Commit graph

1781 commits

Author SHA1 Message Date
Thomas Müller
80ef53eff0 verify the file name length not to exceed 255 characters + verify path during rename 2015-03-12 10:47:47 +01:00
Roeland Jago Douma
3560b32dfc Fix the avatarcontroller cache needing the cache dir
This was removed in 82254ad5ef and
unfortunatly missed by jenkins before mering into master.
2015-03-11 18:18:33 +01:00
Lukas Reschke
f9fd1629da Merge pull request #14705 from rullzer/avatarcontroller
Move AvatarController to AppFramework
2015-03-11 17:15:42 +01:00
Roeland Jago Douma
1a0f9c375b Avatar controller moved to AppFrameWork
* Original avatarcontroller migrated to the appframework
* Added DataDisplayResponse that show data inline in the browser (used
  to retrun the image)
* Removed some unneeded code
* Added unit tests for the avatarcontroller
2015-03-11 16:37:42 +01:00
Robin Appelman
169031d1c5 fix factory test 2015-03-11 15:07:59 +01:00
Robin Appelman
e1f2a6df94 Allow setting the watcher policy as mount option 2015-03-11 15:07:23 +01:00
Robin Appelman
7adda88786 Copy mount options to the storage 2015-03-11 15:06:48 +01:00
Robin Appelman
82a62fd249 Add test for storage factory 2015-03-11 15:06:12 +01:00
Morris Jobke
dbade19362 Merge pull request #13839 from owncloud/issue/13678-improve-remote-domain-detection-in-sharedropdown
Better finding the remote URL from user input in share dropdown
2015-03-11 14:38:41 +01:00
Morris Jobke
ad97ceb787 Merge pull request #13513 from owncloud/repair-legacystoragenofatalfail
Do not abort when meeting unfixable legacy storages
2015-03-11 13:32:33 +01:00
Lukas Reschke
8154ed4d2c Merge pull request #14791 from owncloud/fix-14516
Adding a more meaningful message for sabre dav exception
2015-03-11 12:52:18 +01:00
Thomas Müller
0f3e36fdfd Adding a more meaningful message for sabre dav exception - fixes #14516 2015-03-11 11:53:31 +01:00
Thomas Müller
6c1a1234f8 Properly handle available databases at runtime and respect setup checks in command line as well 2015-03-11 09:27:12 +01:00
Lukas Reschke
6dc59019af Merge pull request #14346 from owncloud/storage-based-path-validation
adding storage specific filename verification
2015-03-10 11:02:47 +01:00
Thomas Müller
214fa44400 Merge pull request #14534 from owncloud/add-child-src
Add support for 'child-src' directive
2015-03-10 10:30:44 +01:00
Joas Schilling
87431605b8 Add test for UniqueConstraintViolationException on wrong key 2015-03-10 09:26:45 +01:00
Thomas Müller
c8ed88f4d6 Merge pull request #14689 from owncloud/better-missing-resource-handling
Log errors and create 404 in network list when a css or js is missing
2015-03-09 23:33:25 +01:00
Thomas Müller
89be55a672 let insertIfNotExist() throw the native DBALException - no need to hide the real exception 2015-03-09 22:37:49 +01:00
Thomas Müller
b966a4eb17 Adding unit test which shows insertIfNotExists to fall apart in certain situations 2015-03-09 22:37:49 +01:00
Morris Jobke
d34662122d Merge pull request #14429 from owncloud/issue/14176-validate-timezone-before-using
Etc timezones don't exist for .5 and .75 offsets
2015-03-09 16:16:16 +01:00
Thomas Müller
3623f14e73 no translation service in common storage class 2015-03-09 10:38:38 +01:00
Thomas Müller
49e1a81eba fixing namespaces and PHPDoc 2015-03-09 10:38:37 +01:00
Thomas Müller
4bac595068 adding storage specific filename verification - refs #13640 2015-03-09 10:38:37 +01:00
Lukas Reschke
9f5433c0c3 Merge pull request #13368 from owncloud/memcache_lowlatency
Refactor \OC\Memcache\Factory
2015-03-05 13:05:17 +01:00
Robin McCorkell
0e4933e6d2 Refactor \OC\Memcache\Factory
Caches divided up into two groups: distributed and local. 'Low latency' is an
alias for local caches, while the standard `create()` call tries to get
distributed caches first, then local caches.

Memcache backend is set in `config.php`, with the keys `memcache.local` and
`memcache.distributed`. If not set, `memcache.distributed` defaults to the value
of `memcache.local`.
2015-03-05 11:36:34 +00:00
Joas Schilling
716ba49a82 Log errors and create 404 in network list when a css or js is missing 2015-03-04 17:56:33 +01:00
Joas Schilling
294724b5da Add a test for ObjectStore\NoopScanner 2015-03-04 11:48:31 +01:00
Morris Jobke
f1d74e8803 Merge pull request #14651 from owncloud/add-some-headers-to-htaccess-for-my-best-friend-jenkins
Let users configure security headers in their Webserver
2015-03-04 09:36:01 +01:00
Joas Schilling
e12c83e3dc Merge pull request #14674 from owncloud/fix-l10n-getlanguagecode-2
Jenkins #14650
2015-03-03 18:33:08 +01:00
Joas Schilling
5fc004f8ea Add a test of what everyone thinks should be the result of this method 2015-03-03 16:47:31 +01:00
Thomas Müller
be27188649 Merge pull request #14574 from owncloud/fix-irequest-for-older-php-versions
Read from IRequest instead of reading twice
2015-03-03 14:22:56 +01:00
Thomas Müller
e30ca8198f Merge pull request #14638 from owncloud/issue/14538-repairstep-drop-old-tables
Add a repair step to delete old tables
2015-03-03 13:37:54 +01:00
Joas Schilling
8df4077dd7 Add a test for dropping the tables 2015-03-03 11:27:06 +01:00
Joas Schilling
276d678080 Etc timezones don't exist for .5 and .75 offsets 2015-03-03 09:08:47 +01:00
Lukas Reschke
d620fc8798 Merge pull request #14615 from kampka/cron-command
Allow configuring background job mode from the console
2015-03-02 21:35:57 +01:00
Christian Kampka
83e0f84fef Allow configuring background job mode from the console 2015-03-02 20:51:40 +01:00
Lukas Reschke
bbd5f28415 Let users configure security headers in their Webserver
Doing this in the PHP code is not the right approach for multiple reasons:

1. A bug in the PHP code prevents them from being added to the response.
2. They are only added when something is served via PHP and not in other cases (that makes for example the newest IE UXSS which is not yet patched by Microsoft exploitable on ownCloud)
3. Some headers such as the Strict-Transport-Security might require custom modifications by administrators. This was not possible before and lead to buggy situations.

This pull request moves those headers out of the PHP code and adds a security check to the admin settings performed via JS.
2015-03-02 19:07:46 +01:00
Robin Appelman
00568af74d Allow running the async commands from unit tests 2015-03-02 15:25:31 +01:00
Vincent Petry
e61aa3723e Merge pull request #14573 from owncloud/enc-migrate-disable-updater
Disable the cache updater when doing the encryption migration
2015-03-02 14:53:29 +01:00
Lukas Reschke
b29940d956 Add support for 'child-src' directive
This is required when working with stuff such as PDF.js in the files_pdfviewer application. Opt-in only.

Master change only because the stable CSP policies has a failback that allows nearly anything 🙈
2015-02-28 12:27:46 +01:00
Lukas Reschke
d0c6af2cb5 Disable bootstrap.php checks when HHVM is used 2015-02-28 10:11:12 +01:00
Robin Appelman
89735ab22b add some tests for disabled updater 2015-02-27 17:14:17 +01:00
Morris Jobke
b4dfd043d7 Merge pull request #14575 from owncloud/cache-rename-overwrite
Fix cache update when doing a rename that overwrites the target
2015-02-27 17:11:37 +01:00
Robin Appelman
fc027bceb7 Fix cache update when doing a rename that overwrites the target 2015-02-27 16:39:58 +01:00
Bernhard Posselt
970b14d297 Merge pull request #13616 from owncloud/streamresponse
AppFramework StreamResponse
2015-02-27 15:43:01 +01:00
Bernhard Posselt
95239ad21e AppFramework StreamResponse
First stab at the StreamResponse, see #12988

The idea is to use an interface ICallbackResponse (I'm not 100% happy with the name yet, suggestions?) that allow the response to output things in its own way, for instance stream the file using readfile

Unittests are atm lacking, plan is to

check if a mock of ICallbackResponse will be used by calling its callback (also unhappy with this name) method
Usage is:

$response = new StreamResponse('path/to/file');

rename io to output, add additional methods and handle error and not modified cases when using StreamResponse

fix indention and uppercasing, also handle forbidden cases

fix indention

fix indention

no forbidden, figuring out if a file is really readable is too complicated to get to work across OSes and streams

remove useless import

remove useless import

fix intendation
2015-02-27 15:42:33 +01:00
Lukas Reschke
5c2fafa05f Read from IRequest instead of reading twice
Potentially fixes https://github.com/owncloud/core/issues/14541 and https://github.com/owncloud/core/issues/14506
2015-02-27 14:22:35 +01:00
Vincent Petry
1750e7b76d Fixed expected warning count on repair fail 2015-02-27 13:32:46 +01:00
Vincent Petry
32c9139ac2 Detect that the done flag was not set after repair fail 2015-02-27 13:16:38 +01:00
Vincent Petry
e6abe96374 Do not abort when meeting unfixable legacy storages 2015-02-27 12:03:22 +01:00
Thomas Müller
7fe07e93fe Merge pull request #14437 from owncloud/node-check-fileinfo
Check if we have a proper fileinfo
2015-02-27 02:56:13 -08:00
Thomas Müller
1c6857d92c Merge pull request #14529 from owncloud/intuitive-version-check
Make version check work on the lowest common version denominator
2015-02-27 02:16:23 -08:00
Lukas Reschke
9baf758150 Merge pull request #14503 from owncloud/quota-preventdatalossforfailedmove
Fix file move/copy when storage space is not enough
2015-02-26 16:35:13 +01:00
Vincent Petry
232de3bdc0 Delete target file for unsuccessful copy/rename 2015-02-26 15:11:37 +01:00
Morris Jobke
0c1e6fad6c Merge pull request #14300 from owncloud/commandbus
Add async command system to handle asynchronous operations
2015-02-26 15:10:13 +01:00
Robin Appelman
541c8c092d Add unit test 2015-02-26 12:20:20 +01:00
Bernhard Posselt
2987d4aec8 make version check work on the lowest common version denominator 2015-02-26 11:42:08 +01:00
Thomas Müller
adc986f3e4 Merge pull request #14502 from owncloud/failing-mysql-master-tests
Failing mysql master tests
2015-02-26 01:48:37 -08:00
Bernhard Posselt
59bbf27253 remove IDb interface from core class usage 2015-02-25 22:21:24 +01:00
Bernhard Posselt
f993ed823e fix tabs and spaces 2015-02-25 22:21:24 +01:00
Bernhard Posselt
aaf753bc9a fix mappertestutility 2015-02-25 22:21:24 +01:00
Bernhard Posselt
7b2fdbfb0b use IDBConnection and close cursors after insert/update/delete 2015-02-25 22:21:24 +01:00
Vincent Petry
9ee37169a6 Return null when requesting tags for null user
The TagManager->load() now returns null if the user is not authenticated
instead of failing with an error.
2015-02-25 17:20:26 +01:00
Vincent Petry
20738d287e Properly detect streamCopy errors
Now checking whether the written bytes match the number of read bytes.
2015-02-25 16:03:15 +01:00
Joas Schilling
993d89b3cc Extend the class so the Filesystem is cleaned up 2015-02-25 16:03:10 +01:00
Robin Appelman
9873ab20af prevent phpunit from messing with the bound $this 2015-02-25 15:09:41 +01:00
Robin Appelman
a39c7bf464 Add FileAccess trait for commands 2015-02-25 15:09:41 +01:00
Robin Appelman
74ae7b8929 Add async command system to handle asynchronous operations 2015-02-25 15:08:40 +01:00
Robin Appelman
a848a6b1dd Cleanup garbage collection for global file cache 2015-02-25 14:13:58 +01:00
Thomas Müller
bcf3704645 Merge pull request #14458 from owncloud/revive/11157
Get the real protocol behind several proxies
2015-02-25 02:51:46 -08:00
Thomas Müller
799e144b04 Merge pull request #14151 from owncloud/update-sabre2.1
Sabre Update to 2.1
2015-02-25 02:21:55 -08:00
Vincent Petry
fb87b746f0 Merge pull request #14213 from AW-UC/naturalsort_defaultcollator-patch-file-sorting
Update naturalsort_defaultcollator.php. Fixes #13982
2015-02-25 10:30:14 +01:00
AW-UC
0066c6f001 Add PHPunit test for DefaultCollator
This extends Test_NaturalSort to include a basic test for
\OC\NaturalSort_DefaultCollator()
2015-02-24 23:51:08 +01:00
Lukas Reschke
d43d34c93f Merge pull request #14195 from owncloud/activity-manager-performance-improvements
Activity manager performance improvements
2015-02-24 15:19:15 +01:00
Lukas Reschke
1c6eae9017 Get the real protocol behind several proxies
X-Forwarded-Proto contains a list of protocols if ownCloud is behind multiple reverse proxies.

This is a revival of https://github.com/owncloud/core/pull/11157 using the new IRequest public API.
2015-02-24 12:24:55 +01:00
Thomas Müller
bbf7f56f94 3rd-party apps are disabled on upgrade - refs #14026 2015-02-24 12:02:36 +01:00
Thomas Müller
e87ada86d1 Merge pull request #14416 from owncloud/setup-command
Setup command
2015-02-23 22:41:10 +01:00
Vincent Petry
9f6dcb9d3e Sabre Update to 2.1
- VObject fixes for Sabre\VObject 3.3
- Remove VObject property workarounds
- Added prefetching for tags in sabre tags plugin
- Moved oc_properties logic to separate PropertyStorage backend (WIP)
- Fixed Sabre connector namespaces
- Improved files plugin to handle props on-demand
- Moved allowed props from server class to files plugin
- Fixed tags caching for files that are known to have no tags
  (less queries)
- Added/fixed unit tests for Sabre FilesPlugin, TagsPlugin
- Replace OC\Connector\Sabre\Request with direct call to
  httpRequest->setUrl()
- Fix exception detection in DAV client when using Sabre\DAV\Client
- Added setETag() on Node instead of using the static FileSystem
- Also preload tags/props when depth is infinity
2015-02-23 22:27:23 +01:00
Thomas Müller
66e3211fd8 Merge pull request #13439 from owncloud/app-filter
Make the search box filter apps
2015-02-23 21:51:53 +01:00
Thomas Müller
1fd1b355e4 Fix namespace of OC_Setup -> \OC\Setup 2015-02-23 16:44:40 +01:00
Vincent Petry
4290e1990e Merge pull request #13829 from owncloud/appmanager-list
Better caching for enabled apps
2015-02-23 16:03:32 +01:00
Vincent Petry
e144d3aa49 Added unit test for app filter 2015-02-23 15:29:25 +01:00
Joas Schilling
b180724cd0 Extract the remote host from user input in share dropdown
Fix #13678
2015-02-23 11:28:41 +01:00
Thomas Müller
9aeeb2605b Check for PHP configuration before executing unit tests 2015-02-21 11:51:52 +01:00
Lukas Reschke
fcc5f5a4f4 Merge pull request #13777 from owncloud/close-cursor
Close cursor for appframework and manipulation queries if applicable
2015-02-20 20:15:22 +01:00
Lukas Reschke
41e5850450 Prevent directory traversals in ctr of \OC\Files\View
This prevents a misusage of \OC\Files\View by calling it with user-supplied input. In such cases an exception is now thrown.
2015-02-18 18:17:33 +01:00
Clark Tomlinson
8d09cc3b91 Merge pull request #13989 from owncloud/enhancment/security/11857
Allow AppFramework applications to specify a custom CSP header
2015-02-18 10:27:29 -05:00
Robin Appelman
5542fafd36 allow overwriting the appmanager in oc_util by subclassing 2015-02-18 14:24:50 +01:00
Morris Jobke
5d7d2adcbf Merge pull request #14207 from owncloud/propfind-optimize
Optimize quota calculation for propfind
2015-02-18 00:18:47 +01:00
Robin Appelman
04628cf368 better name for getAppsEnabledForUser 2015-02-17 15:05:29 +01:00
Robin Appelman
4d805b52cc Test improvements 2015-02-17 15:05:29 +01:00
Lukas Reschke
886bda5f81 Refactor OC_Request into TrustedDomainHelper and IRequest
This changeset removes the static class `OC_Request` and moves the functions either into `IRequest` which is accessible via `\OC::$server::->getRequest()` or into a separated `TrustedDomainHelper` class for some helper methods which should not be publicly exposed.

This changes only internal methods and nothing on the public API. Some public functions in `util.php` have been deprecated though in favour of the new non-static functions.

Unfortunately some part of this code uses things like `__DIR__` and thus is not completely unit-testable. Where tests where possible they ahve been added though.

Fixes https://github.com/owncloud/core/issues/13976 which was requested in https://github.com/owncloud/core/pull/13973#issuecomment-73492969
2015-02-16 22:13:00 +01:00
Thomas Müller
4910f3e202 fixing unit tests in UsersControllerTest 2015-02-16 19:45:40 +01:00
Thomas Müller
9271059195 Merge pull request #13750 from owncloud/enhanced-code-checker
Implement php code checker to detect usage of not allowed private ...
2015-02-16 16:55:57 +01:00
Joas Schilling
8eb804b1f6 Merge pull request #13269 from owncloud/issue/13211-cache-array-implementation
Add an array implementation of cache and use it if we are not debugging
2015-02-16 15:35:20 +01:00
Robin Appelman
23ab25e93a Use the app manager from oc_app 2015-02-16 15:16:13 +01:00
Robin Appelman
2b58e8489f Add getInstalledApps and getAppsForUser to the app manager 2015-02-16 15:15:35 +01:00
Joas Schilling
8848b5f067 Add an array implementation of cache and use it if we are not debugging 2015-02-16 14:55:50 +01:00
Lukas Reschke
a9d1a01440 Rename to allowEval 2015-02-16 12:30:21 +01:00
Lukas Reschke
b20174bdad Allow AppFramework applications to specify a custom CSP header
This change allows AppFramework applications to specify a custom CSP header for example when the default policy is too strict. Furthermore this allows us to partially migrate away from CSS and allowed eval() in our JavaScript components.

Legacy ownCloud components will still use the previous policy. Application developers can use this as following in their controllers:
```php
$response = new TemplateResponse('activity', 'list', []);
$cspHelper = new ContentSecurityPolicyHelper();
$cspHelper->addAllowedScriptDomain('www.owncloud.org');
$response->addHeader('Content-Security-Policy', $cspHelper->getPolicy());
return $response;
```

Fixes https://github.com/owncloud/core/issues/11857 which is a pre-requisite for https://github.com/owncloud/core/issues/13458 and https://github.com/owncloud/core/issues/11925
2015-02-16 11:00:41 +01:00