Commit Graph

245 Commits

Author SHA1 Message Date
Robin Appelman dd477d30f9
dont allow creating users with __groupfolders as uid
Fixes https://github.com/nextcloud/groupfolders/issues/338

Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-03-16 19:03:10 +01:00
Roeland Jago Douma 618805b14f Fix RedundantPropertyInitializationCheck
For #25839

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2021-03-09 09:49:45 +01:00
Lionel Elie Mamane f99f463834 token login: emit preLogin event with LoginName
to bring it in line with normal (non-token) login.

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2021-02-19 22:27:46 +01:00
Joas Schilling 645f83121e
Cache the user backend info for 300s
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-02-15 10:36:08 +01:00
Christoph Wurst 81302f78e5
Merge pull request #24948 from nextcloud/dependabot/composer/doctrine/dbal-3.0.0
Bump doctrine/dbal from 2.12.0 to 3.0.0
2021-01-08 14:58:43 +01:00
Christoph Wurst 8b64e92b92
Bump doctrine/dbal from 2.12.0 to 3.0.0
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-01-08 11:45:19 +01:00
Robin Appelman c374bbf14d
allow authenticating using urlencoded passwords
this allows authenticating with passwords that contain non ascii-characters in contexts that otherwise do not allow it (http basic)

Signed-off-by: Robin Appelman <robin@icewind.nl>
2021-01-07 10:43:43 +01:00
Christoph Wurst d89a75be0b
Update all license headers for Nextcloud 21
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-12-16 18:48:22 +01:00
Morris Jobke 5cc348ae72
Fix typo
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-12-04 12:51:45 +01:00
Roeland Jago Douma 48b4b83b5a
Remember me is not an app_password
While technically they are stored the same. This session variable is
used to indicate that a user is using an app password to authenticate.
Like from a client. Or when having it generated automatically.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-12-04 12:40:28 +01:00
Morris Jobke d87705a894
Allow subscription to indicate that a userlimit is reached
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-12-02 15:20:03 +01:00
Morris Jobke 9bf76d2bad
Streamline user creation and deletion events
CreateUserEvent was the only one that didn't matched the naming scheme of BeforePASTTENSEEvent and PASTTENSEEvent. The event wasn't used at all so this just removes it again as there is BeforeUserCreatedEvent that is also available since 18.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-23 23:59:52 +01:00
Roeland Jago Douma e93823cba0
Bearer must be in the start of the auth header
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-11-06 08:32:50 +01:00
Morris Jobke fd3d7c394a
Deprecate old user manager events for user creation
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-11-04 21:19:16 +01:00
Christoph Wurst 7e72866811
Type the \OCP\IUserManager::callForSeenUsers closure with Psalm
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-28 19:21:00 +01:00
Christoph Wurst d9015a8c94
Format code to a single space around binary operators
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-10-05 20:25:24 +02:00
Robin Appelman 674db6da88
add event to allow apps to overwrite user quota
Signed-off-by: Robin Appelman <robin@icewind.nl>
2020-09-17 16:32:48 +02:00
Christoph Wurst 1f7f93a695
Update license headers for Nextcloud 20 (again)
There are still lots of outdated headers, so time for another round of
updates.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-09-07 14:37:44 +02:00
Lionel Elie Mamane ac8b40b8b1
Return correct loginname in credentials,
even when token is invalid or has no password.

Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.

Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase

Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
2020-08-20 16:02:22 +02:00
Morris Jobke fedf9c69d9
Use matching parameter names form interfaces and implementations
Found by Psalm 3.14.1

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-08-19 18:16:35 +02:00
Morris Jobke 4a7d7e446f
User.php: rename of old dispatcher to legacyDispatcher
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-30 10:21:08 +02:00
Morris Jobke 36ee37ec0a
Migrate OC_Group post_removeFromGroup hook to actual event object
Ref #14552

This adds a BeforeUserRemovedEvent to the LDAP backend because it was missing. It's not really before, but we don't have the before state.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2020-07-30 10:21:08 +02:00
Christoph Wurst 5b92f35fe2
Log why a token is not valid during password check
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-05-27 09:58:44 +02:00
Christoph Wurst cb057829f7
Update license headers for 19
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-29 11:57:22 +02:00
Julius Härtl d74e9045ac
Delete avatar if a user is deleted
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2020-04-24 16:27:17 +02:00
Roeland Jago Douma cbcf072b23
Revert "Make sure MySQL is not saying 'this' = 'this ' is true" 2020-04-15 23:49:16 +02:00
Joas Schilling 16e9bf2309
Make sure MySQL is not saying 'this' = 'this ' is true
Signed-off-by: Joas Schilling <coding@schilljs.com>
2020-04-15 09:14:12 +02:00
Christoph Wurst 734c62bee0
Format code according to PSR2
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:56:50 +02:00
Christoph Wurst 28f8eb5dba
Add visibility to all constants
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 16:54:27 +02:00
Christoph Wurst caff1023ea
Format control structures, classes, methods and function
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 14:19:56 +02:00
Christoph Wurst 14c996d982
Use elseif instead of else if
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-10 10:35:09 +02:00
Christoph Wurst 008e6d7e84
Merge pull request #20391 from nextcloud/refactor/spaces-cleanup
Remove all extra whitespace PSR2 does not like
2020-04-09 20:39:37 +02:00
Christoph Wurst 64510932b8
Merge pull request #20384 from nextcloud/techdebt/lowercase-keywords
Use php keywords in lowercase
2020-04-09 16:25:14 +02:00
Christoph Wurst 44577e4345
Remove trailing and in between spaces
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 16:07:47 +02:00
Christoph Wurst 36b3bc8148
Use php keywords in lowercase
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 14:04:56 +02:00
Christoph Wurst afbd9c4e6e
Unify function spacing to PSR2 recommendation
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 13:54:22 +02:00
Christoph Wurst 2fbad1ed72
Fix (array) indent style to always use one tab
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-09 10:16:08 +02:00
Christoph Wurst 85e369cddb
Fix multiline comments
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-04-08 22:24:54 +02:00
Roeland Jago Douma 19ca921676
Merge pull request #20241 from nextcloud/fix/license-headers-19
Update the license headers for Nextcloud 19
2020-04-01 12:44:21 +02:00
Roeland Jago Douma 84f3d2ddeb
[POC] Event for failed login attempts
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2020-03-31 21:41:02 +02:00
Christoph Wurst 1a9330cd69
Update the license headers for Nextcloud 19
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-31 14:52:54 +02:00
Christoph Wurst 463b388589
Merge pull request #20170 from nextcloud/techdebt/remove-unused-imports
Remove unused imports
2020-03-27 17:14:08 +01:00
Christoph Wurst b80ebc9674
Use the short array syntax, everywhere
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-26 16:34:56 +01:00
Christoph Wurst 74936c49ea
Remove unused imports
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-25 22:08:08 +01:00
Christoph Wurst df9e2b828a
Fix mismatching docblock return types
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2020-03-06 16:38:25 +01:00
Christoph Wurst d808f9c053
Add typed events for all user hooks and legacy events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-11 10:00:24 +01:00
Christoph Wurst 5bf3d1bb38
Update license headers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +01:00
Joas Schilling dd53fad898
Prevent creating users with existing files
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-12-04 15:21:50 +01:00
Christoph Wurst cc80339b39
Add typed create user events
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-12-03 08:03:57 +01:00
Christoph Wurst 1a886b1472
Add typed events for password_policy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-11-27 09:56:12 +01:00