summaryrefslogtreecommitdiffstats
path: root/lib/private/User/Database.php
Commit message (Collapse)AuthorAgeFilesLines
* Just update password hash without validatingRoeland Jago Douma2018-10-031-8/+12
| | | | | | | | | | | Fixes #11097 If your password hash changed (becuse your are on 7.2 and we moved to ARGON2). Then we shold not 'set a new password' but just update the hash. As else we invoke the password policy again which might lock out users. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* make table name configurable for db user backendRobin Appelman2018-06-191-9/+13
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* use query builder in all places in the db user backendRobin Appelman2018-06-151-13/+26
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* move log constants to ILoggerArthur Schiwon2018-04-261-1/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Numeric only uids are no funRoeland Jago Douma2018-04-241-1/+4
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Cast retrieved DB fields to stringRoeland Jago Douma2018-04-241-4/+4
| | | | | | | | | | Fixes #9279 If a pure numerical user is in the DB the value might be casted to a int when returned. Cast it all to a string so we don't break the strict typing. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use the uid_lower columnRoeland Jago Douma2018-04-061-24/+65
| | | | | | This can use a proper index Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move to ABackendRoeland Jago Douma2018-03-221-2/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move Database backend over to new User/Backend interfacesRoeland Jago Douma2018-03-221-16/+30
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix configuration values matched in user searchesDaniel Calviño Sánchez2018-03-141-3/+3
| | | | | | | | | | | | | | | | Due to a misplaced closing parenthesis the condition of the left join clause was just "userid = uid"; the other conditions were passed as additional parameters to "leftJoin", and thus they were ignored. Therefore, the result set contained every preference of each user instead of only the email, so the "WHERE configvalue LIKE XXX" matched any configuration value of the user. Besides the closing parenthesis this commit also fixes the literal values. Although "Literal" objects represent literal values they must be created through "IExpressionBuilder::literal()" to be properly quoted; otherwise it is just a plain string, which is treated as a column name. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
* refactor user searchingRobin Appelman2017-12-201-44/+44
| | | | | | add additional user searching tests Signed-off-by: Robin Appelman <robin@icewind.nl>
* Adds search by email function on the users screen.Abijeet2017-12-161-2/+11
| | | | | | | | | | | Fixes #7175. - Updated the query to fetch the users in users > everyone tab. - Updated the query to fetch the users in users > admin tab. - Tested to ensure that the disabled users are also being fetched. - Added test cases. Signed-off-by: Abijeet <abijeetpatro@gmail.com>
* Fix search in user managent when no group is selectedMorris Jobke2017-11-141-0/+2
| | | | | | * also allows to search by displayname Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Change @georgehrke's emailMorris Jobke2017-11-061-1/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Update license headersMorris Jobke2017-11-061-0/+3
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Prevent SQL error message in case of errorLukas Reschke2017-08-171-1/+5
| | | | | | | | | | | | | | `\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than permitted in the database. This is against it's PHPDocs and we should cast this to `false`, so that the regular error handling triggers in. The easiest way to reproduce is on MySQL: 1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel 2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again 3. See SQL exception as error message Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* user ids are stringsRobin Appelman2017-03-301-1/+2
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #3889 from nextcloud/downstream-26950Morris Jobke2017-03-231-2/+2
|\ | | | | Sharing dialog: make autocomplete sorting case insensitive
| * fix sorting in the backendMorris Jobke2017-03-231-2/+2
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Add tests for database user backend cachingVincent Petry2017-03-201-1/+6
| | | | | | | | | | | | | | | | Add comment, closeCursor in user DB query Invalidate user in cache after successful creation Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | cache loadUser if not existsJörn Friedrich Dreyer2017-03-201-1/+1
| | | | | | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* | Don't call function in constructorLukas Reschke2017-03-161-7/+3
| | | | | | | | | | | | The constructor is iniitiated already very early in base.php, thus requiring this here will break the setup and some more. For now we probably have to live with a static function call here thus. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Escape like parameters in database user backendLukas Reschke2017-03-151-3/+7
|/ | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* spaces addedLoki30002017-01-101-1/+1
|
* allowed '0' uidLoki30002017-01-101-1/+1
|
* remove non required db requestsLoki30002017-01-101-1/+6
|
* Default value for null userLoki30002017-01-091-0/+1
| | | | | For guest users on every request executes query: SELECT `uid`, `displayname` FROM `users` WHERE LOWER(`uid`) = LOWER(null) as I see, uid can't be equal to null by design.
* Cache non existing DB userRoeland Jago Douma2016-10-101-2/+7
| | | | | | | | | We always query the database backend. Even if we use a different one (ldap for example). Now we do this everytime we try to get a user object so caching that a user is not in the DB safes some queries on each request then (at least 2 what I found). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add PHPdocRoeland Jago Douma2016-08-151-3/+5
|
* Unnecessary fully qualified namesJörn Friedrich Dreyer2016-08-141-4/+8
|
* Apply password policy on user creationmichag862016-08-031-0/+2
|
* Update with robinJoas Schilling2016-07-211-1/+1
|
* Fix othersJoas Schilling2016-07-211-3/+5
|
* verify user password on changeBjoern Schiessle2016-06-271-2/+8
|
* Update license headersLukas Reschke2016-05-261-4/+4
|
* Add \OC\User\BackendRoeland Jago Douma2016-05-101-1/+1
| | | | | Since some apps (ldap et al) still depend on OC_User_Backend this seemed like the cleanest approach.
* Move OC_User_Database to \OC\User\DatabaseRoeland Jago Douma2016-05-101-0/+349