Commit Graph

3227 Commits

Author SHA1 Message Date
Joas Schilling e49307014c Do not log token or challenge with exception stacktrace (#25026)
* Make the filtering better readable

* Add some more methods to the sensitive list
2016-06-08 16:32:58 +02:00
Christoph Wurst 9997c431c3
use client login method on CORS routes 2016-06-08 15:18:53 +02:00
Christoph Wurst ec929f07f2
When creating a session token, make sure it's the login password and not a device token 2016-06-08 13:31:55 +02:00
Vincent Petry 7dcc47dc94 Merge pull request #25011 from owncloud/issue-24745-allow-to-cancel-2fa
Allow to cancel 2FA after login
2016-06-08 10:27:21 +02:00
Vincent Petry 8d0948977e Merge pull request #24899 from owncloud/local-storage-symlinks
dissalow symlinks in local storages that point outside the datadir
2016-06-08 10:19:24 +02:00
Vincent Petry ed92f4c427 Merge pull request #24983 from owncloud/issue-23776-do-not-allow-boolean-user-config
Do not allow to store boolean configs, they behave unexpected on postgres
2016-06-08 10:14:08 +02:00
Vincent Petry 12683b786d Merge pull request #24991 from owncloud/2fa-do-not-generate-token
do not generate device token if 2FA is enable for user
2016-06-08 10:13:04 +02:00
Vincent Petry b7935dcebd Merge pull request #24998 from owncloud/issue-24994-allow-decrypting-user-0-only
Allow to decrypt user '0' files only
2016-06-08 10:12:28 +02:00
Joas Schilling 3e3b326c85
Allow to cancel 2FA after login 2016-06-07 18:17:29 +02:00
Morris Jobke 38451c85f1
skip failing tests 2016-06-07 17:54:40 +02:00
Robin Appelman 7b1b723e5b dissalow symlinks in local storages that point outside the datadir 2016-06-07 14:01:53 +02:00
Joas Schilling d4ba982131
Allow to decrypt user '0' files only 2016-06-07 09:13:11 +02:00
Christoph Wurst 8f7a4aaa4d
do not generate device token if 2FA is enable for user 2016-06-07 09:09:51 +02:00
Joas Schilling 911fd3ead4
Do not allow to store boolean configs, they behave unexpected on postgres 2016-06-06 12:38:20 +02:00
Robin Appelman 63408fa6ef allow deleting "ghost files" trough the View and Node api 2016-06-03 13:30:59 +02:00
Vincent Petry 1ab7ee5e23 Merge pull request #24940 from owncloud/fix-normalizedcachekey-keepunicode
Add keepUnicode value in the cache key of normalizedPathCache
2016-06-02 15:18:13 +02:00
Robin Appelman 11900baaf3 add tests for propagator batching 2016-06-02 15:09:15 +02:00
Christoph Wurst 5e71d23ded
remember redirect_url when solving the 2FA challenge 2016-06-01 14:43:47 +02:00
Vincent Petry 5b1eb416d8
Fix TestCase::invokePrivate to work with static classes 2016-06-01 14:28:59 +02:00
Vincent Petry 5ad8fa7675
Add keepUnicode value in the cache key of normalizedPathCache 2016-06-01 14:28:59 +02:00
Christoph Wurst c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Vincent Petry a441220f24 Merge pull request #24628 from owncloud/decryptall-checkifneedsprocessing
[decrypt_all] Check if file needs to decrypted or not for speed up large oc setups.
2016-05-31 10:12:03 +02:00
Torben Dannhauer 718f0757e4 Fix for #23066 (#24689) 2016-05-31 06:53:28 +02:00
Björn Schießle b15babd061
fix unit tests 2016-05-30 14:49:27 +02:00
Joas Schilling 4b1e8a1184 One more PSR-4 fix (#24852) 2016-05-26 16:31:26 +02:00
Vincent Petry 379f8a1e45 Merge pull request #24604 from owncloud/user_ldap-psr4
Move user_ldap to PSR-4
2016-05-25 17:11:10 +02:00
Joas Schilling 2c0743c46b
Fix the tests again 2016-05-25 16:51:02 +02:00
Vincent Petry 2bddf71f22 Merge pull request #24842 from owncloud/files-storage-wrapper-encoding-psr4
Move Test\Files\Storage\Wrapper\EncodingTest to PSR-4
2016-05-25 16:32:43 +02:00
Vincent Petry 299954c03d Merge pull request #24840 from owncloud/fix-missing-ext-str-import
Fix missing use statements in ext. str. tests
2016-05-25 16:31:32 +02:00
Joas Schilling 4cfefda891
Move Test\Files\Storage\Wrapper\EncodingTest to PSR-4 2016-05-25 15:26:14 +02:00
Vincent Petry 7f20203006 Merge pull request #24836 from owncloud/auth-tests-to-psr4
Move parallel merged auth tests to PSR-4
2016-05-25 15:15:19 +02:00
Joas Schilling 154e328e2b
Adjust the phpunit config 2016-05-25 15:14:37 +02:00
Joas Schilling 8afbd80328
Move parallel merged auth tests to PSR-4 2016-05-25 12:02:05 +02:00
Vincent Petry 25e6026fa6 Merge pull request #24735 from juliushaertl/passwordreset-invalid
Show error messages if a password reset link is invalid or expired
2016-05-25 11:08:46 +02:00
Christoph Wurst 28ce7dd262
do not allow client password logins if token auth is enforced or 2FA is enabled 2016-05-24 17:54:02 +02:00
Vincent Petry d3fb5d618e Merge pull request #24748 from owncloud/login-explicitly
Log in explicitly, save login name when generating browser/device tokens
2016-05-24 17:51:49 +02:00
Vincent Petry e7110c7678 Merge pull request #24760 from owncloud/objectstore_multibucket
Objectstore multibucket
2016-05-24 15:15:59 +02:00
Christoph Wurst ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Roeland Jago Douma abe338f433
Store user bucket in preferences 2016-05-23 21:57:41 +02:00
Vincent Petry 4f6670d759 Merge pull request #24658 from owncloud/invalidate-disabled-user-session
invalidate user session if the user was disabled
2016-05-23 20:50:25 +02:00
Vincent Petry 87fa86a69a Merge pull request #24559 from owncloud/2fa
two factor auth
2016-05-23 20:50:03 +02:00
Roeland Jago Douma e03e4921a0
Fix Name 2016-05-23 20:42:08 +02:00
Roeland Jago Douma 7ef21b0b27
Add unit tests for ObjectHomeMountProvider 2016-05-23 20:42:08 +02:00
Roeland Jago Douma 12b63258d5
Add mapper unit tests 2016-05-23 20:42:08 +02:00
Julius Haertl d065980814 Add more tests for OC\Core\Controller\LostController
- remove testResetFormUnsuccessful as it is now splitted up in different test cases
- add testResetFormInvalidToken to check if timestamp and token are present
- add testResetFormInvalidTokenMatch to check if the saved token matches the provided
- add testResetFormExpiredToken to check if expiration detection works
- add testResetFormValidToken to check if detection of valid tokens works
2016-05-23 16:48:10 +02:00
Robin Appelman eca57be336 Only recurse into incomplete folders during background scans 2016-05-23 14:40:35 +02:00
Vincent Petry 57525a02f8 Merge pull request #24703 from owncloud/personal-settings-auth-tokens
Personal settings auth tokens
2016-05-23 14:17:01 +02:00
Vincent Petry bd87f67473 Merge pull request #24349 from owncloud/nfd-storagewrapper
Add wrapper for NFD encoding workaround
2016-05-23 13:45:33 +02:00
Christoph Wurst dfb4d426c2
Add two factor auth to core 2016-05-23 11:21:10 +02:00
Christoph Wurst c20cdc2213
invalidate user session if the user is disabled 2016-05-23 10:32:16 +02:00
Vincent Petry dec3f9ebcb Merge pull request #24726 from owncloud/tests-psr-4
Tests outside of tests/lib/ to PSR-4
2016-05-23 09:54:29 +02:00
Vincent Petry 5ba1add03c Merge pull request #24603 from owncloud/federated_reshare
flat federated re-share
2016-05-23 09:52:13 +02:00
Christoph Wurst 74277c25be
add button to invalidate browser sessions/device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 6495534bcd
add button to add new device tokens 2016-05-23 09:11:12 +02:00
Christoph Wurst 12431aa399
list user's auth tokens on the personal settings page 2016-05-23 09:11:12 +02:00
Vincent Petry 7a6966cdfe Merge pull request #24732 from owncloud/autoloader_fix
Autoloader fix
2016-05-21 19:09:22 +02:00
Vincent Petry 8646802850 Merge pull request #24696 from owncloud/lock-jobs-while-executing
Lock jobs while executing them, to allow multiple executors to run in…
2016-05-21 19:08:15 +02:00
Joas Schilling d0a2fa0506
Lock jobs while executing them, to allow multiple executors to run in parallel 2016-05-21 01:59:25 +02:00
Björn Schießle 7b25839bd5
use share initiator as fall back to access the file
in case of federated re-shares the owner can be a remote user.
Therefore we can't always use to owner to access the local file
2016-05-20 21:15:15 +02:00
Vincent Petry 88740f035d
Act on effective system tag canAssign permission
Whenever the server returns true for the can-assign Webdav property of
a system tag, it means the current user is allowed to assign,
regardless of the value of user-assignable.

This commit brings the proper logic to the web UI to make it possible
for users to assign when they have the permission.
2016-05-20 17:56:02 +02:00
Vincent Petry b5eb3d9e5a
Add system tag assignability check with groups
Whenever a user is not an admin, a tag is visible but not
user-assignable, check whether the user is a member of the allowed
groups.
2016-05-20 17:56:02 +02:00
Vincent Petry 3cd65fe25d
Add systemtag_group table and get/set methods
Added systemtag to group mapping table.
Added methods in ISystemTagManager to get/set the group mappings.
2016-05-20 17:56:02 +02:00
Vincent Petry 09b3883d9c
Updated canUser* functions in SystemTagManager to accept objects 2016-05-20 17:56:02 +02:00
Vincent Petry 8343cfb64b
Add interface methods for permission check
Instead of checking for admin perm, use interface method
canUserAssignTag and canUserSeeTag to check for permissions.
Allows for more flexible implementation.
2016-05-20 17:56:02 +02:00
Roeland Jago Douma 54b637e83c
Fix unit tests 2016-05-20 16:35:07 +02:00
Joas Schilling 94ad54ec9b Move tests/ to PSR-4 (#24731)
* Move a-b to PSR-4

* Move c-d to PSR-4

* Move e+g to PSR-4

* Move h-l to PSR-4

* Move m-r to PSR-4

* Move s-u to PSR-4

* Move files/ to PSR-4

* Move remaining tests to PSR-4

* Remove Test\ from old autoloader
2016-05-20 15:38:20 +02:00
Vincent Petry e8d082208d
Fixes for encoding wrapper
Improved label
Fixed rename/copy/moveFromStorage/copyFromStorage and added tests
Improved findPathToUse algo
2016-05-20 09:33:59 +02:00
Vincent Petry 63bbbf29f4
Add wrapper for NFD encoding workaround 2016-05-20 09:33:59 +02:00
Vincent Petry b495895017 Merge pull request #24728 from owncloud/no-more-test_-files
Fix autoloader for Test* files
2016-05-20 09:29:01 +02:00
Joas Schilling 54250ed065
Add PSR-4 loading for Test\ and Tests\ 2016-05-19 15:49:27 +02:00
Joas Schilling f8180391fd
Create a Fallback in the old autoloader for PSR-4 Test\TestCase 2016-05-19 15:45:34 +02:00
Joas Schilling ffa4633822
No more Test_* files exist, remove autoloading 2016-05-19 15:38:16 +02:00
Vincent Petry f42cdec4c4 Merge pull request #24725 from owncloud/ocs-provider-psr4
Move OCS Provider to PSR-4 namespace
2016-05-19 15:36:19 +02:00
Vincent Petry 3b3940df6b Merge pull request #24660 from owncloud/no-token-login-for-disabled-users
don't allow token login for disabled users
2016-05-19 15:32:09 +02:00
Vincent Petry 61b3260ebd Merge pull request #24716 from owncloud/fix-test-namespaces-2
Fix test namespaces [files-]
2016-05-19 15:31:43 +02:00
Joas Schilling c58d174616
Move tests/settings to PSR-4 2016-05-19 11:18:25 +02:00
Joas Schilling 392bc0c6b9
Move tests/core/ to PSR-4 2016-05-19 11:18:25 +02:00
Joas Schilling 20f229eed9
Move OCS Provider to PSR-4 namespace 2016-05-19 11:10:32 +02:00
Joas Schilling bae4118b4f
Fix renamed class 2016-05-19 10:33:12 +02:00
Vincent Petry e36a27d21c Merge pull request #24712 from owncloud/fix-test-namespaces
Fix test namespaces [a-e]
2016-05-19 10:30:07 +02:00
Joas Schilling 320b1c3abf
Fix more failures 2016-05-19 10:11:42 +02:00
Joas Schilling f24179a327
Fix deprecated private method 2016-05-19 09:44:53 +02:00
Joas Schilling e88a9b2fed
Fix missing backtick before OC 2016-05-19 09:41:45 +02:00
Joas Schilling e823d50044
Fix "Class 'Test\Security\DateTime' not found" 2016-05-19 09:40:34 +02:00
Joas Schilling 9a4253ef7c
Fix lib/ 2016-05-19 09:38:52 +02:00
Joas Schilling 55fc6536d3
FIx lib/ a-d 2016-05-19 09:27:21 +02:00
Joas Schilling 7f3f16d155
Fix namespace in user/ 2016-05-19 09:19:03 +02:00
Joas Schilling a107e7de7b
Fix namespace in share/ 2016-05-19 09:15:10 +02:00
Joas Schilling 68481c10e6
Fix namespaces in security/ 2016-05-19 09:02:58 +02:00
Joas Schilling a9f24a74a2
Fix namespace in repair/ 2016-05-19 08:59:37 +02:00
Joas Schilling d19d6533dd
Fix public/ namespace in tests 2016-05-19 08:56:47 +02:00
Joas Schilling 859d2bc0ff
Fix namespace of memcache/ and ocs/ 2016-05-19 08:53:06 +02:00
Joas Schilling 71603fe348
Fix namespace in log/ and mail/ 2016-05-19 08:50:14 +02:00
Joas Schilling 0ab1120a33
Fix namespaces in tests/lib/integritycheck 2016-05-19 08:48:22 +02:00
Joas Schilling 51db410e67
Fix namespaces in tests/lib/http/ 2016-05-19 08:46:58 +02:00
Joas Schilling 995d4b7ecd
Fix namespaces in tests/lib/groups/ 2016-05-19 08:44:41 +02:00
Joas Schilling b1458d590d
Fix namespaces and class names in tests/lib/files/ 2016-05-19 08:41:01 +02:00
Christoph Wurst f824f3e5f3
don't allow token login for disabled users 2016-05-18 21:10:37 +02:00
Joas Schilling f57407e73e
Fix file name in tests/lib/encryption 2016-05-18 18:57:46 +02:00
Joas Schilling ba230888c6
Fix filenames and class names in tests/lib/comments 2016-05-18 18:57:46 +02:00