Arthur Schiwon
34f9590169
replace hard-coded attribute with the corresponding settings option
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Arthur Schiwon
89f4e16cdb
fix limit-flaw in search on paged results
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Morris Jobke
ba2e1c5db9
Merge pull request #5689 from nextcloud/fix-4117
...
LDAP: simplify returning the homePath and fixing #4117
2017-09-14 00:23:01 +02:00
Morris Jobke
cebbb1633a
Merge pull request #5642 from tobru/fix/groupOfUniqueNames_in_Wizard
...
recognize groupOfUniqueNames as valid LDAP group object
2017-09-05 13:33:15 +02:00
Morris Jobke
ff93dd7eb1
Merge pull request #5466 from jlehtoranta/ldap-connectivity-fixes
...
LDAP Connectivity Fixes
2017-09-04 18:31:32 +02:00
Arthur Schiwon
ab92e2ee14
listen to deletion hooks for proper handling, adjust and add tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:21 +02:00
Arthur Schiwon
efedc81c0a
simplify returning the homePath and fixing #4117
...
homesToKill was not set in runtime since some changes some place else. It
required deleteUser() to be called first. The method acts independent of it
now.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:16 +02:00
Morris Jobke
43facdb95f
Merge pull request #5616 from nextcloud/ldap-wizard-remove-LDAPTLS_REQCERT-attempt
...
LDAP Wizard: do not attempt to recognise cert issue by using LDAPTLS_REQCERT
2017-08-10 21:06:14 +02:00
Joas Schilling
45e2c415d4
Fix comparison in the ldap app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
Roeland Jago Douma
ede15f0988
Fix L10N::t
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
Morris Jobke
c27498db71
Use IConfig instead of static OCP\Config
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
Morris Jobke
89a7b007f2
Fix comments
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-25 08:57:58 +02:00
Jarkko Lehtoranta
69f6d42b17
LDAP: Simplify conditions in establishConnection
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
6103677a91
LDAP: Use imported exception in Connection class
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
79fbed4064
LDAP: Clean-up doConnect
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
d87375cbaa
LDAP: Throw an exception if disabling LDAP referrals fails
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
de9a9bc004
LDAP: Throw an exception if Start TLS fails
...
This ensures that only a secure connection to the LDAP server will be used,
if Start TLS has been enabled.
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
ee2c6e8215
LDAP: Remove unnecessary "recursion" fix
...
This reverts commit 86d72b9a61
"LDAP: fix possible recursion".
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
039a836d4a
LDAP: Don't handle invalid credentials as a connection error
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta
4e2e592635
LDAP: Connect to backup server only if it exists + handle errors
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
Arthur Schiwon
25439919f8
fix phpdoc return types (no code change)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:12 +02:00
Arthur Schiwon
9b2f171cbd
do not attempt to recognise cert issue by using LDAPTLS_REQCERT
...
first, it does not work (at least not everywhere/reliably), second if it
did it was not reset properly. Removes a bit of complexity.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:11 +02:00
Allan Nordhøy
ddc804aa32
: Bigversal and LDAP
2017-07-14 15:46:05 +02:00
Roger Szabo
0ebec6f9a4
Rectify variable $uid->$user
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-07-10 18:46:39 +08:00
Tobias Brunner
f8735a3205
recognize groupOfUniqueNames as valid LDAP group object
...
This was already partly done in f88109b
but was missed in the
fetchGroups function.
2017-07-07 08:29:58 +02:00
Roger Szabo
51ecc7ce11
suppress superflous php error on rejected password change
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-30 18:36:33 +08:00
Roger Szabo
bf9412df63
set needsPasswordReset flag correctly
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-22 15:58:30 +08:00
Roger Szabo
0fcbc0954c
pass missing function parameter
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-21 14:40:44 +08:00
Arthur Schiwon
b79f9cadc2
fix paging
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-26 13:44:43 +02:00
Arthur Schiwon
bd5d12528f
make sure used ldap connection resource is always up to date
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:45:48 +02:00
bline
8c89bf7c59
moved to something a little less invasive. back to passing CR around.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:36:51 +02:00
bline
8829d84949
special case for controlPagedResultResponse. It would be nice if there was a generic way to pass by reference with call_user_func_array..
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:34:52 +02:00
Morris Jobke
ba43a09380
Merge pull request #4512 from nextcloud/fix-translations-2
...
Fix translations
2017-04-26 08:57:08 -03:00
Joas Schilling
6c28c4ac8b
Use correct plural form and add special strings for tomorrow and today
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-26 09:34:59 +02:00
Arthur Schiwon
43f451e9e0
Fix usersInGroup retrieval
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 15:07:05 +02:00
Arthur Schiwon
685faad5ca
fix method name due to changes in master
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 13:03:08 +02:00
Arthur Schiwon
b1d646640a
Merge branch 'master' of https://github.com/Xuanwo/server into Xuanwo-master2
2017-04-25 12:42:17 +02:00
Xuanwo
8db21ad8c8
user_ldap: Add support for gidNumber
...
This patch is based on the work of @dleeuw (https://github.com/dleeuw )
(See https://github.com/nextcloud/server/issues/2640#issuecomment-269615883 for more details).
The difference is user & group data will be written into cache to have
better performance, and functions splited from primaryGroupID series to
make them more readable.
Fixed https://github.com/nextcloud/server/issues/2640
Signed-off-by: Xuanwo <xuanwo@yunify.com>
2017-04-25 10:06:47 +08:00
blizzz
42e805f057
Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
...
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00
Lukas Reschke
727688ebd9
Adjust existing bruteforce protection code
...
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
Morris Jobke
229d17e13b
Change LDAP method names
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 10:10:07 -05:00
Morris Jobke
1729e4471f
Update comments to Nextcloud
...
* based on PR by @Ardinis
* see #4311
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 23:16:27 -05:00
Roger Szabo
5fa218051b
unit test adjustment
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-07 18:06:50 +08:00
Roger Szabo
f49ff74943
blizzz comments 03.04.2017 with caching
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:57:07 +08:00
Roger Szabo
33c8bf1857
blizzz comments 03.04.2017
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:26:41 +08:00
Roger Szabo
1853c1ade2
remove redundant tabs
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:27:50 +08:00
Roger Szabo
5e7723f15c
restore ldap_password_renew_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:16:22 +08:00
Roeland Jago Douma
70f93bf53a
Merge pull request #4143 from nextcloud/ldap-downstream-64
...
Correctly apply quota
2017-03-30 14:10:21 +02:00
Morris Jobke
d17678b5b2
Merge pull request #4141 from nextcloud/ldap-downstream-9
...
Convert the group limit to match the same behaviour as the user search
2017-03-29 15:47:28 -06:00
Roeland Jago Douma
636575e3de
Merge pull request #3329 from andreas-p/ldap_no-memberof-with-memberuid
...
Ldap no memberof with memberuid
2017-03-29 19:12:51 +02:00
Juan Pablo Villafáñez
3676189e05
Add comments in the updateQuota method to explain the behavior
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez
f9832ff347
Check if the user exists before trying to set the quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez
3345a72e7e
Correctly apply quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:11 +02:00
Juan Pablo Villafáñez
9e2e0c4c30
Convert the group limit to match the same behaviour as the user search
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 12:49:08 +02:00
Morris Jobke
a5ba1f7803
Remove legacy class OC_Group and OC_User
...
* basically a straight replacement of the wrapped code at the calling code parts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 17:35:09 -06:00
Arthur Schiwon
42ddb12fd9
Background jobs can take 4k of characters only. We find a good batch size.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 20:06:25 +01:00
Arthur Schiwon
497ee3e3e6
Add repair steps
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 18:45:33 +01:00
Arthur Schiwon
45615cc940
add integration test for uuid attr detection
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 12:05:51 +01:00
Arthur Schiwon
f87812fdd6
Fix determining the UUID attribute, default of the override is null
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 02:06:10 +01:00
Morris Jobke
52ef851da3
Merge pull request #3421 from espro/freeipa-uuid-fix
...
Update uuidAttributes list to include FreeIPA's ipauniqueid
2017-02-15 08:07:58 -06:00
Brent Bloxam
f7b8a31d63
Update uuidAttributes list to include FreeIPA's ipauniqueid
...
Signed-off-by: Brent Bloxam <brent.bloxam@gmail.com>
2017-02-10 10:23:13 -05:00
Andreas Pflug
b64e48335f
Don't try to use memberof on posixgroups, since it doesn't support
...
memberUid attributes.
Signed-off-by: Andreas Pflug <dev@admin4.org>
2017-01-31 01:40:09 +01:00
Arthur Schiwon
9983e05121
LDAP's checkPassword should only catch when a user was not found, fixes #2431
...
Also fixes error processing after ldap_search, due to different return format
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-30 17:06:51 +01:00
Morris Jobke
3a603ab8b4
Merge pull request #3264 from nextcloud/ldap-deny-long-dns
...
Gracefully deny users or groups with too long DNs
2017-01-26 01:15:43 -06:00
Morris Jobke
feab1e5b94
Merge pull request #3162 from nextcloud/ldap-ocs
...
Part 1 of LDAP Backend OCS Api
2017-01-25 22:45:34 -06:00
Arthur Schiwon
03ae7b654f
Gracefully deny users or groups with too long DNs
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-25 17:10:51 +01:00
Morris Jobke
e46410e856
Add icon to admin page sidebar for LDAP
...
* follow up to nextcloud/server#3151
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-24 12:54:32 -06:00
Arthur Schiwon
91ed70f094
fix deletion for configIDs < s10
...
Also move ensureConfigIDExists checks into try, it might throw DB
related exceptions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 23:01:46 +01:00
Arthur Schiwon
9ca4065ef5
LDAP PUT command now supports setting multiple keys at once
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 22:01:08 +01:00
Arthur Schiwon
1f7b08bd19
LDAP OCS Api for show config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 15:19:20 +01:00
Arthur Schiwon
f2c9d04eac
test against OCS v2 instead
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 12:48:50 +01:00
Arthur Schiwon
01d469dfea
add LDAP OCS Api for modifying a configuration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 11:09:04 +01:00
Joas Schilling
17a7eaabcd
Add the icons for shipped apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-19 10:42:22 +01:00
Arthur Schiwon
18a75bec0d
fix and extend behat tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 10:04:15 +01:00
Arthur Schiwon
a515de54e7
LDAP OCS Api for delete config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 23:17:58 +01:00
Arthur Schiwon
689df9a843
LDAP OCS Api for create config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 21:13:23 +01:00
Arthur Schiwon
7887566cff
remove frequent, unimportant log message
...
Fixes #2585
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-19 23:36:11 +01:00
Arthur Schiwon
0c8e4b91d3
adjust: sanitizeDN resides in Helper
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:36:20 +01:00
Juan Pablo Villafáñez
efa1077872
Extract lowercase conversion out of the loop
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:47 +01:00
Arthur Schiwon
6496b95564
range support for LDAP read operations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:16 +01:00
Arthur Schiwon
1e5344ffe9
log exception about user not present on LDAP on login only if loglevel is set to debug
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-11-29 17:05:55 +01:00
Lukas Reschke
4c5e7d270a
Add tests
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 19:58:43 +01:00
root
861c8572c0
restore ldap_password_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
remove notification part
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizzz comments
Signed-off-by: Roger Szabo <roger.szabo@web.de>
morris comment
Signed-off-by: Roger Szabo <roger.szabo@web.de>
improved error message for changing password
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizz comments 20161013
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Adjust HintException usage
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2016-11-23 19:02:48 +01:00
Arthur Schiwon
dade28cadd
Merge branch 'master' into downstream-ldap-3
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-16 14:42:16 +02:00
Victor Dubiniuk
011d5f554c
Harden empty
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-13 00:53:34 +02:00
Arthur Schiwon
9e817e9e0b
symfony replaced table helper by class, fixes two broken LDAP occ commands
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 23:47:07 +02:00
Roeland Jago Douma
7d2f70ef72
Use more IConfig and add unit tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:51:13 +02:00
Roeland Jago Douma
bdf4bf4669
DI IConfig into ldap helper
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:18:18 +02:00
Roeland Jago Douma
1ba2b7e5d4
Do not query data that is already in the appconfig
...
This is already available. We better use a simple regex.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 09:39:20 +02:00
Arthur Schiwon
a30341823e
cache loginName2UserName and cover the method with unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 01:39:57 +02:00
Joas Schilling
82c29e1204
Log the error with display name
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 11:21:43 +02:00
Jörn Friedrich Dreyer
0ae9a2c9fe
Prevent user with empty uid
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-04 12:26:06 +02:00
Joas Schilling
01cf85e4e5
Fix the User_LDAP app
2016-09-12 16:48:11 +02:00
Roeland Jago Douma
013f691fe9
Fix phpdoc
2016-08-29 20:20:17 +02:00
Jörn Friedrich Dreyer
4d31caa6f8
fix a few minor code smells
2016-08-29 14:34:37 +02:00
Lukas Reschke
8a7a0f3287
Add unit tests
2016-08-15 16:25:34 +02:00
Arthur Schiwon
7a2b96c7e6
change casing in section display names
2016-08-13 00:06:10 +02:00
Arthur Schiwon
14ddf9d923
rename IAdmin to ISettings, the interface is not bound to a specific settings scope
2016-08-11 14:48:21 +02:00
Arthur Schiwon
1eb8b951c2
more admin page splitup improvements
...
* bump version to ensure tables are created
* make updatenotification app use settings api
* change IAdmin::render() to getForm() and change return type from Template to TemplateResponse
* adjust User_LDAP accordingly, as well as built-in forms
* add IDateTimeFormatter to AppFramework/DependencyInjection/DIContainer.php. This is important so that \OC::$server->query() is able to resolve the
constructor parameters. We should ensure that all OCP/* stuff that is available from \OC::$server is available here. Kudos to @LukasReschke
* make sure apps that have settings info in their info.xml are loaded before triggering adding the settings setup method
2016-08-10 15:21:25 +02:00
Arthur Schiwon
ceeb44bd04
Initial work on Apps page split:
...
* interfaces for the Admin settings (IAdmin) and section (ISection)
* SettingsManager service
* example setup with LDAP app
2016-08-09 18:05:09 +02:00