diff options
| -rw-r--r-- | apps/dav/appinfo/database.xml | 2 | ||||
| -rw-r--r-- | apps/dav/appinfo/info.xml | 2 | ||||
| -rw-r--r-- | apps/dav/tests/unit/caldav/caldavbackendtest.php | 8 | ||||
| -rw-r--r-- | apps/files/command/scan.php | 19 | ||||
| -rw-r--r-- | apps/files_external/lib/storage/smb.php | 2 | ||||
| -rw-r--r-- | apps/files_sharing/lib/updater.php | 15 | ||||
| -rw-r--r-- | lib/private/Files/Filesystem.php | 21 | ||||
| -rw-r--r-- | lib/private/Log.php | 2 | ||||
| -rw-r--r-- | lib/private/Session/CryptoSessionData.php | 12 | ||||
| -rw-r--r-- | lib/private/Session/Internal.php | 17 | ||||
| -rw-r--r-- | lib/private/Session/Memory.php | 18 | ||||
| -rw-r--r-- | lib/private/user/manager.php | 17 | ||||
| -rw-r--r-- | lib/public/Session/Exceptions/SessionNotAvailableException.php | 32 | ||||
| -rw-r--r-- | lib/public/isession.php | 9 | ||||
| -rw-r--r-- | remote.php | 2 | ||||
| -rw-r--r-- | tests/lib/logger.php | 15 | ||||
| -rw-r--r-- | tests/lib/session/memory.php | 9 |
17 files changed, 158 insertions, 44 deletions
diff --git a/apps/dav/appinfo/database.xml b/apps/dav/appinfo/database.xml index 71dec639064..f79ea07ae76 100644 --- a/apps/dav/appinfo/database.xml +++ b/apps/dav/appinfo/database.xml @@ -259,11 +259,13 @@ CREATE TABLE calendarobjects ( <name>firstoccurence</name> <type>integer</type> <unsigned>true</unsigned> + <length>11</length> </field> <field> <name>lastoccurence</name> <type>integer</type> <unsigned>true</unsigned> + <length>11</length> </field> <field> <name>uid</name> diff --git a/apps/dav/appinfo/info.xml b/apps/dav/appinfo/info.xml index a8e7df6e8e2..bb447c9a426 100644 --- a/apps/dav/appinfo/info.xml +++ b/apps/dav/appinfo/info.xml @@ -5,7 +5,7 @@ <description>ownCloud WebDAV endpoint</description> <licence>AGPL</licence> <author>owncloud.org</author> - <version>0.2.3</version> + <version>0.2.4</version> <default_enable/> <types> <filesystem/> diff --git a/apps/dav/tests/unit/caldav/caldavbackendtest.php b/apps/dav/tests/unit/caldav/caldavbackendtest.php index 440db7636e1..89be5671ca8 100644 --- a/apps/dav/tests/unit/caldav/caldavbackendtest.php +++ b/apps/dav/tests/unit/caldav/caldavbackendtest.php @@ -328,6 +328,7 @@ EOD; $events[0] = $this->createEvent($calendarId, '20130912T130000Z', '20130912T140000Z'); $events[1] = $this->createEvent($calendarId, '20130912T150000Z', '20130912T170000Z'); $events[2] = $this->createEvent($calendarId, '20130912T173000Z', '20130912T220000Z'); + $events[3] = $this->createEvent($calendarId, '21130912T130000Z', '22130912T130000Z'); $result = $this->backend->calendarQuery($calendarId, [ 'name' => '', @@ -351,11 +352,12 @@ EOD; public function providesCalendarQueryParameters() { return [ - 'all' => [[0, 1, 2], [], []], + 'all' => [[0, 1, 2, 3], [], []], 'only-todos' => [[], ['name' => 'VTODO'], []], - 'only-events' => [[0, 1, 2], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => null, 'end' => null], 'prop-filters' => []]],], - 'start' => [[1, 2], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => new DateTime('2013-09-12 14:00:00', new DateTimeZone('UTC')), 'end' => null], 'prop-filters' => []]],], + 'only-events' => [[0, 1, 2, 3], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => null, 'end' => null], 'prop-filters' => []]],], + 'start' => [[1, 2, 3], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => new DateTime('2013-09-12 14:00:00', new DateTimeZone('UTC')), 'end' => null], 'prop-filters' => []]],], 'end' => [[0], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => null, 'end' => new DateTime('2013-09-12 14:00:00', new DateTimeZone('UTC'))], 'prop-filters' => []]],], + 'future' => [[3], [], [['name' => 'VEVENT', 'is-not-defined' => false, 'comp-filters' => [], 'time-range' => ['start' => new DateTime('2099-09-12 14:00:00', new DateTimeZone('UTC')), 'end' => null], 'prop-filters' => []]],], ]; } diff --git a/apps/files/command/scan.php b/apps/files/command/scan.php index f607b3e1af1..1ae04c585bb 100644 --- a/apps/files/command/scan.php +++ b/apps/files/command/scan.php @@ -89,6 +89,15 @@ class Scan extends Base { ); } + public function checkScanWarning($fullPath, OutputInterface $output) { + $normalizedPath = basename(\OC\Files\Filesystem::normalizePath($fullPath)); + $path = basename($fullPath); + + if ($normalizedPath !== $path) { + $output->writeln("\t<error>Entry \"" . $fullPath . '" will not be accessible due to incompatible encoding</error>'); + } + } + protected function scanFiles($user, $path, $verbose, OutputInterface $output) { $scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection(), \OC::$server->getLogger()); # check on each file/folder if there was a user interrupt (ctrl-c) and throw an exception @@ -126,6 +135,12 @@ class Scan extends Base { } }); } + $scanner->listen('\OC\Files\Utils\Scanner', 'scanFile', function($path) use ($output) { + $this->checkScanWarning($path, $output); + }); + $scanner->listen('\OC\Files\Utils\Scanner', 'scanFolder', function($path) use ($output) { + $this->checkScanWarning($path, $output); + }); try { $scanner->scan($path); @@ -133,7 +148,9 @@ class Scan extends Base { $output->writeln("<error>Home storage for user $user not writable</error>"); $output->writeln("Make sure you're running the scan command only as the user the web server runs as"); } catch (\Exception $e) { - # exit the function if ctrl-c has been pressed + if ($e->getMessage() !== 'ctrl-c') { + $output->writeln('<error>Exception while scanning: ' . $e->getMessage() . "\n" . $e->getTraceAsString() . '</error>'); + } return; } } diff --git a/apps/files_external/lib/storage/smb.php b/apps/files_external/lib/storage/smb.php index 4249d13168c..868c52a63b4 100644 --- a/apps/files_external/lib/storage/smb.php +++ b/apps/files_external/lib/storage/smb.php @@ -100,7 +100,7 @@ class SMB extends \OC\Files\Storage\Common { * @return string */ protected function buildPath($path) { - return Filesystem::normalizePath($this->root . '/' . $path); + return Filesystem::normalizePath($this->root . '/' . $path, true, false, true); } /** diff --git a/apps/files_sharing/lib/updater.php b/apps/files_sharing/lib/updater.php index de68e2ea0fc..dc47009c14b 100644 --- a/apps/files_sharing/lib/updater.php +++ b/apps/files_sharing/lib/updater.php @@ -85,21 +85,6 @@ class Shared_Updater { } /** - * clean up oc_share table from files which are no longer exists - * - * This fixes issues from updates from files_sharing < 0.3.5.6 (ownCloud 4.5) - * It will just be called during the update of the app - */ - static public function fixBrokenSharesOnAppUpdate() { - // delete all shares where the original file no longer exists - $findAndRemoveShares = \OCP\DB::prepare('DELETE FROM `*PREFIX*share` ' . - 'WHERE `item_type` IN (\'file\', \'folder\') ' . - 'AND `file_source` NOT IN (SELECT `fileid` FROM `*PREFIX*filecache`)' - ); - $findAndRemoveShares->execute(array()); - } - - /** * rename mount point from the children if the parent was renamed * * @param string $oldPath old path relative to data/user/files diff --git a/lib/private/Files/Filesystem.php b/lib/private/Files/Filesystem.php index 39c5fd3ab4a..99c123ad1a1 100644 --- a/lib/private/Files/Filesystem.php +++ b/lib/private/Files/Filesystem.php @@ -789,11 +789,12 @@ class Filesystem { * Fix common problems with a file path * * @param string $path - * @param bool $stripTrailingSlash - * @param bool $isAbsolutePath + * @param bool $stripTrailingSlash whether to strip the trailing slash + * @param bool $isAbsolutePath whether the given path is absolute + * @param bool $keepUnicode true to disable unicode normalization * @return string */ - public static function normalizePath($path, $stripTrailingSlash = true, $isAbsolutePath = false) { + public static function normalizePath($path, $stripTrailingSlash = true, $isAbsolutePath = false, $keepUnicode = false) { if (is_null(self::$normalizedPathCache)) { self::$normalizedPathCache = new CappedMemoryCache(); } @@ -817,19 +818,13 @@ class Filesystem { } //normalize unicode if possible - $path = \OC_Util::normalizeUnicode($path); + if (!$keepUnicode) { + $path = \OC_Util::normalizeUnicode($path); + } //no windows style slashes $path = str_replace('\\', '/', $path); - // When normalizing an absolute path, we need to ensure that the drive-letter - // is still at the beginning on windows - $windows_drive_letter = ''; - if ($isAbsolutePath && \OC_Util::runningOnWindows() && preg_match('#^([a-zA-Z])$#', $path[0]) && $path[1] == ':' && $path[2] == '/') { - $windows_drive_letter = substr($path, 0, 2); - $path = substr($path, 2); - } - //add leading slash if ($path[0] !== '/') { $path = '/' . $path; @@ -855,7 +850,7 @@ class Filesystem { $path = substr($path, 0, -2); } - $normalizedPath = $windows_drive_letter . $path; + $normalizedPath = $path; self::$normalizedPathCache[$cacheKey] = $normalizedPath; return $normalizedPath; diff --git a/lib/private/Log.php b/lib/private/Log.php index bbdad9cf166..d82346bbcf0 100644 --- a/lib/private/Log.php +++ b/lib/private/Log.php @@ -284,7 +284,7 @@ class Log implements ILogger { 'File' => $exception->getFile(), 'Line' => $exception->getLine(), ); - $exception['Trace'] = preg_replace('!(login|checkPassword|updatePrivateKeyPassword)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']); + $exception['Trace'] = preg_replace('!(login|checkPassword|updatePrivateKeyPassword|validateUserPass)\(.*\)!', '$1(*** username and password replaced ***)', $exception['Trace']); $msg = isset($context['message']) ? $context['message'] : 'Exception'; $msg .= ': ' . json_encode($exception); $this->error($msg, $context); diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php index f6c585c1611..629e6af5412 100644 --- a/lib/private/Session/CryptoSessionData.php +++ b/lib/private/Session/CryptoSessionData.php @@ -24,6 +24,7 @@ namespace OC\Session; use OCP\ISession; use OCP\Security\ICrypto; +use OCP\Session\Exceptions\SessionNotAvailableException; /** * Class CryptoSessionData @@ -142,6 +143,17 @@ class CryptoSessionData implements \ArrayAccess, ISession { } /** + * Wrapper around session_id + * + * @return string + * @throws SessionNotAvailableException + * @since 9.1.0 + */ + public function getId() { + return $this->session->getId(); + } + + /** * Close the session and release the lock, also writes all changed data in batch */ public function close() { diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php index 09175bf1f2f..a24aec55222 100644 --- a/lib/private/Session/Internal.php +++ b/lib/private/Session/Internal.php @@ -26,6 +26,8 @@ namespace OC\Session; +use OCP\Session\Exceptions\SessionNotAvailableException; + /** * Class Internal * @@ -112,6 +114,21 @@ class Internal extends Session { } /** + * Wrapper around session_id + * + * @return string + * @throws SessionNotAvailableException + * @since 9.1.0 + */ + public function getId() { + $id = @session_id(); + if ($id === '') { + throw new SessionNotAvailableException(); + } + return $id; + } + + /** * @throws \Exception */ public function reopen() { diff --git a/lib/private/Session/Memory.php b/lib/private/Session/Memory.php index 777458a9aa5..bcb1f1d950c 100644 --- a/lib/private/Session/Memory.php +++ b/lib/private/Session/Memory.php @@ -26,6 +26,9 @@ namespace OC\Session; +use Exception; +use OCP\Session\Exceptions\SessionNotAvailableException; + /** * Class Internal * @@ -89,6 +92,17 @@ class Memory extends Session { public function regenerateId($deleteOldSession = true) {} /** + * Wrapper around session_id + * + * @return string + * @throws SessionNotAvailableException + * @since 9.1.0 + */ + public function getId() { + throw new SessionNotAvailableException('Memory session does not have an ID'); + } + + /** * Helper function for PHPUnit execution - don't use in non-test code */ public function reopen() { @@ -98,11 +112,11 @@ class Memory extends Session { /** * In case the session has already been locked an exception will be thrown * - * @throws \Exception + * @throws Exception */ private function validateSession() { if ($this->sessionClosed) { - throw new \Exception('Session has been closed - no further changes to the session are allowed'); + throw new Exception('Session has been closed - no further changes to the session are allowed'); } } } diff --git a/lib/private/user/manager.php b/lib/private/user/manager.php index 7967f877024..4371be134aa 100644 --- a/lib/private/user/manager.php +++ b/lib/private/user/manager.php @@ -147,14 +147,19 @@ class Manager extends PublicEmitter implements IUserManager { * * @param string $uid * @param \OCP\UserInterface $backend + * @param bool $cacheUser If false the newly created user object will not be cached * @return \OC\User\User */ - protected function getUserObject($uid, $backend) { + protected function getUserObject($uid, $backend, $cacheUser = true) { if (isset($this->cachedUsers[$uid])) { return $this->cachedUsers[$uid]; } - $this->cachedUsers[$uid] = new User($uid, $backend, $this, $this->config); - return $this->cachedUsers[$uid]; + + $user = new User($uid, $backend, $this, $this->config); + if ($cacheUser) { + $this->cachedUsers[$uid] = $user; + } + return $user; } /** @@ -335,11 +340,11 @@ class Manager extends PublicEmitter implements IUserManager { $offset = 0; do { $users = $backend->getUsers($search, $limit, $offset); - foreach ($users as $user) { - $user = $this->get($user); - if (is_null($user)) { + foreach ($users as $uid) { + if (!$backend->userExists($uid)) { continue; } + $user = $this->getUserObject($uid, $backend, false); $return = $callback($user); if ($return === false) { break; diff --git a/lib/public/Session/Exceptions/SessionNotAvailableException.php b/lib/public/Session/Exceptions/SessionNotAvailableException.php new file mode 100644 index 00000000000..d347e0df15e --- /dev/null +++ b/lib/public/Session/Exceptions/SessionNotAvailableException.php @@ -0,0 +1,32 @@ +<?php + +/** + * @author Christoph Wurst <christoph@owncloud.com> + * + * @copyright Copyright (c) 2016, ownCloud, Inc. + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCP\Session\Exceptions; + +use Exception; + +/** + * @since 9.1.0 + */ +class SessionNotAvailableException extends Exception { + +} diff --git a/lib/public/isession.php b/lib/public/isession.php index 25c76906d63..7bc8654a1b9 100644 --- a/lib/public/isession.php +++ b/lib/public/isession.php @@ -95,4 +95,13 @@ interface ISession { * @since 9.0.0 */ public function regenerateId($deleteOldSession = true); + + /** + * Wrapper around session_id + * + * @return string + * @throws SessionNotAvailableException + * @since 9.1.0 + */ + public function getId(); } diff --git a/remote.php b/remote.php index 991ca0d2302..f28c3a35691 100644 --- a/remote.php +++ b/remote.php @@ -166,5 +166,5 @@ try { } catch (Exception $ex) { handleException($ex); } catch (Error $e) { - handleException($ex); + handleException($e); } diff --git a/tests/lib/logger.php b/tests/lib/logger.php index 9c9cd9e6728..e6a0abfbf28 100644 --- a/tests/lib/logger.php +++ b/tests/lib/logger.php @@ -107,4 +107,19 @@ class Logger extends TestCase { $this->assertContains('checkPassword(*** username and password replaced ***)', $logLine); } } + + /** + * @dataProvider userAndPasswordData + */ + public function testDetectvalidateUserPass($user, $password) { + $e = new \Exception('test'); + $this->logger->logException($e); + $logLines = $this->getLogs(); + + foreach($logLines as $logLine) { + $this->assertNotContains($user, $logLine); + $this->assertNotContains($password, $logLine); + $this->assertContains('validateUserPass(*** username and password replaced ***)', $logLine); + } + } } diff --git a/tests/lib/session/memory.php b/tests/lib/session/memory.php index 1ca4956c6ea..dbf2737fb3f 100644 --- a/tests/lib/session/memory.php +++ b/tests/lib/session/memory.php @@ -10,8 +10,17 @@ namespace Test\Session; class Memory extends Session { + protected function setUp() { parent::setUp(); $this->instance = new \OC\Session\Memory($this->getUniqueID()); } + + /** + * @expectedException OCP\Session\Exceptions\SessionNotAvailableException + */ + public function testThrowsExceptionOnGetId() { + $this->instance->getId(); + } + } |