Signed-off-by: Joas Schilling <coding@schilljs.com>

%2\$; is not valid. On php7 this is just ignored but on php8 it gives an
error. %2\$s; works.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

And then cleanup all the code that is dead then...

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Robin Appelman <robin@icewind.nl>

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>

[encryption] Remove dependency fetching inside the constructor and move them to method call parameters

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: medcloud <42641918+medcloud@users.noreply.github.com>

frame-ancestors doesn't fall back to default-src. So when we apply a
very restricted CSP we should make sure to set it to 'none' and not
leave it empty.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

This is not the end. IRouter needs to burn.
But it is a start.

 we didn't start the fire 



Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Signed-off-by: Robin Appelman <robin@icewind.nl>

They were copied and adjusted as needed from the tests for
"validateExpirationDate".

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

This shows in a clearer way that the expected expiration date is the
original one, but without time.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

This adds back what was being actually tested in the unit test fixed in
the previous commit.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

The expiration date was explicitly given, so it was not testing what it
should. Moreover, "link_defaultExpDays" needs to be mapped when testing
the default value (even if it will just fallback to the value of
"shareapi_expire_after_n_days").

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

The enforced expiration date was not actually enabled, as for that
"shareapi_default_expire_date" needs to be explicitly set to "yes".

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

The test should fail if no exception was thrown, and no exception was
thrown due to a missing configuration parameter. However, the use of
"addToAssertionCount(1)" made the test pass even if no exception was
thrown and, therefore, to silently fail.

Now the missing configuration parameter was added and the test will fail
if the expected exception is not thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

Signed-off-by: Joas Schilling <coding@schilljs.com>

Signed-off-by: Morris Jobke <hey@morrisjobke.de>

* removes the ability for users to import their own certificates (for external storage)
* reliably returns the same certificate bundles system wide (and not depending on the user context and available sessions)

The user specific certificates were broken in some cases anyways, as they are only loaded if the specific user is logged in and thus causing unexpected behavior for background jobs and other non-user triggered code paths.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>