Commit graph

720 commits

Author SHA1 Message Date
Morris Jobke
159d75945a
Merge pull request #12292 from nextcloud/fix/2947/lapse-sizelimit-error
avoid logging of "Partial search results returned: Sizelimit exceeded…"
2018-11-15 10:48:57 +01:00
Joas Schilling
bb352fb667
Use the defined func()->count() instead of manual counting
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-11-08 15:44:45 +01:00
Arthur Schiwon
deec5a70a0
avoid logging of "Partial search results returned: Sizelimit exceeded at"
LDAP servers respond with that even if a limit was passed with the
request. Having this statement logged causes a lot of confusion.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-11-07 13:15:55 +01:00
Arthur Schiwon
0c5d9127e8
remove app specific IUserTools and consolidate test
Just some house keeping. IUserTools with used in even older days for
easier creation of Access instances…

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-30 22:44:50 +01:00
Roeland Jago Douma
8b2b238d86
Merge pull request #12054 from nextcloud/fix/5212/interact-with-userobject
LDAP: announce display name changes so that addressbook picks it up
2018-10-30 13:38:16 +01:00
Arthur Schiwon
49456e42f9
do not run into UniqueConstraintViolationException
… when an unmapped user logs in for the first time when background job
mode is ajax and no memcache was configured.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-30 12:12:03 +01:00
Morris Jobke
31ccf8580a
Merge pull request #12070 from nextcloud/fix/noid/announce-chosen-uid
announce the chosen uid (fixes wrong variable usage)
2018-10-30 10:12:04 +01:00
Arthur Schiwon
d47e1513bc
remove unneeded empty search attribute values, fixes #12086
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-29 13:21:02 +01:00
Arthur Schiwon
05f909dcf3
fixes wrong variable usage
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-26 18:03:41 +02:00
Arthur Schiwon
bbe44108b5
only write when the displayname differs, but then announce it
refs #5212 and fixes #9112

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-25 23:41:12 +02:00
Arthur Schiwon
2048872f9e
functions that were checked for are present since PHP 5.4, supported is >=/
* so the check from older days is really not necessary anymore
* resolves #10923

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-10-25 22:50:42 +02:00
Morris Jobke
b458ed9c82
Properly escape column name in "createFunction" call
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-10-16 15:24:02 +02:00
Daniel Kesselberg
2d30511fa6
Check if user is null before getUsername
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2018-09-16 19:33:03 +02:00
Arthur Schiwon
7807add02d
[LDAP] The WebUI Wizard also should not assign empty config IDs
With 689df9a843 the behaviour to assign only
non-empty config IDs was introduced. Only, this was only effective for CLI
and OCS API.

Related to #3270.

The web UI creates now also a full configuration on first load. This fixes
#5094.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-23 17:58:35 +02:00
Morris Jobke
3d8f174774
Resolve all group memberships properly
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-08-21 10:57:50 +02:00
Arthur Schiwon
b497b06867
don't force LDAP updates on userExists anymore
and remove some deprecated code

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-14 17:57:24 +02:00
Arthur Schiwon
a39c995083
FIX: emit assignedUserId only for users
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-08-09 23:45:11 +02:00
Julius Härtl
c2616df541
Only bind if configuration for the first server is available
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2018-07-13 08:25:10 +02:00
Arthur Schiwon
846ab25fc0
adjust and add more unit tests
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:50:49 +02:00
Arthur Schiwon
343036e55c
allow admin to disable fetching of avatars as well as a specific attribute
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-05 11:12:51 +02:00
Arthur Schiwon
a4dda465c2
let user set avatar in nextcloud von LDAP provides invalid image data
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-07-03 01:45:07 +02:00
blizzz
28e64afb8c
Merge pull request #10034 from nextcloud/fix/noid/ldap-silence-quota-logmsgs
lower log level for quota manipulation cases
2018-06-28 23:06:23 +02:00
Arthur Schiwon
cc51a00c93
lower log level for quota manipulation cases
and simplify the forest of ifs a little bit

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-28 21:10:07 +02:00
Arthur Schiwon
7a728f2154
LDAP backup server should not be queried when auth fails
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-06-27 23:12:07 +02:00
Arthur Schiwon
73cacb8896
check user state when fetching to avoid dealing with offline objects
fixes #9502

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-05-29 01:10:03 +02:00
Roger Szabo
856164e578 Fix "Invalid argument supplied for foreach()"
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-05-02 18:17:21 +08:00
Roger Szabo
8637b90e15 unbound cloned connection fix
Signed-off-by: Roger Szabo <roger.szabo@web.de>
2018-04-27 17:29:15 +08:00
Arthur Schiwon
38a90130ce
move log constants to ILogger
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-26 10:45:52 +02:00
Arthur Schiwon
ed5f53bd49
Access needs UserManager, missed to add in #8833
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-23 15:58:50 +02:00
Morris Jobke
38961a725f
Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks
add anounce- and (pre/|post)RevokeUser signals for non-native backends
2018-04-11 00:44:39 +02:00
Arthur Schiwon
16d4ff4d39
parameter provided to L10N::n() could have been a string
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 14:50:28 +02:00
Arthur Schiwon
f1565336bd
DI for NC's user manager
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:24 +02:00
Arthur Schiwon
373a1d5391
more consistent naming
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:46:15 +02:00
Arthur Schiwon
8fe914f07e
LDAP backend to emit announce and revoke signals on mapping changes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-04-05 12:38:39 +02:00
Roeland Jago Douma
f4fd0224db
Do not use \OCP\DB anymore
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 14:40:23 +02:00
Arthur Schiwon
cbf60f2e91
existence check works without attribute (like with users)
cn is not necessarily given everywhere

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-15 15:47:44 +01:00
Morris Jobke
8195b17ed7
Remove deprecated and unsused methods of OCP\DB
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-03-12 15:13:37 +01:00
Morris Jobke
cccf6f4d5f
Merge pull request #8221 from Cybso/8220_applyLdapUserFilter_on_members
Apply ldapUserFilter on members of group
2018-03-08 13:19:02 +01:00
Roland Tapken
2472b93fd9 dn2ocname: also apply group filter to readAttribute()
Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-03-07 12:18:46 +01:00
Roeland Jago Douma
c2320aea22
Merge pull request #8634 from nextcloud/ldap-no-empty-names
do not create empty userid when attribute does not have allowed chars
2018-03-05 19:37:17 +01:00
Arthur Schiwon
47a10bd25a
treat iconv issues
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 14:03:08 +01:00
Arthur Schiwon
4f8c724318
typo + phpdoc
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-05 13:30:28 +01:00
Arthur Schiwon
8607992e85
do not create empty userid when attribute does not have allowed chars
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 17:44:06 +01:00
Arthur Schiwon
04f7252fc4
use hash algo that's robust against collisions
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-03-02 16:26:36 +01:00
Arthur Schiwon
238c3a5201
fix retrieving group members with numerical uids from LDAP
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-23 12:05:50 +01:00
Arthur Schiwon
9bc75307e7
track the state of the bind result
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2018-02-22 13:05:33 +01:00
Morris Jobke
236086c457
Merge pull request #8335 from nextcloud/remove-unused-import
Remove unused import statements
2018-02-14 22:23:07 +01:00
Morris Jobke
d3d045dd5c
Remove unused import statements
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-14 16:55:43 +01:00
Morris Jobke
e2974f1133
Simplify return statement
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-02-13 21:55:24 +01:00
Roland Tapken
cf4ec7a4b6 Apply ldapUserFilter on members of group
Refers to issue #8220

user_ldap configured with custom filters for active directory access
(group-member-association is "member"). Then it can happen that the
members of a group contain members that don't belong to the users
available in Nextcloud (the most trivial reason is that the user filter
contains "(!(UserAccountControl:1.2.840.113556.1.4.803:=2))" to exclude
disabled users from being imported).

This can be fixed by applying the ldapUserFilter when resolving the UID
for a DN fetched from the group's member list.

Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
2018-02-07 12:02:58 +01:00