| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| | |
Use SystemConfig instead of AllConfig for DB stuff
|
| |/
|
|
|
|
| |
* preparation for followup PRs to clean up the DB bootstrapping
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\
| |
| | |
Namespace and array syntax fixes
|
| | |
| |
| |
| |
| |
| | |
* minor fixes in preparation of a bigger DB and config PR
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \
| | |
| | | |
Support Circles
|
| | |/
| |
| | |
Signed-off-by: Maxence Lange <maxence@nextcloud.com>
|
| |\ \
| | |
| | | |
DummyGetResponsePlugin: ownCloud -> Nexcloud
|
| | |/
| |
| |
| | |
Signed-off-by: Christoph Wickert <cwickert@suse.de>
|
| | | |
|
| |\ \
| | |
| | | |
Fail when the test mail could not be sent
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | | |
|
| |\ \ \
| |_|/
|/| | |
Always suggest the overwrite.cli.url
|
| | |/
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\ \
| | |
| | | |
Revert "Add integration test for trashbin"
|
| |/ / |
|
| |\ \
| | |
| | | |
Add CleanupRemoteStorages command
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
cleanup files, address review
Fix CleanupRemoteStoragesTest tests
Fix test expectation.
Added files count to check filecache deletion.
Sort by numeric id for deterministic test results
Removed precise order test and added storage check
Remove inaccurate removal message check which has a different order on
Oracle.
Added more checks to confirm that existing storages still exist.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Redirect unlink to rmdir
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Many API callers will call unlink even for directories and it can mess
up with some wrappers like the encryption wrapper
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| |_|/
|/| | |
Backbone Webdav Adapter MKCOL support
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Usually Backbone collections cannot be created and just simply exists.
But in the Webdav world they need to be creatable.
This enhancement makes it possible to use a Backbone Model to represent
such collections and when creating it, it will use MKCOL instead of PUT.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Ignore exception when deleting keys of deleted user
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Whenever a user was deleted for encryption where the keys are stored in
the home, we can ignore user existence exceptions because it means the
keys are already gone.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Fixed failing test which was ignoring a required (not null) column
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Fixed failing test which was ignoring a required (not null) column
* restored test to original, catching DriverException which also catches ConstraintViolationException
* catch ConstraintViolationException again
* removed unnecessary field from this test
* clobfield should be nullable
* clobfield now is nullable
* removed autoincrement since whenever this strategy is enabled, oracle would not throw constraint violation exceptions (needed for setValues), which mysql still does
* this field does not auto increment anymore
* mark integerfield as primary, since it is not getting marked as such through auto increment anymore,
integerfield default always has been 0 instead of null
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Add integration test for trashbin
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Skip FailedStorage in background scan
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | | |
The background job that scans storages must skip failed storages to
avoid potential exceptions, especially when the failed storage comes
from a shared storage where the source is not accessible.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Chunking NG: Assemble in natural sort order of files
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For https://github.com/owncloud/client/pull/5476
Before this, the assembly could be bogusly in the order 0,1,10,11,2,3 etc.
As per the spec "The name of every chunk should be its chunk number."
https://github.com/cernbox/smashbox/blob/master/protocol/chunking.md
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Integration test check download without saving file locally
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Use Guzzle stream mode to download the contents instead of using a
temporary local file.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\ \ \
| | | |
| | | | |
Escape like parameters in database user backend
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The constructor is iniitiated already very early in base.php, thus requiring this here will break the setup and some more. For now we probably have to live with a static function call here thus.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \ \ \
| | | | |
| | | | | |
Add base-uri to CSP policy
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As per https://twitter.com/we1x/status/842032709543333890 a nice security hardening
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Harden JS by disabling jQuery eval
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Disable execution of eval in jQuery. We do require an allowed eval CSP
configuration at the moment for handlebars et al. But for jQuery there is
not much of a reason to execute JavaScript directly via eval.
This thus mitigates some unexpected XSS vectors. As example try to insert
`$('.fileinfo').html('<a href="asd"><script>alert(1)</script></a>');`
with and without this patch in your browsers JS console when the file list
is opened.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Use cleaner social media URLs
|
