summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib/Group_LDAP.php
Commit message (Collapse)AuthorAgeFilesLines
* Add stricter psalm type for CappedMemoryCacheCarl Schwan2022-05-121-6/+6
| | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* Add ldap:reset-group command to unmap groups from LDAPCôme Chilliet2022-04-011-6/+21
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix unit testsCôme Chilliet2022-03-031-1/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Remove redundant is_array checkCôme Chilliet2022-03-031-11/+9
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #29329 from nextcloud/fix/noid/groups-unwarranted-membersJohn Molakvoæ2021-12-201-2/+14
|\
| * fix potential unwarranted memberships in nested groups from LDAPArthur Schiwon2021-11-191-2/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - the issue was present only when using PHP based resolving of nested group members. Normally nested members are common in AD (and Samba4) and are resolved per LDAP_MATCHING_RULE_IN_CHAIN by default - resolving nested members is recursive - when the cache entry was created it happend for intermediate groups, too, containing members from the parent group - the check was added to only cache the root group with its members - a runtime cache stores intermediate ldap read results Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Fix PHP 8.1 support for user_ldap applicationCôme Chilliet2021-12-161-3/+3
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use Psr\Log\LoggerInterface where it can easily be used in user_ldapCôme Chilliet2021-10-141-3/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix caching of objectsid searchesArthur Schiwon2021-09-211-4/+5
| | | | | | | - store result when no name could be retrieved, too - cached value is not an array, was treated wrongly Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-1/+0
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* fix detecting cyclic group membershipsArthur Schiwon2021-02-231-10/+21
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* fix parameter provided as string not arrayArthur Schiwon2021-01-281-1/+3
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* check number of members after potential resolving of rdnsArthur Schiwon2020-11-271-4/+5
| | | | | | | - the type check is not necessary anymore for the return type of _groupMembers() Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* use faster and less hungry foreachArthur Schiwon2020-11-271-10/+8
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* moved the array_reduce to fix large search caseTobias Perschon2020-11-271-10/+17
| | | | | | also added some additional comments and renamed some vars to make it intuitive whats in them Signed-off-by: Tobias Perschon <tobias@perschon.at>
* flatten result array as expected by following codeArthur Schiwon2020-11-261-2/+7
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* when nesting is not enabled, the group filter can be applied right awayArthur Schiwon2020-10-191-1/+6
| | | | | | | | - helps performance, but skipping unnecessary entries - reduces reoccuring info-level log output against groups that do not qualify ("no or empty name") Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Update the license headers for Nextcloud 20Christoph Wurst2020-08-241-1/+0
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* do not flip available state to unavailable, allow empty resultsArthur Schiwon2020-08-111-11/+20
| | | | | | | | | - the detection relies that the first, requested result is not empty - it might be empty though – groups without members - protect switching from available to unavailable - switching the other way around was also not envisaged either Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* LDAP: shortcut in reading nested group members when IN_CHAIN is availableArthur Schiwon2020-08-111-0/+29
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* use break not continue in switch to avoid warningArthur Schiwon2020-08-101-5/+5
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* added "zimbraMailForwardingAddress" as a Group-Member association attribute ↵Tobias Perschon2020-08-071-83/+126
| | | | | | | | | | | | | | | to enable the use of Zimbra Distribution Lists as groups in nextcloud when connecting to a zimbra LDAP Signed-off-by: Tobias Perschon <tobias@perschon.at> fix cs:check Signed-off-by: Tobias Perschon <tobias@perschon.at> Update apps/user_ldap/lib/Group_LDAP.php Co-authored-by: blizzz <blizzz@arthur-schiwon.de> Signed-off-by: Tobias Perschon <tobias@perschon.at>
* Merge pull request #21171 from nextcloud/enh/noid/tidy-up-group-ldapMorris Jobke2020-07-061-197/+154
|\ | | | | tidy up Group_LDAP
| * tidy up Group_LDAPArthur Schiwon2020-06-081-197/+154
| | | | | | | | | | | | | | | | | | | | * remove unused method * resolve code duplication * remove usage of deprectad Util::writeLog * phpDoc updates * signature updates Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | fix strings being passed where arrays where expectedArthur Schiwon2020-06-241-3/+4
|/ | | | | | also brought type hints up to internal API level Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* simplify getGroups, fixing wrong chunking logicArthur Schiwon2020-05-271-50/+7
| | | | | | pagination is taken care of properly in the search logic in Access class Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Update license headers for 19Christoph Wurst2020-04-291-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Don't remove last user in ldap group when limit is -1Clement Wong2020-04-271-3/+3
| | | | Signed-off-by: Clement Wong <git@clement.hk>
* formattingArthur Schiwon2020-04-231-37/+59
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* consolidate groupsMatchFilter in groupsExistArthur Schiwon2020-04-171-5/+25
| | | | | | | - less duplication - profiting of the same cache entry Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-101-83/+82
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use elseif instead of else ifChristoph Wurst2020-04-101-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-091-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix (array) indent style to always use one tabChristoph Wurst2020-04-091-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix multiline commentsChristoph Wurst2020-04-081-7/+7
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update the license headers for Nextcloud 19Christoph Wurst2020-03-311-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the short array syntax, everywhereChristoph Wurst2020-03-261-33/+33
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #17717 from nextcloud/fix/noid/ldap-relax-getHomeblizzz2020-01-141-8/+27
|\ | | | | relax strict getHome behaviour for LDAP users in a shadow state
| * ensure that only valid group members are returnedArthur Schiwon2020-01-131-8/+27
| | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | cache group existence early to save useless requests to LDAPArthur Schiwon2020-01-081-1/+1
|/ | | | | | we do it for users already Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Update license headersChristoph Wurst2019-12-051-2/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* uid can be false when the user record does not exitArthur Schiwon2019-11-201-8/+12
| | | | | | fixes not loading files app for users who got a share by the gone LDAP user Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Also invalidate groups after deletionArthur Schiwon2019-06-271-2/+11
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* ensures mapping of chosen useridArthur Schiwon2019-06-191-1/+1
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* fix inGroup check, thus make integration tests succeedArthur Schiwon2019-06-141-1/+0
| | | | | | | there is not such strange return mode. Having invalid user ids caused this check to fail, and as side effect share limitation to groups to not work. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* group display name support (service level + ldap)Arthur Schiwon2019-05-271-1/+27
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Cache cleaning when subadmin adds user to groupVinicius Cubas Brand2019-03-211-0/+2
| | | | | | | | | | | This commit fix an error happening when the subadmin tries to create an user, adding him/her to the group s/he is subadmin of, using a LDAP User/Group plugin. This just forces the cache to be reset after an user is added to a group. Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
* fix nested group retrieval also for 2 other casesArthur Schiwon2019-03-051-60/+76
| | | | | | and also consolidate logic in one method Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Reduce queries to LDAP by caching nested groupsRoland Tapken2019-03-051-6/+18
| | | | | | | Nested groups are now cached in a CappedMemoryCache object to reduce queries to the LDAP backend. Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
* user_ldap: really resolve nested groupsRoland Tapken2019-03-051-14/+19
| | | | | | | | | | | The previous patch fixed the problem only for one level of indirection because groupsMatchFilter() had been applied on each recursive call (and thus there would be no second level if the first level fails the check). This new implementation replaces the recursive call with a stack that iterates all nested groups before filtering with groupsMatchFilter(). Signed-off-by: Roland Tapken <roland@bitarbeiter.net>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-28 09:05:38 +0000