aboutsummaryrefslogtreecommitdiffstats
path: root/tests
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #16711 from nextcloud/fix/csp/form_actions/loginflowRoeland Jago Douma2019-08-121-0/+6
|\ | | | | Fix login flow form actions
| * Fix login flow form actionsRoeland Jago Douma2019-08-111-0/+6
| | | | | | | | | | | | | | | | So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Merge pull request #16721 from nextcloud/fix/16644Roeland Jago Douma2019-08-111-2/+12
|\ \ | | | | | | Correctly handle emtpy string in proxyuserpwd config
| * | Correctly handle emtpy string in proxyuserpwd configScott Shambarger2019-08-111-2/+12
| |/ | | | | | | | | | | | | | | | | | | As documented, the default value for config value proxyuserpwd is ''. However, that value results in the error: "cURL error 5: Unsupported proxy syntax in '@'". This patch handles the values of '' and null (the default in the code) the same for config values proxyuserpwd and proxy. Signed-off-by: Scott Shambarger <devel@shambarger.net>
* | Add testsRoeland Jago Douma2019-08-105-0/+492
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Add feature policy headerRoeland Jago Douma2019-08-103-1/+4
|/ | | | | | | This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #16592 from nextcloud/bugfix/noid/federated-reshareRoeland Jago Douma2019-08-011-0/+33
|\ | | | | Fix permission check on incoming federated shares
| * Fix permission check on incoming federated sharesJulius Härtl2019-07-311-0/+33
| | | | | | | | | | | | | | | | Since federated shares have their permissions set on the node, we do not need to check for parent share permissions. Otherwise reshares of incoming federated have no permission variable defined and creating them will fail Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Update CSP test cases to handle the new form-actionRoeland Jago Douma2019-07-312-60/+64
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #16544 from nextcloud/bugfix/16540Roeland Jago Douma2019-07-311-5/+15
|\ | | | | Add missing password reset page to vue
| * Move actual password reset to vueJulius Härtl2019-07-311-5/+15
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | Merge pull request #16594 from ↵Joas Schilling2019-07-301-29/+0
|\ \ | | | | | | | | | | | | nextcloud/tech-debt/noid/remove-unused-checkPasswordProtectedShare Remove unused OC\Share\Share::checkPasswordProtectedShare
| * | Remove unused OC\Share\Share::checkPasswordProtectedShareMorris Jobke2019-07-291-29/+0
| | | | | | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | | Merge pull request #16579 from nextcloud/enh/PostLoginEventRoeland Jago Douma2019-07-301-44/+71
|\ \ \ | | | | | | | | Add proper PostLoginEvent
| * | | Update testsRoeland Jago Douma2019-07-291-44/+71
| |/ / | | | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | | Merge pull request #16502 from nextcloud/bugfix/16474Morris Jobke2019-07-291-7/+14
|\ \ \ | |/ / |/| | Check the if we can actually access the storage cache for recent files
| * | Check the if we can actually access the storage cache for recent filesJulius Härtl2019-07-241-7/+14
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | | Merge pull request #16582 from nextcloud/enh/split_up_security_middlewareRoeland Jago Douma2019-07-292-97/+149
|\ \ \ | | | | | | | | Split up security middleware
| * | | Split up security middlewareRoeland Jago Douma2019-07-272-97/+149
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | With upcoming work for the feature policy header. Splitting this in smaller classes that just do 1 thing makes sense. I rather have a few small classes that are tiny and do 1 thing right (and we all understand what is going on) than have big ones. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* / | Use proper exception in lostControllerRoeland Jago Douma2019-07-271-3/+9
|/ / | | | | | | | | | | | | | | | | | | There is no need to log the expcetion of most of the stuff here. We should properly log them but an exception is excessive. This moves it to a proper exception which we can catch and then log. The other exceptions will still be fully logged. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Merge pull request #16555 from nextcloud/fix/16529/mask-keysMorris Jobke2019-07-261-0/+2
|\ \ | | | | | | use a pattern to identify sensitive config keys
| * | treat sensitive config keys by patternArthur Schiwon2019-07-261-0/+2
| |/ | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Merge pull request #16551 from nextcloud/fix/12735/displayname-emailMorris Jobke2019-07-261-0/+224
|\ \ | | | | | | supresses disclosing the userid for LDAP users in the welcome mail
| * | supresses disclosing the userid for LDAP users in the welcome mailArthur Schiwon2019-07-261-0/+224
| |/ | | | | | | | | | | | | | | The userid is not relevant here, and by default cannot be used to login with. Typically, there is a common type of login names in organizations (LDAP username or email most often) that does not need to be disclosed. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* / Remove deprecated searchByTagRoeland Jago Douma2019-07-263-125/+0
|/ | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #16492 from nextcloud/enh/exclude-rnd-filesMorris Jobke2019-07-231-0/+1
|\ | | | | Exclude .rnd files from integrity check
| * Exclude .rnd files from integrity checkDaniel Kesselberg2019-07-211-0/+1
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Add support for CSP_NONCE server variableSam Bull2019-07-181-2/+21
|/ | | | | | | Allow passing a nonce from the web server, allowing the possibility to enforce a strict CSP from the web server. Signed-off-by: Sam Bull <git@sambull.org> Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #15040 from ↵Morris Jobke2019-07-176-425/+198
|\ | | | | | | | | nextcloud/feature/13980/push-for-deleted-notifications Notifications overhaul
| * Update unit testsJoas Schilling2019-07-161-2/+2
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * Keep the old method as a fallback and adjust the testsJoas Schilling2019-07-165-423/+196
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #16075 from nextcloud/bugfix/15823/app-restricted-groupsMorris Jobke2019-07-172-7/+49
|\ \ | |/ |/| Remove deleted groups from app restrictions fixes #15823
| * Properly inject the loggerMorris Jobke2019-07-162-7/+13
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
| * Remove deleted groups from app restrictions fixes #15823Greta Doci2019-06-271-0/+36
| | | | | | | | Signed-off-by: Greta Doci <gretadoci@gmail.com>
* | Lock SCSS so we only run 1 job at a timeRoeland Jago Douma2019-07-121-2/+2
| | | | | | | | | | | | | | | | | | This is bit hacky but a start to lock the SCSS compiler properly Retry during 10s then give up Properly get error message Do not clear locks and properly debug scss caching Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Merge pull request #16331 from nextcloud/feature/noid/talk-guest-mentionsRoeland Jago Douma2019-07-121-4/+18
|\ \ | | | | | | Allow guest mentions of talk to be parsed
| * | Add a unit test for guests as wellJoas Schilling2019-07-111-4/+18
| | | | | | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | | Merge pull request #16308 from nextcloud/fix/undefined-offset-0Morris Jobke2019-07-101-24/+27
|\ \ \ | |/ / |/| | Prevent undefined offset 0 in findByUserIdOrMail
| * | Return first value from $usersDaniel Kesselberg2019-07-091-24/+27
| | | | | | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | | Merge pull request #16310 from nextcloud/enh/drop-execution-contextRoeland Jago Douma2019-07-091-2/+2
|\ \ \ | | | | | | | | Don't send executionContexts for Clear-Site-Data
| * | | Don't send executionContexts for Clear-Site-DataDaniel Kesselberg2019-07-091-2/+2
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | There are plans to remove executionContexts from the spec: https://github.com/w3c/webappsec-clear-site-data/issues/59 Firefox already removed it https://bugzilla.mozilla.org/show_bug.cgi?id=1548034 Chromium implementation is not finish: https://bugs.chromium.org/p/chromium/issues/detail?id=898503&q=clear-site-data&sort=-modified&colspec=ID%20Pri%20M%20Stars%20ReleaseBlock%20Component%20Status%20Owner%20Summary%20OS%20Modified Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | | Make it possible to wipe all tokens/devices of a userChristoph Wurst2019-07-091-0/+38
| | | | | | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | | Refactor: move remote wipe token logic to RW serviceChristoph Wurst2019-07-092-6/+69
| | | | | | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | | Merge pull request #15730 from nextcloud/enh/14179/event_for_cspRoeland Jago Douma2019-07-092-2/+96
|\ \ \ | | | | | | | | Add an event to edit the CSP
| * | | Add an event to edit the CSPRoeland Jago Douma2019-07-082-2/+96
| |/ / | | | | | | | | | | | | | | | | | | | | | This introduces and event that can be listend to when we actually use the CSP. This means that apps no longer have to always inject their CSP but only do so when it is required. Yay for being lazy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* / / Remove one time repair steps that have already run when updating to 17Morris Jobke2019-07-083-544/+0
|/ / | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Mimetype list integrity check should not fail if it's changed (#15810)John Molakvoæ2019-07-072-2/+396
|\ \ | | | | | | Mimetype list integrity check should not fail if it's changed
| * | Added Tests for modified mimetypelistXheni Myrtaj2019-07-042-3/+391
| | | | | | | | | | | | Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
| * | Fix checker testXheni Myrtaj2019-05-301-2/+8
| | | | | | | | | | | | Signed-off-by: Xheni Myrtaj <myrtajxheni@gmail.com>
* | | Always set the display name for user sharesJulius Härtl2019-07-031-0/+9
| | | | | | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 11:04:52 +0000