Commit graph

23458 commits

Author SHA1 Message Date
Joas Schilling
560137ca23 Always include the installed app version in "occ app:list" 2015-03-11 09:47:41 +01:00
Joas Schilling
2af8fea2be Throw a RuntimeException in the cache aswell 2015-03-11 09:33:50 +01:00
Joas Schilling
981c60f5f5 Do not overwrite the active menu entry of the navigation 2015-03-11 09:27:28 +01:00
Thomas Müller
6c1a1234f8 Properly handle available databases at runtime and respect setup checks in command line as well 2015-03-11 09:27:12 +01:00
Thomas Müller
81fa9550a0 No need to restart the web server in cli mode 2015-03-11 09:27:12 +01:00
Thomas Müller
7181840665 Use occ to install ownCloud in autotest.sh 2015-03-11 09:27:12 +01:00
Morris Jobke
cfaee93552 Merge pull request #14783 from owncloud/dont-timeout-cron-master
cron.php on cli has no time limitation - fixes #14481
2015-03-11 09:23:22 +01:00
Joas Schilling
d1511cdbee Fix doc blocks of insertIfNotExists() method 2015-03-11 09:05:30 +01:00
Jenkins for ownCloud
01ea056ac8 [tx-robot] updated from transifex 2015-03-11 01:55:38 -04:00
Thomas Müller
b4cf6e62bf cron.php on cli has no time limitation - fixes #14481 2015-03-11 01:09:12 +01:00
Thomas Müller
1757d01604 Merge pull request #14640 from owncloud/rescanversionsonlyonce
Only rescan versions once in trashbin
2015-03-11 00:54:20 +01:00
Morris Jobke
9a9633f84f update 3rdparty master 2015-03-10 16:06:01 +01:00
Morris Jobke
f5a56355fd Merge pull request #14115 from owncloud/update-symphony-components
update symphony components to 2.6.4
2015-03-10 16:05:12 +01:00
Robin Appelman
bb97256a79 update symphony components to 2.6.4 2015-03-10 15:34:45 +01:00
Lukas Reschke
284bd6647c Merge pull request #14759 from owncloud/clean-up-code
Clean-up code and use proper exception types
2015-03-10 14:18:21 +01:00
Thomas Müller
4ffca58bc4 don't rely on \OCP\User::getUser() - it is not set properly in case of async operations 2015-03-10 11:47:52 +01:00
Thomas Müller
7cb6811a7b tearDown the filesystem right before setting it up again 2015-03-10 11:47:06 +01:00
Lukas Reschke
6dc59019af Merge pull request #14346 from owncloud/storage-based-path-validation
adding storage specific filename verification
2015-03-10 11:02:47 +01:00
Thomas Müller
214fa44400 Merge pull request #14534 from owncloud/add-child-src
Add support for 'child-src' directive
2015-03-10 10:30:44 +01:00
Lukas Reschke
48243a2949 Allow iframes from same domain in share view
This is required because the PDF Viewer itself is embedded using an iframe from the same domain. The default policy is blocking this.

Going on further, we have to come up with a solution in the future how to handle previews by applications, one example might be that they call their own endpoint and not the generic share page to allow applications to have full control over how to display previews.

Anyways, to test this behaviour use a decent newer browser (such as Chrome 41) and share a PDF file, obviously the PDF viewer needs to be enabled as well. Without this patch publicly shared PDF files should not get previewed and an error is thrown. (if it isn't then your browser is probably not obeying our Content-Security-Policy and you might consider switching to another one ;))
2015-03-10 10:06:15 +01:00
Joas Schilling
87431605b8 Add test for UniqueConstraintViolationException on wrong key 2015-03-10 09:26:45 +01:00
Jenkins for ownCloud
e069d9d3f9 [tx-robot] updated from transifex 2015-03-10 01:55:39 -04:00
Thomas Müller
c8ed88f4d6 Merge pull request #14689 from owncloud/better-missing-resource-handling
Log errors and create 404 in network list when a css or js is missing
2015-03-09 23:33:25 +01:00
Thomas Müller
2f61884956 Merge pull request #14753 from owncloud/verify-csrf-token-earlier
Verify CSRF token already in update.php and not the EventSource code
2015-03-09 23:06:15 +01:00
Thomas Müller
89be55a672 let insertIfNotExist() throw the native DBALException - no need to hide the real exception 2015-03-09 22:37:49 +01:00
Thomas Müller
b966a4eb17 Adding unit test which shows insertIfNotExists to fall apart in certain situations 2015-03-09 22:37:49 +01:00
Joas Schilling
2747a83a49 Get the id before using it 2015-03-09 22:37:49 +01:00
Joas Schilling
3115d66d60 Better save then sorry 2015-03-09 22:37:49 +01:00
Joas Schilling
940163e16b insertIfNotExists() for storage insertion 2015-03-09 22:37:49 +01:00
Joas Schilling
c917ea183c Only check unique keys for the comparison on filecache insert & update otherwise 2015-03-09 22:37:49 +01:00
Joas Schilling
8fa692388b Allow specifying the compare-array for insertIfNotExists() 2015-03-09 22:37:49 +01:00
Morris Jobke
94b7fa17c5 Merge pull request #14720 from owncloud/fix-shareetagpropagation
Fix size propagation over shared storage boundary
2015-03-09 16:24:06 +01:00
Morris Jobke
d34662122d Merge pull request #14429 from owncloud/issue/14176-validate-timezone-before-using
Etc timezones don't exist for .5 and .75 offsets
2015-03-09 16:16:16 +01:00
Vincent Petry
ec19d9c267 Add unit test for size propagation across share boundaries 2015-03-09 12:56:22 +01:00
Joas Schilling
01cd83a902 Merge pull request #14713 from owncloud/issue/14671-preview-delete-check-for-valid-fileid
Check whether the file id is valid, before using it to delete the previews
2015-03-09 11:56:46 +01:00
Lukas Reschke
2ac6f3a4f5 Clean-up code and use proper exception types 2015-03-09 11:48:55 +01:00
Joas Schilling
a12e16e985 Check whether the file id is valid, before using it to delete the previews 2015-03-09 11:25:18 +01:00
Thomas Müller
3623f14e73 no translation service in common storage class 2015-03-09 10:38:38 +01:00
Thomas Müller
2367797c17 Respect http header 'Accept-Language' on ocs and remote.php calls 2015-03-09 10:38:38 +01:00
Thomas Müller
33b11682f9 translate error messages 2015-03-09 10:38:38 +01:00
Lukas Reschke
2f18a09a20 Optimize loop 2015-03-09 10:38:38 +01:00
Thomas Müller
abacfd84da fixing js unit tests 2015-03-09 10:38:38 +01:00
Thomas Müller
e28d314b53 deprecate isValidFileName() 2015-03-09 10:38:38 +01:00
Thomas Müller
49e1a81eba fixing namespaces and PHPDoc 2015-03-09 10:38:37 +01:00
Thomas Müller
4bac595068 adding storage specific filename verification - refs #13640 2015-03-09 10:38:37 +01:00
Lukas Reschke
c0a02f1615 Verify CSRF token already in update.php and not the EventSource code
Issue report:
> Hum, well I upgraded the package then visited the web interface to
trigger the update and it failed; the UI would say there was a
possible CSRF attack and after that it'd be stuck in maintenance mode.
Tried a few times (by editing maintenance to false in owncloud.conf)
and same result each time.

That smells partially like an issue caused by our EventSource implementation, due to legacy concerns the CSRF verification happens within the EventSource handling and not when the actual endpoint is called, what happens here then is:

1. User has somehow an invalid CSRF token in session (or none at all)
2. User clicks the update button
3. Invalid CSRF token is sent to update.php - no CSRF check there => Instance gets set in maintenance mode
4. Invalid CSRF token is processed by the EventSource code => Code Execution is stopped and ownCloud is stuck in maintenance mode

I have a work-around for this problem, basically it verifies the CSRF token already in step 3 and cancels execution then. The same error will be shown to the user however he can work around it by refreshing the page – as stated by the error. I think that’s an acceptable behaviour for now: INSERT LINK

To verify this test:

1. Delete your ownCloud cookies
2. Increment the version in version.php
3. Try to upgrade
=> Before the patch: Instance shows an error, is set to upgrade mode and a refresh does not help
=> After the patch: Instance shows an error, a refresh helps though.

This is not really the best fix as a better solution would be to catch such situations when bootstrapping ownCloud, however, I don’t dare to touch base.php for this sake only, you never know what breaks then…

That said: There might be other bugs as well, especially the stacktrace is somewhat confusing but then again it installing ownCloud under /usr/share/owncloud/ and I bet that is part of the whole issue ;-)
2015-03-09 10:07:30 +01:00
Thomas Müller
fccede8f50 Merge pull request #14750 from owncloud/possible-fix-for-OC_Version
proper filename for "require version.php"
2015-03-09 09:55:21 +01:00
Morris Jobke
348fe105b1 Merge pull request #14706 from owncloud/ldap-reset-paged-search-on-null-limit
LDAP: set up paged search even if limit is 0
2015-03-09 08:12:25 +01:00
Morris Jobke
d550143ba0 proper filename for "require version.php" 2015-03-09 08:03:28 +01:00
Morris Jobke
674654c210 Merge pull request #14743 from owncloud/autoconfig-password
Convert 'abcpassword' to 'abcpass' during setup
2015-03-09 07:54:22 +01:00