3628d4d65d
avoid unnecessary recursion
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-25 17:23:42 +02:00
9932b7498d
Merge pull request #6873 from nextcloud/ldap_proxy_redix_fix
...
Ldap proxy Redis fix
2017-10-19 12:03:04 +02:00
7de6f7cd07
Merge pull request #6677 from nextcloud/downstream-dont-reset-quota
...
don't reset quota
2017-10-19 11:42:37 +02:00
4388ec2231
Little bit of code cleanup
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-19 11:05:24 +02:00
a6760560c6
Do not check existance before fetch
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-10-19 11:03:31 +02:00
c9622ccb62
fix LDAP User deletion (cleanup)
...
discovered a bug in the integration test which lead to following a
different code path and giving a false-positive success feedback.
Also listens now to the evendispatcher instead of old hook system
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-29 11:44:04 +02:00
3e2015a24c
and add missing whitespaces to log outout
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-28 01:16:57 +02:00
d6d895dd74
Keep the current quota if no suitable quota is found
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-28 01:13:48 +02:00
5e74affea4
fix counting found results in search op
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
34f9590169
replace hard-coded attribute with the corresponding settings option
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
89f4e16cdb
fix limit-flaw in search on paged results
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
ba2e1c5db9
Merge pull request #5689 from nextcloud/fix-4117
...
LDAP: simplify returning the homePath and fixing #4117
2017-09-14 00:23:01 +02:00
cebbb1633a
Merge pull request #5642 from tobru/fix/groupOfUniqueNames_in_Wizard
...
recognize groupOfUniqueNames as valid LDAP group object
2017-09-05 13:33:15 +02:00
ff93dd7eb1
Merge pull request #5466 from jlehtoranta/ldap-connectivity-fixes
...
LDAP Connectivity Fixes
2017-09-04 18:31:32 +02:00
ab92e2ee14
listen to deletion hooks for proper handling, adjust and add tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:21 +02:00
efedc81c0a
simplify returning the homePath and fixing #4117
...
homesToKill was not set in runtime since some changes some place else. It
required deleteUser() to be called first. The method acts independent of it
now.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-08-31 23:03:16 +02:00
43facdb95f
Merge pull request #5616 from nextcloud/ldap-wizard-remove-LDAPTLS_REQCERT-attempt
...
LDAP Wizard: do not attempt to recognise cert issue by using LDAPTLS_REQCERT
2017-08-10 21:06:14 +02:00
45e2c415d4
Fix comparison in the ldap app
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-08-01 13:56:12 +02:00
ede15f0988
Fix L10N::t
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-08-01 08:20:17 +02:00
c27498db71
Use IConfig instead of static OCP\Config
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-27 13:43:18 +02:00
89a7b007f2
Fix comments
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-07-25 08:57:58 +02:00
69f6d42b17
LDAP: Simplify conditions in establishConnection
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
6103677a91
LDAP: Use imported exception in Connection class
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
79fbed4064
LDAP: Clean-up doConnect
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
d87375cbaa
LDAP: Throw an exception if disabling LDAP referrals fails
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
de9a9bc004
LDAP: Throw an exception if Start TLS fails
...
This ensures that only a secure connection to the LDAP server will be used,
if Start TLS has been enabled.
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
ee2c6e8215
LDAP: Remove unnecessary "recursion" fix
...
This reverts commit 86d72b9a61
2017-07-23 14:50:01 +03:00
039a836d4a
LDAP: Don't handle invalid credentials as a connection error
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
4e2e592635
LDAP: Connect to backup server only if it exists + handle errors
...
Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>
2017-07-23 14:50:01 +03:00
25439919f8
fix phpdoc return types (no code change)
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:12 +02:00
9b2f171cbd
do not attempt to recognise cert issue by using LDAPTLS_REQCERT
...
first, it does not work (at least not everywhere/reliably), second if it
did it was not reset properly. Removes a bit of complexity.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-07-21 14:55:11 +02:00
ddc804aa32
: Bigversal and LDAP
2017-07-14 15:46:05 +02:00
0ebec6f9a4
Rectify variable $uid->$user
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-07-10 18:46:39 +08:00
f8735a3205
recognize groupOfUniqueNames as valid LDAP group object
...
This was already partly done in f88109b
2017-07-07 08:29:58 +02:00
51ecc7ce11
suppress superflous php error on rejected password change
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-30 18:36:33 +08:00
bf9412df63
set needsPasswordReset flag correctly
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-22 15:58:30 +08:00
0fcbc0954c
pass missing function parameter
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-21 14:40:44 +08:00
b79f9cadc2
fix paging
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-26 13:44:43 +02:00
bd5d12528f
make sure used ldap connection resource is always up to date
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:45:48 +02:00
8c89bf7c59
moved to something a little less invasive. back to passing CR around.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:36:51 +02:00
8829d84949
special case for controlPagedResultResponse. It would be nice if there was a generic way to pass by reference with call_user_func_array..
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-05-25 00:34:52 +02:00
ba43a09380
Merge pull request #4512 from nextcloud/fix-translations-2
...
Fix translations
2017-04-26 08:57:08 -03:00
6c28c4ac8b
Use correct plural form and add special strings for tomorrow and today
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-26 09:34:59 +02:00
43f451e9e0
Fix usersInGroup retrieval
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 15:07:05 +02:00
685faad5ca
fix method name due to changes in master
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-25 13:03:08 +02:00
b1d646640a
Merge branch 'master' of https://github.com/Xuanwo/server into Xuanwo-master2
2017-04-25 12:42:17 +02:00
8db21ad8c8
user_ldap: Add support for gidNumber
...
This patch is based on the work of @dleeuw (https://github.com/dleeuw )
(See https://github.com/nextcloud/server/issues/2640#issuecomment-269615883 for more details).
The difference is user & group data will be written into cache to have
better performance, and functions splited from primaryGroupID series to
make them more readable.
Fixed https://github.com/nextcloud/server/issues/2640
Signed-off-by: Xuanwo <xuanwo@yunify.com>
2017-04-25 10:06:47 +08:00
42e805f057
Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr
...
Handle password expiry in user_ldap
2017-04-24 12:17:04 +02:00
727688ebd9
Adjust existing bruteforce protection code
...
- Moves code to annotation
- Adds the `throttle()` call on the responses on existing annotations
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-04-14 13:42:40 +02:00
229d17e13b
Change LDAP method names
...
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-12 10:10:07 -05:00
1729e4471f
Update comments to Nextcloud
...
* based on PR by @Ardinis
* see #4311
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-11 23:16:27 -05:00
5fa218051b
unit test adjustment
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-07 18:06:50 +08:00
f49ff74943
blizzz comments 03.04.2017 with caching
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:57:07 +08:00
33c8bf1857
blizzz comments 03.04.2017
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-04-06 16:26:41 +08:00
1853c1ade2
remove redundant tabs
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:27:50 +08:00
5e7723f15c
restore ldap_password_renew_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-03-31 15:16:22 +08:00
70f93bf53a
Merge pull request #4143 from nextcloud/ldap-downstream-64
...
Correctly apply quota
2017-03-30 14:10:21 +02:00
d17678b5b2
Merge pull request #4141 from nextcloud/ldap-downstream-9
...
Convert the group limit to match the same behaviour as the user search
2017-03-29 15:47:28 -06:00
636575e3de
Merge pull request #3329 from andreas-p/ldap_no-memberof-with-memberuid
...
Ldap no memberof with memberuid
2017-03-29 19:12:51 +02:00
3676189e05
Add comments in the updateQuota method to explain the behavior
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
f9832ff347
Check if the user exists before trying to set the quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:16 +02:00
3345a72e7e
Correctly apply quota
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 13:32:11 +02:00
9e2e0c4c30
Convert the group limit to match the same behaviour as the user search
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-03-29 12:49:08 +02:00
a5ba1f7803
Remove legacy class OC_Group and OC_User
...
* basically a straight replacement of the wrapped code at the calling code parts
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 17:35:09 -06:00
42ddb12fd9
Background jobs can take 4k of characters only. We find a good batch size.
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 20:06:25 +01:00
497ee3e3e6
Add repair steps
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 18:45:33 +01:00
45615cc940
add integration test for uuid attr detection
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 12:05:51 +01:00
f87812fdd6
Fix determining the UUID attribute, default of the override is null
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-02-17 02:06:10 +01:00
52ef851da3
Merge pull request #3421 from espro/freeipa-uuid-fix
...
Update uuidAttributes list to include FreeIPA's ipauniqueid
2017-02-15 08:07:58 -06:00
f7b8a31d63
Update uuidAttributes list to include FreeIPA's ipauniqueid
...
Signed-off-by: Brent Bloxam <brent.bloxam@gmail.com>
2017-02-10 10:23:13 -05:00
b64e48335f
Don't try to use memberof on posixgroups, since it doesn't support
...
memberUid attributes.
Signed-off-by: Andreas Pflug <dev@admin4.org>
2017-01-31 01:40:09 +01:00
9983e05121
LDAP's checkPassword should only catch when a user was not found, fixes #2431
...
Also fixes error processing after ldap_search, due to different return format
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-30 17:06:51 +01:00
3a603ab8b4
Merge pull request #3264 from nextcloud/ldap-deny-long-dns
...
Gracefully deny users or groups with too long DNs
2017-01-26 01:15:43 -06:00
feab1e5b94
Merge pull request #3162 from nextcloud/ldap-ocs
...
Part 1 of LDAP Backend OCS Api
2017-01-25 22:45:34 -06:00
03ae7b654f
Gracefully deny users or groups with too long DNs
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-25 17:10:51 +01:00
e46410e856
Add icon to admin page sidebar for LDAP
...
* follow up to nextcloud/server#3151
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-24 12:54:32 -06:00
91ed70f094
fix deletion for configIDs < s10
...
Also move ensureConfigIDExists checks into try, it might throw DB
related exceptions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 23:01:46 +01:00
9ca4065ef5
LDAP PUT command now supports setting multiple keys at once
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-20 22:01:08 +01:00
1f7b08bd19
LDAP OCS Api for show config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 15:19:20 +01:00
f2c9d04eac
test against OCS v2 instead
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 12:48:50 +01:00
01d469dfea
add LDAP OCS Api for modifying a configuration
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 11:09:04 +01:00
17a7eaabcd
Add the icons for shipped apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-19 10:42:22 +01:00
18a75bec0d
fix and extend behat tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-19 10:04:15 +01:00
a515de54e7
LDAP OCS Api for delete config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 23:17:58 +01:00
689df9a843
LDAP OCS Api for create config
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-01-18 21:13:23 +01:00
7887566cff
remove frequent, unimportant log message
...
Fixes #2585
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-19 23:36:11 +01:00
0c8e4b91d3
adjust: sanitizeDN resides in Helper
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:36:20 +01:00
efa1077872
Extract lowercase conversion out of the loop
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:47 +01:00
6496b95564
range support for LDAP read operations
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-12-05 11:29:16 +01:00
1e5344ffe9
log exception about user not present on LDAP on login only if loglevel is set to debug
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-11-29 17:05:55 +01:00
4c5e7d270a
Add tests
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-23 19:58:43 +01:00
861c8572c0
restore ldap_password_pr
...
Signed-off-by: Roger Szabo <roger.szabo@web.de>
remove notification part
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizzz comments
Signed-off-by: Roger Szabo <roger.szabo@web.de>
morris comment
Signed-off-by: Roger Szabo <roger.szabo@web.de>
improved error message for changing password
Signed-off-by: Roger Szabo <roger.szabo@web.de>
blizz comments 20161013
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Adjust HintException usage
Signed-off-by: Roger Szabo <roger.szabo@web.de>
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2016-11-23 19:02:48 +01:00
dade28cadd
Merge branch 'master' into downstream-ldap-3
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-16 14:42:16 +02:00
011d5f554c
Harden empty
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-13 00:53:34 +02:00
9e817e9e0b
symfony replaced table helper by class, fixes two broken LDAP occ commands
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-12 23:47:07 +02:00
7d2f70ef72
Use more IConfig and add unit tests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:51:13 +02:00
bdf4bf4669
DI IConfig into ldap helper
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 10:18:18 +02:00
1ba2b7e5d4
Do not query data that is already in the appconfig
...
This is already available. We better use a simple regex.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-10-10 09:39:20 +02:00
a30341823e
cache loginName2UserName and cover the method with unit tests
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2016-10-07 01:39:57 +02:00
82c29e1204
Log the error with display name
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-10-06 11:21:43 +02:00
Arthur Schiwon
Lukas Reschke
Roeland Jago Douma
Juan Pablo Villafáñez
Morris Jobke
Joas Schilling
Jarkko Lehtoranta
Allan Nordhøy
Roger Szabo
Tobias Brunner
bline
Xuanwo
Roeland Jago Douma
Brent Bloxam
Andreas Pflug
Arthur Schiwon
Victor Dubiniuk