Merge branch 'master' into tests/fix-phpunit-warnings

Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
author: Côme Chilliet <91878298+come-nc@users.noreply.github.com> 2022-12-05 12:03:39 +0100
committer: GitHub <noreply@github.com> 2022-12-05 12:03:39 +0100
commit: 30560d316584276a08c909f5198a839c1c170cc9 (patch)
tree: 154477dee76d6b7451671010aa2318c500975521 /apps/user_ldap
parent: cb0450b5c4fbe590e7b35284a40d78d96a0251f6 (diff)
parent: 4196bf81e653c39d33d25c76652cc78dab8c5e1c (diff)
download: nextcloud-server-30560d316584276a08c909f5198a839c1c170cc9.tar.gz
nextcloud-server-30560d316584276a08c909f5198a839c1c170cc9.zip
16 files changed, 123 insertions, 20 deletions
diff --git a/apps/user_ldap/composer/autoload.php b/apps/user_ldap/composer/autoload.php
index d1e331c189e..89e85038c65 100644
--- a/apps/user_ldap/composer/autoload.php
+++ b/apps/user_ldap/composer/autoload.php
@@ -3,8 +3,21 @@
 // autoload.php @generated by Composer
 
 if (PHP_VERSION_ID < 50600) {
-    echo 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
-    exit(1);
+    if (!headers_sent()) {
+        header('HTTP/1.1 500 Internal Server Error');
+    }
+    $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
+    if (!ini_get('display_errors')) {
+        if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') {
+            fwrite(STDERR, $err);
+        } elseif (!headers_sent()) {
+            echo $err;
+        }
+    }
+    trigger_error(
+        $err,
+        E_USER_ERROR
+    );
 }
 
 require_once __DIR__ . '/composer/autoload_real.php';
diff --git a/apps/user_ldap/composer/composer/installed.php b/apps/user_ldap/composer/composer/installed.php
index 5f83b3f2bff..ee1748532a9 100644
--- a/apps/user_ldap/composer/composer/installed.php
+++ b/apps/user_ldap/composer/composer/installed.php
@@ -3,7 +3,7 @@
         'name' => '__root__',
         'pretty_version' => 'dev-master',
         'version' => 'dev-master',
-        'reference' => '144514e49e25b7b123fd535902fee97fa39fb446',
+        'reference' => 'e35bcc9381246a8ec3da96e78e9771ef6044a6d4',
         'type' => 'library',
         'install_path' => __DIR__ . '/../',
         'aliases' => array(),
@@ -13,7 +13,7 @@
         '__root__' => array(
             'pretty_version' => 'dev-master',
             'version' => 'dev-master',
-            'reference' => '144514e49e25b7b123fd535902fee97fa39fb446',
+            'reference' => 'e35bcc9381246a8ec3da96e78e9771ef6044a6d4',
             'type' => 'library',
             'install_path' => __DIR__ . '/../',
             'aliases' => array(),
diff --git a/apps/user_ldap/l10n/en_GB.js b/apps/user_ldap/l10n/en_GB.js
index cb27ab1b65b..fb6c94a2883 100644
--- a/apps/user_ldap/l10n/en_GB.js
+++ b/apps/user_ldap/l10n/en_GB.js
@@ -49,12 +49,21 @@ OC.L10N.register(
     "Consider narrowing your search, as it encompassed many users, only the first one of whom will be able to log in." : "Consider narrowing your search, as it encompassed many users, only the first one of whom will be able to log in.",
     "An unspecified error occurred. Please check log and settings." : "An unspecified error occurred. Please check log and settings.",
     "The search filter is invalid, probably due to syntax issues like uneven number of opened and closed brackets. Please revise." : "The search filter is invalid, probably due to syntax issues like an uneven number of opened and closed brackets. Please revise.",
+    "A connection error to LDAP/AD occurred. Please check host, port and credentials." : "A connection error to LDAP/AD occurred. Please check host, port and credentials.",
+    "The \"%uid\" placeholder is missing. It will be replaced with the login name when querying LDAP/AD." : "The \"%uid\" placeholder is missing. It will be replaced with the login name when querying LDAP/AD.",
     "Please provide a login name to test against" : "Please provide a login name to test against",
+    "The group box was disabled, because the LDAP/AD server does not support memberOf." : "The group box was disabled, because the LDAP/AD server does not support memberOf.",
     "Password change rejected. Hint: " : "Password change rejected. Hint: ",
     "Please login with the new password" : "Please login with the new password",
+    "LDAP User backend" : "LDAP User backend",
     "Your password will expire tomorrow." : "Your password will expire tomorrow.",
     "Your password will expire today." : "Your password will expire today.",
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["Your password will expire within %n day.","Your password will expire within %n days."],
+    "LDAP/AD integration" : "LDAP/AD integration",
+    "_%n group found_::_%n groups found_" : ["%n group found","%n groups found"],
+    "> 1000 groups found" : "> 1000 groups found",
+    "> 1000 users found" : "> 1000 users found",
+    "_%n user found_::_%n users found_" : ["%n user found","%n users found"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings.",
     "Could not find the desired feature" : "Could not find the desired feature",
     "Invalid Host" : "Invalid Host",
@@ -74,6 +83,9 @@ OC.L10N.register(
     "The filter specifies which LDAP groups shall have access to the %s instance." : "The filter specifies which LDAP groups shall have access to the %s instance.",
     "Verify settings and count the groups" : "Verify settings and count the groups",
     "When logging in, %s will find the user based on the following attributes:" : "When logging in, %s will find the user based on the following attributes:",
+    "LDAP/AD Username:" : "LDAP/AD Username:",
+    "Allows login against the LDAP/AD username, which is either \"uid\" or \"sAMAccountName\" and will be detected." : "Allows login against the LDAP/AD username, which is either \"uid\" or \"sAMAccountName\" and will be detected.",
+    "LDAP/AD Email Address:" : "LDAP/AD Email Address:",
     "Allows login against an email attribute. \"mail\" and \"mailPrimaryAddress\" allowed." : "Allows login against an email attribute. \"mail\" and \"mailPrimaryAddress\" allowed.",
     "Other Attributes:" : "Other Attributes:",
     "Defines the filter to apply, when login is attempted. \"%%uid\" replaces the username in the login action. Example: \"uid=%%uid\"" : "Defines the filter to apply, when login is attempted. \"%%uid\" replaces the username in the login action. Example: \"uid=%%uid\"",
@@ -166,7 +178,11 @@ OC.L10N.register(
     "Email Field" : "Email Field",
     "Set the user's email from their LDAP attribute. Leave it empty for default behaviour." : "Set the user's email from their LDAP attribute. Leave it empty for default behaviour.",
     "User Home Folder Naming Rule" : "User Home Folder Naming Rule",
+    "Leave empty for username (default). Otherwise, specify an LDAP/AD attribute." : "Leave empty for username (default). Otherwise, specify an LDAP/AD attribute.",
+    "\"$home\" Placeholder Field" : "\"$home\" Placeholder Field",
+    "$home in an external storage configuration will be replaced with the value of the specified attribute" : "$home in an external storage configuration will be replaced with the value of the specified attribute",
     "Internal Username" : "Internal Username",
+    "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior." : "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior.",
     "Internal Username Attribute:" : "Internal Username Attribute:",
     "Override UUID detection" : "Override UUID detection",
     "By default, the UUID attribute is automatically detected. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users and groups." : "By default, the UUID attribute is automatically detected. The UUID attribute is used to unambiguously identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users and groups.",
@@ -175,6 +191,7 @@ OC.L10N.register(
     "Username-LDAP User Mapping" : "Username-LDAP User Mapping",
     "Usernames are used to store and assign metadata. In order to precisely identify and recognize users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage." : "Usernames are used to store and assign metadata. In order to precisely identify and recognise users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage.",
     "Clear Username-LDAP User Mapping" : "Clear Username-LDAP User Mapping",
-    "Clear Groupname-LDAP Group Mapping" : "Clear Groupname-LDAP Group Mapping"
+    "Clear Groupname-LDAP Group Mapping" : "Clear Groupname-LDAP Group Mapping",
+    "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-].  Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior." : "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-].  Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior."
 },
 "nplurals=2; plural=(n != 1);");
diff --git a/apps/user_ldap/l10n/en_GB.json b/apps/user_ldap/l10n/en_GB.json
index 7c1861d435b..74c0a75d3e6 100644
--- a/apps/user_ldap/l10n/en_GB.json
+++ b/apps/user_ldap/l10n/en_GB.json
@@ -47,12 +47,21 @@
     "Consider narrowing your search, as it encompassed many users, only the first one of whom will be able to log in." : "Consider narrowing your search, as it encompassed many users, only the first one of whom will be able to log in.",
     "An unspecified error occurred. Please check log and settings." : "An unspecified error occurred. Please check log and settings.",
     "The search filter is invalid, probably due to syntax issues like uneven number of opened and closed brackets. Please revise." : "The search filter is invalid, probably due to syntax issues like an uneven number of opened and closed brackets. Please revise.",
+    "A connection error to LDAP/AD occurred. Please check host, port and credentials." : "A connection error to LDAP/AD occurred. Please check host, port and credentials.",
+    "The \"%uid\" placeholder is missing. It will be replaced with the login name when querying LDAP/AD." : "The \"%uid\" placeholder is missing. It will be replaced with the login name when querying LDAP/AD.",
     "Please provide a login name to test against" : "Please provide a login name to test against",
+    "The group box was disabled, because the LDAP/AD server does not support memberOf." : "The group box was disabled, because the LDAP/AD server does not support memberOf.",
     "Password change rejected. Hint: " : "Password change rejected. Hint: ",
     "Please login with the new password" : "Please login with the new password",
+    "LDAP User backend" : "LDAP User backend",
     "Your password will expire tomorrow." : "Your password will expire tomorrow.",
     "Your password will expire today." : "Your password will expire today.",
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["Your password will expire within %n day.","Your password will expire within %n days."],
+    "LDAP/AD integration" : "LDAP/AD integration",
+    "_%n group found_::_%n groups found_" : ["%n group found","%n groups found"],
+    "> 1000 groups found" : "> 1000 groups found",
+    "> 1000 users found" : "> 1000 users found",
+    "_%n user found_::_%n users found_" : ["%n user found","%n users found"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings.",
     "Could not find the desired feature" : "Could not find the desired feature",
     "Invalid Host" : "Invalid Host",
@@ -72,6 +81,9 @@
     "The filter specifies which LDAP groups shall have access to the %s instance." : "The filter specifies which LDAP groups shall have access to the %s instance.",
     "Verify settings and count the groups" : "Verify settings and count the groups",
     "When logging in, %s will find the user based on the following attributes:" : "When logging in, %s will find the user based on the following attributes:",
+    "LDAP/AD Username:" : "LDAP/AD Username:",
+    "Allows login against the LDAP/AD username, which is either \"uid\" or \"sAMAccountName\" and will be detected." : "Allows login against the LDAP/AD username, which is either \"uid\" or \"sAMAccountName\" and will be detected.",
+    "LDAP/AD Email Address:" : "LDAP/AD Email Address:",
     "Allows login against an email attribute. \"mail\" and \"mailPrimaryAddress\" allowed." : "Allows login against an email attribute. \"mail\" and \"mailPrimaryAddress\" allowed.",
     "Other Attributes:" : "Other Attributes:",
     "Defines the filter to apply, when login is attempted. \"%%uid\" replaces the username in the login action. Example: \"uid=%%uid\"" : "Defines the filter to apply, when login is attempted. \"%%uid\" replaces the username in the login action. Example: \"uid=%%uid\"",
@@ -164,7 +176,11 @@
     "Email Field" : "Email Field",
     "Set the user's email from their LDAP attribute. Leave it empty for default behaviour." : "Set the user's email from their LDAP attribute. Leave it empty for default behaviour.",
     "User Home Folder Naming Rule" : "User Home Folder Naming Rule",
+    "Leave empty for username (default). Otherwise, specify an LDAP/AD attribute." : "Leave empty for username (default). Otherwise, specify an LDAP/AD attribute.",
+    "\"$home\" Placeholder Field" : "\"$home\" Placeholder Field",
+    "$home in an external storage configuration will be replaced with the value of the specified attribute" : "$home in an external storage configuration will be replaced with the value of the specified attribute",
     "Internal Username" : "Internal Username",
+    "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior." : "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-]. Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior.",
     "Internal Username Attribute:" : "Internal Username Attribute:",
     "Override UUID detection" : "Override UUID detection",
     "By default, the UUID attribute is automatically detected. The UUID attribute is used to doubtlessly identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behavior. Changes will have effect only on newly mapped (added) LDAP users and groups." : "By default, the UUID attribute is automatically detected. The UUID attribute is used to unambiguously identify LDAP users and groups. Also, the internal username will be created based on the UUID, if not specified otherwise above. You can override the setting and pass an attribute of your choice. You must make sure that the attribute of your choice can be fetched for both users and groups and it is unique. Leave it empty for default behaviour. Changes will have effect only on newly mapped (added) LDAP users and groups.",
@@ -173,6 +189,7 @@
     "Username-LDAP User Mapping" : "Username-LDAP User Mapping",
     "Usernames are used to store and assign metadata. In order to precisely identify and recognize users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage." : "Usernames are used to store and assign metadata. In order to precisely identify and recognise users, each LDAP user will have an internal username. This requires a mapping from username to LDAP user. The created username is mapped to the UUID of the LDAP user. Additionally the DN is cached as well to reduce LDAP interaction, but it is not used for identification. If the DN changes, the changes will be found. The internal username is used all over. Clearing the mappings will have leftovers everywhere. Clearing the mappings is not configuration sensitive, it affects all LDAP configurations! Never clear the mappings in a production environment, only in a testing or experimental stage.",
     "Clear Username-LDAP User Mapping" : "Clear Username-LDAP User Mapping",
-    "Clear Groupname-LDAP Group Mapping" : "Clear Groupname-LDAP Group Mapping"
+    "Clear Groupname-LDAP Group Mapping" : "Clear Groupname-LDAP Group Mapping",
+    "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-].  Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior." : "By default the internal username will be created from the UUID attribute. It makes sure that the username is unique and characters do not need to be converted. The internal username has the restriction that only these characters are allowed: [a-zA-Z0-9_.@-].  Other characters are replaced with their ASCII correspondence or simply omitted. On collisions a number will be added/increased. The internal username is used to identify a user internally. It is also the default name for the user home folder. It is also a part of remote URLs, for instance for all *DAV services. With this setting, the default behavior can be overridden. Changes will have effect only on newly mapped (added) LDAP users. Leave it empty for default behavior."
 },"pluralForm" :"nplurals=2; plural=(n != 1);"
 }
 \ No newline at end of file
diff --git a/apps/user_ldap/l10n/es.js b/apps/user_ldap/l10n/es.js
index 25dc2745991..8821ad3ac5e 100644
--- a/apps/user_ldap/l10n/es.js
+++ b/apps/user_ldap/l10n/es.js
@@ -166,7 +166,7 @@ OC.L10N.register(
     "Paging chunksize" : "Tamaño de los fragmentos de paginación",
     "Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)" : "Tamaño de los fragmentos usado para búsquedas LDAP paginadas que pueden devolver resultados voluminosos, como enumeración de usuarios o de grupos. (Si se establece en 0, se deshabilitan las búsquedas LDAP paginadas en esas situaciones.)",
     "Enable LDAP password changes per user" : "Permitir cambios de contraseñas LDAP por usuario",
-    "Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server." : "Permite a usuarios LDAP cambiar su contraseña y permite administradores y administradores de grupos, cambiar la contraseña de sus usuarios LDAP. SOlo funciona cuando las políticas de control de acceso están configuradas de acuerdo a las del servidor LDAP. Como las contraseñas se mandan en texto plano al servidor, LDAP, encripción del transporte debe ser usado y cifrado de las contraseñas debe ser configurado en el servidor LDAP.",
+    "Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server." : "Permite a usuarios LDAP cambiar su contraseña y permite administradores y administradores de grupos, cambiar la contraseña de sus usuarios LDAP. Solo funciona cuando las políticas de control de acceso están configuradas de acuerdo a las del servidor LDAP. Como las contraseñas se mandan en texto plano al servidor, LDAP, encripción del transporte debe ser usado y cifrado de las contraseñas debe ser configurado en el servidor LDAP.",
     "(New password is sent as plain text to LDAP)" : "(La nueva contraseña se envía como texto plano a LDAP)",
     "Default password policy DN" : "Política de contraseñas por defecto DN",
     "The DN of a default password policy that will be used for password expiry handling. Works only when LDAP password changes per user are enabled and is only supported by OpenLDAP. Leave empty to disable password expiry handling." : "El DN de una política de contraseñas por defecto que será usado para el manejo de la expiración de contraseñas. Solo funciona cuando los cambios por usuario de la contraseña LDAP están habilitados y solo está aceptada por OpenLDAP. Déjala vacía para deshabilitar el manejo de expiración de contraseñas.",
diff --git a/apps/user_ldap/l10n/es.json b/apps/user_ldap/l10n/es.json
index c41959bc8ca..1d867cae117 100644
--- a/apps/user_ldap/l10n/es.json
+++ b/apps/user_ldap/l10n/es.json
@@ -164,7 +164,7 @@
     "Paging chunksize" : "Tamaño de los fragmentos de paginación",
     "Chunksize used for paged LDAP searches that may return bulky results like user or group enumeration. (Setting it 0 disables paged LDAP searches in those situations.)" : "Tamaño de los fragmentos usado para búsquedas LDAP paginadas que pueden devolver resultados voluminosos, como enumeración de usuarios o de grupos. (Si se establece en 0, se deshabilitan las búsquedas LDAP paginadas en esas situaciones.)",
     "Enable LDAP password changes per user" : "Permitir cambios de contraseñas LDAP por usuario",
-    "Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server." : "Permite a usuarios LDAP cambiar su contraseña y permite administradores y administradores de grupos, cambiar la contraseña de sus usuarios LDAP. SOlo funciona cuando las políticas de control de acceso están configuradas de acuerdo a las del servidor LDAP. Como las contraseñas se mandan en texto plano al servidor, LDAP, encripción del transporte debe ser usado y cifrado de las contraseñas debe ser configurado en el servidor LDAP.",
+    "Allow LDAP users to change their password and allow Super Administrators and Group Administrators to change the password of their LDAP users. Only works when access control policies are configured accordingly on the LDAP server. As passwords are sent in plaintext to the LDAP server, transport encryption must be used and password hashing should be configured on the LDAP server." : "Permite a usuarios LDAP cambiar su contraseña y permite administradores y administradores de grupos, cambiar la contraseña de sus usuarios LDAP. Solo funciona cuando las políticas de control de acceso están configuradas de acuerdo a las del servidor LDAP. Como las contraseñas se mandan en texto plano al servidor, LDAP, encripción del transporte debe ser usado y cifrado de las contraseñas debe ser configurado en el servidor LDAP.",
     "(New password is sent as plain text to LDAP)" : "(La nueva contraseña se envía como texto plano a LDAP)",
     "Default password policy DN" : "Política de contraseñas por defecto DN",
     "The DN of a default password policy that will be used for password expiry handling. Works only when LDAP password changes per user are enabled and is only supported by OpenLDAP. Leave empty to disable password expiry handling." : "El DN de una política de contraseñas por defecto que será usado para el manejo de la expiración de contraseñas. Solo funciona cuando los cambios por usuario de la contraseña LDAP están habilitados y solo está aceptada por OpenLDAP. Déjala vacía para deshabilitar el manejo de expiración de contraseñas.",
diff --git a/apps/user_ldap/l10n/fr.js b/apps/user_ldap/l10n/fr.js
index a6ecdc324a1..ae3367e3c77 100644
--- a/apps/user_ldap/l10n/fr.js
+++ b/apps/user_ldap/l10n/fr.js
@@ -61,6 +61,8 @@ OC.L10N.register(
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["Votre mot de passe va expirer dans %n jour.","Votre mot de passe va expirer dans %n jours.","Votre mot de passe va expirer dans %n jours."],
     "LDAP/AD integration" : "Integration LDAP/AD ",
     "_%n group found_::_%n groups found_" : ["%n groupe trouvé","%n groupes trouvés","%n groupes trouvés"],
+    "> 1000 groups found" : "> 1000 groupes trouvés",
+    "> 1000 users found" : "> 1000 utilisateurs trouvés",
     "_%n user found_::_%n users found_" : ["%n utilisateur trouvé","%n utilisateurs trouvés","%n utilisateurs trouvés"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "Impossible de détecter l'attribut contenant le nom d'affichage des utilisateurs. Veuillez l'indiquer vous-même dans les paramètres LDAP avancés.",
     "Could not find the desired feature" : "Impossible de trouver la fonction souhaitée",
@@ -72,7 +74,7 @@ OC.L10N.register(
     "Help" : "Aide",
     "Groups meeting these criteria are available in %s:" : "Les groupes respectant ces critères sont disponibles dans %s :",
     "Only these object classes:" : "Seulement ces classes d'objets :",
-    "Only from these groups:" : "Seulement dans ces groupes :",
+    "Only from these groups:" : "Seulement dans ces groupes :",
     "Search groups" : "Chercher dans les groupes",
     "Available groups" : "Groupes disponibles",
     "Selected groups" : "Groupes sélectionnés",
diff --git a/apps/user_ldap/l10n/fr.json b/apps/user_ldap/l10n/fr.json
index 6f3759727b7..064fa3e9e6e 100644
--- a/apps/user_ldap/l10n/fr.json
+++ b/apps/user_ldap/l10n/fr.json
@@ -59,6 +59,8 @@
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["Votre mot de passe va expirer dans %n jour.","Votre mot de passe va expirer dans %n jours.","Votre mot de passe va expirer dans %n jours."],
     "LDAP/AD integration" : "Integration LDAP/AD ",
     "_%n group found_::_%n groups found_" : ["%n groupe trouvé","%n groupes trouvés","%n groupes trouvés"],
+    "> 1000 groups found" : "> 1000 groupes trouvés",
+    "> 1000 users found" : "> 1000 utilisateurs trouvés",
     "_%n user found_::_%n users found_" : ["%n utilisateur trouvé","%n utilisateurs trouvés","%n utilisateurs trouvés"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "Impossible de détecter l'attribut contenant le nom d'affichage des utilisateurs. Veuillez l'indiquer vous-même dans les paramètres LDAP avancés.",
     "Could not find the desired feature" : "Impossible de trouver la fonction souhaitée",
@@ -70,7 +72,7 @@
     "Help" : "Aide",
     "Groups meeting these criteria are available in %s:" : "Les groupes respectant ces critères sont disponibles dans %s :",
     "Only these object classes:" : "Seulement ces classes d'objets :",
-    "Only from these groups:" : "Seulement dans ces groupes :",
+    "Only from these groups:" : "Seulement dans ces groupes :",
     "Search groups" : "Chercher dans les groupes",
     "Available groups" : "Groupes disponibles",
     "Selected groups" : "Groupes sélectionnés",
diff --git a/apps/user_ldap/l10n/ja.js b/apps/user_ldap/l10n/ja.js
index 03a83d83a35..7f8455f54b8 100644
--- a/apps/user_ldap/l10n/ja.js
+++ b/apps/user_ldap/l10n/ja.js
@@ -60,6 +60,10 @@ OC.L10N.register(
     "Your password will expire today." : "パスワードが今日期限切れになります。",
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["パスワードがあと %n日で期限切れになります。"],
     "LDAP/AD integration" : "LDAP/AD統合",
+    "_%n group found_::_%n groups found_" : ["グループ%nが見つかりました "],
+    "> 1000 groups found" : "1000 以上のグループが見つかりました",
+    "> 1000 users found" : "1000 以上のユーザーが見つかりました",
+    "_%n user found_::_%n users found_" : ["ユーザー%n が見つかりました"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "ユーザー表示名の属性を検出できませんでした。詳細設定で対応する属性を指定してください。",
     "Could not find the desired feature" : "望ましい機能は見つかりませんでした",
     "Invalid Host" : "無効なホスト",
diff --git a/apps/user_ldap/l10n/ja.json b/apps/user_ldap/l10n/ja.json
index bae170334bb..a177306a5ce 100644
--- a/apps/user_ldap/l10n/ja.json
+++ b/apps/user_ldap/l10n/ja.json
@@ -58,6 +58,10 @@
     "Your password will expire today." : "パスワードが今日期限切れになります。",
     "_Your password will expire within %n day._::_Your password will expire within %n days._" : ["パスワードがあと %n日で期限切れになります。"],
     "LDAP/AD integration" : "LDAP/AD統合",
+    "_%n group found_::_%n groups found_" : ["グループ%nが見つかりました "],
+    "> 1000 groups found" : "1000 以上のグループが見つかりました",
+    "> 1000 users found" : "1000 以上のユーザーが見つかりました",
+    "_%n user found_::_%n users found_" : ["ユーザー%n が見つかりました"],
     "Could not detect user display name attribute. Please specify it yourself in advanced LDAP settings." : "ユーザー表示名の属性を検出できませんでした。詳細設定で対応する属性を指定してください。",
     "Could not find the desired feature" : "望ましい機能は見つかりませんでした",
     "Invalid Host" : "無効なホスト",
diff --git a/apps/user_ldap/l10n/lv.js b/apps/user_ldap/l10n/lv.js
index 61eb1d75c98..2c623018a21 100644
--- a/apps/user_ldap/l10n/lv.js
+++ b/apps/user_ldap/l10n/lv.js
@@ -45,6 +45,7 @@ OC.L10N.register(
     "Selected groups" : "Izvēlētās grupas",
     "Edit LDAP Query" : "Labot LDAP vaicājumu",
     "LDAP Filter:" : "LDAP filtrs:",
+    "Verify settings and count the groups" : "Pārbaudiet iestatījumus un saskaitiet grupas",
     "Other Attributes:" : "Citi atribūti:",
     "Test Loginname" : "Pārbaudiet lietotājvārdu",
     "Verify settings" : "Pārbaudīt iestatījumus",
@@ -60,6 +61,7 @@ OC.L10N.register(
     "You can specify Base DN for users and groups in the Advanced tab" : "Lietotājiem un grupām var norādīt bāzes DN  cilnē “Paplašināti”",
     "Detect Base DN" : "Noteikt bāzes DN",
     "Test Base DN" : "Testēt bāzes DN",
+    "Verify settings and count users" : "Pārbaudiet iestatījumus un saskaitiet lietotājus",
     "Saving" : "Saglabā",
     "Back" : "Atpakaļ",
     "Continue" : "Turpināt",
diff --git a/apps/user_ldap/l10n/lv.json b/apps/user_ldap/l10n/lv.json
index be82e0717dc..fdebc4b2287 100644
--- a/apps/user_ldap/l10n/lv.json
+++ b/apps/user_ldap/l10n/lv.json
@@ -43,6 +43,7 @@
     "Selected groups" : "Izvēlētās grupas",
     "Edit LDAP Query" : "Labot LDAP vaicājumu",
     "LDAP Filter:" : "LDAP filtrs:",
+    "Verify settings and count the groups" : "Pārbaudiet iestatījumus un saskaitiet grupas",
     "Other Attributes:" : "Citi atribūti:",
     "Test Loginname" : "Pārbaudiet lietotājvārdu",
     "Verify settings" : "Pārbaudīt iestatījumus",
@@ -58,6 +59,7 @@
     "You can specify Base DN for users and groups in the Advanced tab" : "Lietotājiem un grupām var norādīt bāzes DN  cilnē “Paplašināti”",
     "Detect Base DN" : "Noteikt bāzes DN",
     "Test Base DN" : "Testēt bāzes DN",
+    "Verify settings and count users" : "Pārbaudiet iestatījumus un saskaitiet lietotājus",
     "Saving" : "Saglabā",
     "Back" : "Atpakaļ",
     "Continue" : "Turpināt",
diff --git a/apps/user_ldap/lib/AppInfo/Application.php b/apps/user_ldap/lib/AppInfo/Application.php
index 79998a580e5..757ac141d3d 100644
--- a/apps/user_ldap/lib/AppInfo/Application.php
+++ b/apps/user_ldap/lib/AppInfo/Application.php
@@ -31,6 +31,7 @@ use OCA\Files_External\Service\BackendService;
 use OCA\User_LDAP\Controller\RenewPasswordController;
 use OCA\User_LDAP\Events\GroupBackendRegistered;
 use OCA\User_LDAP\Events\UserBackendRegistered;
+use OCA\User_LDAP\FilesystemHelper;
 use OCA\User_LDAP\Group_Proxy;
 use OCA\User_LDAP\GroupPluginManager;
 use OCA\User_LDAP\Handler\ExtStorageConfigHandler;
@@ -38,6 +39,7 @@ use OCA\User_LDAP\Helper;
 use OCA\User_LDAP\ILDAPWrapper;
 use OCA\User_LDAP\LDAP;
 use OCA\User_LDAP\Notification\Notifier;
+use OCA\User_LDAP\User\Manager;
 use OCA\User_LDAP\User_Proxy;
 use OCA\User_LDAP\UserPluginManager;
 use OCP\AppFramework\App;
@@ -46,10 +48,17 @@ use OCP\AppFramework\Bootstrap\IBootstrap;
 use OCP\AppFramework\Bootstrap\IRegistrationContext;
 use OCP\AppFramework\IAppContainer;
 use OCP\EventDispatcher\IEventDispatcher;
+use OCP\IAvatarManager;
+use OCP\IConfig;
 use OCP\IGroupManager;
 use OCP\IL10N;
+use OCP\Image;
 use OCP\IServerContainer;
+use OCP\IUserManager;
 use OCP\Notification\IManager as INotificationManager;
+use OCP\Share\IManager as IShareManager;
+use Psr\Container\ContainerInterface;
+use Psr\Log\LoggerInterface;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 
 class Application extends App implements IBootstrap {
@@ -87,6 +96,24 @@ class Application extends App implements IBootstrap {
 
 	public function register(IRegistrationContext $context): void {
 		$context->registerNotifierService(Notifier::class);
+
+		$context->registerService(
+			Manager::class,
+			function (ContainerInterface $c) {
+				return new Manager(
+					$c->get(IConfig::class),
+					$c->get(FilesystemHelper::class),
+					$c->get(LoggerInterface::class),
+					$c->get(IAvatarManager::class),
+					$c->get(Image::class),
+					$c->get(IUserManager::class),
+					$c->get(INotificationManager::class),
+					$c->get(IShareManager::class),
+				);
+			},
+			// the instance is specific to a lazy bound Access instance, thus cannot be shared.
+			false
+		);
 	}
 
 	public function boot(IBootContext $context): void {
diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php
index c16823d39ee..fc620e00e30 100644
--- a/apps/user_ldap/lib/Configuration.php
+++ b/apps/user_ldap/lib/Configuration.php
@@ -120,6 +120,7 @@ class Configuration {
 		'ldapDefaultPPolicyDN' => null,
 		'ldapExtStorageHomeAttribute' => null,
 		'ldapMatchingRuleInChainState' => self::LDAP_SERVER_FEATURE_UNKNOWN,
+		'ldapConnectionTimeout' => 15,
 	];
 
 	public function __construct(string $configPrefix, bool $autoRead = true) {
@@ -463,6 +464,7 @@ class Configuration {
 			'ldap_user_avatar_rule' => 'default',
 			'ldap_ext_storage_home_attribute' => '',
 			'ldap_matching_rule_in_chain_state' => self::LDAP_SERVER_FEATURE_UNKNOWN,
+			'ldap_connection_timeout' => 15,
 		];
 	}
 
@@ -526,6 +528,7 @@ class Configuration {
 			'ldap_ext_storage_home_attribute' => 'ldapExtStorageHomeAttribute',
 			'ldap_matching_rule_in_chain_state' => 'ldapMatchingRuleInChainState',
 			'ldapIgnoreNamingRules' => 'ldapIgnoreNamingRules',	// sysconfig
+			'ldap_connection_timeout' => 'ldapConnectionTimeout',
 		];
 		return $array;
 	}
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
index 89b58b7ebfd..dca55c1750e 100644
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@@ -167,7 +167,7 @@ class Connection extends LDAPUtility {
 	 */
 	public function __clone() {
 		$this->configuration = new Configuration($this->configPrefix,
-												 !is_null($this->configID));
+			!is_null($this->configID));
 		if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
 			$this->bindResult = [];
 		}
@@ -407,9 +407,8 @@ class Connection extends LDAPUtility {
 			} else {
 				$uuidAttributes = Access::UUID_ATTRIBUTES;
 				array_unshift($uuidAttributes, 'auto');
-				if (!in_array($this->configuration->$effectiveSetting,
-							$uuidAttributes)
-					&& (!is_null($this->configID))) {
+				if (!in_array($this->configuration->$effectiveSetting, $uuidAttributes)
+					&& !is_null($this->configID)) {
 					$this->configuration->$effectiveSetting = 'auto';
 					$this->configuration->saveConfiguration();
 					$this->logger->info(
@@ -606,12 +605,18 @@ class Connection extends LDAPUtility {
 				if (!$isBackupHost) {
 					throw $e;
 				}
+				$this->logger->warning(
+					'Main LDAP not reachable, connecting to backup',
+					[
+						'app' => 'user_ldap'
+					]
+				);
 			}
 
 			//if LDAP server is not reachable, try the Backup (Replica!) Server
 			if ($isBackupHost || $isOverrideMainServer) {
 				$this->doConnect($this->configuration->ldapBackupHost,
-								 $this->configuration->ldapBackupPort);
+					$this->configuration->ldapBackupPort);
 				$this->bindResult = [];
 				$bindStatus = $this->bind();
 				$error = $this->ldap->isResource($this->ldapConnectionRes) ?
@@ -649,6 +654,10 @@ class Connection extends LDAPUtility {
 			throw new ServerNotAvailableException('Could not disable LDAP referrals.');
 		}
 
+		if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_NETWORK_TIMEOUT, $this->configuration->ldapConnectionTimeout)) {
+			throw new ServerNotAvailableException('Could not set network timeout');
+		}
+
 		if ($this->configuration->ldapTLS) {
 			if (!$this->ldap->startTls($this->ldapConnectionRes)) {
 				throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
@@ -681,8 +690,8 @@ class Connection extends LDAPUtility {
 		}
 
 		$ldapLogin = @$this->ldap->bind($cr,
-										$this->configuration->ldapAgentName,
-										$this->configuration->ldapAgentPassword);
+			$this->configuration->ldapAgentName,
+			$this->configuration->ldapAgentPassword);
 
 		$this->bindResult = [
 			'sum' => md5($this->configuration->ldapAgentName . $this->configPrefix . $this->configuration->ldapAgentPassword),
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 81cb30dd25b..b32e031175f 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -1324,10 +1324,11 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I
 
 		if (($displayName !== false) && (count($displayName) > 0)) {
 			$displayName = $displayName[0];
-			$this->access->connection->writeToCache($cacheKey, $displayName);
-			return $displayName;
+		} else {
+			$displayName = '';
 		}
 
-		return '';
+		$this->access->connection->writeToCache($cacheKey, $displayName);
+		return $displayName;
 	}
 }
author	Côme Chilliet <91878298+come-nc@users.noreply.github.com>	2022-12-05 12:03:39 +0100
committer	GitHub <noreply@github.com>	2022-12-05 12:03:39 +0100
commit	30560d316584276a08c909f5198a839c1c170cc9 (patch)
tree	154477dee76d6b7451671010aa2318c500975521 /apps/user_ldap
parent	cb0450b5c4fbe590e7b35284a40d78d96a0251f6 (diff)
parent	4196bf81e653c39d33d25c76652cc78dab8c5e1c (diff)
download	nextcloud-server-30560d316584276a08c909f5198a839c1c170cc9.tar.gz nextcloud-server-30560d316584276a08c909f5198a839c1c170cc9.zip