Commit Graph

3629 Commits

Author SHA1 Message Date
Arthur Schiwon a7a651f4a4
move splitUserRemote unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:25 +02:00
Arthur Schiwon a28b1d91f9
split off former searchSharee unit test
also moves registering default plugins to Server for proper unit testing

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon 3d1d03a511
split off getEmail tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon c92f7ee767
split off getRemote unit tests
adds two small fixes → they actually work \o/

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon b35760de27
split off getGroups unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:24 +02:00
Arthur Schiwon dd9e191d37
split off getUsers unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-26 23:10:23 +02:00
Morris Jobke 292a704648 Merge pull request #6544 from nextcloud/fix/duplicate-session-token
Fix duplicate session token after remembered login
2017-09-25 17:39:02 +02:00
Roeland Jago Douma c257cd57d4
Handle SameSiteCookie check for index.php in AppFramework Middleware
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-24 21:07:16 +02:00
Morris Jobke 38568c362b Merge pull request #6605 from nextcloud/oc_ocs_response_is_dep
OC_OCS_Response is deprecated
2017-09-21 20:38:18 +02:00
Roeland Jago Douma eb00dbb593
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 18:30:20 +02:00
Roeland Jago Douma 87e10f9e6a
OC_OCS_Response is deprecated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-21 17:56:00 +02:00
Robin Appelman 385d6f098c
Add tests for multipart upload
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-21 14:47:34 +02:00
Christoph Wurst 38bb6e1477
Fix duplicate session token after remembered login
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
Lukas Reschke 53057f2bd0 Merge pull request #5462 from nextcloud/add-frameancestor-support
Add CSP frame-ancestors support
2017-09-18 14:25:44 +02:00
Lukas Reschke 705432ca6f
Add filter for `shareapi_allow_share_dialog_user_enumeration`
This adjusts the contacts menu to also support searching by email address which is relevant in scenarios where no UID is known such as LDAP, etc.

Furthermore, if `shareapi_allow_share_dialog_user_enumeration` is disabled only results are shown that match the full user ID or email address.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-09-15 15:58:04 +02:00
Thomas Citharel ecf347bd1a Add CSP frame-ancestors support
Didn't set the @since annotation yet.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2017-09-15 15:23:10 +02:00
Tobia De Koninck fa402c74d2
Add tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:40 +02:00
Tobia De Koninck 473a1ecad1
Fix tests
Signed-off-by: Tobia De Koninck <tobia@ledfan.be>
2017-09-15 14:31:39 +02:00
Roeland Jago Douma 9163cf9241
Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-12 22:28:43 +02:00
Morris Jobke 8a79d0cc70 Merge pull request #6414 from nextcloud/share-notification-wrong-language
Use the language of the recipient for the share notification
2017-09-08 19:15:05 +02:00
Leon Klingele 8e46e6b827
Improve text: 'you have now' -> 'you now have'
Signed-off-by: Leon Klingele <leon@struktur.de>
2017-09-08 13:47:11 +02:00
Joas Schilling 7e625a8d22
Use the language of the recipient for the share notification
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-08 10:48:16 +02:00
Morris Jobke 5d4540f179 Merge pull request #6364 from nextcloud/fix_login_loop
Fix login with basic auth
2017-09-06 17:04:00 +02:00
Morris Jobke 15cd21d252 Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name
Set the meta data before everything
2017-09-05 16:08:57 +02:00
Morris Jobke 4e3c39c1d1
Fix tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-05 13:55:36 +02:00
Roeland Jago Douma b96485b6bd
Fix login with basic auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-05 12:24:41 +02:00
Joas Schilling dea011243e
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-04 17:01:31 +02:00
Morris Jobke 4fd3240b5f Merge pull request #6254 from nextcloud/async-bus-split
Allow configuring different command bus backends
2017-09-04 14:22:06 +02:00
Morris Jobke 1ebf91ec16
Add proper EOL
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-09-04 14:21:44 +02:00
Roeland Jago Douma 84ea66dca8 Merge pull request #6296 from nextcloud/improve_2fa
Improve 2FA
2017-08-31 10:52:40 +02:00
Roeland Jago Douma 84b7022118
Improve 2FA
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-29 20:27:36 +02:00
Morris Jobke 0b652648cc Merge pull request #6177 from nextcloud/properly-add-slo-url
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
2017-08-26 18:50:52 +02:00
Björn Schießle 60ee450809 Merge pull request #5870 from nextcloud/generate-system-wide-key-pair
extend the identity proof manager to allow system wide key pairs
2017-08-24 18:36:35 +02:00
Robin Appelman 9731350ace split async test bus for easier subclassing 2017-08-24 16:06:37 +02:00
Roeland Jago Douma 9357cf735a Merge pull request #6164 from nextcloud/dont-show-error-message-when-sql-failed
Prevent SQL error message in case of error
2017-08-23 16:49:57 +02:00
Lukas Reschke 2e4cd44556
Inject \OCP\IURLGenerator to make tests work
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 15:32:40 +02:00
Lukas Reschke a04feff9a7
Properly allow \OCP\Authentication\IApacheBackend to specify logout URL
Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string.
This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result
in `<a href="foo">`.

This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with
054e161eb5 inside the navigation manager where one cannot simply inject attributes.

Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112,
people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects
you to the IdP and properly logs you out there as well.

Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to
use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout
URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but
I'm not aware of any and there's simply no way to fix this properly otherwise.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-18 12:22:44 +02:00
Lukas Reschke ed8a98eaa1
Prevent SQL error message in case of error
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.

The easiest way to reproduce is on MySQL:

1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-17 12:08:40 +02:00
Morris Jobke 1c38a83927 Always log cron execution
There was a setting to disable the last execution of cron. There is no known
problem with this write access and it was also questioned when this feature
was build in https://github.com/owncloud/core/pull/7689#issuecomment-38264707

Recently there was also a bug report about a non-visible last cron execution
(#6088) - let's better remove this.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-17 09:45:11 +02:00
Morris Jobke a55e794bfd Cleanup unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 14:29:26 +02:00
Morris Jobke cf7c4a4439 Merge pull request #6123 from nextcloud/cleanup-shareItem
Cleanup usage of shareItem in internal code base
2017-08-15 13:57:00 +02:00
Morris Jobke c5f14ac884 Merge pull request #6121 from nextcloud/cleanup-registerBackend
Use proper methods for registerBackend
2017-08-15 13:52:49 +02:00
Morris Jobke 8366dfa50b Cleanup usage of shareItem in internal code base
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:57:18 +02:00
Morris Jobke 895b9c2309 Use proper methods for registerBackend
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:29:15 +02:00
Morris Jobke 3e13e94254 Use proper methods for checkPasswordProtectedShare
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 11:28:05 +02:00
Morris Jobke f640b56bfa Cleanup unused methods
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 10:09:47 +02:00
Bjoern Schiessle bae5be3dc1
add prefix to user and system keys to avoid name collisions
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Bjoern Schiessle 9524badccc
extend the identity proof manager to allow system wide key pairs
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-08-10 14:27:35 +02:00
Roeland Jago Douma 1ea7f14f0a
Fix SessionTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:13:54 +02:00
Roeland Jago Douma 26bf0ca9d4
Fix RepairMimeTypeTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:04:57 +02:00
Roeland Jago Douma db27bbf90d
Fix CacheTest
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 16:01:09 +02:00
Roeland Jago Douma 8b0051eb40
Fix encryption test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-09 15:51:08 +02:00
Roeland Jago Douma ed3b391e47
Use symfony/translation for L10N plurals
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-07 19:53:36 +02:00
Roeland Jago Douma 4633717f04
Move pre_shared and post_shared events to EventDispatcher
* Now listeners for those events get proper share objects.
* Legacy hooks still fired
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-03 15:14:29 +02:00
Joas Schilling 2f8756754f
Fix last failures with oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling 293dea0625
Fix querybuilder and functionbuilder tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling 20f8d1094a
Can not insert auto increment on oracle
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Joas Schilling 106df7bc33
Fix missing escape on column and table name
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-02 09:48:16 +02:00
Lukas Reschke f93a82b8b0
Remove explicit type hints for Controller
This is public API and breaks the middlewares of existing apps. Since this also requires maintaining two different code paths for 12 and 13 I'm at the moment voting for reverting this change.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 17:32:03 +02:00
Morris Jobke 84c22fdeef Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call
Add metadata to \OCP\AppFramework\Http\Response::throttle
2017-08-01 14:43:47 +02:00
Morris Jobke 6010c4f267 Merge pull request #5877 from nextcloud/typehint_middleware
Prop argument type for Middleware
2017-08-01 14:28:16 +02:00
Roeland Jago Douma c8452803ef Merge pull request #5897 from nextcloud/add-share-mail-for-user-share
Send an email once a file/folder is shared with a user
2017-08-01 13:27:15 +02:00
Morris Jobke 582fb5d129 Update the URLs in tests to use example.org
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-01 11:16:04 +02:00
Lukas Reschke dfd8125aeb
Replace wrong PHPDocs
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:16 +02:00
Lukas Reschke e1f52fc901
Stricter phan config fixes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-08-01 08:20:13 +02:00
Roeland Jago Douma f71dc7523f
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
Roeland Jago Douma 3548603a88
Fix middleware implementations signatures
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-31 16:54:19 +02:00
Morris Jobke c43abe43b0 Send an email once a file/folder is shared with a user
* only if user has set an email address
* only for user shares (no group shares for now)

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-28 08:36:11 +02:00
Lukas Reschke f22ab3e665
Add metadata to \OCP\AppFramework\Http\Response::throttle
Fixes https://github.com/nextcloud/server/issues/5891

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-27 14:17:45 +02:00
Morris Jobke c27498db71 Use IConfig instead of static OCP\Config
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
Lukas Reschke 013d7483bf Add new bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-26 11:49:03 +02:00
Lukas Reschke 3faef644a1 Merge pull request #5864 from nextcloud/legacy_user
Remove legacy OC_User_Backend and OC_User_Interface
2017-07-25 17:15:11 +02:00
Roeland Jago Douma b930f32e89
Remove legacy OC_User_Backend and OC_User_Interface
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 20:42:55 +02:00
Robin Appelman 89aaded07f add tests for renaming paths with multibyte utf8 characters
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-22 11:05:05 +02:00
Robin Appelman 06a4d6b5b9 Also repair storage id's when repairing invalid entries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-21 14:06:13 +02:00
Lukas Reschke 1c1ff82c06 Merge pull request #5802 from nextcloud/rm_dep_controller_functions
Remove deprecated Controller Functions
2017-07-21 10:12:20 +02:00
Roeland Jago Douma e5bedd8947 Merge pull request #5818 from nextcloud/ocs_privatedata
PrivateData to app
2017-07-21 09:47:49 +02:00
Morris Jobke b1954bed97 Merge pull request #5797 from paulijar/share20-postUnshareFromSelf
Dispatch event postUnshareFromSelf when the recipient of a share unshares it
2017-07-21 09:32:49 +02:00
Roeland Jago Douma 7753b93aa6
PrivateData to app
* PrivateData is an app now: https://github.com/nextcloud/privatedata
* No need to load the OCS routes.php (as there is none!)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-21 08:51:14 +02:00
Pauli Järvinen 7c4a15f215 Emit hook postUnshareFromSelf when the recipient of a share unshares it
- This kind of hook signal used to be emitted in the old Share library but it was missing from Share 2.0

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-20 14:45:46 +03:00
Roeland Jago Douma 0b495ceff8
Remove deprecated Controller Functions
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-20 11:03:12 +02:00
Morris Jobke 49c622fcba Merge pull request #5719 from nextcloud/improve-jscombiner
Properly handle if the deps file if for some reason empty
2017-07-19 16:31:29 +02:00
Morris Jobke 2ebafb06fd Properly handle if the deps file if for some reason empty
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-19 00:10:46 +02:00
Pauli Järvinen 8dce97a3e1 Fix emitting of legacy hook post_unshare
- When a file was unshared, the legacy hook pre_unshare fired twice and the hook post_unshare did not fire at all. This was obviously a copy-paste error.

Signed-off-by: Pauli Järvinen <pauli.jarvinen@gmail.com>
2017-07-16 13:13:15 +03:00
Lukas Reschke a79447c6fd Merge pull request #5699 from nextcloud/bruteforce_capability
Add bruteforce capabilities
2017-07-14 15:20:31 +02:00
Morris Jobke 1f1504e071 Merge pull request #5708 from nextcloud/nested-permissions-mask
Fix scan permissions with nested permissions masks
2017-07-13 23:27:01 +02:00
Robin Appelman 350e036c56 chunk getting invalid paths and reuse queries
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 16:37:38 +02:00
Robin Appelman 03f27b4c2c
Fix scan permissions with nested permissions masks
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 14:29:04 +02:00
Roeland Jago Douma 6a1f2ac076
Add bruteforce capabilities
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-13 11:23:08 +02:00
Roeland Jago Douma 04f2090698
Write cert bundle to tmp file first
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-12 19:24:20 +02:00
Roeland Jago Douma 86a496d94a Merge pull request #5567 from nextcloud/public-capabilities
Public capabilities API
2017-07-12 13:04:54 +02:00
Morris Jobke 172b4bb6d2 Merge pull request #5615 from nextcloud/issue-5286-fix-navigation-entries-for-group-restricted-apps
Don't load navigation entries of restricted apps
2017-07-07 10:46:45 +02:00
Morris Jobke b4a221f9be Merge pull request #5424 from nextcloud/moveFromCache-from-shared
fix moving folders out of a cache jail
2017-07-06 18:31:18 +02:00
Bjoern Schiessle b43f6d295e
update file system tests to take the master key into account
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-06 11:47:12 +02:00
Bjoern Schiessle f186a5cfb1
fix and extend dav test to also test the master-key setup
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-06 11:47:11 +02:00
Morris Jobke 60398b919b Merge pull request #5231 from nextcloud/migrations
Migrations
2017-07-05 17:32:40 +02:00
Morris Jobke 163e8774a4 Fix autoloader and namespace test
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-05 15:46:25 +02:00
Morris Jobke 7d58bb7db5 Merge pull request #5342 from nextcloud/userlist-used-space
show used space in user list
2017-07-05 15:15:25 +02:00
Joas Schilling 6abbe4e962
Don't load navigation entries of restricted apps
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:52:51 +02:00
Joas Schilling 0bff4f3f07 Fix the installer tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00