nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-05-19 08:25:56 -04:00

Author	SHA1	Message	Date
Roland Tapken	e7c506cff1	Reduce queries to LDAP by caching nested groups Nested groups are now cached in a CappedMemoryCache object to reduce queries to the LDAP backend. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +01:00
Roland Tapken	afb182650e	user_ldap: really resolve nested groups The previous patch fixed the problem only for one level of indirection because groupsMatchFilter() had been applied on each recursive call (and thus there would be no second level if the first level fails the check). This new implementation replaces the recursive call with a stack that iterates all nested groups before filtering with groupsMatchFilter(). Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +01:00
Roland Tapken	c2d8a36d9a	user_ldap: Filter groups after nexted groups Currently groupsMatchFilter is called before nested groups are resolved. This basicly breaks this feature since it is not possible to inherit membership in a group from another group. Minimal example: Group filter: (&(objectClass=group),(cn=nextcloud)) Nested groups: enabled cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local objectClass: group cn=IT,ou=groups,dn=company,dn=local objectClass: group memberOf: cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local cn=John Doe,ou=users,dn=company,dn=local objectClass: person memberOf: cn=IT,ou=groups,dn=company,dn=local Since 'cn=IT,ou=groups,dn=company,dn=local' doesn't match the group filter, John wouldn't be a member of group 'nextcloud'. This patch fixes this by filtering the groups after all nested groups have been collected. If nested groups is disabled the result will be the same as without this patch. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:35 +01:00
Arthur Schiwon	792bcb82ae	add LDAP ConfigHandler for external storages and "$home" var * handler registered upon OCA\\Files_External::loadAdditionalBackends event as user_ldap is loaded before files_external * new configuration field "ldapExtStorageHomeAttribute" (not in GUI yet) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 15:22:22 +01:00
Arthur Schiwon	5c10a46445	ensure attribute names are lower cased otherwise they will be skipped when the results is being formatted and the lower-cased result keys do not match. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 14:13:32 +01:00
Filis Futsarov	18ae9d267a	Comment fix.	2019-01-30 23:23:09 +01:00
Arthur Schiwon	c868892d2d	iterate over bases instead of doing parallel search parallel search is not compatible with paged search, but the letter is usually always applied. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-01-28 23:00:59 +01:00
Arthur Schiwon	85f14bc591	LDAP: extend remnants output with "detected on" field Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-21 17:24:28 +01:00
Arthur Schiwon	fbd4e9e651	add tests for the DUI as they are interact with the DB they are more integraiton than unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-21 17:24:23 +01:00
Arthur Schiwon	8bacbffe28	do not forgot to store the second displayname portion otherwise it causes a chain reaction of system addressbook updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-20 23:11:00 +01:00
Arthur Schiwon	feb5366a42	LDAP clear cache on config modification also when done via API or CLI Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-17 00:31:27 +01:00
Arthur Schiwon	c32cc4a194	cache users as existing after mapping during login they might be cached as non-existing and cause an Exception in the long run reduces some duplication, too Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-11-27 17:07:59 +01:00
Daniel Kesselberg	6ce849f7b8	Add return type Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-11-25 12:30:54 +01:00
Daniel Kesselberg	d17b32afd7	Fix count on string Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-11-24 22:06:45 +01:00
Morris Jobke	159d75945a	Merge pull request #12292 from nextcloud/fix/2947/lapse-sizelimit-error avoid logging of "Partial search results returned: Sizelimit exceeded…"	2018-11-15 10:48:57 +01:00
Joas Schilling	bb352fb667	Use the defined func()->count() instead of manual counting Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-11-08 15:44:45 +01:00
Arthur Schiwon	deec5a70a0	avoid logging of "Partial search results returned: Sizelimit exceeded at" LDAP servers respond with that even if a limit was passed with the request. Having this statement logged causes a lot of confusion. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-11-07 13:15:55 +01:00
Arthur Schiwon	0c5d9127e8	remove app specific IUserTools and consolidate test Just some house keeping. IUserTools with used in even older days for easier creation of Access instances… Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-30 22:44:50 +01:00
Roeland Jago Douma	8b2b238d86	Merge pull request #12054 from nextcloud/fix/5212/interact-with-userobject LDAP: announce display name changes so that addressbook picks it up	2018-10-30 13:38:16 +01:00
Arthur Schiwon	49456e42f9	do not run into UniqueConstraintViolationException … when an unmapped user logs in for the first time when background job mode is ajax and no memcache was configured. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-30 12:12:03 +01:00
Morris Jobke	31ccf8580a	Merge pull request #12070 from nextcloud/fix/noid/announce-chosen-uid announce the chosen uid (fixes wrong variable usage)	2018-10-30 10:12:04 +01:00
Arthur Schiwon	d47e1513bc	remove unneeded empty search attribute values, fixes #12086 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-29 13:21:02 +01:00
Arthur Schiwon	05f909dcf3	fixes wrong variable usage Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-26 18:03:41 +02:00
Arthur Schiwon	bbe44108b5	only write when the displayname differs, but then announce it refs #5212 and fixes #9112 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-25 23:41:12 +02:00
Arthur Schiwon	2048872f9e	functions that were checked for are present since PHP 5.4, supported is >=/ * so the check from older days is really not necessary anymore * resolves #10923 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-25 22:50:42 +02:00
Morris Jobke	b458ed9c82	Properly escape column name in "createFunction" call Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-10-16 15:24:02 +02:00
Daniel Kesselberg	2d30511fa6	Check if user is null before getUsername Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-09-16 19:33:03 +02:00
Arthur Schiwon	7807add02d	[LDAP] The WebUI Wizard also should not assign empty config IDs With `689df9a843` the behaviour to assign only non-empty config IDs was introduced. Only, this was only effective for CLI and OCS API. Related to #3270. The web UI creates now also a full configuration on first load. This fixes #5094. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-23 17:58:35 +02:00
Morris Jobke	3d8f174774	Resolve all group memberships properly Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-08-21 10:57:50 +02:00
Arthur Schiwon	b497b06867	don't force LDAP updates on userExists anymore and remove some deprecated code Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-14 17:57:24 +02:00
Arthur Schiwon	a39c995083	FIX: emit assignedUserId only for users Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-09 23:45:11 +02:00
Julius Härtl	c2616df541	Only bind if configuration for the first server is available Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-07-13 08:25:10 +02:00
Arthur Schiwon	846ab25fc0	adjust and add more unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-05 11:50:49 +02:00
Arthur Schiwon	343036e55c	allow admin to disable fetching of avatars as well as a specific attribute Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-05 11:12:51 +02:00
Arthur Schiwon	a4dda465c2	let user set avatar in nextcloud von LDAP provides invalid image data Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-03 01:45:07 +02:00
blizzz	28e64afb8c	Merge pull request #10034 from nextcloud/fix/noid/ldap-silence-quota-logmsgs lower log level for quota manipulation cases	2018-06-28 23:06:23 +02:00
Arthur Schiwon	cc51a00c93	lower log level for quota manipulation cases and simplify the forest of ifs a little bit Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-06-28 21:10:07 +02:00
Arthur Schiwon	7a728f2154	LDAP backup server should not be queried when auth fails Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-06-27 23:12:07 +02:00
Arthur Schiwon	73cacb8896	check user state when fetching to avoid dealing with offline objects fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-05-29 01:10:03 +02:00
Roger Szabo	856164e578	Fix "Invalid argument supplied for foreach()" Signed-off-by: Roger Szabo <roger.szabo@web.de>	2018-05-02 18:17:21 +08:00
Roger Szabo	8637b90e15	unbound cloned connection fix Signed-off-by: Roger Szabo <roger.szabo@web.de>	2018-04-27 17:29:15 +08:00
Arthur Schiwon	38a90130ce	move log constants to ILogger Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-26 10:45:52 +02:00
Arthur Schiwon	ed5f53bd49	Access needs UserManager, missed to add in #8833 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-23 15:58:50 +02:00
Morris Jobke	38961a725f	Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks add anounce- and (pre/\|post)RevokeUser signals for non-native backends	2018-04-11 00:44:39 +02:00
Arthur Schiwon	16d4ff4d39	parameter provided to L10N::n() could have been a string Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 14:50:28 +02:00
Arthur Schiwon	f1565336bd	DI for NC's user manager Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:46:24 +02:00
Arthur Schiwon	373a1d5391	more consistent naming Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:46:15 +02:00
Arthur Schiwon	8fe914f07e	LDAP backend to emit announce and revoke signals on mapping changes Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:38:39 +02:00
Roeland Jago Douma	f4fd0224db	Do not use \OCP\DB anymore Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-26 14:40:23 +02:00
Arthur Schiwon	cbf60f2e91	existence check works without attribute (like with users) cn is not necessarily given everywhere Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-15 15:47:44 +01:00
Morris Jobke	8195b17ed7	Remove deprecated and unsused methods of OCP\DB Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-03-12 15:13:37 +01:00
Morris Jobke	cccf6f4d5f	Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members Apply ldapUserFilter on members of group	2018-03-08 13:19:02 +01:00
Roland Tapken	2472b93fd9	dn2ocname: also apply group filter to readAttribute() Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2018-03-07 12:18:46 +01:00
Roeland Jago Douma	c2320aea22	Merge pull request #8634 from nextcloud/ldap-no-empty-names do not create empty userid when attribute does not have allowed chars	2018-03-05 19:37:17 +01:00
Arthur Schiwon	47a10bd25a	treat iconv issues Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-05 14:03:08 +01:00
Arthur Schiwon	4f8c724318	typo + phpdoc Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-05 13:30:28 +01:00
Arthur Schiwon	8607992e85	do not create empty userid when attribute does not have allowed chars Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-02 17:44:06 +01:00
Arthur Schiwon	04f7252fc4	use hash algo that's robust against collisions Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-02 16:26:36 +01:00
Arthur Schiwon	238c3a5201	fix retrieving group members with numerical uids from LDAP Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-02-23 12:05:50 +01:00
Arthur Schiwon	9bc75307e7	track the state of the bind result Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-02-22 13:05:33 +01:00
Morris Jobke	236086c457	Merge pull request #8335 from nextcloud/remove-unused-import Remove unused import statements	2018-02-14 22:23:07 +01:00
Morris Jobke	d3d045dd5c	Remove unused import statements Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-02-14 16:55:43 +01:00
Morris Jobke	e2974f1133	Simplify return statement Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-02-13 21:55:24 +01:00
Roland Tapken	cf4ec7a4b6	Apply ldapUserFilter on members of group Refers to issue #8220 user_ldap configured with custom filters for active directory access (group-member-association is "member"). Then it can happen that the members of a group contain members that don't belong to the users available in Nextcloud (the most trivial reason is that the user filter contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude disabled users from being imported). This can be fixed by applying the ldapUserFilter when resolving the UID for a DN fetched from the group's member list. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2018-02-07 12:02:58 +01:00
blizzz	8f29f9a59b	typo Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-31 21:50:55 +01:00
Arthur Schiwon	8753a816d8	fixes reading the sysconfig value settings without the entry in the translation array are computed Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-31 13:46:13 +01:00
Morris Jobke	eb51f06a3b	Use ::class statement instead of string Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-29 12:03:47 +01:00
Morris Jobke	a661f043e1	Remove unneeded semicolon and parentheses Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 23:46:40 +01:00
Morris Jobke	2ad2eb38e8	Use type casting instead of *val() method Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 15:01:27 +01:00
Morris Jobke	ca493ab5b1	Merge pull request #8069 from nextcloud/no-catch-serverdown do not catch and ignore ServerNotAvailable in the wrong spot	2018-01-26 14:01:07 +01:00
Arthur Schiwon	b61b906abe	do not catch ServerNotAvailable might cause the user to be unavailable (race condition). Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-26 12:47:19 +01:00
Morris Jobke	6bbea33133	Simplify ternary operator statements Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 12:36:25 +01:00
Morris Jobke	c1e4f9f305	Use type casting instead of *val() method It should be up to 6x faster Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 11:35:42 +01:00
Morris Jobke	0a56d2185e	Return value immediately instead of assigning to a one-time variable Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 00:02:03 +01:00
Morris Jobke	2a38605545	Properly log the full exception instead of only the message Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-23 10:57:21 +01:00
Morris Jobke	55532f19d9	Cleanup OC_User and OCP\User * mainly removes deprecated methods and old static code Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-16 18:39:11 +01:00
Roeland Jago Douma	8a41d05761	Remove deprecated \OCP\Config Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-13 14:25:04 +01:00
Arthur Schiwon	f84ec92563	revert resolving of recursion (`3628d4d65d`) without recursion we have issues with internal states. paged search status are set to false, cookies are not being set. In the end we have endless requests which pile up enormously with a high initial offset. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 15:17:18 +01:00
Arthur Schiwon	9031ae0281	fix return value when ldapPagingSize returns null Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 14:47:51 +01:00
Arthur Schiwon	15a3f4659f	enrich log message with backtrace, but level it down to DEBUG The message is not helpful anyway for an admin, and oftentimes is just valid (e.g. when searching with an offset beyond users in LDAP). Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 14:17:14 +01:00
Arthur Schiwon	f292f98060	when paged results are turned off, all (max possible) users are returned thus hasMoreResult should return false Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 13:20:17 +01:00
Arthur Schiwon	7c3db54ff6	fix changing to next cycle Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-08 13:45:06 +01:00
Arthur Schiwon	b17c5fec40	add unit test for qualifies to run Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-08 13:08:59 +01:00
Arthur Schiwon	a565bf0b9f	fix offset is never being reset Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-05 14:29:11 +01:00
Arthur Schiwon	82da4fde18	create failing test for this case Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-05 14:27:36 +01:00
Morris Jobke	4d0315ceae	Merge pull request #7599 from nextcloud/quieter-debug-log don't show recurring log msg when paged result was turned off	2018-01-03 00:40:46 +01:00
Arthur Schiwon	c8851e24a8	throw ServerNotAvailableException when LDAP is caught shutting down Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-02 12:20:44 +01:00
Arthur Schiwon	82fd09c294	don't show recurring msg when pages result was turned off and only as debug level otherwise. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-12-21 14:29:56 +01:00
Morris Jobke	d2d73f1ce8	Also replace all other occurences Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-12-18 20:57:11 +01:00
Arthur Schiwon	5ce943aa85	don't use deprecated method for requesting memcache Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-12-18 20:57:11 +01:00
Morris Jobke	defac0ff0d	Fixes hex2bin() in LDAP Untangles the two if-else clauses into a more readable format. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-12-13 11:57:49 +01:00
Arthur Schiwon	27f14eee26	don't cache user, if no internal user id was retrieved/assigned Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-12-07 22:47:32 +01:00
Arthur Schiwon	991190b994	ensure that users are cached when they are retrieved Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-12-07 17:49:33 +01:00
sidey79	45dfc11137	tryfix needsRefresh unit tests Forced updateAttributesInterval from getAppValue to int Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-10 17:07:41 +01:00
sidey79	039f6c9636	Fixed Typo in user.php Fixed a typo for the app config prameter updateAttributesInterval Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-10 17:07:41 +01:00
sidey79	0b290c0904	Update User.php Makes the time between needsRefresh configurable via app config option updateAttribuesInterval. Default is still 86400 secons which is one day. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-10 17:07:36 +01:00
Arthur Schiwon	419759e68b	resolve DI Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-09 11:10:59 +01:00
Arthur Schiwon	8113f26eed	add Sync test Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-09 11:10:58 +01:00
Arthur Schiwon	59c05d5447	move LDAP user attributes "sync" to background (except for ajax jobs) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-09 11:10:56 +01:00
Arthur Schiwon	ef3cd32916	don't skip updating when ajax is set as background job mode Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-09 11:10:04 +01:00
Arthur Schiwon	c6f1af9896	move ldap user sync to background (WIP) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-09 11:09:59 +01:00
Lukas Reschke	2bfa1ce5c3	Merge pull request #5568 from nextcloud/ldap-agent-credentials-safe Ldap agent credentials save	2017-11-09 09:26:51 +01:00
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 16:56:19 +01:00
Vinicius Cubas Brand	fa565750d1	User_LDAP plugins: smaller fixes Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2017-11-03 11:42:59 -02:00
Vinicius Cubas Brand	10ca793452	Plugins infrastructure in User_LDAP Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2017-11-03 11:41:40 -02:00
Arthur Schiwon	7b0868ddac	fix saving changes… Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-27 14:25:19 +02:00
Arthur Schiwon	9a1f706ae4	fix creating an empty configuration Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-27 14:25:19 +02:00
Arthur Schiwon	52b1b97c58	Fix regression: undesired writes to the DB Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-27 14:25:19 +02:00
Arthur Schiwon	4eab39f133	LDAP: only write actually changes values to the DB Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-27 14:25:19 +02:00
Arthur Schiwon	3628d4d65d	avoid unnecessary recursion Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-25 17:23:42 +02:00
Lukas Reschke	9932b7498d	Merge pull request #6873 from nextcloud/ldap_proxy_redix_fix Ldap proxy Redis fix	2017-10-19 12:03:04 +02:00
Lukas Reschke	7de6f7cd07	Merge pull request #6677 from nextcloud/downstream-dont-reset-quota don't reset quota	2017-10-19 11:42:37 +02:00
Roeland Jago Douma	4388ec2231	Little bit of code cleanup Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-10-19 11:05:24 +02:00
Roeland Jago Douma	a6760560c6	Do not check existance before fetch Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-10-19 11:03:31 +02:00
Arthur Schiwon	c9622ccb62	fix LDAP User deletion (cleanup) discovered a bug in the integration test which lead to following a different code path and giving a false-positive success feedback. Also listens now to the evendispatcher instead of old hook system Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-29 11:44:04 +02:00
Arthur Schiwon	3e2015a24c	and add missing whitespaces to log outout Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-28 01:16:57 +02:00
Juan Pablo Villafáñez	d6d895dd74	Keep the current quota if no suitable quota is found Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-28 01:13:48 +02:00
Arthur Schiwon	5e74affea4	fix counting found results in search op Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-14 13:20:51 +02:00
Arthur Schiwon	34f9590169	replace hard-coded attribute with the corresponding settings option Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-14 13:20:51 +02:00
Arthur Schiwon	89f4e16cdb	fix limit-flaw in search on paged results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-09-14 13:20:51 +02:00
Morris Jobke	ba2e1c5db9	Merge pull request #5689 from nextcloud/fix-4117 LDAP: simplify returning the homePath and fixing #4117	2017-09-14 00:23:01 +02:00
Morris Jobke	cebbb1633a	Merge pull request #5642 from tobru/fix/groupOfUniqueNames_in_Wizard recognize groupOfUniqueNames as valid LDAP group object	2017-09-05 13:33:15 +02:00
Morris Jobke	ff93dd7eb1	Merge pull request #5466 from jlehtoranta/ldap-connectivity-fixes LDAP Connectivity Fixes	2017-09-04 18:31:32 +02:00
Arthur Schiwon	ab92e2ee14	listen to deletion hooks for proper handling, adjust and add tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-08-31 23:03:21 +02:00
Arthur Schiwon	efedc81c0a	simplify returning the homePath and fixing #4117 homesToKill was not set in runtime since some changes some place else. It required deleteUser() to be called first. The method acts independent of it now. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-08-31 23:03:16 +02:00
Morris Jobke	43facdb95f	Merge pull request #5616 from nextcloud/ldap-wizard-remove-LDAPTLS_REQCERT-attempt LDAP Wizard: do not attempt to recognise cert issue by using LDAPTLS_REQCERT	2017-08-10 21:06:14 +02:00
Joas Schilling	45e2c415d4	Fix comparison in the ldap app Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-08-01 13:56:12 +02:00
Roeland Jago Douma	ede15f0988	Fix L10N::t Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-08-01 08:20:17 +02:00
Morris Jobke	c27498db71	Use IConfig instead of static OCP\Config Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-07-27 13:43:18 +02:00
Morris Jobke	89a7b007f2	Fix comments Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-07-25 08:57:58 +02:00
Jarkko Lehtoranta	69f6d42b17	LDAP: Simplify conditions in establishConnection Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	6103677a91	LDAP: Use imported exception in Connection class Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	79fbed4064	LDAP: Clean-up doConnect Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	d87375cbaa	LDAP: Throw an exception if disabling LDAP referrals fails Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	de9a9bc004	LDAP: Throw an exception if Start TLS fails This ensures that only a secure connection to the LDAP server will be used, if Start TLS has been enabled. Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	ee2c6e8215	LDAP: Remove unnecessary "recursion" fix This reverts commit `86d72b9a61` "LDAP: fix possible recursion". Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	039a836d4a	LDAP: Don't handle invalid credentials as a connection error Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Jarkko Lehtoranta	4e2e592635	LDAP: Connect to backup server only if it exists + handle errors Signed-off-by: Jarkko Lehtoranta <devel@jlranta.com>	2017-07-23 14:50:01 +03:00
Arthur Schiwon	25439919f8	fix phpdoc return types (no code change) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-07-21 14:55:12 +02:00
Arthur Schiwon	9b2f171cbd	do not attempt to recognise cert issue by using LDAPTLS_REQCERT first, it does not work (at least not everywhere/reliably), second if it did it was not reset properly. Removes a bit of complexity. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-07-21 14:55:11 +02:00
Allan Nordhøy	ddc804aa32	: Bigversal and LDAP	2017-07-14 15:46:05 +02:00
Roger Szabo	0ebec6f9a4	Rectify variable $uid->$user Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-07-10 18:46:39 +08:00
Tobias Brunner	f8735a3205	recognize groupOfUniqueNames as valid LDAP group object This was already partly done in `f88109b` but was missed in the fetchGroups function.	2017-07-07 08:29:58 +02:00
Roger Szabo	51ecc7ce11	suppress superflous php error on rejected password change Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-06-30 18:36:33 +08:00
Roger Szabo	bf9412df63	set needsPasswordReset flag correctly Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-06-22 15:58:30 +08:00
Roger Szabo	0fcbc0954c	pass missing function parameter Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-06-21 14:40:44 +08:00
Arthur Schiwon	b79f9cadc2	fix paging Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-05-26 13:44:43 +02:00
Arthur Schiwon	bd5d12528f	make sure used ldap connection resource is always up to date Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-05-25 00:45:48 +02:00
bline	8c89bf7c59	moved to something a little less invasive. back to passing CR around. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-05-25 00:36:51 +02:00
bline	8829d84949	special case for controlPagedResultResponse. It would be nice if there was a generic way to pass by reference with call_user_func_array.. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-05-25 00:34:52 +02:00
Morris Jobke	ba43a09380	Merge pull request #4512 from nextcloud/fix-translations-2 Fix translations	2017-04-26 08:57:08 -03:00
Joas Schilling	6c28c4ac8b	Use correct plural form and add special strings for tomorrow and today Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-04-26 09:34:59 +02:00
Arthur Schiwon	43f451e9e0	Fix usersInGroup retrieval Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-04-25 15:07:05 +02:00
Arthur Schiwon	685faad5ca	fix method name due to changes in master Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-04-25 13:03:08 +02:00
Arthur Schiwon	b1d646640a	Merge branch 'master' of https://github.com/Xuanwo/server into Xuanwo-master2	2017-04-25 12:42:17 +02:00
Xuanwo	8db21ad8c8	user_ldap: Add support for gidNumber This patch is based on the work of @dleeuw (https://github.com/dleeuw) (See https://github.com/nextcloud/server/issues/2640#issuecomment-269615883 for more details). The difference is user & group data will be written into cache to have better performance, and functions splited from primaryGroupID series to make them more readable. Fixed https://github.com/nextcloud/server/issues/2640 Signed-off-by: Xuanwo <xuanwo@yunify.com>	2017-04-25 10:06:47 +08:00
blizzz	42e805f057	Merge pull request #1023 from GitHubUser4234/ldap_password_renew_pr Handle password expiry in user_ldap	2017-04-24 12:17:04 +02:00
Lukas Reschke	727688ebd9	Adjust existing bruteforce protection code - Moves code to annotation - Adds the `throttle()` call on the responses on existing annotations Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-04-14 13:42:40 +02:00
Morris Jobke	229d17e13b	Change LDAP method names Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-04-12 10:10:07 -05:00
Morris Jobke	1729e4471f	Update comments to Nextcloud * based on PR by @Ardinis * see #4311 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-04-11 23:16:27 -05:00
Roger Szabo	5fa218051b	unit test adjustment Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-04-07 18:06:50 +08:00
Roger Szabo	f49ff74943	blizzz comments 03.04.2017 with caching Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-04-06 16:57:07 +08:00
Roger Szabo	33c8bf1857	blizzz comments 03.04.2017 Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-04-06 16:26:41 +08:00
Roger Szabo	1853c1ade2	remove redundant tabs Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-03-31 15:27:50 +08:00
Roger Szabo	5e7723f15c	restore ldap_password_renew_pr Signed-off-by: Roger Szabo <roger.szabo@web.de>	2017-03-31 15:16:22 +08:00
Roeland Jago Douma	70f93bf53a	Merge pull request #4143 from nextcloud/ldap-downstream-64 Correctly apply quota	2017-03-30 14:10:21 +02:00
Morris Jobke	d17678b5b2	Merge pull request #4141 from nextcloud/ldap-downstream-9 Convert the group limit to match the same behaviour as the user search	2017-03-29 15:47:28 -06:00
Roeland Jago Douma	636575e3de	Merge pull request #3329 from andreas-p/ldap_no-memberof-with-memberuid Ldap no memberof with memberuid	2017-03-29 19:12:51 +02:00
Juan Pablo Villafáñez	3676189e05	Add comments in the updateQuota method to explain the behavior Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez	f9832ff347	Check if the user exists before trying to set the quota Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-03-29 13:32:16 +02:00
Juan Pablo Villafáñez	3345a72e7e	Correctly apply quota Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-03-29 13:32:11 +02:00
Juan Pablo Villafáñez	9e2e0c4c30	Convert the group limit to match the same behaviour as the user search Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-03-29 12:49:08 +02:00
Morris Jobke	a5ba1f7803	Remove legacy class OC_Group and OC_User * basically a straight replacement of the wrapped code at the calling code parts Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-03-09 17:35:09 -06:00
Arthur Schiwon	42ddb12fd9	Background jobs can take 4k of characters only. We find a good batch size. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-02-17 20:06:25 +01:00
Arthur Schiwon	497ee3e3e6	Add repair steps Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-02-17 18:45:33 +01:00
Arthur Schiwon	45615cc940	add integration test for uuid attr detection Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-02-17 12:05:51 +01:00
Arthur Schiwon	f87812fdd6	Fix determining the UUID attribute, default of the override is null Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-02-17 02:06:10 +01:00
Morris Jobke	52ef851da3	Merge pull request #3421 from espro/freeipa-uuid-fix Update uuidAttributes list to include FreeIPA's ipauniqueid	2017-02-15 08:07:58 -06:00
Brent Bloxam	f7b8a31d63	Update uuidAttributes list to include FreeIPA's ipauniqueid Signed-off-by: Brent Bloxam <brent.bloxam@gmail.com>	2017-02-10 10:23:13 -05:00
Andreas Pflug	b64e48335f	Don't try to use memberof on posixgroups, since it doesn't support memberUid attributes. Signed-off-by: Andreas Pflug <dev@admin4.org>	2017-01-31 01:40:09 +01:00
Arthur Schiwon	9983e05121	LDAP's checkPassword should only catch when a user was not found, fixes #2431 Also fixes error processing after ldap_search, due to different return format Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-30 17:06:51 +01:00
Morris Jobke	3a603ab8b4	Merge pull request #3264 from nextcloud/ldap-deny-long-dns Gracefully deny users or groups with too long DNs	2017-01-26 01:15:43 -06:00
Morris Jobke	feab1e5b94	Merge pull request #3162 from nextcloud/ldap-ocs Part 1 of LDAP Backend OCS Api	2017-01-25 22:45:34 -06:00
Arthur Schiwon	03ae7b654f	Gracefully deny users or groups with too long DNs Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-25 17:10:51 +01:00
Morris Jobke	e46410e856	Add icon to admin page sidebar for LDAP * follow up to nextcloud/server#3151 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-01-24 12:54:32 -06:00
Arthur Schiwon	91ed70f094	fix deletion for configIDs < s10 Also move ensureConfigIDExists checks into try, it might throw DB related exceptions Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-20 23:01:46 +01:00
Arthur Schiwon	9ca4065ef5	LDAP PUT command now supports setting multiple keys at once Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-20 22:01:08 +01:00
Arthur Schiwon	1f7b08bd19	LDAP OCS Api for show config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-19 15:19:20 +01:00
Arthur Schiwon	f2c9d04eac	test against OCS v2 instead Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-19 12:48:50 +01:00
Arthur Schiwon	01d469dfea	add LDAP OCS Api for modifying a configuration Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-19 11:09:04 +01:00
Joas Schilling	17a7eaabcd	Add the icons for shipped apps Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-01-19 10:42:22 +01:00
Arthur Schiwon	18a75bec0d	fix and extend behat tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-19 10:04:15 +01:00
Arthur Schiwon	a515de54e7	LDAP OCS Api for delete config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-18 23:17:58 +01:00
Arthur Schiwon	689df9a843	LDAP OCS Api for create config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-01-18 21:13:23 +01:00
Arthur Schiwon	7887566cff	remove frequent, unimportant log message Fixes #2585 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2016-12-19 23:36:11 +01:00
Arthur Schiwon	0c8e4b91d3	adjust: sanitizeDN resides in Helper Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2016-12-05 11:36:20 +01:00
Juan Pablo Villafáñez	efa1077872	Extract lowercase conversion out of the loop Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2016-12-05 11:29:47 +01:00
Arthur Schiwon	6496b95564	range support for LDAP read operations Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2016-12-05 11:29:16 +01:00
Arthur Schiwon	1e5344ffe9	log exception about user not present on LDAP on login only if loglevel is set to debug Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2016-11-29 17:05:55 +01:00
Lukas Reschke	4c5e7d270a	Add tests Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2016-11-23 19:58:43 +01:00

... 2 3 4 5 6 ...

884 commits