Commit graph

3164 commits

Author SHA1 Message Date
Robin Appelman
3243a6032a
adjust test
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-02 14:17:20 +01:00
Robin Appelman
ac2542f0f0
add ci support for s3 object store
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-01-02 14:17:19 +01:00
Lukas Reschke
f237c582ba Merge pull request #2845 from nextcloud/deleteuser-gethomeearly
Get user home folder before deletion
2016-12-27 13:45:28 +01:00
Lukas Reschke
c5cc0d87a8 Merge pull request #2833 from nextcloud/downstream-26750
Introduce group display name support (#26750)
2016-12-23 13:57:59 +01:00
Vincent Petry
7ca6561469
Remove legacy home tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:50:31 +01:00
Vincent Petry
4744dce4df
Nuke the legacy storage fallback from orbit
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:49:46 +01:00
Vincent Petry
91cd57e55b
Get user home folder before deletion
After the deletion getHome() will fail because the user doesn't exist
any more, so we need to fetch that value earlier.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:42:31 +01:00
Arthur Schiwon
91a1e5fd9d
fix more tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-22 21:21:16 +01:00
Thomas Müller
b62b82c2de
Fix reporting of risky tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-22 18:39:40 +01:00
Vincent Petry
453f3beffa
Adding group display name support 2016-12-22 18:34:45 +01:00
Morris Jobke
bb8b647bd6 Merge pull request #2633 from nextcloud/2fa-activities
two-factor activities
2016-12-22 14:47:15 +01:00
Björn Schießle
3453f4e97c Merge pull request #2761 from nextcloud/dont-resolve-shares-if-public-sharing-is-disabled
Don't resolve public share token if public sharing is disabled
2016-12-22 11:57:05 +01:00
Roeland Jago Douma
065f2fbcc6
Extend APCu test with int CAS
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-21 21:06:41 +01:00
Lukas Reschke
091bf07385 Merge pull request #2724 from nextcloud/fix-23591
[downstream] Report failures for SignApp and SignCore
2016-12-21 13:03:13 +01:00
Morris Jobke
4c315082e1 Merge pull request #2769 from nextcloud/improve_user_user_coverage
Improve OC\User\User coverage
2016-12-20 16:50:44 +01:00
Christoph Wurst
88b7d033df fix 2fa activities tests
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-20 15:23:36 +01:00
Roeland Jago Douma
7b4265ab59
Improve OC\User\User coverage
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-20 11:47:08 +01:00
Lukas Reschke
5983c68462
Don't resolve public share token if public sharing is disabled
Otherwise disabling sharing does prevent access to the view controllers but one can still access the shares using the public preview route or the public WebDAV endpoint.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-20 08:52:46 +01:00
Vincent Petry
252eddadd9
Remove obsolete RepairLegacyStorages repair step
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 17:45:46 +01:00
Lukas Reschke
3eb3e437c8
Add proper tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-19 15:35:31 +01:00
Victor Dubiniuk
e536313451
Update tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-16 17:51:03 +01:00
Roeland Jago Douma
245501fb0c
Clear appstore cache on version upgrade
* Add version to cached json
* Compare version
* Updated calls
* Updated tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-15 22:04:03 +01:00
Roeland Jago Douma
67f65677a1 Merge pull request #2665 from nextcloud/remove-db-class-and-interface
Remove IDb interface which was deprecated for 3 years already
2016-12-14 19:05:41 +01:00
Joas Schilling
bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 11:42:16 +01:00
Joas Schilling
77b6b7b23e
Use the mocked config version
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 10:45:27 +01:00
Joas Schilling
a7aa7de6c2
Add a unit test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-13 13:54:18 +01:00
Lukas Reschke
32bf8ec826
Don't use cached informations for app version
When installing an app from the appstore the `\OC_App::getAppVersion` code is triggered twice:

- First when the downloader tries to compare the current version to the new version on the appstore to check if there is a newer version. This protects against downgrade attacks and is implemented in `\OC\Installer::downloadApp`.
- Second, when the app is actually installed the current version is written to the database. (`\OC\Installer::installApp`)

This fails however when the version is actually cached. Because in step 1 the cached version will be set to "0" and then be reused in the second step.

While this is probably not the cleanest version I assume this is an approach that is least invasive. Feedback and suggestions welcome :)

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-09 18:01:45 +01:00
Morris Jobke
7aa510b2f0
Document updater channel & check for correct PHP version in updater
* see https://github.com/nextcloud/updater/issues/53

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2016-12-06 00:19:13 +01:00
Morris Jobke
aac3024878 Merge pull request #2505 from nextcloud/sudo-mode-provisioning-api
Require sudo mode on the provisioning API
2016-12-05 22:29:29 +01:00
Roeland Jago Douma
e368a745aa
Set last-login-check on basic auth
Else the last-login-check fails hard because the session value is not
set and thus defaults to 0.

* Started with tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-05 20:57:15 +01:00
Morris Jobke
1253d1008a Merge pull request #2411 from nextcloud/fix-encryption-home-storage
check if the file should really be encrypted before we update the file cache
2016-12-05 15:38:12 +01:00
Robin Appelman
1a379b0fdc
update test
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-12-02 18:04:21 +01:00
Lukas Reschke
2ca29f709b
Add tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-01 18:52:32 +01:00
Morris Jobke
62ec31eb7b Merge pull request #2152 from nextcloud/preview_cleanupjob
Adds background job to cleanup all previews.
2016-11-30 10:39:21 +01:00
Bjoern Schiessle
0f8fe77b3a
check if the file should really be encrypted before we update the file cache
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-29 20:34:45 +01:00
Morris Jobke
d86b29b42b Merge pull request #2066 from nextcloud/fix-redirect-double-encoding
do not double encode the redirect url
2016-11-29 17:21:43 +01:00
Lukas Reschke
3950ce9223 Merge pull request #2351 from nextcloud/remember-session-default
do not remember session tokens by default
2016-11-28 14:05:04 +01:00
Lukas Reschke
0cc771ce19 Merge pull request #2353 from nextcloud/renew-session-token-remember
copy remember-me value when renewing a session token
2016-11-28 14:04:13 +01:00
Christoph Wurst
6543182d13 fix parameter order
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-28 10:00:53 +01:00
Christoph Wurst
ad610ae772 Merge pull request #2327 from nextcloud/exclude-pre-releases
Exclude pre-release versions as per SemVer
2016-11-28 09:55:24 +01:00
Christoph Wurst
2183a1f3e6 copy remember-me value when renewing a session token
On renew, a session token is duplicated. For some reason we did
not copy over the remember-me attribute value. Hence, the new token
was deleted too early in the background job and remember-me did
not work properly.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:19:57 +01:00
Christoph Wurst
9b808c4014 do not remember session tokens by default
We have to respect the value of the remember-me checkbox. Due to an error
in the source code the default value for the session token was to remember
it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:03:28 +01:00
Morris Jobke
64fb0fb3dd Merge pull request #2276 from nextcloud/update-email-address
Update email address
2016-11-25 11:40:20 +01:00
Lukas Reschke
29402e2c0a
Exclude pre-release versions as per SemVer
As SemVer can be used apps could define a release like "10.0.0-alpha". This is something that we don't support at the moment in the server and we should filter all prereleases.

Ref https://github.com/nextcloud/server/pull/2307#issuecomment-262911588

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-25 11:32:46 +01:00
Bjoern Schiessle
0de685c562
bring back setEmailAddress for the user management
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-25 10:26:48 +01:00
Bjoern Schiessle
3fc75073b8
update accounts table if email address or display name changes from outside
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-25 10:26:47 +01:00
Roeland Jago Douma
72f9920a58
Add Identityproof tests
* Add tests for Key
* Add tests for Manager
* Add tests for Signer
* Removed URLGenerator from Signer

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-24 21:50:19 +01:00
Lukas Reschke
6a4c0cf237
Loop for newest version in appstore response
The current implementation when fetching apps from the appstore is to assume that the first element is the newest version, this is now always applicable and leads to the fact that for some apps (e.g. nextant) the newest version is not delivered. This can be easily tested by comparing the version of the downloaded Nextant version.

This change will loop over all releases delivered by the appstore and chooses the newest compatible one. While not the cleanest solution, it does its job.

Most of the code are actually unit tests. Whereas I have copied the whole original response from the appstore and also have performed the transformation. So that's why the diff looks so huge.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-24 14:29:57 +01:00
Lukas Reschke
a05b8b7953
Harden cookies more appropriate
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.

See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.

Fixes https://github.com/nextcloud/server/issues/1412

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 12:53:44 +01:00
Roeland Jago Douma
df215625f1 Merge pull request #1972 from nextcloud/invalid-files-from-scanner
Make sure we don't scan files that can not be accessed
2016-11-22 12:55:54 +01:00