upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-15 15:13:07 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 6
80778 commits 770 branches 1186 tags 6.6 GiB
Commit graph

451 commits

Author SHA1 Message Date
Ferdinand Thiessen
1ae3fa4003
chore: replace leagcy OC_Helper calls with OCP\Util 
- Replace legacy calls with OCP\Util
- Add missing deprecation notices
- Inline implementation in OCP\Util and call it from OC_Helper

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-05-14 10:18:04 +02:00
Joas Schilling
1ada9910b1
fix(user): Introduce a public constant for max length of user id 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-04-17 09:50:12 +02:00
Joas Schilling
775ca882f3
fix(usermanager): Don't throw when checking if a too long user id is an existing user 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2025-04-16 17:47:28 +02:00
Côme Chilliet
ddd7d4ed13
fix: Deprecate OC_User methods related to user backends 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-04-10 11:12:25 +02:00
provokateurin
8da9c0f48c
Revert "refactor: add migration for email setting" 
This reverts commit e7859f0dac.

Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-04-07 09:55:09 +02:00
Christoph Wurst
5003467f98
fix(session): Only mark sessions of permanent tokens as app passwords 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2025-04-03 10:08:15 +02:00
Ferdinand Thiessen
e7859f0dac refactor: add migration for email setting 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-02 19:06:25 +02:00
provokateurin
eb98e99530 fix(settings): Handle email change restriction separately from display name change restriction 
Co-authored-by: provokateurin <kate@provokateurin.de>
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Louis <louis@chmn.me>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-04-02 19:06:25 +02:00
Louis Chemineau
22e02d1c1e chore: Refactor callForSeenUsers to use getSeenUsers 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-03-30 08:54:41 +02:00
Louis Chemineau
275b32d513 feat: Implement getSeenUsers to iterate over users 
This method uses an iterator.
This is lighter on resources and gives more control to the caller

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-03-30 08:54:41 +02:00
Git'Fellow
18de9be0e2
fix(database): Cast users count to integer 
Signed-off-by: Git'Fellow <12234510+solracsf@users.noreply.github.com>
 2025-03-20 12:00:57 +01:00
Côme Chilliet
30382a5d8d chore: Remove now unused methods from User manager 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-10 11:30:18 +01:00
Côme Chilliet
0b449f302b fix: Correctly count disabled users for SAML groups subadmins 
If too many users return -1 as for LDAP so that link is shown

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-03-10 11:30:18 +01:00
Cleopatra Enjeck M.
32e46a8b3a fix: use mb_strtolower to convert login name 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M.
a6d6a1fa9e fix: Improve string comparison 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
Cleopatra Enjeck M.
6690a28cc0 fix: Use case insensitive check when validating login name 
Signed-off-by: Cleopatra Enjeck M. <patrathewhiz@gmail.com>
 2025-03-05 05:00:24 +00:00
Ferdinand Thiessen
3c4feff028
fix: Move login via email logic to local backend 
Backends can decide which names they accept for login,
e.g. with user_ldap you can configure arbitrary login fields.
This was a hacky approach to allow login via email,
so instead this is now only handled by the local user backend.

This also fixes some other related problems:
Other logic relys on `backend::get()` which was not handling email,
so e.g. password policy could not block users logged in via email
if they use out-dated passwords.
Similar for other integrations, as the user backend was not consistent with
what is a login name and what not.

Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de>
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-03-03 18:02:07 +01:00
Côme Chilliet
892f815d2e
fix: Fix a small typing problem is user manager 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-14 17:21:40 +01:00
Côme Chilliet
c3228ee709
fix: Implement new interface instead of deprecated one in Database backend 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-14 12:41:56 +01:00
Côme Chilliet
e187e4e87f
feat(updatenotification): Add a limit to user count from LDAP so save performances 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-14 12:26:24 +01:00
Côme Chilliet
b995912207
feat(users): Use -1 for unknown firstLogin instead of setting it to current date 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 16:30:22 +01:00
Côme Chilliet
baf7293cfe
feat: Add first login timestamp of each user to oc_preferences and user:info output 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 16:29:50 +01:00
Benjamin Gaussorgues
79db082fe6 fix(users): improve recently active search 
- Remove DISTINCT clause to fix PgSQL
- Join user table only if necessary
- Don't show people who never connected in active list
- Add test

Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-10-30 07:53:10 +01:00
dependabot[bot]
bb598c8451
chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer 
Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/nextcloud/coding-standard/releases)
- [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2)

---
updated-dependencies:
- dependency-name: nextcloud/coding-standard
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-19 07:57:35 +02:00
Git'Fellow
a1681b0756 chore(db): Apply query prepared statements 
Fix: psalm

fix: bad file

fix: bug

chore: add batch

chore: add batch

chore: add batch

fix: psalm
 2024-10-17 20:30:47 +02:00
provokateurin
51d9d63a01
chore: Use more gender neutral language 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-14 13:59:24 +02:00
provokateurin
54ec472d9a
fix(BackgroundJobs): Adjust intervals and time sensitivities 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-08 11:26:53 +02:00
Ferdinand Thiessen
d57a2dd465
fix: Skip users that still exist in backend 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-26 20:48:45 +02:00
Ferdinand Thiessen
16833aff86
fix: Make user removal more resilient 
Currently there is a problem if an exception is thrown in `User::delete`,
because at that point the user is already removed from the backend,
but not all data is deleted.

There is no way to recover from this state, as the user is gone no information is available anymore.
This means the data is still available on the server but can not removed by any API anymore.

The solution here is to first set a flag and backup the user home,
this can be used to recover failed user deletions in a way the delete can be re-tried.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-26 20:48:37 +02:00
Louis Chemineau
22d5d29c01 fix(users): Don't crash if disabled user is missing in the database 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2024-09-23 10:40:38 +02:00
Ferdinand Thiessen
a8f46af20f
chore: Add proper deprecation dates where missing 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-20 00:46:03 +02:00
provokateurin
9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +02:00
John Molakvoæ
eb374a74c7
Merge pull request #45020 from Noodlesalat/fix-lastlogin-update-token-login 2024-09-17 23:54:37 +02:00
Christoph Wurst
c57e684e7b
fix: Handle null checks with the ?? operator 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-09-15 21:50:11 +02:00
Christoph Wurst
614f9ec0a2
refactor: Use the elvis operator 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-09-15 21:01:34 +02:00
Fabian Dreßler
1d6cce8a25 fix: update last_login timestamp for token based-logins 
fixes #31075 and maybe #32953

Signed-off-by: Fabian Dreßler <nudelsalat@clouz.de>
 2024-09-06 14:11:41 -04:00
Anna Larch
8af7ecb257 chore: adjust code to adhere to coding standard 
Signed-off-by: Anna Larch <anna@nextcloud.com>
 2024-09-05 21:23:38 +02:00
Daniel Kesselberg
af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +02:00
Ferdinand Thiessen
0563757ea4 fix(SetupCheck): Properly check public access to data directory 
When checking for public (web) access to the data directory the status is not enough
as you might have a webserver that forwards to e.g. a login page.
So instead check that the content of the file matches.

For this the `.ncdata` file (renamed from `.ocdata`¹) has minimal text content
to allow checking.

¹The file was renamed from the legacy `.ocdata`, there is a repair step to remove the old one.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-08-08 22:08:42 +02:00
Arthur Schiwon
6a783d9b08
fix(Session): avoid race conditions on clustered setups 
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-10 13:28:33 +02:00
Pytal
3a97dbf248
Merge pull request #46123 from nextcloud/feat/user-password-hash 
feat: Allow getting/setting the password hash of a user
 2024-07-09 08:00:01 -07:00
Christopher Ng
c390ae94ff feat: Validate password hash 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-07-08 16:31:42 -07:00
Christopher Ng
dba00560d2 perf: Return cached password hash 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-07-08 16:30:52 -07:00
Christopher Ng
34d97d45cf feat: Allow getting/setting the password hash of a user 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-07-08 16:30:52 -07:00
Christopher Ng
a330f4c9d5 feat: Implement IPasswordHashBackend in database user backend 
Signed-off-by: Christopher Ng <chrng8@gmail.com>
 2024-07-08 16:30:52 -07:00
yemkareems
4eba967d63 fix: getLastLoggedInUsers moved from AllConfig/IConfig to IUserManager/Manager 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-07-08 15:42:55 +05:30
yemkareems
ae95e46787 fix: limit and fixLimit removed. negative limit handled in controller. removed getUsersSortedByLastLogin from Manager and instead used the config in controller 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-07-08 15:42:55 +05:30
yemkareems
ceedfb4616 fix: removed default limit of 25. if null is given all users are fetched or if limit is given limit number of users are fetched 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-07-08 15:42:55 +05:30
yemkareems
cfafbc8415 fix: removed references to old disabled users code. refactored query as per getDisplayNames function. limit and offset added to query. default limit set to 25. 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-07-08 15:42:55 +05:30
yemkareems
afa51365ff fix: removed the params related to sortMode and order since it sorts by lastLogin 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-07-08 15:42:55 +05:30