• last updated 1 hour ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Make service contract implementation private and replace foreign occurrences

    • -10
    • +37
    ./tcl/file-storage-dav-procs.tcl
  1. … 1 more file in changeset.
Whitespace changes

    • -17
    • +17
    ./tcl/file-storage-dav-procs.tcl
Make service contract implementation private: they are not meant to be invoked directly

    • -14
    • +14
    ./tcl/file-storage-dav-procs.tcl
Make service contract implementations private

Whitespace cleanup

Deprecate twt::user::create and twt::user::delete, superseded by their acs::test::user:: counterparts

  1. … 11 more files in changeset.
Fix self-inflicted bug: one should indeed be able to specify the same form var multiple time, test the behavior for the future

  1. … 2 more files in changeset.
Reimplement upload automated test using a real multipart request, as newer naviserver will reject handcrafted .tmpfile parameters

Bring test closer to reality

Test the behavior of the file-storage when a malicious user would try to store a pre-existing file on the server as its own

The fix for the file-storage is a simple validation to make sure that the tmpfile exists, however, for the generic case of the file widget, we cannot trust the tmpfile value when this was not generated by the server. This will probably cause regression when one wants to show a "preview" of a form, to be continued.

    • -1
    • +121
    ./tcl/test/file-storage-procs.tcl
  1. … 1 more file in changeset.
Whitespace cleanup

acs::test::user::delete: added flag -delete_created_acs_objects and fix regression test for file-storage

  1. … 4 more files in changeset.
Prevent names made only of invalid characters to end up null after sanitization, as done in other UIs in this package

improve validation

provide missing value for inform widget

improve validation

Make use of util::file_content_check and check also in other cases

This change also covers the case, where the checkmark for uploading

zip files was added marked in "upload file". It will also report

errors which were silently swalled before.

Bumped version number to 5.10.1d1

provide value attribute

added validator for zip files

Fixes for Oracle 19c: more fixes of handling of Boolean values

Fixes for Oracle 19c: fix broken variable references (introduced in oacs-5-9)

Fixes for Oracle 19c: added missing SQL package declaration

    • -1
    • +147
    ./sql/oracle/file-storage-package-create.sql
Don't try to deliver files that do not have any live revision

Fix typo

Restrict more the kind of items that can pass through the initial check

ad_conn provides since a long time a fallback when the package_id is queried outside of a connection context, hence no need for these concerning catches

Make fs::get_file_package_id more robust to cases where the package_id is not set on the object itself: climb up the hierarchy

Deprecate template::util::tcl_to_sql_list, completely replaced by ns_dbquotelist, a native NaviServer command

  1. … 15 more files in changeset.
Fix typo

Similar to the folder-create script, complain if the filename turns out empty after sanitizing