nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Côme Chilliet	ce5192a461	Fixed migration step for user_ldap Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:20:29 +07:00
Joas Schilling	9a1df9ddca	Fix variable names Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-11-23 09:19:50 +07:00
Côme Chilliet	31a503b387	Change column names to ldap_dn and ldap_dn_hash and add migration Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:19:50 +07:00
Côme Chilliet	662e3240b0	Support LDAP dns longer than 255 characters Adds an ldap_full_dn column to store the dn, and only store a sha256 hash in the ldap_dn which is shorter and can be indexed without trouble. Migration still needs to be implemented. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:19:49 +07:00
Côme Chilliet	480056de88	Fix sanitizing regex and add a test case for uppercase in username I did not find any test data that would fail with the previous regex, but still added data with uppercase to at least test that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-23 09:10:38 +07:00
Côme Chilliet	3446d9c0b2	Ignore cache in occ ldap:check-ldap command This avoids having to wait or reset the cache after deleting a user in the LDAP. This also fixes a PHP error when running ldap:check-ldap --update on a deleted but cached user. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-22 16:44:27 +07:00
Côme Chilliet	51ea7dc020	Make sure mapping cache is cleared when deleting a user This avoids phantom remnants staying after user deletion Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-22 14:49:34 +07:00
Arthur Schiwon	8266f88755	fix potential unwarranted memberships in nested groups from LDAP - the issue was present only when using PHP based resolving of nested group members. Normally nested members are common in AD (and Samba4) and are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default - resolving nested members is recursive - when the cache entry was created it happend for intermediate groups, too, containing members from the parent group - the check was added to only cache the root group with its members - a runtime cache stores intermediate ldap read results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-11-19 13:07:19 +07:00
Côme Chilliet	6b960de47c	Get rid of LogWrapper calling deprecated logger and use LoggerInterface from PSR instead Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-11-09 15:11:15 +07:00
Côme Chilliet	158e73242e	Avoid use of iconv to get rid of unicode Using iconv for translit depends upon server configuration, locale, and PHP version. Using htmlentities instead to have a consistent behavior independent of configuration. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-28 10:30:14 +07:00
Carl Schwan	a67a12cb96	Merge pull request #29240 from nextcloud/work/admin-delegation-implementation Add support for Delegation Settings for more apps	2021-10-15 20:59:43 +07:00
Carl Schwan	719dbafd13	Add support for Delegation Settings for more apps * This adds support for the sharing, groupware, theming and user_ldap app * This adds some code who disapeared during a rebase in the initial delegation PR (provisioning_api) Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2021-10-15 18:41:00 +07:00
Côme Chilliet	f9e6f2ea57	Use Psr\Log\LoggerInterface where it can easily be used in user_ldap Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-14 14:12:03 +07:00
Côme Chilliet	d189a23f43	Fix two mistakes in previous migration to LoggerInterface in OCA\User_LDAP\Access Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-14 09:24:49 +07:00
Côme Chilliet	51398d706a	Use Psr\Log\LoggerInterface in OCA\User_LDAP\Access Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-12 17:19:51 +07:00
Côme Chilliet	437048e9b6	Avoid PHP errors when the LDAP attribute is not found Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2021-10-12 12:44:26 +07:00
blizzz	e8f76b03bb	Merge pull request #28876 from nextcloud/fix/28653/ldap-long-user-group-ids ensure that user and group IDs in LDAP's tables are also max 64chars	2021-09-24 22:53:06 +07:00
Arthur Schiwon	6ab30a669b	ensure that user and group IDs in LDAP's tables are also max 64chars - limitation by core tables (e.g. sharing), IDs are always 64chars - when longer group IDs were requested they are hashed (does not affect displaynames) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-24 17:29:29 +07:00
Arthur Schiwon	7178194198	fix caching of objectsid searches - store result when no name could be retrieved, too - cached value is not an array, was treated wrongly Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-21 13:32:42 +07:00
Arthur Schiwon	27865d03c0	use specific email getter where necessary Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-09 19:23:05 +07:00
Gary Kim	b78f3a57d1	Migrate HintException to OCP Signed-off-by: Gary Kim <gary@garykim.dev>	2021-06-30 15:28:02 +07:00
Arthur Schiwon	f62c066459	unset ldap provider when disabling user_ldap Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-06-30 15:25:00 +07:00
Arthur Schiwon	bbcd8c9a68	LDAP: determine shares of offline users only when needed - determine shares may via Sharing code result in user exists checks - this may result in an infinite loop when user exists was called before - the info is really only required at one occ command Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-06-28 12:56:37 +07:00
Christoph Wurst	39f0aa5abe	Merge pull request #27515 from nextcloud/enh/noid/read-multi-value-user-attribute Add method to read multi-value attributes from ldap	2021-06-16 15:51:09 +07:00
Daniel Kesselberg	04411df695	Add method to read multi-value attributes from ldap. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2021-06-16 11:35:27 +07:00
Daniel Kesselberg	33801708d2	Add return type for writeToCache writeToCache does not return a string. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2021-06-15 17:03:03 +07:00
Christoph Wurst	bf564e2a5a	Convert command option defaults to strings Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-06-09 13:25:31 +07:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +07:00
Valdnet	77ca79f697	l10n: Spelling unification Spelling unification in Transifex. Signed-off-by: Valdnet 47037905+Valdnet@users.noreply.github.com	2021-05-21 11:50:12 +07:00
Arthur Schiwon	2a5473e146	do not try to search after the last page - saves an LDAP requests in these cases - prevents a Protocol Error logged on < 7.3 API (for backports) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-04-27 12:52:26 +07:00
Arthur Schiwon	5e8f43a55e	removes PagedResults adapter for PHP < 7.3 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-04-26 22:57:42 +07:00
Roeland Jago Douma	0593b039fc	Move over notification to new registration Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-04-16 13:56:28 +07:00
Morris Jobke	6a81477ffe	Merge pull request #25326 from nextcloud/ldap-factory-no-ldap make ILDAPProviderFactory usable when there is no ldap setup	2021-03-31 21:23:23 +07:00
Robin Appelman	65b78515bd	make ILDAPProviderFactory usable when there is no ldap setup Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-03-31 15:23:33 +07:00
Johannes Leuker	9660a3fa90	Add json, yaml output options to ldap:show-config Signed-off-by: Johannes Leuker <j.leuker@hosting.de>	2021-03-31 12:36:22 +07:00
Joas Schilling	0d46fafd41	Merge pull request #26161 from nextcloud/bugfix/noid/improve-matching-of-phonebook-searches Improve search results when only phonebook-matches can we autocompleted	2021-03-17 15:22:03 +07:00
Arthur Schiwon	1b0355f2c6	adds ldap user:reset command - allows to delete data of existing LDAP users, which otherwise is safe guarded - ensures that the user is not being deleted on LDAP through a plugin Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-03-17 11:23:48 +07:00
Joas Schilling	3379e69ecc	Fix parameter types in docs Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-03-17 09:51:31 +07:00
Roeland Jago Douma	54cffefed4	Merge pull request #25660 from hosting-de/feature/add-backend-list-groups Show group backends in occ group:list --info and group:info	2021-03-05 08:49:43 +07:00
blizzz	ef5389603c	Merge pull request #25860 from nextcloud/fix/noid/ldap-bind-expired do not die after LDAP auth failed with expired acc	2021-03-02 21:34:03 +07:00
Arthur Schiwon	5ad08c7c84	do not die after LDAP auth failed with expired acc - some servers return error code 53 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-03-01 19:20:05 +07:00
Johannes Leuker	2796ef80ff	Show group backends in occ group:list --info and group:info Signed-off-by: Johannes Leuker <j.leuker@hosting.de>	2021-03-01 16:02:08 +07:00
Arthur Schiwon	4d33449faa	fix detecting cyclic group memberships Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-02-23 22:50:43 +07:00
dependabot-preview[bot]	eb502c02ff	Bump nextcloud/coding-standard from 0.3.0 to 0.5.0 Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-18 13:31:24 +07:00
Roeland Jago Douma	3f4ece256e	Some psalm OfflineUser fixes For #25641 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-02-15 13:36:02 +07:00
Christoph Wurst	6a3321cefe	Merge pull request #25101 from nextcloud/fix/noid/ldap-known-groups LDAP: make actually use of batch read known groups	2021-01-29 10:57:31 +07:00
Arthur Schiwon	90d82b03ef	fix parameter provided as string not array Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-28 15:15:55 +07:00
blizzz	939433363e	Merge pull request #25128 from nextcloud/ldapprovider-get-property extend ILDAPProvider to allow reading arbitrairy ldap attributes for users	2021-01-22 14:31:19 +07:00
Arthur Schiwon	ef0a3a92f4	silence log message - this appears too often (in some configurations) when qualifying group members which do not meet the criteria Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-21 17:25:44 +07:00
Robin Appelman	fdc8635afb	extend ILDAPProvider to allow reading arbitrairy ldap attributes for users Signed-off-by: Robin Appelman <robin@icewind.nl>	2021-01-19 16:33:58 +07:00
blizzz	f9ab7575e7	Merge pull request #25036 from nextcloud/fix/noid/limitied-allowed-items-db-in_2 respect DB restrictions on number of arguments in statements and queries	2021-01-14 11:36:42 +07:00
Arthur Schiwon	21ca5d4514	silence psalm false positive Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-13 11:54:29 +07:00
Arthur Schiwon	02b703193a	really use known groups Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-12 20:52:52 +07:00
Christoph Wurst	c1d4f8161b	Migrate internal classes to the OCP db col types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-01-12 14:09:13 +07:00
Arthur Schiwon	45e3261ad5	respect DB limits limit per statement and query Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-11 13:43:34 +07:00
Christoph Wurst	8b64e92b92	Bump doctrine/dbal from 2.12.0 to 3.0.0 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-01-08 11:45:19 +07:00
Roeland Jago Douma	dc89447f13	Revert "(LDAP) respect DB limits of arguments in an IN statement"	2021-01-08 10:44:32 +07:00
Arthur Schiwon	6eca8d6ae1	respect DB limits of arguments in a IN list Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-01-07 20:16:40 +07:00
Christoph Wurst	9ce3ea3368	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-30 14:07:05 +07:00
Roeland Jago Douma	adc4f1a811	Merge pull request #22916 from J0WI/unifiy-links-to-php.net Unify links to php.net	2020-12-22 09:53:31 +07:00
Christoph Wurst	d89a75be0b	Update all license headers for Nextcloud 21 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-12-16 18:48:22 +07:00
blizzz	f68cab4e39	Merge pull request #24402 from nextcloud/fix/24252/ldap-ingroup-memberid LDAP: fix inGroup for memberUid type of group memberships	2020-12-15 22:33:41 +07:00
Arthur Schiwon	270912848f	check number of members after potential resolving of rdns - the type check is not necessary anymore for the return type of _groupMembers() Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-27 18:44:27 +07:00
Arthur Schiwon	1f40ecca86	use faster and less hungry foreach Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-27 18:38:08 +07:00
Christoph Wurst	334f3943ab	Migrate LDAP's install.php to a repair step Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-11-27 15:13:01 +07:00
Tobias Perschon	594370e2f2	moved the array_reduce to fix large search case also added some additional comments and renamed some vars to make it intuitive whats in them Signed-off-by: Tobias Perschon <tobias@perschon.at>	2020-11-27 11:12:14 +07:00
Arthur Schiwon	57bfe0d1f9	flatten result array as expected by following code Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-26 23:36:04 +07:00
Joas Schilling	8027dcbc6f	Don't leave cursors open when tests fail Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-11-09 12:28:17 +07:00
Arthur Schiwon	c96a9a9001	fix insert values Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-06 13:30:19 +07:00
Arthur Schiwon	4104416e81	only delete specified config Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-11-06 13:01:37 +07:00
Joas Schilling	8547934e20	Correctly place the array type	2020-11-06 12:09:58 +07:00
Joas Schilling	c5b6e4bc09	Use query builder to interact with member management Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-11-06 11:28:53 +07:00
Joas Schilling	5fba0e562f	Use query builder instead of OC_DB in user_ldap Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-11-06 11:25:28 +07:00
Arthur Schiwon	3a51160221	fix potentially passing null to events where IUser is expected Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-30 16:30:01 +07:00
Arthur Schiwon	fd44087530	adds unit test for updategroups background job Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-30 16:30:00 +07:00
Morris Jobke	0053ec82ac	Document the backend registered events of LDAP Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-10-29 09:18:46 +07:00
Arthur Schiwon	fd1fd5afa4	user share manager to determine share ownership Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +07:00
Arthur Schiwon	951887e922	fixes determining whether former user is a share owner Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +07:00
Arthur Schiwon	2e455f632a	split instantiation from business logic in OfflineUser Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-26 16:05:28 +07:00
Arthur Schiwon	86e5e7d927	LDAP simplify User_Proxy and Group_Proxy signatures - make User_Proxy and Group_Proxy easy to instantiate - simplify dependent code - move commands to info.xml - make UpdateGroups job class non-static Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-23 12:25:31 +07:00
Arthur Schiwon	2ee26b691c	tame psalm. why does it ignore '@property'? Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-19 13:44:32 +07:00
Arthur Schiwon	d741c5ab30	when nesting is not enabled, the group filter can be applied right away - helps performance, but skipping unnecessary entries - reduces reoccuring info-level log output against groups that do not qualify ("no or empty name") Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-10-19 13:44:32 +07:00
Christoph Wurst	d9015a8c94	Format code to a single space around binary operators Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-10-05 20:25:24 +07:00
J0WI	68ce17e59b	Unify links to php.net Update all links to https://www.php.net/ Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2020-09-17 17:40:04 +07:00
Arthur Schiwon	b95e63b8da	announce added user and group backend later as there might be interdeps Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-11 00:14:06 +07:00
Arthur Schiwon	263f5bd1d9	switch to typed event for LDAPs user added to group case Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-10 12:57:10 +07:00
Christoph Wurst	1f7f93a695	Update license headers for Nextcloud 20 (again) There are still lots of outdated headers, so time for another round of updates. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-09-07 14:37:44 +07:00
Arthur Schiwon	aa2d754d5c	add repair step to clean up DB off lastFeatureRefresh entries in user prefs - also removes related app setting "updateAttributesInterval" Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-04 12:59:57 +07:00
Arthur Schiwon	699871dcb0	these code bits were part of old logic that was already refactored out - only references were in unit tests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-09-04 12:56:43 +07:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +07:00
Morris Jobke	fedf9c69d9	Use matching parameter names form interfaces and implementations Found by Psalm 3.14.1 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-08-19 18:16:35 +07:00
Arthur Schiwon	44cad1756c	provide event class to LDAP loaded event to fix deprecation message * and also dispatch the typed event as current approach to it Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-12 15:38:47 +07:00
Arthur Schiwon	5257efc5f2	remove logging message carrying no valuable information the exception caught is not an error, but due to valid configuration and code flow is expecting this. For an admin it is confusing, and it carries no information worth for debugging. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-12 09:10:23 +07:00
Arthur Schiwon	7eb6d8df0a	do not flip available state to unavailable, allow empty results - the detection relies that the first, requested result is not empty - it might be empty though – groups without members - protect switching from available to unavailable - switching the other way around was also not envisaged either Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-11 19:03:27 +07:00
Arthur Schiwon	7ea262dba0	LDAP: shortcut in reading nested group members when IN_CHAIN is available Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-11 18:22:11 +07:00
Morris Jobke	548576ec10	Merge pull request #22176 from nextcloud/debt/noid/table-render-too-many-arguments Remove unexpected argument	2020-08-11 09:44:28 +07:00
Daniel Kesselberg	7b68f0f326	Remove unexpected argument Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2020-08-10 22:36:30 +07:00
Arthur Schiwon	7c07f0c7f3	use break not continue in switch to avoid warning Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-08-10 17:34:11 +07:00
blizzz	579c7073f3	Merge pull request #16737 from tofuSCHNITZEL/feature-zimbraldap new Group-Member association attribute (zimbraMailForwardingAddress)	2020-08-07 22:20:50 +07:00
Tobias Perschon	551d904bb0	added "zimbraMailForwardingAddress" as a Group-Member association attribute to enable the use of Zimbra Distribution Lists as groups in nextcloud when connecting to a zimbra LDAP Signed-off-by: Tobias Perschon <tobias@perschon.at> fix cs:check Signed-off-by: Tobias Perschon <tobias@perschon.at> Update apps/user_ldap/lib/Group_LDAP.php Co-authored-by: blizzz <blizzz@arthur-schiwon.de> Signed-off-by: Tobias Perschon <tobias@perschon.at>	2020-08-07 23:30:44 +07:00
Morris Jobke	54726d5934	Merge pull request #21738 from nextcloud/techdebt/14552/migrate-OC_Group-post_removeFromGroup Migrate OC_Group post_removeFromGroup hook to actual event object	2020-08-07 17:46:00 +07:00
Morris Jobke	36ee37ec0a	Migrate OC_Group post_removeFromGroup hook to actual event object Ref #14552 This adds a BeforeUserRemovedEvent to the LDAP backend because it was missing. It's not really before, but we don't have the before state. Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-30 10:21:08 +07:00
Arthur Schiwon	d3501be851	reset the cookie internally in new API when abandoning paged results op Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-07-29 17:48:56 +07:00
Morris Jobke	7870ca0663	Use the proper IAppContainer and IServerContainer type hints to know which code runs with which container Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-21 20:44:05 +07:00
Christoph Wurst	91e7f12088	Adjust apps' code to use the ContainerInterface Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-21 20:43:18 +07:00
Christoph Wurst	35e966c38d	Migrate LDAP to the PSR container Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-07-16 15:57:17 +07:00
Morris Jobke	f42e557fa1	Use IBootstrap for the app user_ldap Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-14 04:47:54 +07:00
Morris Jobke	3203286f52	Do not use custom DI object names for user_ldap Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-07-13 17:22:19 +07:00
Morris Jobke	7ad0381e5c	Merge pull request #21639 from nextcloud/techdebt/noid/move-away-from-database-xml Move away from database xml	2020-07-06 22:42:39 +07:00
Joas Schilling	556e23e681	Move user_ldap to migrations Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-07-06 16:42:14 +07:00
Morris Jobke	d72d9ff1f4	Merge pull request #21171 from nextcloud/enh/noid/tidy-up-group-ldap tidy up Group_LDAP	2020-07-06 14:00:27 +07:00
Joas Schilling	d7c0b9cced	Also always return in app commands Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-06-26 15:12:11 +07:00
Arthur Schiwon	b8bef4ded0	fix strings being passed where arrays where expected also brought type hints up to internal API level Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-24 23:34:37 +07:00
Arthur Schiwon	3baa8d22a6	comment was wrong, block is needed nevertheless Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-24 17:51:11 +07:00
blizzz	0ab6ee40de	be more clear about the condition Co-authored-by: Christoph Wurst <ChristophWurst@users.noreply.github.com>	2020-06-16 10:55:51 +07:00
Arthur Schiwon	0cf57d1ed4	getXbyY can still return false, e.g. when using ldap write support Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-15 21:48:27 +07:00
Arthur Schiwon	4edf8630c4	clear LDAP cache after user deletion Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-08 17:52:43 +07:00
Arthur Schiwon	64fe042b0d	tidy up Group_LDAP * remove unused method * resolve code duplication * remove usage of deprectad Util::writeLog * phpDoc updates * signature updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-06-08 13:40:24 +07:00
Arthur Schiwon	aed6f0f71e	simplify getGroups, fixing wrong chunking logic pagination is taken care of properly in the search logic in Access class Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-05-27 14:41:10 +07:00
Arthur Schiwon	15008a1798	fixes infinitely repeating LDPA search results with PHP <= 7.2 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-05-26 00:37:46 +07:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +07:00
Clement Wong	9f5f505acf	Don't remove last user in ldap group when limit is -1 Signed-off-by: Clement Wong <git@clement.hk>	2020-04-27 02:33:00 +07:00
blizzz	212138daa1	Merge pull request #19919 from nextcloud/enh/noid/ldpa_group_perf LDAP Group Backend optimizations	2020-04-24 12:27:27 +07:00
Arthur Schiwon	4babdc082b	formatting Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-23 21:34:05 +07:00
Arthur Schiwon	75c686d825	do not run paged results against ldap_read ops on PHP7.3+ - previously it was needed as the PHP LDAP handling of paged results was strange - but now the read operation would fail, e.g. with extra home dir attribute set ("Home dir attribute can't be read from LDAP for uid: foobar" Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-21 15:47:49 +07:00
Arthur Schiwon	ab550d682f	do not rerun expensive sanitizer against already processed DNs Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:49:47 +07:00
Arthur Schiwon	32000dd1af	read records from DB for lists at once, not one by one. Keep a runtime cache of dn-id-mapping Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:39:54 +07:00
Arthur Schiwon	cc31c38277	don't circulate with only one backend - saves some overhead costs - in some occasions saves LDAP requests Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:38:52 +07:00
Arthur Schiwon	e8ddb4718c	consolidate groupsMatchFilter in groupsExist - less duplication - profiting of the same cache entry Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-17 12:38:07 +07:00
Roeland Jago Douma	d9990b09b8	PHP-CS-Fixer green Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-04-16 09:25:17 +07:00
Arthur Schiwon	84619a5b9c	use serverControls directly with LDAP calls, fixes 19127 - adapters for PHP API version to Support PHP < 7.3 - switch to pass only one base per search - cookie logic is moved from Access to API adapters Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-14 12:58:28 +07:00
Christoph Wurst	734c62bee0	Format code according to PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:56:50 +07:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +07:00
Christoph Wurst	1584c9ae9c	Add visibility to all methods and position of static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:51:06 +07:00
Christoph Wurst	a7c8d26d31	Add visibility to all properties and move static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:48:31 +07:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +07:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +07:00
Christoph Wurst	008e6d7e84	Merge pull request #20391 from nextcloud/refactor/spaces-cleanup Remove all extra whitespace PSR2 does not like	2020-04-09 20:39:37 +07:00
Christoph Wurst	64510932b8	Merge pull request #20384 from nextcloud/techdebt/lowercase-keywords Use php keywords in lowercase	2020-04-09 16:25:14 +07:00
Christoph Wurst	a8a06a82d2	Remove trailing whitespaces from comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:09:23 +07:00
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:07:47 +07:00
Christoph Wurst	36b3bc8148	Use php keywords in lowercase Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 14:04:56 +07:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +07:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +07:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +07:00
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-08 22:24:54 +07:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +07:00
Christoph Wurst	b80ebc9674	Use the short array syntax, everywhere Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-26 16:34:56 +07:00
Philipp Staiger	8769d97f62	single squashed commit for bug fix Signed-off-by: Philipp Staiger <philipp@staiger.it>	2020-03-26 09:01:35 +07:00
Arthur Schiwon	77c63e3b24	fixes auto-detecting UUID attributes the continue (and later the early return) avoided proper looping over the attribute candidates. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-03-19 19:42:46 +07:00
Arthur Schiwon	407b8fddfc	remove noise from detectUuid and cache results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-02-19 16:42:36 +07:00
Arthur Schiwon	a0e57ea6d3	sort prefixes for deterministic LDAP query behaviour Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-02-07 18:10:31 +07:00
blizzz	950856d5bb	Merge pull request #17717 from nextcloud/fix/noid/ldap-relax-getHome relax strict getHome behaviour for LDAP users in a shadow state	2020-01-14 09:57:24 +07:00
Arthur Schiwon	489ed878e1	ensure that only valid group members are returned Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-13 17:13:08 +07:00
Arthur Schiwon	79667b58a9	cache group existence early to save useless requests to LDAP we do it for users already Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 11:02:37 +07:00
Arthur Schiwon	5cae135b94	decouple userExists from userExistsOnLDAP check allows to mark users as offline right away, avoids a gap of being not a user and causing weird side effects Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 09:21:22 +07:00
Arthur Schiwon	411a47cadb	relax strict getHome behaviour for LDAP users in a shadow state * simplifies deletion process * less strange behaviour when looking up home storage (as long as it is local) * thus could enable transfer ownerships after user went invisible on ldap Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-01-08 09:21:21 +07:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +07:00
Roeland Jago Douma	3a7cf40aaa	Mode to modern phpunit Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-27 15:27:18 +07:00
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-22 20:52:10 +07:00
blizzz	e7f225c013	Merge pull request #18016 from nextcloud/fix/noid/ldap-checkup-batchsize make chunksize (used to check for gone LDAP users) configurable	2019-11-21 11:05:54 +07:00
Arthur Schiwon	213016f758	uid can be false when the user record does not exit fixes not loading files app for users who got a share by the gone LDAP user Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-11-20 19:44:12 +07:00
Arthur Schiwon	f990620e6b	make chunksize (used to check for gone LDAP users) configurable Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-11-20 19:43:53 +07:00
Arthur Schiwon	38a8306e32	treat LDAP error 50 as auth issue, prevents lost server connection errors Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-10-18 18:55:10 +07:00
blizzz	e105d19585	Merge pull request #17002 from nextcloud/fix/noid/ldap-dont-process-known-avas Don't process known avatars from LDAP	2019-10-02 16:32:52 +07:00
Arthur Schiwon	8d2f712420	Don't process known avatars from LDAP * avoids useless FS operation * avoids useless DB writes * avoids useless addressbook updates * addendum to #17001 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-09-04 14:44:48 +07:00
Arthur Schiwon	3ce5d4e545	reduce adressbook change events and handling ... from four to one on avatar updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-09-04 13:46:25 +07:00
Arthur Schiwon	ef237f8e36	fix check for null Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-08-02 13:09:38 +07:00
Arthur Schiwon	a2c5ab2f8b	adjusts LDAP's home handler to use the correct user object Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-08-02 08:39:39 +07:00
Julius Härtl	72aaf2e5fb	files_external: Make sure the correct user context is used in substitution of variables Signed-off-by: Julius Härtl <jus@bitgrid.net>	2019-08-02 08:39:24 +07:00
Morris Jobke	c00d6f4eac	Merge pull request #14540 from army1349/master LDAP Password Modify Extended Operation support	2019-07-19 17:29:24 +07:00
Arthur Schiwon	40c9a743fa	adds an --update flag to check-user for manual sync of the ldap record Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-07-18 14:30:43 +07:00
Joas Schilling	6d71e471e1	Update shipped implementations of the INotifier Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-07-15 15:15:00 +07:00
Morris Jobke	0d0850746e	Merge pull request #15741 from mxss/fix/phpdoc-fixes misc phpdoc fixes	2019-07-02 22:25:41 +07:00
Arthur Schiwon	d0f31c590d	Also invalidate groups after deletion Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-27 10:33:40 +07:00
Arthur Schiwon	108227ca6c	invalidates user when plugin reported deletion success Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-26 14:18:28 +07:00
blizzz	c1eff72bdf	Merge pull request #15964 from nextcloud/enh/noid/user-creation-options Opt-in for generation userid, requiring email addresses	2019-06-21 11:08:59 +07:00
Arthur Schiwon	660fbd64e3	ensures mapping of chosen userid Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 17:02:28 +07:00
Arthur Schiwon	0b34085f24	fixes return type in php doc * the backend already expects and works with the string Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 13:40:07 +07:00
Arthur Schiwon	8a7b0a68a5	fixes returning the base when multiple are specified * reading the config directly will return the value with line breaks * using the proper accessor gives us all bases in an array * returns the first matching one * having user id provided for the group base is strange and does not let us operate like this. here we return the first one. might change in future, a backportable fix won't have an API change however. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-19 13:39:15 +07:00
Arthur Schiwon	a1f2dbe29c	caches the displayname after an LDAP plugin set it Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-18 12:42:03 +07:00
Arthur Schiwon	1d48c0313c	fix inGroup check, thus make integration tests succeed there is not such strange return mode. Having invalid user ids caused this check to fail, and as side effect share limitation to groups to not work. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-06-14 06:23:58 +07:00
Arthur Schiwon	c6c8a41d2f	group display name support (service level + ldap) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-05-27 12:03:05 +07:00
Max Kovalenko	a83b79c5f8	misc phpdoc fixes Signed-off-by: Max Kovalenko <mxss1998@yandex.ru>	2019-05-27 09:04:05 +07:00
Arthur Schiwon	3372bcc7fc	fixes possible override of uniqueMember by autodetection * uniqueMember was the default so we did not know whether this setting is desired or the initial value * autodetection of the user-group association attribute runs only when it was not set (as far as we knew) * the default is now empty * thus LDAPProvider might return this value as well (in exceptional cases) * if a group base is given (edge case), use this instead of general base * resolves #12682 Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-05-17 16:19:23 +07:00
Morris Jobke	36618b111f	Pass old value to user triggerChange hook Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2019-04-11 10:03:38 +07:00
Arthur Schiwon	518998093f	set the loglevel in context, save the condition Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-04-02 22:52:12 +07:00
Vinicius Cubas Brand	61572a5b2e	LDAP plugin: force createUser to return new user's DN LDAP plugins must change the createUser method to return the DN, as we need this to update the cache. Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +07:00
Vinicius Cubas Brand	a2c38148e7	Cache cleaning when subadmin adds user to group This commit fix an error happening when the subadmin tries to create an user, adding him/her to the group s/he is subadmin of, using a LDAP User/Group plugin. This just forces the cache to be reset after an user is added to a group. Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +07:00
Vinicius Cubas Brand	c4dbc428f9	fix user creation using LDAP Plugin Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>	2019-03-21 10:20:46 +07:00
Peter Kubica	3ed1d158bc	LDAP Password Modify Extended Operation support Signed-off-by: Peter Kubica <peter@kubica.ch>	2019-03-19 01:58:46 +07:00
Arthur Schiwon	5dd2207c95	fix nested group retrieval also for 2 other cases and also consolidate logic in one method Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-03-05 11:07:40 +07:00
Roland Tapken	e7c506cff1	Reduce queries to LDAP by caching nested groups Nested groups are now cached in a CappedMemoryCache object to reduce queries to the LDAP backend. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +07:00
Roland Tapken	afb182650e	user_ldap: really resolve nested groups The previous patch fixed the problem only for one level of indirection because groupsMatchFilter() had been applied on each recursive call (and thus there would be no second level if the first level fails the check). This new implementation replaces the recursive call with a stack that iterates all nested groups before filtering with groupsMatchFilter(). Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:40 +07:00
Roland Tapken	c2d8a36d9a	user_ldap: Filter groups after nexted groups Currently groupsMatchFilter is called before nested groups are resolved. This basicly breaks this feature since it is not possible to inherit membership in a group from another group. Minimal example: Group filter: (&(objectClass=group),(cn=nextcloud)) Nested groups: enabled cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local objectClass: group cn=IT,ou=groups,dn=company,dn=local objectClass: group memberOf: cn=nextcloud,ou=Nextcloud,ou=groups,dn=company,dn=local cn=John Doe,ou=users,dn=company,dn=local objectClass: person memberOf: cn=IT,ou=groups,dn=company,dn=local Since 'cn=IT,ou=groups,dn=company,dn=local' doesn't match the group filter, John wouldn't be a member of group 'nextcloud'. This patch fixes this by filtering the groups after all nested groups have been collected. If nested groups is disabled the result will be the same as without this patch. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>	2019-03-05 11:07:35 +07:00
Arthur Schiwon	792bcb82ae	add LDAP ConfigHandler for external storages and "$home" var * handler registered upon OCA\\Files_External::loadAdditionalBackends event as user_ldap is loaded before files_external * new configuration field "ldapExtStorageHomeAttribute" (not in GUI yet) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 15:22:22 +07:00
Arthur Schiwon	5c10a46445	ensure attribute names are lower cased otherwise they will be skipped when the results is being formatted and the lower-cased result keys do not match. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-02-14 14:13:32 +07:00
Filis Futsarov	18ae9d267a	Comment fix.	2019-01-30 23:23:09 +07:00
Arthur Schiwon	c868892d2d	iterate over bases instead of doing parallel search parallel search is not compatible with paged search, but the letter is usually always applied. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2019-01-28 23:00:59 +07:00
Arthur Schiwon	85f14bc591	LDAP: extend remnants output with "detected on" field Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-12-21 17:24:28 +07:00

... 2 3 4 5 6 ...

1076 Commits (fb901b0d93da99b0a49e963a6a35fd82b7051a98)