Commit graph

2306 commits

Author SHA1 Message Date
Morris Jobke
cbe6eeffa1 last change of OC_Config to the proper interface in tests/ 2015-12-03 14:03:05 +01:00
Thomas Müller
2d1cc8aaeb Merge pull request #19461 from owncloud/reuse_code
reuse code
2015-12-03 13:55:50 +01:00
Morris Jobke
542ce7dd0d Reduce OC_Config usage in tests/ 2015-12-03 13:48:19 +01:00
Robin Appelman
19b2fe6a3a Fix mimetype filter in getDirectoryContent 2015-12-03 13:09:13 +01:00
Morris Jobke
e9c8f82fc5 Replace OC_Config in tests with IConfig calls 2015-12-03 09:38:41 +01:00
Thomas Müller
c6bda8d6ca Merge pull request #20902 from owncloud/drop-OC_Config-from-tests
Replace OC_Config in tests with IConfig calls
2015-12-03 09:30:47 +01:00
Thomas Müller
e7239b6553 Merge pull request #20872 from owncloud/systemtags-better-not-found-exception
Systemtags better not found exception
2015-12-03 09:26:05 +01:00
Thomas Müller
a5c80ba8bc Merge pull request #20894 from owncloud/post-delete-meta-view
Also add metadata for postDelete hooks triggered from the view
2015-12-03 09:24:54 +01:00
Morris Jobke
d331e0d4f8 Replace OC_Config in tests with IConfig calls 2015-12-02 23:14:52 +01:00
Thomas Müller
dcc7ff09ba Adding unit test for MailNotifications::sendInternalShareMail() 2015-12-02 21:42:14 +01:00
Thomas Müller
eebe2b9c23 User IUser::getEMailAddress() all over the place 2015-12-02 21:25:05 +01:00
Thomas Müller
df5872ec50 Merge pull request #20719 from owncloud/adding-system-addressbook-of-users
Adding system addressbook for users of this instance - a occ command …
2015-12-02 16:17:58 +01:00
Thomas Müller
28ceab2f61 Fix endless recursion 2015-12-02 14:44:41 +01:00
Robin Appelman
0062888aaf Also add metadata for postDelete hooks triggered from the view 2015-12-02 13:51:26 +01:00
Thomas Müller
8d218bf3ef Merge pull request #20875 from owncloud/remove-changepropagator
remove old propagation logic
2015-12-02 13:03:31 +01:00
Thomas Müller
c46ea30248 Merge pull request #20865 from owncloud/post-delete-meta
Add metadata to post delete hooks
2015-12-02 10:12:54 +01:00
Thomas Müller
0391cc0451 Fix getCloudId 2015-12-02 09:14:41 +01:00
Thomas Müller
fe67db1ad0 Adding unit test for User::getCloudId() 2015-12-02 09:14:41 +01:00
Thomas Müller
df6fc6cc70 Add the user's cloud id to the vCard 2015-12-02 09:14:41 +01:00
Thomas Müller
dad6470baa Add IUser::getAvatarImage() for easy access 2015-12-02 09:14:41 +01:00
Roeland Jago Douma
b00db2c933 DI in avatar code
* DI in avatar code
* Use the node API
* More unit tests
* Unit tests no longer require DB
2015-12-01 22:15:43 +01:00
Robin Appelman
62cc316c6a remove old propagation logic 2015-12-01 16:50:20 +01:00
Lukas Reschke
2515cb17be Support pretty URLs
This changeset allows ownCloud to run with pretty URLs, they will be used if mod_rewrite and mod_env are available. This means basically that the `index.php` in the URL is not shown to the user anymore.

Also the not deprecated functions to generate URLs have been modified to support this behaviour, old functions such as `filePath` will still behave as before for compatibility reasons.

Examples:
http://localhost/owncloud/index.php/s/AIDyKbxiRZWAAjP => http://localhost/owncloud/s/AIDyKbxiRZWAAjP
http://localhost/owncloud/index.php/apps/files/ => http://localhost/owncloud/apps/files/

Due to the way our CSS and JS is structured the .htaccess uses some hacks for the final result but could be worse... And I was just annoyed by all that users crying for the removal of `index.php` ;-)
2015-12-01 16:46:07 +01:00
Joas Schilling
08d07cc4db Fix the unit test by running tearDown() and cleaning tags before the test 2015-12-01 15:00:44 +01:00
Joas Schilling
1d0c041ac8 Add a method to get the list of tags from the TagNotFound Exception 2015-12-01 14:54:34 +01:00
Robin Appelman
0d63e95a5d Add metadata to post delete hooks 2015-12-01 13:22:58 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Thomas Müller
08248f66ba Merge pull request #20650 from owncloud/systemtags-core
Implement systemtag managers and mapper
2015-11-30 15:38:43 +01:00
Joas Schilling
b8b0ae0944 Fix phpstorm complains in tests 2015-11-30 13:36:22 +01:00
Thomas Müller
b94aadc440 Cleanup imports and type hinting 2015-11-30 12:45:30 +01:00
Lukas Reschke
f4eb15d340 Show error template
Otherwise this leads to an endless redirection in case of a CSRF exception. Also sets user expectation right.
2015-11-30 11:25:52 +01:00
Thomas Müller
dddfa6de78 Don't break app on travis 2015-11-30 10:55:13 +01:00
Thomas Müller
318e5e2864 More group DB 2015-11-30 10:55:13 +01:00
Thomas Müller
f9fc254672 Add DB group to some files_external tests
Adding group Db to federation tests and ldap tests

Add group DB to Test_UrlGenerator

Adding group DB to trashbin and versions tests

Adding group DB to Test_Util_CheckServer for pg
2015-11-30 10:55:10 +01:00
Thomas Müller
757aa45db7 Adding more DB groups to test suits
Adding more DB groups to test suits
2015-11-30 10:55:06 +01:00
Thomas Müller
56170dd825 Further unit test suite tweats 2015-11-30 10:55:05 +01:00
Thomas Müller
1480964768 Adding more test suites to group DB 2015-11-30 10:55:05 +01:00
Thomas Müller
7e71d8231e Mock DIContainer to not hit the database 2015-11-30 10:55:05 +01:00
Thomas Müller
3bb6dcea64 Apply DB group annotation ... 2015-11-30 10:55:05 +01:00
Thomas Müller
03ee3b9aec A TestCase which is not annotated to be in group DB will not allow access to the database connection.
This is necessary to categorize unit test and avoid duplicate test case execution - it also allows us to closely review unit test implementations to identify unnecessary db calls.
2015-11-30 10:55:05 +01:00
Joas Schilling
24d5ce9a58 Add phpunit group for tests 2015-11-30 10:25:53 +01:00
Thomas Müller
9c1dbaf0ad Merge pull request #20788 from owncloud/catch-missing-route
Dont die when we're missing a route
2015-11-30 10:11:12 +01:00
Robin Appelman
4c4331982c Merge pull request #20789 from owncloud/scanner-skip-not-available
Skip unavailable storages in scanner
2015-11-27 22:57:47 +01:00
Vincent Petry
b666367a79 Added system tags data structure and PHP side managers
Added SystemTagManager and SystemTagObjectMapper
2015-11-27 17:54:29 +01:00
Robin Appelman
aa822f76e2 fix tests 2015-11-27 17:05:58 +01:00
Robin Appelman
ae71f80f4a Skip unavailable storages in scanner 2015-11-27 14:02:50 +01:00
Mitar
e0e51fd79f Added tests. 2015-11-27 02:45:49 -08:00
Thomas Müller
8fe878afe9 Merge pull request #20602 from owncloud/fix-installed-apps
Always installed apps includes the hardcoded ones from shipped.json
2015-11-26 16:50:05 +01:00
Thomas Müller
80c43ffc6c Merge pull request #20702 from owncloud/move-user-principal-into-subfolder
Users are available under it's own principal resource named 'principa…
2015-11-26 16:49:49 +01:00
Thomas Müller
19d5059109 Merge pull request #20393 from owncloud/querybuilder-select-with-alias
Add a method to select a field or value with alias
2015-11-26 16:19:20 +01:00
Thomas Müller
3882cc8ef3 Merge pull request #20744 from owncloud/oc_helper-getMimeType-cleanup
Remove last occurences of OC_Helper::getMimeType()
2015-11-26 12:37:25 +01:00
Thomas Müller
5a33390a69 Merge pull request #20731 from owncloud/per-storage-updater
Make Cache\Updater per storage
2015-11-26 12:01:44 +01:00
Morris Jobke
4fcab98694 Remove unused internal methods
* removes OC_Helper::mb_substr_replace and OC_Helper::mb_str_replace
* keeps public interface wrapper working as expected
2015-11-26 10:25:43 +01:00
Morris Jobke
9318606faf Remove last occurences of OC_Helper::getMimeType()
* ref #4774
2015-11-26 10:18:32 +01:00
Thomas Müller
b799e42b4e Introduce \OCP\IUser::getEMailAddress() 2015-11-25 22:23:34 +01:00
Thomas Müller
9ec2f8886e Merge pull request #20691 from owncloud/share2.0_di_fixes
[Sharing 2.0] di fixes
2015-11-25 15:25:50 +01:00
Robin Appelman
b025f07fb7 Make Cache\Updater per storage 2015-11-25 14:16:00 +01:00
Thomas Müller
50f6817ce9 Merge pull request #20439 from owncloud/etag-propagate-in-storage
Take submount etag into account for folder etags
2015-11-25 12:49:54 +01:00
Roeland Jago Douma
a2b8483779 [Sharing 2.0] Default share provider only generic DI
No injection of userfolders etc. Only generic DI components
(IRootFolder) etc should be used to make sure we can also run this from
the cli
2015-11-24 10:26:36 +01:00
Roeland Jago Douma
aeae73b364 [Sharing 2.0] Removed unused DI stuff
The share manager etc should not care about filtering stuff. They should
return what is asked for them.
2015-11-24 10:26:36 +01:00
Joas Schilling
018bd3ee24 Make sure that object id can be a string 2015-11-23 14:18:15 +01:00
Thomas Müller
df906f475b Merge pull request #20617 from owncloud/fix-usage-of-lastInsertId
lastInsertId() is properly working with Oracle if the table name is p…
2015-11-23 13:29:08 +01:00
Thomas Müller
240cc1c4ea Merge pull request #20543 from owncloud/share2.0_fix_hooks
Move hook and delete children logic to share manager
2015-11-23 13:28:49 +01:00
Joas Schilling
1c7d7288c4 Add a method to select a field or value with alias 2015-11-23 13:28:31 +01:00
Morris Jobke
bc69cb2de3 fix unit tests 2015-11-23 13:13:26 +01:00
Roeland Jago Douma
1360e22d7c [Sharing 2.0] Move hook and delete children logic to share manager
To make sure hooks are always fired and child entries are always
cleaned. This logic is moved to the share manager.

* Updated unit tests
2015-11-23 12:28:54 +01:00
Thomas Müller
9f69021691 lastInsertId() is properly working with Oracle if the table name is properly passed in 2015-11-23 11:44:08 +01:00
Joas Schilling
a370c29068 Use a DateTime object instead of a timestamp 2015-11-23 11:41:48 +01:00
Morris Jobke
32ab973254 add unit tests for OC_Util::add* methods 2015-11-23 11:03:09 +01:00
Thomas Müller
358858c9e3 Fix undefined HTTP_USER_AGENT 2015-11-22 16:05:50 +01:00
Thomas Müller
427d107b9f Merge pull request #20614 from owncloud/use-mocks-when-testing-isSharingDisabledForUser
Use mocks when testing isSharingDisabledForUser
2015-11-20 15:22:52 +01:00
Thomas Müller
c565a7b042 Fix failing unit test 💀 2015-11-19 16:44:43 +01:00
Thomas Müller
9ec2850c78 Use mocks when testing isSharingDisabledForUser 2015-11-19 15:36:16 +01:00
Robin Appelman
a95d4c2b22 update tests 2015-11-19 13:32:04 +01:00
Robin Appelman
888df3933d take the etag of child mounts into account for the folder etag
this replaces shared etag propagation
2015-11-19 13:32:00 +01:00
Joas Schilling
0b8335ff2f Make the JobList test more robust by sorting the result of getAll before comparison 2015-11-19 09:25:34 +01:00
Thomas Müller
8db9c49cda Merge pull request #20551 from owncloud/notification-fix-tests
Notification - Add tests for the "return $this" and fix it on the new method
2015-11-18 09:12:27 +01:00
Thomas Müller
74ce6d29e1 Merge pull request #20544 from owncloud/move-index-to-appframework
Move index.php from files to AppFramework
2015-11-17 12:49:38 +01:00
Joas Schilling
2fde6a77d7 Add tests for the "return $this" and fix it on the new method 2015-11-17 09:26:13 +01:00
Thomas Müller
705d208a8a Merge pull request #20539 from owncloud/notification-api-adjustment
Notification api update
2015-11-17 08:39:06 +01:00
Lukas Reschke
daa388ce8d Move index.php from files to AppFramework
1. Allows it to use the more secure CSP rules of the AppFramework.
2. Adds some unit tests.
2015-11-16 21:10:11 +01:00
Joas Schilling
40d5d55124 Remove the icon for now 2015-11-16 16:17:23 +01:00
Joas Schilling
1666af89c2 Add "is primary action" to actions 2015-11-16 16:14:52 +01:00
Roeland Jago Douma
1e9fc33212 [Share2.0] OCS Share API getShare uses new code 2015-11-16 13:32:28 +01:00
Christian Schnidrig
d0464bf772 enable microseconds in log timestamps 2015-11-12 10:33:20 +01:00
Robin Appelman
20cad09f7f Add tests for FileInfo owner 2015-11-10 11:06:48 +01:00
Robin Appelman
960c8cb5bc Merge pull request #16604 from owncloud/cache-escape-like
escape like parameter in cache operations
2015-11-10 09:45:00 +01:00
Roeland Jago Douma
87e3402ef5 Fix autoloader unit test output
Removed leftover print statement
2015-11-09 15:54:40 +01:00
Roeland Jago Douma
0bb5eadf89 [autoloader] Make sure to load construct full paths
This reduces a lot of the autoloader magic and makes sure that we
generate full paths in the autoloader.
2015-11-06 13:36:19 +01:00
Thomas Müller
cc4f4f222d Merge pull request #20348 from owncloud/issue-20303-integer-group-names
Make sure that group names are strings not integers
2015-11-06 11:48:40 +01:00
Thomas Müller
8047597a81 Merge pull request #20288 from owncloud/fix_20234
make sure that we update the unencrypted size for the versions
2015-11-06 11:17:17 +01:00
Joas Schilling
292dc553c3 Make sure that group names are strings not integers 2015-11-06 10:40:09 +01:00
Robin Appelman
556fabf15d Add test for special character during move 2015-11-05 16:29:38 +01:00
Roeland Jago Douma
532b8a1ad0 Fix oracle 2015-11-05 15:59:09 +01:00
Roeland Jago Douma
0be05fdddd Add unshare hooks 2015-11-05 15:59:09 +01:00
Roeland Jago Douma
6624fa212a The new sharing code now handles deletion
OCS -> ShareManager -> DefaultShareProvider
2015-11-05 15:59:09 +01:00
Arthur Schiwon
51ead4e59b subadmin methods should not return any null user or group 2015-11-05 11:50:57 +01:00
Björn Schießle
6d0a324144 make sure that we update the unencrypted size for the versions 2015-11-04 10:59:05 +01:00
Thomas Müller
73d9699be9 Merge pull request #20135 from owncloud/check-if-null-subadmin
Drop OC_SubAdmin and replace usages
2015-10-29 17:07:45 +01:00
Thomas Müller
530f7229e7 Merge pull request #19869 from owncloud/cache-adjustcurrentmtimeonrename
On rename, also refresh storage_mtime of the target file
2015-10-29 11:57:00 +01:00