Commit graph

58 commits

Author SHA1 Message Date
Lukas Reschke
a977465af5 Add new CSRF manager for unit testing purposes
This adds a new CSRF manager for unit testing purposes, it's interface is based upon https://github.com/symfony/security-csrf. Due to some of our required custom changes it is however not possible to use the Symfony component directly.
2016-01-25 20:03:40 +01:00
Roeland Jago Douma
e01a488b31 Remove generateRandomBytes from OC_Util 2016-01-10 22:07:33 +01:00
Morris Jobke
ed98cdf532 Use OCP\Util::getVersion instead of the internal private implementation 2015-12-18 15:26:54 +01:00
Lukas Reschke
6d3eb7673d Add unit test for nested arrays 2015-12-08 09:07:38 +01:00
Thomas Müller
2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code
reuse code
2015-12-03 13:55:50 +01:00
Morris Jobke
d331e0d4f8 Replace OC_Config in tests with IConfig calls 2015-12-02 23:14:52 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Thomas Müller
56170dd825 Further unit test suite tweats 2015-11-30 10:55:05 +01:00
Morris Jobke
32ab973254 add unit tests for OC_Util::add* methods 2015-11-23 11:03:09 +01:00
Thomas Müller
c565a7b042 Fix failing unit test 💀 2015-11-19 16:44:43 +01:00
Thomas Müller
9ec2850c78 Use mocks when testing isSharingDisabledForUser 2015-11-19 15:36:16 +01:00
Lukas Reschke
8133d46620 Remove dependency on ICrypto + use XOR 2015-10-21 17:33:41 +02:00
Thomas Müller
b2dd5cb616 save excluded groups in json format - fixes #10983 2015-10-01 15:37:55 +02:00
Individual IT Services
fbe43e6a26 cache result of \OCP\Util::needUpgrade()
reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement

move caching to \OCP\Util::needUpgrade

renaming variable

fixing testNeedUpgradeCore()

cache result of checkUpgrade() in self::$needUpgrade

reduce calls of \OCP\Util::needUpgrade()
where \OCP\Util::needUpgrade() is called we can call as well
self::checkUpgrade and use the cached result
In line 877 the call way unnecessary anyway because of the first part of
the if statement

move caching to \OCP\Util::needUpgrade

renaming variable

fixing testNeedUpgradeCore()

fix typo in variable name

deleting tabs
2015-09-29 15:34:42 +02:00
Lukas Reschke
8313a3fcb3 Add mitigation against BREACH
While BREACH requires the following three factors to be effectively exploitable we should add another mitigation:

1. Application must support HTTP compression
2. Response most reflect user-controlled input
3. Response should contain sensitive data

Especially part 2 is with ownCloud not really given since user-input is usually only echoed if a CSRF token has been passed.

To reduce the risk even further it is however sensible to encrypt the CSRF token with a shared secret. Since this will change on every request an attack such as BREACH is not feasible anymore against the CSRF token at least.
2015-08-14 01:31:32 +02:00
Joas Schilling
0fcd273714 Select the timezone on the right timestamp and assert it 2015-04-07 10:13:51 +02:00
Lukas Reschke
65202d2a18 Add check for activated local memcache
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.

Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Robin McCorkell
1511a42da7 Check for relative datadirectory path 2015-03-27 23:29:46 +00:00
Joas Schilling
1686653fdd The iran timezone removed the DST handling which breaks the timezone lib 2015-03-23 14:08:47 +01:00
Joas Schilling
276d678080 Etc timezones don't exist for .5 and .75 offsets 2015-03-03 09:08:47 +01:00
Robin Appelman
5542fafd36 allow overwriting the appmanager in oc_util by subclassing 2015-02-18 14:24:50 +01:00
Joas Schilling
26100a6dfb Move timezone logic out of server.php 2014-12-16 16:16:22 +01:00
Joas Schilling
4d232e536e Deprecate Util::formatDate()
Make DateTimeFormatter a service and adjust tests that have been inaccurate
2014-12-10 11:58:56 +01:00
Morris Jobke
0d4f0ab871 reduce OC_Preferences, OC_Config and \OCP\Config usage
* files_encryption
* files_versions
* files_trashbin
* tests
* status.php
* core
* server container
2014-12-08 22:42:37 +01:00
Joas Schilling
ea4c25609d Replace uniqid calls with $this->getUniqueID so tests pass again on windows 2014-12-03 12:10:55 +01:00
Joas Schilling
cb3a598cdb Make root tests extend the \Test\TestCase 2014-11-19 14:53:51 +01:00
Thomas Müller
69db442c49 fixing expected values for formatDate() unit tests 2014-10-21 16:05:35 +02:00
Thomas Müller
c587a4aaa2 Merge pull request #11222 from owncloud/store-users-timezone-master
send browsers timezone back tp the server on login
2014-09-23 13:45:21 +02:00
Lukas Reschke
1565d82b81 Use only lower-case letters
Fixes https://github.com/owncloud/core/issues/11239
2014-09-22 21:29:03 +02:00
Thomas Müller
814114ab8e enhance formatDate function to accept an optional argument containing the time zone 2014-09-22 15:03:28 +02:00
Thomas Müller
007802121c requesttoken has now a length of 30 chars 2014-09-10 15:35:21 +02:00
Vincent Petry
9d5f18c02f Added test for needUpgrade for core 2014-09-02 17:28:05 +02:00
Vincent Petry
e05b95636b Fix upgrade process when apps enabled for specific groups
Fix issue where the currently logged user was causing side-effects when
upgrading.
Now setting incognito mode (no user) on update to make sure the whole
apps list is taken into account with getEnabledApps() or isEnabled().
2014-09-02 17:16:14 +02:00
Vincent Petry
7c17452028 Added unit test for default app URL 2014-07-01 16:55:29 +02:00
ringmaster
0e85618c42 Can't use assertInstanceOf on wrapped storage; use assertTrue(instanceOfStorage() instead. 2014-06-04 07:55:46 +02:00
Thomas Müller
ed8e0f0a92 updating unit test expectations 2014-05-28 13:47:27 +02:00
Bjoern Schiessle
12338e0ef0 allow admin to disable sharing for specific groups of users 2014-05-22 10:43:44 +02:00
Lukas Reschke
9d3b639ce6 Remove uneeded newline 2014-04-22 20:11:34 +02:00
Lukas Reschke
589c74e176 Fix indentation 2014-04-22 20:10:46 +02:00
Lukas Reschke
f07180639c Add unit tests for arrays and "
OC_Util::sanitizeHTML() also supports array but we actually had no unit test for it. Additionally this commit introduces a test for escaping " into "
2014-04-22 20:09:55 +02:00
Vincent Petry
797e0a614c Added extra checks for invalid file chars in newfile.php and newfolder.php
- added PHP utility function to check for file name validity
- fixes issue where a user can create a file called ".." from the files UI
- added extra checks to make sure newfile.php and newfolder.php also
  check for invalid characters
2014-02-18 17:54:32 +01:00
Jens-Christian Fischer
506393090b Add 'mail_from_address' configuration
In environments where there are rules for the email addresses, the "from
address" that owncloud uses has to be configurable.

This patch adds a new configuration variable 'mail_from_address'.
If it is configured, owncloud will use this as the sender of *all*
emails. (OwnCloud uses 'sharing-noreply' and 'password-noreply' by
default). By using the 'mail_from_address' configuration, only this
email address will be used.
2014-01-24 14:04:37 +01:00
Vincent Petry
356eef0739 Quota storage wrapper is now used for all users in sharing mode
When accessing a shared folder, the folder's owner appears as mountpoint
but wasn't wrapped by a quota storage wrapper.

This fix makes sure that all home storages are wrapped by a quota
storage wrapper, if applicable, to make sure quotas are respected when
uploading into shared folders.
2013-11-21 12:04:54 +01:00
kondou
9c5416fe4a Clean up \OC\Util
- Use camelCase

 - Add some phpdoc

 - Fix some indents

 - Use some more spacing
2013-08-15 15:57:32 +02:00
kondou
a51af39595 Add unittests
Unittests for:

- search/result

- util

- preferences
2013-08-05 14:47:14 +02:00
Thomas Müller
409268f322 adding test case with no / 2013-07-30 08:54:39 +02:00
Thomas Müller
085fdfec2f adding unit tests for OC_Util::basename 2013-07-29 23:32:03 +02:00
Victor Dubiniuk
c0b210f0d5 Add unit test 2013-07-09 17:46:11 +03:00
Miquel Rodríguez Telep / Michael Rodríguez-Torrent
93a6ed3dab Ensure instanceid contains a letter
instanceid is generated by uniqid() and then used as the
session_name. Because session_name requires at least one letter
and uniqid() does not guarantee to provide that, in the case that
uniqid() generates a string of only digits, the user will be stuck
in an infinite login loop because every request will generate a
new PHP session.
2013-03-26 21:49:32 +00:00
itheiss
410b991221 Move testcase to own test function
Move testcase for getDefaultEmailAddress with mail_domain set in config.php to own test function.
2013-03-26 09:40:27 +01:00