diff options
| -rw-r--r-- | apps/dav/appinfo/v1/caldav.php | 1 | ||||
| -rw-r--r-- | apps/dav/appinfo/v1/carddav.php | 1 | ||||
| -rw-r--r-- | apps/dav/lib/Connector/LegacyDAVACL.php | 3 | ||||
| -rw-r--r-- | apps/dav/lib/Connector/Sabre/DavAclPlugin.php | 17 | ||||
| -rw-r--r-- | apps/files/lib/Activity/FavoriteProvider.php | 17 | ||||
| -rw-r--r-- | apps/files/lib/Service/TagService.php | 23 | ||||
| -rw-r--r-- | build/integration/features/bootstrap/CalDavContext.php | 11 | ||||
| -rw-r--r-- | build/integration/features/bootstrap/CardDavContext.php | 12 | ||||
| -rw-r--r-- | build/integration/features/caldav.feature | 55 | ||||
| -rw-r--r-- | build/integration/features/carddav.feature | 21 | ||||
| -rw-r--r-- | core/js/js.js | 38 | ||||
| -rw-r--r-- | core/js/tests/specs/coreSpec.js | 6 | ||||
| -rw-r--r-- | issue_template.md | 3 | ||||
| -rw-r--r-- | lib/private/Setup.php | 15 | ||||
| -rw-r--r-- | lib/private/Updater.php | 2 |
15 files changed, 177 insertions, 48 deletions
diff --git a/apps/dav/appinfo/v1/caldav.php b/apps/dav/appinfo/v1/caldav.php index f524c47a821..7f2ff2b37da 100644 --- a/apps/dav/appinfo/v1/caldav.php +++ b/apps/dav/appinfo/v1/caldav.php @@ -67,6 +67,7 @@ $nodes = array( // Fire up server $server = new \Sabre\DAV\Server($nodes); +$server::$exposeVersion = false; $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri()); $server->setBaseUri($baseuri); diff --git a/apps/dav/appinfo/v1/carddav.php b/apps/dav/appinfo/v1/carddav.php index b70045d420b..04344e83fde 100644 --- a/apps/dav/appinfo/v1/carddav.php +++ b/apps/dav/appinfo/v1/carddav.php @@ -66,6 +66,7 @@ $nodes = array( // Fire up server $server = new \Sabre\DAV\Server($nodes); +$server::$exposeVersion = false; $server->httpRequest->setUrl(\OC::$server->getRequest()->getRequestUri()); $server->setBaseUri($baseuri); // Add plugins diff --git a/apps/dav/lib/Connector/LegacyDAVACL.php b/apps/dav/lib/Connector/LegacyDAVACL.php index d5185ecd03b..46cbb504cce 100644 --- a/apps/dav/lib/Connector/LegacyDAVACL.php +++ b/apps/dav/lib/Connector/LegacyDAVACL.php @@ -67,6 +67,7 @@ class LegacyDAVACL extends DavAclPlugin { return new Principal(Principal::UNAUTHENTICATED); } }); - parent::propFind($propFind, $node); + + return parent::propFind($propFind, $node); } } diff --git a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php index 244394ec6fc..427a3756019 100644 --- a/apps/dav/lib/Connector/Sabre/DavAclPlugin.php +++ b/apps/dav/lib/Connector/Sabre/DavAclPlugin.php @@ -23,6 +23,7 @@ namespace OCA\DAV\Connector\Sabre; +use Sabre\CalDAV\Principal\User; use Sabre\DAV\Exception\NotFound; use Sabre\DAV\IFile; use Sabre\DAV\INode; @@ -72,4 +73,20 @@ class DavAclPlugin extends \Sabre\DAVACL\Plugin { return $access; } + + public function propFind(PropFind $propFind, INode $node) { + // If the node is neither readable nor writable then fail unless its of + // the standard user-principal + if(!($node instanceof User)) { + $path = $propFind->getPath(); + $readPermissions = $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, false); + $writePermissions = $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, false); + if ($readPermissions === false && $writePermissions === false) { + $this->checkPrivileges($path, '{DAV:}read', self::R_PARENT, true); + $this->checkPrivileges($path, '{DAV:}write', self::R_PARENT, true); + } + } + + return parent::propFind($propFind, $node); + } } diff --git a/apps/files/lib/Activity/FavoriteProvider.php b/apps/files/lib/Activity/FavoriteProvider.php index ed00d50f221..941579e730d 100644 --- a/apps/files/lib/Activity/FavoriteProvider.php +++ b/apps/files/lib/Activity/FavoriteProvider.php @@ -138,12 +138,21 @@ class FavoriteProvider implements IProvider { * @param string $subject */ protected function setSubjects(IEvent $event, $subject) { + $subjectParams = $event->getSubjectParameters(); + if (empty($subjectParams)) { + // Try to fall back to the old way, but this does not work for emails. + // But at least old activities still work. + $subjectParams = [ + 'id' => $event->getObjectId(), + 'path' => $event->getObjectName(), + ]; + } $parameter = [ 'type' => 'file', - 'id' => $event->getObjectId(), - 'name' => basename($event->getObjectName()), - 'path' => trim($event->getObjectName(), '/'), - 'link' => $this->url->linkToRouteAbsolute('files.viewcontroller.showFile', ['fileid' => $event->getObjectId()]), + 'id' => $subjectParams['id'], + 'name' => basename($subjectParams['path']), + 'path' => trim($subjectParams['path'], '/'), + 'link' => $this->url->linkToRouteAbsolute('files.viewcontroller.showFile', ['fileid' => $subjectParams['id']]), ]; $event->setParsedSubject(str_replace('{file}', $parameter['path'], $subject)) diff --git a/apps/files/lib/Service/TagService.php b/apps/files/lib/Service/TagService.php index cf80d780eaf..cea26d26d16 100644 --- a/apps/files/lib/Service/TagService.php +++ b/apps/files/lib/Service/TagService.php @@ -116,14 +116,21 @@ class TagService { } $event = $this->activityManager->generateEvent(); - $event->setApp('files') - ->setObject('files', $fileId, $path) - ->setType('favorite') - ->setAuthor($user->getUID()) - ->setAffectedUser($user->getUID()) - ->setTimestamp(time()) - ->setSubject($addToFavorite ? FavoriteProvider::SUBJECT_ADDED : FavoriteProvider::SUBJECT_REMOVED); - $this->activityManager->publish($event); + try { + $event->setApp('files') + ->setObject('files', $fileId, $path) + ->setType('favorite') + ->setAuthor($user->getUID()) + ->setAffectedUser($user->getUID()) + ->setTimestamp(time()) + ->setSubject( + $addToFavorite ? FavoriteProvider::SUBJECT_ADDED : FavoriteProvider::SUBJECT_REMOVED, + ['id' => $fileId, 'path' => $path] + ); + $this->activityManager->publish($event); + } catch (\InvalidArgumentException $e) { + } catch (\BadMethodCallException $e) { + } } } diff --git a/build/integration/features/bootstrap/CalDavContext.php b/build/integration/features/bootstrap/CalDavContext.php index 5db56f0fe7a..cae0089875f 100644 --- a/build/integration/features/bootstrap/CalDavContext.php +++ b/build/integration/features/bootstrap/CalDavContext.php @@ -72,16 +72,18 @@ class CalDavContext implements \Behat\Behat\Context\Context { } /** - * @When :user requests calendar :calendar + * @When :user requests calendar :calendar on the endpoint :endpoint * @param string $user * @param string $calendar + * @param string $endpoint */ - public function requestsCalendar($user, $calendar) { - $davUrl = $this->baseUrl . '/remote.php/dav/calendars/'.$calendar; + public function requestsCalendar($user, $calendar, $endpoint) { + $davUrl = $this->baseUrl . $endpoint . $calendar; $password = ($user === 'admin') ? 'admin' : '123456'; try { - $this->response = $this->client->get( + $request = $this->client->createRequest( + 'PROPFIND', $davUrl, [ 'auth' => [ @@ -90,6 +92,7 @@ class CalDavContext implements \Behat\Behat\Context\Context { ] ] ); + $this->response = $this->client->send($request); } catch (\GuzzleHttp\Exception\ClientException $e) { $this->response = $e->getResponse(); } diff --git a/build/integration/features/bootstrap/CardDavContext.php b/build/integration/features/bootstrap/CardDavContext.php index 4ee882cc2e6..2dce688ab85 100644 --- a/build/integration/features/bootstrap/CardDavContext.php +++ b/build/integration/features/bootstrap/CardDavContext.php @@ -72,20 +72,21 @@ class CardDavContext implements \Behat\Behat\Context\Context { } catch (\GuzzleHttp\Exception\ClientException $e) {} } - /** - * @When :user requests addressbook :addressBook with statuscode :statusCode + * @When :user requests addressbook :addressBook with statuscode :statusCode on the endpoint :endpoint * @param string $user * @param string $addressBook * @param int $statusCode + * @param string $endpoint * @throws \Exception */ - public function requestsAddressbookWithStatuscode($user, $addressBook, $statusCode) { - $davUrl = $this->baseUrl . '/remote.php/dav/addressbooks/users/'.$addressBook; + public function requestsAddressbookWithStatuscodeOnTheEndpoint($user, $addressBook, $statusCode, $endpoint) { + $davUrl = $this->baseUrl . $endpoint . $addressBook; $password = ($user === 'admin') ? 'admin' : '123456'; try { - $this->response = $this->client->get( + $request = $this->client->createRequest( + 'PROPFIND', $davUrl, [ 'auth' => [ @@ -94,6 +95,7 @@ class CardDavContext implements \Behat\Behat\Context\Context { ], ] ); + $this->response = $this->client->send($request); } catch (\GuzzleHttp\Exception\ClientException $e) { $this->response = $e->getResponse(); } diff --git a/build/integration/features/caldav.feature b/build/integration/features/caldav.feature index 948151485db..5c3983fc40b 100644 --- a/build/integration/features/caldav.feature +++ b/build/integration/features/caldav.feature @@ -1,31 +1,52 @@ Feature: caldav Scenario: Accessing a not existing calendar of another user Given user "user0" exists - When "admin" requests calendar "user0/MyCalendar" + When "admin" requests calendar "user0/MyCalendar" on the endpoint "/remote.php/dav/calendars/" Then The CalDAV HTTP status code should be "404" And The exception is "Sabre\DAV\Exception\NotFound" And The error message is "Node with name 'MyCalendar' could not be found" - # Blocked by https://github.com/php/php-src/pull/1417 - #Scenario: Accessing a not shared calendar of another user - # Given user "user0" exists - # Given "admin" creates a calendar named "MyCalendar" - # Given The CalDAV HTTP status code should be "201" - # When "user0" requests calendar "admin/MyCalendar" - # Then The CalDAV HTTP status code should be "404" - # And The exception is "Sabre\DAV\Exception\NotFound" - # And The error message is "Node with name 'MyCalendar' could not be found" + Scenario: Accessing a not shared calendar of another user + Given user "user0" exists + Given "admin" creates a calendar named "MyCalendar" + Given The CalDAV HTTP status code should be "201" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not shared calendar of another user via the legacy endpoint + Given user "user0" exists + Given "admin" creates a calendar named "MyCalendar" + Given The CalDAV HTTP status code should be "201" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not existing calendar of another user + Given user "user0" exists + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" + + Scenario: Accessing a not existing calendar of another user via the legacy endpoint + Given user "user0" exists + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/caldav/calendars/" + Then The CalDAV HTTP status code should be "404" + And The exception is "Sabre\DAV\Exception\NotFound" + And The error message is "Node with name 'MyCalendar' could not be found" Scenario: Accessing a not existing calendar of myself Given user "user0" exists - When "user0" requests calendar "admin/MyCalendar" + When "user0" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" Then The CalDAV HTTP status code should be "404" And The exception is "Sabre\DAV\Exception\NotFound" And The error message is "Node with name 'MyCalendar' could not be found" - # Blocked by https://github.com/php/php-src/pull/1417 - #Scenario: Creating a new calendar - # When "admin" creates a calendar named "MyCalendar" - # Then The CalDAV HTTP status code should be "201" - # And "admin" requests calendar "admin/MyCalendar" - # Then The CalDAV HTTP status code should be "200" + Scenario: Creating a new calendar + When "admin" creates a calendar named "MyCalendar" + Then The CalDAV HTTP status code should be "201" + And "admin" requests calendar "admin/MyCalendar" on the endpoint "/remote.php/dav/calendars/" + Then The CalDAV HTTP status code should be "207" diff --git a/build/integration/features/carddav.feature b/build/integration/features/carddav.feature index 4fbe403c7db..9432130066e 100644 --- a/build/integration/features/carddav.feature +++ b/build/integration/features/carddav.feature @@ -1,26 +1,39 @@ Feature: carddav Scenario: Accessing a not existing addressbook of another user Given user "user0" exists - When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" + When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Accessing a not shared addressbook of another user Given user "user0" exists Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" - When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" + And The CardDAV exception is "Sabre\DAV\Exception\NotFound" + And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" + + Scenario: Accessing a not existing addressbook of another user via legacy endpoint + Given user "user0" exists + When "admin" requests addressbook "user0/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/" + And The CardDAV exception is "Sabre\DAV\Exception\NotFound" + And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" + + Scenario: Accessing a not shared addressbook of another user via legacy endpoint + Given user "user0" exists + Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/carddav/addressbooks/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Accessing a not existing addressbook of myself Given user "user0" exists - When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" + When "user0" requests addressbook "admin/MyAddressbook" with statuscode "404" on the endpoint "/remote.php/dav/addressbooks/users/" And The CardDAV exception is "Sabre\DAV\Exception\NotFound" And The CardDAV error message is "Addressbook with name 'MyAddressbook' could not be found" Scenario: Creating a new addressbook When "admin" creates an addressbook named "MyAddressbook" with statuscode "201" - Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "200" + Then "admin" requests addressbook "admin/MyAddressbook" with statuscode "207" on the endpoint "/remote.php/dav/addressbooks/users/" Scenario: Accessing ones own contact Given "admin" creates an addressbook named "MyAddressbook" with statuscode "201" diff --git a/core/js/js.js b/core/js/js.js index 3651635541a..5ef5c72f625 100644 --- a/core/js/js.js +++ b/core/js/js.js @@ -780,8 +780,18 @@ var OCP = {}, // sometimes "beforeunload" happens later, so need to defer the reload a bit setTimeout(function() { if (!self._userIsNavigatingAway && !self._reloadCalled) { - OC.Notification.show(t('core', 'Problem loading page, reloading in 5 seconds')); - setTimeout(OC.reload, 5000); + var timer = 0; + var seconds = 5; + var interval = setInterval( function() { + OC.Notification.showUpdate(n('core', 'Problem loading page, reloading in %n second', 'Problem loading page, reloading in %n seconds', seconds - timer)); + if (timer >= seconds) { + clearInterval(interval); + OC.reload(); + } + timer++; + }, 1000 // 1 second interval + ); + // only call reload once self._reloadCalled = true; } @@ -1174,6 +1184,30 @@ OC.Notification={ }, /** + * Updates (replaces) a sanitized notification. + * + * @param {string} text Message to display + * @return {jQuery} JQuery element for notificaiton row + */ + showUpdate: function(text) { + var $notification = $('#notification'); + // sanitise + var $html = $('<div/>').text(text).html(); + + // new notification + if (text && $notification.find('.row').length == 0) { + return this.showHtml($html); + } + + var $row = $('<div class="row"></div>').prepend($html); + + // just update html in notification + $notification.html($row); + + return $row; + }, + + /** * Shows a notification that disappears after x seconds, default is * 7 seconds * diff --git a/core/js/tests/specs/coreSpec.js b/core/js/tests/specs/coreSpec.js index d83c0cd9a38..3380b6be420 100644 --- a/core/js/tests/specs/coreSpec.js +++ b/core/js/tests/specs/coreSpec.js @@ -1000,7 +1000,7 @@ describe('Core base tests', function() { describe('global ajax errors', function() { var reloadStub, ajaxErrorStub, clock; var notificationStub; - var waitTimeMs = 6000; + var waitTimeMs = 6500; var oldCurrentUser; beforeEach(function() { @@ -1075,10 +1075,12 @@ describe('Core base tests', function() { it('displays notification', function() { var xhr = { status: 401 }; + notificationUpdateStub = sinon.stub(OC.Notification, 'showUpdate'); + $(document).trigger(new $.Event('ajaxError'), xhr); clock.tick(waitTimeMs); - expect(notificationStub.calledOnce).toEqual(true); + expect(notificationUpdateStub.notCalled).toEqual(false); }); it('shows a temporary notification if the connection is lost', function() { var xhr = { status: 0 }; diff --git a/issue_template.md b/issue_template.md index 70eca36c9b6..6714371a4eb 100644 --- a/issue_template.md +++ b/issue_template.md @@ -104,6 +104,7 @@ Eventually replace sensitive data as the name/IP-address of your LDAP server or #### Web server error log <details> <summary>Web server error log</summary> + ``` Insert your webserver log here ``` @@ -112,6 +113,7 @@ Insert your webserver log here #### Nextcloud log (data/nextcloud.log) <details> <summary>Nextcloud log</summary> + ``` Insert your Nextcloud log here ``` @@ -120,6 +122,7 @@ Insert your Nextcloud log here #### Browser log <details> <summary>Browser log</summary> + ``` Insert your browser log here, this could for example include: diff --git a/lib/private/Setup.php b/lib/private/Setup.php index d9997767684..321e8ea4c66 100644 --- a/lib/private/Setup.php +++ b/lib/private/Setup.php @@ -357,6 +357,7 @@ class Setup { $config = \OC::$server->getConfig(); $config->setAppValue('core', 'installedat', microtime(true)); $config->setAppValue('core', 'lastupdatedat', microtime(true)); + $config->setAppValue('core', 'vendor', $this->getVendor()); $group =\OC::$server->getGroupManager()->createGroup('admin'); $group->addUser($user); @@ -497,4 +498,18 @@ class Setup { file_put_contents($baseDir . '/.htaccess', $content); file_put_contents($baseDir . '/index.html', ''); } + + /** + * Return vendor from which this version was published + * + * @return string Get the vendor + * + * Copy of \OC\Updater::getVendor() + */ + private function getVendor() { + // this should really be a JSON file + require \OC::$SERVERROOT . '/version.php'; + /** @var string $vendor */ + return (string) $vendor; + } } diff --git a/lib/private/Updater.php b/lib/private/Updater.php index 3f4e54cf803..30a9a80cef4 100644 --- a/lib/private/Updater.php +++ b/lib/private/Updater.php @@ -163,7 +163,7 @@ class Updater extends BasicEmitter { // this should really be a JSON file require \OC::$SERVERROOT . '/version.php'; /** @var array $OC_VersionCanBeUpgradedFrom */ - return implode('.', $OC_VersionCanBeUpgradedFrom); + return $OC_VersionCanBeUpgradedFrom; } /** |