nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-04-24 23:59:27 -04:00

Author	SHA1	Message	Date
Morris Jobke	0053ec82ac	Document the backend registered events of LDAP Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-10-29 09:18:46 +01:00
Arthur Schiwon	fd1fd5afa4	user share manager to determine share ownership Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +01:00
Arthur Schiwon	951887e922	fixes determining whether former user is a share owner Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +01:00
Arthur Schiwon	2e455f632a	split instantiation from business logic in OfflineUser Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +01:00
Arthur Schiwon	86e5e7d927	LDAP simplify User_Proxy and Group_Proxy signatures - make User_Proxy and Group_Proxy easy to instantiate - simplify dependent code - move commands to info.xml - make UpdateGroups job class non-static Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-23 12:25:31 +02:00
Arthur Schiwon	2ee26b691c	tame psalm. why does it ignore '@property'? Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-19 13:44:32 +02:00
Arthur Schiwon	d741c5ab30	when nesting is not enabled, the group filter can be applied right away - helps performance, but skipping unnecessary entries - reduces reoccuring info-level log output against groups that do not qualify ("no or empty name") Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-19 13:44:32 +02:00
Christoph Wurst	d9015a8c94	Format code to a single space around binary operators Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-05 20:25:24 +02:00
J0WI	68ce17e59b	Unify links to php.net Update all links to https://www.php.net/ Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2020-09-17 17:40:04 +02:00
Arthur Schiwon	b95e63b8da	announce added user and group backend later as there might be interdeps Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-11 00:14:06 +02:00
Arthur Schiwon	263f5bd1d9	switch to typed event for LDAPs user added to group case Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-10 12:57:10 +02:00
Christoph Wurst	1f7f93a695	Update license headers for Nextcloud 20 (again) There are still lots of outdated headers, so time for another round of updates. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-09-07 14:37:44 +02:00
Arthur Schiwon	aa2d754d5c	add repair step to clean up DB off lastFeatureRefresh entries in user prefs - also removes related app setting "updateAttributesInterval" Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-04 12:59:57 +02:00
Arthur Schiwon	699871dcb0	these code bits were part of old logic that was already refactored out - only references were in unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-04 12:56:43 +02:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +02:00
Morris Jobke	fedf9c69d9	Use matching parameter names form interfaces and implementations Found by Psalm 3.14.1 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-08-19 18:16:35 +02:00
Arthur Schiwon	44cad1756c	provide event class to LDAP loaded event to fix deprecation message * and also dispatch the typed event as current approach to it Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-12 15:38:47 +02:00
Arthur Schiwon	5257efc5f2	remove logging message carrying no valuable information the exception caught is not an error, but due to valid configuration and code flow is expecting this. For an admin it is confusing, and it carries no information worth for debugging. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-12 09:10:23 +02:00
Arthur Schiwon	7eb6d8df0a	do not flip available state to unavailable, allow empty results - the detection relies that the first, requested result is not empty - it might be empty though – groups without members - protect switching from available to unavailable - switching the other way around was also not envisaged either Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-11 19:03:27 +02:00
Arthur Schiwon	7ea262dba0	LDAP: shortcut in reading nested group members when IN_CHAIN is available Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-11 18:22:11 +02:00
Morris Jobke	548576ec10	Merge pull request #22176 from nextcloud/debt/noid/table-render-too-many-arguments Remove unexpected argument	2020-08-11 09:44:28 +02:00
Daniel Kesselberg	7b68f0f326	Remove unexpected argument Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2020-08-10 22:36:30 +02:00
Arthur Schiwon	7c07f0c7f3	use break not continue in switch to avoid warning Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-10 17:34:11 +02:00
blizzz	579c7073f3	Merge pull request #16737 from tofuSCHNITZEL/feature-zimbraldap new Group-Member association attribute (zimbraMailForwardingAddress)	2020-08-07 22:20:50 +00:00
Tobias Perschon	551d904bb0	added "zimbraMailForwardingAddress" as a Group-Member association attribute to enable the use of Zimbra Distribution Lists as groups in nextcloud when connecting to a zimbra LDAP Signed-off-by: Tobias Perschon <tobias@perschon.at> fix cs:check Signed-off-by: Tobias Perschon <tobias@perschon.at> Update apps/user_ldap/lib/Group_LDAP.php Co-authored-by: blizzz <blizzz@arthur-schiwon.de> Signed-off-by: Tobias Perschon <tobias@perschon.at>	2020-08-07 23:30:44 +02:00
Morris Jobke	54726d5934	Merge pull request #21738 from nextcloud/techdebt/14552/migrate-OC_Group-post_removeFromGroup Migrate OC_Group post_removeFromGroup hook to actual event object	2020-08-07 17:46:00 +02:00
Morris Jobke	36ee37ec0a	Migrate OC_Group post_removeFromGroup hook to actual event object Ref #14552 This adds a BeforeUserRemovedEvent to the LDAP backend because it was missing. It's not really before, but we don't have the before state. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-30 10:21:08 +02:00
Arthur Schiwon	d3501be851	reset the cookie internally in new API when abandoning paged results op Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-07-29 17:48:56 +02:00
Morris Jobke	7870ca0663	Use the proper IAppContainer and IServerContainer type hints to know which code runs with which container Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-21 20:44:05 +02:00
Christoph Wurst	91e7f12088	Adjust apps' code to use the ContainerInterface Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-21 20:43:18 +02:00
Christoph Wurst	35e966c38d	Migrate LDAP to the PSR container Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-16 15:57:17 +02:00
Morris Jobke	f42e557fa1	Use IBootstrap for the app user_ldap Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-14 04:47:54 +02:00
Morris Jobke	3203286f52	Do not use custom DI object names for user_ldap Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-13 17:22:19 +02:00
Morris Jobke	7ad0381e5c	Merge pull request #21639 from nextcloud/techdebt/noid/move-away-from-database-xml Move away from database xml	2020-07-06 22:42:39 +02:00
Joas Schilling	556e23e681	Move user_ldap to migrations Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-06 16:42:14 +02:00
Morris Jobke	d72d9ff1f4	Merge pull request #21171 from nextcloud/enh/noid/tidy-up-group-ldap tidy up Group_LDAP	2020-07-06 14:00:27 +02:00
Joas Schilling	d7c0b9cced	Also always return in app commands Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-06-26 15:12:11 +02:00
Arthur Schiwon	b8bef4ded0	fix strings being passed where arrays where expected also brought type hints up to internal API level Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-24 23:34:37 +02:00
Arthur Schiwon	3baa8d22a6	comment was wrong, block is needed nevertheless Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-24 17:51:11 +02:00
blizzz	0ab6ee40de	be more clear about the condition Co-authored-by: Christoph Wurst <ChristophWurst@users.noreply.github.com>	2020-06-16 10:55:51 +02:00
Arthur Schiwon	0cf57d1ed4	getXbyY can still return false, e.g. when using ldap write support Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-15 21:48:27 +02:00
Arthur Schiwon	4edf8630c4	clear LDAP cache after user deletion Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-08 17:52:43 +02:00
Arthur Schiwon	64fe042b0d	tidy up Group_LDAP * remove unused method * resolve code duplication * remove usage of deprectad Util::writeLog * phpDoc updates * signature updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-08 13:40:24 +02:00
Arthur Schiwon	aed6f0f71e	simplify getGroups, fixing wrong chunking logic pagination is taken care of properly in the search logic in Access class Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-05-27 14:41:10 +02:00
Arthur Schiwon	15008a1798	fixes infinitely repeating LDPA search results with PHP <= 7.2 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-05-26 00:37:46 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Clement Wong	9f5f505acf	Don't remove last user in ldap group when limit is -1 Signed-off-by: Clement Wong <git@clement.hk>	2020-04-27 02:33:00 +02:00
blizzz	212138daa1	Merge pull request #19919 from nextcloud/enh/noid/ldpa_group_perf LDAP Group Backend optimizations	2020-04-24 12:27:27 +02:00
Arthur Schiwon	4babdc082b	formatting Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-23 21:34:05 +02:00
Arthur Schiwon	75c686d825	do not run paged results against ldap_read ops on PHP7.3+ - previously it was needed as the PHP LDAP handling of paged results was strange - but now the read operation would fail, e.g. with extra home dir attribute set ("Home dir attribute can't be read from LDAP for uid: foobar" Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-21 15:47:49 +02:00
Arthur Schiwon	ab550d682f	do not rerun expensive sanitizer against already processed DNs Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:49:47 +02:00
Arthur Schiwon	32000dd1af	read records from DB for lists at once, not one by one. Keep a runtime cache of dn-id-mapping Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:39:54 +02:00
Arthur Schiwon	cc31c38277	don't circulate with only one backend - saves some overhead costs - in some occasions saves LDAP requests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:38:52 +02:00
Arthur Schiwon	e8ddb4718c	consolidate groupsMatchFilter in groupsExist - less duplication - profiting of the same cache entry Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:38:07 +02:00
Roeland Jago Douma	d9990b09b8	PHP-CS-Fixer green Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-04-16 09:25:17 +02:00
Arthur Schiwon	84619a5b9c	use serverControls directly with LDAP calls, fixes 19127 - adapters for PHP API version to Support PHP < 7.3 - switch to pass only one base per search - cookie logic is moved from Access to API adapters Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-14 12:58:28 +02:00
Christoph Wurst	734c62bee0	Format code according to PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:56:50 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	1584c9ae9c	Add visibility to all methods and position of static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:51:06 +02:00
Christoph Wurst	a7c8d26d31	Add visibility to all properties and move static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:48:31 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +02:00
Christoph Wurst	008e6d7e84	Merge pull request #20391 from nextcloud/refactor/spaces-cleanup Remove all extra whitespace PSR2 does not like	2020-04-09 20:39:37 +02:00
Christoph Wurst	64510932b8	Merge pull request #20384 from nextcloud/techdebt/lowercase-keywords Use php keywords in lowercase	2020-04-09 16:25:14 +02:00
Christoph Wurst	a8a06a82d2	Remove trailing whitespaces from comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:09:23 +02:00
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:07:47 +02:00
Christoph Wurst	36b3bc8148	Use php keywords in lowercase Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 14:04:56 +02:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +02:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-08 22:24:54 +02:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +02:00
Christoph Wurst	b80ebc9674	Use the short array syntax, everywhere Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-26 16:34:56 +01:00
Philipp Staiger	8769d97f62	single squashed commit for bug fix Signed-off-by: Philipp Staiger <philipp@staiger.it>	2020-03-26 09:01:35 +01:00
Arthur Schiwon	77c63e3b24	fixes auto-detecting UUID attributes the continue (and later the early return) avoided proper looping over the attribute candidates. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-03-19 19:42:46 +01:00
Arthur Schiwon	407b8fddfc	remove noise from detectUuid and cache results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-02-19 16:42:36 +01:00
Arthur Schiwon	a0e57ea6d3	sort prefixes for deterministic LDAP query behaviour Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-02-07 18:10:31 +01:00
blizzz	950856d5bb	Merge pull request #17717 from nextcloud/fix/noid/ldap-relax-getHome relax strict getHome behaviour for LDAP users in a shadow state	2020-01-14 09:57:24 +01:00
Arthur Schiwon	489ed878e1	ensure that only valid group members are returned Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-13 17:13:08 +01:00
Arthur Schiwon	79667b58a9	cache group existence early to save useless requests to LDAP we do it for users already Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 11:02:37 +01:00
Arthur Schiwon	5cae135b94	decouple userExists from userExistsOnLDAP check allows to mark users as offline right away, avoids a gap of being not a user and causing weird side effects Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 09:21:22 +01:00
Arthur Schiwon	411a47cadb	relax strict getHome behaviour for LDAP users in a shadow state * simplifies deletion process * less strange behaviour when looking up home storage (as long as it is local) * thus could enable transfer ownerships after user went invisible on ldap Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 09:21:21 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
Roeland Jago Douma	3a7cf40aaa	Mode to modern phpunit Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-27 15:27:18 +01:00
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-22 20:52:10 +01:00
blizzz	e7f225c013	Merge pull request #18016 from nextcloud/fix/noid/ldap-checkup-batchsize make chunksize (used to check for gone LDAP users) configurable	2019-11-21 11:05:54 +01:00
Arthur Schiwon	213016f758	uid can be false when the user record does not exit fixes not loading files app for users who got a share by the gone LDAP user Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-11-20 19:44:12 +01:00
Arthur Schiwon	f990620e6b	make chunksize (used to check for gone LDAP users) configurable Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-11-20 19:43:53 +01:00
Arthur Schiwon	38a8306e32	treat LDAP error 50 as auth issue, prevents lost server connection errors Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-10-18 18:55:10 +02:00
blizzz	e105d19585	Merge pull request #17002 from nextcloud/fix/noid/ldap-dont-process-known-avas Don't process known avatars from LDAP	2019-10-02 16:32:52 +02:00
Arthur Schiwon	8d2f712420	Don't process known avatars from LDAP * avoids useless FS operation * avoids useless DB writes * avoids useless addressbook updates * addendum to #17001 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-09-04 14:44:48 +02:00
Arthur Schiwon	3ce5d4e545	reduce adressbook change events and handling ... from four to one on avatar updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-09-04 13:46:25 +02:00
Arthur Schiwon	ef237f8e36	fix check for null Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-08-02 13:09:38 +02:00
Arthur Schiwon	a2c5ab2f8b	adjusts LDAP's home handler to use the correct user object Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-08-02 08:39:39 +02:00
Julius Härtl	72aaf2e5fb	files_external: Make sure the correct user context is used in substitution of variables Signed-off-by: Julius Härtl <jus@bitgrid.net>	2019-08-02 08:39:24 +02:00
Morris Jobke	c00d6f4eac	Merge pull request #14540 from army1349/master LDAP Password Modify Extended Operation support	2019-07-19 17:29:24 +02:00
Arthur Schiwon	40c9a743fa	adds an --update flag to check-user for manual sync of the ldap record Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-07-18 14:30:43 +02:00
Joas Schilling	6d71e471e1	Update shipped implementations of the INotifier Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-07-15 15:15:00 +02:00
Morris Jobke	0d0850746e	Merge pull request #15741 from mxss/fix/phpdoc-fixes misc phpdoc fixes	2019-07-02 22:25:41 +02:00
Arthur Schiwon	d0f31c590d	Also invalidate groups after deletion Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-27 10:33:40 +02:00
Arthur Schiwon	108227ca6c	invalidates user when plugin reported deletion success Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-26 14:18:28 +02:00
blizzz	c1eff72bdf	Merge pull request #15964 from nextcloud/enh/noid/user-creation-options Opt-in for generation userid, requiring email addresses	2019-06-21 11:08:59 +02:00
Arthur Schiwon	660fbd64e3	ensures mapping of chosen userid Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 17:02:28 +02:00
Arthur Schiwon	0b34085f24	fixes return type in php doc * the backend already expects and works with the string Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 13:40:07 +02:00
Arthur Schiwon	8a7b0a68a5	fixes returning the base when multiple are specified * reading the config directly will return the value with line breaks * using the proper accessor gives us all bases in an array * returns the first matching one * having user id provided for the group base is strange and does not let us operate like this. here we return the first one. might change in future, a backportable fix won't have an API change however. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 13:39:15 +02:00
Arthur Schiwon	a1f2dbe29c	caches the displayname after an LDAP plugin set it Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-18 12:42:03 +02:00
Arthur Schiwon	1d48c0313c	fix inGroup check, thus make integration tests succeed there is not such strange return mode. Having invalid user ids caused this check to fail, and as side effect share limitation to groups to not work. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-14 06:23:58 +02:00
Arthur Schiwon	c6c8a41d2f	group display name support (service level + ldap) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-05-27 12:03:05 +02:00
Max Kovalenko	a83b79c5f8	misc phpdoc fixes Signed-off-by: Max Kovalenko <mxss1998@yandex.ru>	2019-05-27 09:04:05 +03:00
Arthur Schiwon	3372bcc7fc	fixes possible override of uniqueMember by autodetection * uniqueMember was the default so we did not know whether this setting is desired or the initial value * autodetection of the user-group association attribute runs only when it was not set (as far as we knew) * the default is now empty * thus LDAPProvider might return this value as well (in exceptional cases) * if a group base is given (edge case), use this instead of general base * resolves #12682 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-05-17 16:19:23 +02:00
Morris Jobke	36618b111f	Pass old value to user triggerChange hook Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2019-04-11 10:03:38 +02:00
Arthur Schiwon	518998093f	set the loglevel in context, save the condition Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-04-02 22:52:12 +02:00
Vinicius Cubas Brand	61572a5b2e	LDAP plugin: force createUser to return new user's DN LDAP plugins must change the createUser method to return the DN, as we need this to update the cache. Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +01:00
Vinicius Cubas Brand	a2c38148e7	Cache cleaning when subadmin adds user to group This commit fix an error happening when the subadmin tries to create an user, adding him/her to the group s/he is subadmin of, using a LDAP User/Group plugin. This just forces the cache to be reset after an user is added to a group. Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +01:00
Vinicius Cubas Brand	c4dbc428f9	fix user creation using LDAP Plugin Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +01:00
Peter Kubica	3ed1d158bc	LDAP Password Modify Extended Operation support Signed-off-by: Peter Kubica <peter@kubica.ch>	2019-03-19 01:58:46 +01:00
Arthur Schiwon	5dd2207c95	fix nested group retrieval also for 2 other cases and also consolidate logic in one method Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-03-05 11:07:40 +01:00
Roland Tapken	e7c506cff1	Reduce queries to LDAP by caching nested groups Nested groups are now cached in a CappedMemoryCache object to reduce queries to the LDAP backend. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +01:00
Roland Tapken	afb182650e	user_ldap: really resolve nested groups The previous patch fixed the problem only for one level of indirection because groupsMatchFilter() had been applied on each recursive call (and thus there would be no second level if the first level fails the check). This new implementation replaces the recursive call with a stack that iterates all nested groups before filtering with groupsMatchFilter(). Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +01:00
Roland Tapken	c2d8a36d9a	user_ldap: Filter groups after nexted groups Currently groupsMatchFilter is called before nested groups are resolved. This basicly breaks this feature since it is not possible to inherit membership in a group from another group. Minimal example: Group filter: (&(objectClass=group),(cn=nextcloud)) Nested groups: enabled cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local objectClass: group cn=IT,ou=groups,dn=company,dn=local objectClass: group memberOf: cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local cn=John Doe,ou=users,dn=company,dn=local objectClass: person memberOf: cn=IT,ou=groups,dn=company,dn=local Since 'cn=IT,ou=groups,dn=company,dn=local' doesn't match the group filter, John wouldn't be a member of group 'nextcloud'. This patch fixes this by filtering the groups after all nested groups have been collected. If nested groups is disabled the result will be the same as without this patch. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:35 +01:00
Arthur Schiwon	792bcb82ae	add LDAP ConfigHandler for external storages and "$home" var * handler registered upon OCA\\Files_External::loadAdditionalBackends event as user_ldap is loaded before files_external * new configuration field "ldapExtStorageHomeAttribute" (not in GUI yet) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 15:22:22 +01:00
Arthur Schiwon	5c10a46445	ensure attribute names are lower cased otherwise they will be skipped when the results is being formatted and the lower-cased result keys do not match. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 14:13:32 +01:00
Filis Futsarov	18ae9d267a	Comment fix.	2019-01-30 23:23:09 +01:00
Arthur Schiwon	c868892d2d	iterate over bases instead of doing parallel search parallel search is not compatible with paged search, but the letter is usually always applied. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-01-28 23:00:59 +01:00
Arthur Schiwon	85f14bc591	LDAP: extend remnants output with "detected on" field Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-21 17:24:28 +01:00
Arthur Schiwon	fbd4e9e651	add tests for the DUI as they are interact with the DB they are more integraiton than unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-21 17:24:23 +01:00
Arthur Schiwon	8bacbffe28	do not forgot to store the second displayname portion otherwise it causes a chain reaction of system addressbook updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-20 23:11:00 +01:00
Arthur Schiwon	feb5366a42	LDAP clear cache on config modification also when done via API or CLI Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-17 00:31:27 +01:00
Arthur Schiwon	c32cc4a194	cache users as existing after mapping during login they might be cached as non-existing and cause an Exception in the long run reduces some duplication, too Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-11-27 17:07:59 +01:00
Daniel Kesselberg	6ce849f7b8	Add return type Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-11-25 12:30:54 +01:00
Daniel Kesselberg	d17b32afd7	Fix count on string Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-11-24 22:06:45 +01:00
Morris Jobke	159d75945a	Merge pull request #12292 from nextcloud/fix/2947/lapse-sizelimit-error avoid logging of "Partial search results returned: Sizelimit exceeded…"	2018-11-15 10:48:57 +01:00
Joas Schilling	bb352fb667	Use the defined func()->count() instead of manual counting Signed-off-by: Joas Schilling <coding@schilljs.com>	2018-11-08 15:44:45 +01:00
Arthur Schiwon	deec5a70a0	avoid logging of "Partial search results returned: Sizelimit exceeded at" LDAP servers respond with that even if a limit was passed with the request. Having this statement logged causes a lot of confusion. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-11-07 13:15:55 +01:00
Arthur Schiwon	0c5d9127e8	remove app specific IUserTools and consolidate test Just some house keeping. IUserTools with used in even older days for easier creation of Access instances… Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-30 22:44:50 +01:00
Roeland Jago Douma	8b2b238d86	Merge pull request #12054 from nextcloud/fix/5212/interact-with-userobject LDAP: announce display name changes so that addressbook picks it up	2018-10-30 13:38:16 +01:00
Arthur Schiwon	49456e42f9	do not run into UniqueConstraintViolationException … when an unmapped user logs in for the first time when background job mode is ajax and no memcache was configured. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-30 12:12:03 +01:00
Morris Jobke	31ccf8580a	Merge pull request #12070 from nextcloud/fix/noid/announce-chosen-uid announce the chosen uid (fixes wrong variable usage)	2018-10-30 10:12:04 +01:00
Arthur Schiwon	d47e1513bc	remove unneeded empty search attribute values, fixes #12086 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-29 13:21:02 +01:00
Arthur Schiwon	05f909dcf3	fixes wrong variable usage Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-26 18:03:41 +02:00
Arthur Schiwon	bbe44108b5	only write when the displayname differs, but then announce it refs #5212 and fixes #9112 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-25 23:41:12 +02:00
Arthur Schiwon	2048872f9e	functions that were checked for are present since PHP 5.4, supported is >=/ * so the check from older days is really not necessary anymore * resolves #10923 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-10-25 22:50:42 +02:00
Morris Jobke	b458ed9c82	Properly escape column name in "createFunction" call Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-10-16 15:24:02 +02:00
Daniel Kesselberg	2d30511fa6	Check if user is null before getUsername Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2018-09-16 19:33:03 +02:00
Arthur Schiwon	7807add02d	[LDAP] The WebUI Wizard also should not assign empty config IDs With `689df9a843` the behaviour to assign only non-empty config IDs was introduced. Only, this was only effective for CLI and OCS API. Related to #3270. The web UI creates now also a full configuration on first load. This fixes #5094. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-23 17:58:35 +02:00
Morris Jobke	3d8f174774	Resolve all group memberships properly Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-08-21 10:57:50 +02:00
Arthur Schiwon	b497b06867	don't force LDAP updates on userExists anymore and remove some deprecated code Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-14 17:57:24 +02:00
Arthur Schiwon	a39c995083	FIX: emit assignedUserId only for users Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-08-09 23:45:11 +02:00
Julius Härtl	c2616df541	Only bind if configuration for the first server is available Signed-off-by: Julius Härtl <jus@bitgrid.net>	2018-07-13 08:25:10 +02:00
Arthur Schiwon	846ab25fc0	adjust and add more unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-05 11:50:49 +02:00
Arthur Schiwon	343036e55c	allow admin to disable fetching of avatars as well as a specific attribute Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-05 11:12:51 +02:00
Arthur Schiwon	a4dda465c2	let user set avatar in nextcloud von LDAP provides invalid image data Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-07-03 01:45:07 +02:00
blizzz	28e64afb8c	Merge pull request #10034 from nextcloud/fix/noid/ldap-silence-quota-logmsgs lower log level for quota manipulation cases	2018-06-28 23:06:23 +02:00
Arthur Schiwon	cc51a00c93	lower log level for quota manipulation cases and simplify the forest of ifs a little bit Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-06-28 21:10:07 +02:00
Arthur Schiwon	7a728f2154	LDAP backup server should not be queried when auth fails Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-06-27 23:12:07 +02:00
Arthur Schiwon	73cacb8896	check user state when fetching to avoid dealing with offline objects fixes #9502 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-05-29 01:10:03 +02:00
Roger Szabo	856164e578	Fix "Invalid argument supplied for foreach()" Signed-off-by: Roger Szabo <roger.szabo@web.de>	2018-05-02 18:17:21 +08:00
Roger Szabo	8637b90e15	unbound cloned connection fix Signed-off-by: Roger Szabo <roger.szabo@web.de>	2018-04-27 17:29:15 +08:00
Arthur Schiwon	38a90130ce	move log constants to ILogger Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-26 10:45:52 +02:00
Arthur Schiwon	ed5f53bd49	Access needs UserManager, missed to add in #8833 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-23 15:58:50 +02:00
Morris Jobke	38961a725f	Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks add anounce- and (pre/\|post)RevokeUser signals for non-native backends	2018-04-11 00:44:39 +02:00
Arthur Schiwon	16d4ff4d39	parameter provided to L10N::n() could have been a string Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 14:50:28 +02:00
Arthur Schiwon	f1565336bd	DI for NC's user manager Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:46:24 +02:00
Arthur Schiwon	373a1d5391	more consistent naming Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:46:15 +02:00
Arthur Schiwon	8fe914f07e	LDAP backend to emit announce and revoke signals on mapping changes Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-04-05 12:38:39 +02:00
Roeland Jago Douma	f4fd0224db	Do not use \OCP\DB anymore Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-03-26 14:40:23 +02:00
Arthur Schiwon	cbf60f2e91	existence check works without attribute (like with users) cn is not necessarily given everywhere Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-15 15:47:44 +01:00
Morris Jobke	8195b17ed7	Remove deprecated and unsused methods of OCP\DB Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-03-12 15:13:37 +01:00
Morris Jobke	cccf6f4d5f	Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members Apply ldapUserFilter on members of group	2018-03-08 13:19:02 +01:00
Roland Tapken	2472b93fd9	dn2ocname: also apply group filter to readAttribute() Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2018-03-07 12:18:46 +01:00
Roeland Jago Douma	c2320aea22	Merge pull request #8634 from nextcloud/ldap-no-empty-names do not create empty userid when attribute does not have allowed chars	2018-03-05 19:37:17 +01:00
Arthur Schiwon	47a10bd25a	treat iconv issues Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-05 14:03:08 +01:00
Arthur Schiwon	4f8c724318	typo + phpdoc Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-05 13:30:28 +01:00
Arthur Schiwon	8607992e85	do not create empty userid when attribute does not have allowed chars Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-02 17:44:06 +01:00
Arthur Schiwon	04f7252fc4	use hash algo that's robust against collisions Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-03-02 16:26:36 +01:00
Arthur Schiwon	238c3a5201	fix retrieving group members with numerical uids from LDAP Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-02-23 12:05:50 +01:00
Arthur Schiwon	9bc75307e7	track the state of the bind result Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-02-22 13:05:33 +01:00
Morris Jobke	236086c457	Merge pull request #8335 from nextcloud/remove-unused-import Remove unused import statements	2018-02-14 22:23:07 +01:00
Morris Jobke	d3d045dd5c	Remove unused import statements Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-02-14 16:55:43 +01:00
Morris Jobke	e2974f1133	Simplify return statement Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-02-13 21:55:24 +01:00
Roland Tapken	cf4ec7a4b6	Apply ldapUserFilter on members of group Refers to issue #8220 user_ldap configured with custom filters for active directory access (group-member-association is "member"). Then it can happen that the members of a group contain members that don't belong to the users available in Nextcloud (the most trivial reason is that the user filter contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude disabled users from being imported). This can be fixed by applying the ldapUserFilter when resolving the UID for a DN fetched from the group's member list. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2018-02-07 12:02:58 +01:00
blizzz	8f29f9a59b	typo Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-31 21:50:55 +01:00
Arthur Schiwon	8753a816d8	fixes reading the sysconfig value settings without the entry in the translation array are computed Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-31 13:46:13 +01:00
Morris Jobke	eb51f06a3b	Use ::class statement instead of string Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-29 12:03:47 +01:00
Morris Jobke	a661f043e1	Remove unneeded semicolon and parentheses Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 23:46:40 +01:00
Morris Jobke	2ad2eb38e8	Use type casting instead of *val() method Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 15:01:27 +01:00
Morris Jobke	ca493ab5b1	Merge pull request #8069 from nextcloud/no-catch-serverdown do not catch and ignore ServerNotAvailable in the wrong spot	2018-01-26 14:01:07 +01:00
Arthur Schiwon	b61b906abe	do not catch ServerNotAvailable might cause the user to be unavailable (race condition). Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-26 12:47:19 +01:00
Morris Jobke	6bbea33133	Simplify ternary operator statements Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 12:36:25 +01:00
Morris Jobke	c1e4f9f305	Use type casting instead of *val() method It should be up to 6x faster Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 11:35:42 +01:00
Morris Jobke	0a56d2185e	Return value immediately instead of assigning to a one-time variable Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-26 00:02:03 +01:00
Morris Jobke	2a38605545	Properly log the full exception instead of only the message Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-23 10:57:21 +01:00
Morris Jobke	55532f19d9	Cleanup OC_User and OCP\User * mainly removes deprecated methods and old static code Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2018-01-16 18:39:11 +01:00
Roeland Jago Douma	8a41d05761	Remove deprecated \OCP\Config Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-13 14:25:04 +01:00
Arthur Schiwon	f84ec92563	revert resolving of recursion (`3628d4d65d`) without recursion we have issues with internal states. paged search status are set to false, cookies are not being set. In the end we have endless requests which pile up enormously with a high initial offset. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 15:17:18 +01:00
Arthur Schiwon	9031ae0281	fix return value when ldapPagingSize returns null Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 14:47:51 +01:00
Arthur Schiwon	15a3f4659f	enrich log message with backtrace, but level it down to DEBUG The message is not helpful anyway for an admin, and oftentimes is just valid (e.g. when searching with an offset beyond users in LDAP). Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 14:17:14 +01:00
Arthur Schiwon	f292f98060	when paged results are turned off, all (max possible) users are returned thus hasMoreResult should return false Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-11 13:20:17 +01:00
Arthur Schiwon	7c3db54ff6	fix changing to next cycle Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-08 13:45:06 +01:00
Arthur Schiwon	b17c5fec40	add unit test for qualifies to run Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-08 13:08:59 +01:00

... 2 3 4 5 6 ...

1001 commits