Commit Graph

446 Commits

Author SHA1 Message Date
Arthur Schiwon 4f910221c4 fix runtime caching in ldap's user manager, fixes #17631 2015-07-17 18:57:56 +02:00
blizzz bfb90d10ed Merge pull request #17046 from nicolas-grekas/fix-16654
Do not use OC*::mb_*_replace(), they are useless
2015-07-16 11:35:25 +02:00
Nicolas Grekas 472d48f6e3 Do not use OC*::mb_*_replace(), they are useless 2015-07-16 11:00:04 +02:00
Arthur Schiwon bfdf39b9bd LDAP: when checking group for matching filter, also take base DN into consideration. Fixes #17516 2015-07-09 12:19:04 +02:00
Thomas Müller 0a23d566ba Merge pull request #17255 from owncloud/fix-17119
[LDAP] Filter user groups obtained by memberof
2015-07-01 00:33:39 +02:00
Arthur Schiwon 8625a8cf23 ensure groups match filter when using memberOf to read users group, refs #17119 2015-06-26 16:42:11 +02:00
Morris Jobke f63915d0c8 update license headers and authors 2015-06-25 14:13:49 +02:00
Thomas Müller 4747c7f509 Merge pull request #16736 from owncloud/utilize-member-of
Utilize memberOf to boost loading time on users page (depending on LDAP server config)
2015-06-10 08:47:53 +02:00
Arthur Schiwon 6f69fab384 port detection needs to take care of now thrown exceptions when LDAP server is not available 2015-06-04 16:28:48 +02:00
Arthur Schiwon 090478a95e if possible, getUserGroups should get memberships using memberOf virtual attribute 2015-06-03 17:38:27 +02:00
Arthur Schiwon 91841bb25d Implement a faster way for checking availability of memberOf. Users tab in the wizard benefits. 2015-06-03 15:23:37 +02:00
Morris Jobke cf2c599218 Merge pull request #16200 from owncloud/kill-globalfilecache
Drop file caching
2015-06-02 09:11:33 +02:00
Arthur Schiwon cdb0689334 handle unallowed auth exception on port detection 2015-05-18 18:14:05 +02:00
Arthur Schiwon 5a56393657 throw exception on LDAP error 1, which we usually do not see and is pretty generic. AD uses is for uses not enlisted in the RFC, like on issues with anonymous binds. we also try to guess this case and show a hint. 2015-05-18 18:14:05 +02:00
Arthur Schiwon b9e5309757 catch unallowed anonymous auth attempt and show specific error 2015-05-18 18:14:05 +02:00
Thomas Müller 8e61ad0872 Merge pull request #15811 from owncloud/exception-on-lost-ldap-connection
throw exception when LDAP Connection was lost
2015-05-15 17:32:07 +02:00
Arthur Schiwon 90611e6594 only use memcache, if available 2015-05-08 13:27:27 +02:00
Arthur Schiwon 57e8b76f48 drop global file cache support, fixes #15621 2015-05-07 14:52:44 +02:00
Arthur Schiwon 0e7fd82e89 cleanup 2015-05-05 14:21:12 +02:00
Arthur Schiwon b96b0063f6 throw exception when LDAP Connection was lost 2015-04-22 15:39:28 +02:00
Arthur Schiwon 66bc8145a9 allow login names to be used for s2s with LDAP users 2015-04-13 11:50:09 +02:00
Jörn Friedrich Dreyer fafecd1c05 fix cherrypicking 2015-04-10 11:08:24 +02:00
Morris Jobke 1427ea78d4 fix typo and comment 2015-04-10 09:12:37 +02:00
Morris Jobke 5626a02d69 throw exception if setup is incomplete 2015-04-10 09:12:37 +02:00
Jörn Friedrich Dreyer 077ab27281 fix_tests
Conflicts:
	apps/user_ldap/tests/user_ldap.php
2015-04-10 09:12:37 +02:00
Jörn Friedrich Dreyer 488405d1ec do not hide exception when ldap server has a hiccup 2015-04-10 09:12:37 +02:00
Arthur Schiwon 60bf934e6f change default value of ldap_tls to 0. It will be detected anyway, but starting with 0 will lead to errors and unconfigurability 2015-04-09 21:05:20 +02:00
Arthur Schiwon b4c96e6ba0 cleanup 2015-04-09 14:01:39 +02:00
Arthur Schiwon 5355c285fc LDAP Wizard Overhaul
wizard refactor

reimplement save spinners and cursor

implement Port detector

introduced detector queue, added base dn detector

disable input fields when detectors are running

introduce spinners for fields that are being updated by detector

cache jq element objects

consolidate processing of detector results in generic / abstract base class

display notification if a detector discovered a problem

don't run base dn detector if a base is configured

reset detector queue on configuration switch

implement functionality check and update of status indicator

document ConfigModel

jsdoc for controller and main view

more documentation

implement the user filter tab view

so far the multiselects get initialized (not filled yet) and the mode can be switched.

mode is also restored.

reintroduce filter switch confirmation in admin XP mode

new detector for user object classes. so we also load user object classes if necessary and are able to save and show the setting.

multiselect trigger save actions now on close only

show spinners automatically, when a detector is running

20k limit for object classes preselection test

adjust wordings, fix grammar

add group (for users tab) detector

also includes wording fixes

error presentation moved from detectors to view, where it belongs

add info label to users page

missing wording changes

show effective LDAP filter in Assisted Mode

add user filter detector

implement count button for users and limit all count actions to 1001 for performance reasons

make port field a bit bigger. not perfect though.

do not detect port automatically

implement login filter tab view

only load features in assisted mode and don't enable assisted fields while in raw mode

add tooltips on login filter checkbox options for better understanding

permanently show filter on login tab

and also compile login filter in assisted mode

test/verify button on login attributes tab, with backend changes.

only run wizard requests if your an active tab. also run compile filter requests when switching to assisted mode

underline toggle filter links to stress that they are clickable

unity user and group tab functionality in common abstract class, add group filter tab view. only detectors and template adjustments left to have group tab implementation complete

add object class and group detector for groups as well as filter composer

show ldap filter permanently on groups tab

introduce input element that can deal better with many groups, will be used with > 40

fix disabling complex group chooser while detection is running

hide complex group chooser on config switch

fix few more issues with complex chooser

make complex group chooser available on Users tab as well

detect base dn improvements/changes:

- do not look for Base DN automatically, offer a button instead
- fix for alternative way to detect a base dn (if agent dn is not given)
- do not trigger filter composers on config switch

Changes with configuration chooser controls

- "New" was removed out of the configuration list
- and split into buttons "add" and "copy"
- delete button is also now an icon

add test button for Base DN

reimplement advanced tab. The save button is gone.

reimplement expert tab

remove unused methods

implement mail attribute detector

implement user display name attribute detection

implement member group association detector

replace text input with textarea for raw filter input

finish functionality check

auto-enable good configurations, as it was before

cleanup

move save confirmation handling to base class, reduces code duplication

enable tabs only if no running save processes are left.

move onConfigLoaded to base class, avoids code duplication

simplify, save LOCs

Test Configuration button to be dealt with in main view as it is a cross-tab element

require detectorQueue in constructor

cleanup

put bootstrap into a function and thus make it testable

get rid of old stuff
2015-04-09 09:47:49 +02:00
Jenkins for ownCloud b585d87d9d Update license headers 2015-03-26 11:44:36 +01:00
Arthur Schiwon f28f7754ae support paged results against 389ds. 2015-03-12 22:47:20 +01:00
Arthur Schiwon 42d3ed47e2 set up paged search when limit is 0 2015-03-05 13:15:21 +01:00
Morris Jobke 06aef4e8b1 Revert "Updating license headers"
This reverts commit 6a1a4880f0.
2015-02-26 11:37:37 +01:00
Lukas Reschke 52495dc995 Merge pull request #13740 from owncloud/fix-12190-2
Include primary groups in user and login filter when restricting group access and also fix user counting in primary groups
2015-02-24 16:37:49 +01:00
Jenkins for ownCloud 6a1a4880f0 Updating license headers 2015-02-23 12:13:59 +01:00
Morris Jobke 1bb6de7c1b Merge pull request #13425 from owncloud/phpdoc_cleanup
Cleanup of PHPDoc return types
2015-02-10 01:14:00 +01:00
Morris Jobke 166c4e266f Reduce log level of bind failed to WARN - fixes #11624 2015-02-03 11:44:28 +01:00
Arthur Schiwon 73600cfdd8 and escape the search term 2015-01-29 00:27:05 +01:00
Arthur Schiwon 323af55b50 inlcude AD primary group in user filter, if a group is selected. fixes #12190 2015-01-28 14:12:12 +01:00
Arthur Schiwon 9cb1ef5675 this must be larger then (>), since buggy behaviour occurs when the parameter is a small number 2015-01-20 17:50:53 +01:00
Robin McCorkell 2b99fc76ec Cleanup of PHPDoc return types 2015-01-16 20:30:43 +00:00
Arthur Schiwon f28235a7ef fix retrieval of user groups 2015-01-12 16:25:11 +01:00
Lukas Reschke a5099b01f9 Merge pull request #12984 from owncloud/ldap-user-cleanup-master
Ldap user cleanup master
2015-01-09 10:47:02 +01:00
Arthur Schiwon c1a79d24c5 fix order of initalizing instance properties, and paremeter order in a method call 2015-01-08 17:45:07 +01:00
Arthur Schiwon c7f273040e fix table name for getList 2015-01-08 14:21:40 +01:00
Arthur Schiwon 9668405ec7 doc fixes and removal of unnecessary use statements 2015-01-07 13:28:56 +01:00
Arthur Schiwon b9235e2a24 inject DB Connection to user manager 2015-01-07 00:52:18 +01:00
Arthur Schiwon 40ecd30fba inject oc config to User_LDAP 2015-01-06 23:28:49 +01:00
Arthur Schiwon e724b78694 smaller fixes: coding style, PHPdoc, typos and few for DI 2015-01-06 17:50:06 +01:00
Lyonel Vincent f94b300602 Be less verbose when using a paged search
Lower the priority from INFO to DEBUG
2014-12-24 16:35:36 +01:00
Lyonel Vincent 5a00b33a90 Be less verbose when disabling SSL cert validation
change log level from WARN to DEBUG
2014-12-24 16:32:27 +01:00
Arthur Schiwon 61ed363f82 planned refactorings for OC 8 2014-12-20 18:28:29 +01:00
Arthur Schiwon 3ca70d647a move from \OC\Preferences to \OCP\IConfig 2014-12-20 16:33:37 +01:00
Arthur Schiwon 144d95de7d basic adjustments for OC 8. I.e. no visible issues, LDAP tests pass. 2014-12-20 16:09:04 +01:00
Arthur Schiwon 4fa39250e7 LDAP User Cleanup: Port from stable7 without further adjustements
LDAP User Cleanup

background job for user clean up

adjust user backend for clean up

register background job

remove dead code

dependency injection

make Helper non-static for proper testing

check whether it is OK to run clean up job. Do not forget to pass arguments.

use correct method to get the config from server

methods can be private, proper indirect testing is given

no automatic user deletion

make limit readable for test purposes

make method less complex

add first tests

let preferences accept limit and offset for getUsersForValue

DI via constructor does not work for background jobs

after detecting, now we have retrieving deleted users and their details

we need this method to be public for now

finalize export method, add missing getter

clean up namespaces and get rid of unnecessary files

helper is not static anymore

cleanup according to scrutinizer

add cli tool to show deleted users

uses are necessary after recent namespace change

also remove user from mappings table on deletion

add occ command to delete users

fix use statement

improve output

big fixes / improvements

PHP doc

return true in userExists early for cleaning up deleted users

bump version

control state and interval with one config.php setting, now ldapUserCleanupInterval. 0 will disable it. enabled by default.

improve doc

rename cli method to be consistent with  others

introduce ldapUserCleanupInterval in sample config

don't show last login as unix epoche start when no  login happend

less log output

consistent namespace for OfflineUser

rename GarbageCollector to DeletedUsersIndex and move it to user subdir

fix unit tests

add tests for deleteUser

more test adjustements

Conflicts:
	apps/user_ldap/ajax/clearMappings.php
	apps/user_ldap/appinfo/app.php
	apps/user_ldap/lib/access.php
	apps/user_ldap/lib/helper.php
	apps/user_ldap/tests/helper.php
	core/register_command.php
	lib/private/preferences.php
	lib/private/user.php

add ldap:check-user to check user existance on the fly

Conflicts:
	apps/user_ldap/lib/helper.php

forgotten file

PHPdoc fixes, no code change

and don't forget to adjust tests
2014-12-19 19:47:54 +01:00
Arthur Schiwon ec0f80fee9 Split mapping from Access and Helper classes into it's own. Fully test them, too.
remove unused methods

split mapping methods off from Access class

fix DB query handling

move 'clear mapping' methods from static helper to new mapping class

add tests

test directly with DB

finishing tests and fix return value from setDNbyUUID

add corresponding class for groups and make abstract test class neutral. helper tests is now obsolete as the tested functions were moved to the new mapper class.

add missing info to PHPDoc

add unmap method

fix namespaces

fix test inheritance

PHPDoc and a small code restructure for scrutinizer, no effective changes

PostgreSQL does not accept LIMIT in DELETE queries

phpdoc fixes, no code changes
2014-12-19 18:26:12 +01:00
Morris Jobke d41082f4d6 first step to drop \OCP\Config:: in favour of IConfig 2014-12-17 11:12:37 +01:00
Arthur Schiwon 0577bb569a add doc 2014-12-08 17:22:52 +01:00
Arthur Schiwon 45443ee28c preserve an asterisk at the start when escaping a search term 2014-12-08 17:19:57 +01:00
Arthur Schiwon ee168a121d Forward port of #12493
add ldap-search command to occ

Conflicts:
	apps/user_ldap/appinfo/register_command.php

LDAP search filter creation changes:

1. do not prepend * wildcard to search terms. Will result in faster search, but
you don't find "foobar"  when looking for "bar"
2. advanced behaviour when search string contains a space and multiple search
attributes are present. The search string is split into single words. The
resulting filter requires that each word at least appears once in any search
attribute. This is supposed to return better results in big LDAPs.

trim search string before passing it on
2014-12-04 19:02:09 +01:00
Arthur Schiwon c07c338c90 fix counting when ldapPagingSize is 0 2014-11-21 14:51:20 +01:00
Arthur Schiwon 6b6147dafd phpdoc and mixed up letters 2014-11-20 18:31:40 +01:00
Arthur Schiwon 4a3fe42b16 a corrected email attribute needs to be saved, not only returned 2014-11-20 18:31:39 +01:00
Arthur Schiwon f9b4f5f4e5 to reassure that selected attributes still work, do not count all matching entries but limit it to 1 in order to make it faster 2014-11-20 18:31:39 +01:00
Arthur Schiwon 71944a59a5 detectors (email, displayname..) are now started in one place, triggered from only 2 places. more reliable structure and flow, saves requests 2014-11-20 18:31:39 +01:00
Arthur Schiwon f725cc66a3 consolidate user count filter in wizard and user back end 2014-11-20 18:31:39 +01:00
Arthur Schiwon cb3af1dce2 detect user display name attribute and return user count depending on its presence 2014-11-20 18:31:39 +01:00
Morris Jobke 081787d6ae Fix infinite loop if count and limit is 0
* otherwise it will always think it hits the limit and need another round to fetch additional results
2014-11-11 12:15:30 +01:00
blizzz b26f11c16f Merge pull request #11362 from mark0n/rm_ldap_conf_cli
Add a CLI command that deletes an LDAP config
2014-11-04 13:19:45 +01:00
blizzz dc9ea893fd Merge pull request #11172 from owncloud/user-ldap-no-bcmath
Fix ldap convertSID2Str() / Remove BCMath dependency
2014-11-03 14:03:26 +01:00
Andreas Fischer d1410b46a9 user_ldap: Reimplement convertSID2Str() without BCMath dependency.
Also explicitly format sub-id integers as unsigned, which is required for
32-bit systems.
2014-11-03 12:07:53 +01:00
Lukas Reschke d060180140 Use function outside of loop
Otherwise the function is executed n times which is a lot of overhead
2014-10-24 12:27:53 +02:00
Arthur Schiwon 4e8c7570d4 make performance less bad. Still far from good, but at least it works 2014-10-17 20:16:04 +02:00
blizzz 8553e04a78 Merge pull request #11478 from owncloud/fix-11448
LDAP: add setting to wizard that disables auto-detection and enables raw mode
2014-10-16 15:35:30 +02:00
Arthur Schiwon ab3535855f more beautiful white spaces 2014-10-08 15:04:29 +02:00
Arthur Schiwon 67292a5345 add checkbox for experienced users to server tab 2014-10-07 16:43:58 +02:00
Arthur Schiwon 6c502e11f8 make scrutinizer happy, very minor changes 2014-10-01 11:55:53 +02:00
Arthur Schiwon f9e085b020 init a new paged search on read operations to satisfy OpenLDAP 2014-09-30 17:00:25 +02:00
Arthur Schiwon 2b9696efae abandond paged search only if PHP supports them 2014-09-30 13:13:52 +02:00
Arthur Schiwon 53ec32807a abandon ongoing paged search before starting a new one 2014-09-30 12:42:37 +02:00
Arthur Schiwon 9a63693227 properly cancel a Paginated Results operation in order to avoid protocol errors, fixes #10526 2014-09-30 12:42:37 +02:00
Martin Konrad fd9b79b218 Add a CLI command that deletes an LDAP config
With this change LDAP configurations can be managed completely from
the command line.
2014-09-30 03:23:00 +02:00
Arthur Schiwon 6041ae6224 dn needs to be fetched to be able to detect memberOf support 2014-09-26 15:36:49 +02:00
Lukas Reschke 45b17207cc Merge pull request #10745 from owncloud/fix-10708-doctrine
Use Doctrine Platform to generate SQL query for table truncation.
2014-09-16 23:56:20 +02:00
Thomas Müller 7e2bff8545 adding unit test to truncate the table 2014-09-16 16:17:25 +02:00
Arthur Schiwon 3c9668f605 if only one attribute is requested, the returned array has 0 as key instead of attribute name. fixes #10888 2014-09-05 14:05:37 +02:00
Robin Appelman d0266c0bf8 Use public api for getting l10n 2014-08-31 10:08:22 +02:00
Andreas Fischer 7458e21f2c Use Doctrine Platform to generate SQL query for table truncation. 2014-08-29 20:53:51 +02:00
Arthur Schiwon 371cab367d trigger email detection by Wizard upon any user filter filter change. before it happenend only upon user automatic list filter creation, but not on manual editing 2014-08-29 11:14:36 +02:00
Arthur Schiwon 34761dabb1 write log message, if original value was changed 2014-08-29 11:14:36 +02:00
Arthur Schiwon f47a4a8c15 add unit test for mail detection 2014-08-29 11:14:35 +02:00
Arthur Schiwon 441c600c90 remove Access as hard dependency, inject it instead 2014-08-29 11:14:16 +02:00
Arthur Schiwon baa49cd58a Wizad: email attribute detection 2014-08-29 11:14:16 +02:00
Arthur Schiwon dbd51d15e1 Port of #8623
set result entry identifier earlier, i.e. before a continue for the same level can happen. otherwise  will always get the same value and we end up in an infinite loop

add unit test to make sure the infinite loop never comes back

Conflicts:
	apps/user_ldap/tests/wizard.php
2014-08-28 11:52:33 +02:00
blizzz 8f7676c762 Merge pull request #10340 from owncloud/fix-9887
better check whether string resembles a DN, fixes #9887
2014-08-18 19:24:41 +02:00
blizzz c46b60e822 Merge pull request #9848 from dupondje/master
Fix memberOf detection. Fixes: #9835
2014-08-11 16:58:30 +02:00
Arthur Schiwon fc6793f2ae better check whether string resembles a DN, fixes #9887 2014-08-11 16:40:41 +02:00
Jean-Louis Dupond e46fc7a18a Fix initializing in #9848 2014-08-11 13:50:13 +02:00
Jean-Louis Dupond fc662917e7 Fix remarks in #9848 2014-08-11 09:15:56 +02:00
Arthur Schiwon 2676e681e9 ldap_ prefix will be added in invokeLDAPMethod(), having it would lead to a unexisting function, fixes #9829 2014-08-07 17:15:36 +02:00