The migration path is hard and unexpected. We can follow-up with a soft
setup check instead for a while, but needs to be discussed.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
- the old approach lead connection issues, as ldap_set_option was called
too late. Specifically it needs to be called before ldap_connect and set
globally!
- The old approach also connected it to the ldapTLS configuration, which
has a misleading naming. It indicates StartTLS usage only, not plain TLS
connections.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Using OCP\AppFramework\Services\IAppConfig is not possible because the
Helper is queried from places outside of the application DI container
(ajax pages, tests, other applications through ILDAPProviderFactory…)
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Synced from LDAP to profile:
- Date of birth
Synced from LDAP to SAB (via the profile):
- Biography
- Date of birth
Original code by Jake Nabasny (GitHub: @slapcat)
Co-authored-by: Jake Nabasny <jake@nabasny.com>
Co-authored-by: Richard Steinmetz <richard@steinmetz.cloud>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
- add configuration to specify one LDAP group acting as admin group (CLI)
- implement `isAdmin()` method, basically relying on inGroup against the
configured group
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
merging defaultScopes from DEFAULT_SCOPES and account_manager.default_property_scope
removing unneccessary profileScope setting (using config.php instead)
honoring admin choice 'profile.enabled'=>false in config.php
moved checking for empty array to updateProfile function
corrected some typos and cleaned some comments
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Marc Hefter <marchefter@gmail.com>
rework updateProfile in user_ldap/lib/User/User.php
some cleanup at processAttributes in user_ldap/lib/User/User.php
rearranged Fediverse attribute, to match profile layout
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Marc Hefter <marchefter@gmail.com>
using an array to buffer profile updates, like suggested by @come-nc
clean some code and remove unneccessary redundancy
added the Fediverse profile property
Co-Authored-By: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Marc Hefter <marchefter@gmail.com>
Now forcing backup host applies to both main and background.
And background will fallback to backup if not responding.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Using password_hash is expensive and should be used for hashing
passwords when saving them in the database. Here we just want to see if
the bind was already done with the given password, so use a fast hashing
algorythm.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
