Roeland Jago Douma
02b9388fc6
Move image-optimization.sh to build dir
...
* We should not ship this!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 08:08:18 +02:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
...
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.
As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.
The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Lukas Reschke
591aaa4154
Add workaround for https://github.com/etsy/phan/issues/1033
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 11:08:43 +02:00
Lukas Reschke
d8ec399454
Run phan over code base
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:11 +02:00
Morris Jobke
844e7b03b4
Add test to check if new files are added to the root of the repository
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-12 11:52:42 +02:00
Lukas Reschke
633396001f
Prevent sending second WWW-Authenticate header
...
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.
Fixes https://github.com/nextcloud/server/issues/5088
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Lukas Reschke
b8de3f40ee
Bearer comes first on the new endpoint
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:57:07 +02:00
Lukas Reschke
639ba526d0
Adjust realm from SabreDAV to Nextcloud
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:38:55 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
538112181f
Add additional test for accessing DAV using Bearer Auth
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke
f2a01e1b08
Use a standardized Bearer now
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
a4116220cb
Add app to autoenabled provisioning API scenario
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Morris Jobke
692e056df9
Extract app name and navigation entries for l10n
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-08 23:24:28 -05:00
Morris Jobke
865cd487c4
Split up sharing-v1-part2.feature to avoid timeouts
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 12:55:29 -03:00
Vincent Petry
d379b197d5
Fix forbidden backslash DAV integration tests
2017-04-26 15:47:59 +02:00
Sergio Bertolin
a761d4cce7
Added test cases from core 16825
2017-04-26 15:29:01 +02:00
Vincent Petry
9bff66e68d
Simplified new endpoint move test
2017-04-26 15:27:02 +02:00
Vincent Petry
c30feafaa2
Added case when final chunk move must not change file id
2017-04-26 15:26:15 +02:00
Sergio Bertolin
9ab17c95c0
Added test about checking file id after a move
2017-04-26 15:24:19 +02:00
Morris Jobke
51da0442d9
Merge pull request #4494 from nextcloud/fix-jsunit
...
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher
2017-04-25 12:45:52 -03:00
Morris Jobke
dd5dbe3ebd
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-25 10:26:46 -03:00
Joas Schilling
7ea492b69a
Loop over the apps directory and add the task
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 14:35:51 +02:00
Joas Schilling
dee2c8d23b
Check whether we can json decode the translations
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 11:01:34 +02:00
Lukas Reschke
66835476b5
Add support for ratelimiting via annotations
...
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Morris Jobke
4cf4d2f27e
Favorites integration tests for shared files
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 11:44:57 -05:00
Joas Schilling
bd37021587
Fix casing of same origin frame option
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 12:37:32 +02:00
Vincent Petry
d1081e7940
Add integration test for trashbin
...
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 14:59:21 -05:00
Lukas Reschke
4cf61481e5
Clear opcode cache after config change
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 18:57:40 +02:00
Lukas Reschke
b882f65fbb
Add integration tests
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 01:39:54 +02:00
Morris Jobke
4c60360bf7
Merge pull request #4221 from nextcloud/provisioning-api-for-account-info
...
Allow to change account info via provisioning api
2017-04-07 12:48:44 -05:00
Joas Schilling
3d628783d9
Allow to change account info via provisioning api
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-07 12:50:47 +02:00
Morris Jobke
b084ceec3d
Merge pull request #4224 from nextcloud/dont-list-on-public-calendar-endpoint
...
Don't list on public calendar endpoints
2017-04-05 20:55:39 -05:00
Lukas Reschke
63288ebc50
Don't list on public calendar endpoints
...
There is no need to allow listing here.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 22:43:05 +02:00
Lukas Reschke
1d3e391ad8
Add integration tests for token auth
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 17:58:33 +02:00
Roeland Jago Douma
04fc00fcdf
mergejs should print a newline between imports
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-31 17:06:38 +02:00
Robin Appelman
7d4c4224d1
fix setup of external storage integration tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 17:16:59 +02:00
Morris Jobke
f9bc53146d
Fix unit tests
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-28 21:00:12 -06:00
Morris Jobke
6901b28f07
Split long running features/sharing-v1.feature into two smaller parts
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-28 16:46:56 -06:00
Roeland Jago Douma
4821c00ea8
Merge pull request #4004 from nextcloud/backport-27172
...
Remove SharedCache::getNumericStorageId to let CacheWrapper do it
2017-03-28 21:56:44 +02:00
Vincent Petry
c54091d43b
Use authType BASIC for Sabre client in integration tests
...
This helps massively reduce the numerous useless 401 exceptions that
appears in the test log. These appear only because Sabre first connects
without any auth type to receive the challenge and then sends the
authentication data.
With this change it will directly use basic auth.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-24 12:40:14 -06:00
Lukas Reschke
f94bc6f8bb
Merge pull request #4013 from nextcloud/bundle_vendor_js
...
Bundle vendor js
2017-03-24 10:49:57 +01:00
Morris Jobke
9bd4c406e3
also install sinon
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:42:54 -06:00
Vincent Petry
46a32045d7
Update karma, use sinon from npm
...
Update karma library and use sinon JS library provided by
karma-jasmine-sinon instead of local file.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:35:41 -06:00
Morris Jobke
49d0507f5d
Merge pull request #3879 from nextcloud/downstream-26915
...
Added integration tests for sharees using v2.php
2017-03-23 16:12:24 -06:00
Morris Jobke
d2654c8aea
Merge pull request #3965 from nextcloud/downstream-27343
...
Providing --path option to transfer-ownership
2017-03-23 15:20:53 -06:00
Roeland Jago Douma
588f47d498
Add CI step to verify merged vendor js
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:30 +01:00
Roeland Jago Douma
eda98ed3df
Merge vendor js
...
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
Vincent Petry
89c42a76c3
Remove SharedCache::getNumericStorageId to let CacheWrapper do it
...
The CacheWrapper will properly forward the call to the wrapped cache.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 00:02:48 -06:00
Robin Appelman
1e707ef1db
add integration test to ensure that shares dont overwrite external storages
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-22 18:00:12 +01:00
Morris Jobke
209e3e39e2
Use proper bash test syntax
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 18:48:55 -06:00