summaryrefslogtreecommitdiffstats
path: root/tests/Core
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge pull request #4350 from ↵Roeland Jago Douma2017-04-192-55/+23
|\ | | | | | | | | nextcloud/adjust-old-bruteforce-protection-annotations Adjust existing bruteforce protection code
| * Adjust existing bruteforce protection codeLukas Reschke2017-04-142-55/+23
| | | | | | | | | | | | | | - Moves code to annotation - Adds the `throttle()` call on the responses on existing annotations Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Add bruteforce protection to changePersonalPasswordLukas Reschke2017-04-181-39/+31
|/ | | | | | While the risk is actually quite low because one would already have the user session and could potentially do other havoc it makes sense to throttle here in case of invalid previous password attempts. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Make BruteForceProtection annotation more cleverLukas Reschke2017-04-131-130/+3
| | | | | | | | This makes the new `@BruteForceProtection` annotation more clever and moves the relevant code into it's own middleware. Basically you can now set `@BruteForceProtection(action=$key)` as annotation and that will make the controller bruteforce protected. However, the difference to before is that you need to call `$responmse->throttle()` to increase the counter. Before the counter was increased every time which leads to all kind of unexpected problems. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Merge pull request #4308 from nextcloud/lost-password-emailLukas Reschke2017-04-131-6/+52
|\ | | | | Update email template for lost password email
| * Update email template for lost password emailMorris Jobke2017-04-121-6/+52
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Merge pull request #2424 from ↵Morris Jobke2017-04-131-12/+14
|\ \ | | | | | | | | | | | | nextcloud/fix-login-controller-test-consolidate-login Fix login controller test and consolidate login
| * | do login routine only once when done via LoginControllerArthur Schiwon2017-04-061-8/+8
| | | | | | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
| * | fix login controller testsArthur Schiwon2017-04-061-6/+8
| | | | | | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | | Merge pull request #3043 from nextcloud/issue-3038-no-logentry-on-email-loginMorris Jobke2017-04-131-54/+54
|\ \ \ | |_|/ |/| | Dont create a log entry on email login
| * | Dont create a log entry on email loginJoas Schilling2017-04-071-54/+54
| |/ | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* / Move OC_Defaults to OCP\DefaultsMorris Jobke2017-04-091-3/+3
|/ | | | | | | | | | | | | * currently there are two ways to access default values: OCP\Defaults or OC_Defaults (which is extended by OCA\Theming\ThemingDefaults) * our code used a mixture of both of them, which made it hard to work on theme values * this extended the public interface with the missing methods and uses them everywhere to only rely on the public interface Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Merge pull request #4123 from nextcloud/allow-password-reset-with-emailRoeland Jago Douma2017-04-051-10/+75
|\ | | | | Allow to reset the password with the email as an input
| * Allow to reset the password with the email as an inputJoas Schilling2017-03-281-10/+75
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Fix gzip files for SafariMorris Jobke2017-03-292-2/+2
| | | | | | | | | | | | | | * Safari support gzip only if the filename does not end on .gz - so this renames them to .gzip Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Fix controller testsRoeland Jago Douma2017-03-282-2/+134
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* TestsRoeland Jago Douma2017-03-241-0/+110
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Clean up single user modeMorris Jobke2017-02-223-144/+12
| | | | | | | | | | | | | | Single user mode basically disables WebDAV, OCS and cron execution. Since we heavily rely on WebDAV and OCS also in the web UI it's basically useless. An admin only sees a broken interface and can't even change any settings nor sees any files. Also sharing is not possible. As this is at least the case since Nextcloud 9 and we haven't received any reports for this it seems that this feature is not used at all so I removed it. The encryption commands now rely on the well tested maintenance mode. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* oc_token should be nc_tokenChristoph Wurst2017-02-021-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #2044 from nextcloud/login-credential-storeMorris Jobke2017-01-301-3/+0
|\ | | | | Login credential store
| * always allow remembered loginChristoph Wurst2017-01-111-3/+0
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | unify endpoints form core and the the provisioning apiBjoern Schiessle2017-01-251-18/+0
| | | | | | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* | Merge pull request #3023 from ↵Christoph Wurst2017-01-171-0/+6
|\ \ | | | | | | | | | | | | nextcloud/issue-2915-filter-out-sensitive-appconfigs Filter out sensitive appconfig values
| * | Fix testsJoas Schilling2017-01-121-0/+6
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | | Merge pull request #2918 from nextcloud/encryption-recovery-improvementsMorris Jobke2017-01-131-38/+0
|\ \ \ | |_|/ |/| | create new encryption keys on password reset and backup the old one
| * | create new encryption keys on password reset and backup the old oneBjoern Schiessle2017-01-101-38/+0
| |/ | | | | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* | fix coding style and increase code coverageChristoph Wurst2017-01-111-40/+111
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Fix testsCornelius Kölbel2017-01-111-2/+5
|/ | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Adds CssControllerTestsRoeland Jago Douma2017-01-061-0/+111
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #2892 from nextcloud/usercontroller_testsRoeland Jago Douma2016-12-301-0/+76
|\ | | | | Adds user controller tests
| * Adds user controller testsRoeland Jago Douma2016-12-301-0/+76
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | User command enable/disable testsRoeland Jago Douma2016-12-302-0/+188
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add Group Command testsRoeland Jago Douma2016-12-293-0/+365
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set redirect_url on 2FA challenge pageChristoph Wurst2016-12-231-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #2563 from nextcloud/fix-password-resetMorris Jobke2016-12-221-0/+39
|\ | | | | fix password reset if encryption is enabled
| * fix password reset if encryption is enabledBjoern Schiessle2016-12-081-0/+39
| | | | | | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* | Add tests for 2FA commandsRoeland Jago Douma2016-12-202-0/+198
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Save the timezone on login againJoas Schilling2016-12-081-1/+14
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix changing display names for subadminsLukas Reschke2016-11-211-7/+42
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add OCSControllerTestsRoeland Jago Douma2016-11-161-0/+209
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #1109 from nextcloud/add-more-secrets-to-password-reset-linkMorris Jobke2016-11-031-143/+187
|\ | | | | Use mail for encrypting the password reset token as well
| * Fix testsRoeland Jago Douma2016-11-031-166/+174
| | | | | | | | | | | | * Tests fixed and controller coverage to 100% Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
| * [WIP] Use mail for encrypting the password reset token as wellLukas Reschke2016-11-031-6/+42
| |
* | Add cache 1 day cache to preview endpointRoeland Jago Douma2016-11-031-3/+6
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | More testsRoeland Jago Douma2016-11-031-0/+223
|/ | | | | | | | | * PreviewController test * PublicPreview test * Versions Preview test * Trash Preview test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* bring back remember-meChristoph Wurst2016-11-021-4/+68
| | | | | | | | | | * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Check the mimetype before reading the content and catch exceptionJoas Schilling2016-10-181-2/+46
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #1629 from nextcloud/cleanup-settings-applicationJoas Schilling2016-10-061-1/+2
|\ | | | | Cleanup settings Application class
| * Use our base class everywhereJoas Schilling2016-10-061-1/+2
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Properly catch password policy hint for personal page password changesMorris Jobke2016-10-061-0/+25
|/ | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-31 07:24:21 +0000