nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Arthur Schiwon	d6b356c63b	enh(LDAP): implement IIsAdmin interface - add configuration to specify one LDAP group acting as admin group (CLI) - implement `isAdmin()` method, basically relying on inGroup against the configured group Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-12-01 12:48:24 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Arthur Schiwon	d978050666	fix(LDAP): prevent incomplete displaynames… … when reading users from primary groups or gidNumber-based groups Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-11-07 21:02:31 +07:00
Côme Chilliet	8212feefb9	Merge pull request #40367 from nextcloud/fix/user_ldap-update-groups-on-login Fire group membership events from LDAP at login	2023-10-16 10:01:55 +07:00
Côme Chilliet	05efbf11d9	Fix LDAP LoginListener by adding new group relationships to caches before firing the event Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-12 10:13:43 +07:00
Arthur Schiwon	cce8d0a7a5	fix(LDAP): solve race condition reading groups of disappeared LDAP user Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-10-11 15:35:10 +07:00
Arthur Schiwon	c1480aade4	refactor(LDAP): pass IConfig via constructor to Group_LDAP Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-10-10 11:18:57 +07:00
Arthur Schiwon	cb3faad5b5	fix(ldap): store last known user groups - for LDAP user life cycle management Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2023-10-09 19:46:27 +07:00
Carl Schwan	3270b7f12e	Add batch methods in user backends This allows for faster group search with significantly less DB traffic Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2023-09-05 16:56:47 +07:00
Côme Chilliet	f9ed48eab9	Add check-group command Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-08-10 10:57:33 +07:00
Côme Chilliet	b6c17c6ce7	Clear up return types usersInGroup index by int for BC, searchInGroup index by uid (string). Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-27 12:00:45 +07:00
Côme Chilliet	6385a5af36	Let OC\Group\Group handle the fallback and remove default implementation from ABackend Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-04-27 12:00:43 +07:00
Carl Schwan	35dc223500	Optimize retrieving display name when searching for users in a group This is recurrent scenario that we are searching for users and then for each users we fetch the displayName. This is inefficient, so instead try to do one query to fetch everything (e.g. Database backend) or use the already existing DisplayNameCache helper. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2023-04-27 11:57:45 +07:00
Côme Chilliet	1d00290621	Cache display name even if it was not filled Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-11-17 14:47:00 +07:00
Carl Schwan	99a752922f	Fix psalm Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 13:14:39 +07:00
Carl Schwan	60ec5e655c	Check if cache is present with isset Otherwise we get false for empty array Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 13:14:39 +07:00
Côme Chilliet	1a6a6c985a	Bring back small fixes by Carl Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 13:14:39 +07:00
Côme Chilliet	746a5fb7e0	Fix LDAP recursive nested group support Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 13:14:39 +07:00
Carl Schwan	be5338e572	Revert Carl changes on apps/user_ldap/lib/Group_LDAP.php Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 13:14:31 +07:00
Carl Schwan	1b12a08ec2	Fix user_ldap tests Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Carl Schwan	e0fbd39840	Add back runtime cache for intermediate ldap read results This is a small optimization that save a few LDAP queries Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Carl Schwan	33be3f754a	Only cache base inGroup search And not intermediate search for nested groups, this is causing issues othewise with nested groups Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Côme Chilliet	604b5ace12	Add missing copyright author in Group_LDAP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Côme Chilliet	69f9e9f387	Removed unused use declaration Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Côme Chilliet	150e6adbc5	Fix types in docblocks Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Côme Chilliet	6ed0d0b8b1	Refactor group membership listing for nested groups Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Côme Chilliet	8b19cfcd88	Small optimisation of _groupMembers This will not change the result as users are check to be existing afterwards but avoids this check when we know it’s a group. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Côme Chilliet	d07f43dc12	Refactor _groupMembers to correctly use cache on intermediate results Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-10-20 12:09:06 +07:00
Carl Schwan	6522f8a6d9	Fix merging list with null This fixes some cases observed with the debugger where we end up merging a non empty list with null. The result is then null and the looping over the items would then end. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Carl Schwan	49aa352069	Unify a bit the types of the fetcher Now it will only accept a string as parameter instead of either a string (DN) or a array (complete record). Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Carl Schwan	0fd7a51e3c	Add more type hinting Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:09:06 +07:00
Arthur Schiwon	5647093319	Cache intermediates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de> Co-authored-by: Carl Schwan <carl@carlschwan.eu>	2022-10-20 12:08:34 +07:00
Arthur Schiwon	ad2fdbe377	Refactor code to split common loop Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2022-10-20 12:08:24 +07:00
Arthur Schiwon	1e4ac22c94	Make it possible to return nested records whem walking over groups Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2022-10-20 12:08:09 +07:00
luz paz	9d26671f05	Fix typos in apps/ subdirectory Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>	2022-09-05 12:59:54 +07:00
Carl Schwan	d5c23dbb9f	Move CappedMemoryCache to OCP This is an helpful helper that should be used in more place than just server and this is already the case with groupfodlers, deck, user_oidc and more using it, so let's make it public Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-14 15:54:31 +07:00
Carl Schwan	ec6b83cc18	Add stricter psalm type for CappedMemoryCache Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-05-12 15:06:18 +07:00
Côme Chilliet	77bdad84c2	Add ldap:reset-group command to unmap groups from LDAP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-04-01 12:18:02 +07:00
Côme Chilliet	dab5ea958a	Fix unit tests Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-03-03 16:35:06 +07:00
Côme Chilliet	e80eb79a1e	Remove redundant is_array check Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2022-03-03 11:41:59 +07:00
John Molakvoæ	b5ae67ac2a	Merge pull request #29329 from nextcloud/fix/noid/groups-unwarranted-members	2021-12-20 10:07:55 +07:00
Côme Chilliet	f3dcbfe146	Fix PHP 8.1 support for user_ldap application Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-12-16 09:43:30 +07:00
Arthur Schiwon	8266f88755	fix potential unwarranted memberships in nested groups from LDAP - the issue was present only when using PHP based resolving of nested group members. Normally nested members are common in AD (and Samba4) and are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default - resolving nested members is recursive - when the cache entry was created it happend for intermediate groups, too, containing members from the parent group - the check was added to only cache the root group with its members - a runtime cache stores intermediate ldap read results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-11-19 13:07:19 +07:00
Côme Chilliet	f9e6f2ea57	Use Psr\Log\LoggerInterface where it can easily be used in user_ldap Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-14 14:12:03 +07:00
Arthur Schiwon	7178194198	fix caching of objectsid searches - store result when no name could be retrieved, too - cached value is not an array, was treated wrongly Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-21 13:32:42 +07:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +07:00
Arthur Schiwon	4d33449faa	fix detecting cyclic group memberships Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-02-23 22:50:43 +07:00
Arthur Schiwon	90d82b03ef	fix parameter provided as string not array Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-28 15:15:55 +07:00
Arthur Schiwon	270912848f	check number of members after potential resolving of rdns - the type check is not necessary anymore for the return type of _groupMembers() Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-27 18:44:27 +07:00
Arthur Schiwon	1f40ecca86	use faster and less hungry foreach Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-27 18:38:08 +07:00

1 2 3

116 Commits (8904bf645b30fbdfdcb00a2ea607d752ee69d865)