Björn Schießle
b318b9cf17
Merge pull request #17008 from owncloud/fix-17006
...
Improve splitting of username and remote adress when username contains an `@`
2015-06-26 16:01:16 +02:00
Joas Schilling
9b336765b6
Correctly check if the real file exists, otherwise try the part file
2015-06-26 13:17:23 +02:00
Vincent Petry
eae08d0adc
Release locks after class in tests
2015-06-25 16:33:02 +02:00
Vincent Petry
538e466c30
Keep shared locks in post hooks
...
Instead of unlocking after the file operation, change exclusive locks
back to shared locks during post hooks, and unlock after that.
Also added unit tests to test locking in pre-hooks, during operation and
post-hooks.
2015-06-25 16:33:02 +02:00
Morris Jobke
1601867c9d
Remove unneeded getetag entries in properties table
...
* fixes #13281
2015-06-25 08:44:26 +02:00
Vincent Petry
58439c337c
Merge pull request #17070 from owncloud/lock-movemountbug
...
Lock correct paths when moving mount
2015-06-24 18:37:48 +02:00
Vincent Petry
35047a2300
Fix locked paths in the moveMount case
...
When moving a mount point directly, the lock must be applied on the
local mount point path instead of the attached storage root.
Other operations will still lock the attached storage root.
2015-06-24 11:33:28 +02:00
Björn Schießle
cce841c665
Merge pull request #17045 from owncloud/enc_improvements
...
encryption improvements
2015-06-23 14:30:21 +02:00
Bjoern Schiessle
95602d4069
make sure that we always read the header from the original file
2015-06-23 11:41:21 +02:00
Joas Schilling
45f9083a58
Make an assertion in risky test testGetNodeForPathRoot
2015-06-22 16:49:04 +02:00
Joas Schilling
738b78f1b0
Use \OC\HintException and translate the hint
2015-06-22 15:34:06 +02:00
Joas Schilling
2b7e5f841a
Merge spliteUserRemote with fixRemoteUrlInShareWith
2015-06-22 15:25:23 +02:00
Bjoern Schiessle
d38a378b8c
make sure that we split username and server address at the first '@' from the right to allow usernames containing '@'
2015-06-22 15:25:23 +02:00
Björn Schießle
a88b370dc8
Merge pull request #12546 from oparoz/patch-1
...
Send the mime icon if we can't generate a preview
2015-06-22 13:55:17 +02:00
Lukas Reschke
4d23e06097
Fix undefined offset
...
There are cases where no trusted host is specified such as when installing the instance, this lead to an undefined offset warning in the log right after installing. (when another domain than localhost or 127.0.0.1 was used)
2015-06-22 12:28:07 +02:00
Thomas Müller
ced15c44b4
Merge pull request #16657 from owncloud/view-emit-path
...
emit hooks from a view as long as the path is inside the default root
2015-06-22 11:29:11 +02:00
Bernhard Posselt
7fe5ab4d4a
Merge pull request #17056 from owncloud/appframework-type-cast
...
Allow multiple whitespace in type hints in AppFramework
2015-06-22 10:35:28 +02:00
Robin McCorkell
f1e3e25158
AppFramework annotation whitespace unit test
2015-06-21 20:26:57 +01:00
Lukas Reschke
00a65e30ce
Request approved state for disabled apps with ocsid
...
In case an application gets disabled the level is set to "experimental" if it does not contain a `shipped` tag. This can for example be reproduced by installing the documents app from the appstore and then disabling it. Or cloning an app from git.
With this change the controller will now load the level of the application from the appstore if a valid OCSID has been provided.
Fixes https://github.com/owncloud/core/issues/17003
2015-06-19 19:04:54 +02:00
Olivier Paroz
ba3b6f9be4
Remove unneeded returns from private cropping methods
2015-06-19 15:07:49 +02:00
Vincent Petry
e15dd783ab
Workaround for empty dir deletion for SFTP
...
Explicitly clear the stat cache after deleting an empty folder to make
sure it is properly detected as deleted in subsequent requests.
This works around a problem with phpseclib where the folder is properly
deleted remotely but the stat cache was not updated.
2015-06-18 17:40:38 +02:00
Olivier Paroz
8193e1d7c1
Move media type icon preview creation to its own method
2015-06-18 13:24:15 +02:00
Vincent Petry
102c6ffc41
Normalize path in View's lock methods
2015-06-16 17:03:12 +02:00
Vincent Petry
e5d34a2733
Merge pull request #16892 from owncloud/lock-returnfullpath
...
Rethrow LockedException with full path
2015-06-16 16:47:10 +02:00
Joas Schilling
7d8b728066
Merge pull request #16832 from owncloud/memcache-fail
...
Throw exception if memcache misconfigured or missing
2015-06-16 11:00:18 +02:00
Joas Schilling
60005bea19
Merge pull request #16943 from owncloud/sabre-convertinvalidpath
...
Convert invalid path exception to sabre exception on MOVE
2015-06-16 10:49:22 +02:00
Vincent Petry
0e3a3dd5d7
Rethrow LockedException with full path
...
Because the path is converted to md5 from the original exception,
rethrow the exception with the correct full path
2015-06-16 10:48:31 +02:00
Lukas Reschke
fffef529ee
Adjust NullCache tests
2015-06-15 19:17:50 +02:00
Lukas Reschke
34f5541088
Add no-store
to AppFramework
2015-06-15 18:35:41 +02:00
Vincent Petry
1f91e9e65d
Convert invalid path exception to sabre exception on MOVE
2015-06-15 17:49:11 +02:00
Thomas Müller
de3ed8e077
Merge pull request #16821 from owncloud/compare-and-delete-locking-watch
...
Compare and delete locking watch
2015-06-15 14:09:06 +02:00
Thomas Müller
b6165b6865
Merge pull request #16912 from owncloud/webdav-smalltransferlockfix
...
Webdav PUT small file lock must be shared during hooks
2015-06-15 11:30:59 +02:00
Vincent Petry
4497aa4c68
Webdav PUT small file lock must be shared during hooks
...
Fixed code path for Webdav PUT of small files to use shared locks during
hook execution, and exclusive during the file operation
This makes it possible for versions to be copied by accessing the file
in a post_write hook.
2015-06-12 18:52:18 +02:00
Robin Appelman
ac9f998abd
add compare-and-delete to the memcache interface
2015-06-12 17:28:09 +02:00
Vincent Petry
446f628136
Merge pull request #16886 from owncloud/webdav-verify-path-again
...
verify path when getting a node for sabredav
2015-06-12 16:45:20 +02:00
Vincent Petry
3b08b26589
Throw exception if memcache misconfigured or missing
...
Instead of falling back to null memcache, throw exceptions.
Also throw file locking specific exceptions in case the class is not
available.
2015-06-12 12:33:06 +02:00
Joas Schilling
a7d2b3b9ae
Add return value to lock methods and check it in tests
2015-06-12 11:41:05 +02:00
Robin Appelman
5a5639ab76
tests for getNodeForPath with invalid path
2015-06-11 17:25:06 +02:00
Joas Schilling
afa030c561
Check the query() for all defined services
2015-06-11 12:28:30 +02:00
Joas Schilling
05f1ff8715
Correctly import NullCache class
2015-06-11 10:48:30 +02:00
Thomas Müller
9d90421e62
Merge pull request #16803 from owncloud/issue/16801-group-reshare-part-file-enc-keys
...
Check if the part files has keys when the original file does not
2015-06-09 11:41:36 +02:00
Joas Schilling
05c2fc72d8
Add a test for the fallback to the part file keys
2015-06-08 16:35:37 +02:00
Thomas Müller
64c9c27f7e
Merge pull request #16382 from oparoz/providers-are-responsible-for-the-size-of-their-preview
...
Fix max preview, some resizing and caching issues and force preview providers to resize their previews properly
2015-06-08 16:14:35 +02:00
Thomas Müller
a968b8409d
Merge pull request #16158 from owncloud/mountprovider-after-setup
...
Call newly registered mount providers after the filesystem is setup
2015-06-08 13:42:02 +02:00
Thomas Müller
f051b7381b
Merge pull request #16402 from owncloud/issue-15956-slow-group-usercount
...
Sort user groups by group name and hide the user count
2015-06-08 12:11:22 +02:00
Olivier Paroz
71d65cb713
Fix max preview, some resizing and caching issues and force preview providers to resize their previews properly
...
* introduces a method in OC_Image which doesn't stretch images when trying to make them fit in a box
* adds the method to all key providers so that they can do their job, as expected by the Preview class
* improves the caching mechanism of Preview in order to reduce I/O and to avoid filling the available disk space
* fixes some long standing issues
* **contains mostly tests**
2015-06-06 16:25:04 +02:00
Lukas Reschke
cbb15f3cbd
Merge pull request #16767 from owncloud/webdav-preventdeleteroot
...
Prevent deleting Webdav root
2015-06-05 19:56:20 +02:00
Vincent Petry
b97be0ea02
Fix sabre directory test cases
...
- rely on a mock subfolder instead of the root
- remove obsolete "Shared" limitation tests which did pass but not for the right
reasons
- added test for the prevention of root deletion
2015-06-05 19:04:59 +02:00
Thomas Müller
85d1ca11d4
Merge pull request #16765 from owncloud/fix-chunked-upload-jenkins
...
Fix chunked upload jenkins
2015-06-05 16:20:33 +02:00
Thomas Müller
680a67712b
fix unit test
2015-06-05 15:30:20 +02:00
Thomas Müller
cd82b24edd
Bring back unit tests for \OC\Cache\File
2015-06-05 14:29:15 +02:00
Joas Schilling
249e54e34a
Add unit tests for InvalidPath Exception being thrown
2015-06-05 13:55:12 +02:00
Joas Schilling
bb0cb0aaec
Merge pull request #15895 from owncloud/dav-getremoteetag
...
Get etag from remote OC server
2015-06-03 17:20:25 +02:00
Lukas Reschke
bf07eb45e2
Fix unit tests
...
Regression caused by https://github.com/owncloud/core/pull/16721
Failed the unit tests as per https://ci.owncloud.org/job/server-master-linux/database=sqlite,label=SLAVE/1994/testReport/junit/(root)/Test_Encryption_ManagerTest/testGetEncryptionModuleUnknown/ :
```
Test\Encryption\ManagerTest::testGetEncryptionModuleUnknown
Failed asserting that exception message 'Module with id: unknown does not exist.' contains 'Module with id: unknown does not exists.'
```
2015-06-03 17:07:30 +02:00
Morris Jobke
2edcce7e2a
use not deprecated method in tests
2015-06-03 14:33:56 +02:00
Lukas Reschke
3a233b8698
Merge pull request #16714 from owncloud/fix-cors-test
...
Fix #16713
2015-06-03 13:52:14 +02:00
Morris Jobke
e3440863bc
Merge pull request #16708 from owncloud/enc_fix_move_to_trash
...
make sure that we always use the correct owner for both source and target
2015-06-03 13:49:46 +02:00
Bernhard Posselt
21ce5d034b
fix #16713
2015-06-03 12:56:50 +02:00
Joas Schilling
d3e3a84cae
Move the helpful method to the TestCase class
2015-06-03 12:33:29 +02:00
Bjoern Schiessle
7eb2b31e34
make sure that we always use the correct owner for both source and target
2015-06-03 11:59:06 +02:00
Vincent Petry
120588dd7a
Disable update check test when testing wrappers
...
The checkUpdate test is intended for testing real storages, not
wrappers.
2015-06-02 15:14:37 +02:00
Robin Appelman
0497534a6e
more type hints
2015-06-02 14:07:55 +02:00
Robin Appelman
8926bca0c7
phpdoc, strict and type hints
2015-06-02 14:07:55 +02:00
Robin Appelman
24131586d7
call mount providers that are registered after the filesystem is setup
2015-06-02 14:07:54 +02:00
Robin Appelman
4b48dd424f
emit hooks from a view as long as the path is inside the default root
2015-06-02 14:07:20 +02:00
Joas Schilling
50a31fa8f9
Add unit tests for wrapStorage
2015-06-02 12:33:17 +02:00
Vincent Petry
c4cb93e644
Added storage backend test for checkUpdate
...
This helps testing whether checkUpdate properly returns false when no
change exists
2015-06-02 11:42:03 +02:00
Morris Jobke
cf2c599218
Merge pull request #16200 from owncloud/kill-globalfilecache
...
Drop file caching
2015-06-02 09:11:33 +02:00
Robin Appelman
a1372b2fb5
add method to atomically change between shared and exclusive lock
2015-06-01 13:24:02 +02:00
Robin Appelman
c72ea9f7d7
unit test for releaseall
2015-06-01 13:22:56 +02:00
Robin Appelman
b98dd3ceb8
release all locks after test
2015-06-01 13:22:56 +02:00
Robin Appelman
d519aba878
fix test
2015-06-01 13:22:56 +02:00
Robin Appelman
7e418c7d69
high level locking wip
2015-06-01 13:22:56 +02:00
Thomas Müller
c700f42b68
Merge pull request #16517 from owncloud/remove-logo-wide
...
replace logo-wide on share page as well with better icon + text
2015-05-29 12:15:02 +02:00
Jan-Christoph Borchardt
9194603c31
change tests back to check for logo-wide, make them pass again
2015-05-28 23:39:55 +02:00
Vincent Petry
e114d00242
Only use quota stream wrapper on "files"
...
Prevent using the quota stream wrapper on trashbin folders and other
metadata folders
2015-05-28 18:31:20 +02:00
Vincent Petry
ded62ff693
Merge pull request #16501 from owncloud/enc_fix_move_versions_between_storages
...
[encryption] fix move versions between storages
2015-05-28 15:28:25 +02:00
Bjoern Schiessle
5549641f1f
improve error messages displayed to the user
2015-05-27 21:00:02 +02:00
Björn Schießle
f70c309c2d
Merge pull request #16561 from owncloud/add-default-timeout-back
...
Add connection timeout to default POST options
2015-05-26 12:23:57 +02:00
Vincent Petry
39c6a36488
Merge pull request #16532 from owncloud/cors-no-cookie-auth
...
Disallow cookie auth for cors requests
2015-05-26 12:12:04 +02:00
Björn Schießle
ab0747113c
Merge pull request #16452 from owncloud/enc_ftp_upload
...
always write file, if fseek doesn't work we write the whole file
2015-05-26 12:02:41 +02:00
Thomas Müller
3babcd0344
Merge pull request #16339 from owncloud/master-override-channel
...
Allow change update channel via public API
2015-05-26 11:42:41 +02:00
Lukas Reschke
dff361dc5c
Add connection timeout to default POST options
...
Fixes https://github.com/owncloud/core/issues/16560
2015-05-26 11:22:50 +02:00
Vincent Petry
ce34edacfa
Merge pull request #16526 from owncloud/enc_fix_versions_webdav_upload
...
remove part file extension before we read a filekey
2015-05-22 16:42:52 +02:00
Bjoern Schiessle
c63f2286c0
copy keys before we move a file between storages to make sure that the new target file reuses the old file key, otherwise versions will break
2015-05-22 15:41:28 +02:00
Bernhard Posselt
c8e3599cad
disallow cookie auth for cors requests
...
testing ...
fixes
fix test
add php doc
fix small mistake
add another phpdoc
remove not working cors annotations from files app
2015-05-22 14:06:26 +02:00
Bjoern Schiessle
fef75e5417
remove part file extension before we read a filekey to reuse a existing key if possible, otherwise stuff like versioning will break
2015-05-22 12:12:31 +02:00
Jan-Christoph Borchardt
4e93d9e3a2
remove logo-wide from tests
2015-05-21 22:40:26 +02:00
Bjoern Schiessle
5a20edac82
test to simulate a non-seekable stream wrapper
2015-05-21 14:15:26 +02:00
Bjoern Schiessle
38bceb0d74
distinguish between source and target mount point to allow copy/rename between system wide mount points and user specific mountpoints
2015-05-21 14:06:45 +02:00
Vincent Petry
22968e806c
Get correct mimetype when moving and changing extension
...
Fixes issue when restoring folders from trash cross-storage, as such
folders have an extension ".d12345678".
Fixes issue when moving folders between storages and at the same time
changing their extension.
2015-05-21 10:57:58 +02:00
Morris Jobke
39d1e99228
Merge pull request #16322 from owncloud/trash-view
...
dont go trough the view when moving to trash
2015-05-20 14:44:01 +02:00
Vincent Petry
7386257676
Merge pull request #16075 from owncloud/skeleton-copy-delay
...
wait with copying the skeleton untill login and setupfs are done
2015-05-20 13:52:08 +02:00
Lukas Reschke
a62190a72d
Add support for disallowing domains to the ContentSecurityPolicy
...
For enhanced security it is important that there is also a way to disallow domains, including the default ones.
With this commit every method gets added a new "disallow" function.
2015-05-20 11:44:37 +02:00
Robin Appelman
2213d6597c
add tests for copyFromStorage with same storage
2015-05-19 17:30:32 +02:00
Scrutinizer Auto-Fixer
fdbc21fc6c
Scrutinizer Auto-Fixes
...
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
2015-05-19 11:23:06 +00:00
Morris Jobke
5f4e0863f5
Merge pull request #16420 from owncloud/update-useconfigtableprefix
...
Add unit test for migrator with different prefix
2015-05-19 12:19:46 +02:00
Thomas Müller
a52afb040a
Merge pull request #15965 from owncloud/conditional-logging
...
Conditional logging
2015-05-19 12:00:19 +02:00
Vincent Petry
fabdc4ba9d
Add unit test for migrator with different prefix
2015-05-19 10:43:14 +02:00
Björn Schießle
1c411baf17
Merge pull request #16412 from owncloud/jknockaert-patch-1
...
fix #16356
2015-05-18 19:26:40 +02:00
Clark Tomlinson
f9b6ee86cd
Merge pull request #16399 from owncloud/enc_rmdir_fix
...
[encryption] only try to delete file keys if it is a valid path
2015-05-18 11:09:36 -04:00
Bjoern Schiessle
1c500487ba
add a unit test to make sure that we don't try to read a file during a write operation
2015-05-18 17:00:54 +02:00
Björn Schießle
a1e60e7882
Merge pull request #15980 from owncloud/jknockaert-patch-1
...
fix bug #15973
2015-05-18 15:01:16 +02:00
Joas Schilling
d683752b37
Sort user groups by group name and hide the user count
2015-05-18 12:55:19 +02:00
Robin Appelman
a5d652a6b8
fix tests
2015-05-18 12:11:31 +02:00
Robin Appelman
415f16eb24
fix tests
2015-05-18 12:11:31 +02:00
jknockaert
62e6c46216
correct testSeek
2015-05-18 11:55:48 +02:00
Bjoern Schiessle
efa674f10d
only try to delete file keys if it is a valid path
2015-05-18 11:54:51 +02:00
Vincent Petry
7e271012b2
Merge pull request #16243 from owncloud/error_if_download_failed
...
redirect to error page if download failed
2015-05-18 11:42:55 +02:00
jknockaert
9a71eddaf9
work on tests
...
Tests reorganised and extended
2015-05-18 11:32:29 +02:00
Morris Jobke
7ee3f99a4a
Merge pull request #16364 from owncloud/add-warning-webdav
...
Add notice that WebDAV interface is not intended for browsers
2015-05-18 11:28:47 +02:00
Bjoern Schiessle
887be709f5
a new approach to display the error message
2015-05-18 10:15:17 +02:00
Victor Dubiniuk
4c9734f630
Test overriding channel
2015-05-15 22:37:14 +03:00
Vincent Petry
246000f799
Merge pull request #16176 from owncloud/fix-provisioning-api-set-quota
...
Validate the quota value to be a correct value
2015-05-15 18:07:13 +02:00
Joas Schilling
0991c0cc02
Merge pull request #16292 from owncloud/webdav-storage-fireprehooks
...
Fire prehooks when uploading directly to storage
2015-05-15 15:08:27 +02:00
Vincent Petry
eab55aa959
Properly log out test users in unit tests
2015-05-15 12:33:17 +02:00
Lukas Reschke
54ef098867
Add unit tests for \OC\Connector\Sabre\DummyGetResponsePlugin
2015-05-15 09:08:10 +02:00
Vincent Petry
3cae0135ad
Fire prehooks when uploading directly to storage
2015-05-13 17:47:04 +02:00
Robin Appelman
4789e87a53
Merge pull request #16276 from owncloud/dav-quota-root
...
fix webdav quota check for the root of the dav endpoint
2015-05-13 14:43:02 +02:00
Vincent Petry
1f7df3eba8
Added unit test to quota plugin for free_space argument
2015-05-13 13:58:01 +02:00
Arthur Schiwon
d6becb8d82
add repair steps to get rid of old background jobs
2015-05-12 18:19:44 +02:00
Björn Schießle
fbe4b77c49
Merge pull request #16228 from owncloud/enc_fix_restore
...
use hooks to update encryption keys
2015-05-12 13:10:16 +02:00
Morris Jobke
b11c0c533e
Merge pull request #16233 from owncloud/enc_fix_check_if_file_is_excluded
...
fix check if a file is excluded from encryption
2015-05-12 09:12:38 +02:00
Bjoern Schiessle
9dd517071e
fix check if file is excluded from encryption
2015-05-11 12:38:59 +02:00
Joas Schilling
dfed287dc0
Use insertIfNotExists to avoid problems with parallel calls
2015-05-11 12:38:33 +02:00
Joas Schilling
39497b9c3a
Add a test for parallel insert
2015-05-11 12:29:28 +02:00
Joas Schilling
2916b0ba76
Always test the object and the legacy class
2015-05-11 12:22:23 +02:00
Bjoern Schiessle
0d5c7a11e2
use hooks to update encryption keys instead of the storage wrapper if a file gets renamed/restored, as long as we
...
are in the storage wrapper the file cache isn't up-to-date
2015-05-11 12:06:57 +02:00
Morris Jobke
e79c255cab
Conditional logging
...
* Log condition for log level increase based on conditions. Once one of these
conditions is met, the required log level is set to debug. This allows to
debug specific requests, users or apps
* Supported conditions (setting `log_condition` in `config.php`):
- `shared_secret`: if a request parameter with the name `log_secret` is set to
this value the condition is met
- `users`: if the current request is done by one of the specified users,
this condition is met
- `apps`: if the log message is invoked by one of the specified apps,
this condition is met
* fix unit test and add app log condition test
2015-05-08 15:58:33 +02:00
Arthur Schiwon
3de7f58321
remove file cache classes and its tests
2015-05-08 14:05:54 +02:00
Thomas Müller
15d134124b
Validate the quota value to be a correct value
2015-05-07 17:56:13 +02:00
Andreas Fischer
4f6ecd3da6
\OC\Connector\Sabre\CopyEtagHeaderPlugin constructor does not take arguments.
2015-05-07 12:24:06 +02:00
Joas Schilling
aea734aaf1
Fix missing types on doc block and deduplicate the method name
2015-05-06 14:31:10 +02:00
Bjoern Schiessle
dc39bda870
move/copy from storage
2015-05-06 14:20:02 +02:00
Bjoern Schiessle
83ed4ee5b6
unit tests
2015-05-06 12:28:15 +02:00
Morris Jobke
874d35b27a
Merge pull request #16070 from owncloud/enc_update_file_cache_on_copy
...
make sure that we keep the correct encrypted-flag and the (unencrypted)size
2015-05-06 10:28:10 +02:00
Bjoern Schiessle
7089af96f2
make sure that we keep the correct encrypted-flag and the (unencrypted)size if a file gets copied
2015-05-05 16:17:14 +02:00
Morris Jobke
493844eda4
add positive tests for operator in code checker
2015-05-05 13:09:12 +02:00
Thomas Müller
aae098c24a
Check usage of != and == - refs #16054
2015-05-05 12:59:33 +02:00
Joas Schilling
59c657da53
Merge pull request #15772 from owncloud/issue-15771-dont-restrict-permissions-for-share-owner
...
Do not restrict permissions for the original owner
2015-05-04 15:07:37 +02:00
Thomas Müller
7376ea9b26
Merge pull request #15584 from owncloud/enc_fix_upload_shared_folder
...
skip user if we don't have a public key
2015-05-04 09:57:19 +02:00
Robin Appelman
ba7d221cff
allow getting the path from the lockedexception
2015-04-30 14:48:42 +02:00
Robin Appelman
8119b8b040
add tests for castrait
2015-04-30 14:48:39 +02:00
Robin Appelman
96f9573a4b
add memcache based shared/exclusive locking
2015-04-30 14:48:39 +02:00
Robin Appelman
acf30ede95
add compare and swap to memcache
2015-04-30 14:48:39 +02:00
Robin Appelman
29213b6136
extends memcache with add, inc and dec
2015-04-30 14:48:36 +02:00
Joas Schilling
cf4a6874fb
Allow setting protected properties
2015-04-30 12:04:02 +02:00
Joas Schilling
09d479e79d
Add a test to share a subfolder of a folder shared with the owner by group
2015-04-29 13:33:20 +02:00
Morris Jobke
8c7db2536d
Merge pull request #15596 from owncloud/issue/15589
...
Correctly generate the feedback URL for remote share
2015-04-29 10:52:43 +02:00
Morris Jobke
7df7a3b360
Merge pull request #15906 from rullzer/fix_15777
...
Password set via OCS API should not be double escaped
2015-04-29 10:44:25 +02:00
Lukas Reschke
34d0e610cc
Filter potential dangerous filenames for avatars
...
We don't want to have users misusing this API resulting in a potential file disclosure of "avatar.(jpg|png)" files.
2015-04-28 16:57:23 +02:00
Joas Schilling
b55ef51a27
Add tests for the correct share id on the call aswell
2015-04-28 14:56:13 +02:00
Roeland Jago Douma
02269b6464
Added unit test
2015-04-28 14:00:36 +02:00
Joas Schilling
02c60949dd
make scrutinizer happy
2015-04-28 11:28:54 +02:00
Joas Schilling
d146c13abd
Add tests for the remote sharing url
2015-04-28 11:28:54 +02:00
Morris Jobke
de8c15e1a4
Merge pull request #14764 from owncloud/shared-etag-propagate
...
Propagate etags across shared storages
2015-04-28 10:58:50 +02:00
Thomas Müller
7d0eba7a41
Merge pull request #15886 from owncloud/fix-15848-master
...
Adjust isLocal() on encryption wrapper
2015-04-27 15:06:26 +02:00
Thomas Müller
678b7d7e4d
Merge pull request #15860 from owncloud/enc_fallback_old_encryption
...
[encryption] handle encrypted files correctly which where encrypted with a old version of ownCloud (<=oc6)
2015-04-27 14:32:19 +02:00
Thomas Müller
936d564058
fixes #15848
2015-04-27 14:26:05 +02:00
Robin Appelman
6bf0579622
fix test
2015-04-27 14:07:16 +02:00
Robin Appelman
be55a90323
dont use our now non existing hook
2015-04-27 14:07:15 +02:00
Bjoern Schiessle
27683f9442
fall back to the ownCloud default encryption module and aes128 if we read a encrypted file without a header
2015-04-27 13:01:18 +02:00
Joas Schilling
8f61fbb81f
Fix new tests
2015-04-27 11:10:31 +02:00
Joas Schilling
d600955a51
Make getDefaultModuleId public and get module protected
2015-04-27 11:03:51 +02:00
Joas Schilling
4e97228cde
Deduplicate module mock
2015-04-27 11:03:51 +02:00
Joas Schilling
4b7ae395f2
Add test for setDefaultEncryptionModule
2015-04-27 11:03:51 +02:00
Joas Schilling
b35379515c
Add a test that the default module is returned before we fall back
2015-04-27 11:03:50 +02:00
Lukas Reschke
4dfdaf741c
Merge pull request #15834 from owncloud/make-temporary-file-really-unique
...
Fix collision on temporary files + adjust permissions
2015-04-25 23:18:26 +02:00
Lukas Reschke
b9df932e3c
Merge pull request #15683 from owncloud/block-legacy-clients
...
Block old legacy clients
2015-04-24 18:21:10 +02:00
Bjoern Schiessle
9a5783b284
fix unit tests
2015-04-24 16:47:27 +02:00
jknockaert
4554df2512
enable testWriteWriteRead
2015-04-24 16:44:00 +02:00
jknockaert
18a1225b0c
enable testRewind
2015-04-24 16:44:00 +02:00
jknockaert
27ea23ea6b
Update encryption.php
2015-04-24 16:44:00 +02:00
jknockaert
d6841aa706
disable r+ test
2015-04-24 16:44:00 +02:00
jknockaert
7a34f75da6
add two tests
...
testRewind tests reading and writing after rewind on an encrypted stream; testWriteWriteRead tests r+ mode
2015-04-24 16:44:00 +02:00
Joas Schilling
4334e77035
Merge pull request #15839 from owncloud/enc_fix_moving_shared_files
...
[encryption] fix moving files to a shared folder
2015-04-24 15:07:36 +02:00
Joas Schilling
411f7893bf
Add test "operation on keys failed"
2015-04-24 14:27:23 +02:00
Joas Schilling
781cfff221
Deduplicate data provider and fix method visibility
2015-04-24 13:12:45 +02:00
Bjoern Schiessle
24128d1384
only update share keys if the file was encrypted
2015-04-24 10:19:09 +02:00
Bjoern Schiessle
2646bccb83
update share keys if file gets copied
2015-04-23 17:18:48 +02:00
Bjoern Schiessle
2990b0e07e
update share keys if a file is moved to a shared folder
2015-04-23 17:18:48 +02:00
Lukas Reschke
ab9ea97d3a
Catch not existing User-Agent header
...
In case of an not sent UA header consider the client as valid
2015-04-23 16:33:51 +02:00
Lukas Reschke
155ae44bc6
Fix collision on temporary files + adjust permissions
...
This changeset hardens the temporary file and directory creation to address multiple problems that may lead to exposure of files to other users, data loss or other unexpected behaviour that is impossible to debug.
**[CWE-668: Exposure of Resource to Wrong Sphere](https://cwe.mitre.org/data/definitions/668.html )**
The temporary file and folder handling as implemented in ownCloud is performed using a MD5 hash over `time()` concatenated with `rand()`. This is insufficiently and leads to the following security problems:
The generated filename could already be used by another user. It is not verified whether the file is already used and thus temporary files might be used for another user as well resulting in all possible stuff such as "user has file of other user".
Effectively this leaves us with:
1. A timestamp based on seconds (no entropy at all)
2. `rand()` which returns usually a number between 0 and 2,147,483,647
Considering the birthday paradox and that we use this method quite often (especially when handling external storage) this is quite error prone and needs to get addressed.
This behaviour has been fixed by using `tempnam` instead for single temporary files. For creating temporary directories an additional postfix will be appended, the solution is for directories still not absolutely bulletproof but the best I can think about at the moment. Improvement suggestions are welcome.
**[CWE-378: Creation of Temporary File With Insecure Permissions](https://cwe.mitre.org/data/definitions/378.html )**
Files were created using `touch()` which defaults to a permission of 0644. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0600.
**[CWE-379: Creation of Temporary File in Directory with Incorrect Permissions](https://cwe.mitre.org/data/definitions/379.html )**
Files were created using `mkdir()` which defaults to a permission of 0777. Thus other users on the machine may read potentially sensitive information as `/tmp/` is world-readable. However, ownCloud always encourages users to use a dedicated machine to run the ownCloud instance and thus this is no a high severe issue. Permissions have been adjusted to 0700.Please enter the commit message for your changes.
2015-04-23 15:07:54 +02:00
Vincent Petry
b88d0ba0ac
Delete temp files after testing encryption stream wrapper
2015-04-23 13:42:18 +02:00
Lukas Reschke
ed0b465cf9
Use 403 instead a 50x response
2015-04-20 12:53:40 +02:00
Lukas Reschke
4ea205e262
Block old legacy clients
...
This Pull Request introduces a SabreDAV plugin that will block all older clients than 1.6.1 to connect and sync with the ownCloud instance.
This has multiple reasons:
1. Old ownCloud client versions before 1.6.0 are not properly working with sticky cookies for load balancers and thus generating sessions en masse
2. Old ownCloud client versions tend to be horrible buggy
In some cases we had in 80minutes about 10'000 sessions created by a single user. While this change set does not really "fix" the problem as 3rdparty legacy clients are affected as well, it is a good work-around and hopefully should force users to update their client
2015-04-20 11:12:17 +02:00
Georg Ehrke
8f51efc49e
get rid of OC_Geo
2015-04-19 20:16:56 +02:00
Morris Jobke
758b2332f0
Use data provider instead of hand-crafted for loops
...
* reduces scrutinizer complains
* uses PHPUnit functionality
2015-04-18 15:19:33 +02:00
Bjoern Schiessle
7d4b1b52d0
always create a new instance of the encryption module
2015-04-17 10:31:33 +02:00
Bjoern Schiessle
b25c06f576
detect system wide mount points correctly
2015-04-16 14:15:04 +02:00
Bjoern Schiessle
e3d77c4b01
add migration script from old encryption to new one
2015-04-16 14:15:04 +02:00
Vincent Petry
903d52d45f
Merge pull request #15809 from owncloud/view-null-root
...
dont allow using null as view root
2015-04-22 18:10:26 +02:00
Robin Appelman
e302213248
add unit tests for null handling in view
2015-04-22 16:24:25 +02:00
Thomas Müller
225cde2183
pass KeyStorage via ctor
2015-04-22 13:09:42 +02:00
Thomas Müller
987bc138df
calling renameKeys() on directory level as well - fixes #15778
2015-04-22 12:12:27 +02:00
Thomas Müller
fc4127dd62
add $encryptionModuleId to methods of Keys/IStorage
2015-04-22 11:53:05 +02:00
Björn Schießle
570718fb6b
Merge pull request #15757 from owncloud/enc-fixfeofforlastblock
...
Fix encryption feof to not return too early
2015-04-22 11:32:21 +02:00
Bjoern Schiessle
19e8c4fcb1
get dirname from sharePath
2015-04-21 14:58:01 +02:00
Vincent Petry
76dad297ff
Fix encryption feof to not return too early
...
This is because stream_read will pre-cache the next block which causes
feof($this->source) to return true prematurely. So we cannot rely on it.
Fixed encryption stream wrapper unit tests to actually simulate 6k/8k
blocks to make sure we cover the matching logic.
Added two data files with 8192 and 8193 bytes.
2015-04-20 18:32:40 +02:00
Lukas Reschke
fe2cbc3795
Merge pull request #15744 from owncloud/fix-inverted-path-in-resourcenotfound
...
Fix wrong path generation
2015-04-20 16:55:36 +02:00