summaryrefslogtreecommitdiffstats
path: root/tests/lib/User
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #8036 from nextcloud/phpunit6Roeland Jago Douma2018-01-251-1/+1
|\ | | | | Require PHPUnit 6.5 or higher
| * Fix "Undefined method setExpectedException()"Joas Schilling2018-01-241-1/+1
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Fix testsRoeland Jago Douma2018-01-231-45/+50
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* never translate login names when requiring with a user idArthur Schiwon2018-01-031-12/+28
| | | | | | where appropriate, the preLoginNameUsedAsUserName hook should be thrown. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* extend tests for status quoArthur Schiwon2018-01-031-0/+12
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Use ::class in test mocksMorris Jobke2017-10-243-6/+6
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Prevent SQL error message in case of errorLukas Reschke2017-08-171-1/+20
| | | | | | | | | | | | | | `\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than permitted in the database. This is against it's PHPDocs and we should cast this to `false`, so that the regular error handling triggers in. The easiest way to reproduce is on MySQL: 1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel 2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again 3. See SQL exception as error message Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix SessionTestRoeland Jago Douma2017-08-091-0/+11
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* emit changeUser only if there really was a change (quota, displayname)Arthur Schiwon2017-06-011-1/+95
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Adjust token nameLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* UserManager can now count disabled usersArthur Schiwon2017-04-291-0/+25
| | | | | | Users page takes advantage of that Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Use the new method in the old one to remove duplicate codeJoas Schilling2017-04-271-5/+11
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Trigger change when a user is enabled/disabledJoas Schilling2017-04-251-1/+49
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Use the correct Dummy and Backend classJoas Schilling2017-04-201-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Better validation of allowed user namesJoas Schilling2017-04-181-0/+43
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Save the scope of an auth token in the sessionRobin Appelman2017-04-051-29/+36
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Add tests for database user backend cachingVincent Petry2017-03-201-1/+18
| | | | | | | | Add comment, closeCursor in user DB query Invalidate user in cache after successful creation Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix testsJoas Schilling2017-01-051-1/+13
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Get user home folder before deletionVincent Petry2016-12-231-0/+32
| | | | | | | After the deletion getHome() will fail because the user doesn't exist any more, so we need to fetch that value earlier. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Improve OC\User\User coverageRoeland Jago Douma2016-12-201-49/+204
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set last-login-check on basic authRoeland Jago Douma2016-12-051-0/+101
| | | | | | | | | Else the last-login-check fails hard because the session value is not set and thus defaults to 0. * Started with tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* fix parameter orderChristoph Wurst2016-11-281-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* do not remember session tokens by defaultChristoph Wurst2016-11-271-3/+43
| | | | | | | | We have to respect the value of the remember-me checkbox. Due to an error in the source code the default value for the session token was to remember it. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add missing tests and fix PHPDocLukas Reschke2016-11-021-1/+44
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* inject ISecureRandom into user session and use injected config tooChristoph Wurst2016-11-021-49/+60
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* bring back remember-meChristoph Wurst2016-11-021-128/+161
| | | | | | | | | | * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Proper DI of configRoeland Jago Douma2016-10-282-26/+55
| | | | | | * Fixed comments Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* introduce callForSeenUsers and countSeenUsers (#26361)Jörn Friedrich Dreyer2016-10-281-1/+63
| | | | | | | | | | * introduce callForSeenUsers and countSeenUsers * add tests * oracle should support not null on clob * since 9.2.0
* Fix and cleanup SessionTestRoeland Jago Douma2016-10-251-43/+26
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix logClientIn for non-existing users (#26292)Vincent Petry2016-10-251-0/+26
| | | | | | | The check for two factor enforcement would return true for non-existing users. This fix makes it return false in order to be able to perform the regular login which will then fail and return false. This prevents throwing PasswordLoginForbidden for non-existing users.
* Add test to ensure token times are updatedRobin Appelman2016-10-111-24/+128
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* dont update the auth token twiceRobin Appelman2016-10-111-3/+0
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Only trigger postDelete hooks when the user was deleted...Joas Schilling2016-09-291-4/+5
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Make sure that comments, notifications and preferences are deletedJoas Schilling2016-09-291-11/+74
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Fix getMock UserRoeland Jago Douma2016-09-134-136/+146
|
* dont get bruteforce delay twiceRobin Appelman2016-08-291-6/+6
|
* Mitigate race conditionLukas Reschke2016-07-201-3/+18
|
* Implement brute force protectionLukas Reschke2016-07-201-11/+35
| | | | | | | | | Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)
* Fix failing tests after db splitRoeland Jago Douma2016-07-131-4/+4
|
* Merge remote-tracking branch 'upstream/master' into master-sync-upstreamLukas Reschke2016-07-011-1/+4
|\
| * Login hooks (#25260)Christoph Wurst2016-06-271-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | * fix login hooks * adjust user session tests * fix login return value of successful token logins * trigger preLogin hook earlier; extract method 'loginWithPassword' * call postLogin hook earlier; add PHPDoc
* | Merge remote-tracking branch 'upstream/master' into master-sync-upstreamLukas Reschke2016-06-271-0/+30
|\|
| * check login name when authenticating with client tokenChristoph Wurst2016-06-241-0/+30
| |
* | verify user password on changeBjoern Schiessle2016-06-271-1/+46
|/
* Merge pull request #25172 from owncloud/token-login-validationVincent Petry2016-06-221-80/+81
|\ | | | | Token login validation
| * fix unit test warning/errorsChristoph Wurst2016-06-201-15/+16
| |
| * fix user session testsChristoph Wurst2016-06-201-73/+73
| |
* | update session token password on user password changeChristoph Wurst2016-06-211-0/+65
| |
* | add PasswordLoginForbiddenExceptionChristoph Wurst2016-06-171-2/+8
|/
* create session token only for clients that support cookiesChristoph Wurst2016-06-131-3/+45
|
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-09 07:01:58 +0000