Commit graph

76 commits

Author SHA1 Message Date
Morris Jobke
5b20600da9
Merge pull request #7313 from nextcloud/ensure-that-x-oc-mtime-header-is-an-integer-with-chunked-uploads
Ensure that X-OC-MTime header is an integer with chunked uploads
2017-12-11 15:07:05 +01:00
Roeland Jago Douma
d2fe30d464
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-12-04 15:23:20 +01:00
Daniel Calviño Sánchez
2a7b1bae10 Reject X-OC-MTime header if given as a string with hexadecimal notation
In PHP 7.X hexadecimal notation support was removed from "is_numeric",
so "sanitizeMtime" directly rejected those values; in PHP 5.X, on the
other hand, "sanitizeMtime" returned 0 when a string with hexadecimal
notation was given (as it was the behaviour of "intval"). To provide a
consistent behaviour between PHP versions, and given that it does not
make much sense to send X-OC-MTime in hexadecimal notation, now
X-OC-MTime is always rejected if given as a string with hexadecimal
notation.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-28 01:08:52 +01:00
Thomas Müller
ffe034abb0 Don't use runInSeparateProcess
Directly calling "header" in the PHPUnit process causes the "Cannot
modify header information - headers already sent by" error to be thrown.
Instead of running the test in a separate process, which is slower, this
commit wraps the call to "header" in a method that can be mocked in the
tests.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:39:45 +01:00
Daniel Calviño Sánchez
a5e4c2ea11 Add tests for X-OC-MTime header handling
This commit is based on the commits from pull request 28066 (included in
018d45cad97e0) from ownCloud by Artur Neumann and Phil Davis.

Unit tests are currently run only on systems that support negative
mtimes, so no special handling of negative values was included in the
tests to keep the test code more manageable.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:39:45 +01:00
Daniel Calviño Sánchez
2af3d8a9b2 Make possible to provide a specific HTTP request object to File
This will be used in a following commit to test how the X-OC-MTime
header is handled.

This commit is based on the "make File::put() more testable" commit
(included in 018d45cad97e0) from ownCloud by Artur Neumann.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-27 20:39:41 +01:00
Björn Schießle
f347e2e4a6
Merge pull request #7047 from nextcloud/add-support-for-files-with-no-permissions
Add support for files with no permissions
2017-11-20 16:15:52 +01:00
Morris Jobke
0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Daniel Calviño Sánchez
555d582f35 Return whether the file is readable or not in the DAV permissions
Until now it was safe to assume that every file was readable by its
owner, so there was no need to return whether the file was readable or
not. However, with the introduction of end to end encryption that is no
longer the case, and it is now necessary to explicitly provide that
information.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-11-02 19:37:00 +01:00
Morris Jobke
3f107e59dd
Fix another warning
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-26 10:36:17 +02:00
Morris Jobke
ab36980d20
Use ::class in test mocks of dav app
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-26 10:16:12 +02:00
Morris Jobke
43e498844e
Use ::class in test mocks
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-10-24 17:45:32 +02:00
Roeland Jago Douma
ab63c89ab3
Fix quota calculation on new dav upload endpoint
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-09-13 19:28:38 +02:00
Morris Jobke
fc12bd0be6 Do not log WebDAV maintenance mode exception
Log the maintenance mode exception only in debug level. Fixes #6124

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-08-15 15:03:39 +02:00
Bjoern Schiessle
f186a5cfb1
fix and extend dav test to also test the master-key setup
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-07-06 11:47:11 +02:00
Joas Schilling
b27819785e
Don't log passwords on dav exceptions
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-29 17:20:10 +02:00
Joas Schilling
698a7cb7f0 Merge pull request #5124 from nextcloud/allow-dirlisting-with-unreadable-items
Allow dir-listing also when one child is blocked by access control
2017-06-16 10:47:08 +02:00
Lukas Reschke
633396001f
Prevent sending second WWW-Authenticate header
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.

Fixes https://github.com/nextcloud/server/issues/5088

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-06-13 13:54:52 +02:00
Joas Schilling
b6d6f3c521
Fix unit test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-07 11:24:00 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
df3909a7c3
Use Bearer backend for SabreDAV
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Joas Schilling
5f6153168f
Fix class names
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 15:45:41 +02:00
Joas Schilling
a9d06c07d8
Fix last unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 10:18:31 +02:00
Joas Schilling
6fb7d9a865
Don't end the abstract class name with Test.php
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 09:49:37 +02:00
Vincent Petry
614bd5c294
Properly handle missing READ permission 2017-04-27 09:29:02 +02:00
Joas Schilling
53deb26778
Fix duplicate name of class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 09:15:50 +02:00
Vincent Petry
7b6e4d0dd2
Fix FutureFile MOVE to keep destination node
Sabre usually deletes the target node on MOVE before proceeding with the
actual move operation. This fix prevents this to happen in case the
source node is a FutureFile.
2017-04-26 15:46:38 +02:00
Vincent Petry
642b4331a6
Moved unit tests from ObjectTree::move to Directory 2017-04-26 15:42:29 +02:00
Morris Jobke
c54a59d51e
Remove unused use statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-22 19:23:31 -05:00
Joas Schilling
a3c3124762
Allow file upload when storage is unlimited
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 12:27:47 +02:00
Thomas Müller
5bfce597a9
[CI] Can we get some faster phpunit execution? (#27113)
* Don't backup globals and static attributes

* Unset global variable to remove impact on followup tests

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 12:34:05 -06:00
Maxence Lange
16e1c21fcc
fix mock
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-03-14 19:27:20 +01:00
Roeland Jago Douma
c75b5a5614
Properly handle groups with a /
If a group contains a slash the principal URI becomes
principals/groups/foo/bar. Now the URI is plit on '/' so this creates
issues ;)

Fixes #2957

* Add tests for groups with /

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-02-27 17:07:18 +01:00
Morris Jobke
9533f4e5ed
Clean up single user mode
Single user mode basically disables WebDAV, OCS and cron execution. Since
we heavily rely on WebDAV and OCS also in the web UI it's basically useless.
An admin only sees a broken interface and can't even change any settings nor
sees any files. Also sharing is not possible.

As this is at least the case since Nextcloud 9 and we haven't received any
reports for this it seems that this feature is not used at all so I removed it.

The encryption commands now rely on the well tested maintenance mode.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-02-22 23:02:31 -06:00
Joas Schilling
33fb86f68b
Fix detection of the new iOS app
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-10 10:10:21 +01:00
Michael Jobst
969c19b2e9
Fixed size issues on main detail view and disappearing of share recipients (#26603)
* fixed size issues on main detail view and disappearing of share recipients

* Changes due to code comments

* Moved reloadProperties() to FileInfoModel

* Solved Scrutinizer issues

* Bugfix: undefined value used on error

* check if options are set for FileInfoModel.initialize()

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-23 16:56:55 +01:00
Roeland Jago Douma
030118cd85 Merge pull request #2111 from nextcloud/oc_26549
Remove unused $view from FilesPlugin (#26549)
2016-11-14 17:00:04 +01:00
Thomas Müller
506ccdbd8d
Introduce an event for first time login based on the last login time stamp
Use firstLogin event to trigger creation of default calendar and default address book

Delay login of admin user after setup so that firstLogin event can properly be processed for the admin

Fixing tests ...

Skeleton files are not copied over -> only 3 cache entries are remaining

Use updateLastLoginTimestamp to properly setup lastLogin value for a test user
2016-11-14 14:50:10 +01:00
Vincent Petry
17ea1bfb75
Remove unused $view from FilesPlugin (#26549)
The Sabre FilesPlugin never uses the view so remove it.
2016-11-14 14:45:33 +01:00
Robin Appelman
ec2235e14b
fix tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-10 15:06:24 +01:00
Thomas Müller
c778b1bade
Update sabre dav to 3.2 (#26115)
* Update sabre/dav to 3.2.0

* Adjust code to work with sabre/dav 3.2.0 and it's dependencies

* Adding own CalDAV plugin to fix calendar home property

* Test if there is a user logged in when listing files home

* Update sabre version used by integration tests

* Disable unauthenticated DAV access

This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.

=====

* Fixed so cherry-pick was succesfull

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-04 13:35:10 +01:00
Vincent Petry
6a4ea2c15a
Upload autorename on client side
Removes the need for POST to collection which would hit against upload
limits.

The client tries to auto rename the file by adding a suffix "(2)".
It tries to use the file list on the client side to guess a
suitable name. In case a file still cannot be uploaded and creates a
conflict, which can happen when the file was concurrently uploaded, the
logic will continue increasing the suffix.
2016-11-02 22:15:03 +01:00
Robin Appelman
3692769b0a
Add getShareTypesInFolder to optimize folder listening
Signed-off-by: Robin Appelman <icewind@owncloud.com>
2016-10-31 15:55:40 +01:00
Thomas Müller
9df3869bfc
Fix unit tests for BlockLegacyClientPlugin 2016-10-25 18:03:10 +02:00
Vincent Petry
c68e273664
Goodbye Iframe transport !
Not needed any more in IE >= 11

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Vincent Petry
59c5be1cc5
Use Webdav PUT for uploads in the web browser
- uses PUT method with jquery.fileupload for regular and public file
  lists
- for IE and browsers that don't support it, use POST with iframe
  transport
- implemented Sabre plugin to handle iframe transport and redirect the
  embedded PUT request to the proper handler
- added RFC5995 POST to file collection with "add-member" property to
  make it possible to auto-rename conflicting file names
- remove obsolete ajax/upload.php and obsolete ajax routes

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-24 21:45:00 +02:00
Morris Jobke
2b76d14330 Merge pull request #1834 from nextcloud/downstream-26186
Add more files plugins to new DAV endpoint
2016-10-21 09:44:15 +02:00
Vincent Petry
73e216e0a7
Add more files plugins to new DAV endpoint (#26186)
* Add more files plugins to new DAV endpoint

Also fix report plugin to properly retrieve the path from the
prolongated URL

* In case the report is not for this plugin -> simply return to allow other plugins to get executed

* Adjust onReport tests to match new behavior
2016-10-20 21:36:15 +02:00
Joas Schilling
246bb9f33d
Move OC\Files\Storage\Shared to the right namespace 2016-10-20 20:27:44 +02:00
Morris Jobke
98c8464564 Merge pull request #1821 from nextcloud/downstream-26366
Code style changes from downstream
2016-10-20 20:18:47 +02:00