Commit graph

130 commits

Author SHA1 Message Date
Robin Appelman
5185a3c0c9
null users dont exist
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-07-13 15:53:14 +02:00
Joas Schilling
b726204f91
Create users in non default backends first
Most of the time, when people have multiple backends or add a
custom backend, they want to create the users there and not in
the default backend. But since that is registered first, users
were always created there.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 19:59:41 +02:00
Arthur Schiwon
999455c1aa
emit changeUser only if there really was a change (quota, displayname)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-01 11:34:17 +02:00
Lukas Reschke
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Christoph Wurst
0a43c259c4
Fix encryption + remembered login due to missing login hook
The encryption app relies on the post_login hook to initialize its keys.
Since we do not emit it on a remembered login, the keys were always un-
initialized and the user was asked to log out and in again.
This patch *translates* the postRememberedLogin hook to a post_login
hook.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-16 08:41:11 +02:00
Joas Schilling
975e572a3d
Remove account data on user deletion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 13:31:31 +02:00
Robin Appelman
2b0da0f218
handle permissions errors when copying the skeleton for a read only user
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-05 14:44:51 +02:00
Arthur Schiwon
668fe7df51
UserManager can now count disabled users
Users page takes advantage of that

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-29 00:59:09 -03:00
Joas Schilling
9212089151
Use the new method in the old one to remove duplicate code
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-27 08:56:51 +02:00
Joas Schilling
9e6ac3de70
Allow to create a user for a specific backend
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-26 15:07:11 +02:00
Joas Schilling
ac0c21f4a7
Trigger change when a user is enabled/disabled
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-25 17:20:35 +02:00
Joas Schilling
a3922bbcdc
Better validation of allowed user names
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-18 14:29:34 +02:00
Roeland Jago Douma
f40b9fa9bd Merge pull request #4330 from nextcloud/activities-for-password-mail-change
Add activities when email or password is changed
2017-04-14 08:16:43 +02:00
Morris Jobke
d36751ee38 Merge pull request #2424 from nextcloud/fix-login-controller-test-consolidate-login
Fix login controller test and consolidate login
2017-04-13 12:16:38 -05:00
Morris Jobke
ac05d6dd67
Improve PHPDoc
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-04-13 12:16:12 -05:00
Joas Schilling
1110b51aa3
Allow to read the old email on the hook as well
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-13 12:34:02 +02:00
Joas Schilling
7ad791efb4
Dont create a log entry on email login
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-07 10:15:20 +02:00
Arthur Schiwon
fbadb37b9b
use known LockdownManager
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-06 15:27:30 +02:00
Arthur Schiwon
0a463e55ae
Save correct login name
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-06 15:22:43 +02:00
Arthur Schiwon
daf9d23547
don't regenerate Session ID twice, also fixes tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-06 15:22:43 +02:00
Arthur Schiwon
50844e8c47
regenerate session id on successful login, fixes integration test
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-06 15:22:43 +02:00
Arthur Schiwon
7b3fdfeeaa
do login routine only once when done via LoginController
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-04-06 15:22:42 +02:00
Robin Appelman
baec42e80a
Save the scope of an auth token in the session
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-04-05 17:58:33 +02:00
Robin Appelman
0aeb595784
user ids are strings
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-03-30 12:24:46 +02:00
Morris Jobke
d197f609a8 Merge pull request #3889 from nextcloud/downstream-26950
Sharing dialog: make autocomplete sorting case insensitive
2017-03-23 23:45:28 -06:00
Morris Jobke
dbaebc53b0
fix sorting in the backend
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-23 15:41:25 -06:00
Joas Schilling
257fbd85eb Merge pull request #3929 from nextcloud/downstream-27068
cache loadUser if not exists
2017-03-20 12:44:54 +01:00
Vincent Petry
aacfef463c
Add tests for database user backend caching
Add comment, closeCursor in user DB query

Invalidate user in cache after successful creation

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 02:03:03 -06:00
Jörn Friedrich Dreyer
592c04a9db
cache loadUser if not exists
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-20 02:01:41 -06:00
Felix Rupp
e7dc1f4326
Add postLogout hook to finish sessions from external session managers (#27048)
* Add postLogout hook to finish sessions from external session managers like CAS

* Add postLogout hook to finish sessions from external session managers like CAS

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-19 23:00:12 -06:00
Lukas Reschke
d134dea508
Don't call function in constructor
The constructor is iniitiated already very early in base.php, thus requiring this here will break the setup and some more. For now we probably have to live with a static function call here thus.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-16 21:59:47 +01:00
Lukas Reschke
085891a15d
Escape like parameters in database user backend
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-03-15 22:46:40 +01:00
Morris Jobke
a5ba1f7803
Remove legacy class OC_Group and OC_User
* basically a straight replacement of the wrapped code at the calling code parts

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-03-09 17:35:09 -06:00
blizzz
19fc68cbdc Merge pull request #2606 from temparus/master
Add preLoginValidation hook
2017-02-15 21:47:47 +01:00
Morris Jobke
dfaaebd765 Merge pull request #3417 from nextcloud/push-notification
Push notification
2017-02-10 16:00:47 -06:00
Joas Schilling
7c47f822a1
Save the used token id in the session so it can be used later on
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-02-09 15:02:59 +01:00
Robin Appelman
fa49c4a13b
Add a single public api for resolving a cloud id to a user and remote and back
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-02-08 15:17:02 +01:00
Sandro Lutz
9b6f99ab08 Update license header
Signed-off-by: Sandro Lutz <sandro.lutz@temparus.ch>
2017-02-07 01:25:39 +01:00
Sandro Lutz
fa1d607bfa Merge remote-tracking branch 'nextcloud/master'
Signed-off-by: Sandro Lutz <sandro.lutz@temparus.ch>
2017-02-07 00:15:30 +01:00
Sandro Lutz
6feff0ceba Add check if UserManager is of type PublicEmitter before calling preLogin hook
Signed-off-by: Sandro Lutz <sandro.lutz@temparus.ch>
2017-02-01 21:53:50 +01:00
Sandro Lutz
e30d28f7eb Change where preLogin hook gets called
Signed-off-by: Sandro Lutz <sandro.lutz@temparus.ch>
2017-02-01 21:53:42 +01:00
Morris Jobke
a4ad8af6e3
Add proper default value for datadir
* better safe than sorry
* fixes #3091

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-01-19 19:49:41 -06:00
Bjoern Schiessle
cdf01feba7
add action to existing brute force protection
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-01-18 15:25:16 +01:00
Loki3000
8ab16f87ac spaces added 2017-01-10 16:44:14 +03:00
Loki3000
5c77923360 allowed '0' uid 2017-01-10 16:39:10 +03:00
Loki3000
b0ff59d42f remove non required db requests 2017-01-10 13:09:33 +03:00
Loki3000
135198bf0d Default value for null user
For guest users on every request executes query:
SELECT `uid`, `displayname` FROM `users` WHERE LOWER(`uid`) = LOWER(null)
as I see, uid can't be equal to null by design.
2017-01-09 23:34:23 +03:00
Joas Schilling
5aa388bbe2
Make sure the loginname is set when logging in via cookie
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-01-05 12:17:30 +01:00
Vincent Petry
91cd57e55b
Get user home folder before deletion
After the deletion getHome() will fail because the user doesn't exist
any more, so we need to fetch that value earlier.

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-12-23 12:42:31 +01:00
Roeland Jago Douma
e368a745aa
Set last-login-check on basic auth
Else the last-login-check fails hard because the session value is not
set and thus defaults to 0.

* Started with tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-12-05 20:57:15 +01:00