Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

10.0.8RC1/2/3 - Changelog Testing #31098

Closed
27 of 29 tasks
patrickjahns opened this issue Apr 12, 2018 · 48 comments
Closed
27 of 29 tasks

10.0.8RC1/2/3 - Changelog Testing #31098

patrickjahns opened this issue Apr 12, 2018 · 48 comments
Assignees
Milestone

Comments

@patrickjahns
Copy link
Contributor

patrickjahns commented Apr 12, 2018

Changelog for 10.0.8. Summary

Summary of the complete Changelog: https://github.com/owncloud/core/blob/stable10/CHANGELOG.md

This summary has a QA purpose.

Added

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 13, 2018

Changed

Library updates

  • Bump PHP to 5.6.33 in composer - #30403
  • Bump phpseclib/phpseclib from 2.0.3 to 2.0.10 - #30052 #30537
  • Bump phpunit and symfony/translation to match master - #30410
  • Bump guzzlehttp/guzzle from 5.3.1 to 5.3.2 - #30217
  • Bump lukasreschke/id3parser from 0.0.1 to 0.0.3 - #30085
  • Bump symfony to 3.4.5 - #30689
  • Bump symfony/translation from 3.2.4 to 3.3.16 - #30380
  • Bump latest symfony and sabre/vobject point versions - #30266
  • Bump karma from 1.5.0 to 2.0.0 in /build - #30050
  • Bump punic/punic from 1.6.5 to 3.1.0 - #30550
  • Bump symfony to 3.4.6 and Sabre vobject to 4.1.5 - #30768
  • Bump sabre/http from 4.2.3 to v4.2.4 - #30599
  • Bump jakub-onderka/php-parallel-lint from 0.9.2 to 1.0.0 - #30626
  • Bump behat/mink-extension from 2.3.0 to 2.3.1 - #30706
  • Bump league/flysystem from 1.0.42 to 1.0.43 - #30704
  • Update composer in stable10 with versions as at 2018-02-07 - #30390

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 13, 2018

Fixes

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 13, 2018

Removed

@IljaN
Copy link
Member

IljaN commented Apr 13, 2018

To test checksum repair command, upload a file and then manually modify checksum column in oc_filecache to something else.

More notes here: owncloud-archive/documentation#4014

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 15, 2018

⚠️ Critical / Auth / Security related ⚠️

Fixxed

  • Refactored metadata sync code to unify behavior across all login methods - #30638
    • Properly create a session for a pure token based request, fixed oauth2 issues - #30542
  • Catch session unavailable exception - #30347 #30623
  • Fixing logout for app password scenario - #30591 [*] @IljaN [ ] @patrickjahns
  • Proper HTTP status code on login exception - #30639 @patrickjahns + 🤖 (api tests cover this scenario as well )
  • Fix some CSRF issues on Webdav endpoint by only checking for POST method - #30358 @IljaN
  • Adding a system configuration for global CORS domains - #30906
  • Better label for CORS in settings section - #30663
  • Allow regular users to change their CORS domains - #30649
  • Remove implicit login in base.php to remove bogus "Login failed" logs - #30814
  • Initialize root folder service later to fix user backend registration order issue - #30810
    • @voroyam has tested it with the initial issue that caused the error and confirmed it is now fixed
  • Check apache auth on login form - #31074
    @patrickjahns - checked and tested with upcoming user_ldap app
  • Check basic auth credentials periodically after a timeout instead of … - #31076 @patrickjahns
  • Polish totp middleware a little - #30849 @phil-davis
  • Fix CORS OPTIONS request for unauthenticated requests - #30912
  • Validate system path data used in findBinaryPath - #30061 @settermjd unit tests are enough
  • Properly filter link share email parameters - #30165

@patrickjahns patrickjahns added this to the QA milestone Apr 15, 2018
@DeepDiver1975
Copy link
Member

Removed private oc_current_user Javascript variable - #30486 #30556

We had a regression in calendar which was resolved already owncloud/calendar#884

@patrickjahns
Copy link
Contributor Author

@DeepDiver1975 @PVince81
Can we put this in "developer" release notes - so third party developers will know about this change ?

@pako81
Copy link

pako81 commented Apr 16, 2018

@patrickjahns Tested:

Fix validation for new encryption storage key location - #30357

Works perfectly. Please go ahead and tick the checkbox

@jvillafanez
Copy link
Member

Added repair step to fix orphaned reshares

Currently untested with oracle... any chance to test it with it? I haven't found easy support to test it with oracle.
I'm marking as passed as it works fine for mysql and postgresql, although the performance looks scary for large datasets on first sight. I'm not sure how fast it will behave or if we can do something about it.

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 16, 2018

@jvillafanez
docker run -p 1521:1521 deepdiver/docker-oracle-xe-11g - then you have oracle.

If you need a container with oracle php modules - you can use https://hub.docker.com/r/owncloudci/php/tags

Note:

with the oracle container above - database username is autotest - database password is owncloud and database is XE - ref: https://github.com/owncloud/core/blob/master/tests/drone/install-server.sh

@PVince81
Copy link
Contributor

Can we put this in "developer" release notes - so third party developers will know about this change ?

This was never supposed to be public API but people still used this.

We can add a note in the regular release notes as we don't have developer release notes.

@PVince81
Copy link
Contributor

Tested "Fixed regression where a user could not set own email address in the settings page - #30319"

  • TEST: email can be saved when opening confirmation link while being logged in
  • TEST: email can be saved when opening confirmation link while being logged out then logging in
  • TEST: correct error when opening confirmation link as the wrong user

@PVince81
Copy link
Contributor

PVince81 commented Apr 16, 2018

Tested "Set empty authtoken names to 'none' as empty is not allowed any more - #30908"

  • TEST: Setup OC 10.0.4, created two app tokens, one with no name and one with a name, upgrade to 10.0.8RC1 => both tokens still work => DB contains "(none)" for the formerly unnamed token

@PVince81
Copy link
Contributor

Ticked "Added config.php option to select apps to ignore missing signature file (mostly for themes)" as Confirmed by @thommierother #30891 (comment)

@PVince81
Copy link
Contributor

Tested "Guide users to also check spelling for typos in federated share id - #30355" => with failure: no_entry missing code path #30159 (comment) (would consider "known issue" as it's minor)

@PVince81
Copy link
Contributor

Tested "Added user:modify command to core - #30652" => works changing display name and email

@PVince81
Copy link
Contributor

Tested "Fix failure of shares which are already moved with transfer ownership - #30161", not working 100% as expected, raised bug #31150

@mmattel
Copy link
Contributor

mmattel commented Apr 17, 2018

Added:
Configurable minimum characters before autocomplete user searches #30798

@PVince81
Copy link
Contributor

Found bug "Public link share name length check is inaccurate": #31157

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Better label for CORS in settings section - #30663 -> OK!

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Allow regular users to change their CORS domains - #30649 -> OK!

Tested by setting custom Origin header in curl for ocs requests. If origin matched the whitelisted origin, correct CORS headers are present. CORS-Whitelists are isolated between different users.

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Adding a system configuration for global CORS domains - #30906 -> OK!

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Fix CORS OPTIONS request for unauthenticated requests - #30912 -> OK!

OPTIONS with "Access-Control-Request-Method" header returns 200 on un-authenticated ocs-api request.

@PVince81
Copy link
Contributor

Failed Test "Make theming work when theme app is outside the ownCloud root - #30477" and failed, raised #31170

@PVince81
Copy link
Contributor

Added "regression test retention / trashbin expiration" checkbox as the fix of the matching item moves more code around and does more than just fixing the issue.

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Keep null in getMetaData in Checksum storage wrapper, fixes some files:scan scenarios #30302 -> OK!

Filescan does not crash on unreadable local and ext-storage files.

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Tested: Fixing logout for app password scenario - #30591 -> OK!

No login failed messages in log when logging in with app password.

@voroyam Can you please test app-password login in combination with ldap? No "Login-Failed" Messages should appear in the log.

@IljaN
Copy link
Member

IljaN commented Apr 17, 2018

Added "test app-pasword login with ldap"

@PVince81
Copy link
Contributor

PVince81 commented Apr 18, 2018

Missing items and items to add since RC1:

10.0.8 RC2 items

Added

Changed

  • Set minimum php version to 5.6 in composer.json - #31100 @PVince81 => dev only, no libs were updated, nothing to test

Fixes

@PVince81 PVince81 changed the title 10.0.8RC1 - Changelog Testing 10.0.8RC1/2 - Changelog Testing Apr 18, 2018
@IljaN
Copy link
Member

IljaN commented Apr 18, 2018

Tested: Fix some CSRF issues on Webdav endpoint by only checking for POST method - #30358 -> OK!

PROPFIND via Postman works without CSRF-Token

@patrickjahns
Copy link
Contributor Author

patrickjahns commented Apr 18, 2018

Testing "Do not log errors when uploading forbidden file format"

Tested with files_antivirus master:

  • No more error message is in the logs - but the server replies with a 500
    image

Behavior with old antivirus-app:
10.0.8RC3 + files_antivirus from marketplace
image

10.0.7 + files_antivirus from marketplace
image

@PVince81
Copy link
Contributor

Tested "Make syslog output configurable, introduce new default that includes the request id ", works

@patrickjahns
Copy link
Contributor Author

Testing: Added config switch to enable fallback to http scheme when creating fed shares

Receiving side just sees this error message when going via http
image

@PVince81
Copy link
Contributor

Failed: Files app UI now retries chunk uploads in web UI on stalled uploads, will be reverted: #31185

@PVince81
Copy link
Contributor

Retested "Make theming work when theme app is outside the ownCloud root - #30477", works in RC3

@PVince81
Copy link
Contributor

PVince81 commented Apr 18, 2018

Notifications items to test

From owncloud/notifications#180

  • Allow CORS requests to list notifications - #176 => @DeepDiver1975 ignore, only relevant for Phoenix
  • Add support for email notifications - #156 #162 #175 #171 @PVince81 - tested with federated share notification
  • Add occ command arguments for link and link text - #172 @PVince81 works
  • Fix occ command for group notification - #146 @PVince81 works

@PVince81
Copy link
Contributor

Tested "Properly trigger file-related Symfony events when chunking" with old chunking, new chunking and no chunking: events are triggered

@IljaN
Copy link
Member

IljaN commented Apr 18, 2018

Tested "Use storage specific move operation for object store - #30817" => OK!

@patrickjahns patrickjahns changed the title 10.0.8RC1/2 - Changelog Testing 10.0.8RC1/2/3 - Changelog Testing Apr 18, 2018
@SergioBertolinSG
Copy link
Contributor

Retested Fix App Framework ApiContoller initialization to fix thumbnail access - #31104 - @SergioBertolinSG #29914 (comment) Not working in RC2, Works in RC3.

@pako81
Copy link

pako81 commented Apr 19, 2018

Tested "regression test retention / trashbin expiration" - works fine (at least no regression). Need however to clarify what is the expected behavior about the min retention period. Will open a separate issue for that.

@PVince81
Copy link
Contributor

PVince81 commented Apr 19, 2018

Failed: "Added config switch to enable fallback to http scheme when creating fed shares - #30646", tested by @DeepDiver1975. It seems the code is not triggered / the fix is in the wrong location.

@DeepDiver1975 will fix it. Ticket: #31194

@IljaN
Copy link
Member

IljaN commented Apr 19, 2018

Tested: Catch session unavailable exception - #30347 #30623 -> OK!

Additional codereview because hard to reproduce, automated tests should be enough

@jvillafanez
Copy link
Member

jvillafanez commented Apr 19, 2018

❗️ Confusing behaviour with single user syncing if the user doesn't exists (Ticket opened in #31207 for 10.0.9)

root@3b450a98bad4:/opt/owncloud# sudo -u www-data ./occ user:sync -u miimi "OC\User\Database"
If unknown users are found, what do you want to do with their accounts? (removing the account will also remove its data)
  [0] disable
  [1] remove
  [2] ask later
 > 2
Syncing miimi ...
These accounts that are no longer available in the backend:
miimi, ,  (no longer exists in the backend)
What do you want to do with their accounts? (removing the account will also remove its data)
  [0] disable
  [1] remove
 > 0
Disabling accounts
miimi, ,  (no longer exists in the backend)

From a behavioural point of view, this doesn't look good. Asking first what to do was thought in order to sync a large number of users so you can set the appropiate action before start the syncing. With just one user this seems a bit pointless.
What really bothers me is that we should know at some point that the account doesn't exists. Asking what to do with a missing account is pointless, and then disabling or removing a missing account is misleading.

I'm not sure if there is an easy enough fix for this to include it in 10.0.8. Otherwise we'll likely have to delay the solution for 10.0.9.

@PVince81
Copy link
Contributor

PVince81 commented Apr 19, 2018

10.0.8 RC4 items to test

@patrickjahns
Copy link
Contributor Author

-> tested "Prevent background scan to scan homes of users who never logged in"
tested during other test -> message not appearing

@patrickjahns
Copy link
Contributor Author

Tested "Federation fallback to http config switch" -> works as expected

@PVince81
Copy link
Contributor

RC testing is done, thanks a lot everybody for the big effort!

final smoke test here: #31096 (comment)

@lock
Copy link

lock bot commented Jul 30, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Jul 30, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants