Commit graph

980 commits

Author SHA1 Message Date
Clark Tomlinson
8d09cc3b91 Merge pull request #13989 from owncloud/enhancment/security/11857
Allow AppFramework applications to specify a custom CSP header
2015-02-18 10:27:29 -05:00
Lukas Reschke
9f91d64918 Make scrutinizer happy 2015-02-16 22:13:00 +01:00
Lukas Reschke
886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Joas Schilling
f808acd317 Add visibility to interface to make scrutinizer 1 step happier 2015-02-16 17:46:43 +01:00
Lukas Reschke
a9d1a01440 Rename to allowEval 2015-02-16 12:30:21 +01:00
Lukas Reschke
b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00
Lukas Reschke
025110821f URLEncode logout attribute
Otherwise logout can fail if the requesttoken contains a +
2015-02-13 12:08:23 +01:00
Lukas Reschke
86139fcce8 Deprecate OC_JSON and OCP\JSON
This deprecates – but not removes – those two classes and all functions in it. There is no reason that new developments should use those methods as with the AppFramework there is a replacement that allows testable code.

With the `@deprecated` annotation IDEs like PHPStorm will point out to the developer that a functionality is deprecated and that there is a better suited replacement.
2015-02-12 00:56:13 +01:00
Morris Jobke
1bb6de7c1b Merge pull request #13425 from owncloud/phpdoc_cleanup
Cleanup of PHPDoc return types
2015-02-10 01:14:00 +01:00
Vincent Petry
5296767393 Merge pull request #13921 from owncloud/ocs-af
Add a controller and reponse for ocs
2015-02-09 18:11:47 +01:00
Lukas Reschke
47c7eb4e70 Merge pull request #13973 from owncloud/enhancement/security/13366
Respect `mod_unique_id` and refactor `OC_Request::getRequestId`
2015-02-09 17:35:19 +01:00
Lukas Reschke
770fa761b8 Respect mod_unique_id and refactor OC_Request::getRequestId
When `mod_unique_id` is enabled the ID generated by it will be used for logging. This allows for correlation of the Apache logs and the ownCloud logs.

Testplan:

- [ ] When `mod_unique_id` is enabled the request ID equals the one generated by `mod_unique_id`.
- [ ] When `mod_unique_id` is not available the request ID is a 20 character long random string
- [ ] The generated Id is stable over the lifespan of one request

Changeset looks a little bit larger since I had to adjust every unit test using the HTTP\Request class for proper DI.

Fixes https://github.com/owncloud/core/issues/13366
2015-02-09 11:53:11 +01:00
Bernhard Posselt
b89ddcfe41 fix license email 2015-02-05 14:09:01 +01:00
Bernhard Posselt
fdc64e370c add a controller and reponse for ocs 2015-02-05 14:02:17 +01:00
Robin Appelman
c644ed89a7 Add a better way to check if an avatar exists for the user 2015-02-03 14:54:06 +01:00
Vincent Petry
acec40fe5a Merge pull request #13561 from owncloud/trash-finaldeletewhencrossstoragefix
Call final unlink in trash wrapper's storage
2015-01-27 17:05:38 +01:00
Vincent Petry
12867b9c78 Fix return type of addStorageWrapper in PHPDoc 2015-01-27 16:41:43 +01:00
Thomas Müller
956de27e94 Merge pull request #13676 from owncloud/fix-node-iface
Fix node interface
2015-01-27 09:34:59 +01:00
Bernhard Posselt
b8769802df fix node interface 2015-01-26 15:58:41 +01:00
Joas Schilling
c61e9f3912 Add a method to set/unset multiple config values in one call
This reduces the number of file writes we do for config.php and therefor
hopefully helps lowering the chances for empty config.php files
2015-01-23 11:00:53 +01:00
Vincent Petry
6fb553e92c Do not call wrapStorage if storate with same name added twice 2015-01-22 16:24:24 +01:00
Robin McCorkell
2b99fc76ec Cleanup of PHPDoc return types 2015-01-16 20:30:43 +00:00
Lukas Reschke
0da08bdb2c Add PHPDoc for urlParams 2015-01-15 14:42:44 +01:00
Lukas Reschke
04ae8d2ea0 Add PHPDoc for magic property 'server' 2015-01-14 19:36:22 +01:00
Morris Jobke
6a5f12beca Merge pull request #12988 from owncloud/logfile_download
Logfile download
2015-01-09 00:33:22 +01:00
Georg Ehrke
f579f2bd94 add Download logfile button to admin settings
add logSettingsController

add download logfile button

move getEntries to LogSettingsController

move set log level to logsettingscontroller.php

add warning if logfile is bigger than 100MB

add unit test for set log level

fix typecasting, add new line at EoF

show log and logfile download only if log_type is set to owncloud

add unit test for getFilenameForDownload
2015-01-07 14:55:53 +01:00
Jörn Friedrich Dreyer
79e790c55d add SIZE_ALL const 2015-01-02 10:28:42 +01:00
Jörn Friedrich Dreyer
a8edb2124d fix visibility 2015-01-02 10:28:41 +01:00
Jörn Friedrich Dreyer
606f802b7b move search results below filelist, show hint when results are off screen, use js plugin mechanism 2015-01-02 10:28:41 +01:00
Jörn Friedrich Dreyer
c738359a11 add paged provider 2015-01-02 10:28:41 +01:00
Thomas Müller
5b00bc1d6e Adding basement for the direct download url 2014-12-28 17:17:14 +01:00
Bernhard Posselt
f195123765 Intelligent container
* resolves dependencies by type hint or variable name
* simpler route.php
* implementation of https://github.com/owncloud/core/issues/12829

Generates and injects parameters automatically. You can now build full classes like

    $c->query('MyClassName')

without having to register it as a service. The resolved object's instance will be saved by using registerService. If a constructor parameter is not type hinted, the parameter name will be taken.

Therefore the following two implementations are identical:

    class Class1 { function __construct(MyClassName $class)
    class Class1 { function __construct($MyClassName)

This makes it possible to also inject primitive values such as strings, arrays etc.

In addition if the query could not be resolved, a `QueryException` is now thrown

Routes can now be returned as an array from `routes.php` and an `appinfo/application.php` is optional

Old commit messages:

make it possible to return the routes instead of having to intialize the application
try to get the controller by convention
add first implementation of automatic resolve
add another test just to be sure
store the resolved object
more tests
add phpdoc to public app.php method
use the same variable for the public app.php method
deprecate old methods and add services for public interfaces
deprecated getServer method
disallow private api injection for apps other than core or settings (settings should be an app goddamnit :D)
register userid because its such an often used variable
fix indention and leading slash
use test namespace
add deprecation reasons, remove private api usage checks and remove deprecation from getServer()
add additional public interfaces
add public interface for rootfolder
fix syntax error
remove deprecation from methods where no alternative is there yet
remove deprecated from method which has no alternative
add timezone public service for #12881
add another deprecation hint
move deprecation into separate branch
remove dead comment
first try to get the namespace from the info.xml, if it does not exist, just uppercase the first letter
also trim the namespace name
add an interface for timefactory
move timefactory to public and add icontrollermethodreflector
keep core interface
fix copyright date in headers
2014-12-23 09:50:42 +01:00
Morris Jobke
5d296aa6b1 Merge pull request #12969 from owncloud/clarify-docs
Clarify return values
2014-12-22 10:01:39 +01:00
Morris Jobke
c17b9ec068 Merge pull request #12983 from owncloud/root-iface
Add an interface for the root folder so apps have an interface to deal with storage
2014-12-22 09:05:23 +01:00
Bernhard Posselt
8e37214346 add an interface for the root folder so apps have an interface to deal with storage
fix comments and newline

add newline
2014-12-21 20:52:34 +01:00
Thomas Müller
c3544bd27e Merge pull request #12982 from owncloud/timefac-iface
Add an interface for the timefactory class
2014-12-21 20:27:53 +01:00
Bernhard Posselt
ba03b0b843 add an interface for the timefactory class
fix indention
2014-12-20 15:53:31 +01:00
Björn Schießle
8164415b45 Merge pull request #12749 from owncloud/server2server-sharing-ng
server to server sharing next generation
2014-12-19 19:04:44 +01:00
blizzz
ad6814f920 Merge pull request #12101 from owncloud/ldap_split_mapping
Ldap split mapping from Access superclass
2014-12-19 18:52:30 +01:00
Arthur Schiwon
ec0f80fee9 Split mapping from Access and Helper classes into it's own. Fully test them, too.
remove unused methods

split mapping methods off from Access class

fix DB query handling

move 'clear mapping' methods from static helper to new mapping class

add tests

test directly with DB

finishing tests and fix return value from setDNbyUUID

add corresponding class for groups and make abstract test class neutral. helper tests is now obsolete as the tested functions were moved to the new mapper class.

add missing info to PHPDoc

add unmap method

fix namespaces

fix test inheritance

PHPDoc and a small code restructure for scrutinizer, no effective changes

PostgreSQL does not accept LIMIT in DELETE queries

phpdoc fixes, no code changes
2014-12-19 18:26:12 +01:00
Bjoern Schiessle
24993280ed Next step in server-to-server sharing next generation, see #12285
Beside some small improvements and bug fixes this will probably the final state for OC8.

To test this you need to set up two ownCloud instances. Let's say:

URL: myPC/firstOwnCloud user: user1
URL: myPC/secondOwnCloud user: user2
Now user1 can share a file with user2 by entering the username and the URL to the second ownCloud to the share-drop-down, in this case "user2@myPC/secondOwnCloud".

The next time user2 login he will get a notification that he received a server-to-server share with the option to accept/decline it. If he accept it the share will be mounted. In both cases a event will be send back to user1 and add a notification to the activity stream that the share was accepted/declined.

If user1 decides to unshare the file again from user2 the share will automatically be removed from the second ownCloud server and user2 will see a notification in his activity stream that user1@myPC/firstOwnCloud has unshared the file/folder from him.
2014-12-19 15:20:24 +01:00
Lukas Reschke
dbbf568192 Fix typo 2014-12-19 14:36:00 +01:00
Lukas Reschke
a022e65285 Clarify return values
This function returns `null` when no user is logged-in.
2014-12-19 14:17:40 +01:00
Thomas Müller
2d64797320 Merge pull request #12956 from owncloud/jenkins-user-backend-names
[jenkins only] introduce names for user backends - IUserBackend
2014-12-19 13:15:50 +01:00
Morris Jobke
6da33e1ea7 introduce names for user backends - IUserBackend
* LDAP with multiple servers also proved backendName
2014-12-19 10:17:17 +01:00
Morris Jobke
75e8b39826 Merge pull request #12879 from owncloud/mountconfig
Add mount specific options
2014-12-18 23:38:14 +01:00
Bernhard Posselt
6779bf113d add isAdmin and isInGroup methods for the group manager 2014-12-17 17:41:57 +01:00
Bernhard Posselt
236632702c add a isLoggedIn method to the usersession and deprecate the isLoggedIn method on the api 2014-12-17 17:40:52 +01:00
Robin Appelman
fd85424742 Add getMountPoint to FileInfo 2014-12-17 14:03:50 +01:00
Robin Appelman
95a145f67f Load mount specific options from the mount config 2014-12-17 14:03:50 +01:00