| Age | Commit message (Collapse) | Author |
|---|
|
When a password is reste we should make sure that all users are properly
logged in. Pending states should be cleared. For example a session where
the 2FA code is not entered yet should be cleared.
The token is now removed so the session will be killed the next time
this is checked (within 5 minutes).
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
|
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
In https://github.com/nextcloud/server/commit/2f87fb6b456fd109c90a5093c31b7a3f62a32040 this header was introduced. The referenced documentation says:
> When delivered with a response from https://example.com/clear, the following header will cause cookies associated with the origin https://example.com to be cleared, as well as cookies on any origin in the same registered domain (e.g. https://www.example.com/ and https://more.subdomains.example.com/).
This also applies if `https://nextcloud.example.com/` sends the `Clear-Site-Data: "cookies"` header.
This is not the behavior we want at this point!
So I removed the deletion of cookies from the header. This has no effect on the logout process as this header is supported only recently and the logout works in old browsers as well.
Signed-off-by: Patrick Conrad <conrad@iza.org>
(cherry picked from commit 1806baaeafa284808cceb1a38ea2e1a9189d0407)
|
|
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
|
|
We use the same logic for creating accounts without a password and there the 12h is a bit short. Users don't expect that the signup link needs to be clicked within 12h - 7d should be a more expected behavior.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
|
Before each scenario of the acceptance tests is run the Nextcloud server
is reset to a default state. To do this the full directory of the
Nextcloud server is commited to a local Git repository and then reset to
that commit when needed.
Unfortunately, Git does not support including empty directories in a
commit. Due to this, when the default state was restored, it could
happen that the file cache listed an empty directory that did not exist
because it was not properly restored (for example,
"data/appdata_*/css/icons"), and that in turn could lead to an error
when the directory was used.
Currently the only way to force Git to include an empty directory is to
add a dummy file to the directory (so it will no longer be empty,
but that should not be a problem in the affected directories, even if
the dummy file is not included in the file cache); although Git FAQ
suggests using a ".gitignore" file a ".keep" file was used instead, as
it conveys better its purpose.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
|
only update the encrypted version after the write operation is finished and the stream is closed
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
|
This can be caused by the code releasing more locks then it acquires,
once the lock value becomes negative it's likely that it will never be able
to change into an exclusive lock again.
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
|
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
|
|
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
This for example will allow rotating the apptoken for oauth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
|
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
|
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
[stable13] Provide an option to disable HTML emails
|
|
[stable13] fix appinfo parsing when a single localized option is provided
|
|
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
|
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
|
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
[stable13] Show group display names
|
|
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
means that we basically write the file from scratch
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
|
|
Fixed scsscacher tests
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
|
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
|
[13] Remove base url from global cache prefix
|
|
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
|
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
The "FileListContext" provides steps to interact with and check the
behaviour of a file list. However, the "FileListContext" does not know
the right file list ancestor that has to be used by the file list steps,
so until now the file list steps were explicitly wired to the Files app
and they could be used only in that case.
Instead of duplicating the steps with a slightly different name (for
example, "I create a new folder named :folderName in the public shared
folder" instead of "I create a new folder named :folderName") the steps
were generalized; now contexts that "know" that certain file list
ancestor has to be used by the FileListContext steps performed by
certain actor from that point on (until changed again) set it
explicitly. For example, when the current page is the Files app then the
ancestor of the file list is the main view of the current section of the
Files app, but when the current page is a shared link then the ancestor
is set to null (because there will be just one file list, and thus its
ancestor is not relevant to differentiate between instances)
A helper trait, "FileListAncestorSetter", was introduced to reduce the
boilerplate needed to set the file list ancestor from other contexts.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
The file list is used in other places besides the Files app (for
example, the File sharing app); in those cases the locators for the file
list elements are the same, but not for the ancestor of the file list.
To make possible to reuse the file list locators in those cases too now
they receive the ancestor to use.
Note that the locators for the file actions menu were not using an
ancestor locator because it is expected that there is only one file
actions menu at a time in the whole page; that may change in the future,
but for the time being it is a valid assumption and thus the ancestor
was not added to those locators in this commit.
Although the locators were generalized the steps themselves still use
the "FilesAppContext::currentSectionMainView" locator as ancestor; the
steps will be generalized in a following commit.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
This is needed to be able to easily use the actor as a key in an array.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
Besides the extraction some minor adjustments (sorting locators for file
action menu entries to reflect the order of the menu entries in the UI,
moving parametrized locators like "createMenuItemFor" above the locators
that use them and placing "descendantOf" calls always in a new line)
were made too.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
nextcloud/backport/8596/sharee-email-matches-not-limited
[stable13] Sharee email matches not limited
|
|
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
|
NoSuchElement exceptions are sometimes thrown instead of
StaleElementReference exceptions. This can happen when the Selenium2
driver for Mink performs an action on an element through the WebDriver
session instead of directly through the WebDriver element. In that case,
if the element with the given ID does not exist, a NoSuchElement
exception would be thrown instead of a StaleElementReference exception,
so those cases are handled like StaleElementReference exceptions.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
MoveTargetOutOfBounds exceptions are sometimes thrown instead of
ElementNotVisible exceptions. This can happen when the Selenium2 driver
for Mink moves the cursor on an element using the "moveto" method of the
Webdriver session, for example, before clicking on an element. In that
case, if the element is not visible, "moveto" would throw a
MoveTargetOutOfBounds exception instead of an ElementNotVisible
exception, so those cases are handled like ElementNotVisible exceptions.
Note that MoveTargetOutOfBounds exceptions could be thrown too if the
element was visible but "out of reach"; there is no problem in handling
those cases as if the element was not visible, as the exception will be
thrown again anyway once it is verified that the element is indeed
visible.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
if file_get_contents fails remove the file. And traverse up the tree
checking if the other folders are there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
|
[stable13] Don't perform CSRF check on OCS routes with Bearer auth
|
|
1. Local users should not be returned when searching for empty string
2. The limit of the response should be respected
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
|
Instead of checking that the list contains one comment it is now checked
that a comment with certain message is visible. This makes the step (and
the locator) more reusable in future tests and also simplifies the code.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
|
Depending on the previous steps the new comment field may be already
shown or not when the step to create a new comment is executed.
Therefore, the timeout was increased from 2 to the "standard" 10 seconds
used in other tests.
If the new comment field was found there is no need to use a timeout
when looking for the new comment button; it is either there or not, it
will not appear after some time.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
|
