Morris Jobke [Mon, 12 Nov 2018 14:13:10 +0000 (15:13 +0100)]
Fix UniqueConstraintViolationException while insert into oc_file_locks
* fixes #9305 by not being prone to the race condition in insertIfNotExists
* fixes #6899 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
* followup to #12371
Morris Jobke [Mon, 12 Nov 2018 12:43:46 +0000 (13:43 +0100)]
Fix UniqueConstraintViolationException while insert into oc_filecache
* fixes #6160 by not being prone to the race condition in insertIfNotExists
* fixes #12228 by not using a query that can result in a deadlock
* replaces the insertIfNotExists call with an insert which is wrapped into a try-catch block
Bjoern Schiessle [Tue, 30 Oct 2018 21:11:17 +0000 (22:11 +0100)]
first check if the user is already logged in and then try to authenticate via apache, this way we suppress wrong audit log messages about failed login attempts
Else it triggers the rendering two times. Resulting is weird state in
for example the comments. Because the comments for OLD_FILEID are
retrieved but then the model is changed to NEW_FILEID. But the old
comments still get in and get parsed.
There is no reason to log FileLock errors as exceptions to the log file.
Locks happen for very legit reasons and it is actually a sign of the
code doing its job.
If a user can't authenticate normally (because they have 2FA that is not
available on their devices for example). The redirect that is generated
should be of the proper format.
This means
1. Include the protocol
2. Include the possible subfolder
If doing achunked upload the mimetype of the folder would otherwise be
guessed from the path. Which always returned application/octet-stream.
If an access control rule to block that is in place this means that all
chunked uploads fail hard in directories as the isCreatable on the
directory always fails.
If we hit an expired token there is no need to continue checking. Since
we know it is a token.
We also should not register this with the bruteforce throttler as it is
actually a valid token. Just expired. Instead the authentication should
fail. And buisness continues as usual.
Move the browser window of an actor to the foreground when acting as him
Each time a new actor appears in a scenario the browser window of the
new actor is put in front of the browser windows of the previous actors.
Before, when acting again as a previous actor his browser window stayed
in the background; in most cases everything worked fine even if the
window was in the background, but due to a bug in the Firefox driver of
Selenium and/or maybe in Firefox itself when the window was in the
background it was not possible to set the value of an input field that
had a range selected.
Now, when acting again as a previous actor his browser window is brought
to the foreground. This prevents the bug from manifesting, but also
reflects better how a user would interact with the browser in real life.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Move acceptance tests that crash the PHP built-in server to Apache
The PHP built-in server can crash when certain actions are performed in
Nextcloud (but although the crash is triggered by Nextcloud it does not
seem to be a Nextcloud bug), which can lead to failures in the
acceptance tests that would have otherwise passed.
A crash of the PHP built-in server during an acceptance test can be
identified by the message "sh: 1: kill: No such process" in the
acceptance tests output; as the PHP built-in server crashed its process
does no longer exist when it is tried to be killed when the scenario
ends.
Although the crash has been observed in other tests too it is more
prevalent in the tests for tags and the theming app. In order to
reduce the false positives those tests are now run on Apache instead of
on the PHP built-in sever. However, the rest of tests are still run on
the PHP built-in server due to its lower resource consumption.
In order to run a feature or just a scenario using Apache it has to be
tagged with "@apache"; features or scenarios without that tag (the
default) will run on the PHP built-in server instead.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Link the default Apache directory to the Nextcloud server in all runners
In order to run the acceptance tests in Apache "/var/www/html" has to be
linked to the root directory of the Nextcloud server. Before this was
automatically done when launching the acceptance tests through
"./run.sh", but an explicit command was needed when run in Drone. Now
the linking was moved from "run.sh" to "run-local.sh", so it is
automatically done when run through "./run.sh" and in Drone, including
when running the tests for an app instead of for the server.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Double check for failed cache with a shared storage
When obtaining the SourceRootInfo we can call init. If this fails the
cache is set to a failed cache and the storage to a failed storage.
However we did not check for this. Which means that if the storage was
invalid it would fail later on.
Stefan Weiberg [Thu, 11 Oct 2018 18:24:36 +0000 (20:24 +0200)]
backport of #10778
Adding a check to see if keyFileContents is empty:
* this fixes a download error and an exception if the data content
for encryption is empty
* #3958: for recovering encrypted files with a damaged signature
this is necessary in addition to turning the signature check off
projects / nextcloud-server.git / log