summaryrefslogtreecommitdiffstats
path: root/core/js/tests
Commit message (Collapse)AuthorAgeFilesLines
* fixed codeMorris Jobke2016-06-201-1/+1
|
* Fix data directory warningLukas Reschke2016-06-141-2/+13
| | | | | | Otherwise always the warning is displayed that the data directory is accessible from the internet when URLs without index.php are enabled. Fixes https://github.com/nextcloud/server/issues/91
* Merge pull request #25035 from owncloud/stable9-err-reload-delayVincent Petry2016-06-091-3/+15
|\ | | | | [stable9] Delay reloading the page if an ajax error occurs, show notification
| * Add test for reload delayRobin McCorkell2016-06-081-3/+15
| |
* | Use temporary htaccesstest.txt for data dir security checkVincent Petry2016-06-091-1/+1
|/
* Adjust core unit tests for unload/reload casesVincent Petry2016-04-011-4/+41
|
* Merge pull request #23163 from owncloud/stable9-wordingThomas Müller2016-03-211-1/+1
|\ | | | | [stable9] Adjust wording a bit
| * Adjust wording a bitLukas Reschke2016-03-111-1/+1
| | | | | | | | | | | | | | | | | | | | **Before:** > Your PHP version (5.4.16) is no longer supported by PHP. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by PHP. **After:** > You are currently running PHP 5.4.0. We encourage you to upgrade your PHP version to take advantage of performance and security updates provided by the PHP Group as soon as your distribution supports it. Fixes https://github.com/owncloud/enterprise/issues/1170
* | Allow creating tags where another one with same prefix existsVincent Petry2016-03-181-0/+9
|/ | | | | When creating a new entry, compare the full tag name and not only the prefix.
* Improved JS L10N bundle merging + testsVincent Petry2016-02-291-0/+8
|
* Fix unit tests affected by side effectsVincent Petry2016-02-221-1/+3
| | | | | | | | The notification tests were not restoring the clock properly, but indirectly helped other tests pass. Since now we're restoring the clock properly, the other tests were fixed to still work.
* Accumulate notifications instead of blinkingVincent Petry2016-02-221-64/+145
| | | | | This makes it possible to display multiple notifications. If the options.type is set to "error", it will also add a close button.
* Fix error ins source language stringsThomas Müller2016-02-191-3/+3
| | | | | https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/core/50786279 https://www.transifex.com/owncloud-org/owncloud/translate/#en_GB/settings-1/50555028
* Merge pull request #16783 from owncloud/handle-redirects-globalThomas Müller2016-02-172-1/+48
|\ | | | | Adding global error handler for ajax calls which run into redirection…
| * Add handler for global ajax errorsVincent Petry2016-02-152-1/+48
| |
* | Unlock sharee input field when sharing failsRoeland Jago Douma2016-02-171-0/+37
|/ | | | | | | Fixes #22441 When addShares fails (for whatever reason) we should unlock the sharee input field so the user does not have to reload the page.
* Merge pull request #22350 from owncloud/fix_22304Thomas Müller2016-02-151-1/+15
|\ | | | | WebUI feedback when sharing
| * Updated unit testsRoeland Jago Douma2016-02-121-1/+15
| |
* | Search tags case insensitiveRoeland Jago Douma2016-02-141-0/+54
|/ | | | | | fixes: #22352 * Added unit tests
* Only show link shares for the current userRoeland Jago Douma2016-02-101-3/+5
| | | | | | | Currently we have no way to display multiple links in the UI. So just display the link share for the current user. Fixes #22275
* Add system tags filter section for files appVincent Petry2016-02-091-0/+154
|
* Fix JS DAV files client unit testsVincent Petry2016-02-041-146/+140
| | | | | Instead of trying to mock the promise, just stub davclient.js' request object.
* Move data protection check to javascriptVincent Chan2016-02-011-20/+47
| | | | fixes #20199
* Properly forward error messages in share dialogVincent Petry2016-01-281-0/+112
|
* Fix share default expiration date calculationVincent Petry2016-01-281-2/+2
| | | | Now using UTC dates with moment js to accurately add the number of days
* Share dialog use OCS APIVincent Petry2016-01-283-284/+432
|
* Merge pull request #21958 from owncloud/systemtags-styleThomas Müller2016-01-282-7/+25
|\ | | | | Use boxes for system tags, shorten permission text
| * Use boxes for system tags, shorten permission textVincent Petry2016-01-282-7/+25
| | | | | | | | | | | | | | | | Permission text now doesn't appear when all permissions are there, or shows as "invisible" or "not assignable", which should better cover all use cases. Changed select2 style to use boxes in the input field.
* | Fix system tags conflict situationsVincent Petry2016-01-271-0/+59
|/ | | | | | Does not disrupt the UX whenever a tag or association was created concurrently. The input field will adjust itself as if the tag was already there in the first place.
* Fix system tags proppatch with booleansVincent Petry2016-01-271-6/+44
| | | | | | | Backbone webdav adapter now converts booleans and ints to strings. Fixed system tags to use "true" / "false" strings for booleans instead of 1 / 0.
* System tags sidebar selector now respects permissionsVincent Petry2016-01-252-233/+343
| | | | | | | For admins: display the namespace behind the tag name. For users: no namespace, don't display non-assignable tags in the dropdown, display already assigned non-assignable tags with a different style
* Move getDescriptiveTag to coreJoas Schilling2016-01-211-0/+51
|
* Added system tags GUI in sidebarVincent Petry2016-01-193-1/+393
| | | | | Added files details sidebar panel to assign/unassign/rename/delete system tags.
* update JS humanFileSize to use KB instead of kBMorris Jobke2016-01-191-4/+4
|
* Backbone transport for WebdavVincent Petry2016-01-161-0/+352
|
* Merge pull request #21630 from owncloud/add-some-security-headers-as-hardeningThomas Müller2016-01-131-11/+38
|\ | | | | Add X-Download-Options and X-Permitted-Cross-Domain-Policies
| * Add X-Download-Options and X-Permitted-Cross-Domain-PoliciesLukas Reschke2016-01-121-11/+38
| | | | | | | | Two small security hardenings for our IE users and those with Adobe products. Aligns it more with https://github.com/twitter/secureheaders#secureheaders---
* | Merge pull request #21640 from owncloud/add-config-to-disable-wellknown-checkThomas Müller2016-01-121-2/+11
|\ \ | | | | | | Add config switch to disable the .well-known URL check
| * | Add config switch to disable the .well-known URL checkMorris Jobke2016-01-121-2/+11
| |/
* / Show the well-known URL check as info instead of errorMorris Jobke2016-01-121-1/+1
|/ | | | * ref https://github.com/owncloud/core/pull/21562#issuecomment-170344549
* Add check for .well-known URL in the root of the webservers URLMorris Jobke2016-01-081-0/+27
| | | | * fixes #20012
* Check the correct config for displaying the "notify by email" optionJoas Schilling2016-01-081-1/+1
|
* Added js tests for the Sharee API usageRoeland Jago Douma2015-12-301-0/+292
|
* Fix unit testsRoeland Jago Douma2015-12-301-4/+26
|
* Fix unit testsLukas Reschke2015-12-231-6/+6
| | | | Fixes https://github.com/owncloud/core/issues/21345
* Fix files UI mtime parsing from webdavVincent Petry2015-12-161-5/+5
|
* Fix duplicate bogus share field when link sharing is not allowedVincent Petry2015-12-071-0/+1
| | | | | | | | | Whenever link share is not allowed, it was outputting a bogus sharing field which name would conflict with the regular sharing field. This fix makes sure that the bogus sharing field with "Resharing not allowed" message only appears when triggered by removed share permissions.
* Add code integrity checkLukas Reschke2015-12-011-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR implements the base foundation of the code signing and integrity check. In this PR implemented is the signing and verification logic, as well as commands to sign single apps or the core repository. Furthermore, there is a basic implementation to display problems with the code integrity on the update screen. Code signing basically happens the following way: - There is a ownCloud Root Certificate authority stored `resources/codesigning/root.crt` (in this PR I also ship the private key which we obviously need to change before a release :wink:). This certificate is not intended to be used for signing directly and only is used to sign new certificates. - Using the `integrity:sign-core` and `integrity:sign-app` commands developers can sign either the core release or a single app. The core release needs to be signed with a certificate that has a CN of `core`, apps need to be signed with a certificate that either has a CN of `core` (shipped apps!) or the AppID. - The command generates a signature.json file of the following format: ```json { "hashes": { "/filename.php": "2401fed2eea6f2c1027c482a633e8e25cd46701f811e2d2c10dc213fd95fa60e350bccbbebdccc73a042b1a2799f673fbabadc783284cc288e4f1a1eacb74e3d", "/lib/base.php": "55548cc16b457cd74241990cc9d3b72b6335f2e5f45eee95171da024087d114fcbc2effc3d5818a6d5d55f2ae960ab39fd0414d0c542b72a3b9e08eb21206dd9" }, "certificate": "-----BEGIN CERTIFICATE-----MIIBvTCCASagAwIBAgIUPvawyqJwCwYazcv7iz16TWxfeUMwDQYJKoZIhvcNAQEF\nBQAwIzEhMB8GA1UECgwYb3duQ2xvdWQgQ29kZSBTaWduaW5nIENBMB4XDTE1MTAx\nNDEzMTcxMFoXDTE2MTAxNDEzMTcxMFowEzERMA8GA1UEAwwIY29udGFjdHMwgZ8w\nDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANoQesGdCW0L2L+a2xITYipixkScrIpB\nkX5Snu3fs45MscDb61xByjBSlFgR4QI6McoCipPw4SUr28EaExVvgPSvqUjYLGps\nfiv0Cvgquzbx/X3mUcdk9LcFo1uWGtrTfkuXSKX41PnJGTr6RQWGIBd1V52q1qbC\nJKkfzyeMeuQfAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvF/KIhRMQ3tYTmgHWsiM\nwDMgIDb7iaHF0fS+/Nvo4PzoTO/trev6tMyjLbJ7hgdCpz/1sNzE11Cibf6V6dsz\njCE9invP368Xv0bTRObRqeSNsGogGl5ceAvR0c9BG+NRIKHcly3At3gLkS2791bC\niG+UxI/MNcWV0uJg9S63LF8=\n-----END CERTIFICATE-----", "signature": "U29tZVNpZ25lZERhdGFFeGFtcGxl" } ``` `hashes` is an array of all files in the folder with their corresponding SHA512 hashes (this is actually quite cheap to calculate), the `certificate` is the certificate used for signing. It has to be issued by the ownCloud Root Authority and it's CN needs to be permitted to perform the required action. The `signature` is then a signature of the `hashes` which can be verified using the `certificate`. Steps to do in other PRs, this is already a quite huge one: - Add nag screen in case the code check fails to ensure that administrators are aware of this. - Add code verification also to OCC upgrade and unify display code more. - Add enforced code verification to apps shipped from the appstore with a level of "official" - Add enfocrced code verification to apps shipped from the appstore that were already signed in a previous release - Add some developer documentation on how devs can request their own certificate - Check when installing ownCloud - Add support for CRLs to allow revoking certificates **Note:** The upgrade checks are only run when the instance has a defined release channel of `stable` (defined in `version.php`). If you want to test this, you need to change the channel thus and then generate the core signature: ``` ➜ master git:(add-integrity-checker) ✗ ./occ integrity:sign-core --privateKey=resources/codesigning/core.key --certificate=resources/codesigning/core.crt Successfully signed "core" ``` Then increase the version and you should see something like the following: ![2015-11-04_12-02-57](https://cloud.githubusercontent.com/assets/878997/10936336/6adb1d14-82ec-11e5-8f06-9a74801c9abf.png) As you can see a failed code check will not prevent the further update. It will instead just be a notice to the admin. In a next step we will add some nag screen. For packaging stable releases this requires the following additional steps as a last action before zipping: 1. Run `./occ integrity:sign-core` once 2. Run `./occ integrity:sign-app` _for each_ app. However, this can be simply automated using a simple foreach on the apps folder.
* Use oc:fileid property instead of oc:idVincent Petry2015-11-221-2/+2
|
* Fix port issue - options.host already has the port attachedThomas Müller2015-11-221-2/+1
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-21 03:22:30 +0000