mitigation against BREACH
2015-08-24 09:14:27 +02:00
Lukas Reschke db4cb1dd4d Expire token after 12h and if user logged-in again
As an hardening measure we should expire password reset tokens after 12h and if the user has logged-in again successfully after the token was requested.
2015-08-22 20:42:45 +02:00
Lukas Reschke 6a3fb0d3b3 Handle failures gracefully, remove switch 2015-08-21 19:16:28 +02:00
Joas Schilling 36eef2ddab Add a session wrapper to encrypt the data before storing it on disk 2015-08-21 17:59:23 +02:00
Morris Jobke ac086a11c1 Merge pull request #18426 from owncloud/joblist-next-non-existing
handle non existing job classes in $jobList->getNext
2015-08-21 10:34:33 +02:00
Robin McCorkell 5f5c3520c9 Merge pull request #18457 from owncloud/test-traits
Move common test logic to re-usable traits
2015-08-20 22:28:54 +01:00
Robin Appelman 24a2fff946 add test mountprovider logic to a trait 2015-08-20 16:39:32 +02:00
Joas Schilling 9573d7d60d Merge pull request #18372 from owncloud/issue-18358-object-type-and-id-for-activities
Issue 18358 object type and id for activities
2015-08-20 15:53:36 +02:00
Robin Appelman 3dbfbdaf54 allow moving common test logic into traits 2015-08-20 15:17:14 +02:00
Morris Jobke c7b0d50cb2 Merge pull request #18369 from owncloud/occ-log
occ commands to manage logging
2015-08-20 12:57:05 +02:00
Morris Jobke 06d8edd963 Merge pull request #17434 from owncloud/update-showappnameonappupdate
Display app names in update page for app updates
2015-08-20 11:50:01 +02:00
Vincent Petry a2674b2b30 Additions to update page
Apps to update and to disable will always be shown.
Main title changes only when apps need updated, not core.
Added bullet style.
Exclude incompatible apps from updated apps list.
2015-08-20 11:14:30 +02:00
Joas Schilling 389a32e92a Add test coverage for Activity Event and Manager 2015-08-20 10:25:49 +02:00
Morris Jobke b3356b1288 Merge pull request #18432 from owncloud/ext-backends.simple
Migrate simple external storage backends to new registration API [part 1]
2015-08-19 20:04:20 +02:00
Vincent Petry b919ae96f0 Display app names in update page for app updates
Whenever the update page is displayed for apps, show app names instead
of the core update text.
2015-08-19 18:03:35 +02:00
Robin McCorkell 3b27603762 Revert "Fix mounting wrapped storages resulting in many-layered wrapping"
This reverts commit 75a5e6e12b.
2015-08-19 14:41:43 +01:00
Robin McCorkell c693e5d5d1 Unit tests for occ log:* commands 2015-08-19 13:49:41 +01:00
Robin Appelman beaef820cf handle non existing job classes in $jobList->getNext 2015-08-19 14:16:05 +02:00
Joas Schilling 6231bbdde3 Filter the objectstore password from the config list as well 2015-08-19 14:06:05 +02:00
Roeland Jago Douma 65cf4028cc Move avatarcontroller towards Node Api 2015-08-18 14:48:19 +02:00
Robin McCorkell 675d852c7d Merge pull request #17182 from owncloud/user_ini_upload_size
Update .user.ini when setting upload size limit
2015-08-17 13:27:47 +01:00
Morris Jobke 15da671349 [test] more tests for UserController::setMailAddress
* fixes #12885
2015-08-17 11:53:03 +02:00
Lukas Reschke 8313a3fcb3 Add mitigation against BREACH
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation:

1. Application must support HTTP compression
2. Response most reflect user-controlled input
3. Response should contain sensitive data

Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed.

To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
2015-08-14 01:31:32 +02:00
Thomas Müller abd3d5c6a5 Merge pull request #17982 from owncloud/appframework-sanitize-name
Sanitize class names before registerService/query
2015-08-12 12:19:24 +02:00
Thomas Müller eb13cb8d75 Merge pull request #18127 from owncloud/dav-request-tests
add test framework for doing full request webdav tests
2015-08-12 10:07:20 +02:00
Robin Appelman d15870b998 fix setup/teardown 2015-08-11 14:43:46 +02:00
Robin Appelman b0c8654f9e split out creating the sabre dav server to it's own factory 2015-08-11 14:43:46 +02:00
Robin Appelman 8c5302847b add test framework for doing full request webdav tests 2015-08-11 14:43:46 +02:00
Robin McCorkell cd0a2874de Merge pull request #17852 from owncloud/register-alias-factory
Add test for factories
2015-08-11 13:30:56 +01:00
Thomas Müller aed068b237 Merge pull request #17868 from owncloud/x-forwarded-for
Set default 'forwarded for' headers for reverse proxy
2015-08-11 14:02:46 +02:00
Thomas Müller d5bba42030 Merge pull request #17932 from owncloud/fix_move_files
make sure that hooks are emitted properly on file move operation
2015-08-11 13:54:09 +02:00
Joas Schilling 669d705792 Merge pull request #17830 from owncloud/issue-17825-dont-silently-ignore-invalid-consumers-extensions
Throw a InvalidArgumentException when a consumer/extension is invalid
2015-08-11 10:16:20 +02:00
Robin McCorkell 2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Morris Jobke d56e03bb94 Merge pull request #18096 from sualko/patch-1
add data: to allowed image domains
2015-08-10 23:05:07 +02:00
Thomas Müller 9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Thomas Müller bfb9a8e58e Merge pull request #18175 from owncloud/automatic-db-prefix-query-builder
Automatic db prefix query builder
2015-08-10 21:41:32 +02:00
Joas Schilling e6eb74958f Remove unnecessary DB prefixes from existing query builder usages 2015-08-10 16:21:41 +02:00
Joas Schilling 5fea6f753e Automatically prefix table names with *PREFIX* unless specified 2015-08-10 16:20:42 +02:00
Robin Appelman d979e54030 log a warning while trying to acquire a db lock from within a transaction 2015-08-10 14:39:34 +02:00
sualko 5590d64612 add more unit tests for data: as allowed image domain 2015-08-10 12:42:42 +02:00
Roeland Jago Douma f0b617b508 Use DI
* Register OCP\Capability\IManager at DIContainer
* Add register capabilities to appframework
* Register capabilities in DI way
* Make unit test pass again
* Remove CapabiltiesManager from OCP
2015-08-10 10:45:16 +02:00
Roeland Jago Douma 7e6a2b71fd Added Capabilities Manager
* This should allow the capabilities to be intergrated into the
appframework
* Unit tests
* Throw exception if closure does not return ICapability instance
2015-08-10 10:45:08 +02:00
Morris Jobke ca8f7fd69c Merge pull request #18124 from owncloud/share-permwrongvar
Fix removal of share permissions when share disabled for user
2015-08-07 18:42:35 +02:00
Vincent Petry b3a1aef934 Merge pull request #13641 from owncloud/cache-storage-status
Store storage availability in database
2015-08-07 17:31:03 +02:00
Vincent Petry 143e4a81f0 Fix removal of share permissions when share disabled for user 2015-08-07 15:43:27 +02:00
sualko 930841b67a add unit test for data: as allowed image domain 2015-08-07 12:14:30 +02:00
Thomas Müller db1416346c Following the spec:
"`statuscode`: The OCS status code of the response, everything except 100 MUST be handled as failure."
2015-08-05 17:49:44 +02:00
Bernhard Posselt 7cb0934fa2 Merge pull request #18035 from owncloud/ocs-2.0
Adding ocs/v2.php with status code mapper
2015-08-05 17:28:08 +02:00
Thomas Müller 314fc11e1b Merge pull request #18057 from owncloud/import_root_certificates
disable "ssl root certificate" settings if user can't mount external storages
2015-08-05 17:18:46 +02:00
Thomas Müller 6c46430cdb Return 200 not null - we should return consistent types 2015-08-05 11:23:29 +02:00
Lukas Reschke 4efa7c09b1 Use StringUtils::equals on CSRF token and add unit tests 2015-08-04 18:34:33 +02:00
Bjoern Schiessle dc5e89e624 also block certificate management in the back-end if external storages are disabled for the user 2015-08-04 18:33:19 +02:00
Thomas Müller acd9b7576d Remove pointless unit test 2015-08-04 12:03:03 +02:00
Thomas Müller 3ecf7fce79 Fix unit test within OCSController 2015-08-03 22:19:04 +02:00
Thomas Müller 649cc2fa89 Remove duplicate and unused code 2015-08-03 21:03:11 +02:00
Thomas Müller bacf1603ff Adding ocs/v2.php with status code mapper 2015-08-03 16:05:50 +02:00
Robin Appelman 96a9d171b3 Fix db schema 2015-08-03 14:13:36 +02:00
Robin Appelman 4ea7cbb0f5 Add database backend for high level locking 2015-08-03 14:13:35 +02:00
Robin Appelman a8552a1b24 split off keeping track of acquire locks 2015-08-03 14:12:56 +02:00
Bjoern Schiessle 51a67a54e0 always update file cache, the cache can handle partial data correctly if the file doesn't already exists in the file cache 2015-07-31 17:14:32 +02:00
Roeland Douma db91b4505c Merge pull request #17805 from owncloud/avatar-handle-errors
[avatar] add error handlers for avatar setup
2015-07-31 07:31:24 +02:00
Robin McCorkell 182bc17aeb Sanitize class names before registerService/query
Leading backslashes are removed, so a `registerService('\\OC\\Foo')`
can still be resolved with `query('OC\\Foo')`.
2015-07-30 21:02:16 +01:00
Morris Jobke e184157684 [avatar] add error handlers for avatar setup
add colon to translated string

use placeholder in t()

Adding a size limitation for avatar upload

Unit test for file size

Fix typo & display server side error message
2015-07-30 18:05:32 +02:00
Robin McCorkell 0223221a64 Fix incorrect test naming
`tesOverrideService()` was incorrect and wasn't getting called by
PHPUnit. Also, the unit test itself was wrong, but went unnoticed
because of point 1.
2015-07-30 16:06:26 +01:00
Thomas Müller 22fd04eb41 Merge pull request #17981 from owncloud/correct-regex
Correct regular expressions
2015-07-30 16:07:46 +02:00
Lukas Reschke e95bc68ac7 Check for PDO instead of removed function for PHP 7 compatibility 2015-07-30 12:32:22 +02:00
Lukas Reschke 52cd4efc83 Add more unit tests 2015-07-30 11:25:05 +02:00
Lukas Reschke ad4c731c4c Correct regular expressions
Previously the regex was only matching on single characters. Meaning that file names such as "👍.txt" where possible while "👍" alone never was. This check apparently never worked as expected.
2015-07-30 11:22:14 +02:00
Morris Jobke 4d672ded24 properly mock dependencies for setup tests 2015-07-30 09:02:35 +02:00
Morris Jobke 8bc4a10dbe fix unit tests 2015-07-29 20:14:28 +02:00
Thomas Müller 5ed38a75d6 Remove remainings of mssql 2015-07-29 18:19:31 +02:00
Robin McCorkell 3ef680d966 Merge pull request #17950 from owncloud/config-dontdetectfschangesinrootbydefault
Disable filesystem_check_changes by default
2015-07-29 15:34:02 +01:00
Vincent Petry 943fc1b8e5 Fix watcher tests to explicitly set policy 2015-07-29 15:10:42 +02:00
Bjoern Schiessle fb4c99fe06 make sure that we emit the hooks if a file gets moved from a subfolder to the root folder with the nodes API 2015-07-29 11:02:38 +02:00
Roeland Jago Douma 72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Robin McCorkell 6d54d2fad7 Merge pull request #17912 from owncloud/detect-old-openssl-versions
Detect old NSS and OpenSSL versions
2015-07-28 21:26:44 +01:00
Lukas Reschke 7f6c5e456b Add unit tests 2015-07-28 16:32:11 +02:00
Lukas Reschke 0d515de13e Detect old NSS and OpenSSL versions
This will detect old NSS and OpenSSL versions and show appropriate errors in the admin interface.

Fixes https://github.com/owncloud/core/issues/17901
2015-07-28 15:32:19 +02:00
Morris Jobke c34e63bb1f Merge pull request #15543 from rullzer/mimetypedetector
Mimetypedetector
2015-07-28 13:35:26 +02:00
Roeland Douma 73169b0edb Merge pull request #17195 from rullzer/no_multiple_remote_shares_of_same_file
Remote shares should be uique
2015-07-28 13:06:25 +02:00
Thomas Müller 68f14a943a Merge pull request #17840 from owncloud/fix-enc-wrapper-without-encryption
Only set is encrypted when encryption is enabled
2015-07-27 16:06:39 +02:00
Roeland Jago Douma d276aebf40 Pass config dir as parameter to detection class
In order to properly test the mimetype function:

* constructor takes path to configdir
* Added unit tests for mimetype (only if vfsStream is available)
2015-07-27 14:59:49 +02:00
Roeland Jago Douma 9cdd637050 Loading of mapping/aliases is done in class 2015-07-27 14:59:49 +02:00
Roeland Jago Douma 141a0f0f47 Move mimetypedetection to files/type/detection 2015-07-27 14:59:45 +02:00
Roeland Jago Douma 6db6689740 Added mimetype detector
* Copied unit tests from old functions
2015-07-27 14:58:45 +02:00
Lukas Reschke c20d4d1a0b Add unit tests 2015-07-27 11:21:49 +02:00
Bernhard Posselt d8673dabe3 add test for factories
use ref for factory test

use a factory for registerAlias

Ensure we construct SimpleContainer

Use single instance of DIContainer in routing tests
2015-07-25 01:59:30 +02:00
Thomas Müller 1f8ee61006 Merge pull request #17755 from owncloud/alias-container-alive
Add registerAlias method to shortcut interface registration #17714
2015-07-24 13:11:32 +02:00
Joas Schilling 42baeb36dc Add a unit test for the disabled encryption case 2015-07-23 17:01:44 +02:00
Joas Schilling 02323eca01 Throw a InvalidArgumentException when a consumer/extension is invalid 2015-07-23 11:00:29 +02:00
Morris Jobke 296ed4c276 Merge pull request #17413 from owncloud/public-api-querybuilder
Add public api for Doctrine QueryBuilder and ExpressionBuilder
2015-07-22 17:29:08 +02:00
Roeland Douma d37b8969f4 Merge pull request #17342 from rullzer/test_preview_conditions
Only run some preview unit tets if imagemagick is available
2015-07-22 09:34:31 +02:00