Commit graph

3668 commits

Author SHA1 Message Date
Lukas Reschke
3950ce9223 Merge pull request #2351 from nextcloud/remember-session-default
do not remember session tokens by default
2016-11-28 14:05:04 +01:00
Lukas Reschke
0cc771ce19 Merge pull request #2353 from nextcloud/renew-session-token-remember
copy remember-me value when renewing a session token
2016-11-28 14:04:13 +01:00
Christoph Wurst
6543182d13 fix parameter order
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-28 10:00:53 +01:00
Christoph Wurst
ad610ae772 Merge pull request #2327 from nextcloud/exclude-pre-releases
Exclude pre-release versions as per SemVer
2016-11-28 09:55:24 +01:00
Christoph Wurst
2183a1f3e6 copy remember-me value when renewing a session token
On renew, a session token is duplicated. For some reason we did
not copy over the remember-me attribute value. Hence, the new token
was deleted too early in the background job and remember-me did
not work properly.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:19:57 +01:00
Christoph Wurst
9b808c4014 do not remember session tokens by default
We have to respect the value of the remember-me checkbox. Due to an error
in the source code the default value for the session token was to remember
it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:03:28 +01:00
Morris Jobke
64fb0fb3dd Merge pull request #2276 from nextcloud/update-email-address
Update email address
2016-11-25 11:40:20 +01:00
Lukas Reschke
29402e2c0a
Exclude pre-release versions as per SemVer
As SemVer can be used apps could define a release like "10.0.0-alpha". This is something that we don't support at the moment in the server and we should filter all prereleases.

Ref https://github.com/nextcloud/server/pull/2307#issuecomment-262911588

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-25 11:32:46 +01:00
Bjoern Schiessle
0de685c562
bring back setEmailAddress for the user management
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-25 10:26:48 +01:00
Bjoern Schiessle
3fc75073b8
update accounts table if email address or display name changes from outside
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-25 10:26:47 +01:00
Roeland Jago Douma
72f9920a58
Add Identityproof tests
* Add tests for Key
* Add tests for Manager
* Add tests for Signer
* Removed URLGenerator from Signer

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-24 21:50:19 +01:00
Lukas Reschke
6a4c0cf237
Loop for newest version in appstore response
The current implementation when fetching apps from the appstore is to assume that the first element is the newest version, this is now always applicable and leads to the fact that for some apps (e.g. nextant) the newest version is not delivered. This can be easily tested by comparing the version of the downloaded Nextant version.

This change will loop over all releases delivered by the appstore and chooses the newest compatible one. While not the cleanest solution, it does its job.

Most of the code are actually unit tests. Whereas I have copied the whole original response from the appstore and also have performed the transformation. So that's why the diff looks so huge.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-24 14:29:57 +01:00
Bjoern Schiessle
546989959c
update email address correctly
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-23 20:19:31 +01:00
Lukas Reschke
a05b8b7953
Harden cookies more appropriate
This adds the __Host- prefix to the same-site cookies. This is a small but yet nice security hardening.

See https://googlechrome.github.io/samples/cookie-prefixes/ for the implications.

Fixes https://github.com/nextcloud/server/issues/1412

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 12:53:44 +01:00
Roeland Jago Douma
df215625f1 Merge pull request #1972 from nextcloud/invalid-files-from-scanner
Make sure we don't scan files that can not be accessed
2016-11-22 12:55:54 +01:00
Robin Appelman
cd24010fa4 Merge pull request #2214 from nextcloud/remove-logging
remove old logging section
2016-11-21 17:17:02 +01:00
Robin Appelman
0048b3aa2e
update tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-21 15:59:08 +01:00
Lukas Reschke
d001dbd259
Adjust unit tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:03 +01:00
Lukas Reschke
8bf4111368
Fix changing display names for subadmins
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
Lukas Reschke
fb91bf6a5b
Add a signer class for signing
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-21 11:30:00 +01:00
Bjoern Schiessle
a32d6e481f
fix unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:30:00 +01:00
Bjoern Schiessle
b23a4ca96b
push public user data to the lookup server
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:29:59 +01:00
Bjoern Schiessle
c5e61947a9
remove old test class
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:29:59 +01:00
Bjoern Schiessle
08e6541a88
fix unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2016-11-21 11:29:58 +01:00
Björn Schießle
de1f3f05fd
allow to change display names in the user settings again
keep display name and email address in sync with the accounts table

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:29:54 +01:00
Björn Schießle
40b99734d3
introduce accounts table and keep it up-to-date with the data added to the personal settings
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-21 11:29:41 +01:00
Joas Schilling
558f169671
Move the validation into one place only
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-21 09:23:37 +01:00
Joas Schilling
4652d203e3
Make sure we don't scan files that can not be accessed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-21 09:23:32 +01:00
Lukas Reschke
8ec2e34576 Merge pull request #1602 from nextcloud/ignore-mod-env
Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
2016-11-18 21:42:56 +01:00
Morris Jobke
46768e71d9 Merge pull request #2076 from nextcloud/log_preview_access
Dispatch event on preview request
2016-11-18 20:45:29 +01:00
Morris Jobke
332eaec4c0 Merge pull request #1447 from nextcloud/password-confirmation-for-some-actions
Password confirmation for some actions
2016-11-18 15:42:30 +01:00
Robin Appelman
8b9ad46ba3 Merge pull request #768 from nextcloud/s3-objectstore
Add S3 objectstore backend
2016-11-18 14:55:07 +01:00
Joas Schilling
b2d9c20aac
Fix unit tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 12:10:51 +01:00
Morris Jobke
d3900fc0d5 Merge pull request #2177 from nextcloud/appmanager-getapppath
Expose getAppPath to public API
2016-11-17 22:39:34 +01:00
Julius Haertl
caacb6c261
Expose getAppPath to public API
Signed-off-by: Julius Haertl <jus@bitgrid.net>
2016-11-17 19:24:24 +01:00
Morris Jobke
bba32cf4b7 Merge pull request #2163 from nextcloud/app-password-scope-warngings
fix warnings when updating app password
2016-11-17 17:52:23 +01:00
Felix Epp
1614b310ef Add system config htaccess.IgnoreFrontController for prettyURLs w/o mod_env
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.

Signed-off-by: Felix A. Epp <work@felixepp.de>
2016-11-16 22:28:49 +01:00
Roeland Jago Douma
74c68d8761
Add OCSControllerTests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 19:49:51 +01:00
Robin Appelman
d2dee32756
fix warnings when updating app password
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 19:14:36 +01:00
Robin Appelman
4ac5fdcf11
add tests for FileInfo::isMounted
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:30:37 +01:00
Robin Appelman
e4d1cf0f6d
add tests for http/output
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:30:37 +01:00
Robin Appelman
eefd059716
add amazon s3 objectstore backend
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:30:36 +01:00
Robin Appelman
64e896cc0d
split testing of objectstoragestorage and objectstore implementations
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:30:36 +01:00
Robin Appelman
e633f2f8df
add test
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:33 +01:00
Robin Appelman
e77432783b
Add test for setting up fake fs
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:32 +01:00
Roeland Jago Douma
311531ecce
Adds tests for the AuthSettingsController
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 15:24:31 +01:00
Roeland Jago Douma
59d6003f89
Adds NullCache ans NullStorage tests for Lockdown
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 15:24:31 +01:00
Roeland Jago Douma
e5bc80b31d
Adds TokenProvider and Mapper tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 15:24:31 +01:00
Robin Appelman
91851c37be
add tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:30 +01:00
Robin Appelman
4c3d18a9fc
explicit types
Signed-off-by: Robin Appelman <robin@icewind.nl>
2016-11-16 15:24:29 +01:00