Commit graph

79 commits

Author SHA1 Message Date
Arthur Schiwon
79667b58a9
cache group existence early to save useless requests to LDAP
we do it for users already

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2020-01-08 11:02:37 +01:00
Christoph Wurst
5bf3d1bb38
Update license headers
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-12-05 15:38:45 +01:00
Roeland Jago Douma
68748d4f85
Some php-cs fixes
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-11-22 20:52:10 +01:00
Morris Jobke
c00d6f4eac
Merge pull request #14540 from army1349/master
LDAP Password Modify Extended Operation support
2019-07-19 17:29:24 +02:00
Morris Jobke
0d0850746e
Merge pull request #15741 from mxss/fix/phpdoc-fixes
misc phpdoc fixes
2019-07-02 22:25:41 +02:00
Arthur Schiwon
660fbd64e3
ensures mapping of chosen userid
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-06-19 17:02:28 +02:00
Arthur Schiwon
c6c8a41d2f
group display name support (service level + ldap)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-05-27 12:03:05 +02:00
Max Kovalenko
a83b79c5f8
misc phpdoc fixes
Signed-off-by: Max Kovalenko <mxss1998@yandex.ru>
2019-05-27 09:04:05 +03:00
Peter Kubica
3ed1d158bc LDAP Password Modify Extended Operation support
Signed-off-by: Peter Kubica <peter@kubica.ch>
2019-03-19 01:58:46 +01:00
Arthur Schiwon
c868892d2d
iterate over bases instead of doing parallel search
parallel search is not compatible with paged search, but the letter is
usually always applied.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2019-01-28 23:00:59 +01:00
Arthur Schiwon
c32cc4a194
cache users as existing after mapping
during login they might be cached as non-existing and cause an Exception
in the long run

reduces some duplication, too

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-11-27 17:07:59 +01:00
Daniel Kesselberg
6ce849f7b8
Add return type
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-25 12:30:54 +01:00
Daniel Kesselberg
d17b32afd7
Fix count on string
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-11-24 22:06:45 +01:00
Arthur Schiwon
0c5d9127e8
remove app specific IUserTools and consolidate test
Just some house keeping. IUserTools with used in even older days for
easier creation of Access instances…

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-30 22:44:50 +01:00
Arthur Schiwon
05f909dcf3
fixes wrong variable usage
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-26 18:03:41 +02:00
Arthur Schiwon
2048872f9e
functions that were checked for are present since PHP 5.4, supported is >=/
* so the check from older days is really not necessary anymore
* resolves #10923

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-25 22:50:42 +02:00
Arthur Schiwon
a39c995083
FIX: emit assignedUserId only for users
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-09 23:45:11 +02:00
Arthur Schiwon
73cacb8896
check user state when fetching to avoid dealing with offline objects
fixes #9502

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-05-29 01:10:03 +02:00
Arthur Schiwon
38a90130ce
move log constants to ILogger
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Arthur Schiwon
ed5f53bd49
Access needs UserManager, missed to add in #8833
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-23 15:58:50 +02:00
Arthur Schiwon
f1565336bd
DI for NC's user manager
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:24 +02:00
Arthur Schiwon
373a1d5391
more consistent naming
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:15 +02:00
Arthur Schiwon
8fe914f07e
LDAP backend to emit announce and revoke signals on mapping changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:38:39 +02:00
Arthur Schiwon
cbf60f2e91
existence check works without attribute (like with users)
cn is not necessarily given everywhere

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-15 15:47:44 +01:00
Morris Jobke
cccf6f4d5f
Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members
Apply ldapUserFilter on members of group
2018-03-08 13:19:02 +01:00
Roland Tapken
2472b93fd9 dn2ocname: also apply group filter to readAttribute()
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-03-07 12:18:46 +01:00
Arthur Schiwon
47a10bd25a
treat iconv issues
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 14:03:08 +01:00
Arthur Schiwon
4f8c724318
typo + phpdoc
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 13:30:28 +01:00
Arthur Schiwon
8607992e85
do not create empty userid when attribute does not have allowed chars
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 17:44:06 +01:00
Morris Jobke
e2974f1133
Simplify return statement
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-13 21:55:24 +01:00
Roland Tapken
cf4ec7a4b6 Apply ldapUserFilter on members of group
Refers to issue #8220

user_ldap configured with custom filters for active directory access
(group-member-association is "member"). Then it can happen that the
members of a group contain members that don't belong to the users
available in Nextcloud (the most trivial reason is that the user filter
contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude
disabled users from being imported).

This can be fixed by applying the ldapUserFilter when resolving the UID
for a DN fetched from the group's member list.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-02-07 12:02:58 +01:00
Morris Jobke
a661f043e1
Remove unneeded semicolon and parentheses
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 23:46:40 +01:00
Morris Jobke
2ad2eb38e8
Use type casting instead of *val() method
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 15:01:27 +01:00
Arthur Schiwon
b61b906abe
do not catch ServerNotAvailable
might cause the user to be unavailable (race condition).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-26 12:47:19 +01:00
Morris Jobke
55532f19d9
Cleanup OC_User and OCP\User
* mainly removes deprecated methods and old static code

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-16 18:39:11 +01:00
Arthur Schiwon
f84ec92563
revert resolving of recursion (3628d4d65d)
without recursion we have issues with internal states. paged search status
are set to false, cookies are not being set. In the end we have  endless
requests which pile up enormously with a high initial offset.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 15:17:18 +01:00
Arthur Schiwon
15a3f4659f
enrich log message with backtrace, but level it down to DEBUG
The message is not helpful anyway for an admin, and oftentimes is just
valid (e.g. when searching with an offset beyond users in LDAP).

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-01-11 14:17:14 +01:00
Arthur Schiwon
82fd09c294
don't show recurring msg when pages result was turned off
and only as debug level otherwise.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-21 14:29:56 +01:00
Morris Jobke
defac0ff0d
Fixes hex2bin() in LDAP
Untangles the two if-else clauses into a more readable format.

Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-12-13 11:57:49 +01:00
Arthur Schiwon
27f14eee26
don't cache user, if no internal user id was retrieved/assigned
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 22:47:32 +01:00
Arthur Schiwon
991190b994
ensure that users are cached when they are retrieved
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-12-07 17:49:33 +01:00
Arthur Schiwon
419759e68b
resolve DI
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:59 +01:00
Arthur Schiwon
59c05d5447
move LDAP user attributes "sync" to background (except for ajax jobs)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:56 +01:00
Arthur Schiwon
ef3cd32916
don't skip updating when ajax is set as background job mode
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:10:04 +01:00
Arthur Schiwon
c6f1af9896
move ldap user sync to background (WIP)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-11-09 11:09:59 +01:00
Morris Jobke
0eebff152a
Update license headers
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2017-11-06 16:56:19 +01:00
Arthur Schiwon
3628d4d65d
avoid unnecessary recursion
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-10-25 17:23:42 +02:00
Arthur Schiwon
5e74affea4
fix counting found results in search op
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Arthur Schiwon
89f4e16cdb
fix limit-flaw in search on paged results
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-09-14 13:20:51 +02:00
Roger Szabo
51ecc7ce11 suppress superflous php error on rejected password change
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2017-06-30 18:36:33 +08:00