canEditProperty() was returning true (editable) when an LDAP attribute
was configured for a field, and false when no attribute was configured.
This is inverted: a field with an LDAP attribute mapping is owned by
LDAP and should not be user-editable, while a field with no mapping is
not sourced from LDAP and the user should be free to set it themselves.
Fixes profile fields being uneditable for all LDAP users whose admin
has not configured attribute mappings for those fields.
Assisted-by: ClaudeCode:claude-sonnet-4-6
Signed-off-by: Anna Larch <anna@nextcloud.com>
As we do it with other information of the user, we now use the known value
of a users displayname, and leave the updating to the background job. This
improves performance of user facing actions where the display name is
required and reduces queries to the LDAP server that are typically more
expensive.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This will prevent users from editing profile fields if those are
configured to be sync from LDAP.
I did not include the avatar in this because it has a special handling.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Avoids using several LDAP searches to get UUID, display name and
internal name, now gets all attributes at the same time.
Also avoids extra request to build an unused user object in userExists.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
When disabled users where moved to their own endpoint we overlooked
search, so adding it back.
The search is done case-insensitive in uid and display name.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This matches what was done in the calls and so fixes getting disabled
user list when there are several backends returning disabled users.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This should avoid having to wait for background job to run after
deleting a user in LDAP before being able to delete it in Nextcloud.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This avoids having to wait or reset the cache after deleting a user in
the LDAP.
This also fixes a PHP error when running ldap:check-ldap --update on a
deleted but cached user.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.
This also removes and empty lines from method/function bodies at the
beginning and end.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
allows to mark users as offline right away, avoids a gap of being not a
user and causing weird side effects
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
