Roeland Jago Douma
4a292126e5
Merge pull request #20139 from nextcloud/unify-default-value-for-restricting-user-enumeration-with-settings
...
Unify default value for restricting user enumeration with settings
2020-04-04 10:33:04 +02:00
Robin Appelman
3ba46f3b50
add basic tests for s3 seeking and add some error handling if reopen return the wrong range
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-04-01 15:23:05 +02:00
Robin Appelman
f984512e33
fix tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-04-01 14:17:31 +02:00
Roeland Jago Douma
590849e4d7
Merge pull request #19858 from nextcloud/feature/webauthn
...
Add WebAuthn support
2020-03-31 22:55:13 +02:00
Roeland Jago Douma
53db05a1f6
Start with webauthn
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2020-03-31 22:17:07 +02:00
Roeland Jago Douma
84f3d2ddeb
[POC] Event for failed login attempts
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-03-31 21:41:02 +02:00
Christoph Wurst
463b388589
Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports
...
Remove unused imports
2020-03-27 17:14:08 +01:00
Christoph Wurst
b80ebc9674
Use the short array syntax, everywhere
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-26 16:34:56 +01:00
Christoph Wurst
25ab122245
Merge pull request #20172 from nextcloud/techdebt/phpunit-short-return
...
Use the shorter phpunit syntax for mocked return values
2020-03-26 09:25:19 +01:00
Christoph Wurst
2ee65f177e
Use the shorter phpunit syntax for mocked return values
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:21:27 +01:00
Christoph Wurst
74936c49ea
Remove unused imports
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:08:08 +01:00
Christoph Wurst
23eb0462e5
Use lowercase true, false and null constants
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 21:53:04 +01:00
Roeland Jago Douma
b93e1e300e
Merge pull request #14722 from tacruc/GpgMailerHooks
...
Add Mailer events
2020-03-25 08:10:04 +01:00
Arne Hamann
a16aa99586
Added Hook before Message is send
...
Signed-off-by: Arne Hamann <kontakt+github@arne.email>
2020-03-24 20:57:27 +01:00
Roeland Jago Douma
3b26bfe879
Merge pull request #20127 from nextcloud/bugfix/noid/check-user-on-remote-wipe
...
Check the user on remote wipe
2020-03-24 20:26:52 +01:00
Daniel Calviño Sánchez
4ec370016f
Add acceptance test for restricting user enumeration to groups
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-24 14:42:52 +01:00
Daniel Calviño Sánchez
d4f25b01b8
Unify default value for restricting user enumeration with settings
...
If the value was never enabled or disabled, the settings show "Restrict
username enumeration to groups" as disabled. However, in some components
it was enabled by default, which caused an inconsistency in the
behaviour with respect to the settings, for example in the contacts
menu.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-24 14:30:59 +01:00
Julius Härtl
63900d0574
Remove admin_notifications since it is obsolete since Nextcloud 14
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-03-24 09:18:42 +01:00
Roeland Jago Douma
6675f9b403
Merge pull request #17684 from mlatief/support-no-proxy
...
Add support for GuzzleHTTP 'no' proxy
2020-03-22 19:38:01 +01:00
Daniel Calviño Sánchez
9386f24ab0
Add acceptance test for accepting an incoming share
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-20 20:03:58 +01:00
Daniel Calviño Sánchez
887e740434
Fix timeout capping
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-20 17:43:12 +01:00
Daniel Calviño Sánchez
43e18e96e2
Revert (partially) "Accept incoming shares in acceptance tests"
...
This reverts commit f402e23448
.
Since eb4c42d3d1
now shares are accepted
by default, so no notification is shown to accept them.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-20 17:39:34 +01:00
Roeland Jago Douma
a0058fe601
Merge pull request #20049 from nextcloud/force-compatible-dependency-versions-in-acceptance-tests
...
Force compatible dependency versions in acceptance tests
2020-03-20 15:48:26 +01:00
Daniel Calviño Sánchez
0896f33f86
Force compatible dependency versions in acceptance tests
...
behat/mink 1.8 and behat/mink-selenium2-driver 1.4 introduced behaviour
changes that broke the acceptance tests. Until the tests are updated to
work with the newer versions the last known versions are forced.
Note that some acceptance tests still fail after enforcing the
compatible versions, although that is caused by changes in the Nextcloud
server itself.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2020-03-20 11:45:00 +01:00
Julius Härtl
0ef53ebc08
Add tests for ContactsStore filtering
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-03-20 10:43:56 +01:00
Julius Härtl
78beb9e6d4
Add tests for user group enumeration limit
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-03-20 10:43:56 +01:00
Joas Schilling
dc7913efcd
Fix recursive calls in logging via server methods
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-03-18 18:59:49 +01:00
Joas Schilling
9935c71ec3
Check the user on remote wipe
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-03-16 09:29:28 +01:00
Roeland Jago Douma
c1152af523
Move deprecated aliases over to new registration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-03-15 15:13:12 +01:00
Julius Härtl
dbd63222c8
Add system config flag to manually set that a subscription is available
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-03-10 14:31:27 +01:00
Roeland Jago Douma
6ea1aef031
Merge pull request #19723 from nextcloud/bug/18603/avatar-response
...
Always use status 200 for avatar response
2020-03-03 16:15:14 +01:00
blizzz
b54069189c
Merge pull request #19742 from nextcloud/bug/19740/add-msg-for-exception
...
Add message for DoesNotExistException
2020-03-02 16:19:30 +01:00
Daniel Kesselberg
5ce9e73bad
Add message for DoesNotExistException
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-02 13:24:06 +01:00
Daniel Kesselberg
68148f4073
Always use status 200 for avatar response
...
As discussed in #18603 caching a 201 response is hard. It's now possible to distinguish between generated and uploaded avatars by reading the X-NC-IsCustomAvatar (0 = generated, 1 = uploaded) header.
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-03-01 00:42:24 +01:00
Mohammed Abdellatif
98d6415264
Add support for GuzzleHTTP 'no' proxy
...
The custom config allows to setup a proxy URI that is passed to
GuzzleHTTP client as request options. Guzzle has the option to receive
an array of proxies for each URI scheme as well as 'no' key value pair
to provide a list of host names that should not be proxied to.
Guzzle would automatically populate these options with HTTPS_PROXY
and NO_PROXY environment variables. However, when providing a 'proxy'
request option, default values will be overriden and it is required to
explicitly provide the 'no' value if needed.
More info:
http://docs.guzzlephp.org/en/stable/request-options.html#proxy
This commit will add support for a new config 'proxyexclude', which
takes a list of host names to be excluded.
It will also provide 'proxy' request option as an array instead of a
string to Guzzle, and populate 'http' and 'https' URI schemes with
proxy URI, and 'no' with 'proxyexclude' list.
Also, if no 'proxy' is configured, it will leave out 'proxy' request
option, so it won't override Guzzle default values.
Sample config file includes a hint on how to explicitly sync
'proxyexclude' with NO_PROXY, and a note about default values.
Signed-off-by: Mohammed Abdellatif <m.latief@gmail.com>
2020-02-29 19:19:23 +02:00
Robin Appelman
fed86e8382
better tests for SimpleFolder
...
test behavior, not implementation
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-02-28 12:55:20 +01:00
Joas Schilling
e97d643969
Strip of users home path from share api message
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-02-20 14:56:58 +01:00
Arthur Schiwon
b1a6f66fd9
when we receive intentional empty whats new info, do not try to show it
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-02-13 22:03:44 +01:00
Arthur Schiwon
d06ef07a97
disable timeout on app install via cli
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-02-12 16:52:45 +01:00
John Molakvoæ (skjnldsv)
0687b9ed8a
[3rdparty] Bump guzzlehttp/guzzle from 6.3.3 to 6.5.2
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2020-02-11 20:49:27 +01:00
Roeland Jago Douma
12e1c469cf
Add Argon2id support
...
When available we should use argon2id for hashing.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-07 07:52:33 +01:00
Joas Schilling
3a0bfbd558
Merge pull request #18926 from nextcloud/fix/18689/int-array-access
...
Array access on int will fail on php7.4
2020-02-06 21:31:03 +01:00
Roeland Jago Douma
0d651f106c
Allow selecting the hashing algorithm
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-02-03 21:41:17 +01:00
Roeland Jago Douma
1b33116e8f
Merge pull request #19241 from nextcloud/bug/noid/job-catch-throwable
...
Make sure to catch php errors during job execution
2020-02-03 09:54:26 +01:00
Roeland Jago Douma
bfaf3fff33
Move Admin Settings also to info.xml
...
More cleanup of the Settings apps. Makes the manager cleaner and a
proper manager.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-31 16:55:17 +01:00
Daniel Kesselberg
018020108b
Make sure to catch php errors during job execution
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-31 16:04:04 +01:00
Roeland Jago Douma
c9253cce6c
Move personal settings to proper registration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-30 22:06:28 +01:00
Roeland Jago Douma
dc1979903e
Move password settings
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-30 14:03:28 +01:00
Roeland Jago Douma
9ed106f69a
Merge pull request #19176 from nextcloud/fix/contacts-menu-mailt-encoding
...
Do not encode contacts menu mailto links
2020-01-30 09:45:13 +01:00
Christoph Wurst
87ec729f34
Do not encode contacts menu mailto links
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-28 14:57:45 +01:00
Roeland Jago Douma
03df1b4c51
Move admin sections to settings app
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-28 12:38:11 +01:00
Roeland Jago Douma
d8e9cefcfe
Move the Personal sections to the settings app
...
There is no need to have weird magic in the manager. This should be
properly registered in the right way. The settings code is messy
anyways. This is a start to make it a tad more clean.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-28 08:45:07 +01:00
Sergey Shliakhov
acc0df1d13
Change avatar placeholder from single letter to 2 letters
...
https://github.com/nextcloud/server/issues/18717
Signed-off-by: Sergey Shliakhov <husband.sergey@gmail.com>
2020-01-27 09:42:45 +01:00
Arthur Schiwon
5b18f684e7
add hub bundle for easy post-installation
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-26 21:23:42 +01:00
Daniel Kesselberg
7af3bcb4bc
Add test to trigger "Trying to access array offset on value of type int"
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-23 10:18:14 +01:00
Roeland Jago Douma
8056bbeae3
Merge pull request #19035 from nextcloud/bugfix/noid/increase-timeout-for-downloads
...
Adjust unit test for #19017
2020-01-21 10:53:08 +01:00
Joas Schilling
827f3228a3
Adjust unit test for #19017
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-01-21 08:44:35 +01:00
Daniel Kesselberg
8331d8296b
Make getServerHost more robust to faulty user input
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2020-01-16 11:26:29 +01:00
Robin Appelman
47fd6730e0
use `nodeExists` instead of catching exceptions
...
makes the intent of the code more clear imo
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-01-14 11:03:14 +01:00
Roeland Jago Douma
e7b308cf0a
Merge pull request #18805 from nextcloud/bugfix/direct-edit-create
...
Check if file already exists during file creation
2020-01-14 08:34:39 +01:00
Julius Härtl
ab4b9a6df5
CHeck if file already exists during file creation
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-13 18:10:12 +01:00
Georg Ehrke
2f89f5fd13
AppFetcher: Distinguish between fileName and endpointName
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2020-01-09 17:29:00 +01:00
Christoph Wurst
60d4b45e89
Clean up 2FA provider registry when a user is deleted
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-01-08 10:51:44 +01:00
Roeland Jago Douma
52e4ecd66e
Merge pull request #18644 from nextcloud/harden/csrf_endpoint
...
Only allow requesting new CSRF tokens if it passes the SameSite Cooki…
2020-01-07 13:43:46 +01:00
Roeland Jago Douma
a673c597ed
Fix the LoggerTests for phpunit
...
Less deprecation warnings. YAY.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-06 09:06:52 +01:00
Kim Brose
9c5fe8fca4
Fix CI
...
Signed-off-by: Kim Brose <kim.brose@rwth-aachen.de>
2020-01-03 18:06:59 +01:00
Roeland Jago Douma
da81b71f93
Only allow requesting new CSRF tokens if it passes the SameSite Cookie test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-01-03 13:12:03 +01:00
Daniel Kesselberg
d393b1612b
Modify regex to match some other chromium browsers
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-27 17:24:52 +01:00
Georg Ehrke
f0bef8881d
Restore old behavior allowing to set custom appstore
...
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2019-12-22 15:06:31 +01:00
GretaD
455013c309
fix the folder share
...
Signed-off-by: GretaD <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-12-19 16:14:47 +01:00
Julius Härtl
de5384466c
Return empty template for default creators
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-16 17:22:53 +01:00
Joas Schilling
faf58e4cac
Merge pull request #17018 from nextcloud/feature/noid/allow-to-force-enable-via-cli
...
Allow to force enable apps via CLI
2019-12-16 12:34:27 +01:00
Roeland Jago Douma
3b8fbf129e
Merge pull request #18384 from nextcloud/fix/18255/global_config_to_always_accept
...
config.php setting to always accept internal shares
2019-12-16 09:50:45 +01:00
Roeland Jago Douma
bb4264c565
config.php setting to always accept internal shares
...
Part of #18255
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-16 09:07:25 +01:00
blizzz
f7674c592c
Merge pull request #17494 from nextcloud/fix/16340/ignore-invalid-json
...
Return a default user record if json is broken
2019-12-13 15:43:36 +01:00
Joas Schilling
3eee359d7f
Allow to force enable apps via CLI
...
Co-authored-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 13:06:12 +01:00
Christoph Wurst
b97d90e0c3
Log critical fallback to user default if we can't parse the JSON
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 12:39:29 +01:00
Christoph Wurst
b81b824da1
Add typed events for the filesystem/scanner
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-13 09:41:05 +01:00
Roeland Jago Douma
87104ce510
Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-config
...
Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
2019-12-12 21:59:42 +01:00
Greta Doci
c864bc8321
Move users management to multi line
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-12-12 12:25:13 +01:00
Roeland Jago Douma
c6e51924c8
Merge pull request #18236 from nextcloud/bugfix/noid/always-detect-mimetype-by-content-in-workflows
...
Allow to detect mimetype by content
2019-12-12 11:19:55 +01:00
Roeland Jago Douma
8473a09499
REVERT ME: comment out failing gz detection test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-12 08:24:46 +01:00
John Molakvoæ (skjnldsv)
edf8893479
Fix tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-12-10 23:44:17 +01:00
Roeland Jago Douma
eb8ca3783c
Viewer should be always enabled
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 20:06:30 +01:00
Joas Schilling
059968e1c7
Pick a shorter name for the transfer ownership table
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-10 11:01:26 +01:00
Joas Schilling
6ad7e75708
Update the unit test to dataProviders
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-10 09:11:44 +01:00
Roeland Jago Douma
72155009fa
Merge pull request #18184 from nextcloud/bugfix/noid/is-trusted-domain
...
Move overwritehost check to isTrustedDomain
2019-12-09 21:37:22 +01:00
Daniel Kesselberg
29575c4d36
Move custom definition logic into method
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-09 12:10:19 +01:00
Daniel Kesselberg
64aba49461
Ensure that we don't merge broken json.
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-09 12:09:43 +01:00
Christoph Wurst
8bc4295cfa
Merge pull request #17325 from nextcloud/enh/decouple-register-resource-provider
...
Decouple resource provider registration
2019-12-09 09:51:25 +01:00
Daniel Kesselberg
48a130c2a8
Fix: Using assertContains() with string haystacks is deprecated and will not be supported in PHPUnit 9.
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-08 22:33:17 +01:00
Daniel Kesselberg
0016480370
Decouple resource provider registration
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-12-07 22:04:07 +01:00
Julius Härtl
d05f131929
Move overwritehost check to isTrustedDomain
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-12-07 09:53:06 +01:00
Roeland Jago Douma
04c2b5fcb1
Merge pull request #18130 from nextcloud/bugfix/noid/prevent-creating-users-with-existing-files
...
Prevent creating users with existing files
2019-12-05 10:30:00 +01:00
Joas Schilling
6004f62085
I love unit tests that mock unnecessary stuff
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-04 15:22:02 +01:00
Roeland Jago Douma
76b78edd40
Merge pull request #17833 from nextcloud/propagator-no-negative-sizes
...
dont set folder size to negative values during propagation
2019-12-04 11:49:26 +01:00
Joas Schilling
738e6bf079
Merge pull request #17715 from nextcloud/fix/5456/respect_avatar_privacy
...
Honor avatar visibility settings
2019-12-04 10:28:45 +01:00
Roeland Jago Douma
1d707cc349
Merge pull request #18028 from nextcloud/enhancement/user-create-events
...
Add typed create user events
2019-12-03 08:57:51 +01:00
Christoph Wurst
cc80339b39
Add typed create user events
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-03 08:03:57 +01:00
John Molakvoæ (skjnldsv)
5cb11ca642
Fix tests
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-12-02 13:08:43 +01:00
Daniel Kesselberg
9378a6b411
Send Clear-Site-Data expect for Chrome
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-30 15:17:22 +01:00
Julius Härtl
0c6c12deae
Adjust tags acceptance tests to moved admin section
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-28 18:26:15 +01:00
Julius Härtl
fc51425790
Adjust DirectEditing test to PHPUnit8
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-28 10:59:22 +01:00
Roeland Jago Douma
4173d9d749
Merge pull request #17625 from nextcloud/enh/noid/direct-editing
...
Direct editing API to allow file editing using a one-time token
2019-11-28 08:49:57 +01:00
Roeland Jago Douma
62dc320191
Merge pull request #17725 from nextcloud/enh/share_exp_internal
...
Allow internal shares to have a default expiration date
2019-11-28 08:37:19 +01:00
Roeland Jago Douma
669302e570
Merge pull request #18064 from nextcloud/feature/php74
...
Add php7.4 support
2019-11-28 08:36:10 +01:00
Julius Härtl
e18397284b
Use person icon for personal settings
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 21:06:14 +01:00
Julius Härtl
329e8c2604
Add mimetype to creators
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 19:56:44 +01:00
Julius Härtl
9a2694fcb0
Code style fixes and cleanup
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 19:56:40 +01:00
Roeland Jago Douma
0e14bdc0d0
remove test case
...
Because we test very naively we matched also on def in default...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma
469c06be15
TO REVERT LATER: disable decimaltest from LegacyDBTest
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma
b656693db2
TO REVERT LATER: disable tests in LargeFileHelperGetFileSizeTest
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:28 +01:00
Roeland Jago Douma
3a7cf40aaa
Mode to modern phpunit
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 15:27:18 +01:00
Roeland Jago Douma
078f4efb20
Fix tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 14:51:14 +01:00
Julius Härtl
c8d3e32190
Direct editing token tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-11-27 14:36:20 +01:00
Roeland Jago Douma
ec14d95292
Fix lockprivider test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
8d4346d656
Fix more tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
bc16b05243
Fix signCoretests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
305481688b
SignApp fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
ef4b59d341
More fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:42 +01:00
Roeland Jago Douma
799f58391e
More fixes
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
3aa5f105fa
Fix more tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
385ec2947d
Skip redis if not configured
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
c007ca624f
Make phpunit8 compatible
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-27 13:34:41 +01:00
Roeland Jago Douma
0532f8116d
Merge pull request #18019 from nextcloud/enhancement/password-policy-events
...
Add typed events for password_policy
2019-11-27 11:11:17 +01:00
blizzz
d2f9deba51
Merge pull request #17834 from nextcloud/enh/noid/generic-event-replacement-tk2
...
Public API's GenericEvent replacement (take 2)
2019-11-27 10:50:07 +01:00
Christoph Wurst
1a886b1472
Add typed events for password_policy
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00
Roeland Jago Douma
d09f8c7423
Merge pull request #17939 from nextcloud/fix/token-insert-conflict-handling
...
Handle token insert conflicts
2019-11-26 19:47:59 +01:00
Arthur Schiwon
fc16b09a2c
Files first to use own GenericEvent
...
* those are added to 18 only anyway :)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-26 14:48:59 +01:00
Roeland Jago Douma
b607e3e6f4
Merge pull request #17948 from nextcloud/enh/check-if-property-is-bool
...
Make isXXX available for bool properties only
2019-11-26 12:25:36 +01:00
Christoph Wurst
0299ea0a96
Handle token insert conflicts
...
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.
As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-26 12:07:12 +01:00
Robin Appelman
74c6beb603
dont set folder size to negative values during propagation
...
normally this shouldn't be a problem, but cache/storage desync might cause this
so this adds some failsafe to ensure we dont corrupt the cache further
the minimum value is set to -1 instead of 0 in order to triger a background scan
on the folder and figure out the size properly
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
Robin Appelman
9e450d727a
add LEAST and GREATER to db function builder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-26 12:05:30 +01:00
blizzz
b1dffc5c2d
Merge pull request #17896 from nextcloud/fix/noid/consider-create-group-result
...
take group creation result into consideration
2019-11-25 17:16:40 +01:00
Arthur Schiwon
7b1eedb11e
take group creation result into consideration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-11-25 14:01:20 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes
...
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Roeland Jago Douma
3c1bcd551d
Fix the tests after #18029
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-21 22:31:45 +01:00
Roeland Jago Douma
5c4b2a2436
Merge pull request #18029 from nextcloud/feature/public-post-login-event
...
Make the post login event public
2019-11-21 12:39:42 +01:00
Daniel Calviño Sánchez
f402e23448
Accept incoming shares in acceptance tests
...
Incoming shares are no longer automatically added to the file list of
the sharee. Instead, the user now needs to explictly accept the share.
Currently shares can be accepted only from the Notifications app, so it
must be explicitly cloned before installing Nextcloud if it is not found
in the "apps" directory. Note that the development branches are already
built, so there is no need to explicitly build the app.
With the new sharing behaviour the "share a skeleton file with another
user before first login" scenario is no longer valid (as the user will
need to log in to accept the share, so at that point the skeleton is
already created), so it was removed.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Daniel Calviño Sánchez
0abff19aa9
Rename "Notification" to "Toast"
...
Since Nextcloud 17 the proper name for the old built-in notifications is
"Toast". Moreover, this will reduce ambiguity when using the
"notification" term to refer to elements in the Notifications app.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-11-20 21:15:46 +01:00
Roeland Jago Douma
da25ed997e
Do not check for updates if we have no internet
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 19:30:59 +01:00
Christoph Wurst
535000aac6
Make the post login event public
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-20 18:43:09 +01:00
Roeland Jago Douma
b367027798
Do pagination on the dummy group backend
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-20 08:08:01 +01:00
Roeland Jago Douma
1bd688a9d1
Use dummy backend in test
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-18 11:54:26 +01:00
Roeland Jago Douma
a184e350d7
Merge remote-tracking branch 'origin/master' into filecache-extension
2019-11-18 11:06:17 +01:00
Daniel Kesselberg
a27c10daa6
Make isXXX available for bool properties only
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-11-16 00:39:48 +01:00
Roeland Jago Douma
54eb27dab2
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-13 20:43:20 +01:00
RussellAult
19791b2460
Check getRedirectUri() for queries
...
Resolves Issue #17885
Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'.
Signed-off-by: RussellAult <russellault@users.noreply.github.com>
2019-11-13 14:05:03 +01:00
Robin Appelman
066faaec05
fix folder delete
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:46 +01:00
Robin Appelman
43fa746ad9
dont create empty filecache extended rows
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:43 +01:00
Robin Appelman
1b6e647b63
expose filecache extension data in FileInfo
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 12:39:32 +01:00
Robin Appelman
842da3f183
store filecache extension fields
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-11-13 11:30:44 +01:00
Daniel Calviño Sánchez
2f49806c20
Add unit tests for "getAllShares()"
...
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-30 14:27:41 +01:00
John Molakvoæ (skjnldsv)
12eba18bdf
Adjust acceptance tests to new OCA.Sidebar
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 13:20:08 +01:00
John Molakvoæ (skjnldsv)
ea6f423e2c
Extend data returned when searching remote shares
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-29 12:55:59 +01:00
Roeland Jago Douma
2cf068463f
Harden middleware check
...
These annotations will allow for extra checks. And thus make it harder
to break things.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-25 15:44:37 +02:00
Daniel Calviño Sánchez
81d0b70791
Run acceptance tests on PHP 7.3
...
There is no difference (as far as I know) between running the acceptance
tests on PHP 7.1 or on PHP 7.3; this is simply a preparatory step to be
ready when PHP 7.1 support is dropped in Nextcloud server.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-10-22 16:48:55 +02:00
Roeland Jago Douma
5122629bb0
Make renewSessionToken return the new token
...
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-10-09 10:10:37 +02:00
Roeland Jago Douma
075a0b24d5
Merge pull request #17431 from johkoenig/bugfix/17377/trusted_domain_helper_case_insensitive
...
make TrustedDomainHelper case insensitive
2019-10-08 08:51:11 +02:00
Roeland Jago Douma
a02a626606
Merge pull request #17411 from kinolaev/fix-oauth2-redirect
...
Fix oauth client redirect
2019-10-07 12:03:52 +02:00
Johannes Koenig
2df8d646c1
make TrustedDomainHelper case insensitive
...
Signed-off-by: Johannes Koenig <mail@jokoenig.de>
2019-10-06 20:43:55 +02:00
Sergej Nikolaev
1b5d85a4ca
fix oauth client redirect
...
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
2019-10-04 21:09:13 +03:00
John Molakvoæ
6d819e2820
Fix master testing and update eslint-config ( #17367 )
...
Fix master testing and update eslint-config
2019-10-04 08:18:13 +02:00
John Molakvoæ (skjnldsv)
4293ede565
Fix tag acceptance tests after #16682
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
2019-10-04 07:48:45 +02:00
Tim Terhorst
2ad33bc06e
Add Fatal logging option
...
Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
2019-10-02 21:18:29 -05:00
blizzz
47ab961aa7
Merge pull request #17001 from nextcloud/fix/noid/addressbookchanges-avatar
...
reduce adressbook change events and handling
2019-10-01 12:17:35 +02:00
Christoph Wurst
de6940352a
Move settings to an app
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 09:39:28 +00:00
John Molakvoæ (skjnldsv)
f737dc9a86
Remove input id on login form
...
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-28 08:15:03 +00:00
Roeland Jago Douma
cc6874df19
Merge pull request #17264 from nextcloud/move-from-storage-wrappers
...
handle moveFromStorage within the same storage even when storage wrap…
2019-09-26 15:48:59 +02:00
Roeland Jago Douma
6ac67011f4
Merge pull request #17262 from nextcloud/objectstore-remove-cache-on-delete
...
dont delete cache entries if deleting an object from object store failed
2019-09-26 11:24:02 +02:00
Robin Appelman
35f317df7b
handle moveFromStorage within the same storage even when storage wrappers are applied to the source storage
...
the target storage doesn't need additional handling for wrappers as the wrappers implementation of moveFromStorage already deals with that
Any storage based on local storage isn't affected by this as local storage already has it's own way of handling with this
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 19:17:06 +02:00
Robin Appelman
733d4b6cca
dont delete cache entries if deleting an object from object store failed
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-25 18:09:45 +02:00
Roeland Jago Douma
210a0554a2
Use the actual password to update the tokens
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-18 19:50:58 +02:00
Greta Doci
68ef242a0a
Fixed the SecurityTest error
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
2019-09-15 12:04:28 +02:00
Greta Doci
4ff7551574
Fixed the test
...
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-09-15 12:04:28 +02:00
Roeland Jago Douma
2b98eea129
Harden identifyproof openssl code
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-14 13:52:10 +02:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-09-12 14:44:55 +02:00
Roeland Jago Douma
2187f856ce
Merge pull request #16682 from nextcloud/enh/12790/workflow-backend
...
workflow overhaul
2019-09-11 13:14:06 +02:00
Roeland Jago Douma
41cbb05aea
Split personal security settings in code
...
Instead of one big monolitic sections this is the first step in breaking
down the settings. This should make is easiet to see what does what. As
well as nicely splitting up the sections.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-10 16:22:41 +02:00
Arthur Schiwon
1cc6f34d88
adapt file hooks test to eventdispatcher utilization
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-09 23:28:51 +02:00
Roeland Jago Douma
bf6082e119
Merge pull request #16836 from nextcloud/fix/16724/smb-availability
...
Fix SMB availability status + higher delay on auth issues
2019-09-09 16:50:42 +02:00
Roeland Jago Douma
1cfb851300
Merge pull request #17006 from nextcloud/querybuilder-max-min
...
add MAX and MIN to functionbuilder
2019-09-07 11:09:11 +02:00
Robin Appelman
8ef5a366ec
add MAX and MIN to functionbuilder
...
Signed-off-by: Robin Appelman <robin@icewind.nl>
2019-09-06 12:28:17 +02:00
Roeland Jago Douma
0ff08810d9
Log/FileTest does not require the DB
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-09-04 20:41:12 +02:00
Arthur Schiwon
d33e0be2f1
adjust test expectations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-09-04 13:46:56 +02:00
Roeland Jago Douma
2fdf946dae
Merge pull request #16454 from nextcloud/bugfix/noid/sharelink-shouldnt-open-menu-automatically
...
Dont show menu automatically when share link is clicked
2019-09-04 10:36:04 +02:00
Daniel Kesselberg
773778dd8c
Add default timeout to expected request options
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-09-03 14:59:09 +02:00
Greta Doci
1993984769
Adjust acceptance tests to changes in link share menu behaviour
...
Now the link share menu is not automatically opened after a link share
is created, so waiting until it was opened failed in iShareTheLinkFor.
Note that the steps that interact with the link share menu take care
themselves of showing the menu if needed, so there is no need to
explicitly show it despite the change. Also, the waiting in
iShareTheLinkFor was introduced when the link share menu was changed
to automatically open after creating a link share, as that caused some
issues with the steps that opened the menu by themselves (fec8d12fc5
).
Due to all this, now that the link share menu is again not automatically
opened the wait can be simply removed.
Signed-off-by: Greta Doci <gretadoci@gmail.com>
2019-08-29 10:19:03 +02:00
Roeland Jago Douma
3f12ec95f0
SessionMiddleware: declare session property
...
* Remove request since we don't useit
* Update tests as well
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-28 13:02:29 +02:00
John Molakvoæ
caf32d25f8
Merge pull request #16879 from only-run-integration-tests-on-php-changes
...
Only run integration tests when PHP was modified
2019-08-27 18:12:40 +02:00
Roeland Jago Douma
495f94e558
Merge pull request #16875 from nextcloud/bugfix/16874/welcome-mail-client-url
...
Use custom client URL in welcome emails
2019-08-27 13:48:11 +02:00
Joas Schilling
23a0cbe6ef
Only run integration tests when PHP was modified
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-27 11:31:15 +02:00
Julius Härtl
52dc36fb88
Mock client URL in new user mail tests
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-08-27 10:22:54 +02:00
Roeland Jago Douma
505f10044a
Merge pull request #16865 from nextcloud/bugfix/noid/5-min-cron
...
Cron should run every 5 mins
2019-08-26 19:29:57 +02:00
Arthur Schiwon
4bd83c9a28
adjust tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-08-26 13:47:35 +02:00
Joas Schilling
db968cb1d4
Cleanup the Settings class
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-08-26 11:50:26 +02:00
John Molakvoæ
40edabaf61
Merge pull request #16795 from nextcloud/enh/phpstan/limiter
...
Fix report of phpstan in Limiter
2019-08-26 11:42:03 +02:00
blizzz
6d20876eb2
Merge pull request #16782 from nextcloud/fix/16729/stop-if-encrypted-token-null
...
Stop if there is no encrypted token
2019-08-21 12:31:12 +02:00
Roeland Jago Douma
7927aebdeb
Fix report of phpstan in Limiter
...
* unneeded arguments to constructor
* added return types
* let automatic DI do its work
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-19 19:38:43 +02:00
Daniel Kesselberg
9c4c5ee818
Add test case for existing user with token null
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:27:03 +02:00
Daniel Kesselberg
7f7c6e49b6
Return the disabled user mock instead of the existing
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-08-18 23:18:39 +02:00
Daniel Calviño Sánchez
e5a305b9d8
Allow Context subclasses in acceptance tests to access parent actor
...
Although uncommon, in some cases a Context may need to be extended (for
example, to override a step defined in the server with a specific
behaviour in the acceptance tests of an app); in those cases the
subclass should be able to access the actor attribute defined in the
Context it is extending.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2019-08-16 08:20:41 +02:00
Roeland Jago Douma
fced73aa37
Merge pull request #16711 from nextcloud/fix/csp/form_actions/loginflow
...
Fix login flow form actions
2019-08-12 08:24:53 +02:00
Roeland Jago Douma
f465f9d4b9
Merge pull request #16721 from nextcloud/fix/16644
...
Correctly handle emtpy string in proxyuserpwd config
2019-08-11 22:46:01 +02:00
Scott Shambarger
edf946dfc7
Correctly handle emtpy string in proxyuserpwd config
...
As documented, the default value for config value proxyuserpwd is ''.
However, that value results in the error:
"cURL error 5: Unsupported proxy syntax in '@'".
This patch handles the values of '' and null (the default in the code)
the same for config values proxyuserpwd and proxy.
Signed-off-by: Scott Shambarger <devel@shambarger.net>
2019-08-11 21:07:30 +02:00
Roeland Jago Douma
6dc179ee12
Fix login flow form actions
...
So fun fact. Chrome considers a redirect after submitting a form part of
the form actions. Since we redirect to a new protocol (nc://login/).
Causing the form submission to work but the redirect failing hard.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-11 19:53:49 +02:00
Roeland Jago Douma
f81817b47d
Add tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 19:40:13 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header
...
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-08-10 14:26:22 +02:00
Roeland Jago Douma
2e2d1b6b5c
Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshare
...
Fix permission check on incoming federated shares
2019-08-01 10:55:35 +02:00
Roeland Jago Douma
cf647451e5
Update CSP test cases to handle the new form-action
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-31 15:16:10 +02:00
Julius Härtl
22b81ac1e4
Fix permission check on incoming federated shares
...
Since federated shares have their permissions set on the node, we do not need
to check for parent share permissions. Otherwise reshares of incoming federated
have no permission variable defined and creating them will fail
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 12:59:51 +02:00
Roeland Jago Douma
436f7b92d5
Merge pull request #16544 from nextcloud/bugfix/16540
...
Add missing password reset page to vue
2019-07-31 11:02:20 +02:00
Julius Härtl
3b0d13944a
Move actual password reset to vue
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-31 09:19:07 +02:00
Joas Schilling
d4eb8481fa
Merge pull request #16594 from nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare
...
Remove unused OC\Share\Share::checkPasswordProtectedShare
2019-07-30 09:58:38 +02:00
Roeland Jago Douma
135209f24e
Merge pull request #16579 from nextcloud/enh/PostLoginEvent
...
Add proper PostLoginEvent
2019-07-30 08:54:10 +02:00
Morris Jobke
e21f440990
Merge pull request #16502 from nextcloud/bugfix/16474
...
Check the if we can actually access the storage cache for recent files
2019-07-29 16:59:26 +02:00
Roeland Jago Douma
0ea7fbae54
Update tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-29 16:31:40 +02:00
Morris Jobke
98237d2a00
Remove unused OC\Share\Share::checkPasswordProtectedShare
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-29 15:23:21 +02:00
Roeland Jago Douma
51197ac622
Merge pull request #16582 from nextcloud/enh/split_up_security_middleware
...
Split up security middleware
2019-07-29 12:13:55 +02:00
Roeland Jago Douma
b6dd2ebd39
Use proper exception in lostController
...
There is no need to log the expcetion of most of the stuff here.
We should properly log them but an exception is excessive.
This moves it to a proper exception which we can catch and then log.
The other exceptions will still be fully logged.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 20:12:16 +02:00
Roeland Jago Douma
37a4282c7a
Split up security middleware
...
With upcoming work for the feature policy header. Splitting this in
smaller classes that just do 1 thing makes sense.
I rather have a few small classes that are tiny and do 1 thing right
(and we all understand what is going on) than have big ones.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-27 16:11:45 +02:00
Morris Jobke
2e803dc3d3
Merge pull request #16555 from nextcloud/fix/16529/mask-keys
...
use a pattern to identify sensitive config keys
2019-07-26 15:15:56 +02:00
Morris Jobke
71e5300f84
Merge pull request #16551 from nextcloud/fix/12735/displayname-email
...
supresses disclosing the userid for LDAP users in the welcome mail
2019-07-26 15:14:59 +02:00
Arthur Schiwon
78201bcb72
treat sensitive config keys by pattern
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 13:31:14 +02:00
Roeland Jago Douma
0487144b26
Remove deprecated searchByTag
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-26 12:29:19 +02:00
Arthur Schiwon
898430b6b1
supresses disclosing the userid for LDAP users in the welcome mail
...
The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-07-26 10:48:34 +02:00
Julius Härtl
3674f6fa2d
Check the if we can actually access the storage cache for recent files
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-24 14:01:24 +02:00
Morris Jobke
d5b524ae07
Merge pull request #16492 from nextcloud/enh/exclude-rnd-files
...
Exclude .rnd files from integrity check
2019-07-23 14:57:55 +02:00
Daniel Kesselberg
8bed3021bd
Exclude .rnd files from integrity check
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-21 20:29:11 +02:00
Sam Bull
ea935f65fd
Add support for CSP_NONCE server variable
...
Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server.
Signed-off-by: Sam Bull <git@sambull.org>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-18 12:16:29 +02:00
Morris Jobke
5b604eaeab
Merge pull request #15040 from nextcloud/feature/13980/push-for-deleted-notifications
...
Notifications overhaul
2019-07-17 20:22:03 +02:00
Morris Jobke
782554d2ac
Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groups
...
Remove deleted groups from app restrictions fixes #15823
2019-07-17 17:36:00 +02:00
Morris Jobke
99f2c82222
Properly inject the logger
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-16 22:38:14 +02:00
Joas Schilling
565838da9c
Update unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 13:32:44 +02:00
Joas Schilling
55f5bc79a1
Keep the old method as a fallback and adjust the tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-16 11:36:32 +02:00
Roeland Jago Douma
f8aeef7ae9
Lock SCSS so we only run 1 job at a time
...
This is bit hacky but a start to lock the SCSS compiler properly
Retry during 10s then give up
Properly get error message
Do not clear locks and properly debug scss caching
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-12 16:18:02 +02:00
Roeland Jago Douma
c193c0d466
Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentions
...
Allow guest mentions of talk to be parsed
2019-07-12 10:35:54 +02:00
Joas Schilling
092d34d9df
Add a unit test for guests as well
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-07-11 10:24:27 +02:00
Morris Jobke
5c21b29d7f
Merge pull request #16308 from nextcloud/fix/undefined-offset-0
...
Prevent undefined offset 0 in findByUserIdOrMail
2019-07-10 12:16:36 +02:00
Daniel Kesselberg
d57540ac84
Return first value from $users
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 19:29:14 +02:00
Roeland Jago Douma
6a088d6800
Merge pull request #16310 from nextcloud/enh/drop-execution-context
...
Don't send executionContexts for Clear-Site-Data
2019-07-09 19:20:50 +02:00
Daniel Kesselberg
6235a66aac
Don't send executionContexts for Clear-Site-Data
...
There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59
Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034
Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2019-07-09 15:08:25 +02:00
Christoph Wurst
d058ef2b6c
Make it possible to wipe all tokens/devices of a user
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:57:04 +02:00
Christoph Wurst
1c261675ad
Refactor: move remote wipe token logic to RW service
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-07-09 13:39:27 +02:00
Roeland Jago Douma
5cef8957b5
Merge pull request #15730 from nextcloud/enh/14179/event_for_csp
...
Add an event to edit the CSP
2019-07-09 10:59:15 +02:00
Roeland Jago Douma
5ac857bcdc
Add an event to edit the CSP
...
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-07-08 20:35:15 +02:00
Morris Jobke
53d2d95478
Remove one time repair steps that have already run when updating to 17
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2019-07-08 14:47:26 +02:00
John Molakvoæ
5a03189ce7
Mimetype list integrity check should not fail if it's changed ( #15810 )
...
Mimetype list integrity check should not fail if it's changed
2019-07-07 20:01:58 +02:00
Xheni Myrtaj
9211e34aec
Added Tests for modified mimetypelist
...
Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
2019-07-04 09:35:36 +01:00
Julius Härtl
857fae288c
Always set the display name for user shares
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2019-07-03 21:34:18 +02:00