summaryrefslogtreecommitdiffstats
path: root/tests/Core
Commit message (Collapse)AuthorAgeFilesLines
* use the loginname to verify the old password in user password changesArthur Schiwon2020-05-261-5/+27
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Fix absolute redirectJohn Molakvoæ (skjnldsv)2020-04-151-3/+3
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Merge pull request #18644 from nextcloud/harden/csrf_endpointRoeland Jago Douma2020-01-071-1/+12
|\ | | | | Only allow requesting new CSRF tokens if it passes the SameSite Cooki…
| * Only allow requesting new CSRF tokens if it passes the SameSite Cookie testRoeland Jago Douma2020-01-031-1/+12
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix CIKim Brose2020-01-031-1/+1
|/ | | Signed-off-by: Kim Brose <kim.brose@rwth-aachen.de>
* Merge pull request #17784 from nextcloud/enh/disable-clear-site-data-via-configRoeland Jago Douma2019-12-121-0/+28
|\ | | | | Disable Clear-Site-Data for Chrom* (and Opera, Brave, etc)
| * Send Clear-Site-Data expect for ChromeDaniel Kesselberg2019-11-301-0/+28
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Fix: Using assertContains() with string haystacks is deprecated and will not ↵Daniel Kesselberg2019-12-082-8/+12
| | | | | | | | | | | | be supported in PHPUnit 9. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Merge pull request #17715 from nextcloud/fix/5456/respect_avatar_privacyJoas Schilling2019-12-041-1/+42
|\ \ | |/ |/| Honor avatar visibility settings
| * Update testsRoeland Jago Douma2019-11-131-1/+42
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Mode to modern phpunitRoeland Jago Douma2019-11-2728-54/+57
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | More fixesRoeland Jago Douma2019-11-271-1/+1
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Make phpunit8 compatibleRoeland Jago Douma2019-11-2757-58/+58
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Some php-cs fixesRoeland Jago Douma2019-11-2222-11/+21
| | | | | | | | | | | | | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Check getRedirectUri() for queriesRussellAult2019-11-131-3/+12
|/ | | | | | | | Resolves Issue #17885 Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'. Signed-off-by: RussellAult <russellault@users.noreply.github.com>
* Harden middleware checkRoeland Jago Douma2019-10-251-4/+85
| | | | | | | These annotations will allow for extra checks. And thus make it harder to break things. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #17411 from kinolaev/fix-oauth2-redirectRoeland Jago Douma2019-10-071-1/+2
|\ | | | | Fix oauth client redirect
| * fix oauth client redirectSergej Nikolaev2019-10-041-1/+2
| | | | | | | | Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
* | Add Fatal logging optionTim Terhorst2019-10-021-0/+2
|/ | | | Signed-off-by: Tim Terhorst <mynamewastaken+gitlab@gmail.com>
* Move settings to an appChristoph Wurst2019-09-281-1/+1
| | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>
* Add test case for existing user with token nullDaniel Kesselberg2019-08-181-0/+16
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Return the disabled user mock instead of the existingDaniel Kesselberg2019-08-181-1/+1
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Fix login flow form actionsRoeland Jago Douma2019-08-111-0/+6
| | | | | | | | So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #16544 from nextcloud/bugfix/16540Roeland Jago Douma2019-07-311-5/+15
|\ | | | | Add missing password reset page to vue
| * Move actual password reset to vueJulius Härtl2019-07-311-5/+15
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Use proper exception in lostControllerRoeland Jago Douma2019-07-271-3/+9
|/ | | | | | | | | | There is no need to log the expcetion of most of the stuff here. We should properly log them but an exception is excessive. This moves it to a proper exception which we can catch and then log. The other exceptions will still be fully logged. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #16308 from nextcloud/fix/undefined-offset-0Morris Jobke2019-07-101-24/+27
|\ | | | | Prevent undefined offset 0 in findByUserIdOrMail
| * Return first value from $usersDaniel Kesselberg2019-07-091-24/+27
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Don't send executionContexts for Clear-Site-DataDaniel Kesselberg2019-07-091-2/+2
|/ | | | | | | | | | There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59 Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034 Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Fix subscription testsJulius Härtl2019-06-171-0/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Vueify the login pageChristoph Wurst2019-05-291-39/+69
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Stop decryption when maintenance mode is enabled, fixes #8311Ruben Homs2019-05-212-8/+54
| | | | Signed-off-by: Ruben Homs <ruben@homs.codes>
* Remote wipe supportRoeland Jago Douma2019-05-201-0/+120
| | | | | | | | This allows a user to mark a token for remote wipe. Clients that support this can then wipe the device properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #15304 from nextcloud/enh/2fa_setup_at_loginRoeland Jago Douma2019-05-172-3/+158
|\ | | | | 2FA setup during login
| * Allow 2FA to be setup on first loginRoeland Jago Douma2019-05-172-3/+158
| | | | | | | | | | | | | | | | | | Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Allow clients to delete their own apptokenRoeland Jago Douma2019-05-171-0/+57
|/ | | | | | Fixes #15480 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add a login chain to reduce the complexity of LoginController::tryLoginChristoph Wurst2019-05-071-327/+110
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make appstore app:enable test more robust by using only shipped appsMorris Jobke2019-03-141-3/+8
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add an event to the Autocomplete Controller to allow to filter the resultsJoas Schilling2019-02-261-3/+9
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Login flow V2Roeland Jago Douma2019-02-251-0/+321
| | | | | | | | This adds the new login flow. The desktop client will open up a browser and poll a returned endpoint at regular intervals to check if the flow is done. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #14066 from nextcloud/feature/noid/casted-system-valuesJoas Schilling2019-02-222-2/+2
|\ | | | | Get typed system values
| * Fix unit testsJoas Schilling2019-02-222-2/+2
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Use contacts instead of logreaderDaniel Kesselberg2019-02-191-3/+3
| | | | | | | | | | | | Logreader is not distributed by app store because shipped by default. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Add install logic for enable commandDaniel Kesselberg2019-02-191-3/+3
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Strict Types, Return TypesDaniel Kesselberg2019-02-192-4/+9
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Disable multiple apps at onceDaniel Kesselberg2019-02-191-0/+84
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Enable multiple apps at onceDaniel Kesselberg2019-02-191-0/+89
|/ | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Emit event if app password createdDaniel Kesselberg2019-02-182-50/+23
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Publish activity for app token created by client login flowDaniel Kesselberg2019-02-171-1/+35
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Publish activity for app token created by ocs apiDaniel Kesselberg2019-02-171-1/+24
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-26 18:52:16 +0000