Commit graph

2132 commits

Author SHA1 Message Date
jknockaert
18a1225b0c enable testRewind 2015-04-24 16:44:00 +02:00
jknockaert
27ea23ea6b Update encryption.php 2015-04-24 16:44:00 +02:00
jknockaert
d6841aa706 disable r+ test 2015-04-24 16:44:00 +02:00
jknockaert
7a34f75da6 add two tests
testRewind tests reading and writing after rewind on an encrypted stream; testWriteWriteRead tests r+ mode
2015-04-24 16:44:00 +02:00
Joas Schilling
4334e77035 Merge pull request #15839 from owncloud/enc_fix_moving_shared_files
[encryption] fix moving files to a shared folder
2015-04-24 15:07:36 +02:00
Joas Schilling
411f7893bf Add test "operation on keys failed" 2015-04-24 14:27:23 +02:00
Joas Schilling
781cfff221 Deduplicate data provider and fix method visibility 2015-04-24 13:12:45 +02:00
Bjoern Schiessle
24128d1384 only update share keys if the file was encrypted 2015-04-24 10:19:09 +02:00
blizzz
61c6d64125 Merge pull request #15826 from owncloud/issue-15804-occ-user-delete-exception
Issue 15804 occ user delete exception
2015-04-23 22:58:24 +02:00
Bjoern Schiessle
2646bccb83 update share keys if file gets copied 2015-04-23 17:18:48 +02:00
Bjoern Schiessle
2990b0e07e update share keys if a file is moved to a shared folder 2015-04-23 17:18:48 +02:00
Lukas Reschke
ab9ea97d3a Catch not existing User-Agent header
In case of an not sent UA header consider the client as valid
2015-04-23 16:33:51 +02:00
Lukas Reschke
155ae44bc6 Fix collision on temporary files + adjust permissions
This changeset hardens the temporary file and directory creation to address multiple problems that may lead to exposure of files to other users, data loss or other unexpected behaviour that is impossible to debug.

**[CWE-668: Exposure of Resource to Wrong Sphere](https://cwe.mitre.org/data/definitions/668.html)**
The temporary file and folder handling as implemented in ownCloud is performed using a MD5 hash over `time()` concatenated with `rand()`. This is insufficiently and leads to the following security problems:
The generated filename could already be used by another user. It is not verified whether the file is already used and thus temporary files might be used for another user as well resulting in all possible stuff such as "user has file of other user".

Effectively this leaves us with:

1. A timestamp based on seconds (no entropy at all)
2. `rand()` which returns usually a number between 0 and 2,147,483,647

Considering the birthday paradox and that we use this method quite often (especially when handling external storage) this is quite error prone and needs to get addressed.

This behaviour has been fixed by using `tempnam` instead for single temporary files. For creating temporary directories an additional postfix will be appended, the solution is for directories still not absolutely bulletproof but the best I can think about at the moment. Improvement suggestions are welcome.

**[CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html)**

Files were created using `touch()` which defaults to a permission of 0644. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0600.

**[CWE-379: Creation of Temporary File in Directory with Incorrect Permissions](https://cwe.mitre.org/data/definitions/379.html)**

Files were created using `mkdir()` which defaults to a permission of 0777. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0700.Please enter the commit message for your changes.
2015-04-23 15:07:54 +02:00
Vincent Petry
b88d0ba0ac Delete temp files after testing encryption stream wrapper 2015-04-23 13:42:18 +02:00
Joas Schilling
cb641b4c29 Fix file names 2015-04-23 12:53:01 +02:00
Joas Schilling
cfa23e60d3 Add tests for occ user:lastseen 2015-04-23 12:41:06 +02:00
Joas Schilling
bb5b6e5f63 Add unit tests for occ user:delete 2015-04-23 12:33:12 +02:00
Björn Schießle
570718fb6b Merge pull request #15757 from owncloud/enc-fixfeofforlastblock
Fix encryption feof to not return too early
2015-04-22 11:32:21 +02:00
Bjoern Schiessle
19e8c4fcb1 get dirname from sharePath 2015-04-21 14:58:01 +02:00
Vincent Petry
76dad297ff Fix encryption feof to not return too early
This is because stream_read will pre-cache the next block which causes
feof($this->source) to return true prematurely. So we cannot rely on it.

Fixed encryption stream wrapper unit tests to actually simulate 6k/8k
blocks to make sure we cover the matching logic.

Added two data files with 8192 and 8193 bytes.
2015-04-20 18:32:40 +02:00
Lukas Reschke
fe2cbc3795 Merge pull request #15744 from owncloud/fix-inverted-path-in-resourcenotfound
Fix wrong path generation
2015-04-20 16:55:36 +02:00
Lukas Reschke
9bc48451b9 Adjust tests and statuscode 2015-04-20 13:00:02 +02:00
Lukas Reschke
21f0476d31 Fix files 2015-04-20 13:00:02 +02:00
Lukas Reschke
20a6073a9f Migrate personal certificate handling into AppFramework controllers
Also added unit-tests and better error-handling
2015-04-20 12:58:58 +02:00
Lukas Reschke
9f61cf60d4 Verify if returned object is an array
The error has to be thrown at this point as otherwise errors and notices are thrown since the time cannot be parsed in L60 and L61
2015-04-20 12:58:57 +02:00
Lukas Reschke
ed0b465cf9 Use 403 instead a 50x response 2015-04-20 12:53:40 +02:00
Joas Schilling
ddcd79132d Add tests for correct path 2015-04-20 12:31:35 +02:00
Joas Schilling
0cf13e9b78 Fix phpStorm complains and namespace 2015-04-20 12:31:07 +02:00
Lukas Reschke
4ea205e262 Block old legacy clients
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.

This has multiple reasons:

1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy

In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Georg Ehrke
8f51efc49e get rid of OC_Geo 2015-04-19 20:16:56 +02:00
Morris Jobke
758b2332f0 Use data provider instead of hand-crafted for loops
* reduces scrutinizer complains
* uses PHPUnit functionality
2015-04-18 15:19:33 +02:00
Bjoern Schiessle
7d4b1b52d0 always create a new instance of the encryption module 2015-04-17 10:31:33 +02:00
Bjoern Schiessle
b25c06f576 detect system wide mount points correctly 2015-04-16 14:15:04 +02:00
Bjoern Schiessle
e3d77c4b01 add migration script from old encryption to new one 2015-04-16 14:15:04 +02:00
Vincent Petry
903d52d45f Merge pull request #15809 from owncloud/view-null-root
dont allow using null as view root
2015-04-22 18:10:26 +02:00
Robin Appelman
e302213248 add unit tests for null handling in view 2015-04-22 16:24:25 +02:00
Thomas Müller
225cde2183 pass KeyStorage via ctor 2015-04-22 13:09:42 +02:00
Thomas Müller
987bc138df calling renameKeys() on directory level as well - fixes #15778 2015-04-22 12:12:27 +02:00
Thomas Müller
fc4127dd62 add $encryptionModuleId to methods of Keys/IStorage 2015-04-22 11:53:05 +02:00
Morris Jobke
e33e5b425a Merge pull request #12006 from owncloud/dav-put-storage
Work directly on the storage when uploading over webdav
2015-04-15 03:08:52 +02:00
Thomas Müller
1aa368effe Merge pull request #15592 from owncloud/fix-15590-master
Avoid php message "Invalid argument supplied for foreach()"
2015-04-15 00:14:08 +02:00
Björn Schießle
4f0437fbde Merge pull request #15598 from owncloud/fix-enc-file-size-master
Fix file size of encrypted files
2015-04-14 16:48:04 +02:00
Morris Jobke
717723b83e Remove unneeded comments 2015-04-14 16:44:24 +02:00
Robin Appelman
308af8b909 pass a stream to the tests 2015-04-14 15:25:52 +02:00
Morris Jobke
82cab25762 Merge pull request #13360 from owncloud/cross-storage-move
Proper copy/move between multiple local storages
2015-04-14 14:35:08 +02:00
Thomas Müller
cbe30f740e remove calculateUnencryptedSize() - not needed 2015-04-14 13:08:59 +02:00
Thomas Müller
88cc52c408 Avoid php message "Invalid argument supplied for foreach()" - refs #15590 2015-04-14 11:00:20 +02:00
Morris Jobke
5f66f867b6 Merge pull request #15581 from owncloud/deduplicate-oc-repair-namespace
Fix namespace duplication and other issues in repairlegacystorages
2015-04-13 21:51:38 +02:00
Robin Appelman
01da6be4d6 upda tests 2015-04-13 17:10:02 +02:00
Robin Appelman
d7b3a1a35a preserve cache data when doing a cross storage move 2015-04-13 17:10:01 +02:00
Joas Schilling
71de1d58cd Fix namespace duplication and other issues in repairlegacystorages 2015-04-13 16:34:10 +02:00
Robin Appelman
0772e3b4c1 Properly handle copy/move failures in cross storage copy/move 2015-04-13 15:13:03 +02:00
Robin Appelman
31e94708f8 Improve cross storage copy between local storages 2015-04-13 15:13:02 +02:00
Vincent Petry
2822d0579e Properly add trailing slash to mount point
Fixes resolving mount points when shared mount point's target name has
the same prefix as the source name
2015-04-13 12:36:47 +02:00
Thomas Müller
906b6b7337 Prevent php message: "Trying to get property of non-object at /xxx/lib/private/ocsclient.php#282" 2015-04-13 09:43:45 +02:00
Lukas Reschke
84041a4fa2 Merge pull request #15541 from owncloud/add-reply-to-support
Add "Reply-To" support for sharing mails as well as refactor code and add unit-tests
2015-04-12 22:30:35 +02:00
Lukas Reschke
e3ad99d252 Add "Reply-To" support to sharing mails and refactor code 2015-04-10 17:30:07 +02:00
Jörn Friedrich Dreyer
fafecd1c05 fix cherrypicking 2015-04-10 11:08:24 +02:00
Jörn Friedrich Dreyer
a85bc5538f fix filesystem and encryption tests
Conflicts:
	apps/files_encryption/lib/util.php
	apps/files_encryption/tests/hooks.php
2015-04-10 09:12:37 +02:00
Thomas Müller
5abbf6d5b0 Merge pull request #13920 from owncloud/sharing_no_user_entry_for_group_shares
only create a db entry for the user in case of a name conflict on group share
2015-04-09 23:37:02 +02:00
Lukas Reschke
0bad8f644a Merge pull request #15511 from owncloud/fix-typos
Fix typos and some other adjustments
2015-04-09 19:23:27 +02:00
Thomas Müller
06a5a9d0c2 Fix mock object to return proper type 2015-04-09 18:30:45 +02:00
Thomas Müller
11c3741526 Fix mock object to return proper type 2015-04-09 17:45:57 +02:00
Robin Appelman
cbcee34eb0 update tests 2015-04-09 14:46:25 +02:00
Thomas Müller
1d9bd3d31e Merge pull request #15496 from owncloud/enc-check-if-key-exists-before-deleting
Check if the key exists, before trying to delete it
2015-04-09 14:45:40 +02:00
Bjoern Schiessle
332ea77865 only create a db entry for the user in case of a name conflict on group share 2015-04-09 11:16:08 +02:00
Joas Schilling
45575d0135 Check if the key exists, before trying to delete it 2015-04-09 10:28:02 +02:00
Lukas Reschke
ba52f6f8fc Merge pull request #15314 from owncloud/app-categories-15274
Add different trust levels to AppStore interface
2015-04-09 10:07:32 +02:00
Morris Jobke
9c76d068c3 Merge pull request #15196 from owncloud/limit-file-activities-to-favorites
Limit file activities to favorites
2015-04-09 00:18:31 +02:00
Morris Jobke
103d451459 Merge pull request #14987 from rullzer/ocs_password_fix2
OCS Fixes to allow setting of password without removing additional settings
2015-04-08 14:44:17 +02:00
Vincent Petry
f8cfc03f36 Replace originalStorage in tests with a proper teardown
The purpose of $originalStorage in unit tests was to remount the old
root.
However that storage itself is already wrapped by storage wrapper, so
remounting it would rewrap the storage several times.

This fix makes use of "loginAsUser()" and "logout()" from the TestCase
class to properly initialize and cleanup the FS as expected.
2015-04-08 12:45:38 +02:00
Morris Jobke
6c327f8331 Merge pull request #14879 from oparoz/fix-preview-caching
Introducing the maximum size preview
2015-04-07 18:16:24 +02:00
Thomas Müller
1fbf5d86df Merge pull request #14472 from owncloud/feature/wipencryptionapp
encryption 2.0 app
2015-04-07 16:46:45 +02:00
Olivier Paroz
74bf9806b0 Introducing the maximum size preview
The first time we're asked to generate a preview we'll generate one of the maximum dimension indicated in the configuration and all future resizing requests will be done on that preview in order to not waste time converting the same file over and over.

One of the fixes required for #12465
2015-04-07 16:45:59 +02:00
Thomas Müller
2d2cb09715 fixing unit test - expected value change due to different size being stored in cache table 2015-04-07 14:30:01 +02:00
Morris Jobke
6cc3fd9270 Merge pull request #15426 from owncloud/issue/15420-remove-hardcoded-docs-link
Remove hardcoded link to performance docs
2015-04-07 13:47:35 +02:00
Thomas Müller
54a3bdf1c5 fixing unit test execution related to trashbin 2015-04-07 13:30:31 +02:00
Thomas Müller
268d346b36 fixing unit tests 2015-04-07 13:30:31 +02:00
Thomas Müller
fce42a3161 fixing unit test execution - test dummy module was behaving wrong 2015-04-07 13:30:31 +02:00
Thomas Müller
870c53ee37 fixing unit test execution 2015-04-07 13:30:31 +02:00
Bjoern Schiessle
3d7404fe68 add unit tests to the keystorage 2015-04-07 13:30:31 +02:00
Bjoern Schiessle
fe74a0cb4f implement webdav copy 2015-04-07 13:30:31 +02:00
Thomas Müller
3e3226da4c Properly set size and unencrypted size in the stream unit tests 2015-04-07 13:30:31 +02:00
Thomas Müller
b3c5ef3afe Adding unit test for read and write of big file 2015-04-07 13:30:31 +02:00
Thomas Müller
104d11ec4c Fixing encryption storage wrapper tests 2015-04-07 13:30:30 +02:00
Thomas Müller
e8e5bd61ae fixing unit tests for encryption stream wrapper seek 2015-04-07 13:30:30 +02:00
Thomas Müller
8ffa6db110 fixing unit tests for stream wrapper 2015-04-07 13:30:30 +02:00
Thomas Müller
e0ab2c34ea update unit tests after ctor signature change of \OC\Encryption\Util 2015-04-07 13:30:28 +02:00
Thomas Müller
1b42b492dc kill OC_FileProxy 💥 2015-04-07 13:30:28 +02:00
Thomas Müller
dbdd754c3f Further cleanup of files_encryption 2015-04-07 13:30:28 +02:00
Thomas Müller
00338f9dca Removing files_encryption left overs 2015-04-07 13:30:28 +02:00
Bjoern Schiessle
0eee3a2618 remove unencrypted_size from the cache, size will contain the unencrypted size 2015-04-07 13:30:28 +02:00
Thomas Müller
498625ea3a adding unit tests for stream wrapper 2015-04-07 13:30:28 +02:00
Thomas Müller
a905f641b3 various fixes & start to unit test the encryption storage wrapper 2015-04-07 13:30:28 +02:00
Thomas Müller
4aa125cc0a fix unit test execution 2015-04-07 13:30:28 +02:00
Thomas Müller
8dde932546 Comment duplicate test methods 2015-04-07 13:30:27 +02:00
Thomas Müller
7ffd77fac9 enable encryption unit test execution 2015-04-07 13:30:27 +02:00
Bjoern Schiessle
e2f714263f fix encryption manager to handle more than one encryption module 2015-04-07 13:30:27 +02:00
Clark Tomlinson
39733c8da1 Initial commit 2015-04-07 13:30:27 +02:00
Joas Schilling
81ec1c8a1a Remove hardcoded link to performance docs 2015-04-07 12:25:30 +02:00
Joas Schilling
0fcd273714 Select the timezone on the right timestamp and assert it 2015-04-07 10:13:51 +02:00
Lukas Reschke
25531bad88 Make user names clickable 2015-04-03 13:36:03 +02:00
Lukas Reschke
0816cf9142 Add experimental applications switch
Allows administrators to disable or enabled experimental applications as well as show the trust level.
2015-04-03 13:21:24 +02:00
Olivier Paroz
70ec74e88b Introducing media types for yml, yaml, cnf, conf 2015-04-02 21:37:57 +02:00
Joas Schilling
aa6573cf54 Adjust tests and check whether clear() is called 2015-04-01 17:19:44 +02:00
Joas Schilling
730efe25a4 Make scrutinizer happy 2015-04-01 12:13:49 +02:00
Vincent Petry
5c9998179f Properly quote file names in listFiles query for GDrive 2015-03-31 15:14:03 +02:00
Lukas Reschke
53f67fc65d Revert "Properly quote file names in listFiles query for GDrive" 2015-03-31 15:12:35 +02:00
Frank Karlitschek
b216b3fad0 Merge pull request #15215 from owncloud/ext-gdrivelistfilequoting
Properly quote file names in listFiles query for GDrive
2015-03-31 09:08:59 -04:00
Roeland Jago Douma
3b1f0e6019 Fix unit test 2015-03-30 21:18:24 +02:00
Morris Jobke
bf17ac929d Merge pull request #15169 from rullzer/fix_displayNamesInGroup
Groupmanagers displayNamesInGroup should actually search in displaynames
2015-03-30 17:04:09 +02:00
Joas Schilling
dd535968e8 Add tests from getCurrentUserId() method and fix the constructor 2015-03-30 15:23:10 +02:00
Roeland Jago Douma
b0aa17b13f OCS Fixes to allow setting of password without removing additional settings
- Added setPassword to share.php
- Fixed OCS API call
- Added unit tests
2015-03-30 14:00:50 +02:00
Lukas Reschke
65202d2a18 Add check for activated local memcache
Also used the opportunity to refactor it into an AppFramework controller so that we can unit test it.

Fixes https://github.com/owncloud/core/issues/14956
2015-03-28 13:59:22 +01:00
Robin McCorkell
1511a42da7 Check for relative datadirectory path 2015-03-27 23:29:46 +00:00
Morris Jobke
f4dc9e6bf3 Merge pull request #15155 from owncloud/share-donotreturntrashedfiles
Do not return shares for files outside "files"
2015-03-27 17:05:14 +01:00
Thomas Müller
4d12c4a38b Merge pull request #13938 from owncloud/deprecate-iappconfig
Deprecated \OCP\IAppConfig - add missing methods to IConfig
2015-03-27 16:07:41 +01:00
Vincent Petry
23cb8112fc Add logout in share test to avoid nasty side effects 2015-03-27 15:54:29 +01:00
Thomas Müller
722e50a112 Merge pull request #15240 from owncloud/storage-wrapper-priority
add priority to storage wrappers
2015-03-27 15:18:44 +01:00
Thomas Müller
5db932d1e4 Merge pull request #15261 from owncloud/fix-14268-master
use StreamResponse to download the log file
2015-03-27 15:07:50 +01:00
Thomas Müller
98bc1ad70a Merge pull request #15265 from owncloud/enc2_fixes
core improvements for Encryption 2.0
2015-03-27 14:58:33 +01:00
Vincent Petry
80f83ab5e0 Do not return shares for files outside "files" 2015-03-27 13:25:23 +01:00
Vincent Petry
7ad4dfa201 Merge pull request #15227 from owncloud/ocetag-header
Copy Etag header to OC-Etag for sabre calls
2015-03-27 13:10:27 +01:00
Bjoern Schiessle
c6be1ba8d3 fix check if a file is excluded from encryption or not 2015-03-27 11:51:50 +01:00
Thomas Müller
b5545932e7 use StreamResponse to download the log file - fixes #14268 2015-03-27 11:30:32 +01:00
Thomas Müller
fb8994603b Merge pull request #15252 from owncloud/prevent-directory-characters-in-temporary-path
Filter potential dangerous characters in path name
2015-03-27 01:19:55 +01:00
Morris Jobke
f72939df91 Merge pull request #15255 from owncloud/test-namespacesforrepairtests
Fix namespace for repair step tests
2015-03-27 00:16:47 +01:00
Vincent Petry
cf2fd2a825 Fix namespace for repair step tests 2015-03-26 23:19:27 +01:00
Lukas Reschke
9622fbdf29 Filter potential dangerous characters in path name
We should not allow / or \ in the postfix here.
2015-03-26 23:17:18 +01:00
Vincent Petry
746be98e03 Merge pull request #13654 from oparoz/tmpfile-with-extension
Keep the extension in temp files
2015-03-26 23:08:08 +01:00
Morris Jobke
e8109f0bc3 Merge pull request #13802 from owncloud/share-partfilepermissions
Fix share permission checks
2015-03-26 22:01:05 +01:00
Robin Appelman
cb9ead7dde add priority to storage wrappers 2015-03-26 21:26:38 +01:00
Thomas Müller
232518ac54 Merge pull request #15234 from owncloud/encryption2_core
core part of encryption 2.0
2015-03-26 21:14:59 +01:00
Bjoern Schiessle
ff9c85ce60 implement basic encryption functionallity in core to enable multiple encryption modules 2015-03-26 20:56:51 +01:00
Lukas Reschke
74a9fc29b4 Merge pull request #14399 from owncloud/ignore-empty-plurals
Ignore empty plurals just like with singulars
2015-03-26 20:15:33 +01:00
Lukas Reschke
c8c722bc6d Merge pull request #15129 from owncloud/version-command-bus
expire versions in a background command
2015-03-26 19:55:13 +01:00
Morris Jobke
70e64822b9 Merge pull request #14665 from owncloud/fileid-increment
SQLite autoincrement test
2015-03-26 19:36:18 +01:00
Robin Appelman
ddd6a67d2a Handle exceptions thrown during hooks when running unit tests 2015-03-26 17:07:02 +01:00
Robin Appelman
3ed6ed3c36 Force test cases using background commands to handle setting up the filesystem 2015-03-26 17:07:02 +01:00
Vincent Petry
70acd58336 Copy Etag header to OC-Etag for sabre calls 2015-03-26 16:06:43 +01:00
Vincent Petry
daceb1a9ac Revert "adding unit tests"
This reverts commit 8d327c94a8.
2015-03-26 15:04:36 +01:00
Vincent Petry
cda7f7fd61 Merge pull request #15168 from owncloud/oc-etag-master
adding OC-ETag header
2015-03-26 13:52:43 +01:00
Vincent Petry
43588fe2f7 Properly quote file names in listFiles query for GDrive 2015-03-26 12:15:02 +01:00
Vincent Petry
f056558b72 Add repair step to fix SQLite autoincrement
Force Doctrine to generate alter table SQL statements for SQLite to make
sure the code from OCSqlitePlatform is triggered.
2015-03-26 11:00:22 +01:00
Thomas Müller
8d327c94a8 adding unit tests 2015-03-26 10:49:26 +01:00
Vincent Petry
ec2d7cff2f SQLite autoincrement test 2015-03-25 18:33:21 +01:00
Lukas Reschke
5f044ebf1b Add wrapper for Guzzle 2015-03-25 16:04:41 +01:00
Roeland Jago Douma
b1c513f000 Fix unit tests
Altough more are required to make sure this does not happen again
2015-03-24 21:42:40 +01:00
Lukas Reschke
5a9c9b86f8 Merge pull request #15153 from owncloud/uniquename-node
Add `getNonExistingName()` to the node api
2015-03-24 15:51:12 +01:00
Robin Appelman
d11f01fa0f Add getNonExistingName() to the node api 2015-03-24 15:00:36 +01:00
Morris Jobke
92791bb8ba Merge pull request #15126 from owncloud/sabre-storagenotavailable
Soft fail in CustomPropertiesBackend whenever storage not available
2015-03-24 14:01:47 +01:00
Vincent Petry
eb894e6625 Soft fail in CustomPropertiesBackend whenever storage not available
When a storage is not available, it will not fail the whole call any
more but still return a usable file list.
2015-03-23 17:41:32 +01:00
Joas Schilling
1686653fdd The iran timezone removed the DST handling which breaks the timezone lib 2015-03-23 14:08:47 +01:00
Olivier Paroz
f3fe46685b Introducing 3D images support (media type)
So that people with 3D images can at least see a 2D picture
Full 3D support is possible via an app
2015-03-20 22:11:42 +01:00
Thomas Müller
afa8872955 Merge pull request #14857 from owncloud/preview-provider-registration-in-manager
Preview provider registration in manager
2015-03-20 16:34:22 +01:00
Vincent Petry
e44ab2dcfe Merge pull request #11884 from owncloud/ext-appframework
Cleanup ext storage CRUD code, introduce storage config id
2015-03-20 14:17:32 +01:00
Thomas Müller
a87cc90d1e Merge pull request #14993 from owncloud/stop-on-missing-deps
Stop executing, when 3rdparty is missing or apps directory is invalid
2015-03-20 11:36:02 +01:00
Vincent Petry
eef5851a67 Fix share permission related unit tests 2015-03-20 11:30:51 +01:00
Morris Jobke
1de6fa19de Merge pull request #15035 from owncloud/assocmapper
If the execute method on the mapper receives an assoc array, it binds by...
2015-03-20 08:53:14 +01:00
Morris Jobke
2a8c3798a8 Merge pull request #14947 from oparoz/repairmimetypes-sql
Make repairmimetypes compatible with case sensitive SQL backends
2015-03-19 17:22:25 +01:00
Bernhard Posselt
df24a014b8 If the execute method on the mapper receives an assoc array, it binds by value instead of index 2015-03-19 17:08:46 +01:00
Thomas Müller
857b22c61b Merge pull request #15025 from rullzer/ocs_respect_enforced_date
Ocs respect enforced date
2015-03-19 17:06:04 +01:00
Robin Appelman
73874ca27f Merge pull request #14704 from owncloud/storage-wrapper-mount
pass mountpoint to storage wrapper callback
2015-03-19 16:20:38 +01:00
Olivier Paroz
f890c3ffb1 Make the method compatible with all types of extensions
Fix existing tests
2015-03-19 16:09:16 +01:00
Thomas Müller
0868e49663 Merge pull request #14980 from owncloud/fix-fileglobalgc
Fix fileglobalgc unlink parameter warnings
2015-03-19 14:17:20 +01:00
Roeland Jago Douma
dd3307dd19 Added unit test
Tests added to make sure that removing an expire date when this is
enforced is not allowed.
2015-03-19 10:47:09 +01:00
Joas Schilling
4a13a84cab Do not add apps2/ directory if it does not exist 2015-03-19 09:07:29 +01:00
Vincent Petry
fe8002a7db Merge pull request #14995 from owncloud/remove-unrequired-backtick-removal
Remove unrequired backtick removal
2015-03-18 19:34:49 +01:00
Robin McCorkell
693ca9a92f Add unit tests for gc() for \OC\Cache\FileGlobalGC 2015-03-18 16:19:04 +00:00
Joas Schilling
f2f7f178a5 Add test for backticks in path and etag 2015-03-18 13:29:39 +01:00
Vincent Petry
50194c31b4 Soft fail in custom properties backend
This makes it possible for clients to still receive a file list (minus
the broken files) instead of getting no list at all
2015-03-18 12:36:37 +01:00
Thomas Müller
c69cd28a73 Merge pull request #14968 from owncloud/files-reallowsinglequote
Reallow single quote in file names
2015-03-17 23:50:16 +01:00
Vincent Petry
e50f13d46b Add positive test for path verification 2015-03-17 18:17:30 +01:00
Morris Jobke
fbea83d4eb fix failing unit test 2015-03-17 17:26:03 +01:00
Olivier Paroz
bd91546db8 Adding test cases where the extension is using capital letters 2015-03-17 13:25:39 +01:00
Lukas Reschke
9e2ebf2dce Cache \OC\URLGenerator::imagePath
\OC\URLGenerator::imagePath is a really expensive operation due to all the I/O handling and can really benefit from caching.
2015-03-17 12:35:47 +01:00
Thomas Müller
98a42dbccc Merge pull request #14927 from oparoz/raw-mimetypes
Introducing the Raw media types
2015-03-17 11:32:09 +01:00
Lukas Reschke
e4c6b0abf5 Merge pull request #14931 from owncloud/issue/14881-closures-for-navigation-entries
Issue/14881 closures for navigation entries
2015-03-17 11:28:27 +01:00
Lukas Reschke
b1c19f74a1 Merge pull request #12085 from owncloud/add-swift-mailer
Migrate OC_Mail to SwiftMailer
2015-03-17 11:15:39 +01:00
Joas Schilling
ec1d5011b6 Add tests for the navigation manager (closure) behaviour 2015-03-16 16:46:17 +01:00
Olivier Paroz
bef12488c3 Introducing the Raw mimetypes 2015-03-16 16:25:04 +01:00
Robin Appelman
7ab919256b fix test 2015-03-16 14:13:56 +01:00
Lukas Reschke
d7c7808a5e Add debug log message back 2015-03-16 13:01:17 +01:00
Lukas Reschke
e32f1582c7 Show more detailed error message 2015-03-16 12:47:06 +01:00
Lukas Reschke
dfd70337d6 Adjust unit test 2015-03-16 12:47:05 +01:00
Lukas Reschke
f92f3a1a6e Incorporate review changes 2015-03-16 12:47:05 +01:00
Lukas Reschke
283476a2f7 Use new IMailer and add unit-tests for lostcontroller 2015-03-16 12:47:05 +01:00
Lukas Reschke
13486a5ada Migrate to SwiftMail
Replaces the OC_Mail and phpmailer with SwiftMail allowing us to mock it properly.

Fixes the unit test execution on master on local machines and https://github.com/owncloud/core/issues/12014

Conflicts:
	3rdparty
	lib/private/server.php
	lib/public/iservercontainer.php
	tests/lib/mail.php
	tests/settings/controller/mailsettingscontrollertest.php

Conflicts:
	3rdparty
	lib/private/mail.php
	lib/private/server.php
	lib/public/iservercontainer.php
	settings/ajax/lostpassword.php
	settings/application.php
2015-03-16 12:47:05 +01:00
Joas Schilling
8ed27d2ce0 Create an interface for OC_Image and OCP\Image for the public API 2015-03-16 12:45:15 +01:00
Thomas Müller
1075914f8a Merge pull request #14883 from owncloud/imagepng_expects_resource_issue
validate resource's integrity before using it
2015-03-16 12:22:27 +01:00
Georg Ehrke
09b05373ed validate resource's integrity before using it 2015-03-16 10:57:01 +01:00
Morris Jobke
997a7a2668 Merge pull request #14766 from owncloud/fix-insertifnotexists-poc
Allow specifying the compare-array for insertIfNotExists()
2015-03-16 10:31:36 +01:00
Thomas Müller
bbaf97ca43 Merge pull request #14644 from owncloud/trash-expire-command
Expire files from the trash in the background
2015-03-16 10:04:05 +01:00
Thomas Müller
6927773648 Merge pull request #14776 from owncloud/fix-14629-master
verify the file name length not to exceed 255 characters + verify path d...
2015-03-16 09:58:41 +01:00
Thomas Müller
b159c7f274 Merge pull request #14848 from owncloud/kill-curl-fallback-master
drop any fallback code related to curl
2015-03-16 09:56:31 +01:00
Joas Schilling
30357aaac0 No user no avatar easy as that 2015-03-13 17:35:34 +01:00
Joas Schilling
61ec37431a Fix order of expected and actual on assertEquals() calls 2015-03-13 15:29:52 +01:00
Joas Schilling
8304f5f508 Fix getting the avatar of a non-existing user 2015-03-13 15:29:52 +01:00
Thomas Müller
5855108e9b drop any fallback code related to curl - refs https://github.com/owncloud/core/pull/14838#issuecomment-78586447 2015-03-12 21:43:41 +01:00
Vincent Petry
ce94a998dd Use storage id + appframework for ext storage CRUD
- Added StorageConfig class to replace ugly arrays
- Implemented StorageService and StorageController for Global and User
  storages
- Async status checking for storages (from Xenopathic)
- Auto-generate id for external storage configs (not the same as
  storage_id)
- Refactor JS classes for external storage settings, this mostly
  moves/encapsulated existing global event handlers into the
  MountConfigListView class.
- Added some JS unit tests for the external storage UI
2015-03-12 18:51:02 +01:00
Thomas Müller
80ef53eff0 verify the file name length not to exceed 255 characters + verify path during rename 2015-03-12 10:47:47 +01:00
Roeland Jago Douma
3560b32dfc Fix the avatarcontroller cache needing the cache dir
This was removed in 82254ad5ef and
unfortunatly missed by jenkins before mering into master.
2015-03-11 18:18:33 +01:00
Lukas Reschke
f9fd1629da Merge pull request #14705 from rullzer/avatarcontroller
Move AvatarController to AppFramework
2015-03-11 17:15:42 +01:00
Roeland Jago Douma
1a0f9c375b Avatar controller moved to AppFrameWork
* Original avatarcontroller migrated to the appframework
* Added DataDisplayResponse that show data inline in the browser (used
  to retrun the image)
* Removed some unneeded code
* Added unit tests for the avatarcontroller
2015-03-11 16:37:42 +01:00
Robin Appelman
169031d1c5 fix factory test 2015-03-11 15:07:59 +01:00
Robin Appelman
e1f2a6df94 Allow setting the watcher policy as mount option 2015-03-11 15:07:23 +01:00
Robin Appelman
7adda88786 Copy mount options to the storage 2015-03-11 15:06:48 +01:00
Robin Appelman
82a62fd249 Add test for storage factory 2015-03-11 15:06:12 +01:00
Morris Jobke
dbade19362 Merge pull request #13839 from owncloud/issue/13678-improve-remote-domain-detection-in-sharedropdown
Better finding the remote URL from user input in share dropdown
2015-03-11 14:38:41 +01:00
Morris Jobke
ad97ceb787 Merge pull request #13513 from owncloud/repair-legacystoragenofatalfail
Do not abort when meeting unfixable legacy storages
2015-03-11 13:32:33 +01:00
Lukas Reschke
8154ed4d2c Merge pull request #14791 from owncloud/fix-14516
Adding a more meaningful message for sabre dav exception
2015-03-11 12:52:18 +01:00
Thomas Müller
0f3e36fdfd Adding a more meaningful message for sabre dav exception - fixes #14516 2015-03-11 11:53:31 +01:00
Thomas Müller
6c1a1234f8 Properly handle available databases at runtime and respect setup checks in command line as well 2015-03-11 09:27:12 +01:00
Lukas Reschke
6dc59019af Merge pull request #14346 from owncloud/storage-based-path-validation
adding storage specific filename verification
2015-03-10 11:02:47 +01:00
Thomas Müller
214fa44400 Merge pull request #14534 from owncloud/add-child-src
Add support for 'child-src' directive
2015-03-10 10:30:44 +01:00
Joas Schilling
87431605b8 Add test for UniqueConstraintViolationException on wrong key 2015-03-10 09:26:45 +01:00
Thomas Müller
c8ed88f4d6 Merge pull request #14689 from owncloud/better-missing-resource-handling
Log errors and create 404 in network list when a css or js is missing
2015-03-09 23:33:25 +01:00
Thomas Müller
89be55a672 let insertIfNotExist() throw the native DBALException - no need to hide the real exception 2015-03-09 22:37:49 +01:00
Thomas Müller
b966a4eb17 Adding unit test which shows insertIfNotExists to fall apart in certain situations 2015-03-09 22:37:49 +01:00
Morris Jobke
d34662122d Merge pull request #14429 from owncloud/issue/14176-validate-timezone-before-using
Etc timezones don't exist for .5 and .75 offsets
2015-03-09 16:16:16 +01:00
Thomas Müller
3623f14e73 no translation service in common storage class 2015-03-09 10:38:38 +01:00
Thomas Müller
49e1a81eba fixing namespaces and PHPDoc 2015-03-09 10:38:37 +01:00
Thomas Müller
4bac595068 adding storage specific filename verification - refs #13640 2015-03-09 10:38:37 +01:00
Lukas Reschke
9f5433c0c3 Merge pull request #13368 from owncloud/memcache_lowlatency
Refactor \OC\Memcache\Factory
2015-03-05 13:05:17 +01:00
Robin McCorkell
0e4933e6d2 Refactor \OC\Memcache\Factory
Caches divided up into two groups: distributed and local. 'Low latency' is an
alias for local caches, while the standard `create()` call tries to get
distributed caches first, then local caches.

Memcache backend is set in `config.php`, with the keys `memcache.local` and
`memcache.distributed`. If not set, `memcache.distributed` defaults to the value
of `memcache.local`.
2015-03-05 11:36:34 +00:00
Joas Schilling
716ba49a82 Log errors and create 404 in network list when a css or js is missing 2015-03-04 17:56:33 +01:00
Joas Schilling
294724b5da Add a test for ObjectStore\NoopScanner 2015-03-04 11:48:31 +01:00
Morris Jobke
f1d74e8803 Merge pull request #14651 from owncloud/add-some-headers-to-htaccess-for-my-best-friend-jenkins
Let users configure security headers in their Webserver
2015-03-04 09:36:01 +01:00
Joas Schilling
e12c83e3dc Merge pull request #14674 from owncloud/fix-l10n-getlanguagecode-2
Jenkins #14650
2015-03-03 18:33:08 +01:00
Joas Schilling
5fc004f8ea Add a test of what everyone thinks should be the result of this method 2015-03-03 16:47:31 +01:00
Thomas Müller
be27188649 Merge pull request #14574 from owncloud/fix-irequest-for-older-php-versions
Read from IRequest instead of reading twice
2015-03-03 14:22:56 +01:00
Thomas Müller
e30ca8198f Merge pull request #14638 from owncloud/issue/14538-repairstep-drop-old-tables
Add a repair step to delete old tables
2015-03-03 13:37:54 +01:00
Joas Schilling
8df4077dd7 Add a test for dropping the tables 2015-03-03 11:27:06 +01:00
Joas Schilling
276d678080 Etc timezones don't exist for .5 and .75 offsets 2015-03-03 09:08:47 +01:00
Lukas Reschke
d620fc8798 Merge pull request #14615 from kampka/cron-command
Allow configuring background job mode from the console
2015-03-02 21:35:57 +01:00
Christian Kampka
83e0f84fef Allow configuring background job mode from the console 2015-03-02 20:51:40 +01:00
Lukas Reschke
bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Robin Appelman
00568af74d Allow running the async commands from unit tests 2015-03-02 15:25:31 +01:00
Vincent Petry
e61aa3723e Merge pull request #14573 from owncloud/enc-migrate-disable-updater
Disable the cache updater when doing the encryption migration
2015-03-02 14:53:29 +01:00
Lukas Reschke
b29940d956 Add support for 'child-src' directive
This is required when working with stuff such as PDF.js in the files_pdfviewer application. Opt-in only.

Master change only because the stable CSP policies has a failback that allows nearly anything 🙈
2015-02-28 12:27:46 +01:00
Lukas Reschke
d0c6af2cb5 Disable bootstrap.php checks when HHVM is used 2015-02-28 10:11:12 +01:00
Robin Appelman
89735ab22b add some tests for disabled updater 2015-02-27 17:14:17 +01:00
Morris Jobke
b4dfd043d7 Merge pull request #14575 from owncloud/cache-rename-overwrite
Fix cache update when doing a rename that overwrites the target
2015-02-27 17:11:37 +01:00
Robin Appelman
fc027bceb7 Fix cache update when doing a rename that overwrites the target 2015-02-27 16:39:58 +01:00
Bernhard Posselt
970b14d297 Merge pull request #13616 from owncloud/streamresponse
AppFramework StreamResponse
2015-02-27 15:43:01 +01:00
Bernhard Posselt
95239ad21e AppFramework StreamResponse
First stab at the StreamResponse, see #12988

The idea is to use an interface ICallbackResponse (I'm not 100% happy with the name yet, suggestions?) that allow the response to output things in its own way, for instance stream the file using readfile

Unittests are atm lacking, plan is to

check if a mock of ICallbackResponse will be used by calling its callback (also unhappy with this name) method
Usage is:

$response = new StreamResponse('path/to/file');

rename io to output, add additional methods and handle error and not modified cases when using StreamResponse

fix indention and uppercasing, also handle forbidden cases

fix indention

fix indention

no forbidden, figuring out if a file is really readable is too complicated to get to work across OSes and streams

remove useless import

remove useless import

fix intendation
2015-02-27 15:42:33 +01:00
Lukas Reschke
5c2fafa05f Read from IRequest instead of reading twice
Potentially fixes https://github.com/owncloud/core/issues/14541 and https://github.com/owncloud/core/issues/14506
2015-02-27 14:22:35 +01:00
Vincent Petry
1750e7b76d Fixed expected warning count on repair fail 2015-02-27 13:32:46 +01:00
Vincent Petry
32c9139ac2 Detect that the done flag was not set after repair fail 2015-02-27 13:16:38 +01:00
Vincent Petry
e6abe96374 Do not abort when meeting unfixable legacy storages 2015-02-27 12:03:22 +01:00