The Theming app injects the stylesheets for the different themes in the
"<header>" element of the page, and those stylesheets are then loaded by
the browser from a "Controller" (a plain "Controller", not an
"OCSController"). The stylesheets, in turn, may also get some images
(like the background) also from the "Controller".
When handling a request to "index.php" it is checked whether the user is
logged in and, if not, a login is tried. A disabled user is explicitly
seen as not logged in, so a login is always tried in that case, but
disabled users are also explicitly prevented to log in, so the login
also fails. Due to that trying to get any of the themed stylesheets or
images with a disabled account (to be able to show the "Account
disabled" error page) fails with an HTTP status 401.
To solve that, and to avoid touching this basic logic as much as
possible, the login exception is now ignored (if the user is disabled)
for some specific requests to the Theming app.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
`GET` should be allowed even without Ajax header to allow downloading files,
or show files in the viewer. All other requests could be guarded, but this should not.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* Run integration tests for every pull request
* Also print docker logs of service containers (ldap, redis)
* Ensure consistent `datadir` for test assertions
* Test openldap features separatly
* Only the LDAP tests rely on `/dev/shm` while `federated.feature` rely on real directory access
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Enabling the "send password by Talk" property of shares require that
Talk is installed and enabled, so the Drone step that runs them has to
first clone the Talk repository.
When the integration tests are run on a local development instance,
however, it is not guaranteed that Talk is installed. Due to this the
"@Talk" tag was added, which ensures that any feature or scenario marked
with it will first check if Talk is installed and, if not, skip the
scenario (instead of failing).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* Upload file with checksum
* Chunked upload with checksum
* Copy file with checksum should also copy the checksum
* Moving a file with checksum should also move the checksum
* Uploading a file with checksum and overwriting it with a file without cheksum should remove the checksum
