Commit graph

1484 commits

Author SHA1 Message Date
Thomas Müller
f3d49a89fe Merge pull request #11131 from owncloud/use-phpini-wrapper
Replacing ini_get instances with inigetwrapper usages
2015-12-07 10:20:59 +01:00
Roeland Jago Douma
50d862e5d1 [Avatars] JS should not load same avatar twice
Old code first dit an ajax request to the avatar. Then a new image
object with the same src was created and since we do not cache avatars
yet :(  this resulted in 2 sequential requests to the exact same URL

Now if you set the displayname it will first set the placeholder and
then load the avatar in the background. Only once this time!
2015-12-04 10:42:11 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Vincent Petry
b1ca431852 Fix for parsing pretty printed Webdav responses
Update davclient.js + adjust IE workaround for this
2015-11-24 15:26:53 +01:00
Clark Tomlinson
9caf4ffbfc Replacing ini_get instances with inigetwrapper usages 2015-11-23 14:12:31 +01:00
Vincent Petry
a05e40932c Now using IE8 workaround of davclient.js for all IE versions 2015-11-22 16:05:52 +01:00
Vincent Petry
7ec83fc9fb Fix OC.FileInfo to copy all properties
This makes it possible to also store custom properties passed through
the data object like tags or shareOwner.
2015-11-22 16:05:50 +01:00
Vincent Petry
a1d0682ef8 Use oc:fileid property instead of oc:id 2015-11-22 16:05:51 +01:00
Thomas Müller
ab1d786d87 Fix port issue - options.host already has the port attached 2015-11-22 16:05:51 +01:00
Vincent Petry
dc8ce87a26 Query tags/favorite through Webdav in file list 2015-11-22 16:05:50 +01:00
Vincent Petry
fa2be0750c Make files app use Webdav for most operations 2015-11-22 16:05:50 +01:00
Vincent Petry
f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
Vincent Petry
fb3d5c7856 Add evert's davclient.js + es6-promise + IE8 workaround
- Add davclient.js lib
- Add es6-promise required by that lib
- Wrote IE8 workaround lib/shim for davclient.js
2015-11-22 16:05:49 +01:00
Joas Schilling
78c456b895 Allow creating OCS v2 links in JS 2015-11-16 14:23:43 +01:00
Vincent Petry
a2cd9708f6 Set "ie" CSS class for IE10, IE11
Fixed border in file action menu
2015-11-10 17:04:52 +01:00
Joas Schilling
f04151f69b Close the user menu when clicking it again 2015-11-02 10:09:13 +01:00
Morris Jobke
b32e6fbb62 [tags] remove unneeded variables 2015-10-30 10:02:15 +01:00
Thomas Müller
774d069ff0 Merge pull request #20122 from owncloud/files-consolidateiconupdate
Fix icon update to be more consistent
2015-10-29 15:40:15 +01:00
Vincent Petry
9c9158e6b7 Fix icon update to be more consistent
Makes the details bar show the same icon as in the list.
2015-10-29 12:59:51 +01:00
Tom Needham
628e4a9daf Add sharee list view js tests 2015-10-29 09:01:47 +01:00
Thomas Müller
588a668455 Merge pull request #20082 from owncloud/phil-davis-sharedialogviewspec-typos
sharedialogviewSpec.js couple of text typos
2015-10-27 20:04:05 +01:00
Thomas Müller
c15b2094e5 Merge pull request #20078 from owncloud/tipsy-body
Append tipsys to body
2015-10-27 15:08:25 +01:00
Phil Davis
89ab505c7b sharedialogviewSpec.js couple of text typos
I noticed a new typo in 15ef39d5b9 and looked for others while I am here.
2015-10-27 17:11:49 +05:45
Hendrik Leppelsack
5a01dc44d6 append tipsys to body 2015-10-27 11:22:41 +01:00
Vincent Petry
0d98e5e456 [IE9] Don't send link share password placeholder
When exiting the password field in the share dialog, IE9 would
mistakenly think that the password has changed and would send the
placeholder.

This fix prevents changing the password whenever the placeholder is set
as value.
2015-10-26 17:45:21 +01:00
Thomas Müller
23e51c37cf Merge pull request #20049 from owncloud/make-author-file-complete
Generate author file by license.php build script
2015-10-26 17:14:06 +01:00
Lukas Reschke
8f09d5b67c Update license headers 2015-10-26 14:04:01 +01:00
Vincent Petry
c64fb46fbf Fix share link focus on click
Clicking on the link share must focus and select it
2015-10-26 12:49:52 +01:00
Roeland Jago Douma
9071e756a1 Fix for broken ajax/share.php endpoint
Even more code mess :(
All tests pass again. But I'm really not happy with this endpoint.
2015-10-23 09:24:03 +02:00
Thomas Müller
4f5ff9c105 Ensure the password is only hashed in case it's changed on the client - fixes #19950 2015-10-22 17:32:40 +02:00
Thomas Müller
56fdb0ac93 Merge pull request #19935 from owncloud/issue-19916-settings-menu-hide-on-file-action
Use the normal OC.menu JS for handling the Settings menu
2015-10-22 10:42:02 +02:00
Thomas Müller
15ef39d5b9 Merge pull request #19952 from owncloud/share-dialogue-tests
Add JS tests for share dialog
2015-10-22 09:23:05 +02:00
Tom Needham
e3ae453ee5 Fix line lengths in share dialog unit tests 2015-10-21 13:30:42 +00:00
Tom Needham
8a6d22d751 Add JS tests for share autocompletion handling 2015-10-21 12:46:08 +00:00
Joas Schilling
a0437591db Use the normal OC.menu JS for handling the Settings menu 2015-10-21 13:59:30 +02:00
Tom Needham
2ca5b1aa1f Add test for remote share info tooltop 2015-10-21 10:00:29 +00:00
Vincent Petry
89e3860e1a Disable app icon preview in apps page for IE
All IE versions are not able to properly upscale SVG icons unless the
said SVG files contain a "viewBox" attribute, which is not always the
case. Also we cannot guarantee that all third party apps will have this
attribute in their icons.

So for now, app icons will not be displayed in IE instead of broken
ones.
2015-10-21 10:50:06 +02:00
Vincent Petry
1e64968ff7 Allow leaving update page when errors occurred 2015-10-20 13:29:44 +02:00
Vincent Petry
06ddd40886 Prevent leaving the DB update page while in progress 2015-10-20 13:28:48 +02:00
Christoph Wurst
9778094a25 fix filepicker loading spinner 2015-10-19 23:43:12 +02:00
Vincent Petry
90e34e26bd Fix spinner positions in share tab
Also fix missing spinner when removing link share
2015-10-16 15:54:27 +02:00
Vincent Petry
3af2ad0cd9 Fix DOM element ids in share dialog
- Rely on class names instead of global ids
- When global ids are needed for label+checkbox, append the view id
  (cid) to the element's id

This fixes the checkboxes when multiple sidebars exist in the DOM.
2015-10-16 10:54:45 +02:00
Thomas Müller
8d5aff9db5 Merge pull request #19631 from owncloud/share-emailsenterror
Fix share email sending feedback
2015-10-14 12:51:32 +02:00
Thomas Müller
a83e003ae3 Merge pull request #19645 from owncloud/file-conflict-disablecontinue
Disable "Continue" button in conflict dialog when no selection
2015-10-14 12:39:37 +02:00
Thomas Müller
f34b97bc98 Merge pull request #19699 from owncloud/hutchic-issue-18241-reload-page-link
refs #18241 Make the 'please reload this page' a clickable link
2015-10-14 12:39:19 +02:00
Morris Jobke
2f9f963616 [update] show default error message if empty message 2015-10-14 09:41:47 +02:00
Colin Hutchinson
f49c1039c4 refs #18241 Make the 'please reload this page' a clickable link 2015-10-10 14:14:01 -04:00
Vincent Petry
c7aef6c368 Fix uploading avatar and root certs in IE8 2015-10-09 11:19:05 +02:00
Morris Jobke
3c005bc020 Check .conflicts for checkboxes 2015-10-08 17:13:28 +02:00
Roeland Jago Douma
08600a7ed5 Add unit tests for sending e-mail for link shares 2015-10-08 16:39:25 +02:00
Vincent Petry
4bf19d4472 Fix share email sending feedback
Redisplay email address after failure
2015-10-08 16:39:12 +02:00
Vincent Petry
cba1aae073 Disable "Continue" button in conflict dialog when no selection 2015-10-08 12:27:33 +02:00
Thomas Müller
0385a62363 Merge pull request #19597 from owncloud/update-license-headers
update licence headers via script
2015-10-06 11:18:35 +02:00
Morris Jobke
b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Thomas Müller
ea72d90617 Merge pull request #19553 from owncloud/properly_format_date_shareview
Use DD-MM-YYYY consistently in share sidebar
2015-10-05 22:02:12 +02:00
Morris Jobke
b945d71384 update licence headers via script 2015-10-05 21:15:52 +02:00
Roeland Jago Douma
8c459a895d Do not remove linkshare if there is none
If the password is enforced we can't create a link share right away but
just show the password field. Untoggling the link sharing should not try
to remove the share.

* Added unit test
2015-10-05 21:12:27 +02:00
Thomas Müller
681ab05e4d Merge pull request #19539 from owncloud/fix-multiselect-overlap-shorter
Fix filelist size issues, breadcrumb, multiselect
2015-10-05 09:48:31 +02:00
Roeland Jago Douma
96deeca34d Use DD-MM-YYYY consistently in share sidebar
We used to display the response from the server. Which is in non ISO8601
format. Now this is weird since the datepickers shows us 'DD-MM-YYYY'
once a date is chosen.

Now use momentJS to properly format the date.

* Unit tests updated
2015-10-04 11:38:29 +02:00
Vincent Petry
f135128664 Fix filelist size issues, breadcrumb, multiselect
- calculate multiselect header width to exclude scrollbar
- call FileList._onResize() when sidebar is toggled ("appresized"), this
  also updates the breadcrumb width
- moved global getScrollBarWidth() to OC.Util namespace
2015-10-02 18:03:48 +02:00
Thomas Müller
ff89824135 Merge pull request #19272 from owncloud/mimetypes-enhanced
Introduce a few new mimetypes for code, fix recursive mimetype aliases
2015-10-02 17:50:34 +02:00
Vincent Petry
1562da3691 Focus on share field after first display 2015-10-02 16:39:27 +02:00
Roeland Jago Douma
57ceee13a9 Updated some mimetypes
* c++ and cpp now both map to code
2015-10-02 15:28:23 +02:00
Robin McCorkell
aeb20675dd Allow recursive mimetype aliases
application/xml -> text/html -> text/code
2015-10-02 15:28:23 +02:00
Robin McCorkell
cd7aff47e1 Introduce a few new mimetypes for code 2015-10-02 15:28:23 +02:00
Thomas Müller
594a3e4e22 Merge pull request #19523 from owncloud/fix-seconds-ago
Fix moment.js "a few seconds ago" with "seconds ago"
2015-10-02 14:11:46 +02:00
Morris Jobke
4b3a5a257f Fix moment.js "a few seconds ago" with "seconds ago"
* fixes #18627
2015-10-02 10:51:51 +02:00
Vincent Petry
5dff9d88cb Make sure the conflict dialog is loaded before adding conflicts 2015-10-02 09:55:43 +02:00
Thomas Müller
eeac6e2ab1 Merge pull request #19454 from owncloud/ie8-madness-returns
[IE8] Fix file type sizes and popover menus in file list
2015-09-30 15:15:38 +02:00
Thomas Müller
67609699bc Merge pull request #19443 from owncloud/sharedialog-passworderror
Fix share link password error
2015-09-30 11:08:04 +02:00
Vincent Petry
dbb6692468 [IE8] Fix filetype icon sizes
Added hack that uses a "filter" CSS with explicit URL to fix the "New"
menu by scaling down icons and also fix the folder/filetype icon in the sidebar
by scaling it up.
2015-09-29 18:28:31 +02:00
Olivier Paroz
a1c419dc71 Use Hermite resampling for comparator canvas previews 2015-09-29 16:35:24 +02:00
Vincent Petry
8def1383c8 Fix share link password error
- only allow submitting the password once, single request
- display error in tooltip
2015-09-29 15:30:01 +02:00
Thomas Müller
037cce7f05 Merge pull request #19418 from owncloud/fix-parsehashquery
Consider both hash params and query when parsing URL
2015-09-29 13:21:34 +02:00
Vincent Petry
71dabc6c13 Consider both hash params and query when parsing URL 2015-09-28 18:37:40 +02:00
Vincent Petry
a823a79f12 Show loading spinner for first fetch of shares
Whenever the sidebar first loads shares, show a spinner instead of an
empty content
2015-09-28 15:57:57 +02:00
Thomas Müller
4d8be8822c Merge pull request #19363 from owncloud/checkboxes-sidebar
Restyle checkboxes in sidebar
2015-09-28 10:54:55 +02:00
Hendrik Leppelsack
0ae931ed57 fix sidebar spinner 2015-09-25 20:48:47 +02:00
Hendrik Leppelsack
2ee36dc4de restyle checkboxes in sidebar 2015-09-25 11:54:26 +02:00
Hendrik Leppelsack
604f5783fd fix multiselect 2015-09-25 00:51:39 +02:00
Thomas Müller
846b826867 Merge pull request #18517 from owncloud/17753_to_master
Fix preview of old file on public upload conflicts
2015-09-24 15:20:00 +02:00
Thomas Müller
d7a923671f Merge pull request #19305 from owncloud/share-hasusershares
Fix ShareItemModel.hasUserShares to only check shares of current item
2015-09-24 14:57:23 +02:00
Vincent Petry
76e30d0df7 Expiration date was always a string 2015-09-24 12:21:19 +02:00
Vincent Petry
0db9b28f3f Fix ShareItemModel.hasUserShares to only check shares of current item
The shares array is based on what the server returns and can contain
share info for parent folders.

hasUserShares is now fixed to ignore parent folders and only checks for
shares on the current item.
2015-09-23 14:41:13 +02:00
Vincent Petry
6ea27e2b03 Fix parsing int attributes from share.php response
Sometimes the attributes returned by share.php are integers but packaged
as strings.

This fix makes sure that such attributes are parsed as integers
2015-09-23 12:16:47 +02:00
Thomas Müller
0c283dc020 Merge pull request #19220 from individual-it/fix_19164
re initialize OC.Share.currentShares OC.Share.itemShares
2015-09-23 11:41:20 +02:00
Thomas Müller
53a167eae9 Merge pull request #19279 from owncloud/share-fixbogusentry
Fix bogus entry that appears when switching with arrow keys
2015-09-23 11:30:50 +02:00
Hendrik Leppelsack
3f0a870908 implement builder pattern in tipsy shim 2015-09-23 09:27:44 +02:00
Vincent Petry
03ca76f54f Fix bogus entry that appears when switching with arrow keys 2015-09-22 17:16:20 +02:00
Lukas Reschke
4201f59402 Update mimetypes 2015-09-22 16:43:29 +02:00
Individual IT Services
976942bb61 re initialize OC.Share.currentShares OC.Share.itemShares
otherwise old values are kept.
fix for #19164
2015-09-21 17:01:50 +05:45
Hendrik Leppelsack
964cfc8e08 fix missing checkboxes in file comparator 2015-09-21 12:57:34 +02:00
Olivier Paroz
04b14df35c Fix preview of old file on public upload conflicts 2015-09-20 12:38:21 +02:00
Olivier Paroz
9776d60b57 Typo 2015-09-19 10:34:19 +02:00
Thomas Müller
08ae1e8183 Merge pull request #19008 from owncloud/jquery_avatar_tests
JS tests for jquery.avatar
2015-09-18 17:31:18 +02:00
Hendrik Leppelsack
7c80c8e484 fix missing checkboxes in share dialog 2015-09-17 16:25:10 +02:00
Vincent Petry
6141ea12b1 Port share.css styles to the sidebar panel 2015-09-16 07:23:29 +02:00
Vincent Petry
36e452a472 Fix cruds button in share dialog
Only toggle the current row
2015-09-16 07:23:29 +02:00
Vincent Petry
02d68d0613 Removed obsolete tests 2015-09-16 07:23:29 +02:00