upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-27 17:40:37 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
88553 commits 1016 branches 1229 tags 6.8 GiB
Commit graph

160 commits

Author SHA1 Message Date
Simon L
7271ec7acf spaces are allowed in userids 
Signed-off-by: Simon L <szaimen@e.mail.de>
 2023-01-10 13:25:27 +01:00
Côme Chilliet
6f80fe6ada
Remove deprecated at matcher from tests/lib 
Only 15 warnings left in there

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-29 16:36:40 +02:00
Carl Schwan
51b9847fad
Merge branch 'master' into display-name-cache-public 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-08-15 15:28:30 +02:00
Côme Chilliet
cb271b759e
Fix dynamic property creations in test files 
This fixes warnings in PHP 8.2

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-08-01 15:07:53 +02:00
Joas Schilling
6e3d668436
Keep non default protocol in cloud id 
When there is no protocol on the cloud id, we assume it's https://
But this means that when an http:// server currently sends an OCM
invite to another server, the protocol is striped and the remote
instance will try to talk back to https:// which might not be available.

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-06-09 15:23:05 +02:00
Carl Schwan
9ec0cb0a90 Fix psalm issues related to the user backend 
- Reflect the actual return value returned by the implementation in the
  the interface. E.g. IUser|bool -> IUser|false
- Remove $hasLoggedIn parameter from private countUser implementation.
  Replace the two call with the equivalent countSeenUser
- getBackend is nuallable, add this to the interface
- Use backend interface to make psalm happy about call to undefined
  methods. Also helps with getting rid at some point of the old
  implementActions

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-05-20 17:14:58 +02:00
Robin Appelman
6d6662ec68
expose displayname cache trough a public interface 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-05-18 03:47:34 +02:00
Côme Chilliet
61f7f13bd8
Migrate from ILogger to LoggerInterface where needed in the tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2022-03-24 16:21:26 +01:00
Joas Schilling
0acd4b5f82
Merge pull request #31235 from nextcloud/techdebt/noid/extract-request-id 
Extract request id handling to dedicated class so it can be injected without DB dependency
 2022-03-22 12:08:45 +01:00
Robin Appelman
d08d0ebdda
skip localstorage dependend user test when not using local user storage 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2022-02-25 16:33:11 +01:00
Joas Schilling
d078d53683
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-02-23 11:01:58 +01:00
Carl Schwan
6312c0df69
Check style update 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2022-01-13 00:19:07 +01:00
Joas Schilling
6d33d75be1
Remove unused imports 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-12-02 14:51:44 +01:00
Carl Schwan
a8866b0253
Fix tests 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
 2021-12-01 19:53:24 +01:00
Côme Chilliet
cd72045433
Make mock config return default value to fix warnings 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2021-11-23 09:29:00 +01:00
Joas Schilling
265c2c125c
Fix unit tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-11-12 15:01:56 +01:00
Arthur Schiwon
4461b9e870
enable the user to set a primary (notification) email address (backend) 
- specific getters and setters on IUser and implementation
- new notify_email field in provisioning API

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 19:23:04 +02:00
Julien Veyssier
416d10f76c refs #21045 add app config to disable unlimited quota and to set max quota 
avoid unlimited quota as default_quota fallback value if unlimited quota is not allowed
avoid getting/setting/displaying unlimited default quota if not allowed
implement tests for unlimited quota restrictions

Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
Signed-off-by: npmbuildbot-nextcloud[bot] <npmbuildbot-nextcloud[bot]@users.noreply.github.com>
 2021-07-29 19:31:36 +00:00
Gary Kim
b78f3a57d1
Migrate HintException to OCP 
Signed-off-by: Gary Kim <gary@garykim.dev>
 2021-06-30 15:28:02 -04:00
Robin Appelman
ed2d02d5f1
better cleanup of user files on user deletion 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2021-04-27 20:29:51 +02:00
Joas Schilling
645f83121e
Cache the user backend info for 300s 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-02-15 10:36:08 +01:00
Joas Schilling
0ad4ad31e1
Fix more tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-10-13 08:16:17 +02:00
Christoph Wurst
d9015a8c94
Format code to a single space around binary operators 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-10-05 20:25:24 +02:00
Joas Schilling
41d8a7e05f
Fix unit tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +02:00
Morris Jobke
234b510652
Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to \PHPUnit\Framework\MockObject\MockObject 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-12 13:55:19 +02:00
Christoph Wurst
caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +02:00
Christoph Wurst
afbd9c4e6e
Unify function spacing to PSR2 recommendation 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 13:54:22 +02:00
Christoph Wurst
41b5e5923a
Use exactly one empty line after the namespace declaration 
For PSR2

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:48:10 +02:00
Christoph Wurst
85e369cddb
Fix multiline comments 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-08 22:24:54 +02:00
Christoph Wurst
b80ebc9674
Use the short array syntax, everywhere 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-26 16:34:56 +01:00
Christoph Wurst
2ee65f177e
Use the shorter phpunit syntax for mocked return values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-03-25 22:21:27 +01:00
Joas Schilling
dc7913efcd
Fix recursive calls in logging via server methods 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-03-18 18:59:49 +01:00
Roeland Jago Douma
c1152af523
Move deprecated aliases over to new registration 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2020-03-15 15:13:12 +01:00
Christoph Wurst
cc80339b39
Add typed create user events 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-12-03 08:03:57 +01:00
Roeland Jago Douma
3a7cf40aaa
Mode to modern phpunit 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 15:27:18 +01:00
Roeland Jago Douma
c007ca624f
Make phpunit8 compatible 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-27 13:34:41 +01:00
Christoph Wurst
1a886b1472
Add typed events for password_policy 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-11-27 09:56:12 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +01:00
Roeland Jago Douma
3c1bcd551d
Fix the tests after #18029 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-21 22:31:45 +01:00
Christoph Wurst
535000aac6
Make the post login event public 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-11-20 18:43:09 +01:00
Roeland Jago Douma
5122629bb0
Make renewSessionToken return the new token 
Avoids directly getting the token again. We just inserted it so it and
have all the info. So that query is just a waste.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-10-09 10:10:37 +02:00
Roeland Jago Douma
0ea7fbae54
Update tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-29 16:31:40 +02:00
Leon Klingele
f420647add
lib/private/User: do not change user properties if value has not changed 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-04-11 10:11:05 +02:00
Joas Schilling
01b4db62fb
Add dispatcher events to User and Group objects 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2019-03-01 20:56:59 +01:00
Roeland Jago Douma
03fe2b3b81
Use a case insensitive search for email 
Fixes #7084
Now entering wrongly cased email (roeland@ instead of Roeland@) for
password reset etc. Will also work.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-12-20 14:19:35 +01:00
Georg Ehrke
2db26d87c4
filter null values for UserManager::getByEmail 
Signed-off-by: Georg Ehrke <developer@georgehrke.com>
 2018-10-15 13:27:58 +02:00
Roeland Jago Douma
19f84f7b54
Add tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:54 +02:00
Roeland Jago Douma
00e99af586
Mark token as invalid if the password doesn't match 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:44 +02:00
John Molakvoæ (skjnldsv)
ad6e548411
Added case example to tests 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2018-05-26 12:07:49 +02:00
Roeland Jago Douma
991d9b5c3a
Fix session tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-15 11:32:25 +02:00
John Molakvoæ (skjnldsv)
8b9bd37e4e
Fixed tests 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2018-04-09 15:13:11 +02:00
Morris Jobke
de56915605
Merge pull request #7419 from Abijeet/feature-7175 
Fixes #7175 - Allow to search for email address in user management
 2018-03-06 21:53:37 +01:00
Roeland Jago Douma
8160d0bc2a
Merge pull request #8036 from nextcloud/phpunit6 
Require PHPUnit 6.5 or higher
 2018-01-25 14:50:46 +01:00
Joas Schilling
870023365c
Fix "Undefined method setExpectedException()" 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-01-24 18:10:16 +01:00
Roeland Jago Douma
ef127a30ec
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-23 10:35:37 +01:00
Arthur Schiwon
4f3d52a364
never translate login names when requiring with a user id 
where appropriate, the preLoginNameUsedAsUserName hook should be thrown.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2018-01-03 13:25:00 +01:00
Arthur Schiwon
2fde21e318
extend tests for status quo 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2018-01-03 13:24:56 +01:00
Robin Appelman
aad01894e3
refactor user searching 
add additional user searching tests

Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-12-20 15:51:37 +01:00
Abijeet
ec28c54dbc Adds search by email function on the users screen. 
Fixes #7175.

- Updated the query to fetch the users in users > everyone tab.
- Updated the query to fetch the users in users > admin tab.
- Tested to ensure that the disabled users are also being fetched.
- Added test cases.

Signed-off-by: Abijeet <abijeetpatro@gmail.com>
 2017-12-16 17:18:05 +05:30
Morris Jobke
43e498844e
Use ::class in test mocks 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-10-24 17:45:32 +02:00
Lukas Reschke
ed8a98eaa1
Prevent SQL error message in case of error 
`\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than
permitted in the database. This is against it's PHPDocs and we should cast this to `false`,
so that the regular error handling triggers in.

The easiest way to reproduce is on MySQL:

1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel
2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again
3. See SQL exception as error message

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-08-17 12:08:40 +02:00
Roeland Jago Douma
1ea7f14f0a
Fix SessionTest 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-09 16:13:54 +02:00
Arthur Schiwon
999455c1aa
emit changeUser only if there really was a change (quota, displayname) 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-06-01 11:34:17 +02:00
Lukas Reschke
7927aed991
Adjust token name 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:11 +02:00
Arthur Schiwon
668fe7df51
UserManager can now count disabled users 
Users page takes advantage of that

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-04-29 00:59:09 -03:00
Joas Schilling
9212089151
Use the new method in the old one to remove duplicate code 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-27 08:56:51 +02:00
Joas Schilling
ac0c21f4a7
Trigger change when a user is enabled/disabled 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-25 17:20:35 +02:00
Joas Schilling
ada615eb86
Use the correct Dummy and Backend class 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-20 12:48:51 +02:00
Joas Schilling
a3922bbcdc
Better validation of allowed user names 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-18 14:29:34 +02:00
Robin Appelman
baec42e80a
Save the scope of an auth token in the session 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2017-04-05 17:58:33 +02:00
Vincent Petry
aacfef463c
Add tests for database user backend caching 
Add comment, closeCursor in user DB query

Invalidate user in cache after successful creation

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-03-20 02:03:03 -06:00
Joas Schilling
6acfea61d0
Fix tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-01-05 12:17:30 +01:00
Vincent Petry
91cd57e55b
Get user home folder before deletion 
After the deletion getHome() will fail because the user doesn't exist
any more, so we need to fetch that value earlier.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-12-23 12:42:31 +01:00
Roeland Jago Douma
7b4265ab59
Improve OC\User\User coverage 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-12-20 11:47:08 +01:00
Roeland Jago Douma
e368a745aa
Set last-login-check on basic auth 
Else the last-login-check fails hard because the session value is not
set and thus defaults to 0.

* Started with tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-12-05 20:57:15 +01:00
Christoph Wurst
6543182d13 fix parameter order 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-28 10:00:53 +01:00
Christoph Wurst
9b808c4014 do not remember session tokens by default 
We have to respect the value of the remember-me checkbox. Due to an error
in the source code the default value for the session token was to remember
it.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-27 14:03:28 +01:00
Lukas Reschke
9d6e01ef40
Add missing tests and fix PHPDoc 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2016-11-02 13:39:17 +01:00
Christoph Wurst
6f86e468d4
inject ISecureRandom into user session and use injected config too 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-02 13:39:16 +01:00
Christoph Wurst
d907666232
bring back remember-me 
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-11-02 13:39:16 +01:00
Roeland Jago Douma
f722640a32
Proper DI of config 
* Fixed comments

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-28 10:13:35 +02:00
Jörn Friedrich Dreyer
f8352fcb8d
introduce callForSeenUsers and countSeenUsers (#26361) 
* introduce callForSeenUsers and countSeenUsers

* add tests

* oracle should support not null on clob

* since 9.2.0
 2016-10-28 08:44:05 +02:00
Roeland Jago Douma
593d52fe91
Fix and cleanup SessionTest 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2016-10-25 09:34:27 +02:00
Vincent Petry
6d1e858aa4
Fix logClientIn for non-existing users (#26292) 
The check for two factor enforcement would return true for non-existing
users. This fix makes it return false in order to be able to perform
the regular login which will then fail and return false.

This prevents throwing PasswordLoginForbidden for non-existing users.
 2016-10-25 09:34:27 +02:00
Robin Appelman
90db361827
Add test to ensure token times are updated 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-10-11 11:06:24 +02:00
Robin Appelman
25ed6714c7
dont update the auth token twice 
Signed-off-by: Robin Appelman <robin@icewind.nl>
 2016-10-11 11:05:25 +02:00
Joas Schilling
4d1acfd4ef
Only trigger postDelete hooks when the user was deleted... 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-09-29 15:40:53 +02:00
Joas Schilling
f6ff60f4cb
Make sure that comments, notifications and preferences are deleted 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-09-29 15:40:53 +02:00
Roeland Jago Douma
d616984879
Fix getMock User 2016-09-13 09:09:53 +02:00
Robin Appelman
6c93fe08f5 dont get bruteforce delay twice 2016-08-29 13:36:49 +02:00
Lukas Reschke
c1589f163c
Mitigate race condition 2016-07-20 23:09:27 +02:00
Lukas Reschke
ba4f12baa0
Implement brute force protection 
Class Throttler implements the bruteforce protection for security actions in
Nextcloud.

It is working by logging invalid login attempts to the database and slowing
down all login attempts from the same subnet. The max delay is 30 seconds and
the starting delay are 200 milliseconds. (after the first failed login)
 2016-07-20 22:08:56 +02:00
Roeland Jago Douma
f2d091a963
Fix failing tests after db split 2016-07-13 09:26:19 +02:00
Lukas Reschke
179a355b2c Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-07-01 11:36:35 +02:00
Christoph Wurst
1710de8afb Login hooks (#25260) 
* fix login hooks

* adjust user session tests

* fix login return value of successful token logins

* trigger preLogin hook earlier; extract method 'loginWithPassword'

* call postLogin hook earlier; add PHPDoc
 2016-06-27 22:16:22 +02:00
Lukas Reschke
6670d37658 Merge remote-tracking branch 'upstream/master' into master-sync-upstream 2016-06-27 18:23:00 +02:00
Bjoern Schiessle
2a990a0db5
verify user password on change 2016-06-27 14:08:11 +02:00
Christoph Wurst
89198e62e8 check login name when authenticating with client token 2016-06-24 13:57:09 +02:00
Vincent Petry
3db5de95bd Merge pull request #25172 from owncloud/token-login-validation 
Token login validation
 2016-06-22 13:58:56 +02:00
Christoph Wurst
b805908dca
update session token password on user password change 2016-06-21 10:24:25 +02:00