Commit Graph

4124 Commits

Author SHA1 Message Date
Lukas Reschke 7976927628 Merge pull request #4894 from nextcloud/generic-security-activities
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
Lukas Reschke 8c624bdef9 Merge pull request #4792 from nextcloud/fix-storage-wrappers-on-scanner
Make sure we use the passed-in storage when there is one
2017-05-19 00:49:58 +02:00
Roeland Jago Douma e43649e67e
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:10:57 +02:00
Christoph Wurst 1632bb4557
Move activities test code
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Lukas Reschke 7927aed991
Adjust token name
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke 691646bdae
Add tests for OAuth2 app
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke 59e968977c
Add test for DefaultTokenMapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 77827ebf11
Rename table back to lowercase
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke 26ee889fec
Add tests for ClientFlowLoginController
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Bjoern Schiessle 1eb7f4956b
delete auth token when client gets deleted
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Robin Appelman 1f1e1b0d00
use unmasked permissions during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-18 16:38:54 +02:00
Morris Jobke 78e6c2dea4 Merge pull request #4666 from nextcloud/enable-redis-cluster
Add redis cluster tests to our CI jobs
2017-05-16 10:10:25 -05:00
Morris Jobke 3bf9503070 Merge pull request #4816 from nextcloud/Ardinis-quota-files_external
Correctly calculate used space for quota with external storage
2017-05-12 11:33:54 -05:00
Morris Jobke 51c55a867d fix quota tests for external storage
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-12 11:32:16 -05:00
Lukas Reschke 4f752ed1fc Merge pull request #4809 from nextcloud/downstream-27676
Disable reset password link
2017-05-12 12:39:07 +02:00
Lukas Reschke 48a9a4bd81 Merge pull request #4825 from nextcloud/add-timeout-appstore
Add timeout for requests to appstore
2017-05-12 12:37:18 +02:00
Joas Schilling e6a0ad4701
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 10:02:15 +02:00
Joas Schilling adad4281af
Fix failed assertions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-12 09:58:18 +02:00
Morris Jobke f73ca1b77f Add redis cluster tests to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-11 17:07:20 -05:00
Joas Schilling 0828df5ed4
Disable the API endpoints as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-11 17:03:57 +02:00
Joas Schilling 538d32fe87
Automatic injection into the Fetchers
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:56:38 +02:00
Joas Schilling ca39940614
Automatic creation of Identity manager
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:45:11 +02:00
Joas Schilling d418ea550b
Automatic injection for CssController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:40 +02:00
Joas Schilling 9c8fe82000
Automatic injection for JsController
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-10 09:42:15 +02:00
Morris Jobke 1a83f11925 Merge pull request #4718 from nextcloud/handle-stalled-or-invisible-elements-automatically-in-acceptance-tests
Handle stale or invisible elements automatically in acceptance tests
2017-05-08 12:52:30 -05:00
Fabrizio Steiner f2a2b34e46 Increase device password entropy. Use lower- and upper-case characters and digits, but exclude ambiguous characters. The number of digits has also been increased to 25.
Signed-off-by: Fabrizio Steiner <fabrizio.steiner@gmail.com>
2017-05-08 14:04:40 +02:00
Daniel Calviño Sánchez 9313c9797f Add automatic handling of common command failures of Mink elements
Commands executed on Mink elements may fail for several reasons.
ElementWrapper is introduced to automatically handle some of those
situations, like StaleElementReference exceptions and ElementNotVisible
exceptions.

StaleElementReference exceptions are thrown when the command is executed
on an element that is no longer attached to the DOM. When that happens
the ElementWrapper finds again the element and executes the command
again on the new element.

ElementNotVisible exceptions are thrown when the command requires the
element to be visible but the element is not. When that happens the
ElementWrapper waits for the element to be visible before executing the
command again.

These changes are totally compatible with the current acceptance tests.
They just make the tests more robust, but they do not change their
behaviour. In fact, this should minimize some of the sporadic failures
in the acceptance tests caused by their concurrent nature with respect
to the web browser executing the commands.

However, the ElementWrapper is not a silver bullet; it handles the most
common situations, but it does not handle every possible scenario. For
example, the acceptance tests would still fail sporadically if an
element can become staled several times in a row (uncommon) or if it
does not become visible before the timeout expires (which could still
happen in a loaded system even if the components under test work right,
but obviously it is not possible to wait indefinitely for them).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 64f9c56224 Extract element finding to a command object
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 7642a4b727 Make internal find methods static
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez 16e3e81635 Add missing type hints
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Morris Jobke 0896d2b006 Make cache tests a bit more clear
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-04 19:37:40 -03:00
Mario Danic e4aac15a92
Update login flow redirection
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-04 19:21:22 +02:00
Morris Jobke 61379c9165 Merge pull request #4682 from nextcloud/try-to-start-browser-sessions-again-when-they-fail-in-acceptance-tests
Try to start browser sessions again when they fail in acceptance tests
2017-05-04 00:02:18 -03:00
Daniel Calviño Sánchez 4fc9a7146b Add option to acceptance test runners to set a custom timeout multiplier
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez b10478ff19 Try again to start browser sessions when they fail
Starting a session for an Actor can fail, typically, due to a timeout
connecting with the web browser. Now if the session fails to start it
will be tried again up to "actorTimeoutMultiplier" times in total before
giving up.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez e355e953b5 Generalize attribute name
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:45:52 +02:00
Daniel Calviño Sánchez 97bedb94af Fix exponential increase of timeout when finding ancestor elements
The timeout passed to the "find" method was multiplied by the
"findTimeoutMultiplier" attribute. However, as "find" used
"findAncestor" and "findAncestor", in turn, used "find" itself the
timeout was increased exponentially for ancestor elements. Now "find"
was split in "find" and "findInternal"; the first method is the public
one and modifies the given parameters as needed and then calls the
second method, private, that performs the find itself.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:34:04 +02:00
Morris Jobke dbe11916fa Merge pull request #4662 from nextcloud/remove-named-selectors-from-acceptance-tests
Remove named selectors from acceptance tests
2017-05-02 20:44:23 -03:00
Morris Jobke f233e856bf Merge pull request #4665 from nextcloud/enable-redis
Add redis support to our CI jobs
2017-05-02 17:16:19 -03:00
Roeland Jago Douma 24ff230f93 Merge pull request #4620 from nextcloud/preview-error-handling
better handling of preview generation errors
2017-05-02 21:49:14 +02:00
Morris Jobke ecb369b5e8
Add redis support to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 15:55:42 -03:00
Lukas Reschke 121cb4bcfc Merge pull request #4659 from nextcloud/fix/ignore-empty-email-contacts-menu
Do not show an email action for contacts with emtpy email addresses
2017-05-02 17:02:16 +02:00
Daniel Calviño Sánchez 1381f6c131 Replace "named" Mink selectors with "named_exact" Mink selectors
The "named" Mink selector first tries to find an exact match for its
locator and then, if not found, tries to find a partial match. Besides
other harder to track problems (see comment in the commit in which the
"content" locator was removed), this could cause, for example, finding
an action link titled "Favorited" when looking for the action link
titled "Favorite" (that is, one that conveys the opposite state to the
one found).

Although currently all the acceptance tests are compatible with both the
"named" and the "named_exact" Mink selectors the predefined locators are
modified to use the "named_exact" Mink selector to make them more
future-proof; the "named" Mink selector can still be used if needed
through the "customSelector" method in the builder object.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:38 +02:00
Daniel Calviño Sánchez 762a8e0b76 Remove "content" locator from acceptance tests
The "content" locator uses the "named" Mink selector and the "content"
Mink locator to find the element. The "named" Mink first tries to find
the elements whose content match exactly the given content but, if none
is found, then it tries to find elements that just contain the given
content.

This behaviour can lead to hard to track issues. Finding the exact match
and, if not found, finding the partial match is done in quick
succession. In most cases, when looking for an exact match the element
is already there, it is returned, and everything works as expected. Or
it may not be there, but then it is not there either when finding the
partial match, so no element is returned, and everything works as
expected (that is, the actor tries to find again the element after some
time).

However, it can also happen that when looking for an exact match there
is no element yet, but it appears after trying to find the exact match
but before trying to find the partial match. In that situation the
desired element would be returned along with its ancestors. However, as
only the first found element is taken into account and the ancestors
would appear first the find action would be successful, but the returned
element would not be the expected one. This is highly unlikely, yet
possible, and can cause sporadic failures in acceptance tests that,
apparently, work as expected.

Using a "named_exact" Mink selector instead of the "named" Mink selector
does not provide the desired behaviour in most cases either. As it finds
any element whose content matches exactly the given content, looking for
"Hello world" in "<div><p><a>Hello world</a></p></div>" would match the
"div", "p" and "a" elements; in that situation the "div" element would
be the one returned, when typically the "a" element would be the
expected one.

As it is error prone and easily replaceable by more robust locators the
"content" locator was removed from the predefined ones (although it can
still be used if needed through the "customSelector" method in the
builder object).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:25 +02:00
Christoph Wurst b13c741cb3
Do not show an email action for contacts with emtpy email addresses
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:12:04 +02:00
Robin Appelman 2847e9f2e3
fix preview tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-02 13:43:48 +02:00
Roeland Jago Douma ae7c1504a9
Fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 11:38:21 +02:00
Roeland Jago Douma 762284ce93
Fix and update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 08:59:53 +02:00
Lukas Reschke dd03fdebec
Add missing space
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 20:36:25 +02:00
Lukas Reschke a5ccb31e85
Mark IP as whitelisted if brute force protection is disabled
Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling.

This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 18:31:45 +02:00