This will prevent users from editing profile fields if those are
configured to be sync from LDAP.
I did not include the avatar in this because it has a special handling.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
I simply removed translations for exceptions which are never supposed to
happen apart from API misuse or code bug.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Also removed save action from WizardController as there is already a
route in ConfigApiController to save a configuration.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Signed-off-by: Louis Chmn <louis@chmn.me>
It seems naming a route parameter $action causes issue, so renamed it to
$wizardAction.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Signed-off-by: Louis Chmn <louis@chmn.me>
The migration path is hard and unexpected. We can follow-up with a soft
setup check instead for a while, but needs to be discussed.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
- the old approach lead connection issues, as ldap_set_option was called
too late. Specifically it needs to be called before ldap_connect and set
globally!
- The old approach also connected it to the ldapTLS configuration, which
has a misleading naming. It indicates StartTLS usage only, not plain TLS
connections.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Using OCP\AppFramework\Services\IAppConfig is not possible because the
Helper is queried from places outside of the application DI container
(ajax pages, tests, other applications through ILDAPProviderFactory…)
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This avoids getting all keys from appconfig, which was triggering
loading of lazy configuration on all requests.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Debug log, profiler and ldap debug log had a different logic for
sanitizing of parameters, aligning them.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
- Replace legacy calls with OCP\Util
- Add missing deprecation notices
- Inline implementation in OCP\Util and call it from OC_Helper
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
fixes corner cases in which an LDAP record might be loaded and used,
where the user is still not mapped - and then this information is
missing though expected.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
When using nested groups without a memberof overlay, then fetchListOfGroups is called from getGroupsByMember without applying the group filter.
In some setups, the "unfiltered" result is then written back to the group mapping table. That might cause random "An administrator removed you from group" activities.
I was unable to replicate it locally, but we got the feedback that the random activities stopped with the patch applied.
Ref: https://github.com/nextcloud/server/issues/42195
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
