Commit graph

4197 commits

Author SHA1 Message Date
Daniel Calviño Sánchez
64f9c56224 Extract element finding to a command object
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez
7642a4b727 Make internal find methods static
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Daniel Calviño Sánchez
16e3e81635 Add missing type hints
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-06 12:37:55 +02:00
Morris Jobke
0896d2b006 Make cache tests a bit more clear
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-04 19:37:40 -03:00
Mario Danic
e4aac15a92
Update login flow redirection
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-04 19:21:22 +02:00
Morris Jobke
61379c9165 Merge pull request #4682 from nextcloud/try-to-start-browser-sessions-again-when-they-fail-in-acceptance-tests
Try to start browser sessions again when they fail in acceptance tests
2017-05-04 00:02:18 -03:00
Daniel Calviño Sánchez
4fc9a7146b Add option to acceptance test runners to set a custom timeout multiplier
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez
b10478ff19 Try again to start browser sessions when they fail
Starting a session for an Actor can fail, typically, due to a timeout
connecting with the web browser. Now if the session fails to start it
will be tried again up to "actorTimeoutMultiplier" times in total before
giving up.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 23:18:40 +02:00
Daniel Calviño Sánchez
e355e953b5 Generalize attribute name
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:45:52 +02:00
Daniel Calviño Sánchez
97bedb94af Fix exponential increase of timeout when finding ancestor elements
The timeout passed to the "find" method was multiplied by the
"findTimeoutMultiplier" attribute. However, as "find" used
"findAncestor" and "findAncestor", in turn, used "find" itself the
timeout was increased exponentially for ancestor elements. Now "find"
was split in "find" and "findInternal"; the first method is the public
one and modifies the given parameters as needed and then calls the
second method, private, that performs the find itself.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-03 12:34:04 +02:00
Morris Jobke
dbe11916fa Merge pull request #4662 from nextcloud/remove-named-selectors-from-acceptance-tests
Remove named selectors from acceptance tests
2017-05-02 20:44:23 -03:00
Morris Jobke
f233e856bf Merge pull request #4665 from nextcloud/enable-redis
Add redis support to our CI jobs
2017-05-02 17:16:19 -03:00
Roeland Jago Douma
24ff230f93 Merge pull request #4620 from nextcloud/preview-error-handling
better handling of preview generation errors
2017-05-02 21:49:14 +02:00
Morris Jobke
ecb369b5e8
Add redis support to our CI jobs
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-05-02 15:55:42 -03:00
Lukas Reschke
121cb4bcfc Merge pull request #4659 from nextcloud/fix/ignore-empty-email-contacts-menu
Do not show an email action for contacts with emtpy email addresses
2017-05-02 17:02:16 +02:00
Daniel Calviño Sánchez
1381f6c131 Replace "named" Mink selectors with "named_exact" Mink selectors
The "named" Mink selector first tries to find an exact match for its
locator and then, if not found, tries to find a partial match. Besides
other harder to track problems (see comment in the commit in which the
"content" locator was removed), this could cause, for example, finding
an action link titled "Favorited" when looking for the action link
titled "Favorite" (that is, one that conveys the opposite state to the
one found).

Although currently all the acceptance tests are compatible with both the
"named" and the "named_exact" Mink selectors the predefined locators are
modified to use the "named_exact" Mink selector to make them more
future-proof; the "named" Mink selector can still be used if needed
through the "customSelector" method in the builder object.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:38 +02:00
Daniel Calviño Sánchez
762a8e0b76 Remove "content" locator from acceptance tests
The "content" locator uses the "named" Mink selector and the "content"
Mink locator to find the element. The "named" Mink first tries to find
the elements whose content match exactly the given content but, if none
is found, then it tries to find elements that just contain the given
content.

This behaviour can lead to hard to track issues. Finding the exact match
and, if not found, finding the partial match is done in quick
succession. In most cases, when looking for an exact match the element
is already there, it is returned, and everything works as expected. Or
it may not be there, but then it is not there either when finding the
partial match, so no element is returned, and everything works as
expected (that is, the actor tries to find again the element after some
time).

However, it can also happen that when looking for an exact match there
is no element yet, but it appears after trying to find the exact match
but before trying to find the partial match. In that situation the
desired element would be returned along with its ancestors. However, as
only the first found element is taken into account and the ancestors
would appear first the find action would be successful, but the returned
element would not be the expected one. This is highly unlikely, yet
possible, and can cause sporadic failures in acceptance tests that,
apparently, work as expected.

Using a "named_exact" Mink selector instead of the "named" Mink selector
does not provide the desired behaviour in most cases either. As it finds
any element whose content matches exactly the given content, looking for
"Hello world" in "<div><p><a>Hello world</a></p></div>" would match the
"div", "p" and "a" elements; in that situation the "div" element would
be the one returned, when typically the "a" element would be the
expected one.

As it is error prone and easily replaceable by more robust locators the
"content" locator was removed from the predefined ones (although it can
still be used if needed through the "customSelector" method in the
builder object).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-05-02 15:09:25 +02:00
Christoph Wurst
b13c741cb3
Do not show an email action for contacts with emtpy email addresses
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:12:04 +02:00
Robin Appelman
2847e9f2e3
fix preview tests
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-02 13:43:48 +02:00
Roeland Jago Douma
ae7c1504a9
Fix test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 11:38:21 +02:00
Roeland Jago Douma
762284ce93
Fix and update tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-02 08:59:53 +02:00
Lukas Reschke
dd03fdebec
Add missing space
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 20:36:25 +02:00
Lukas Reschke
a5ccb31e85
Mark IP as whitelisted if brute force protection is disabled
Currently, when disabling the brute force protection no new brute force attempts are logged. However, the ones logged within the last 24 hours will still be used for throttling.

This is quite an unexpected behaviour and caused some support issues. With this change when the brute force protection is disabled also the existing attempts within the last 24 hours will be disregarded.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-01 18:31:45 +02:00
Marius Blüm
f26764c790
Rename “Server settings” to “Basic settings”
* fixes #4587

Signed-off-by: Marius Blüm <marius@lineone.io>
2017-04-29 17:13:21 +02:00
Arthur Schiwon
99e97f135d
consolidate setEnabled method
and fix a unit test

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Arthur Schiwon
668fe7df51
UserManager can now count disabled users
Users page takes advantage of that

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Morris Jobke
4c37c38051
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke
485d6d6577
use proper return codes and handle failure cases
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke
2507e7459d
Improve wording of error messages
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke
a8457df064
fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:59:09 -03:00
Morris Jobke
72550377b4
add unit tests for enable method 2017-04-29 00:59:09 -03:00
Morris Jobke
e521b6799f
add unit tests for disable method 2017-04-29 00:59:09 -03:00
Morris Jobke
79d74a1425
adjust tests to have at least one disabled user 2017-04-29 00:54:30 -03:00
Roeland Jago Douma
84b4d448d0
Fix unit tests 2017-04-29 00:54:30 -03:00
Morris Jobke
a0bf706983
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-29 00:13:41 -03:00
Bjoern Schiessle
9b36f2d9ea
fix unit test
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:38 -03:00
Bjoern Schiessle
5fa0e6df39
fix email verification status
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:37 -03:00
Bjoern Schiessle
71657db4be
updated unit tests
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Bjoern Schiessle
cbf5acca45
check verification proof and update account table
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-04-28 23:41:36 -03:00
Morris Jobke
f000e22a97 Merge pull request #4522 from nextcloud/downstream-27596
Allow to create a user for a specific backend
2017-04-27 16:41:08 -03:00
Joas Schilling
9212089151
Use the new method in the old one to remove duplicate code
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 08:56:51 +02:00
Morris Jobke
4dab01d9ed Merge pull request #4501 from nextcloud/downstream-27144
Add duration of last job execution to the table
2017-04-26 23:16:21 -03:00
Morris Jobke
01705b1b6a Merge pull request #4515 from nextcloud/downstream-27643
Adjust query/event logging code in favour of more complex owncloud/di…
2017-04-26 22:58:01 -03:00
Morris Jobke
4a9cb81486 Merge pull request #4526 from nextcloud/downstream-27269
Don`t allow upload of files with extension .part
2017-04-26 18:21:13 -03:00
Morris Jobke
aad0794500 Merge pull request #4454 from nextcloud/add-bundles-to-install-page
Add app bundles to the apps page and unbundle enterprise apps
2017-04-26 18:20:40 -03:00
Morris Jobke
58fe27f092 Merge pull request #4461 from danxuliu/fix-closing-details-view-when-viewing-file-in-folder
Fix details view not closed when viewing a file in its folder
2017-04-26 17:42:55 -03:00
Lukas Reschke
d0e0bc55c8
Fix tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:08:44 +02:00
Lukas Reschke
3df99d8fd6
Add SocialSharingBundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:53 +02:00
Lukas Reschke
0c5a48c4a4
Add tests for repairstep
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00
Lukas Reschke
a05295fca3
Add spreed to Groupware bundle
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:52 +02:00
Lukas Reschke
0651d66181
Add tests for bundle code
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:51 +02:00
Lukas Reschke
3f9aaac4a2
Adjust tests
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-26 20:07:51 +02:00
Vincent Petry
1c771c097a
Use regex to detect part files 2017-04-26 16:12:48 +02:00
Piotr Mrówczyński
9fec4031b3
Adjust query/event logging code in favour of more complex owncloud/diagnostics (#27643)
* Adjust query/event logging code in favour of more complex owncloud/diagnostics
* Add descriptions to IQueryLogger and IEventLogger interfaces
2017-04-26 13:19:43 +02:00
Georg Ehrke
f32fc97533
fix ContactsStoreTest
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:28:15 +02:00
Georg Ehrke
60f9ed6241
add contactsmenu popover
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
2017-04-26 09:26:53 +02:00
Morris Jobke
d4329f3355 Merge pull request #4449 from stweil/mimetypes
Add mimetypes for jp2 and webp
2017-04-26 01:22:49 -03:00
Morris Jobke
215573fe3c Merge pull request #4486 from nextcloud/fix-js-unit
Remove DOMPurify from srcFiles
2017-04-25 22:39:55 -03:00
Jan-Christoph Borchardt
241e397326 Merge branch 'master' into contactsmenu
Signed-off-by: Jan-Christoph Borchardt <hey@jancborchardt.net>
2017-04-26 00:50:38 +02:00
Morris Jobke
255c7df3bd Merge pull request #4499 from nextcloud/downstream-26984
Trigger change when a user is enabled/disabled
2017-04-25 18:27:38 -03:00
Christoph Wurst
98f02fad60 Adjust entry unit test to newly added avatar property
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:18 +02:00
Christoph Wurst
2c2e1f7988 Use absolute URI for action icons
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
b8c2a8ae36 Don't show contacts an entry for themselves
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
36cee1f386 Let apps register contact menu provider via info.xml
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Christoph Wurst
d091793ceb Contacts menu
* load list of contacts from the server
* show last message of each contact

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 20:47:17 +02:00
Roeland Jago Douma
aae079aa29
AppToken to 72 chars
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 20:18:49 +02:00
Lukas Reschke
6a16df7288
Add new auth flow
This implements the basics for the new app-password based authentication flow for our clients.
The current implementation tries to keep it as simple as possible and works the following way:

1. Unauthenticated client opens `/index.php/login/flow`
2. User will be asked whether they want to grant access to the client
3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password.

If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler.
While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the
near future we have to think about an automatic migration endpoint so there's that anyways :-)

If the user chooses to use the regular login the following happens:

1. A session state token is written to the session
2. User is redirected to the login page
3. If successfully authenticated they will be redirected to a page redirecting to the POST controller
4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler.

This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 20:18:49 +02:00
Stefan Weil
8ba67fbe1e Add test code for new image mime types
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2017-04-25 19:22:46 +02:00
Lukas Reschke
16c8fdece3
Remove DOMPurify from srcFiles
It is already included via core.json

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-25 12:50:15 -03:00
Daniel Calviño Sánchez
16b4eecb05 Add acceptance tests for closing details view in Files app
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-25 17:45:37 +02:00
Noveen Sachdeva
1b1f403a5d
Add duration of last job execution to the table 2017-04-25 17:39:58 +02:00
Joas Schilling
ac0c21f4a7
Trigger change when a user is enabled/disabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 17:20:35 +02:00
Morris Jobke
5a9224fb4c Merge pull request #3531 from nextcloud/theming-scss
Theming using SCSS variables
2017-04-25 10:56:13 -03:00
Morris Jobke
6f2df5e495 Merge pull request #3195 from nextcloud/settings-apps-tabular
Make apps settings tabular
2017-04-25 10:25:29 -03:00
Roeland Jago Douma
82c9eb1c56 Merge pull request #4462 from danxuliu/fix-sharing-password-protected-link
Fix sharing a password protected link
2017-04-25 14:12:44 +02:00
Julius Haertl
68a63ad3f3
Implement scss variable injection by OC_Defaults
Signed-off-by: Julius Haertl <jus@bitgrid.net>

Add Scss variables to example theme and theming app

Signed-off-by: Julius Haertl <jus@bitgrid.net>

Use SCSSCacher to build theming css

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Update theming.scss

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Code cleanup

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Fix tests

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Inject SCSSCacher for easier testing

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Fix typehint

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Generate absolute URLs

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>

Fix tests to always use absolute urls for theming images

Signed-off-by: Julius Härtl <jus@bitgrid.net>

MailheaderColor -> ColorPrimary

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-25 11:39:45 +02:00
Christoph Wurst
bb1d191f82
Fix remember redirect_url on failed login attempts
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-04-25 09:38:19 +02:00
Felix A. Epp
2fbf1114ac Add installed category in AppSettingsControlerTest
Signed-off-by: Felix A. Epp <work@felixepp.de>
2017-04-25 00:22:57 +02:00
Roeland Jago Douma
41f492ada7 Merge pull request #4477 from danxuliu/acceptance-macos-nitpicking
Fix minor code style issues in acceptance test runner
2017-04-24 19:30:03 +02:00
Joas Schilling
6300be160a
Add unit tests for mounts of delete users
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-24 16:43:25 +02:00
blizzz
42e805f057 Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00
Daniel Calviño Sánchez
a56fb75e69 Add missing unit test for updateShare with email share
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez
de6b05a911 Add missing hook check
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez
dcc8cce28b Fix double hashing of shared link passwords
The plain text password for a shared links was hashed and, then, the
hashed password was hashed again and set as the final password. Due to
this the password introduced in the "Authenticate" page for the shared
link was always a wrong password, and thus the file could not be
accessed.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez
316710bcb1 Add acceptance tests for sharing password protected links
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez
13c84f6629 Add system to share data between acceptance test steps
The data storage (the "notebook") is shared between all the actors, so
the data can be stored and retrieved between different steps by any
actor in the same scenario.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-24 11:33:07 +02:00
Daniel Calviño Sánchez
b0b32eff1f Fix minor code style issues (also known as nitpicking)
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-22 17:50:37 +02:00
Morris Jobke
db7eedccc9
Run acceptance tests on macOS
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-21 14:11:56 -05:00
Roeland Jago Douma
eaa6f766e6 Merge pull request #4208 from danxuliu/add-basic-acceptance-test-system
Add basic acceptance test system
2017-04-21 20:53:32 +02:00
Daniel Calviño Sánchez
e970b5261f Make test passwords valid for the password_policy app
As requested by Morris Jobke, the passwords in the acceptance tests were
modified to make them valid both for a clean Nextcloud server and one
with the password_policy app enabled.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-21 14:47:44 +02:00
Daniel Calviño Sánchez
2f80025ec2 Move acceptance tests from build/acceptance to tests/acceptance
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
2017-04-21 14:44:29 +02:00
Joas Schilling
ec2f2b75be
Make sure we use a new encryption module all the time
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:48:14 +02:00
Joas Schilling
06e60f88c5
Don't assume the admin didn't configure Opcache correctly...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 13:17:21 +02:00
Joas Schilling
b2deb6deb0
Use the correct class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:55:11 +02:00
Joas Schilling
0de5fc9020
Import some classes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:54:14 +02:00
Joas Schilling
ada615eb86
Use the correct Dummy and Backend class
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:48:51 +02:00
Joas Schilling
9871e4eaee
Kill dead code
> No tests found in class "Test\Share\MailNotificationsTest".

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:43:19 +02:00
Joas Schilling
d2d9f74707
Fix warning with undefined method
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:37:59 +02:00
Joas Schilling
a0ada9aab4
Don't use deprecated getMock() anymore
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:30:21 +02:00
Joas Schilling
24789ba0f4
Restoring the error handler within the error handler causes unexpected results
See http://php.net/manual/en/function.restore-error-handler.php#120879
for more information.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:23:34 +02:00
Joas Schilling
38c901fadf
Delete the correct config value
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:23:12 +02:00
Joas Schilling
140580f9d8 Merge pull request #4398 from nextcloud/fix_accesslistcode
Get proper accesslist for userFolder
2017-04-20 11:03:22 +02:00
Joas Schilling
b469882595 Merge pull request #4212 from individual-it/master
validate file name before uploading in upload only folder
2017-04-20 10:50:56 +02:00
Roeland Jago Douma
ae2db5e60d
Get proper accesslist for userFolder
If the accesslist is requested for a users root folder we should
properly construct the path

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-20 10:28:32 +02:00
Morris Jobke
16c4755e03
Rename renderHTML to renderHtml
* fixes #4383
* improves consistency

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-19 15:46:41 -05:00
Roeland Jago Douma
ad24b86013 Merge pull request #4350 from nextcloud/adjust-old-bruteforce-protection-annotations
Adjust existing bruteforce protection code
2017-04-19 09:27:23 +02:00
Morris Jobke
f1ddb939a0 Merge pull request #4371 from nextcloud/dont-allow-dot-usernames
Better validation of allowed user names
2017-04-18 20:04:32 -05:00
Morris Jobke
269600a04f Merge pull request #4369 from nextcloud/fix-translations
Fix translations
2017-04-18 18:01:50 -05:00
Joas Schilling
1c0bffe87f
Fix translations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:40:53 -05:00
Lukas Reschke
0a54d5a5dd
Beautify test email
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 16:18:00 -05:00
Morris Jobke
d379ac7545 Merge pull request #4372 from nextcloud/smtp-password
Don't put the SMTP password into the HTML code
2017-04-18 16:13:31 -05:00
Morris Jobke
d2c4440ed6
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-18 15:08:38 -05:00
Lukas Reschke
805419bb95
Add bruteforce protection to changePersonalPassword
While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-18 17:55:51 +02:00
Artur Neumann
88f02f27a3 JS tests for upload only function
Signed-off-by: Artur Neumann <info@individual-it.net>
2017-04-18 20:43:25 +05:45
Joas Schilling
fcaa315c96
Fix some more stuff
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:11:29 +02:00
Joas Schilling
dfca672378
Fix tests
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 16:08:29 +02:00
Joas Schilling
a3922bbcdc
Better validation of allowed user names
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 14:29:34 +02:00
Morris Jobke
10290eb006 Merge pull request #2834 from nextcloud/accesListToShareManager
Access list to share manager
2017-04-15 13:06:24 -05:00
Lukas Reschke
727688ebd9
Adjust existing bruteforce protection code
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Lukas Reschke
8149945a91
Make BruteForceProtection annotation more clever
This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware.

Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 23:05:33 +02:00
Lukas Reschke
81d3732bf5 Merge pull request #4308 from nextcloud/lost-password-email
Update email template for lost password email
2017-04-13 20:02:15 +02:00
Morris Jobke
d36751ee38 Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login
Fix login controller test and consolidate login
2017-04-13 12:16:38 -05:00
Joas Schilling
e1d54e3b48
Add more tests for the share helper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
7d416ac1dd
Activate the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:53 +02:00
Joas Schilling
629b7c0fc3
Adjust docs and make !$currentAccess simpler
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
4eeb194ae5
Fix share manager test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
5b57bb955b
Fix default share provider
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Joas Schilling
2fcf334c6a
Fix tests for ShareHelper
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:58:52 +02:00
Roeland Jago Douma
4437e00f16
Add shareHelper test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
12afd7d1d5
Add mail element to access list
* Each provider just returns what they have so adding an element won't
require changing everything
* Added tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
2cbac3357b
Offload acceslist creation to providers
* This allows for effective queries.
* Introduce currentAccess parameter to speciy if the users needs to have
currently acces (deleted incomming group share). (For notifications)

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:50 +02:00
Roeland Jago Douma
553b3b2928
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
7dcc98eb20
Add owner to access list
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:49 +02:00
Roeland Jago Douma
d84df15590
Add getAccessList to ShareManager
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-04-13 12:58:48 +02:00
Lukas Reschke
e39e6d0605
Remove expired attempts
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:18 +02:00
Lukas Reschke
31ae39c569
Add tests for multiple parameters
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:18 +02:00
Lukas Reschke
a1ae5275f9
Move to dedicated MiddleWare
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:17 +02:00
Lukas Reschke
66835476b5
Add support for ratelimiting via annotations
This allows adding rate limiting via annotations to controllers, as one example:

```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```

Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-13 12:00:16 +02:00
Lukas Reschke
01f3698175 Merge pull request #3966 from nextcloud/downstream-26570
Override config.php values through environment variables
2017-04-13 10:51:09 +02:00
Morris Jobke
7cb6038fca Merge pull request #3043 from nextcloud/issue-3038-no-logentry-on-email-login
Dont create a log entry on email login
2017-04-13 01:04:11 -05:00
Morris Jobke
1f962f9115
Update email template for lost password email
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 15:19:53 -05:00
Roeland Jago Douma
b3b24172e4 Merge pull request #4307 from nextcloud/sharing-emails
New emails for sharebymail
2017-04-12 21:23:11 +02:00
Morris Jobke
ae4c2893a2
Fix unit tests
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 12:42:23 -05:00
Joas Schilling
1c8c62272c
Use instance name as alt-text
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 17:16:26 +02:00
Morris Jobke
050ce1d40b
Add addBodyButton to add a single button to email templates
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 17:16:26 +02:00
Roeland Jago Douma
dccb8928a1 Merge pull request #4325 from nextcloud/downstream-27522
Optimize put - Dont try to fetch filecache for not existing filecache…
2017-04-12 16:04:03 +02:00
Björn Schießle
b90e91144b Merge pull request #3614 from nextcloud/discover-federatedsharing-endpoints
Discover federatedsharing endpoints
2017-04-12 16:01:07 +02:00
Joas Schilling
30817fa319
Simplify the test
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-12 13:23:55 +02:00
Piotr M
dc78f1251e
Optimize put - Dont try to fetch filecache for not existing filecache in encription 2017-04-12 12:54:20 +02:00
Lukas Reschke
b5d31e4e65 Merge pull request #4309 from nextcloud/remove-unused-code
Removes unused code for link share emails
2017-04-12 10:15:59 +02:00