upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-11 01:30:50 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 79

Merge branch 'master' into dependabot/npm_and_yarn/follow-redirects-1.16.0

Browse source 
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
This commit is contained in:
Carl Schwan 2026-04-14 12:45:19 +02:00 committed by nextcloud-command
commit 840cf5788e
82 changed files with 154 additions and 543 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
apps/dav/lib/CardDAV/SyncService.php
View file

@ -201,7 +201,10 @@ class SyncService extends ASyncService {
$vCard = Reader::read($card['carddata']);
$uid = $vCard->UID->getValue();
// load backend and see if user exists
if (!$this->userManager->userExists($uid)) {
$user = $this->userManager->get($uid);
// If the user does not exist
if ($user === null || self::getCardUri($user) !== $card['uri']) {
$this->deleteUser($card['uri']);
}
}

38
apps/dav/tests/unit/CardDAV/SyncServiceTest.php
View file

@ -367,6 +367,44 @@ END:VCARD';
$ss->deleteUser($user);
}
public function testSyncInstance(): void {
/** @var CardDavBackend | MockObject $backend */
$backend = $this->getMockBuilder(CardDavBackend::class)->disableOriginalConstructor()->getMock();
$logger = $this->getMockBuilder(LoggerInterface::class)->disableOriginalConstructor()->getMock();
$backend->expects($this->exactly(1))->method('deleteCard');
$backend->method('getCards')->willReturn([
[
'carddata' => "BEGIN:VCARD\r\nVERSION:3.0\r\nPRODID:-//Sabre//Sabre VObject 3.4.8//EN\r\nUID:test-user\r\nFN:test-user\r\nN:test-user;;;;\r\nEND:VCARD\r\n\r\n",
'uri' => 'Database:test-user.vcf',
],
[
'carddata' => "BEGIN:VCARD\r\nVERSION:3.0\r\nPRODID:-//Sabre//Sabre VObject 3.4.8//EN\r\nUID:test-user\r\nFN:test-user\r\nN:test-user;;;;\r\nEND:VCARD\r\n\r\n",
'uri' => 'LDAP:test-user.vcf',
],
]
);
$backend->method('getAddressBooksByUri')
->with('principals/system/system', 'system')
->willReturn(['id' => -1]);
$userManager = $this->createMock(IUserManager::class);
$dbConnection = $this->createMock(IDBConnection::class);
$user = $this->createMock(IUser::class);
$user->method('getBackendClassName')->willReturn('LDAP');
$user->method('getUID')->willReturn('test-user');
$userManager->method('get')->willReturn($user);
$converter = $this->createMock(Converter::class);
$clientService = $this->createMock(IClientService::class);
$config = $this->createMock(IConfig::class);
$ss = new SyncService($clientService, $config, $backend, $userManager, $dbConnection, $logger, $converter);
$ss->syncInstance();
}
public function testDeleteAddressbookWhenAccessRevoked(): void {
$this->expectException(ClientExceptionInterface::class);

19
build/frontend-legacy/package-lock.json generated
View file

@ -7022,14 +7022,14 @@
}
},
"node_modules/axios": {
"version": "1.13.5",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.13.5.tgz",
"integrity": "sha512-cz4ur7Vb0xS4/KUN0tPWe44eqxrIu31me+fbang3ijiNscE129POzipJJA6zniq2C/Z6sJCjMimjS8Lc/GAs8Q==",
"version": "1.15.0",
"resolved": "https://registry.npmjs.org/axios/-/axios-1.15.0.tgz",
"integrity": "sha512-wWyJDlAatxk30ZJer+GeCWS209sA42X+N5jU2jy6oHTp7ufw8uzUTVFBX9+wTfAlhiJXGS0Bq7X6efruWjuK9Q==",
"license": "MIT",
"dependencies": {
"follow-redirects": "^1.15.11",
"form-data": "^4.0.5",
"proxy-from-env": "^1.1.0"
"proxy-from-env": "^2.1.0"
}
},
"node_modules/axios-retry": {
@ -14924,10 +14924,13 @@
}
},
"node_modules/proxy-from-env": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
"integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
"license": "MIT"
"version": "2.1.0",
"resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-2.1.0.tgz",
"integrity": "sha512-cJ+oHTW1VAEa8cJslgmUZrc+sjRKgAKl3Zyse6+PV38hZe/V6Z14TbCuXcan9F9ghlz4QrFr2c92TNF82UkYHA==",
"license": "MIT",
"engines": {
"node": ">=10"
}
},
"node_modules/pseudomap": {
"version": "1.0.2",

2
dist/1140-1140.js.license vendored
View file

@ -147,7 +147,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/1216-1216.js.license vendored
View file

@ -57,7 +57,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/1598-1598.js.license vendored
View file

@ -159,7 +159,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/1764-1764.js.license vendored
View file

@ -93,7 +93,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/1930-1930.js.license vendored
View file

@ -71,7 +71,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/2311-2311.js.license vendored
View file

@ -64,7 +64,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/2426-2426.js.license vendored
View file

@ -109,7 +109,7 @@ This file is generated from multiple sources. Included packages:
- version: 8.37.0
- license: AGPL-3.0-or-later
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/2457-2457.js.license vendored
View file

@ -93,7 +93,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/3145-3145.js.license vendored
View file

@ -69,7 +69,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/4723-4723.js.license vendored
View file

@ -64,7 +64,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/7186-7186.js.license vendored
View file

@ -181,7 +181,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/7497-7497.js.license vendored
View file

@ -143,7 +143,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/8192-8192.js.license vendored
View file

@ -93,7 +93,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/9396-9396.js.license vendored
View file

@ -144,7 +144,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/9553-9553.js.license vendored
View file

@ -63,7 +63,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/9646-9646.js.license vendored
View file

@ -179,7 +179,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/9906-9906.js.license vendored
View file

@ -120,7 +120,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

4
dist/core-common.js vendored
View file

File diff suppressed because one or more lines are too long

2
dist/core-common.js.license vendored
View file

@ -294,7 +294,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/core-common.js.map vendored
View file

File diff suppressed because one or more lines are too long

2
dist/core-install.js.license vendored
View file

@ -65,7 +65,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-legacy-unified-search.js.license vendored
View file

@ -130,7 +130,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-login.js.license vendored
View file

@ -196,7 +196,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-main.js.license vendored
View file

@ -210,7 +210,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-maintenance.js.license vendored
View file

@ -36,7 +36,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.1.0
- license: GPL-3.0-or-later
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-public-page-menu.js.license vendored
View file

@ -136,7 +136,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-public-page-user-menu.js.license vendored
View file

@ -136,7 +136,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-public_share_auth.js.license vendored
View file

@ -140,7 +140,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/core-recommendedapps.js.license vendored
View file

@ -49,7 +49,7 @@ This file is generated from multiple sources. Included packages:
- version: 8.37.0
- license: AGPL-3.0-or-later
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/core-unified-search.js.license vendored
View file

@ -86,7 +86,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/dashboard-main.js.license vendored
View file

@ -74,7 +74,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/files-init.js.license vendored
View file

@ -238,7 +238,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/files-main.js.license vendored
View file

@ -239,7 +239,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/files-reference-files.js.license vendored
View file

@ -173,7 +173,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/files-settings-admin.js.license vendored
View file

@ -116,7 +116,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/files-settings-personal.js.license vendored
View file

@ -140,7 +140,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/files_sharing-init.js.license vendored
View file

@ -159,7 +159,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/files_sharing-personal-settings.js.license vendored
View file

@ -115,7 +115,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/files_sharing-public-nickname-handler.js.license vendored
View file

@ -149,7 +149,7 @@ This file is generated from multiple sources. Included packages:
- version: 4.5.0
- license: Apache-2.0
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-apps-view-4529.js.license vendored
View file

@ -213,7 +213,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-declarative-settings-forms.js.license vendored
View file

@ -185,7 +185,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-users-3239.js.license vendored
View file

@ -256,7 +256,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/settings-vue-settings-admin-ai.js.license vendored
View file

@ -91,7 +91,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-basic-settings.js.license vendored
View file

@ -171,7 +171,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-delegation.js.license vendored
View file

@ -142,7 +142,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-mail.js.license vendored
View file

@ -236,7 +236,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/settings-vue-settings-admin-overview.js.license vendored
View file

@ -57,7 +57,7 @@ This file is generated from multiple sources. Included packages:
- version: 8.37.0
- license: AGPL-3.0-or-later
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-security.js.license vendored
View file

@ -186,7 +186,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-settings-presets.js.license vendored
View file

@ -117,7 +117,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-admin-sharing.js.license vendored
View file

@ -147,7 +147,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-apps-users-management.js.license vendored
View file

@ -181,7 +181,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.5.28
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-personal-info.js.license vendored
View file

@ -195,7 +195,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-personal-password.js.license vendored
View file

@ -194,7 +194,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- bail
- version: 2.0.2

2
dist/settings-vue-settings-personal-security.js.license vendored
View file

@ -180,7 +180,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/settings-vue-settings-personal-webauthn.js.license vendored
View file

@ -171,7 +171,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/updatenotification-init.js.license vendored
View file

@ -37,7 +37,7 @@ This file is generated from multiple sources. Included packages:
- version: 3.1.0
- license: GPL-3.0-or-later
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/updatenotification-updatenotification.js.license vendored
View file

@ -144,7 +144,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/weather_status-weather-status.js.license vendored
View file

@ -133,7 +133,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

2
dist/workflowengine-workflowengine.js.license vendored
View file

@ -192,7 +192,7 @@ This file is generated from multiple sources. Included packages:
- version: 11.3.0
- license: MIT
- axios
- version: 1.13.5
- version: 1.15.0
- license: MIT
- base64-js
- version: 1.5.1

3
lib/composer/composer/autoload_classmap.php
View file

@ -126,9 +126,6 @@ return array(
'OCP\\AppFramework\\Http\\StandaloneTemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/StandaloneTemplateResponse.php',
'OCP\\AppFramework\\Http\\StreamResponse' => $baseDir . '/lib/public/AppFramework/Http/StreamResponse.php',
'OCP\\AppFramework\\Http\\StreamTraversableResponse' => $baseDir . '/lib/public/AppFramework/Http/StreamTraversableResponse.php',
'OCP\\AppFramework\\Http\\StrictContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\StrictEvalContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\StrictInlineContentSecurityPolicy' => $baseDir . '/lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\TemplateResponse' => $baseDir . '/lib/public/AppFramework/Http/TemplateResponse.php',
'OCP\\AppFramework\\Http\\Template\\ExternalShareMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/ExternalShareMenuAction.php',
'OCP\\AppFramework\\Http\\Template\\IMenuAction' => $baseDir . '/lib/public/AppFramework/Http/Template/IMenuAction.php',

3
lib/composer/composer/autoload_static.php
View file

@ -167,9 +167,6 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
'OCP\\AppFramework\\Http\\StandaloneTemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StandaloneTemplateResponse.php',
'OCP\\AppFramework\\Http\\StreamResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StreamResponse.php',
'OCP\\AppFramework\\Http\\StreamTraversableResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StreamTraversableResponse.php',
'OCP\\AppFramework\\Http\\StrictContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\StrictEvalContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\StrictInlineContentSecurityPolicy' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php',
'OCP\\AppFramework\\Http\\TemplateResponse' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/TemplateResponse.php',
'OCP\\AppFramework\\Http\\Template\\ExternalShareMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/ExternalShareMenuAction.php',
'OCP\\AppFramework\\Http\\Template\\IMenuAction' => __DIR__ . '/../../..' . '/lib/public/AppFramework/Http/Template/IMenuAction.php',

16
lib/private/AppFramework/Http/Dispatcher.php
View file

@ -26,6 +26,9 @@ use Psr\Log\LoggerInterface;
* Class to dispatch the request to the middleware dispatcher
*/
class Dispatcher {
public const DEFAULT_MIN = 1;
public const DEFAULT_MAX = 500;
/**
* @param Http $protocol the http protocol with contains all status headers
* @param MiddlewareDispatcher $middlewareDispatcher the dispatcher which
@ -149,7 +152,7 @@ class Dispatcher {
$value = false;
} elseif ($value !== null && \in_array($type, $types, true)) {
settype($value, $type);
$this->ensureParameterValueSatisfiesRange($param, $value);
$this->ensureParameterValueSatisfiesRange($param, $value, $default);
} elseif ($value === null && $type !== null && $this->appContainer->has($type)) {
$value = $this->appContainer->get($type);
}
@ -193,7 +196,7 @@ class Dispatcher {
* @psalm-param mixed $value
* @throws ParameterOutOfRangeException
*/
private function ensureParameterValueSatisfiesRange(string $param, $value): void {
private function ensureParameterValueSatisfiesRange(string $param, $value, $default): void {
$rangeInfo = $this->reflector->getRange($param);
if ($rangeInfo) {
if ($value < $rangeInfo['min'] || $value > $rangeInfo['max']) {
@ -204,6 +207,15 @@ class Dispatcher {
$rangeInfo['max'],
);
}
} elseif ($param === 'limit') {
if ($value !== $default && ($value < self::DEFAULT_MIN || $value > self::DEFAULT_MAX)) {
throw new ParameterOutOfRangeException(
$param,
$value,
self::DEFAULT_MIN,
self::DEFAULT_MAX,
);
}
}
}
}

5
lib/private/Collaboration/Resources/Manager.php
View file

@ -457,11 +457,6 @@ class Manager implements IManager {
$query->executeStatement();
}
public function registerResourceProvider(string $provider): void {
$this->logger->debug('\OC\Collaboration\Resources\Manager::registerResourceProvider is deprecated', ['provider' => $provider]);
$this->providerManager->registerResourceProvider($provider);
}
/**
* Get the resource type of the provider
*

16
lib/private/Notification/Manager.php
View file

@ -90,22 +90,6 @@ class Manager implements IManager {
}
}
/**
* @param \Closure $service The service must implement INotifier, otherwise a
* \InvalidArgumentException is thrown later
* @param \Closure $info An array with the keys 'id' and 'name' containing
* the app id and the app name
* @deprecated 17.0.0 use registerNotifierService instead.
* @since 8.2.0 - Parameter $info was added in 9.0.0
*/
public function registerNotifier(\Closure $service, \Closure $info): void {
$infoData = $info();
$exception = new \InvalidArgumentException(
'Notifier ' . $infoData['name'] . ' (id: ' . $infoData['id'] . ') is not considered because it is using the old way to register.'
);
$this->logger->error($exception->getMessage(), ['exception' => $exception]);
}
/**
* @param string $notifierService The service must implement INotifier, otherwise a
* \InvalidArgumentException is thrown later

26
lib/private/Security/CSP/ContentSecurityPolicy.php
View file

@ -24,17 +24,6 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy
$this->inlineScriptAllowed = $inlineScriptAllowed;
}
public function isEvalScriptAllowed(): bool {
return $this->evalScriptAllowed;
}
/**
* @deprecated 17.0.0 Unsafe eval should not be used anymore.
*/
public function setEvalScriptAllowed(bool $evalScriptAllowed): void {
$this->evalScriptAllowed = $evalScriptAllowed;
}
public function isEvalWasmAllowed(): ?bool {
return $this->evalWasmAllowed;
}
@ -115,21 +104,6 @@ class ContentSecurityPolicy extends \OCP\AppFramework\Http\ContentSecurityPolicy
$this->allowedFontDomains = $allowedFontDomains;
}
/**
* @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
*/
public function getAllowedChildSrcDomains(): array {
return $this->allowedChildSrcDomains;
}
/**
* @param array $allowedChildSrcDomains
* @deprecated 15.0.0 use FrameDomains and WorkerSrcDomains
*/
public function setAllowedChildSrcDomains($allowedChildSrcDomains): void {
$this->allowedChildSrcDomains = $allowedChildSrcDomains;
}
public function getAllowedFrameAncestors(): array {
return $this->allowedFrameAncestors;
}

4
lib/public/AppFramework/Http/ContentSecurityPolicy.php
View file

@ -24,8 +24,6 @@ namespace OCP\AppFramework\Http;
class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
/** @var bool Whether inline JS snippets are allowed */
protected $inlineScriptAllowed = false;
/** @var bool Whether eval in JS scripts is allowed */
protected $evalScriptAllowed = false;
/** @var bool Whether WebAssembly compilation is allowed */
protected ?bool $evalWasmAllowed = false;
/** @var bool Whether strict-dynamic should be set */
@ -69,8 +67,6 @@ class ContentSecurityPolicy extends EmptyContentSecurityPolicy {
'\'self\'',
'data:',
];
/** @var array Domains from which web-workers and nested browsing content can load elements */
protected $allowedChildSrcDomains = [];
/** @var array Domains which can embed this Nextcloud instance */
protected $allowedFrameAncestors = [

55
lib/public/AppFramework/Http/EmptyContentSecurityPolicy.php
View file

@ -24,12 +24,6 @@ class EmptyContentSecurityPolicy {
protected $strictDynamicAllowed = null;
/** @var bool Whether strict-dynamic should be used on script-src-elem */
protected $strictDynamicAllowedOnScripts = null;
/**
* @var bool Whether eval in JS scripts is allowed
* TODO: Disallow per default
* @link https://github.com/owncloud/core/issues/11925
*/
protected $evalScriptAllowed = null;
/** @var bool Whether WebAssembly compilation is allowed */
protected ?bool $evalWasmAllowed = null;
/** @var array Domains from which scripts can get loaded */
@ -54,8 +48,6 @@ class EmptyContentSecurityPolicy {
protected $allowedFrameDomains = null;
/** @var array Domains from which fonts can be loaded */
protected $allowedFontDomains = null;
/** @var array Domains from which web-workers and nested browsing content can load elements */
protected $allowedChildSrcDomains = null;
/** @var array Domains which can embed this Nextcloud instance */
protected $allowedFrameAncestors = null;
/** @var array Domains from which web-workers can be loaded */
@ -101,18 +93,6 @@ class EmptyContentSecurityPolicy {
return $this;
}
/**
* Whether eval in JavaScript is allowed or forbidden
* @param bool $state
* @return $this
* @since 8.1.0
* @deprecated 17.0.0 Eval should not be used anymore. Please update your scripts. This function will stop functioning in a future version of Nextcloud.
*/
public function allowEvalScript($state = true) {
$this->evalScriptAllowed = $state;
return $this;
}
/**
* Whether WebAssembly compilation is allowed or forbidden
* @param bool $state
@ -323,31 +303,6 @@ class EmptyContentSecurityPolicy {
return $this;
}
/**
* Domains from which web-workers and nested browsing content can load elements
* @param string $domain Domain to whitelist. Any passed value needs to be properly sanitized.
* @return $this
* @since 8.1.0
* @deprecated 15.0.0 use addAllowedWorkerSrcDomains or addAllowedFrameDomain
*/
public function addAllowedChildSrcDomain($domain) {
$this->allowedChildSrcDomains[] = $domain;
return $this;
}
/**
* Remove the specified allowed child src domain from the allowed domains.
*
* @param string $domain
* @return $this
* @since 8.1.0
* @deprecated 15.0.0 use the WorkerSrcDomains or FrameDomain
*/
public function disallowChildSrcDomain($domain) {
$this->allowedChildSrcDomains = array_diff($this->allowedChildSrcDomains, [$domain]);
return $this;
}
/**
* Domains which can embed an iFrame of the Nextcloud instance
*
@ -441,7 +396,7 @@ class EmptyContentSecurityPolicy {
$policy .= "base-uri 'none';";
$policy .= "manifest-src 'self';";
if (!empty($this->allowedScriptDomains) || $this->evalScriptAllowed || $this->evalWasmAllowed || is_string($this->jsNonce)) {
if (!empty($this->allowedScriptDomains) || $this->evalWasmAllowed || is_string($this->jsNonce)) {
$policy .= 'script-src ';
$scriptSrc = '';
if (is_string($this->jsNonce)) {
@ -459,9 +414,6 @@ class EmptyContentSecurityPolicy {
if (is_array($this->allowedScriptDomains)) {
$scriptSrc .= implode(' ', $this->allowedScriptDomains);
}
if ($this->evalScriptAllowed) {
$scriptSrc .= ' \'unsafe-eval\'';
}
if ($this->evalWasmAllowed) {
$scriptSrc .= ' \'wasm-unsafe-eval\'';
}
@ -517,11 +469,6 @@ class EmptyContentSecurityPolicy {
$policy .= ';';
}
if (!empty($this->allowedChildSrcDomains)) {
$policy .= 'child-src ' . implode(' ', $this->allowedChildSrcDomains);
$policy .= ';';
}
if (!empty($this->allowedFrameAncestors)) {
$policy .= 'frame-ancestors ' . implode(' ', $this->allowedFrameAncestors);
$policy .= ';';

70
lib/public/AppFramework/Http/StrictContentSecurityPolicy.php
View file

@ -1,70 +0,0 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCP\AppFramework\Http;
/**
* Class StrictContentSecurityPolicy is a simple helper which allows applications to
* modify the Content-Security-Policy sent by Nextcloud. Per default only JavaScript,
* stylesheets, images, fonts, media and connections from the same domain
* ('self') are allowed.
*
* Even if a value gets modified above defaults will still get appended. Please
* note that Nextcloud ships already with sensible defaults and those policies
* should require no modification at all for most use-cases.
*
* This class represents out strictest defaults. They may get change from release
* to release if more strict CSP directives become available.
*
* @since 14.0.0
* @deprecated 17.0.0
*/
class StrictContentSecurityPolicy extends EmptyContentSecurityPolicy {
/** @var bool Whether inline JS snippets are allowed */
protected $inlineScriptAllowed = false;
/** @var bool Whether eval in JS scripts is allowed */
protected $evalScriptAllowed = false;
/** @var bool Whether WebAssembly compilation is allowed */
protected ?bool $evalWasmAllowed = false;
/** @var array Domains from which scripts can get loaded */
protected $allowedScriptDomains = [
'\'self\'',
];
/** @var bool Whether inline CSS is allowed */
protected $inlineStyleAllowed = false;
/** @var array Domains from which CSS can get loaded */
protected $allowedStyleDomains = [
'\'self\'',
];
/** @var array Domains from which images can get loaded */
protected $allowedImageDomains = [
'\'self\'',
'data:',
'blob:',
];
/** @var array Domains to which connections can be done */
protected $allowedConnectDomains = [
'\'self\'',
];
/** @var array Domains from which media elements can be loaded */
protected $allowedMediaDomains = [
'\'self\'',
];
/** @var array Domains from which object elements can be loaded */
protected $allowedObjectDomains = [];
/** @var array Domains from which iframes can be loaded */
protected $allowedFrameDomains = [];
/** @var array Domains from which fonts can be loaded */
protected $allowedFontDomains = [
'\'self\'',
];
/** @var array Domains from which web-workers and nested browsing content can load elements */
protected $allowedChildSrcDomains = [];
/** @var array Domains which can embed this Nextcloud instance */
protected $allowedFrameAncestors = [];
}

33
lib/public/AppFramework/Http/StrictEvalContentSecurityPolicy.php
View file

@ -1,33 +0,0 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCP\AppFramework\Http;
/**
* Class StrictEvalContentSecurityPolicy is a simple helper which allows applications to
* modify the Content-Security-Policy sent by Nextcloud. Per default only JavaScript,
* stylesheets, images, fonts, media and connections from the same domain
* ('self') are allowed.
*
* Even if a value gets modified above defaults will still get appended. Please
* note that Nextcloud ships already with sensible defaults and those policies
* should require no modification at all for most use-cases.
*
* This is a temp helper class from the default ContentSecurityPolicy to allow slow
* migration to a stricter CSP. This does not allow unsafe eval.
*
* @since 14.0.0
* @deprecated 17.0.0
*/
class StrictEvalContentSecurityPolicy extends ContentSecurityPolicy {
/**
* @since 14.0.0
*/
public function __construct() {
$this->evalScriptAllowed = false;
}
}

33
lib/public/AppFramework/Http/StrictInlineContentSecurityPolicy.php
View file

@ -1,33 +0,0 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCP\AppFramework\Http;
/**
* Class StrictInlineContentSecurityPolicy is a simple helper which allows applications to
* modify the Content-Security-Policy sent by Nextcloud. Per default only JavaScript,
* stylesheets, images, fonts, media and connections from the same domain
* ('self') are allowed.
*
* Even if a value gets modified above defaults will still get appended. Please
* note that Nextcloud ships already with sensible defaults and those policies
* should require no modification at all for most use-cases.
*
* This is a temp helper class from the default ContentSecurityPolicy to allow slow
* migration to a stricter CSP. This does not allow inline styles.
*
* @since 14.0.0
* @deprecated 17.0.0
*/
class StrictInlineContentSecurityPolicy extends ContentSecurityPolicy {
/**
* @since 14.0.0
*/
public function __construct() {
$this->inlineStyleAllowed = false;
}
}

7
lib/public/Collaboration/Resources/IManager.php
View file

@ -97,11 +97,4 @@ interface IManager extends IProvider {
* @since 16.0.0
*/
public function getResourceForUser(string $type, string $id, ?IUser $user): IResource;
/**
* @param string $provider
* @since 16.0.0
* @deprecated 18.0.0 Use IProviderManager::registerResourceProvider instead
*/
public function registerResourceProvider(string $provider): void;
}

10
lib/public/Notification/IManager.php
View file

@ -19,16 +19,6 @@ interface IManager extends IApp, IPreloadableNotifier {
*/
public function registerApp(string $appClass): void;
/**
* @param \Closure $service The service must implement INotifier, otherwise a
* \InvalidArgumentException is thrown later
* @param \Closure $info An array with the keys 'id' and 'name' containing
* the app id and the app name
* @deprecated 17.0.0 use registerNotifierService instead.
* @since 8.2.0 - Parameter $info was added in 9.0.0
*/
public function registerNotifier(\Closure $service, \Closure $info);
/**
* @param string $notifierService The service must implement INotifier, otherwise a
* \InvalidArgumentException is thrown later

25
lib/public/Util.php
View file

@ -468,31 +468,6 @@ class Util {
return $ret;
}
/**
* performs a search in a nested array
*
* @param array $haystack the array to be searched
* @param string $needle the search string
* @param mixed $index optional, only search this key name
* @return mixed the key of the matching field, otherwise false
* @since 4.5.0
* @deprecated 15.0.0
*/
public static function recursiveArraySearch($haystack, $needle, $index = null) {
$aIt = new \RecursiveArrayIterator($haystack);
$it = new \RecursiveIteratorIterator($aIt);
while ($it->valid()) {
if (((isset($index) && ($it->key() == $index)) || !isset($index)) && ($it->current() == $needle)) {
return $aIt->key();
}
$it->next();
}
return false;
}
/**
* calculates the maximum upload size respecting system settings, free space and user quota
*

57
tests/lib/AppFramework/Http/ContentSecurityPolicyTest.php
View file

@ -72,7 +72,6 @@ class ContentSecurityPolicyTest extends \Test\TestCase {
public function testGetPolicyScriptDisallowEval(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->allowEvalScript(false);
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
@ -370,47 +369,6 @@ class ContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetAllowedChildSrcDomain(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';child-src child.nextcloud.com;frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyChildSrcValidMultiple(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';child-src child.nextcloud.com child.nextcloud.org;frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.com');
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.org');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomain(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomainMultiple(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';child-src www.nextcloud.com;frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.org');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomainMultipleStakes(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.org')->disallowChildSrcDomain('www.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetAllowedFrameAncestorDomain(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self' sub.nextcloud.com;form-action 'self'";
@ -442,21 +400,6 @@ class ContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowFrameAncestorDomainMultipleStakes(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.org')->disallowChildSrcDomain('www.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyUnsafeEval(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";
$this->contentSecurityPolicy->allowEvalScript(true);
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyUnsafeWasmEval(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'wasm-unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self'";

32
tests/lib/AppFramework/Http/DispatcherTest.php
View file

@ -549,18 +549,34 @@ class DispatcherTest extends \Test\TestCase {
[7, 14, 5, true],
[7, 14, 10, false],
[-14, -7, -10, false],
[null, null, -1, false],
// $limit comes with default limits of self::DEFAULT_MIN (1) <= $limit <= self::DEFAULT_MAX (500)
[null, null, -1, true, 'limit'],
[null, null, -1, false, 'limit', -1],
[null, null, 0, true, 'limit'],
[null, null, 0, true, 'limit', -1],
[null, null, 1, false, 'limit'],
[null, null, 500, false, 'limit'],
[null, null, 501, true, 'limit'],
];
}
#[\PHPUnit\Framework\Attributes\DataProvider('rangeDataProvider')]
public function testEnsureParameterValueSatisfiesRange(int $min, int $max, int $input, bool $throw): void {
public function testEnsureParameterValueSatisfiesRange(?int $min, ?int $max, int $input, bool $throw, string $param = 'myArgument', ?int $default = null): void {
$this->reflector = $this->createMock(ControllerMethodReflector::class);
$this->reflector->expects($this->any())
->method('getRange')
->willReturn([
'min' => $min,
'max' => $max,
]);
if ($min === null && $max === null) {
$this->reflector->expects($this->any())
->method('getRange')
->willReturn(null);
} else {
$this->reflector->expects($this->any())
->method('getRange')
->willReturn([
'min' => $min,
'max' => $max,
]);
}
$this->dispatcher = new Dispatcher(
$this->http,
@ -578,7 +594,7 @@ class DispatcherTest extends \Test\TestCase {
$this->expectException(ParameterOutOfRangeException::class);
}
$this->invokePrivate($this->dispatcher, 'ensureParameterValueSatisfiesRange', ['myArgument', $input]);
self::invokePrivate($this->dispatcher, 'ensureParameterValueSatisfiesRange', [$param, $input, $default]);
if (!$throw) {
// do not mark this test risky
$this->assertTrue(true);

46
tests/lib/AppFramework/Http/EmptyContentSecurityPolicyTest.php
View file

@ -68,13 +68,6 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyScriptAllowEval(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'unsafe-eval';frame-ancestors 'none'";
$this->contentSecurityPolicy->allowEvalScript(true);
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyScriptAllowWasmEval(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'wasm-unsafe-eval';frame-ancestors 'none'";
@ -377,45 +370,6 @@ class EmptyContentSecurityPolicyTest extends \Test\TestCase {
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetAllowedChildSrcDomain(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';child-src child.nextcloud.com;frame-ancestors 'none'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyChildSrcValidMultiple(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';child-src child.nextcloud.com child.nextcloud.org;frame-ancestors 'none'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.com');
$this->contentSecurityPolicy->addAllowedChildSrcDomain('child.nextcloud.org');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomain(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomainMultiple(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';child-src www.nextcloud.com;frame-ancestors 'none'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.org');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyDisallowChildSrcDomainMultipleStakes(): void {
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'";
$this->contentSecurityPolicy->addAllowedChildSrcDomain('www.nextcloud.com');
$this->contentSecurityPolicy->disallowChildSrcDomain('www.nextcloud.org')->disallowChildSrcDomain('www.nextcloud.com');
$this->assertSame($expectedPolicy, $this->contentSecurityPolicy->buildPolicy());
}
public function testGetPolicyWithJsNonceAndScriptDomains(): void {
$nonce = base64_encode('MyJsNonce');
$expectedPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-$nonce' www.nextcloud.com www.nextcloud.org;frame-ancestors 'none'";

46
tests/lib/Collaboration/Resources/ManagerTest.php
View file

@ -1,46 +0,0 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2019 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace Test\Collaboration\Resources;
use OC\Collaboration\Resources\Manager;
use OCP\Collaboration\Resources\IManager;
use OCP\Collaboration\Resources\IProviderManager;
use OCP\IDBConnection;
use PHPUnit\Framework\MockObject\MockObject;
use Psr\Log\LoggerInterface;
use Test\TestCase;
class ManagerTest extends TestCase {
protected LoggerInterface&MockObject $logger;
protected IProviderManager&MockObject $providerManager;
protected IManager $manager;
protected function setUp(): void {
parent::setUp();
$this->logger = $this->createMock(LoggerInterface::class);
$this->providerManager = $this->createMock(IProviderManager::class);
/** @var IDBConnection $connection */
$connection = $this->createMock(IDBConnection::class);
$this->manager = new Manager($connection, $this->providerManager, $this->logger);
}
public function testRegisterResourceProvider(): void {
$this->logger->expects($this->once())
->method('debug')
->with($this->equalTo('\OC\Collaboration\Resources\Manager::registerResourceProvider is deprecated'), $this->equalTo(['provider' => 'AwesomeResourceProvider']));
$this->providerManager->expects($this->once())
->method('registerResourceProvider')
->with($this->equalTo('AwesomeResourceProvider'));
$this->manager->registerResourceProvider('AwesomeResourceProvider');
}
}

13
tests/lib/Security/CSP/ContentSecurityPolicyManagerTest.php
View file

@ -44,24 +44,20 @@ class ContentSecurityPolicyManagerTest extends TestCase {
$policy = new ContentSecurityPolicy();
$policy->addAllowedFontDomain('example.com');
$policy->addAllowedImageDomain('example.org');
$policy->allowEvalScript(true);
$this->contentSecurityPolicyManager->addDefaultPolicy($policy);
$policy = new EmptyContentSecurityPolicy();
$policy->addAllowedChildSrcDomain('childdomain');
$policy->addAllowedFontDomain('anotherFontDomain');
$policy->addAllowedFormActionDomain('thirdDomain');
$this->contentSecurityPolicyManager->addDefaultPolicy($policy);
$expected = new \OC\Security\CSP\ContentSecurityPolicy();
$expected->allowEvalScript(true);
$expected->addAllowedFontDomain('mydomain.com');
$expected->addAllowedFontDomain('example.com');
$expected->addAllowedFontDomain('anotherFontDomain');
$expected->addAllowedFormActionDomain('thirdDomain');
$expected->addAllowedImageDomain('anotherdomain.de');
$expected->addAllowedImageDomain('example.org');
$expected->addAllowedChildSrcDomain('childdomain');
$expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';child-src childdomain;frame-ancestors 'self';form-action 'self' thirdDomain";
$expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self' thirdDomain";
$this->assertEquals($expected, $this->contentSecurityPolicyManager->getDefaultPolicy());
$this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy());
@ -73,7 +69,6 @@ class ContentSecurityPolicyManagerTest extends TestCase {
$policy->addAllowedFontDomain('mydomain.com');
$policy->addAllowedImageDomain('anotherdomain.de');
$policy->useStrictDynamic(true);
$policy->allowEvalScript(true);
$e->addPolicy($policy);
});
@ -82,29 +77,25 @@ class ContentSecurityPolicyManagerTest extends TestCase {
$policy = new ContentSecurityPolicy();
$policy->addAllowedFontDomain('example.com');
$policy->addAllowedImageDomain('example.org');
$policy->allowEvalScript(false);
$e->addPolicy($policy);
});
$this->dispatcher->addListener(AddContentSecurityPolicyEvent::class, function (AddContentSecurityPolicyEvent $e): void {
$policy = new EmptyContentSecurityPolicy();
$policy->addAllowedChildSrcDomain('childdomain');
$policy->addAllowedFontDomain('anotherFontDomain');
$policy->addAllowedFormActionDomain('thirdDomain');
$e->addPolicy($policy);
});
$expected = new \OC\Security\CSP\ContentSecurityPolicy();
$expected->allowEvalScript(true);
$expected->addAllowedFontDomain('mydomain.com');
$expected->addAllowedFontDomain('example.com');
$expected->addAllowedFontDomain('anotherFontDomain');
$expected->addAllowedImageDomain('anotherdomain.de');
$expected->addAllowedImageDomain('example.org');
$expected->addAllowedChildSrcDomain('childdomain');
$expected->addAllowedFormActionDomain('thirdDomain');
$expected->useStrictDynamic(true);
$expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';child-src childdomain;frame-ancestors 'self';form-action 'self' thirdDomain";
$expectedStringPolicy = "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob: anotherdomain.de example.org;font-src 'self' data: mydomain.com example.com anotherFontDomain;connect-src 'self';media-src 'self';frame-ancestors 'self';form-action 'self' thirdDomain";
$this->assertEquals($expected, $this->contentSecurityPolicyManager->getDefaultPolicy());
$this->assertSame($expectedStringPolicy, $this->contentSecurityPolicyManager->getDefaultPolicy()->buildPolicy());

15
tests/lib/UtilTest.php
View file

@ -401,19 +401,4 @@ class UtilTest extends \Test\TestCase {
$expected = $arrayResult;
$this->assertEquals($result, $expected);
}
public function testRecursiveArraySearch(): void {
$haystack = [
'Foo' => 'own',
'Bar' => 'Cloud',
];
$result = Util::recursiveArraySearch($haystack, 'own');
$expected = 'Foo';
$this->assertEquals($result, $expected);
$result = Util::recursiveArraySearch($haystack, 'NotFound');
$this->assertFalse($result);
}
}