Morris Jobke
3d8f174774
Resolve all group memberships properly
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-21 10:57:50 +02:00
Arthur Schiwon
b497b06867
don't force LDAP updates on userExists anymore
...
and remove some deprecated code
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-14 17:57:24 +02:00
Arthur Schiwon
a39c995083
FIX: emit assignedUserId only for users
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-09 23:45:11 +02:00
Julius Härtl
c2616df541
Only bind if configuration for the first server is available
...
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-07-13 08:25:10 +02:00
Arthur Schiwon
846ab25fc0
adjust and add more unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:50:49 +02:00
Arthur Schiwon
343036e55c
allow admin to disable fetching of avatars as well as a specific attribute
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:12:51 +02:00
Arthur Schiwon
a4dda465c2
let user set avatar in nextcloud von LDAP provides invalid image data
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-03 01:45:07 +02:00
blizzz
28e64afb8c
Merge pull request #10034 from nextcloud/fix/noid/ldap-silence-quota-logmsgs
...
lower log level for quota manipulation cases
2018-06-28 23:06:23 +02:00
Arthur Schiwon
cc51a00c93
lower log level for quota manipulation cases
...
and simplify the forest of ifs a little bit
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-28 21:10:07 +02:00
Arthur Schiwon
7a728f2154
LDAP backup server should not be queried when auth fails
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-27 23:12:07 +02:00
Arthur Schiwon
73cacb8896
check user state when fetching to avoid dealing with offline objects
...
fixes #9502
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-05-29 01:10:03 +02:00
Roger Szabo
856164e578
Fix "Invalid argument supplied for foreach()"
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-05-02 18:17:21 +08:00
Roger Szabo
8637b90e15
unbound cloned connection fix
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-04-27 17:29:15 +08:00
Arthur Schiwon
38a90130ce
move log constants to ILogger
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Arthur Schiwon
ed5f53bd49
Access needs UserManager, missed to add in #8833
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-23 15:58:50 +02:00
Morris Jobke
38961a725f
Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks
...
add anounce- and (pre/|post)RevokeUser signals for non-native backends
2018-04-11 00:44:39 +02:00
Arthur Schiwon
16d4ff4d39
parameter provided to L10N::n() could have been a string
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 14:50:28 +02:00
Arthur Schiwon
f1565336bd
DI for NC's user manager
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:24 +02:00
Arthur Schiwon
373a1d5391
more consistent naming
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:15 +02:00
Arthur Schiwon
8fe914f07e
LDAP backend to emit announce and revoke signals on mapping changes
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:38:39 +02:00
Roeland Jago Douma
f4fd0224db
Do not use \OCP\DB anymore
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 14:40:23 +02:00
Arthur Schiwon
cbf60f2e91
existence check works without attribute (like with users)
...
cn is not necessarily given everywhere
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-15 15:47:44 +01:00
Morris Jobke
8195b17ed7
Remove deprecated and unsused methods of OCP\DB
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-12 15:13:37 +01:00
Morris Jobke
cccf6f4d5f
Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members
...
Apply ldapUserFilter on members of group
2018-03-08 13:19:02 +01:00
Roland Tapken
2472b93fd9
dn2ocname: also apply group filter to readAttribute()
...
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-03-07 12:18:46 +01:00
Roeland Jago Douma
c2320aea22
Merge pull request #8634 from nextcloud/ldap-no-empty-names
...
do not create empty userid when attribute does not have allowed chars
2018-03-05 19:37:17 +01:00
Arthur Schiwon
47a10bd25a
treat iconv issues
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 14:03:08 +01:00
Arthur Schiwon
4f8c724318
typo + phpdoc
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 13:30:28 +01:00
Arthur Schiwon
8607992e85
do not create empty userid when attribute does not have allowed chars
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 17:44:06 +01:00
Arthur Schiwon
04f7252fc4
use hash algo that's robust against collisions
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 16:26:36 +01:00
Arthur Schiwon
238c3a5201
fix retrieving group members with numerical uids from LDAP
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-23 12:05:50 +01:00
Arthur Schiwon
9bc75307e7
track the state of the bind result
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-22 13:05:33 +01:00
Morris Jobke
236086c457
Merge pull request #8335 from nextcloud/remove-unused-import
...
Remove unused import statements
2018-02-14 22:23:07 +01:00
Morris Jobke
d3d045dd5c
Remove unused import statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-14 16:55:43 +01:00
Morris Jobke
e2974f1133
Simplify return statement
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-13 21:55:24 +01:00
Roland Tapken
cf4ec7a4b6
Apply ldapUserFilter on members of group
...
Refers to issue #8220
user_ldap configured with custom filters for active directory access
(group-member-association is "member"). Then it can happen that the
members of a group contain members that don't belong to the users
available in Nextcloud (the most trivial reason is that the user filter
contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude
disabled users from being imported).
This can be fixed by applying the ldapUserFilter when resolving the UID
for a DN fetched from the group's member list.
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-02-07 12:02:58 +01:00
blizzz
8f29f9a59b
typo
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-31 21:50:55 +01:00
Arthur Schiwon
8753a816d8
fixes reading the sysconfig value
...
settings without the entry in the translation array are computed
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-31 13:46:13 +01:00
Morris Jobke
eb51f06a3b
Use ::class statement instead of string
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-29 12:03:47 +01:00
Morris Jobke
a661f043e1
Remove unneeded semicolon and parentheses
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 23:46:40 +01:00
Morris Jobke
2ad2eb38e8
Use type casting instead of *val() method
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 15:01:27 +01:00
Morris Jobke
ca493ab5b1
Merge pull request #8069 from nextcloud/no-catch-serverdown
...
do not catch and ignore ServerNotAvailable in the wrong spot
2018-01-26 14:01:07 +01:00
Arthur Schiwon
b61b906abe
do not catch ServerNotAvailable
...
might cause the user to be unavailable (race condition).
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-26 12:47:19 +01:00
Morris Jobke
6bbea33133
Simplify ternary operator statements
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 12:36:25 +01:00
Morris Jobke
c1e4f9f305
Use type casting instead of *val() method
...
It should be up to 6x faster
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 11:35:42 +01:00
Morris Jobke
0a56d2185e
Return value immediately instead of assigning to a one-time variable
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 00:02:03 +01:00
Morris Jobke
2a38605545
Properly log the full exception instead of only the message
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-23 10:57:21 +01:00
Morris Jobke
55532f19d9
Cleanup OC_User and OCP\User
...
* mainly removes deprecated methods and old static code
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 18:39:11 +01:00
Roeland Jago Douma
8a41d05761
Remove deprecated \OCP\Config
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-01-13 14:25:04 +01:00
Arthur Schiwon
f84ec92563
revert resolving of recursion ( 3628d4d65d
)
...
without recursion we have issues with internal states. paged search status
are set to false, cookies are not being set. In the end we have endless
requests which pile up enormously with a high initial offset.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 15:17:18 +01:00
Arthur Schiwon
9031ae0281
fix return value when ldapPagingSize returns null
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:47:51 +01:00
Arthur Schiwon
15a3f4659f
enrich log message with backtrace, but level it down to DEBUG
...
The message is not helpful anyway for an admin, and oftentimes is just
valid (e.g. when searching with an offset beyond users in LDAP).
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:17:14 +01:00
Arthur Schiwon
f292f98060
when paged results are turned off, all (max possible) users are returned
...
thus hasMoreResult should return false
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 13:20:17 +01:00
Arthur Schiwon
7c3db54ff6
fix changing to next cycle
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-08 13:45:06 +01:00
Arthur Schiwon
b17c5fec40
add unit test for qualifies to run
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-08 13:08:59 +01:00
Arthur Schiwon
a565bf0b9f
fix offset is never being reset
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-05 14:29:11 +01:00
Arthur Schiwon
82da4fde18
create failing test for this case
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-05 14:27:36 +01:00
Morris Jobke
4d0315ceae
Merge pull request #7599 from nextcloud/quieter-debug-log
...
don't show recurring log msg when paged result was turned off
2018-01-03 00:40:46 +01:00
Arthur Schiwon
c8851e24a8
throw ServerNotAvailableException when LDAP is caught shutting down
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-02 12:20:44 +01:00
Arthur Schiwon
82fd09c294
don't show recurring msg when pages result was turned off
...
and only as debug level otherwise.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-21 14:29:56 +01:00
Morris Jobke
d2d73f1ce8
Also replace all other occurences
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-18 20:57:11 +01:00
Arthur Schiwon
5ce943aa85
don't use deprecated method for requesting memcache
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-18 20:57:11 +01:00
Morris Jobke
defac0ff0d
Fixes hex2bin() in LDAP
...
Untangles the two if-else clauses into a more readable format.
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-13 11:57:49 +01:00
Arthur Schiwon
27f14eee26
don't cache user, if no internal user id was retrieved/assigned
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 22:47:32 +01:00
Arthur Schiwon
991190b994
ensure that users are cached when they are retrieved
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 17:49:33 +01:00
sidey79
45dfc11137
tryfix needsRefresh unit tests
...
Forced updateAttributesInterval from getAppValue to int
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-10 17:07:41 +01:00
sidey79
039f6c9636
Fixed Typo in user.php
...
Fixed a typo for the app config prameter updateAttributesInterval
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-10 17:07:41 +01:00
sidey79
0b290c0904
Update User.php
...
Makes the time between needsRefresh configurable via app config option updateAttribuesInterval.
Default is still 86400 secons which is one day.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-10 17:07:36 +01:00
Arthur Schiwon
419759e68b
resolve DI
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:59 +01:00
Arthur Schiwon
8113f26eed
add Sync test
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:58 +01:00
Arthur Schiwon
59c05d5447
move LDAP user attributes "sync" to background (except for ajax jobs)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:56 +01:00
Arthur Schiwon
ef3cd32916
don't skip updating when ajax is set as background job mode
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:04 +01:00
Arthur Schiwon
c6f1af9896
move ldap user sync to background (WIP)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:09:59 +01:00
Lukas Reschke
2bfa1ce5c3
Merge pull request #5568 from nextcloud/ldap-agent-credentials-safe
...
Ldap agent credentials save
2017-11-09 09:26:51 +01:00
Morris Jobke
0eebff152a
Update license headers
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Vinicius Cubas Brand
fa565750d1
User_LDAP plugins: smaller fixes
...
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
2017-11-03 11:42:59 -02:00
Vinicius Cubas Brand
10ca793452
Plugins infrastructure in User_LDAP
...
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
2017-11-03 11:41:40 -02:00
Arthur Schiwon
7b0868ddac
fix saving changes…
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-27 14:25:19 +02:00
Arthur Schiwon
9a1f706ae4
fix creating an empty configuration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-27 14:25:19 +02:00
Arthur Schiwon
52b1b97c58
Fix regression: undesired writes to the DB
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-27 14:25:19 +02:00
Arthur Schiwon
4eab39f133
LDAP: only write actually changes values to the DB
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-27 14:25:19 +02:00
Arthur Schiwon
3628d4d65d
avoid unnecessary recursion
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-25 17:23:42 +02:00
Lukas Reschke
9932b7498d
Merge pull request #6873 from nextcloud/ldap_proxy_redix_fix
...
Ldap proxy Redis fix
2017-10-19 12:03:04 +02:00
Lukas Reschke
7de6f7cd07
Merge pull request #6677 from nextcloud/downstream-dont-reset-quota
...
don't reset quota
2017-10-19 11:42:37 +02:00
Roeland Jago Douma
4388ec2231
Little bit of code cleanup
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-19 11:05:24 +02:00
Roeland Jago Douma
a6760560c6
Do not check existance before fetch
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-19 11:03:31 +02:00
Arthur Schiwon
c9622ccb62
fix LDAP User deletion (cleanup)
...
discovered a bug in the integration test which lead to following a
different code path and giving a false-positive success feedback.
Also listens now to the evendispatcher instead of old hook system
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-29 11:44:04 +02:00
Arthur Schiwon
3e2015a24c
and add missing whitespaces to log outout
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-28 01:16:57 +02:00
Juan Pablo Villafáñez
d6d895dd74
Keep the current quota if no suitable quota is found
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-28 01:13:48 +02:00
Arthur Schiwon
5e74affea4
fix counting found results in search op
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Arthur Schiwon
34f9590169
replace hard-coded attribute with the corresponding settings option
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Arthur Schiwon
89f4e16cdb
fix limit-flaw in search on paged results
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Morris Jobke
ba2e1c5db9
Merge pull request #5689 from nextcloud/fix-4117
...
LDAP: simplify returning the homePath and fixing #4117
2017-09-14 00:23:01 +02:00
Morris Jobke
cebbb1633a
Merge pull request #5642 from tobru/fix/groupOfUniqueNames_in_Wizard
...
recognize groupOfUniqueNames as valid LDAP group object
2017-09-05 13:33:15 +02:00
Morris Jobke
ff93dd7eb1
Merge pull request #5466 from jlehtoranta/ldap-connectivity-fixes
...
LDAP Connectivity Fixes
2017-09-04 18:31:32 +02:00
Arthur Schiwon
ab92e2ee14
listen to deletion hooks for proper handling, adjust and add tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:21 +02:00
Arthur Schiwon
efedc81c0a
simplify returning the homePath and fixing #4117
...
homesToKill was not set in runtime since some changes some place else. It
required deleteUser() to be called first. The method acts independent of it
now.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:16 +02:00
Morris Jobke
43facdb95f
Merge pull request #5616 from nextcloud/ldap-wizard-remove-LDAPTLS_REQCERT-attempt
...
LDAP Wizard: do not attempt to recognise cert issue by using LDAPTLS_REQCERT
2017-08-10 21:06:14 +02:00
Joas Schilling
45e2c415d4
Fix comparison in the ldap app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Roeland Jago Douma
ede15f0988
Fix L10N::t
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Morris Jobke
c27498db71
Use IConfig instead of static OCP\Config
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
Morris Jobke
89a7b007f2
Fix comments
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-25 08:57:58 +02:00
Jarkko Lehtoranta
69f6d42b17
LDAP: Simplify conditions in establishConnection
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
6103677a91
LDAP: Use imported exception in Connection class
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
79fbed4064
LDAP: Clean-up doConnect
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
d87375cbaa
LDAP: Throw an exception if disabling LDAP referrals fails
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
de9a9bc004
LDAP: Throw an exception if Start TLS fails
...
This ensures that only a secure connection to the LDAP server will be used,
if Start TLS has been enabled.
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
ee2c6e8215
LDAP: Remove unnecessary "recursion" fix
...
This reverts commit 86d72b9a61
"LDAP: fix possible recursion".
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
039a836d4a
LDAP: Don't handle invalid credentials as a connection error
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
4e2e592635
LDAP: Connect to backup server only if it exists + handle errors
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Arthur Schiwon
25439919f8
fix phpdoc return types (no code change)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:12 +02:00
Arthur Schiwon
9b2f171cbd
do not attempt to recognise cert issue by using LDAPTLS_REQCERT
...
first, it does not work (at least not everywhere/reliably), second if it
did it was not reset properly. Removes a bit of complexity.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:11 +02:00
Allan Nordhøy
ddc804aa32
: Bigversal and LDAP
2017-07-14 15:46:05 +02:00
Roger Szabo
0ebec6f9a4
Rectify variable $uid->$user
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-07-10 18:46:39 +08:00
Tobias Brunner
f8735a3205
recognize groupOfUniqueNames as valid LDAP group object
...
This was already partly done in f88109b
but was missed in the
fetchGroups function.
2017-07-07 08:29:58 +02:00
Roger Szabo
51ecc7ce11
suppress superflous php error on rejected password change
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-30 18:36:33 +08:00
Roger Szabo
bf9412df63
set needsPasswordReset flag correctly
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-22 15:58:30 +08:00
Roger Szabo
0fcbc0954c
pass missing function parameter
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-21 14:40:44 +08:00
Arthur Schiwon
b79f9cadc2
fix paging
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-26 13:44:43 +02:00
Arthur Schiwon
bd5d12528f
make sure used ldap connection resource is always up to date
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:45:48 +02:00
bline
8c89bf7c59
moved to something a little less invasive. back to passing CR around.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:36:51 +02:00
bline
8829d84949
special case for controlPagedResultResponse. It would be nice if there was a generic way to pass by reference with call_user_func_array..
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:34:52 +02:00
Morris Jobke
ba43a09380
Merge pull request #4512 from nextcloud/fix-translations-2
...
Fix translations
2017-04-26 08:57:08 -03:00
Joas Schilling
6c28c4ac8b
Use correct plural form and add special strings for tomorrow and today
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-26 09:34:59 +02:00
Arthur Schiwon
43f451e9e0
Fix usersInGroup retrieval
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 15:07:05 +02:00
Arthur Schiwon
685faad5ca
fix method name due to changes in master
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 13:03:08 +02:00
Arthur Schiwon
b1d646640a
Merge branch 'master' of https://github.com/Xuanwo/server into Xuanwo-master2
2017-04-25 12:42:17 +02:00
Xuanwo
8db21ad8c8
user_ldap: Add support for gidNumber
...
This patch is based on the work of @dleeuw (https://github.com/dleeuw )
(See https://github.com/nextcloud/server/issues/2640#issuecomment-269615883 for more details).
The difference is user & group data will be written into cache to have
better performance, and functions splited from primaryGroupID series to
make them more readable.
Fixed https://github.com/nextcloud/server/issues/2640
Signed-off-by: Xuanwo <xuanwo@yunify.com>
2017-04-25 10:06:47 +08:00
blizzz
42e805f057
Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
...
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00
Lukas Reschke
727688ebd9
Adjust existing bruteforce protection code
...
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Morris Jobke
229d17e13b
Change LDAP method names
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 10:10:07 -05:00
Morris Jobke
1729e4471f
Update comments to Nextcloud
...
* based on PR by @Ardinis
* see #4311
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 23:16:27 -05:00
Roger Szabo
5fa218051b
unit test adjustment
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-07 18:06:50 +08:00
Roger Szabo
f49ff74943
blizzz comments 03.04.2017 with caching
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:57:07 +08:00
Roger Szabo
33c8bf1857
blizzz comments 03.04.2017
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:26:41 +08:00
Roger Szabo
1853c1ade2
remove redundant tabs
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:27:50 +08:00
Roger Szabo
5e7723f15c
restore ldap_password_renew_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:16:22 +08:00
Roeland Jago Douma
70f93bf53a
Merge pull request #4143 from nextcloud/ldap-downstream-64
...
Correctly apply quota
2017-03-30 14:10:21 +02:00
Morris Jobke
d17678b5b2
Merge pull request #4141 from nextcloud/ldap-downstream-9
...
Convert the group limit to match the same behaviour as the user search
2017-03-29 15:47:28 -06:00
Roeland Jago Douma
636575e3de
Merge pull request #3329 from andreas-p/ldap_no-memberof-with-memberuid
...
Ldap no memberof with memberuid
2017-03-29 19:12:51 +02:00
Juan Pablo Villafáñez
3676189e05
Add comments in the updateQuota method to explain the behavior
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez
f9832ff347
Check if the user exists before trying to set the quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez
3345a72e7e
Correctly apply quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:11 +02:00
Juan Pablo Villafáñez
9e2e0c4c30
Convert the group limit to match the same behaviour as the user search
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 12:49:08 +02:00
Morris Jobke
a5ba1f7803
Remove legacy class OC_Group and OC_User
...
* basically a straight replacement of the wrapped code at the calling code parts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 17:35:09 -06:00
Arthur Schiwon
42ddb12fd9
Background jobs can take 4k of characters only. We find a good batch size.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 20:06:25 +01:00
Arthur Schiwon
497ee3e3e6
Add repair steps
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 18:45:33 +01:00
Arthur Schiwon
45615cc940
add integration test for uuid attr detection
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 12:05:51 +01:00
Arthur Schiwon
f87812fdd6
Fix determining the UUID attribute, default of the override is null
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 02:06:10 +01:00
Morris Jobke
52ef851da3
Merge pull request #3421 from espro/freeipa-uuid-fix
...
Update uuidAttributes list to include FreeIPA's ipauniqueid
2017-02-15 08:07:58 -06:00
Brent Bloxam
f7b8a31d63
Update uuidAttributes list to include FreeIPA's ipauniqueid
...
Signed-off-by: Brent Bloxam <brent.bloxam@gmail.com>
2017-02-10 10:23:13 -05:00
Andreas Pflug
b64e48335f
Don't try to use memberof on posixgroups, since it doesn't support
...
memberUid attributes.
Signed-off-by: Andreas Pflug <dev@admin4.org>
2017-01-31 01:40:09 +01:00
Arthur Schiwon
9983e05121
LDAP's checkPassword should only catch when a user was not found, fixes #2431
...
Also fixes error processing after ldap_search, due to different return format
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-30 17:06:51 +01:00
Morris Jobke
3a603ab8b4
Merge pull request #3264 from nextcloud/ldap-deny-long-dns
...
Gracefully deny users or groups with too long DNs
2017-01-26 01:15:43 -06:00
Morris Jobke
feab1e5b94
Merge pull request #3162 from nextcloud/ldap-ocs
...
Part 1 of LDAP Backend OCS Api
2017-01-25 22:45:34 -06:00
Arthur Schiwon
03ae7b654f
Gracefully deny users or groups with too long DNs
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-25 17:10:51 +01:00
Morris Jobke
e46410e856
Add icon to admin page sidebar for LDAP
...
* follow up to nextcloud/server#3151
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-24 12:54:32 -06:00
Arthur Schiwon
91ed70f094
fix deletion for configIDs < s10
...
Also move ensureConfigIDExists checks into try, it might throw DB
related exceptions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 23:01:46 +01:00
Arthur Schiwon
9ca4065ef5
LDAP PUT command now supports setting multiple keys at once
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 22:01:08 +01:00
Arthur Schiwon
1f7b08bd19
LDAP OCS Api for show config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 15:19:20 +01:00
Arthur Schiwon
f2c9d04eac
test against OCS v2 instead
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 12:48:50 +01:00
Arthur Schiwon
01d469dfea
add LDAP OCS Api for modifying a configuration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 11:09:04 +01:00
Joas Schilling
17a7eaabcd
Add the icons for shipped apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-19 10:42:22 +01:00
Arthur Schiwon
18a75bec0d
fix and extend behat tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 10:04:15 +01:00
Arthur Schiwon
a515de54e7
LDAP OCS Api for delete config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 23:17:58 +01:00
Arthur Schiwon
689df9a843
LDAP OCS Api for create config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 21:13:23 +01:00
Arthur Schiwon
7887566cff
remove frequent, unimportant log message
...
Fixes #2585
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-19 23:36:11 +01:00
Arthur Schiwon
0c8e4b91d3
adjust: sanitizeDN resides in Helper
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:36:20 +01:00
Juan Pablo Villafáñez
efa1077872
Extract lowercase conversion out of the loop
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:47 +01:00
Arthur Schiwon
6496b95564
range support for LDAP read operations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:16 +01:00
Arthur Schiwon
1e5344ffe9
log exception about user not present on LDAP on login only if loglevel is set to debug
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-11-29 17:05:55 +01:00
Lukas Reschke
4c5e7d270a
Add tests
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 19:58:43 +01:00
root
861c8572c0
restore ldap_password_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
remove notification part
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizzz comments
Signed-off-by: Roger Szabo <roger.szabo@web.de>
morris comment
Signed-off-by: Roger Szabo <roger.szabo@web.de>
improved error message for changing password
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizz comments 20161013
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Adjust HintException usage
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2016-11-23 19:02:48 +01:00
Arthur Schiwon
dade28cadd
Merge branch 'master' into downstream-ldap-3
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-16 14:42:16 +02:00
Victor Dubiniuk
011d5f554c
Harden empty
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-13 00:53:34 +02:00
Arthur Schiwon
9e817e9e0b
symfony replaced table helper by class, fixes two broken LDAP occ commands
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 23:47:07 +02:00
Roeland Jago Douma
7d2f70ef72
Use more IConfig and add unit tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:51:13 +02:00
Roeland Jago Douma
bdf4bf4669
DI IConfig into ldap helper
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:18:18 +02:00
Roeland Jago Douma
1ba2b7e5d4
Do not query data that is already in the appconfig
...
This is already available. We better use a simple regex.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 09:39:20 +02:00
Arthur Schiwon
a30341823e
cache loginName2UserName and cover the method with unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 01:39:57 +02:00
Joas Schilling
82c29e1204
Log the error with display name
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 11:21:43 +02:00
Jörn Friedrich Dreyer
0ae9a2c9fe
Prevent user with empty uid
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-04 12:26:06 +02:00
Joas Schilling
01cf85e4e5
Fix the User_LDAP app
2016-09-12 16:48:11 +02:00
Roeland Jago Douma
013f691fe9
Fix phpdoc
2016-08-29 20:20:17 +02:00
Jörn Friedrich Dreyer
4d31caa6f8
fix a few minor code smells
2016-08-29 14:34:37 +02:00
Lukas Reschke
8a7a0f3287
Add unit tests
2016-08-15 16:25:34 +02:00
Arthur Schiwon
7a2b96c7e6
change casing in section display names
2016-08-13 00:06:10 +02:00
Arthur Schiwon
14ddf9d923
rename IAdmin to ISettings, the interface is not bound to a specific settings scope
2016-08-11 14:48:21 +02:00
Arthur Schiwon
1eb8b951c2
more admin page splitup improvements
...
* bump version to ensure tables are created
* make updatenotification app use settings api
* change IAdmin::render() to getForm() and change return type from Template to TemplateResponse
* adjust User_LDAP accordingly, as well as built-in forms
* add IDateTimeFormatter to AppFramework/DependencyInjection/DIContainer.php. This is important so that \OC::$server->query() is able to resolve the
constructor parameters. We should ensure that all OCP/* stuff that is available from \OC::$server is available here. Kudos to @LukasReschke
* make sure apps that have settings info in their info.xml are loaded before triggering adding the settings setup method
2016-08-10 15:21:25 +02:00
Arthur Schiwon
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00
Morris Jobke
83c64f3485
Merge pull request #590 from nextcloud/fixing-undefined-OfflineUser-composeAndStoreDisplayName
...
Fix undefined OfflineUser::composeAndStoreDisplayName()
2016-07-28 17:41:02 +02:00
Lukas Reschke
bf7afcdace
Merge pull request #592 from nextcloud/ldap-avoidneedlesssetemailonlogin
...
Prevent setting email and triggering events at login time (#25553 )
2016-07-28 17:09:59 +02:00
root
bd65a17203
Nextcloud license header for new files
2016-07-28 15:13:00 +08:00
Vincent Petry
77df09d58a
Prevent setting email and triggering events at login time ( #25553 )
...
Whenever an LDAP user also has an email address defined in LDAP, the
LDAP code will try and update the email address of the locally known
user. This happens at login time or every time the user's LDAP
attributes are processed.
There is code listening to the email setting hook which updates the
system address book, which also will trigger FS setup due to avatars
and other things.
This fix only sets the email address when really necessary.
2016-07-27 11:28:33 +02:00
Thomas Müller
1177c70b9d
[stable9.1] Fix undefined OfflineUser::composeAndStoreDisplayName() - fixes #23248
2016-07-27 11:17:53 +02:00
root
2719dcabed
Merge branch 'master' of https://github.com/nextcloud/server
2016-07-27 15:17:29 +08:00
root
1c64ee67af
comments amended
2016-07-27 15:16:57 +08:00
root
32fb6beac3
final changes
2016-07-27 15:10:35 +08:00
blizzz
f88109be75
Merge pull request #349 from nextcloud/ldab-groupOfUniqueNames
...
add groupOfUniqueNames as valid group object class
2016-07-26 23:32:47 +02:00
root
02ec8b1726
New LDAPProvider for user_ldap
2016-07-22 16:46:29 +08:00