Commit Graph

74 Commits

Author SHA1 Message Date
Arthur Schiwon 49eaef63c2 fixes auto-detecting UUID attributes
the continue (and later the early return) avoided proper looping over the
attribute candidates.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-03-20 10:10:23 +00:00
Arthur Schiwon 3200eedc4c remove noise from detectUuid and cache results
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-02-24 19:06:57 +00:00
Arthur Schiwon 1fa8fc71c5 cache group existence early to save useless requests to LDAP
we do it for users already

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-08 13:23:51 +00:00
Arthur Schiwon 7a31a482f4
fix call of a protected method by a different class
was due to a backport while relying on not backported changes

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-10-21 12:50:47 +02:00
Arthur Schiwon c868892d2d
iterate over bases instead of doing parallel search
parallel search is not compatible with paged search, but the letter is
usually always applied.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-01-28 23:00:59 +01:00
Arthur Schiwon c32cc4a194
cache users as existing after mapping
during login they might be cached as non-existing and cause an Exception
in the long run

reduces some duplication, too

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-11-27 17:07:59 +01:00
Daniel Kesselberg 6ce849f7b8
Add return type
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-25 12:30:54 +01:00
Daniel Kesselberg d17b32afd7
Fix count on string
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-24 22:06:45 +01:00
Arthur Schiwon 0c5d9127e8
remove app specific IUserTools and consolidate test
Just some house keeping. IUserTools with used in even older days for
easier creation of Access instances…

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-30 22:44:50 +01:00
Arthur Schiwon 05f909dcf3
fixes wrong variable usage
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-26 18:03:41 +02:00
Arthur Schiwon 2048872f9e
functions that were checked for are present since PHP 5.4, supported is >=/
* so the check from older days is really not necessary anymore
* resolves #10923

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-25 22:50:42 +02:00
Arthur Schiwon a39c995083
FIX: emit assignedUserId only for users
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-09 23:45:11 +02:00
Arthur Schiwon 73cacb8896
check user state when fetching to avoid dealing with offline objects
fixes #9502

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-05-29 01:10:03 +02:00
Arthur Schiwon 38a90130ce
move log constants to ILogger
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Arthur Schiwon ed5f53bd49
Access needs UserManager, missed to add in #8833
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-23 15:58:50 +02:00
Arthur Schiwon f1565336bd
DI for NC's user manager
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:24 +02:00
Arthur Schiwon 373a1d5391
more consistent naming
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:15 +02:00
Arthur Schiwon 8fe914f07e
LDAP backend to emit announce and revoke signals on mapping changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:38:39 +02:00
Arthur Schiwon cbf60f2e91
existence check works without attribute (like with users)
cn is not necessarily given everywhere

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-15 15:47:44 +01:00
Morris Jobke cccf6f4d5f
Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members
Apply ldapUserFilter on members of group
2018-03-08 13:19:02 +01:00
Roland Tapken 2472b93fd9 dn2ocname: also apply group filter to readAttribute()
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-03-07 12:18:46 +01:00
Arthur Schiwon 47a10bd25a
treat iconv issues
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 14:03:08 +01:00
Arthur Schiwon 4f8c724318
typo + phpdoc
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 13:30:28 +01:00
Arthur Schiwon 8607992e85
do not create empty userid when attribute does not have allowed chars
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 17:44:06 +01:00
Morris Jobke e2974f1133
Simplify return statement
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-13 21:55:24 +01:00
Roland Tapken cf4ec7a4b6 Apply ldapUserFilter on members of group
Refers to issue #8220

user_ldap configured with custom filters for active directory access
(group-member-association is "member"). Then it can happen that the
members of a group contain members that don't belong to the users
available in Nextcloud (the most trivial reason is that the user filter
contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude
disabled users from being imported).

This can be fixed by applying the ldapUserFilter when resolving the UID
for a DN fetched from the group's member list.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-02-07 12:02:58 +01:00
Morris Jobke a661f043e1
Remove unneeded semicolon and parentheses
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 23:46:40 +01:00
Morris Jobke 2ad2eb38e8
Use type casting instead of *val() method
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 15:01:27 +01:00
Arthur Schiwon b61b906abe
do not catch ServerNotAvailable
might cause the user to be unavailable (race condition).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-26 12:47:19 +01:00
Morris Jobke 55532f19d9
Cleanup OC_User and OCP\User
* mainly removes deprecated methods and old static code

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 18:39:11 +01:00
Arthur Schiwon f84ec92563
revert resolving of recursion (3628d4d65d)
without recursion we have issues with internal states. paged search status
are set to false, cookies are not being set. In the end we have  endless
requests which pile up enormously with a high initial offset.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 15:17:18 +01:00
Arthur Schiwon 15a3f4659f
enrich log message with backtrace, but level it down to DEBUG
The message is not helpful anyway for an admin, and oftentimes is just
valid (e.g. when searching with an offset beyond users in LDAP).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:17:14 +01:00
Arthur Schiwon 82fd09c294
don't show recurring msg when pages result was turned off
and only as debug level otherwise.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-21 14:29:56 +01:00
Morris Jobke defac0ff0d
Fixes hex2bin() in LDAP
Untangles the two if-else clauses into a more readable format.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-13 11:57:49 +01:00
Arthur Schiwon 27f14eee26
don't cache user, if no internal user id was retrieved/assigned
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 22:47:32 +01:00
Arthur Schiwon 991190b994
ensure that users are cached when they are retrieved
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 17:49:33 +01:00
Arthur Schiwon 419759e68b
resolve DI
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:59 +01:00
Arthur Schiwon 59c05d5447
move LDAP user attributes "sync" to background (except for ajax jobs)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:56 +01:00
Arthur Schiwon ef3cd32916
don't skip updating when ajax is set as background job mode
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:04 +01:00
Arthur Schiwon c6f1af9896
move ldap user sync to background (WIP)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:09:59 +01:00
Morris Jobke 0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Arthur Schiwon 3628d4d65d
avoid unnecessary recursion
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-25 17:23:42 +02:00
Arthur Schiwon 5e74affea4
fix counting found results in search op
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Arthur Schiwon 89f4e16cdb
fix limit-flaw in search on paged results
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Roger Szabo 51ecc7ce11 suppress superflous php error on rejected password change
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-30 18:36:33 +08:00
Arthur Schiwon b79f9cadc2
fix paging
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-26 13:44:43 +02:00
Arthur Schiwon bd5d12528f
make sure used ldap connection resource is always up to date
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:45:48 +02:00
bline 8c89bf7c59
moved to something a little less invasive. back to passing CR around.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:36:51 +02:00
bline 8829d84949
special case for controlPagedResultResponse. It would be nice if there was a generic way to pass by reference with call_user_func_array..
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:34:52 +02:00
blizzz 42e805f057 Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00