From 27eee083f4a31ad7a68eca605084c07a4a486e67 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 09:21:26 +0200 Subject: [PATCH 01/10] adds clean uploads to the cron tests instead of relieing on files that are already there --- tests/functionality-sequential.bats | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/tests/functionality-sequential.bats b/tests/functionality-sequential.bats index 1e50d711..4844b69b 100644 --- a/tests/functionality-sequential.bats +++ b/tests/functionality-sequential.bats @@ -4,6 +4,7 @@ FOLDER_PREFIX=./tmp/functionality-sequential TESTUSER=testuser TESTUSER_PASSWORD=myfancysecurepassword234 EICAR_STRING='X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' +CLEAN_STRING='nothingwronghere' setup_file() { mkdir -p $FOLDER_PREFIX/ @@ -26,20 +27,22 @@ setup_file() { docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="WRONG_PASSWORD" echo $EICAR_STRING | curl --silent -w "%{http_code}" -u admin:admin -T - http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.eicar.com.txt curl --silent -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/pup.exe http://127.0.0.1/remote.php/dav/files/admin/admin.pup.exe + echo $CLEAN_STRING | curl --silent -w "%{http_code}" -u admin:admin -T - http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.clean.txt docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET" docker exec -i --user www-data nextcloud-container php occ gdatavaas:tag-unscanned docker exec -i --user www-data nextcloud-container php occ gdatavaas:scan - LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "admin.functionality-sequential.eicar.com.txt|Readme.md|admin.pup.exe" ) + LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "admin.functionality-sequential.eicar.com.txt|admin.functionality-sequential.clean.txt|admin.pup.exe" ) curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.eicar.com.txt curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.pup.exe + curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.clean.txt [[ $LOGS =~ ^.*admin.functionality-sequential.eicar.com.txt.*Verdict:.*Malicious ]] [[ $LOGS =~ ^.*admin.pup.exe.*Verdict:.*Pup ]] - [[ $LOGS =~ ^.*Readme.md.*Verdict:.*Clean ]] + [[ $LOGS =~ ^.*admin.functionality-sequential.clean.txt.*Verdict:.*Clean ]] } @test "test croned scan for testuser files" { @@ -47,19 +50,23 @@ setup_file() { echo $EICAR_STRING |curl --silent -w "%{http_code}" -u $TESTUSER:$TESTUSER_PASSWORD -T - http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.functionality-sequential.eicar.com.txt curl --silent -w "%{http_code}" -u $TESTUSER:$TESTUSER_PASSWORD -T $FOLDER_PREFIX/pup.exe http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.pup.exe + echo $CLEAN_STRING |curl --silent -w "%{http_code}" -u $TESTUSER:$TESTUSER_PASSWORD -T - http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.functionality-sequential.clean.txt docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET" docker exec -i --user www-data nextcloud-container php occ gdatavaas:tag-unscanned docker exec -i --user www-data nextcloud-container php occ gdatavaas:scan - LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "$TESTUSER.functionality-sequential.eicar.com.txt|$TESTUSER.pup.exe") + LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "$TESTUSER.functionality-sequential.eicar.com.txt|$TESTUSER.functionality-sequential.clean.txt|$TESTUSER.pup.exe") curl --silent -q -u $TESTUSER:$TESTUSER_PASSWORD -X DELETE http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.functionality-sequential.eicar.com.txt curl --silent -q -u $TESTUSER:$TESTUSER_PASSWORD -X DELETE http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.pup.exe + curl --silent -q -u $TESTUSER:$TESTUSER_PASSWORD -X DELETE http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.functionality-sequential.clean.txt [[ $LOGS =~ ^.*$TESTUSER.functionality-sequential.eicar.com.txt.*Verdict:.*Malicious ]] [[ $LOGS =~ ^.*$TESTUSER.pup.exe.*Verdict:.*Pup ]] + [[ $LOGS =~ ^.*$TESTUSER.functionality-sequential.clean.txt.*Verdict:.*Clean ]] + } tearddown_file() { From 0d4882c28b7d5b948af378a8d6e7579f201b4202 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 10:21:09 +0200 Subject: [PATCH 02/10] use log:tail instead of cat the logfile --- tests/functionality-sequential.bats | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/functionality-sequential.bats b/tests/functionality-sequential.bats index 4844b69b..8241b2e5 100644 --- a/tests/functionality-sequential.bats +++ b/tests/functionality-sequential.bats @@ -34,7 +34,7 @@ setup_file() { docker exec -i --user www-data nextcloud-container php occ gdatavaas:tag-unscanned docker exec -i --user www-data nextcloud-container php occ gdatavaas:scan - LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "admin.functionality-sequential.eicar.com.txt|admin.functionality-sequential.clean.txt|admin.pup.exe" ) + LOGS=$(docker exec --user www-data -i nextcloud-container php occ log:tail -nr 5000 | egrep "admin.functionality-sequential.eicar.com.txt|admin.functionality-sequential.clean.txt|admin.pup.exe" ) curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.eicar.com.txt curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.pup.exe @@ -57,7 +57,7 @@ setup_file() { docker exec -i --user www-data nextcloud-container php occ gdatavaas:tag-unscanned docker exec -i --user www-data nextcloud-container php occ gdatavaas:scan - LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "$TESTUSER.functionality-sequential.eicar.com.txt|$TESTUSER.functionality-sequential.clean.txt|$TESTUSER.pup.exe") + LOGS=$(docker exec --user www-data -i nextcloud-container php occ log:tail -nr 5000 | egrep "$TESTUSER.functionality-sequential.eicar.com.txt|$TESTUSER.functionality-sequential.clean.txt|$TESTUSER.pup.exe") curl --silent -q -u $TESTUSER:$TESTUSER_PASSWORD -X DELETE http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.functionality-sequential.eicar.com.txt curl --silent -q -u $TESTUSER:$TESTUSER_PASSWORD -X DELETE http://127.0.0.1/remote.php/dav/files/$TESTUSER/$TESTUSER.pup.exe From 77a10c757654ca26ffdea5383fc4483ef6fa9fa3 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 10:53:44 +0200 Subject: [PATCH 03/10] always set client_secret (you never know if the tests are running one by one) --- tests/functionality-parallel.bats | 1 + tests/functionality-sequential.bats | 2 ++ 2 files changed, 3 insertions(+) diff --git a/tests/functionality-parallel.bats b/tests/functionality-parallel.bats index 17f3b361..69292efd 100755 --- a/tests/functionality-parallel.bats +++ b/tests/functionality-parallel.bats @@ -10,6 +10,7 @@ setup_file() { mkdir -p $FOLDER_PREFIX curl --output $FOLDER_PREFIX/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe docker exec --env OC_PASS=$TESTUSER_PASSWORD --user www-data nextcloud-container php occ user:add $TESTUSER --password-from-env || echo "already exists" + docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET" sleep 2 } diff --git a/tests/functionality-sequential.bats b/tests/functionality-sequential.bats index 8241b2e5..2ddd44f9 100644 --- a/tests/functionality-sequential.bats +++ b/tests/functionality-sequential.bats @@ -10,6 +10,8 @@ setup_file() { mkdir -p $FOLDER_PREFIX/ curl --output $FOLDER_PREFIX/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe docker exec --env OC_PASS=$TESTUSER_PASSWORD --user www-data nextcloud-container php occ user:add $TESTUSER --password-from-env || echo "already exists" + + docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET" BATS_NO_PARALLELIZE_WITHIN_FILE=true } From 20288d2362c57cb1a0c36ededab02010a27282fd Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 12:14:07 +0200 Subject: [PATCH 04/10] an empty skeleton directory will make the tests faster the con test do tag all files and then scan all files with this change only the files from the test are actually processed because no sekeleton files are present --- empty-skeleton.config.php | 4 ++++ install.sh | 19 +++++++++++++++---- 2 files changed, 19 insertions(+), 4 deletions(-) create mode 100644 empty-skeleton.config.php diff --git a/empty-skeleton.config.php b/empty-skeleton.config.php new file mode 100644 index 00000000..39b74bc2 --- /dev/null +++ b/empty-skeleton.config.php @@ -0,0 +1,4 @@ + '', +); \ No newline at end of file diff --git a/install.sh b/install.sh index 3eb24ba3..5d65a18d 100755 --- a/install.sh +++ b/install.sh @@ -8,11 +8,25 @@ setup_nextcloud () { sleep 1 docker run -d --name nextcloud-container --rm --publish 80:80 nextcloud:28 + until docker exec --user www-data -i nextcloud-container php occ status | grep "installed: false" + do + echo "waiting for nextcloud to be initialized" + sleep 2 + done + + echo "copy config for empty skeleton" + docker cp ./empty-skeleton.config.php nextcloud-container:/var/www/html/config/config.php + docker exec -i nextcloud-container chown www-data:www-data /var/www/html/config/config.php + until docker exec --user www-data -i nextcloud-container php occ maintenance:install --admin-user=admin --admin-pass=admin | grep "Nextcloud was successfully installed" do - echo "Trying installation" + echo "waiting for installation to finish" sleep 2 done + + docker exec --user www-data -i nextcloud-container php occ log:manage --level DEBUG + docker exec --user www-data -i nextcloud-container php occ app:disable firstrunwizard + echo "setup nextcloud finished" } @@ -47,7 +61,4 @@ docker exec --user www-data -i nextcloud-container php occ config:app:set gdatav docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas autoScanFiles --value=true docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas scanQueueLength --value=100 -docker exec --user www-data -i nextcloud-container php occ log:manage --level DEBUG -docker exec --user www-data -i nextcloud-container php occ app:disable firstrunwizard - source install.local || echo "No additional install script found." From 4f5b544a3f2018e40ecb329a3aa34b931bee80a4 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 12:38:18 +0200 Subject: [PATCH 05/10] fixes security issues --- package.json | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/package.json b/package.json index 577cd0bf..9b687485 100644 --- a/package.json +++ b/package.json @@ -39,5 +39,11 @@ "@nextcloud/eslint-config": "^8.4.1", "@nextcloud/stylelint-config": "^3.0.1", "@nextcloud/webpack-vue-config": "^6.0.1" + }, + "overrides": { + "@nextcloud/webpack-vue-config": { + "webpack-dev-server": "^5.0.2", + "vue-loader": "17.4.2" + } } } \ No newline at end of file From 8df97317635e0cd64088dd990ed2d7b7a318d8cb Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 12:44:34 +0200 Subject: [PATCH 06/10] ran `npm run stylelint:fix` * also merged the 2 `input.toggle-round + label` selectors as suggested by stylelint:fix --- css/style.css | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/css/style.css b/css/style.css index 73649f4d..063c948b 100644 --- a/css/style.css +++ b/css/style.css @@ -6,7 +6,11 @@ a { color: blue; } -input[type=text], input[type=password], input[type=email], input[type=number], select { +input[type=text], +input[type=password], +input[type=email], +input[type=number], +select { width: 70%; margin: 8px 0 8px 50px; display: inline-block; @@ -16,19 +20,16 @@ input[type=text], input[type=password], input[type=email], input[type=number], s } input.toggle-round { - display:none; + display: none; } -input.toggle-round + label { +input.toggle-round+label { display: block; position: relative; cursor: pointer; margin-right: 20px; margin-top: 5px; margin-bottom: 5px; -} - -input.toggle-round + label { padding: 1px; width: 60px; height: 30px; @@ -37,22 +38,23 @@ input.toggle-round + label { border: 1px solid #ccc; } -input.toggle-round + label:after { +input.toggle-round+label:after { display: block; position: absolute; content: ""; - width: 25px; height: 25px; + width: 25px; + height: 25px; background-color: white; border-radius: 100%; box-shadow: 0 2px 3px #888; transition: margin 0.5s; } -input.toggle-round:checked + label { +input.toggle-round:checked+label { background-color: #9bd1e3; } -input.toggle-round:checked + label:after { +input.toggle-round:checked+label:after { margin-left: 30px; } @@ -62,4 +64,4 @@ input.toggle-round:checked + label:after { #advanced_buttons:hover { background-color: inherit; -} +} \ No newline at end of file From e7047d2be0fe623717e545caf1af6d8fa6e201f6 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 12:45:15 +0200 Subject: [PATCH 07/10] as we have no configuratioh for eslint i also removed the scripts --- package.json | 2 -- 1 file changed, 2 deletions(-) diff --git a/package.json b/package.json index 9b687485..a3c3d55e 100644 --- a/package.json +++ b/package.json @@ -14,8 +14,6 @@ "dev": "webpack --node-env development --progress", "watch": "webpack --node-env development --progress --watch", "serve": "webpack --node-env development serve --progress", - "lint": "eslint --ext .js,.vue src", - "lint:fix": "eslint --ext .js,.vue src --fix", "stylelint": "stylelint css/*.css css/*.scss src/**/*.scss src/**/*.vue", "stylelint:fix": "stylelint css/*.css css/*.scss src/**/*.scss src/**/*.vue --fix" }, From d7377bcf90c6f02dc2e9bdd11856f340783b3e7a Mon Sep 17 00:00:00 2001 From: Lennart Dohmann Date: Thu, 13 Jun 2024 11:31:40 +0200 Subject: [PATCH 08/10] Update composer.json Downgrade symfony --- composer.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 1dcbb4da..a8705ab7 100644 --- a/composer.json +++ b/composer.json @@ -16,7 +16,7 @@ "nextcloud/ocp": "dev-stable28", "psalm/phar": "5.24.0", "nextcloud/coding-standard": "v1.2.1", - "symfony/console": "v7.1.1" + "symfony/console": "v6.4.8" }, "scripts": { "lint": "find lib -name \\*.php -not -path './vendor/*' -print0 | xargs -0 -n1 php -l", @@ -34,4 +34,4 @@ "php": "8.1" } } -} \ No newline at end of file +} From 326de78ea964537619f9b8cf371cf718a2b0c1ce Mon Sep 17 00:00:00 2001 From: "Simonis, Matthias" Date: Thu, 13 Jun 2024 11:10:46 +0000 Subject: [PATCH 09/10] install stylelint into devcontainer --- .devcontainer/devcontainer.json | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 251c7cb5..a5058941 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -16,12 +16,13 @@ "vscode": { "extensions": [ "CharlieGerard.pride-vscode-themes", - "junstyle.php-cs-fixer" + "junstyle.php-cs-fixer", + "stylelint.vscode-stylelint" ] } }, // Use 'postCreateCommand' to run commands after the container is created. - "postCreateCommand": "make build && composer install", + "postStartCommand": "make build && composer install", "features": { "ghcr.io/devcontainers/features/node:1": {}, "ghcr.io/edouard-lopez/devcontainer-features/bats:0": {} From 505047bebac5e47fb8d03923fce03eb1072937a6 Mon Sep 17 00:00:00 2001 From: unglaublicherdude Date: Thu, 13 Jun 2024 13:38:53 +0200 Subject: [PATCH 10/10] revert the package.json stuff --- package.json | 6 ------ 1 file changed, 6 deletions(-) diff --git a/package.json b/package.json index a3c3d55e..bae81711 100644 --- a/package.json +++ b/package.json @@ -37,11 +37,5 @@ "@nextcloud/eslint-config": "^8.4.1", "@nextcloud/stylelint-config": "^3.0.1", "@nextcloud/webpack-vue-config": "^6.0.1" - }, - "overrides": { - "@nextcloud/webpack-vue-config": { - "webpack-dev-server": "^5.0.2", - "vue-loader": "17.4.2" - } } } \ No newline at end of file