Commit Graph

704 Commits

Author SHA1 Message Date
Arthur Schiwon a39c995083
FIX: emit assignedUserId only for users
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-09 23:45:11 +02:00
Julius Härtl c2616df541
Only bind if configuration for the first server is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-07-13 08:25:10 +02:00
Arthur Schiwon 846ab25fc0
adjust and add more unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:50:49 +02:00
Arthur Schiwon 343036e55c
allow admin to disable fetching of avatars as well as a specific attribute
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:12:51 +02:00
Arthur Schiwon a4dda465c2
let user set avatar in nextcloud von LDAP provides invalid image data
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-03 01:45:07 +02:00
blizzz 28e64afb8c
Merge pull request #10034 from nextcloud/fix/noid/ldap-silence-quota-logmsgs
lower log level for quota manipulation cases
2018-06-28 23:06:23 +02:00
Arthur Schiwon cc51a00c93
lower log level for quota manipulation cases
and simplify the forest of ifs a little bit

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-28 21:10:07 +02:00
Arthur Schiwon 7a728f2154
LDAP backup server should not be queried when auth fails
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-27 23:12:07 +02:00
Arthur Schiwon 73cacb8896
check user state when fetching to avoid dealing with offline objects
fixes #9502

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-05-29 01:10:03 +02:00
Roger Szabo 856164e578 Fix "Invalid argument supplied for foreach()"
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-05-02 18:17:21 +08:00
Roger Szabo 8637b90e15 unbound cloned connection fix
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-04-27 17:29:15 +08:00
Arthur Schiwon 38a90130ce
move log constants to ILogger
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Arthur Schiwon ed5f53bd49
Access needs UserManager, missed to add in #8833
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-23 15:58:50 +02:00
Morris Jobke 38961a725f
Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks
add anounce- and (pre/|post)RevokeUser signals for non-native backends
2018-04-11 00:44:39 +02:00
Arthur Schiwon 16d4ff4d39
parameter provided to L10N::n() could have been a string
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 14:50:28 +02:00
Arthur Schiwon f1565336bd
DI for NC's user manager
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:24 +02:00
Arthur Schiwon 373a1d5391
more consistent naming
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:15 +02:00
Arthur Schiwon 8fe914f07e
LDAP backend to emit announce and revoke signals on mapping changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:38:39 +02:00
Roeland Jago Douma f4fd0224db
Do not use \OCP\DB anymore
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 14:40:23 +02:00
Arthur Schiwon cbf60f2e91
existence check works without attribute (like with users)
cn is not necessarily given everywhere

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-15 15:47:44 +01:00
Morris Jobke 8195b17ed7
Remove deprecated and unsused methods of OCP\DB
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-12 15:13:37 +01:00
Morris Jobke cccf6f4d5f
Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members
Apply ldapUserFilter on members of group
2018-03-08 13:19:02 +01:00
Roland Tapken 2472b93fd9 dn2ocname: also apply group filter to readAttribute()
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-03-07 12:18:46 +01:00
Roeland Jago Douma c2320aea22
Merge pull request #8634 from nextcloud/ldap-no-empty-names
do not create empty userid when attribute does not have allowed chars
2018-03-05 19:37:17 +01:00
Arthur Schiwon 47a10bd25a
treat iconv issues
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 14:03:08 +01:00
Arthur Schiwon 4f8c724318
typo + phpdoc
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 13:30:28 +01:00
Arthur Schiwon 8607992e85
do not create empty userid when attribute does not have allowed chars
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 17:44:06 +01:00
Arthur Schiwon 04f7252fc4
use hash algo that's robust against collisions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 16:26:36 +01:00
Arthur Schiwon 238c3a5201
fix retrieving group members with numerical uids from LDAP
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-23 12:05:50 +01:00
Arthur Schiwon 9bc75307e7
track the state of the bind result
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-22 13:05:33 +01:00
Morris Jobke 236086c457
Merge pull request #8335 from nextcloud/remove-unused-import
Remove unused import statements
2018-02-14 22:23:07 +01:00
Morris Jobke d3d045dd5c
Remove unused import statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-14 16:55:43 +01:00
Morris Jobke e2974f1133
Simplify return statement
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-13 21:55:24 +01:00
Roland Tapken cf4ec7a4b6 Apply ldapUserFilter on members of group
Refers to issue #8220

user_ldap configured with custom filters for active directory access
(group-member-association is "member"). Then it can happen that the
members of a group contain members that don't belong to the users
available in Nextcloud (the most trivial reason is that the user filter
contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude
disabled users from being imported).

This can be fixed by applying the ldapUserFilter when resolving the UID
for a DN fetched from the group's member list.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-02-07 12:02:58 +01:00
blizzz 8f29f9a59b
typo
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-31 21:50:55 +01:00
Arthur Schiwon 8753a816d8
fixes reading the sysconfig value
settings without the entry in the translation array are computed

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-31 13:46:13 +01:00
Morris Jobke eb51f06a3b
Use ::class statement instead of string
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-29 12:03:47 +01:00
Morris Jobke a661f043e1
Remove unneeded semicolon and parentheses
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 23:46:40 +01:00
Morris Jobke 2ad2eb38e8
Use type casting instead of *val() method
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 15:01:27 +01:00
Morris Jobke ca493ab5b1
Merge pull request #8069 from nextcloud/no-catch-serverdown
do not catch and ignore ServerNotAvailable in the wrong spot
2018-01-26 14:01:07 +01:00
Arthur Schiwon b61b906abe
do not catch ServerNotAvailable
might cause the user to be unavailable (race condition).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-26 12:47:19 +01:00
Morris Jobke 6bbea33133
Simplify ternary operator statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 12:36:25 +01:00
Morris Jobke c1e4f9f305
Use type casting instead of *val() method
It should be up to 6x faster

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 11:35:42 +01:00
Morris Jobke 0a56d2185e
Return value immediately instead of assigning to a one-time variable
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 00:02:03 +01:00
Morris Jobke 2a38605545
Properly log the full exception instead of only the message
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-23 10:57:21 +01:00
Morris Jobke 55532f19d9
Cleanup OC_User and OCP\User
* mainly removes deprecated methods and old static code

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 18:39:11 +01:00
Roeland Jago Douma 8a41d05761
Remove deprecated \OCP\Config
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-13 14:25:04 +01:00
Arthur Schiwon f84ec92563
revert resolving of recursion (3628d4d65d)
without recursion we have issues with internal states. paged search status
are set to false, cookies are not being set. In the end we have  endless
requests which pile up enormously with a high initial offset.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 15:17:18 +01:00
Arthur Schiwon 9031ae0281
fix return value when ldapPagingSize returns null
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:47:51 +01:00
Arthur Schiwon 15a3f4659f
enrich log message with backtrace, but level it down to DEBUG
The message is not helpful anyway for an admin, and oftentimes is just
valid (e.g. when searching with an offset beyond users in LDAP).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:17:14 +01:00