Commit graph

28896 commits

Author SHA1 Message Date
Thomas Müller
4c695e63c0 Fix comments 2015-12-02 09:20:58 +01:00
Thomas Müller
0391cc0451 Fix getCloudId 2015-12-02 09:14:41 +01:00
Thomas Müller
6abc02cb88 Proposal: add enumeration function to IUserManager which simply calls a callbask for each user in all backends 2015-12-02 09:14:41 +01:00
Thomas Müller
fe67db1ad0 Adding unit test for User::getCloudId() 2015-12-02 09:14:41 +01:00
Thomas Müller
599ba31edc Specify the email type and set name properly 2015-12-02 09:14:41 +01:00
Thomas Müller
906777dc9c Add converter to generate/update a vcard from a given user 2015-12-02 09:14:41 +01:00
Thomas Müller
1e8ad65288 Add system principal to cal of each card 2015-12-02 09:14:41 +01:00
Thomas Müller
df6fc6cc70 Add the user's cloud id to the vCard 2015-12-02 09:14:41 +01:00
Thomas Müller
7c8a84e7ac Add user's email address to vCard 2015-12-02 09:14:41 +01:00
Thomas Müller
079ae9b7a9 Update addressbook home configuration for CalDAVTester 2015-12-02 09:14:41 +01:00
Thomas Müller
6a2dde6400 user and system addressbooks are now living in sub folders 2015-12-02 09:14:41 +01:00
Thomas Müller
dcfd089a6c Adding a second principal backend which holds system principals - as of now only one principals/system/system 2015-12-02 09:14:41 +01:00
Thomas Müller
dad6470baa Add IUser::getAvatarImage() for easy access 2015-12-02 09:14:41 +01:00
Thomas Müller
c91192fb73 Adding system addressbook for users of this instance - a occ command is supplied for synchronizing 2015-12-02 09:08:27 +01:00
Roeland Jago Douma
1e19661daa [Sharing] Respect disabled incoming federated shares
Only fetch the incoming federated shares if incoming shares are actually
enabled.

Fixes #20713
2015-12-02 09:00:21 +01:00
Jenkins for ownCloud
4f4b91a9ec [tx-robot] updated from transifex 2015-12-02 02:00:28 -05:00
Roeland Douma
9baa96a5ae Merge pull request #20883 from owncloud/avatar_di
DI in avatar code
2015-12-02 07:48:35 +01:00
Roeland Jago Douma
b00db2c933 DI in avatar code
* DI in avatar code
* Use the node API
* More unit tests
* Unit tests no longer require DB
2015-12-01 22:15:43 +01:00
Lukas Reschke
6a067b1ec9 Set RewriteBase to / if OC::WEBROOT is not set 2015-12-01 22:03:25 +01:00
Lukas Reschke
a936107c5c Append PATH_INFO to ensure that file can be loaded on update 2015-12-01 20:15:45 +01:00
Lukas Reschke
f87dca95f1 Disable MultiView + DirectorySlash
Required for routes that might otherwise collide with existing folders on the system
2015-12-01 19:57:03 +01:00
Lukas Reschke
002e719789 Set "SetEnv" within base .htaccess file
mod_rewrite as used by the front controller may require a `RewriteBase` in case the installation is done using an alias. Since we cannot enforce a writable `.htaccess` file this will move the `front_controller_active` environment variable into the main .htaccess file. If administrators decide to have this one not writable they can still enable this feature by setting the `front_controller_active` environment variable within the Apache config.
2015-12-01 19:06:48 +01:00
Morris Jobke
3061e5d2fc Check the expiration date for null
* null is always less than any value -> expirationDate gets null
  which is "no date set"
* ref https://github.com/owncloud/core/issues/20590#issuecomment-158393075
2015-12-01 17:43:05 +01:00
Lukas Reschke
8931ba4a0d Merge pull request #14081 from owncloud/use-pretty-urls
Support pretty URLs
2015-12-01 17:17:48 +01:00
Robin Appelman
62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Joas Schilling
44852ce324 Allow DI for OCP\Files\IMimeTypeDetector 2015-12-01 16:49:20 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Thomas Müller
74e8c25a5b Merge pull request #20285 from owncloud/add-integrity-checker
Add code integrity checker foundation
2015-12-01 15:27:50 +01:00
Thomas Müller
27da63886f Merge pull request #20710 from owncloud/files_external_config_command
Add command to get and set config for external mounts
2015-12-01 15:27:32 +01:00
Joas Schilling
08d07cc4db Fix the unit test by running tearDown() and cleaning tags before the test 2015-12-01 15:00:44 +01:00
Joas Schilling
1d0c041ac8 Add a method to get the list of tags from the TagNotFound Exception 2015-12-01 14:54:34 +01:00
Morris Jobke
6baed0c998 fix code style 2015-12-01 14:51:33 +01:00
Morris Jobke
e86c847df5 add parameter to call single behat tests 2015-12-01 14:51:33 +01:00
Morris Jobke
83432b3c25 add behat tests for 0 quota upload failure 2015-12-01 14:51:32 +01:00
Thomas Müller
d5fe052838 Merge pull request #20868 from owncloud/revert-20842-fix-date-time-column
Revert "Fix column width of mtime column"
2015-12-01 14:30:44 +01:00
Thomas Müller
490e01e383 Merge pull request #20861 from owncloud/systemtags-better-exceptions-docs
Fix the docs of the exceptions and remove hardcoded language from the…
2015-12-01 14:23:00 +01:00
Robin Appelman
1347e3332b return non 0 status code in case of missing mount 2015-12-01 13:47:56 +01:00
Robin Appelman
2dd0066b0e Add command to set mount options for external storages 2015-12-01 13:47:32 +01:00
Robin Appelman
d5ffbc9401 Add command to get and set config for external mounts 2015-12-01 13:47:32 +01:00
Morris Jobke
0655f3d102 Revert "Fix column width of mtime column" 2015-12-01 13:45:30 +01:00
Robin Appelman
0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Jesús Macias
a79ae4ae08 Delete js unit test. Another issue has been created to create js test 2015-12-01 12:58:01 +01:00
Thomas Müller
cce053f7e9 Merge pull request #20859 from owncloud/autotest-coverage
Make autotest.sh able to output proper coverage again
2015-12-01 12:55:14 +01:00
Joas Schilling
1761fdd9ee Fix the docs of the exceptions and remove hardcoded language from the message 2015-12-01 12:32:50 +01:00
Roeland Jago Douma
b4302a49be Make autotest.sh able to output proper coverage again
The usage of single quotes make sure that a string is used verbatim in
bash. And no variables are subsituted.
2015-12-01 12:03:27 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller
36660734a6 Merge pull request #20855 from owncloud/output-log-integration-tests
tail the server log and exit with the exit code of behat
2015-12-01 10:21:25 +01:00
Thomas Müller
f48ea593eb Merge pull request #20850 from owncloud/use-text-instead-of-html
Use .text instead of .html
2015-12-01 10:18:29 +01:00
Thomas Müller
f1bbc9a962 Merge pull request #20853 from owncloud/php-parser-1.4.1
[3rdparty] Bump php-parser
2015-12-01 10:17:17 +01:00
Thomas Müller
21e063a9e7 tail the server log and exit with the exit code of behat 2015-12-01 10:16:46 +01:00