Birthdate was missing in editable fields while being editable, and the
order was checked while having no importance.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This removes all the read after write and we don't need to queries all
the time the same share in the same request anymore.
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
Starting with PHPUnit 11.3, some complex outputs of certain asserts
(like "assertStringContainsString") require the output of PHPUnit to be
explicitly setup. Otherwise when the assert fails a type error is
thrown (although it does not seem to affect asserts with simpler
outputs, like "assertEquals").
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When a user has an active session only the apps that are enabled for the
user are initially loaded. In order to cache the routes the routes for
all apps are loaded, but routes defined in routes.php are taken into
account only if the app was already loaded. Therefore, when the routes
were cached in a request by a user with an active session only the
routes for apps enabled for that user were cached, and those routes were
used by any other user, independently of which apps they had access to.
To solve that now all the enabled apps are explicitly loaded before
caching the routes.
Note that this did not affect routes defined using annotations on the
controller files; in that case the loaded routes do not depend on the
previously loaded apps, as it explicitly checks all the enabled apps.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
If the current user belongs to both one or more groups excluded from
sharing and one or more groups not excluded from sharing the user is
allowed to share. However, in the contacts menu, as soon as the current
user belonged to a group excluded from sharing the user could not search
for local contacts. This has been unified now with the sharing
behaviour, so local contacts can still be searched if the user also
belongs to a group not excluded from sharing (or to no group at all,
which was also allowed before).
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The "sharebymail" app is enabled by default, so it needs to be enabled
once the scenario ends as other scenarios could expect that the app is
enabled. To solve that now a special step is added that records the
enabled state of the given app and restores it once the scenario ends.
This step only restores the state of already installed apps. If an app
is installed during the test it will not be neither disabled nor
uninstalled after the test ends. Therefore, at least for now, it is
necessary to explicitly call the step to record the app to be restored,
rather than automatically keeping track of the changes in the enabled
state of the apps during the scenario.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
The OCS endpoint expects either an int or an array for "shareType".
However, when using "getRowsHash()" only a single key is taken into
account, so instead of:
| shareType[] | 0 |
| shareType[] | 4 |
the share types are provided in a single row like:
| shareTypes | 0 4 |
and then converted to "shareType[]=0&shareType[]=4" when sending the
request.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
When hitting the `/contactsmenu/contacts` endpoint with the `dav.system_addressbook_exposed` config switch set to `"no"`, the system address book content is still listed in the response.
This ensure that we do not expose unexpectedly the system address book.
Signed-off-by: Louis Chemineau <louis@chmn.me>
This allows the admin to control the behavior whether link shares with
READ permissions should be extended to also gain SHARE permissions,
allowing users (public share receivers) to add the share to their cloud.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
The Theming app injects the stylesheets for the different themes in the
"<header>" element of the page, and those stylesheets are then loaded by
the browser from a "Controller" (a plain "Controller", not an
"OCSController"). The stylesheets, in turn, may also get some images
(like the background) also from the "Controller".
When handling a request to "index.php" it is checked whether the user is
logged in and, if not, a login is tried. A disabled user is explicitly
seen as not logged in, so a login is always tried in that case, but
disabled users are also explicitly prevented to log in, so the login
also fails. Due to that trying to get any of the themed stylesheets or
images with a disabled account (to be able to show the "Account
disabled" error page) fails with an HTTP status 401.
To solve that, and to avoid touching this basic logic as much as
possible, the login exception is now ignored (if the user is disabled)
for some specific requests to the Theming app.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
Those constants are not used anywhere anymore and are deprecated for
more than ten versions. So its time to cleanup the interface.
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
