Nextcloud requires EventDispatcher from Symfony 4.4. Behat required
Symfony 4.x until Behat 3.5, but since Behat 3.6 it supports Symfony 5.x
too. However, as the EventDispatcher version was not restricted in the
"composer.json" file Composer installed the latest compatible version
with all the dependencies, which happened to be Symfony 5.x. To prevent
that now the EventDispatcher is explicitly limited to Symfony 4.4 only.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
add tests on non-owner pov
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
duplicate
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
small fixes
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
removed tags
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Now all incoming shares need to be explicitly accepted before being able
to use the shared file or get information about a reshare (although
getting the information of the incoming share is possible before
accepting it).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This makes possible to use steps that reference the last share, which
will be needed to accept pending shares.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
A user with reshare permissions on a file is now able to get any share
of that file (just like the owner).
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
This will be needed to test scenarios in which updating a share return a
different HTTP status code, like 401.
The assertion for the 200 HTTP status code was added in those scenarios
that tested updating a share (that is, those that were also checking the
OCS status code), but not in those in which updating a share was just a
preparatory step for the actual test (in the same way that the HTTP
status code is not checked in those tests when creating a share).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Copied and adjusted from "tests/integration/run-docker.sh" in Talk; see
its commit history for further reference.
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
The tests check an user share and a link share; there is a slight
difference in style between them as each one is based on the test above
it, which tests increasing reshare permissions.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The admin user is not deleted after each integration test is run, so
folders created by the admin user in one test are still there when the
next tests run; tests should be independent one from each other, so a
regular user that is created and deleted for each test should be used
instead.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Fails with:
* build/integration/federation_features/federated.feature:183
* build/integration/federation_features/federated.feature:232
* build/integration/federation_features/federated.feature:247
* build/integration/federation_features/federated.feature:263
<details><summary>Show full log</summary>
```
Scenario: Reshare a federated shared file # /drone/src/github.com/nextcloud/server/build/integration/federation_features/federated.feature:183
Given Using server "REMOTE" # FederationContext::usingServer()
And user "user1" exists # FederationContext::assureUserExists()
And user "user2" exists # FederationContext::assureUserExists()
And Using server "LOCAL" # FederationContext::usingServer()
And user "user0" exists # FederationContext::assureUserExists()
And User "user0" from server "LOCAL" shares "/textfile0.txt" with user "user1" from server "REMOTE" # FederationContext::federateSharing()
And User "user1" from server "REMOTE" accepts last pending share # FederationContext::acceptLastPendingShare()
And Using server "REMOTE" # FederationContext::usingServer()
And As an "user1" # FederationContext::asAn()
When creating a share with # FederationContext::creatingShare()
| path | /textfile0 (2).txt |
| shareType | 0 |
| shareWith | user2 |
| permissions | 19 |
Then the OCS status code should be "100" # FederationContext::theOCSStatusCodeShouldBe()
Failed asserting that SimpleXMLElement Object &000000007d8e0d3c00000000403fd08a (
0 => '404'
) matches expected '100'.
...
{"message":"Can not find share with ID: 8"}
Scenario: Overwrite a federated shared folder as recipient # /drone/src/github.com/nextcloud/server/build/integration/federation_features/federated.feature:232
Given Using server "REMOTE" # FederationContext::usingServer()
And user "user1" exists # FederationContext::assureUserExists()
And user "user2" exists # FederationContext::assureUserExists()
And Using server "LOCAL" # FederationContext::usingServer()
And user "user0" exists # FederationContext::assureUserExists()
And User "user0" from server "LOCAL" shares "/PARENT" with user "user1" from server "REMOTE" # FederationContext::federateSharing()
And User "user1" from server "REMOTE" accepts last pending share # FederationContext::acceptLastPendingShare()
And Using server "REMOTE" # FederationContext::usingServer()
And As an "user1" # FederationContext::asAn()
And User "user1" modifies text of "/textfile0.txt" with text "BLABLABLA" # FederationContext::modifyTextOfFile()
When User "user1" uploads file "../../data/user1/files/textfile0.txt" to "/PARENT (2)/textfile0.txt" # FederationContext::userUploadsAFileTo()
Client error: `PUT http://localhost:8180/remote.php/webdav/PARENT%20(2)/textfile0.txt` resulted in a `404 Not Found` response:
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
<s:exception>Sabre\DA (truncated...)
(GuzzleHttp\Exception\ClientException)
...
{"message":"Can not find share with ID: 10"}
Scenario: Overwrite a federated shared file as recipient using old chunking # /drone/src/github.com/nextcloud/server/build/integration/federation_features/federated.feature:247
Given Using server "REMOTE" # FederationContext::usingServer()
And user "user1" exists # FederationContext::assureUserExists()
And user "user2" exists # FederationContext::assureUserExists()
And Using server "LOCAL" # FederationContext::usingServer()
And user "user0" exists # FederationContext::assureUserExists()
And User "user0" from server "LOCAL" shares "/textfile0.txt" with user "user1" from server "REMOTE" # FederationContext::federateSharing()
And User "user1" from server "REMOTE" accepts last pending share # FederationContext::acceptLastPendingShare()
And Using server "REMOTE" # FederationContext::usingServer()
And As an "user1" # FederationContext::asAn()
And user "user1" uploads chunk file "1" of "3" with "AAAAA" to "/textfile0 (2).txt" # FederationContext::userUploadsChunkFileOfWithToWithChecksum()
Client error: `PUT http://localhost:8180/remote.php/webdav/textfile0%20(2).txt-chunking-42-3-0` resulted in a `404 Not Found` response:
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
<s:exception>Sabre\DA (truncated...)
(GuzzleHttp\Exception\ClientException)
...
{"message":"Can not find share with ID: 11"}
Scenario: Overwrite a federated shared folder as recipient using old chunking # /drone/src/github.com/nextcloud/server/build/integration/federation_features/federated.feature:263
Given Using server "REMOTE" # FederationContext::usingServer()
And user "user1" exists # FederationContext::assureUserExists()
And user "user2" exists # FederationContext::assureUserExists()
And Using server "LOCAL" # FederationContext::usingServer()
And user "user0" exists # FederationContext::assureUserExists()
And User "user0" from server "LOCAL" shares "/PARENT" with user "user1" from server "REMOTE" # FederationContext::federateSharing()
And User "user1" from server "REMOTE" accepts last pending share # FederationContext::acceptLastPendingShare()
And Using server "REMOTE" # FederationContext::usingServer()
And As an "user1" # FederationContext::asAn()
And user "user1" uploads chunk file "1" of "3" with "AAAAA" to "/PARENT (2)/textfile0.txt" # FederationContext::userUploadsChunkFileOfWithToWithChecksum()
Client error: `PUT http://localhost:8180/remote.php/webdav/PARENT%20(2)/textfile0.txt-chunking-42-3-0` resulted in a `404 Not Found` response:
<?xml version="1.0" encoding="utf-8"?>
<d:error xmlns:d="DAV:" xmlns:s="http://sabredav.org/ns">
<s:exception>Sabre\DA (truncated...)
(GuzzleHttp\Exception\ClientException)
...
{"message":"Can not find share with ID: 12"}
```
</details>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
The test just ensures that the controller will gracefully reject the
creation instead of failing miserably; the integration tests when Talk
is enabled are in the Talk repository.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When the ownership of a user share is transfered to the receiver the
share is removed, as the receiver now owns the original file. However,
due to a missing condition, any share with a group, link or remote with
the same id as the user was removed, not only the user shares.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Add "PARENT (2)" and its subdirectories to the paths to be checked, as
before only the own "PARENT" folder was being checked, but not the
shared one.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When a file is shared and the receiver of the share already has a file
with the same name that file is left untouched, and "(2)" is appended to
the name of the shared file.
As "textfile0.txt" is included in the user folder skeleton all the users
in the integration test have that file, so when it is shared the
receiver sees the share as "/textfile0 (2).txt", and her own file as
"/textfile0.txt".
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
"--tags=XXX" limits the features or scenarios to be run to those
matching the tag filter expression.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The data directory is not necessarily located at "../..". The proper
directory is now got by running "php console.php config:system:get
datadirectory".
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Until now it was safe to assume that every file was readable by its
owner, so there was no need to return whether the file was readable or
not. However, with the introduction of end to end encryption that is no
longer the case, and it is now necessary to explicitly provide that
information.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Overrides \Sabre\DAV\Auth\Backend\AbstractBearer::challenge to prevent sending a second WWW-Authenticate header which is standard-compliant but most DAV clients simply fail hard.
Fixes https://github.com/nextcloud/server/issues/5088
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This allows adding rate limiting via annotations to controllers, as one example:
```
@UserRateThrottle(limit=5, period=100)
@AnonRateThrottle(limit=1, period=100)
```
Would mean that logged-in users can access the page 5 times within 100 seconds, and anonymous users 1 time within 100 seconds. If only an AnonRateThrottle is specified that one will also be applied to logged-in users.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This helps massively reduce the numerous useless 401 exceptions that
appears in the test log. These appear only because Sabre first connects
without any auth type to receive the challenge and then sends the
authentication data.
With this change it will directly use basic auth.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This will help user to selectively move the folders
specified using --path option, instead of moving
entire folder under files directory.
Signed-off-by: Sujith H <sharidasan@owncloud.com>
Update the integration test for transfer-ownership
Update the integration test for transfer-ownership
as the new option --path is introduced in the command.
Signed-off-by: Sujith H <sharidasan@owncloud.com>
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Add test for basic deletion.
Add test when deleting from shared folder as recipient.
Add test to check that metadata stays when moving out of shared folder
as recipient.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This adds a simple integration test that ensures that remembered
login works when the session cookies vanish.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
If a Content-Disposition header is already set by another plugin we don't need to set another one as this breaks clients.
Fixes https://github.com/nextcloud/server/issues/1992
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Update sabre/dav to 3.2.0
* Adjust code to work with sabre/dav 3.2.0 and it's dependencies
* Adding own CalDAV plugin to fix calendar home property
* Test if there is a user logged in when listing files home
* Update sabre version used by integration tests
* Disable unauthenticated DAV access
This is needed to make Sabre 3.2 behave like we did before.
Eventually we should integrate better with the ACL plugin which itself
should implement an auth failure when appropriate.
=====
* Fixed so cherry-pick was succesfull
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Christoph Wurst
Christoph Wurst
Daniel Calviño Sánchez
dependabot-preview[bot]
Roeland Jago Douma
John Molakvoæ (skjnldsv)
Maxence Lange
Roeland Jago Douma
Julius Härtl
Joas Schilling
Arthur Schiwon
Morris Jobke
Daniel Kesselberg
dependabot[bot]
Robin Appelman
Bjoern Schiessle
Thomas Müller
Lukas Reschke
Vincent Petry
Sergio Bertolin
Sujith H
Phil Davis
Thomas Müller