Lukas Reschke
4971015544
Add code integrity check
...
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.
Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.
Code signing basically happens the following way:
- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉 ). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`, apps need to be signed with a certificate that either has a CN of `core` (shipped apps!) or the AppID.
- The command generates a signature.json file of the following format:
```json
{
"hashes": {
"/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
"/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
},
"certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
"signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.
Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates
**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:
```
➜ master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```
Then increase the version and you should see something like the following:
![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png )
As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.
For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller
08248f66ba
Merge pull request #20650 from owncloud/systemtags-core
...
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Joas Schilling
b8b0ae0944
Fix phpstorm complains in tests
2015-11-30 13:36:22 +01:00
Thomas Müller
b94aadc440
Cleanup imports and type hinting
2015-11-30 12:45:30 +01:00
Lukas Reschke
f4eb15d340
Show error template
...
Otherwise this leads to an endless redirection in case of a CSRF exception. Also sets user expectation right.
2015-11-30 11:25:52 +01:00
Thomas Müller
dddfa6de78
Don't break app on travis
2015-11-30 10:55:13 +01:00
Thomas Müller
318e5e2864
More group DB
2015-11-30 10:55:13 +01:00
Thomas Müller
f9fc254672
Add DB group to some files_external tests
...
Adding group Db to federation tests and ldap tests
Add group DB to Test_UrlGenerator
Adding group DB to trashbin and versions tests
Adding group DB to Test_Util_CheckServer for pg
2015-11-30 10:55:10 +01:00
Thomas Müller
757aa45db7
Adding more DB groups to test suits
...
Adding more DB groups to test suits
2015-11-30 10:55:06 +01:00
Thomas Müller
56170dd825
Further unit test suite tweats
2015-11-30 10:55:05 +01:00
Thomas Müller
1480964768
Adding more test suites to group DB
2015-11-30 10:55:05 +01:00
Thomas Müller
7e71d8231e
Mock DIContainer to not hit the database
2015-11-30 10:55:05 +01:00
Thomas Müller
3bb6dcea64
Apply DB group annotation ...
2015-11-30 10:55:05 +01:00
Thomas Müller
03ee3b9aec
A TestCase which is not annotated to be in group DB will not allow access to the database connection.
...
This is necessary to categorize unit test and avoid duplicate test case execution - it also allows us to closely review unit test implementations to identify unnecessary db calls.
2015-11-30 10:55:05 +01:00
Joas Schilling
24d5ce9a58
Add phpunit group for tests
2015-11-30 10:25:53 +01:00
Thomas Müller
9c1dbaf0ad
Merge pull request #20788 from owncloud/catch-missing-route
...
Dont die when we're missing a route
2015-11-30 10:11:12 +01:00
Robin Appelman
4c4331982c
Merge pull request #20789 from owncloud/scanner-skip-not-available
...
Skip unavailable storages in scanner
2015-11-27 22:57:47 +01:00
Vincent Petry
b666367a79
Added system tags data structure and PHP side managers
...
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Robin Appelman
aa822f76e2
fix tests
2015-11-27 17:05:58 +01:00
Robin Appelman
ae71f80f4a
Skip unavailable storages in scanner
2015-11-27 14:02:50 +01:00
Mitar
e0e51fd79f
Added tests.
2015-11-27 02:45:49 -08:00
Thomas Müller
8fe878afe9
Merge pull request #20602 from owncloud/fix-installed-apps
...
Always installed apps includes the hardcoded ones from shipped.json
2015-11-26 16:50:05 +01:00
Thomas Müller
80c43ffc6c
Merge pull request #20702 from owncloud/move-user-principal-into-subfolder
...
Users are available under it's own principal resource named 'principa…
2015-11-26 16:49:49 +01:00
Thomas Müller
19d5059109
Merge pull request #20393 from owncloud/querybuilder-select-with-alias
...
Add a method to select a field or value with alias
2015-11-26 16:19:20 +01:00
Thomas Müller
3882cc8ef3
Merge pull request #20744 from owncloud/oc_helper-getMimeType-cleanup
...
Remove last occurences of OC_Helper::getMimeType()
2015-11-26 12:37:25 +01:00
Thomas Müller
5a33390a69
Merge pull request #20731 from owncloud/per-storage-updater
...
Make Cache\Updater per storage
2015-11-26 12:01:44 +01:00
Morris Jobke
4fcab98694
Remove unused internal methods
...
* removes OC_Helper::mb_substr_replace and OC_Helper::mb_str_replace
* keeps public interface wrapper working as expected
2015-11-26 10:25:43 +01:00
Morris Jobke
9318606faf
Remove last occurences of OC_Helper::getMimeType()
...
* ref #4774
2015-11-26 10:18:32 +01:00
Thomas Müller
b799e42b4e
Introduce \OCP\IUser::getEMailAddress()
2015-11-25 22:23:34 +01:00
Thomas Müller
9ec2f8886e
Merge pull request #20691 from owncloud/share2.0_di_fixes
...
[Sharing 2.0] di fixes
2015-11-25 15:25:50 +01:00
Robin Appelman
b025f07fb7
Make Cache\Updater per storage
2015-11-25 14:16:00 +01:00
Thomas Müller
50f6817ce9
Merge pull request #20439 from owncloud/etag-propagate-in-storage
...
Take submount etag into account for folder etags
2015-11-25 12:49:54 +01:00
Roeland Jago Douma
a2b8483779
[Sharing 2.0] Default share provider only generic DI
...
No injection of userfolders etc. Only generic DI components
(IRootFolder) etc should be used to make sure we can also run this from
the cli
2015-11-24 10:26:36 +01:00
Roeland Jago Douma
aeae73b364
[Sharing 2.0] Removed unused DI stuff
...
The share manager etc should not care about filtering stuff. They should
return what is asked for them.
2015-11-24 10:26:36 +01:00
Joas Schilling
018bd3ee24
Make sure that object id can be a string
2015-11-23 14:18:15 +01:00
Thomas Müller
df906f475b
Merge pull request #20617 from owncloud/fix-usage-of-lastInsertId
...
lastInsertId() is properly working with Oracle if the table name is p…
2015-11-23 13:29:08 +01:00
Thomas Müller
240cc1c4ea
Merge pull request #20543 from owncloud/share2.0_fix_hooks
...
Move hook and delete children logic to share manager
2015-11-23 13:28:49 +01:00
Joas Schilling
1c7d7288c4
Add a method to select a field or value with alias
2015-11-23 13:28:31 +01:00
Thomas Müller
f85282c90a
Merge pull request #20577 from owncloud/notifications-datetime-timestamp
...
Use a DateTime object instead of a timestamp
2015-11-23 13:14:45 +01:00
Morris Jobke
bc69cb2de3
fix unit tests
2015-11-23 13:13:26 +01:00
Roeland Jago Douma
1360e22d7c
[Sharing 2.0] Move hook and delete children logic to share manager
...
To make sure hooks are always fired and child entries are always
cleaned. This logic is moved to the share manager.
* Updated unit tests
2015-11-23 12:28:54 +01:00
Thomas Müller
9f69021691
lastInsertId() is properly working with Oracle if the table name is properly passed in
2015-11-23 11:44:08 +01:00
Joas Schilling
a370c29068
Use a DateTime object instead of a timestamp
2015-11-23 11:41:48 +01:00
Morris Jobke
32ab973254
add unit tests for OC_Util::add* methods
2015-11-23 11:03:09 +01:00
Thomas Müller
bf672d7e51
Merge pull request #20222 from owncloud/federated_sharing_auto_complete
...
federated sharing auto-complete, first step
2015-11-23 10:42:14 +01:00
Thomas Müller
79bbda994b
Merge pull request #16902 from owncloud/jsocclient
...
Web UI uses Webdav instead of ajax/* calls
2015-11-23 09:38:01 +01:00
Thomas Müller
358858c9e3
Fix undefined HTTP_USER_AGENT
2015-11-22 16:05:50 +01:00
Vincent Petry
f120846e29
Added OC.Files.Client Webdav-based files client
2015-11-22 16:05:49 +01:00
Roeland Jago Douma
0265bcfdae
Moved changedisplayname to usercontroller
...
Killed the old static route to change a users display name and moved it
to a properly testable controller.
2015-11-20 16:05:43 +01:00
Vincent Petry
5b9a693fbc
Added some unit tests for the status manager
2015-11-20 16:00:16 +01:00
Thomas Müller
427d107b9f
Merge pull request #20614 from owncloud/use-mocks-when-testing-isSharingDisabledForUser
...
Use mocks when testing isSharingDisabledForUser
2015-11-20 15:22:52 +01:00
Björn Schießle
ed039ee5eb
added app "federation", allows you to connect ownClouds and exchange user lists
2015-11-19 18:06:38 +01:00
Thomas Müller
c565a7b042
Fix failing unit test 💀
2015-11-19 16:44:43 +01:00
Thomas Müller
9ec2850c78
Use mocks when testing isSharingDisabledForUser
2015-11-19 15:36:16 +01:00
Robin Appelman
a95d4c2b22
update tests
2015-11-19 13:32:04 +01:00
Robin Appelman
888df3933d
take the etag of child mounts into account for the folder etag
...
this replaces shared etag propagation
2015-11-19 13:32:00 +01:00
Joas Schilling
0b8335ff2f
Make the JobList test more robust by sorting the result of getAll before comparison
2015-11-19 09:25:34 +01:00
Thomas Müller
8db9c49cda
Merge pull request #20551 from owncloud/notification-fix-tests
...
Notification - Add tests for the "return $this" and fix it on the new method
2015-11-18 09:12:27 +01:00
Thomas Müller
74ce6d29e1
Merge pull request #20544 from owncloud/move-index-to-appframework
...
Move index.php from files to AppFramework
2015-11-17 12:49:38 +01:00
Joas Schilling
2fde6a77d7
Add tests for the "return $this" and fix it on the new method
2015-11-17 09:26:13 +01:00
Thomas Müller
705d208a8a
Merge pull request #20539 from owncloud/notification-api-adjustment
...
Notification api update
2015-11-17 08:39:06 +01:00
Lukas Reschke
daa388ce8d
Move index.php from files to AppFramework
...
1. Allows it to use the more secure CSP rules of the AppFramework.
2. Adds some unit tests.
2015-11-16 21:10:11 +01:00
Joas Schilling
40d5d55124
Remove the icon for now
2015-11-16 16:17:23 +01:00
Joas Schilling
1666af89c2
Add "is primary action" to actions
2015-11-16 16:14:52 +01:00
Roeland Jago Douma
1e9fc33212
[Share2.0] OCS Share API getShare uses new code
2015-11-16 13:32:28 +01:00
Roeland Jago Douma
fee6847f48
[Avatar] No need to setup FS for avatar tests
2015-11-14 14:52:51 +01:00
Christian Schnidrig
d0464bf772
enable microseconds in log timestamps
2015-11-12 10:33:20 +01:00
Robin Appelman
20cad09f7f
Add tests for FileInfo owner
2015-11-10 11:06:48 +01:00
Robin Appelman
960c8cb5bc
Merge pull request #16604 from owncloud/cache-escape-like
...
escape like parameter in cache operations
2015-11-10 09:45:00 +01:00
Roeland Jago Douma
87e3402ef5
Fix autoloader unit test output
...
Removed leftover print statement
2015-11-09 15:54:40 +01:00
Roeland Jago Douma
0bb5eadf89
[autoloader] Make sure to load construct full paths
...
This reduces a lot of the autoloader magic and makes sure that we
generate full paths in the autoloader.
2015-11-06 13:36:19 +01:00
Thomas Müller
cc4f4f222d
Merge pull request #20348 from owncloud/issue-20303-integer-group-names
...
Make sure that group names are strings not integers
2015-11-06 11:48:40 +01:00
Thomas Müller
8047597a81
Merge pull request #20288 from owncloud/fix_20234
...
make sure that we update the unencrypted size for the versions
2015-11-06 11:17:17 +01:00
Joas Schilling
292dc553c3
Make sure that group names are strings not integers
2015-11-06 10:40:09 +01:00
Robin Appelman
556fabf15d
Add test for special character during move
2015-11-05 16:29:38 +01:00
Roeland Jago Douma
532b8a1ad0
Fix oracle
2015-11-05 15:59:09 +01:00
Roeland Jago Douma
0be05fdddd
Add unshare hooks
2015-11-05 15:59:09 +01:00
Roeland Jago Douma
6624fa212a
The new sharing code now handles deletion
...
OCS -> ShareManager -> DefaultShareProvider
2015-11-05 15:59:09 +01:00
Arthur Schiwon
51ead4e59b
subadmin methods should not return any null user or group
2015-11-05 11:50:57 +01:00
Björn Schießle
6d0a324144
make sure that we update the unencrypted size for the versions
2015-11-04 10:59:05 +01:00
Thomas Müller
b162761124
Merge pull request #20157 from owncloud/users-fixeveryonecount
...
Fix everyone count for subadmins
2015-11-04 10:28:56 +01:00
Morris Jobke
a91572b7f3
Use proper statement to retrieve the IP of an docker instance
2015-10-30 09:28:33 +01:00
Vincent Petry
781bca2437
Fix everyone count for subadmins
...
Also moved the logic to the UsersController
2015-10-29 17:41:49 +01:00
Thomas Müller
73d9699be9
Merge pull request #20135 from owncloud/check-if-null-subadmin
...
Drop OC_SubAdmin and replace usages
2015-10-29 17:07:45 +01:00
Thomas Müller
b840fc7c58
Merge pull request #20134 from owncloud/pass-with-skipping
...
Make Travis CI pass when DAV was not touched
2015-10-29 14:14:36 +01:00
Thomas Müller
530f7229e7
Merge pull request #19869 from owncloud/cache-adjustcurrentmtimeonrename
...
On rename, also refresh storage_mtime of the target file
2015-10-29 11:57:00 +01:00
Lukas Reschke
c6f6a8758b
Drop OC_SubAdmin and replace usages
2015-10-29 11:31:18 +01:00
Joas Schilling
9d35cacfda
Make Travis CI pass when DAV was not touched
2015-10-29 10:14:45 +01:00
Joas Schilling
6043f0afdb
Use the method
2015-10-29 09:26:26 +01:00
Joas Schilling
e5a7e3124a
Add a repair step that checks for group membership on shares
2015-10-29 09:26:26 +01:00
Joas Schilling
ca2fd30073
Remove shares where the parent does not exist anymore
2015-10-29 09:26:26 +01:00
Thomas Müller
09fff15021
run litmus scripts only if code in the dav app did change changed
2015-10-28 09:59:09 +01:00
Thomas Müller
b753e7631b
Enable DAV app testing on travis
2015-10-27 23:00:04 +01:00
Joas Schilling
e19c49295a
Use speaking ids
2015-10-26 16:15:15 +01:00
Joas Schilling
a9a6d4c182
Stay on the same category when refreshing the page on the apps list
2015-10-26 16:15:14 +01:00
Vincent Petry
f355d4e51a
Fix locking unit tests due to filemtime addition
2015-10-26 15:41:23 +01:00
Vincent Petry
b900782513
Also adjust storage_mtime of target after rename
...
Some storages like Dropbox change their mtime on rename...
2015-10-26 15:41:23 +01:00
Lukas Reschke
13e817e901
Throw exception on `getPath` if file does not exist
...
Currently the `getPath` methods returned `NULL` in case when a file with the specified ID does not exist. This however mandates that developers are checking for the `NULL` case and if they do not the door for bugs with all kind of impact is widely opened.
This is especially harmful if used in context with Views where the final result is limited based on the result of `getPath`, if `getPath` returns `NULL` PHP type juggles this to an empty string resulting in all possible kind of bugs.
While one could argue that this is a misusage of the API the fact is that it is very often misused and an exception will trigger an immediate stop of execution as well as log this behaviour and show a pretty error page.
I also adjusted some usages where I believe that we need to catch these errors, in most cases this is though simply an error that should hard-fail.
2015-10-25 17:58:21 +01:00
Lukas Reschke
8133d46620
Remove dependency on ICrypto + use XOR
2015-10-21 17:33:41 +02:00
Roeland Jago Douma
02af4269f2
Fix unit test
...
Now that OC_SubAdmin is just a wrapper around OC\SubAdmin some unit
tests had to be fixed because they expected different behaviour.
Eventually they should move to properly mocked instances of OC\SubAdmin
of course
2015-10-21 11:41:25 +02:00
Roeland Jago Douma
0e9ab13943
New \OC\SubAdmin class
...
* DI
* Tests
* moved OC_SubAdmin to legacy
* Added to private OC\GroupManager
2015-10-21 11:32:38 +02:00
Thomas Müller
cf9b8fc182
Merge pull request #18184 from owncloud/ocs-merge-headers
...
Merge headers of ocs results
2015-10-21 10:36:37 +02:00
Jörn Friedrich Dreyer
2895c91291
Merge pull request #17641 from owncloud/fix_objectstore_rename
...
don't move files in cache twice, fixes renaming for objectstores
2015-10-19 17:18:57 +02:00
Jörn Friedrich Dreyer
c530c9c322
Merge pull request #19864 from owncloud/fix-objectstore-btrfs-host
...
skip btrfs hack for objectstore docker container on btrfs host
2015-10-19 16:49:35 +02:00
Robin Appelman
9c5337ca3e
Merge pull request #19833 from owncloud/fix_view_rmdir
...
Removemount expects absolutePath
2015-10-19 16:22:42 +02:00
Morris Jobke
6d3a9bf03a
skip btrfs hack for objectstore docker container on btrfs host
2015-10-19 10:32:51 +02:00
Thomas Müller
de55f6afbf
Fix error in stop script
2015-10-16 21:54:09 +02:00
Robin Appelman
ef179331bb
Add tests for double cache rename
2015-10-16 21:41:51 +02:00
Robin Appelman
a87368acb9
Skip checkupdate test for swift
2015-10-16 21:41:51 +02:00
Roeland Jago Douma
8fdb12f8fb
Check for error when resharing
2015-10-16 20:43:17 +02:00
Roeland Jago Douma
9e86d71cc5
When sharing with the owner show the path
...
The error message should contain the path that is being shared not the
numeric id.
2015-10-16 20:43:17 +02:00
Roeland Jago Douma
d8798877df
Added test for rmdir on moveablemount
2015-10-16 16:51:44 +02:00
Thomas Müller
8fa59033ac
Fix uni tests
2015-10-16 13:17:12 +02:00
Thomas Müller
f2889dc6e4
Consolidate webdav code - move all to one app
2015-10-16 13:17:12 +02:00
Lukas Reschke
e0d6bd5b6d
Run test only when idn is available
...
IDN is not installed on all machines making the unit test execution fail on those without. Let's make IDN thus a pre-requirement for the text execution.
2015-10-16 11:02:10 +02:00
Joas Schilling
d904a09a04
The constant is now deprecated
2015-10-14 15:29:38 +02:00
Thomas Müller
28d6da8158
Merge pull request #19738 from owncloud/proppatch-lastmodified
...
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
2015-10-14 12:49:33 +02:00
Thomas Müller
bfac6c5eb7
Merge pull request #19730 from owncloud/fix_17560
...
Squash collection shares
2015-10-14 12:38:16 +02:00
Lukas Reschke
5d53fb4bc8
Reference v2 in the provider list
2015-10-13 16:45:16 +02:00
Lukas Reschke
abdbf10ebc
Do not print exception message
...
In case of an error the error message often contains sensitive data such as the full path which potentially leads to a full path disclosure.
Thus the error message should not directly get displayed to the user and instead be logged.
2015-10-13 14:12:10 +02:00
Vincent Petry
02513f8d04
Fix mtime PROPPATCH to be "lastmodified" instead of "getlastmodified"
...
Fix regression that makes PROPPATCH of mtime work like it did in OC <=
8.0.
The PROPPATCH must be done on the "lastmodified" property.
The "getlastmodified" now return 403 again.
2015-10-13 12:51:21 +02:00
Thomas Müller
3891cd9068
Merge pull request #19677 from owncloud/silently-fail-app-upgrade-exceptions-master
...
Silently fail app upgrade exceptions
2015-10-13 11:04:02 +02:00
Roeland Jago Douma
06aaa059d1
Squash collection shares
...
If folder1 is shared to user2 and user3. And folder1/folder2 is shared
to user4 and user5 then getting all the users with access to
folder1/folder2 should only list user2 and user 3 once.
Previously this was done twice since we request the info two times.
This fix makes sure that we only append unique results to the array.
* Added test
2015-10-13 10:05:49 +02:00
Lukas Reschke
e03f0542e4
Strip directory from scriptName
...
`\OCP\IRequest::getScriptName` will also return the directory, so if ownCloud is installed in a subfolder such as `owncloud/` it will resolve to `/owncloud/ocs/v2.php`. This made this check fail and also made it return invalid status codes.
2015-10-12 23:39:16 +02:00
Thomas Müller
64a8d01694
Merge pull request #19683 from owncloud/repair-donotrepairfoldermimetypes
...
Do not update mime types for folders with extension
2015-10-12 15:08:19 +02:00
Bjoern Schiessle
8185eaa6dd
also detect files in a .part folder as part file
2015-10-12 13:59:16 +02:00
Thomas Müller
0036c637fc
Merge pull request #19657 from owncloud/setup-transport
...
Setup sendmail transport
2015-10-12 13:44:26 +02:00
Vincent Petry
8098c06e70
Do not update mime types for folders with extension
...
Some folders might have an extension like "test.conf".
This fix prevents to overwrite the folder's mime type with another mime
type while running the mimetype repair step.
2015-10-09 18:16:36 +02:00
Thomas Müller
4cb5970947
Always pass in ILogger
2015-10-09 14:08:22 +02:00
Jörn Friedrich Dreyer
c8640cdcb0
adjust filesystem tests to objectstore
2015-10-09 12:35:37 +02:00
Thomas Müller
020bb33150
Merge pull request #19034 from owncloud/http-request-warning
...
Prevent warning decoding content
2015-10-08 21:51:47 +02:00
Lukas Reschke
12181aa6de
Don't perform checks for outdated TLS libs when no internet connection
...
This change makes the check return a positive result when:
- The instance has been configured to not use the internet
AND/OR
- S2S AND the appstore is disabled
2015-10-08 18:26:03 +02:00
Lukas Reschke
18394205c2
Setup sendmail transport
...
Replaces https://github.com/owncloud/core/pull/19047 and fixes https://github.com/owncloud/enterprise/issues/854 and https://github.com/owncloud/core/issues/19110
2015-10-08 16:48:18 +02:00
Thomas Müller
17ffa4a244
Merge pull request #19414 from owncloud/swift_primary_storage_tests
...
Swift primary storage tests
2015-10-08 14:08:56 +02:00
Thomas Müller
2fda4e38e2
Merge pull request #19546 from owncloud/fix-search-for-node-api
...
Fix search operations for the Node API
2015-10-08 13:17:26 +02:00
Roeland Jago Douma
1ee56c702d
[WEBDAV] check if delete of source is allowed on move
...
Fixes #5251
If we perform a move we need to make sure first that the source can be
deleted. Else the dest might be cleared but the move will fail later.
* Added unit tests
Eventually we need more and better checking here.
2015-10-07 11:58:16 +02:00
Jörn Friedrich Dreyer
5646e39248
test objectstore with ceph docker
...
use default config for swift primary storage test config
allow testsuite to complete
fix timeout, script cleanup, enable debug for now
use btrfs loopback device, requires privileged container and absolute path
throw exception when storage has problems
debug by echo ...
sleep more, more debug
2015-10-06 16:27:25 +02:00
Robin Appelman
e28a2ff888
Add unit test for searching in storage root
2015-10-06 15:54:17 +02:00
Lukas Reschke
80a232da6a
Add \OCP\IRequest::getHttpProtocol
...
Only allow valid HTTP protocols.
Ref https://github.com/owncloud/core/pull/19537#discussion_r41252333 + https://github.com/owncloud/security-tracker/issues/119
2015-10-06 14:18:46 +02:00
Thomas Müller
da640adf68
Merge pull request #19577 from owncloud/share-donotreturnentrieswhenusernotingroup
...
Remove invalid share items from result when missing group membership
2015-10-06 09:24:22 +02:00
Thomas Müller
822e8fbfe1
Merge pull request #19535 from owncloud/check-memcache-module
...
[admin] check for correct PHP memcached module
2015-10-06 09:24:03 +02:00
Morris Jobke
b519965408
[admin] check for correct PHP memcached module
2015-10-06 08:51:47 +02:00
Vincent Petry
1c7244c120
Remove invalid share items from result when missing group membership
...
Group shares usually have subshare entries for every user. In some
situations it can happen that the user was removed from the group but
the subshare entries still exist.
This fix makes sure that such subshare entries are not returned any more
as the user isn't in the group any more.
2015-10-05 17:21:34 +02:00
Joas Schilling
ac5b3161e4
Add a unit test for "share a file inside a folder that is already shared"
2015-10-05 12:36:16 +02:00
Thomas Müller
34951efed6
Merge pull request #19574 from owncloud/fix-sharing-tests-assuming-empty-share-table
...
Clear the shares after the test like storages and files
2015-10-05 11:00:34 +02:00
Thomas Müller
56c35da8d5
Merge pull request #19416 from owncloud/node-hook-connector
...
pass view hooks trough to the node hooks
2015-10-05 10:25:04 +02:00
Joas Schilling
42b29e39c1
Clear the shares after the test like storages and files
2015-10-05 10:13:45 +02:00
Thomas Müller
ff89824135
Merge pull request #19272 from owncloud/mimetypes-enhanced
...
Introduce a few new mimetypes for code, fix recursive mimetype aliases
2015-10-02 17:50:34 +02:00
Robin Appelman
8bdffb5ed3
Merge pull request #19525 from owncloud/share-preventmovemountpointintosharedfolder
...
Prevent moving mount point into already shared folder (outgoing)
2015-10-02 16:50:38 +02:00
Vincent Petry
64ca00925b
Prevent moving mount point into already shared folder (outgoing)
...
It is already not allowed to share a folder containing mount points /
incoming shares.
This fixes an issue that made it possible to bypass the check by moving
the incoming share mount point into an existing outgoing share folder.
2015-10-02 16:14:42 +02:00
Roeland Jago Douma
c80dd82fe4
Added mimetype repair step
...
* Version number increased
2015-10-02 16:06:56 +02:00
Morris Jobke
6b53f7c40e
[l10n] remove unused static methods
2015-10-02 12:51:45 +02:00
Thomas Müller
8944cb539e
Merge pull request #19510 from owncloud/json-grouplist-sharing-exclude
...
save excluded groups in json format
2015-10-02 12:14:36 +02:00
Thomas Müller
b6591084a1
Merge pull request #19463 from owncloud/fix_18132
...
encryption: versions should always use the keys of the original file, no need to …
2015-10-01 16:56:28 +02:00
Thomas Müller
b2dd5cb616
save excluded groups in json format - fixes #10983
2015-10-01 15:37:55 +02:00
Robin Appelman
1c3e28a73b
Add tests
2015-10-01 13:17:22 +02:00
Bjoern Schiessle
e7232a848b
versions should always use the keys of the original file, no need to create new one
2015-10-01 10:10:19 +02:00
Joas Schilling
8f2600a0ea
Also delete all shares before the test, so the count matches
2015-10-01 08:32:24 +02:00
Vincent Petry
6e104bc933
Repair step to remove bogus expiration dates from non-link shares
2015-10-01 08:27:12 +02:00
Thomas Müller
ff75652cb7
Merge pull request #19299 from owncloud/fixgetRawPathInfo
...
Fix get raw path info, always return a string
2015-09-30 22:17:02 +02:00
Thomas Müller
1d8c10cf63
Merge pull request #19468 from owncloud/fix-36-vs-32-previews
...
Change small thumbnails to 32 px
2015-09-30 15:47:34 +02:00
Thomas Müller
10978a7a61
Merge pull request #19373 from owncloud/sidebar-preview-cover
...
Cover both width and height for the sidebar preview
2015-09-30 11:07:18 +02:00
Morris Jobke
1051a3c6f5
Change small thumbnails to 32 px
...
* fixes #16913
* fixes issues in IE8 where the thumbnail is too big
2015-09-30 10:49:48 +02:00
Individual IT Services
fbe43e6a26
cache result of \OCP\Util::needUpgrade()
...
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement
move caching to \OCP\Util::needUpgrade
renaming variable
fixing testNeedUpgradeCore()
cache result of checkUpgrade() in self::$needUpgrade
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement
move caching to \OCP\Util::needUpgrade
renaming variable
fixing testNeedUpgradeCore()
fix typo in variable name
deleting tabs
2015-09-29 15:34:42 +02:00
Lukas Reschke
e735a9915c
Add blob: scheme to default CSP policy
...
Fixes https://github.com/owncloud/core/issues/19438
2015-09-29 14:27:35 +02:00
Robin Appelman
f41a38ba15
Cover both width and height for the sidebar preview
2015-09-29 13:07:03 +02:00
Robin Appelman
e21a025887
remove unused use
2015-09-28 17:20:44 +02:00
Robin Appelman
1e5a41f008
Add hook connector to connect view and node hooks
2015-09-28 17:18:40 +02:00
Thomas Müller
d68079f932
Merge pull request #18548 from owncloud/repair-mimetype-limitversion
...
Repair mime types only when upgrading from OC 8.0
2015-09-28 12:56:36 +02:00
Robin Appelman
b50d1aae56
rename config test to prevent autoloader issue
2015-09-28 10:47:49 +02:00
Thomas Müller
0aaece7de7
Merge pull request #19346 from owncloud/drop-passwords-from-exception-log
...
Remove passwords from logged exception stack traces
2015-09-25 20:04:01 +02:00
Thomas Müller
8f2a14c5d6
Merge pull request #19297 from owncloud/fix_19119
...
Do not blindy copy expiration date on reshare
2015-09-25 14:36:07 +02:00
Roeland Jago Douma
9a373cb5bb
Do not blindy copy expiration date on reshare
...
If a file/folder is reshared we should not blindly copy the expiration
date of the parent share. User/Group shares do not have expiration dates
currently, and thus this is always set to null.
Fixes #19119
* Added testcase
2015-09-25 13:06:05 +02:00
Joas Schilling
faba02564a
Move the filtering of sensitive data to the config class
2015-09-25 11:08:33 +02:00
Morris Jobke
db8e7ce8b9
Remove passwords from logged exception stack traces
...
* fixed #16318
* create logException in ILogger
* add unit tests
2015-09-24 20:01:30 +02:00
Thomas Müller
ebdd6d96ce
Merge pull request #19306 from owncloud/app-code-check-version
...
[App Code Check] add check for version and mandatory fields
2015-09-24 17:38:48 +02:00
Thomas Müller
bf4c144c6f
Merge pull request #19335 from owncloud/phil-davis-view-typos
...
Comment typos in tests/lib/files/view.php
2015-09-24 14:54:21 +02:00
Bjoern Schiessle
d697ea58a4
only check if the user exists if a user was added as parameter
2015-09-24 12:21:40 +02:00
Morris Jobke
9b652ed5d5
[App Code Check] add check for version and mandatory fields
...
* ref #17598
* including unit tests for mandatory fields/versions
2015-09-24 11:58:12 +02:00
Thomas Müller
330ea18996
Merge pull request #19303 from owncloud/usecorrectvariable
...
Use correct variable
2015-09-24 11:34:19 +02:00
Phil Davis
9f9bdd8f90
Comment typos in tests/lib/files/view.php
...
Correct a comment typo just introduced at line 892, plus another and some white space at EOL.
2015-09-24 15:01:45 +05:45
Thomas Müller
11974477bd
Merge pull request #19326 from owncloud/issue-19314-querybuilder-set-null
...
Allow `set('column', 'null')` to work like in Doctrine's QueryBuilder
2015-09-24 10:57:49 +02:00
Thomas Müller
df75c17e52
Merge pull request #16479 from owncloud/core-fixgetrelativepathwrongmatches
...
Prevent wrong matches in getRelativePath
2015-09-24 10:25:00 +02:00
Joas Schilling
70572c1e3c
Allow `set('column', 'null')` to work like in Doctrine
2015-09-24 09:53:09 +02:00
Jörn Friedrich Dreyer
17ef187681
add is* storage tests
2015-09-23 23:41:39 +02:00
Robin McCorkell
ebe9bea709
Unit test for preventing warning decoding content
2015-09-23 14:16:41 +01:00
Jörn Friedrich Dreyer
ca8d589f27
use assertSame, add failing case
2015-09-23 12:31:45 +02:00
Thomas Müller
bcdb3c26da
Merge pull request #19236 from owncloud/call_dot_directories_function
...
Replaces if ($file === '.' || $file === '..') by public function call isIgnoredDir
2015-09-23 11:34:23 +02:00
Thomas Müller
ad71d92acf
Merge pull request #19247 from owncloud/fix_locking_copy_operation
...
locking: handle exceptions correctly during copy operation
2015-09-23 11:28:27 +02:00
Vincent Petry
0bda4d54c5
Repair mime types only when upgrading from OC 8.0
2015-09-23 10:51:37 +02:00
Martin
491250320a
Replaces if ($file === '.' || $file === '..') by if(\OC\Files\Filesystem::isIgnoredDir($file)). Eases to find where this operation is used.
2015-09-22 17:53:15 +02:00
Lukas Reschke
63b2bc136a
Move mimetype files into /resources/config/
2015-09-22 16:43:28 +02:00
Joas Schilling
d26c49b995
Add more tests for relativePath
2015-09-22 11:34:37 +02:00
Vincent Petry
b9cd5bc1dc
Prevent wrong matches in getRelativePath
...
Before this fix, the root "/files" with path "/files_trashbin" would
return "_trashbin" as relative path...
2015-09-22 11:34:37 +02:00
Bjoern Schiessle
17a64360e5
catch excexptions during the copy operation and make sure that we free the lock correctly
2015-09-22 11:32:10 +02:00
Lukas Reschke
36ce254ffd
Move dummy backend to Tests namespace
2015-09-22 11:01:11 +02:00
Thomas Müller
d8901cf7cd
Merge pull request #19221 from owncloud/improved_error_messages
...
decrypt-all: improved error message if user doesn't exists
2015-09-21 16:06:43 +02:00
Robin Appelman
b520a1e520
Merge pull request #19081 from owncloud/prevent0bytedownloads
...
prevent 0 byte downloads when storage returns false
2015-09-21 13:50:35 +02:00
Bjoern Schiessle
d2e90b6050
improved error message if user doesn't exists
2015-09-21 13:19:35 +02:00
Thomas Müller
2c8eaacec7
Merge headers of ocs results
2015-09-21 11:54:46 +02:00
Thomas Müller
d2e701d74f
Merge pull request #19148 from owncloud/issue-19113-stop-setting-single-user-in-constructor
...
Do not set single user in constructor of encryption occ commands
2015-09-21 09:58:38 +02:00
Thomas Müller
bbf128f1b2
Merge pull request #19098 from owncloud/db-lock-no-transaction
...
Remove the need for the transaction in the database locking backend
2015-09-18 17:02:18 +02:00
Thomas Müller
d62cffbc9a
Merge pull request #18901 from owncloud/encryption-dav-tests
...
Add tests for doing dav requests with encryption enabled
2015-09-18 14:54:06 +02:00
Lukas Reschke
947e3d7ab5
Add repair step for outdated OCS IDs
...
There is the case where OCs IDs might become outdated such as it has been with the calendar and contacts app which refer to the old dummy entry. This means that users with the old OCS id can't update updates as well will receive invalid state flags. (e.g. "experimental" instead of "approved")
To allow instances to properly update the applications in the future we need to migrate the OCS IDs for now manually.
2015-09-18 13:27:26 +02:00
Thomas Müller
3ca61db63b
Merge pull request #19017 from owncloud/dav-download-tests
...
Add tests for downloading files over dav
2015-09-18 11:57:28 +02:00
Robin Appelman
485ea316a1
reuse the same datadir
2015-09-18 11:55:15 +02:00
Robin Appelman
dc870cb450
Add tests for doing dav requests with encryption enabled
2015-09-18 11:55:15 +02:00
Robin Appelman
a3d734f6cd
Add trait to enable encryption for a unit test
2015-09-18 11:55:15 +02:00
Robin Appelman
e3e78f809d
create new mounts every time the mount provider is called
...
important for storage wrappers
2015-09-18 11:55:15 +02:00
Robin Appelman
5247a0685d
clear up tests a bit
2015-09-18 11:55:15 +02:00
Joas Schilling
2f102c1f0d
Do not set single user in constructor
2015-09-18 08:55:59 +02:00
Joas Schilling
5eddde6486
Add a Sabre plugin that emits an event for apps
2015-09-17 13:59:27 +02:00
Robin Appelman
05fddec022
expire old lock rows
2015-09-17 13:55:04 +02:00
Robin Appelman
2839ef3439
add unit test
2015-09-17 11:16:00 +02:00
Joas Schilling
82eb3f8027
Fix the singleuser config casing in new encryption code
2015-09-17 08:48:25 +02:00
Robin Appelman
3cf4fc02f9
fix tests with empty response body
2015-09-16 15:27:22 +02:00
Robin Appelman
953b64f3f2
Add tests for downloading files over dav
2015-09-16 12:59:15 +02:00
Vincent Petry
886f1ed660
Update JS unit tests for share dialog (WIP)
2015-09-16 07:23:29 +02:00
Thomas Müller
f6f7d8cf94
Merge pull request #18938 from owncloud/occ_decrypt_all2
...
occ script to disable encryption and to decrypt all files again
2015-09-16 00:11:41 +02:00
Thomas Müller
ac1239220d
Merge pull request #19052 from owncloud/revert-14856-remote_avatars
...
Revert "Allow Remote avatars"
2015-09-16 00:10:00 +02:00
Bjoern Schiessle
9bd4f2d41e
occ script to disable encryption and to decrypt all files again
2015-09-15 22:39:44 +02:00
Robin Appelman
9883d5b85d
Merge pull request #18915 from owncloud/node-getfoldercontents-use-view-logic
...
Use the view logic for getFolderContent for the node api
2015-09-15 18:04:01 +02:00
Thomas Müller
a446b43bcc
Revert "Allow Remote avatars"
2015-09-15 16:52:12 +02:00
Robin Appelman
9202d2f45a
fix chunking tests
2015-09-14 20:35:33 +02:00
Robin Appelman
80f054ddd3
also verify cache in dav upload tests
2015-09-14 20:35:33 +02:00
Robin Appelman
17b671ee25
adjust tests to handle before/after locking
2015-09-14 20:35:33 +02:00
Joas Schilling
2d0f0e898d
Only check the "was updated/inserted" when not on Oracle...
2015-09-14 15:27:06 +02:00
Frank Karlitschek
7562e4959b
Merge pull request #18658 from owncloud/configurable-temp
...
Configurable temporary directory
2015-09-12 22:04:41 +02:00
Robin McCorkell
188d0e09b8
Add reset method to mimetype loader
...
Used to solve concurrency issues
2015-09-11 12:44:53 +01:00
Robin McCorkell
620173c792
Merge pull request #18851 from owncloud/memcached-getallkeys-fallback
...
Fallback to complete Memcached flush if getAllKeys fails
2015-09-10 20:33:18 +01:00
Lukas Reschke
fb717f254f
Merge pull request #18699 from owncloud/notification-manager
...
Notification manager
2015-09-10 15:26:36 +02:00
Morris Jobke
7445afdb6f
Merge pull request #18925 from owncloud/change-risky-test
...
Rename data provider to avoid risky test warning
2015-09-09 16:05:01 +02:00
Lukas Reschke
0943781ccf
Rename data provider to avoid risky test warning
...
```
06:49:56 There was 1 risky test:
06:49:56
06:49:56 1) OC\AppFramework\Http\JSONResponseTest::testRenderProvider
06:49:56 This test did not perform any assertions
```
2015-09-09 12:52:54 +02:00
Lukas Reschke
0b91087489
Write to session in batch at the end of the request
2015-09-09 12:48:37 +02:00
Lukas Reschke
e579dd62fd
Write session data to single key
...
This prevents decrypting values multiple times.
2015-09-09 12:48:08 +02:00
Morris Jobke
c4c9c5ffad
Merge pull request #18684 from owncloud/explicit-upgrade-version
...
Explicit upgrade version + prevent downgrades
2015-09-09 11:08:55 +02:00
Robin Appelman
9f11b27797
Use the view logic for getFolderContent for the node api
2015-09-08 22:38:50 +02:00
Joas Schilling
38001d824b
Move interfaces to private until they are no longer experimental
2015-09-08 09:01:02 +02:00
Joas Schilling
59f37a8dfb
Add tests for the query()
2015-09-08 09:01:02 +02:00
Joas Schilling
190d2c3d5b
Add tests for the notification manager
2015-09-08 09:01:02 +02:00
Joas Schilling
270b0bd91b
Add more action tests
2015-09-08 09:01:02 +02:00
Joas Schilling
c6469be8bd
Add tests for notification
2015-09-08 09:01:02 +02:00
Joas Schilling
acf8149f17
Add tests for Action
2015-09-08 09:01:01 +02:00
Robin McCorkell
08d2202abb
Load all enabled apps in test bootstrap
2015-09-07 16:06:53 +01:00
Morris Jobke
f2ca0f6677
Merge pull request #18748 from owncloud/files-versions-tab
...
Add versions tab to files sidebar
2015-09-07 00:53:57 +02:00
Roeland Douma
24f5f50b20
Merge pull request #18742 from owncloud/mimetype-updatedb
...
Introduce mimetype DB update occ command
2015-09-06 16:56:35 +02:00
Robin McCorkell
b64e3f8db6
Fallback to complete Memcached flush if getAllKeys fails
...
Newer Memcached's do not support the underlying protocol commands that
getAllKeys() is implemented with. We should fallback to clearing
everything in that case, as causing (temporary) performance problems for
other applications on the server is better than having stale cached data.
2015-09-05 20:02:49 +01:00
Robin McCorkell
c6314fc699
Unit tests for mimetype loader
2015-09-04 17:37:10 +01:00
Robin McCorkell
cdf01f0419
Split mimetype handling to new class
2015-09-04 17:28:20 +01:00
Vincent Petry
310d797284
Add versions tab to files sidebar
...
- move versions to a tab in the files sidebar
- added mechanism to auto-update the row in the FileList whenever values
are set to the FileInfoModel given to the sidebar
- updated tags/favorite action to make use of that new mechanism
2015-09-03 16:47:24 +02:00