nextcloud · blizzz · Jul 7, 2016 · Jun 29, 2016 · Jul 1, 2016 · Jul 1, 2016
diff --git a/apps/dav/appinfo/application.php b/apps/dav/appinfo/application.php
@@ -32,6 +32,7 @@
 use OCA\Dav\Migration\CalendarAdapter;
 use OCA\Dav\Migration\MigrateAddressbooks;
 use OCA\Dav\Migration\MigrateCalendars;
+use OCA\Dav\Migration\NothingToDoException;
 use \OCP\AppFramework\App;
 use OCP\AppFramework\IAppContainer;
 use OCP\Contacts\IManager;
@@ -190,6 +191,8 @@ public function migrateAddressbooks() {
 				/** @var IUser $user */
 				$migration->migrateForUser($user->getUID());
 			});
+		} catch (NothingToDoException $ex) {
+			// nothing to do, yay!
 		} catch (\Exception $ex) {
 			$this->getContainer()->getServer()->getLogger()->logException($ex);
 		}
@@ -206,6 +209,8 @@ public function migrateCalendars() {
 				/** @var IUser $user */
 				$migration->migrateForUser($user->getUID());
 			});
+		} catch (NothingToDoException $ex) {
+			// nothing to do, yay!
 		} catch (\Exception $ex) {
 			$this->getContainer()->getServer()->getLogger()->logException($ex);
 		}

diff --git a/apps/dav/lib/migration/addressbookadapter.php b/apps/dav/lib/migration/addressbookadapter.php
@@ -69,7 +69,7 @@ public function foreachBook($user, \Closure $callBack) {
 
 	public function setup() {
 		if (!$this->dbConnection->tableExists($this->sourceBookTable)) {
-			throw new \DomainException('Contacts tables are missing. Nothing to do.');
+			throw new NothingToDoException('Contacts tables are missing');
 		}
 	}
 

diff --git a/apps/dav/lib/migration/calendaradapter.php b/apps/dav/lib/migration/calendaradapter.php
@@ -65,7 +65,7 @@ public function foreachCalendar($user, \Closure $callBack) {
 
 	public function setup() {
 		if (!$this->dbConnection->tableExists($this->sourceCalendarTable)) {
-			throw new \DomainException('Calendar tables are missing. Nothing to do.');
+			throw new NothingToDoException('Calendar tables are missing');
 		}
 	}
 

diff --git a/apps/dav/lib/migration/nothingtodoexception.php b/apps/dav/lib/migration/nothingtodoexception.php
@@ -0,0 +1,27 @@
+<?php
+/**
+ * @author Robin McCorkell <robin@mccorkell.me.uk>
+ *
+ * @copyright Copyright (c) 2016, ownCloud, Inc.
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\Dav\Migration;
+
+/**
+ * Exception if no migration needs to be done
+ */
+class NothingToDoException extends \DomainException {}
diff --git a/apps/files/js/filelist.js b/apps/files/js/filelist.js
@@ -1327,13 +1327,27 @@
 			return OC.linkTo('files', 'index.php')+"?dir="+ encodeURIComponent(dir).replace(/%2F/g, '/');
 		},
 
+		_isValidPath: function(path) {
+			var sections = path.split('/');
+			for (var i = 0; i < sections.length; i++) {
+				if (sections[i] === '..') {
+					return false;
+				}
+			}
+			return true;
+		},
+
 		/**
 		 * Sets the current directory name and updates the breadcrumb.
 		 * @param targetDir directory to display
 		 * @param changeUrl true to also update the URL, false otherwise (default)
 		 */
 		_setCurrentDir: function(targetDir, changeUrl) {
-			targetDir = targetDir.replace(/\\/g, '/').replace(/\/\.\.\//g, '/');
+			targetDir = targetDir.replace(/\\/g, '/');
+			if (!this._isValidPath(targetDir)) {
+				targetDir = '/';
+				changeUrl = true;
+			}
 			var previousDir = this.getCurrentDirectory(),
 				baseDir = OC.basename(targetDir);
 

diff --git a/apps/files/tests/js/filelistSpec.js b/apps/files/tests/js/filelistSpec.js
@@ -1323,13 +1323,32 @@ describe('OCA.Files.FileList tests', function() {
 			fileList.changeDirectory('/another\\subdir');
 			expect(fileList.getCurrentDirectory()).toEqual('/another/subdir');
 		});
-		it('converts backslashes to slashes and removes traversals when calling changeDirectory()', function() {
-			fileList.changeDirectory('/another\\subdir/../foo\\../bar\\..\\file/..\\folder/../');
-			expect(fileList.getCurrentDirectory()).toEqual('/another/subdir/foo/bar/file/folder/');
+		it('switches to root dir when current directory is invalid', function() {
+			_.each([
+				'..',
+				'/..',
+				'../',
+				'/../',
+				'/../abc',
+				'/abc/..',
+				'/abc/../',
+				'/../abc/',
+				'/another\\subdir/../foo\\../bar\\..\\file/..\\folder/../'
+			], function(path) {
+				fileList.changeDirectory(path);
+				expect(fileList.getCurrentDirectory()).toEqual('/');
+			});
 		});
-		it('does not convert folders with a ".." in the name', function() {
-			fileList.changeDirectory('/abc../def');
-			expect(fileList.getCurrentDirectory()).toEqual('/abc../def');
+		it('allows paths with dotdot at the beginning or end', function() {
+			_.each([
+				'/..abc',
+				'/def..',
+				'/...',
+				'/abc../def'
+			], function(path) {
+				fileList.changeDirectory(path);
+				expect(fileList.getCurrentDirectory()).toEqual(path);
+			});
 		});
 		it('switches to root dir when current directory does not exist', function() {
 			fileList.changeDirectory('/unexist');

diff --git a/apps/files_versions/lib/storage.php b/apps/files_versions/lib/storage.php
@@ -644,7 +644,7 @@ protected static function getAutoExpireList($time, $versions) {
 						//distance between two version too small, mark to delete
 						$toDelete[$key] = $version['path'] . '.v' . $version['version'];
 						$size += $version['size'];
-						\OCP\Util::writeLog('files_versions', 'Mark to expire '. $version['path'] .' next version should be ' . $nextVersion . " or smaller. (prevTimestamp: " . $prevTimestamp . "; step: " . $step, \OCP\Util::DEBUG);
+						\OCP\Util::writeLog('files_versions', 'Mark to expire '. $version['path'] .' next version should be ' . $nextVersion . " or smaller. (prevTimestamp: " . $prevTimestamp . "; step: " . $step, \OCP\Util::INFO);
 					} else {
 						$nextVersion = $version['version'] - $step;
 						$prevTimestamp = $version['version'];
@@ -765,7 +765,7 @@ public static function expire($filename) {
 				self::deleteVersion($versionsFileview, $path);
 				\OC_Hook::emit('\OCP\Versions', 'delete', array('path' => $path, 'trigger' => self::DELETE_TRIGGER_QUOTA_EXCEEDED));
 				unset($allVersions[$key]); // update array with the versions we keep
-				\OCP\Util::writeLog('files_versions', "Expire: " . $path, \OCP\Util::DEBUG);
+				\OCP\Util::writeLog('files_versions', "Expire: " . $path, \OCP\Util::INFO);
 			}
 
 			// Check if enough space is available after versions are rearranged.
@@ -781,7 +781,7 @@ public static function expire($filename) {
 				\OC_Hook::emit('\OCP\Versions', 'preDelete', array('path' => $version['path'].'.v'.$version['version'], 'trigger' => self::DELETE_TRIGGER_QUOTA_EXCEEDED));
 				self::deleteVersion($versionsFileview, $version['path'] . '.v' . $version['version']);
 				\OC_Hook::emit('\OCP\Versions', 'delete', array('path' => $version['path'].'.v'.$version['version'], 'trigger' => self::DELETE_TRIGGER_QUOTA_EXCEEDED));
-				\OCP\Util::writeLog('files_versions', 'running out of space! Delete oldest version: ' . $version['path'].'.v'.$version['version'] , \OCP\Util::DEBUG);
+				\OCP\Util::writeLog('files_versions', 'running out of space! Delete oldest version: ' . $version['path'].'.v'.$version['version'] , \OCP\Util::INFO);
 				$versionsSize -= $version['size'];
 				$availableSpace += $version['size'];
 				next($allVersions);

diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
@@ -228,6 +228,11 @@ public function userExistsOnLDAP($user) {
 					return false;
 				}
 				$newDn = $this->access->getUserDnByUuid($uuid);
+				//check if renamed user is still valid by reapplying the ldap filter
+				if(!is_array($this->access->readAttribute($newDn, '', $this->access->connection->ldapUserFilter))) {
+					return false;
+				}
+
 				$this->access->getUserMapper()->setDNbyUUID($newDn, $uuid);
 				return true;
 			} catch (\Exception $e) {

diff --git a/build/integration/features/sharing-v1.feature b/build/integration/features/sharing-v1.feature
@@ -26,6 +26,21 @@ Feature: sharing
     Then the OCS status code should be "100"
     And the HTTP status code should be "200"
 
+  Scenario: Creating a new share with user who already received a share through their group
+    Given As an "admin"
+    And user "user0" exists
+    And user "user1" exists
+    And group "sharing-group" exists
+    And user "user1" belongs to group "sharing-group"
+    And file "welcome.txt" of user "user0" is shared with group "sharing-group"
+    And As an "user0"
+    Then sending "POST" to "/apps/files_sharing/api/v1/shares" with
+      | path | welcome.txt |
+      | shareWith | user1 |
+      | shareType | 0 |
+    Then the OCS status code should be "100"
+    And the HTTP status code should be "200"
+
   Scenario: Creating a new public share
     Given user "user0" exists
     And As an "user0"

diff --git a/core/command/encryption/decryptall.php b/core/command/encryption/decryptall.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Björn Schießle <bjoern@schiessle.org>
  * @author Joas Schilling <nickvergessen@owncloud.com>
  *
  * @copyright Copyright (c) 2016, ownCloud, Inc.
@@ -111,7 +111,8 @@ protected function configure() {
 		$this->addArgument(
 			'user',
 			InputArgument::OPTIONAL,
-			'user for which you want to decrypt all files (optional)'
+			'user for which you want to decrypt all files (optional)',
+			''
 		);
 	}
 
@@ -127,8 +128,15 @@ protected function execute(InputInterface $input, OutputInterface $output) {
 				return;
 			}
 
+			$uid = $input->getArgument('user');
+			if ($uid === '') {
+				$message = 'your Nextcloud';
+			} else {
+				$message = "$uid's account";
+			}
+
 			$output->writeln("\n");
-			$output->writeln('You are about to start to decrypt all files stored in your Nextcloud.');
+			$output->writeln("You are about to start to decrypt all files stored in $message.");
 			$output->writeln('It will depend on the encryption module and your setup if this is possible.');
 			$output->writeln('Depending on the number and size of your files this can take some time');
 			$output->writeln('Please make sure that no user access his files during this process!');
@@ -140,6 +148,7 @@ protected function execute(InputInterface $input, OutputInterface $output) {
 				$result = $this->decryptAll->decryptAll($input, $output, $user);
 				if ($result === false) {
 					$output->writeln(' aborted.');
+					$output->writeln('Server side encryption remains enabled');
 					$this->config->setAppValue('core', 'encryption_enabled', 'yes');
 				}
 				$this->resetSingleUserAndTrashbin();

diff --git a/lib/private/encryption/decryptall.php b/lib/private/encryption/decryptall.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * @author Björn Schießle <schiessle@owncloud.com>
+ * @author Björn Schießle <bjoern@schiessle.org>
  *
  * @copyright Copyright (c) 2016, ownCloud, Inc.
  * @license AGPL-3.0
@@ -80,7 +80,7 @@ public function decryptAll(InputInterface $input, OutputInterface $output, $user
 		$this->input = $input;
 		$this->output = $output;
 
-		if (!empty($user) && $this->userManager->userExists($user) === false) {
+		if ($user !== '' && $this->userManager->userExists($user) === false) {
 			$this->output->writeln('User "' . $user . '" does not exist. Please check the username and try again');
 			return false;
 		}
@@ -133,14 +133,15 @@ protected function prepareEncryptionModules($user) {
 
 	/**
 	 * iterate over all user and encrypt their files
+	 *
 	 * @param string $user which users files should be decrypted, default = all users
 	 */
 	protected function decryptAllUsersFiles($user = '') {
 
 		$this->output->writeln("\n");
 
 		$userList = [];
-		if (empty($user)) {
+		if ($user === '') {
 
 			$fetchUsersProgress = new ProgressBar($this->output);
 			$fetchUsersProgress->setFormat(" %message% \n [%bar%]");
@@ -200,9 +201,9 @@ protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) {
 
 		$this->setupUserFS($uid);
 		$directories = array();
-		$directories[] =  '/' . $uid . '/files';
+		$directories[] = '/' . $uid . '/files';
 
-		while($root = array_pop($directories)) {
+		while ($root = array_pop($directories)) {
 			$content = $this->rootView->getDirectoryContent($root);
 			foreach ($content as $file) {
 				$path = $root . '/' . $file['name'];
@@ -213,9 +214,14 @@ protected function decryptUsersFiles($uid, ProgressBar $progress, $userCount) {
 					try {
 						$progress->setMessage("decrypt files for user $userCount: $path");
 						$progress->advance();
-						if ($this->decryptFile($path) === false) {
+						if ($file->isEncrypted() === false) {
 							$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
 							$progress->advance();
+						} else {
+							if ($this->decryptFile($path) === false) {
+								$progress->setMessage("decrypt files for user $userCount: $path (already decrypted)");
+								$progress->advance();
+							}
 						}
 					} catch (\Exception $e) {
 						if (isset($this->failed[$uid])) {

diff --git a/lib/private/helper.php b/lib/private/helper.php
@@ -221,7 +221,9 @@ static function rmdirr($dir, $deleteSelf = true) {
 
 			foreach ($files as $fileInfo) {
 				/** @var SplFileInfo $fileInfo */
-				if ($fileInfo->isDir()) {
+				if ($fileInfo->isLink()) {
+					unlink($fileInfo->getPathname());
+				} else if ($fileInfo->isDir()) {
 					rmdir($fileInfo->getRealPath());
 				} else {
 					unlink($fileInfo->getRealPath());

diff --git a/lib/private/share20/manager.php b/lib/private/share20/manager.php
@@ -507,6 +507,24 @@ public function createShare(\OCP\Share\IShare $share) {
 
 		$this->generalCreateChecks($share);
 
+		// Verify if there are any issues with the path
+		$this->pathCreateChecks($share->getNode());
+
+		/*
+		 * On creation of a share the owner is always the owner of the path
+		 * Except for mounted federated shares.
+		 */
+		$storage = $share->getNode()->getStorage();
+		if ($storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
+			$parent = $share->getNode()->getParent();
+			while($parent->getStorage()->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
+				$parent = $parent->getParent();
+			}
+			$share->setShareOwner($parent->getOwner()->getUID());
+		} else {
+			$share->setShareOwner($share->getNode()->getOwner()->getUID());
+		}
+
 		//Verify share type
 		if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER) {
 			$this->userCreateChecks($share);
@@ -540,24 +558,6 @@ public function createShare(\OCP\Share\IShare $share) {
 			}
 		}
 
-		// Verify if there are any issues with the path
-		$this->pathCreateChecks($share->getNode());
-
-		/*
-		 * On creation of a share the owner is always the owner of the path
-		 * Except for mounted federated shares.
-		 */
-		$storage = $share->getNode()->getStorage();
-		if ($storage->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
-			$parent = $share->getNode()->getParent();
-			while($parent->getStorage()->instanceOfStorage('OCA\Files_Sharing\External\Storage')) {
-				$parent = $parent->getParent();
-			}
-			$share->setShareOwner($parent->getOwner()->getUID());
-		} else {
-			$share->setShareOwner($share->getNode()->getOwner()->getUID());
-		}
-
 		// Cannot share with the owner
 		if ($share->getShareType() === \OCP\Share::SHARE_TYPE_USER &&
 			$share->getSharedWith() === $share->getShareOwner()) {