Commit graph

145 commits

Author SHA1 Message Date
Lukas Reschke
cebeb0e052 Fix unit tests
Fixes https://github.com/owncloud/core/issues/21345
2015-12-23 09:11:22 +01:00
Vincent Petry
181ba7b4e1 Fix files UI mtime parsing from webdav 2015-12-16 17:44:16 +01:00
Vincent Petry
6735005be0 Fix duplicate bogus share field when link sharing is not allowed
Whenever link share is not allowed, it was outputting a bogus sharing
field which name would conflict with the regular sharing field.

This fix makes sure that the bogus sharing field with "Resharing not
allowed" message only appears when triggered by removed share
permissions.
2015-12-07 16:53:56 +01:00
Lukas Reschke
4971015544 Add code integrity check
This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository.

Furthermore, there is a basic implementation to display problems with the code integrity on the update screen.

Code signing basically happens the following way:

- There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release 😉). This certificate is not intended to be used for signing directly and only is used to sign new certificates.
- Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`,  apps need to be signed with a certificate that either has a CN of `core` (shipped apps!)  or the AppID.
- The command generates a signature.json file of the following format:
```json
{
    "hashes": {
        "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d",
        "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9"
    },
    "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----",
    "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl"
}
```
`hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the  certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`.

Steps to do in other PRs, this is already a quite huge one:
- Add nag screen in case the code check fails to ensure that administrators are aware of this.
- Add code verification also to OCC upgrade and unify display code more.
- Add enforced code verification to apps shipped from the appstore with a level of "official"
- Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release
- Add some developer documentation on how devs can request their own certificate
- Check when installing ownCloud
- Add support for CRLs to allow revoking certificates

**Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature:

```
➜  master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt
Successfully signed "core"
```

Then increase the version and you should see something like the following:

![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png)

As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen.

For packaging stable releases this requires the following additional steps as a last action before zipping:
1. Run `./occ integrity:sign-core` once
2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
2015-12-01 11:55:20 +01:00
Vincent Petry
a1d0682ef8 Use oc:fileid property instead of oc:id 2015-11-22 16:05:51 +01:00
Thomas Müller
ab1d786d87 Fix port issue - options.host already has the port attached 2015-11-22 16:05:51 +01:00
Vincent Petry
f120846e29 Added OC.Files.Client Webdav-based files client 2015-11-22 16:05:49 +01:00
Joas Schilling
f04151f69b Close the user menu when clicking it again 2015-11-02 10:09:13 +01:00
Thomas Müller
774d069ff0 Merge pull request #20122 from owncloud/files-consolidateiconupdate
Fix icon update to be more consistent
2015-10-29 15:40:15 +01:00
Vincent Petry
9c9158e6b7 Fix icon update to be more consistent
Makes the details bar show the same icon as in the list.
2015-10-29 12:59:51 +01:00
Tom Needham
628e4a9daf Add sharee list view js tests 2015-10-29 09:01:47 +01:00
Phil Davis
89ab505c7b sharedialogviewSpec.js couple of text typos
I noticed a new typo in 15ef39d5b9 and looked for others while I am here.
2015-10-27 17:11:49 +05:45
Vincent Petry
c64fb46fbf Fix share link focus on click
Clicking on the link share must focus and select it
2015-10-26 12:49:52 +01:00
Roeland Jago Douma
9071e756a1 Fix for broken ajax/share.php endpoint
Even more code mess :(
All tests pass again. But I'm really not happy with this endpoint.
2015-10-23 09:24:03 +02:00
Tom Needham
e3ae453ee5 Fix line lengths in share dialog unit tests 2015-10-21 13:30:42 +00:00
Tom Needham
8a6d22d751 Add JS tests for share autocompletion handling 2015-10-21 12:46:08 +00:00
Tom Needham
2ca5b1aa1f Add test for remote share info tooltop 2015-10-21 10:00:29 +00:00
Vincent Petry
3af2ad0cd9 Fix DOM element ids in share dialog
- Rely on class names instead of global ids
- When global ids are needed for label+checkbox, append the view id
  (cid) to the element's id

This fixes the checkboxes when multiple sidebars exist in the DOM.
2015-10-16 10:54:45 +02:00
Roeland Jago Douma
08600a7ed5 Add unit tests for sending e-mail for link shares 2015-10-08 16:39:25 +02:00
Morris Jobke
b519965408 [admin] check for correct PHP memcached module 2015-10-06 08:51:47 +02:00
Thomas Müller
ea72d90617 Merge pull request #19553 from owncloud/properly_format_date_shareview
Use DD-MM-YYYY consistently in share sidebar
2015-10-05 22:02:12 +02:00
Roeland Jago Douma
8c459a895d Do not remove linkshare if there is none
If the password is enforced we can't create a link share right away but
just show the password field. Untoggling the link sharing should not try
to remove the share.

* Added unit test
2015-10-05 21:12:27 +02:00
Roeland Jago Douma
96deeca34d Use DD-MM-YYYY consistently in share sidebar
We used to display the response from the server. Which is in non ISO8601
format. Now this is weird since the datepickers shows us 'DD-MM-YYYY'
once a date is chosen.

Now use momentJS to properly format the date.

* Unit tests updated
2015-10-04 11:38:29 +02:00
Thomas Müller
d7a923671f Merge pull request #19305 from owncloud/share-hasusershares
Fix ShareItemModel.hasUserShares to only check shares of current item
2015-09-24 14:57:23 +02:00
Vincent Petry
76e30d0df7 Expiration date was always a string 2015-09-24 12:21:19 +02:00
Vincent Petry
0db9b28f3f Fix ShareItemModel.hasUserShares to only check shares of current item
The shares array is based on what the server returns and can contain
share info for parent folders.

hasUserShares is now fixed to ignore parent folders and only checks for
shares on the current item.
2015-09-23 14:41:13 +02:00
Vincent Petry
6ea27e2b03 Fix parsing int attributes from share.php response
Sometimes the attributes returned by share.php are integers but packaged
as strings.

This fix makes sure that such attributes are parsed as integers
2015-09-23 12:16:47 +02:00
Thomas Müller
08ae1e8183 Merge pull request #19008 from owncloud/jquery_avatar_tests
JS tests for jquery.avatar
2015-09-18 17:31:18 +02:00
Vincent Petry
02d68d0613 Removed obsolete tests 2015-09-16 07:23:29 +02:00
Vincent Petry
f439c07ba9 Fix allow reshare for owner when sharing with self through group 2015-09-16 07:23:29 +02:00
Vincent Petry
996639f4fb More unit tests for share dialog 2015-09-16 07:23:29 +02:00
Vincent Petry
886f1ed660 Update JS unit tests for share dialog (WIP) 2015-09-16 07:23:29 +02:00
Roeland Jago Douma
1601e8acfe Added js tests for jquery.avatar
* Ceil avatar request size
2015-09-14 10:17:24 +02:00
Vincent Petry
a808837ec9 Add apps unit test 2015-08-30 17:14:57 +02:00
Morris Jobke
202af1e322 fix unit tests 2015-08-26 11:39:22 +02:00
Hasso Tepper
acc5a7d6cc Make short versions of weekday/month names translatable 2015-08-21 10:17:36 +03:00
Roeland Jago Douma
8eefc5c4e1 Move remaining setupchecks to new fomat 2015-08-18 14:42:57 +02:00
Jan-Christoph Borchardt
12eec397e3 Merge pull request #17975 from owncloud/settings_admin_warning_levels
Settings admin warning levels
2015-08-18 13:38:08 +02:00
Robin McCorkell
2579999373 Add setup check for reverse proxy header configuration 2015-08-10 23:28:16 +01:00
Thomas Müller
9650f3ecbe Merge pull request #17919 from rullzer/php_supported_check
Display warning in security & setup warnings if php version is EOL
2015-08-10 23:03:35 +02:00
Vincent Petry
604694630b Set momentJS locale to en during unit test runs 2015-08-07 01:22:45 +02:00
Roeland Jago Douma
8bde72c4bd All setup messages are now properly types 2015-07-30 09:57:08 +02:00
Roeland Jago Douma
5d15051da4 Allow setupchecks to specify a warning level 2015-07-30 09:57:08 +02:00
Roeland Jago Douma
72ba67815e Display warning in security & setup warnings if php version is EOL 2015-07-29 10:07:01 +02:00
Morris Jobke
5a0d410488 tests for _parseTime with hex and empty strings 2015-07-28 14:20:55 +02:00
Morris Jobke
ebfbb97e66 Fix parsing of sharetime as string
In some cases the ajax/share.php will return the share time as string.
If this is the case it would get parsed completely wrong and cause the
share dropdown to not work anymore. This change will properly cast the
string to an interger and also fallback if this is not possible.
2015-07-28 08:56:15 +02:00
Vincent Petry
1b7d42c569 Fix OC.joinPaths with empty arguments
When empty arguments are given, the leading or trailing slash was not
detected properly.
2015-07-13 10:57:52 +02:00
Morris Jobke
ee7ccc9c3d Merge pull request #17559 from owncloud/js-joinpathsutility
Add OC.joinPaths for convenient path joining
2015-07-10 17:07:19 +02:00
Vincent Petry
fbc03b43b9 More tests for joinPaths 2015-07-10 15:31:58 +02:00
Vincent Petry
119e27166e Add OC.joinPaths for convenient path joining 2015-07-10 13:02:28 +02:00