Commit graph

484 commits

Author SHA1 Message Date
Björn Schießle
f347e2e4a6
Merge pull request #7047 from nextcloud/add-support-for-files-with-no-permissions
Add support for files with no permissions
2017-11-20 16:15:52 +01:00
Julius Härtl
7006b739b0
Remove brackets for invalid mail addresses when updating the license header
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2017-11-07 10:50:42 +01:00
Morris Jobke
31c5c2a592
Change @georgehrke's email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 20:38:59 +01:00
Morris Jobke
0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Daniel Calviño Sánchez
555d582f35 Return whether the file is readable or not in the DAV permissions
Until now it was safe to assume that every file was readable by its
owner, so there was no need to return whether the file was readable or
not. However, with the introduction of end to end encryption that is no
longer the case, and it is now necessary to explicitly provide that
information.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:00 +01:00
Roeland Jago Douma
2f36744aff
Update phan config
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 20:40:14 +02:00
Roeland Jago Douma
ab20a64ed4
DAV Autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 20:40:11 +02:00
Roeland Jago Douma
112b0d57a8
Comments Autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 20:40:11 +02:00
Roeland Jago Douma
ce7c9dfe8a
Admin Audit autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-24 20:40:09 +02:00
Roeland Jago Douma
ff9f325677
Ignore composer stuff in phan
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-17 22:22:36 +02:00
Roeland Jago Douma
5d7d96dc45
Update autoload checker
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-17 21:55:06 +02:00
Roeland Jago Douma
17bd2fb268
Phan is moved to a new repo
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-16 16:23:55 +02:00
Robin Appelman
f0c7b8f264
show diff in autoload checker
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-09-18 17:20:08 +02:00
Joas Schilling
242c9ee06c
No more root file
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-25 12:47:39 +02:00
Roeland Jago Douma
02b9388fc6
Move image-optimization.sh to build dir
* We should not ship this!

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-07-24 08:08:18 +02:00
Lukas Reschke
3d2600b039
Add Phan plugin to check for SQL injections
This adds a phan plugin which checks for SQL injections on code using our QueryBuilder, while it isn't perfect it should already catch most potential issues.

As always, static analysis will sometimes have false positives and this is also here the case. So in some cases the analyzer just doesn't know if something is potential user input or not, thus I had to add some `@suppress SqlInjectionChecker` in front of those potential injections.

The Phan plugin hasn't the most awesome code but it works and I also added a file with test cases.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-20 22:48:13 +02:00
Lukas Reschke
591aaa4154
Add workaround for https://github.com/etsy/phan/issues/1033
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 11:08:43 +02:00
Lukas Reschke
d8ec399454
Run phan over code base
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-07-19 10:28:11 +02:00
Morris Jobke
844e7b03b4 Add test to check if new files are added to the root of the repository
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-12 11:52:42 +02:00
Lukas Reschke
633396001f
Prevent sending second WWW-Authenticate header
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.

Fixes https://github.com/nextcloud/server/issues/5088

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Lukas Reschke
b8de3f40ee
Bearer comes first on the new endpoint
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:57:07 +02:00
Lukas Reschke
639ba526d0
Adjust realm from SabreDAV to Nextcloud
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:38:55 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
538112181f
Add additional test for accessing DAV using Bearer Auth
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke
f2a01e1b08
Use a standardized Bearer now
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
a4116220cb
Add app to autoenabled provisioning API scenario
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Morris Jobke
692e056df9 Extract app name and navigation entries for l10n
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-08 23:24:28 -05:00
Morris Jobke
865cd487c4
Split up sharing-v1-part2.feature to avoid timeouts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 12:55:29 -03:00
Vincent Petry
d379b197d5
Fix forbidden backslash DAV integration tests 2017-04-26 15:47:59 +02:00
Sergio Bertolin
a761d4cce7
Added test cases from core 16825 2017-04-26 15:29:01 +02:00
Vincent Petry
9bff66e68d
Simplified new endpoint move test 2017-04-26 15:27:02 +02:00
Vincent Petry
c30feafaa2
Added case when final chunk move must not change file id 2017-04-26 15:26:15 +02:00
Sergio Bertolin
9ab17c95c0
Added test about checking file id after a move 2017-04-26 15:24:19 +02:00
Morris Jobke
51da0442d9 Merge pull request #4494 from nextcloud/fix-jsunit
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher
2017-04-25 12:45:52 -03:00
Morris Jobke
dd5dbe3ebd
Fix JS unit failure because of Jasmine 2.6 and the phantomjs launcher
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-25 10:26:46 -03:00
Joas Schilling
7ea492b69a
Loop over the apps directory and add the task
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 14:35:51 +02:00
Joas Schilling
dee2c8d23b
Check whether we can json decode the translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 11:01:34 +02:00
Lukas Reschke
66835476b5
Add support for ratelimiting via annotations
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Morris Jobke
4cf4d2f27e
Favorites integration tests for shared files
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 11:44:57 -05:00
Joas Schilling
bd37021587
Fix casing of same origin frame option
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 12:37:32 +02:00
Vincent Petry
d1081e7940
Add integration test for trashbin
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 14:59:21 -05:00
Lukas Reschke
4cf61481e5
Clear opcode cache after config change
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 18:57:40 +02:00
Lukas Reschke
b882f65fbb
Add integration tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-11 01:39:54 +02:00
Morris Jobke
4c60360bf7 Merge pull request #4221 from nextcloud/provisioning-api-for-account-info
Allow to change account info via provisioning api
2017-04-07 12:48:44 -05:00
Joas Schilling
3d628783d9
Allow to change account info via provisioning api
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-07 12:50:47 +02:00
Morris Jobke
b084ceec3d Merge pull request #4224 from nextcloud/dont-list-on-public-calendar-endpoint
Don't list on public calendar endpoints
2017-04-05 20:55:39 -05:00
Lukas Reschke
63288ebc50
Don't list on public calendar endpoints
There is no need to allow listing here.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 22:43:05 +02:00
Lukas Reschke
1d3e391ad8
Add integration tests for token auth
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-05 17:58:33 +02:00
Roeland Jago Douma
04fc00fcdf
mergejs should print a newline between imports
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-31 17:06:38 +02:00
Robin Appelman
7d4c4224d1
fix setup of external storage integration tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 17:16:59 +02:00
Morris Jobke
f9bc53146d
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-28 21:00:12 -06:00
Morris Jobke
6901b28f07
Split long running features/sharing-v1.feature into two smaller parts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-28 16:46:56 -06:00
Roeland Jago Douma
4821c00ea8 Merge pull request #4004 from nextcloud/backport-27172
Remove SharedCache::getNumericStorageId to let CacheWrapper do it
2017-03-28 21:56:44 +02:00
Vincent Petry
c54091d43b
Use authType BASIC for Sabre client in integration tests
This helps massively reduce the numerous useless 401 exceptions that
appears in the test log. These appear only because Sabre first connects
without any auth type to receive the challenge and then sends the
authentication data.

With this change it will directly use basic auth.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-24 12:40:14 -06:00
Lukas Reschke
f94bc6f8bb Merge pull request #4013 from nextcloud/bundle_vendor_js
Bundle vendor js
2017-03-24 10:49:57 +01:00
Morris Jobke
9bd4c406e3
also install sinon
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:42:54 -06:00
Vincent Petry
46a32045d7
Update karma, use sinon from npm
Update karma library and use sinon JS library provided by
karma-jasmine-sinon instead of local file.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 23:35:41 -06:00
Morris Jobke
49d0507f5d Merge pull request #3879 from nextcloud/downstream-26915
Added integration tests for sharees using v2.php
2017-03-23 16:12:24 -06:00
Morris Jobke
d2654c8aea Merge pull request #3965 from nextcloud/downstream-27343
Providing --path option to transfer-ownership
2017-03-23 15:20:53 -06:00
Roeland Jago Douma
588f47d498
Add CI step to verify merged vendor js
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:30 +01:00
Roeland Jago Douma
eda98ed3df
Merge vendor js
There is a bunch of javascript we always load from vendors. This
combines this into 1 javascript file. Which reduces the number of
request by ~10.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-23 13:40:23 +01:00
Vincent Petry
89c42a76c3
Remove SharedCache::getNumericStorageId to let CacheWrapper do it
The CacheWrapper will properly forward the call to the wrapped cache.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 00:02:48 -06:00
Robin Appelman
1e707ef1db
add integration test to ensure that shares dont overwrite external storages
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-22 18:00:12 +01:00
Morris Jobke
209e3e39e2
Use proper bash test syntax
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 18:48:55 -06:00
Sujith H
f654f29532
Providing --path option to transfer-ownership
This will help user to selectively move the folders
specified using --path option, instead of moving
entire folder under files directory.

Signed-off-by: Sujith H <sharidasan@owncloud.com>

Update the integration test for transfer-ownership

Update the integration test for transfer-ownership
as the new option --path is introduced in the command.

Signed-off-by: Sujith H <sharidasan@owncloud.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 18:29:21 -06:00
Joas Schilling
ce302aea11
Fix warning
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 13:13:09 -06:00
Joas Schilling
a8e3168c17
200 is ok
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 13:13:09 -06:00
Joas Schilling
4157e7914a
Fix deletion of groups
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 13:13:09 -06:00
Joas Schilling
4626514a35
Strict comparisons
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 13:13:09 -06:00
Sergio Bertolin
8e99f19c28
Added tests using v2.php
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 13:13:08 -06:00
Joas Schilling
5cf6fc7e8d
Add integration tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-03-20 10:45:27 +01:00
Sergio Bertolin
493b4c2f5c
Added logic and tests to remove everything inside a folder
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 02:19:04 -06:00
Sergio Bertolin
190ceba22f
Added functions to add files in local_storage
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 22:05:20 -06:00
Morris Jobke
4a9ce18ced Revert "Add integration test for trashbin" 2017-03-17 12:06:16 -06:00
Roeland Jago Douma
3f331e02f9 Merge pull request #3893 from nextcloud/downstream-27069
Add integration test for trashbin
2017-03-17 10:10:00 +01:00
Joas Schilling
d504408efd Merge pull request #3894 from nextcloud/downstream-27008
Integration test check download without saving file locally
2017-03-17 09:17:36 +01:00
Vincent Petry
3740f9bc26
Integration test check download without saving file locally
Use Guzzle stream mode to download the contents instead of using a
temporary local file.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-16 23:57:16 -06:00
Vincent Petry
659006c234
Add integration test for trashbin
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-16 23:53:58 -06:00
Lukas Reschke
9e957d0ac9
Adjust integration test
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 20:51:40 +01:00
Roeland Jago Douma
e8ac348f47
Make intergration tests work again
The regex was to greedy

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-10 20:40:47 +01:00
Phil Davis
cbb735544a
Use clearer name setUpScenario
Signed-off-by: Phil Davis <phil.davis@inf.org>
2017-02-21 21:43:10 +05:45
Robert Scheck
25a2cb8c6e Only request "IndexIgnore" if mod_autoindex is loaded
Signed-off-by: Robert Scheck <robert@fedoraproject.org>
2017-02-20 13:09:15 +01:00
Lukas Reschke
929648ce2c
Add integration tests for legacy DAV endpoints
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-02-10 16:18:04 +01:00
Arthur Schiwon
680fef76f8
remove outdated scenario
covered by "Delete a non-existing configuration"

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 23:41:20 +01:00
Arthur Schiwon
9ca4065ef5
LDAP PUT command now supports setting multiple keys at once
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 22:01:08 +01:00
Arthur Schiwon
08b31fcb7d
enable user_ldap app for tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 10:10:37 +01:00
Arthur Schiwon
1f7b08bd19
LDAP OCS Api for show config
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 15:19:20 +01:00
Arthur Schiwon
f2c9d04eac
test against OCS v2 instead
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 12:48:50 +01:00
Arthur Schiwon
01d469dfea
add LDAP OCS Api for modifying a configuration
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 11:09:04 +01:00
Arthur Schiwon
18a75bec0d
fix and extend behat tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 10:04:15 +01:00
Arthur Schiwon
a515de54e7
LDAP OCS Api for delete config
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 23:17:58 +01:00
Arthur Schiwon
689df9a843
LDAP OCS Api for create config
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 21:13:23 +01:00
Roeland Jago Douma
6347d97c7f Merge pull request #2512 from nextcloud/cleanup-system-tag-usage
Only allow admins to delete tags
2017-01-06 16:17:09 +01:00
Morris Jobke
3ab22c2df5 Merge pull request #2948 from nextcloud/allow-global-composer-to-be-used
Allow to use a global composer instance
2017-01-06 15:31:24 +01:00
Roeland Jago Douma
ccab1168ce
Fix js tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-01-06 13:33:18 +01:00
Joas Schilling
1a8aaad0bc
Allow to use a global composer instance
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 11:01:59 +01:00
Christoph Wurst
02359c79fd
Test remember-me login
This adds a simple integration test that ensures that remembered
login works when the session cookies vanish.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-02 11:20:22 +01:00
Roeland Jago Douma
886341aca4 Merge pull request #2816 from nextcloud/changing_how_favorites_are_serialized
Return explicit values instead of boolean from sabre (#26654)
2016-12-23 14:36:05 +01:00
Sergio Bertolin
aad088f3c0
Added phpdoc for getUserHome
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:25:20 +01:00
Sergio Bertolin
d1b8e58c86
Using propfind instead of accessing the file system
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:25:20 +01:00