aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/User
Commit message (Collapse)AuthorAgeFilesLines
* Add typed events for all user hooks and legacy eventsChristoph Wurst2019-12-111-3/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-057-11/+21
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Prevent creating users with existing filesJoas Schilling2019-12-041-7/+19
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add typed create user eventsChristoph Wurst2019-12-031-5/+17
| | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at> Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add typed events for password_policyChristoph Wurst2019-11-271-8/+7
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Some php-cs fixesRoeland Jago Douma2019-11-224-6/+6
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make the post login event publicChristoph Wurst2019-11-202-67/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make sure limit is never negativeRoeland Jago Douma2019-10-281-0/+10
| | | | | | | | | There were some cases where a negative limit could be passed in. Which would happily make the query explode. This is just a quick hack to make sure it never is negative. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make renewSessionToken return the new tokenRoeland Jago Douma2019-10-091-2/+1
| | | | | | | Avoids directly getting the token again. We just inserted it so it and have all the info. So that query is just a waste. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Disable app token creation for impersonated people, ref #15539Greta Doci2019-09-151-0/+23
| | | | Signed-off-by: Greta Doci <gretadoci@gmail.com>
* Get the proper UIDRoeland Jago Douma2019-08-132-1/+17
| | | | | | | | | | | | | | | | | | | | | Some user backends (like the database backend) allow us to obtain a user case insensitive. However the UID itself is case sensitive. Example: * create a user User1 * login as User1 - This results the data/User1 folder to be created etc * now have some code somewhere that obtains the userFolder (from IRootFolder) but pas in 'uSER1' as uid - The code will check if that is a valid user. And in this case it is since User1 and uSER1 both map to the same user - However the the UID in the user object is used for the folder a new folder fill be create data/uSER1 With this PR this is avoided now. Since we obtain the real UID casing in the backend before creating the user object. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add proper PostLoginEventRoeland Jago Douma2019-07-292-1/+77
| | | | | | | This can be used by othr mechanisms to listen for this event in a lazy fashion. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add event dispatcher to OCPChristoph Wurst2019-06-251-3/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add a login chain to reduce the complexity of LoginController::tryLoginChristoph Wurst2019-05-071-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* remove obsolete use statementsArthur Schiwon2019-04-241-2/+0
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* lib/private/User: do not change user properties if value has not changedLeon Klingele2019-04-111-1/+1
|
* lib/private/User,apps/user_ldap/lib/User: always pass old value to ↵Leon Klingele2019-04-111-1/+2
| | | | User::triggerChange
* lib/private/User: do not change user properties if value has not changedLeon Klingele2019-04-111-6/+6
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Pass old value to user triggerChange hookMorris Jobke2019-04-111-4/+4
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Do not allow invalid users to be createdRoeland Jago Douma2019-03-141-0/+14
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add dispatcher events to User and Group objectsJoas Schilling2019-03-012-25/+37
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add isTokenLogin argument to post login hook/eventChristoph Wurst2019-01-231-2/+7
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Throttle with correct metadataRoeland Jago Douma2019-01-041-1/+1
| | | | | | Fixes #13202 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use a case insensitive search for emailRoeland Jago Douma2018-12-201-1/+1
| | | | | | | | Fixes #7084 Now entering wrongly cased email (roeland@ instead of Roeland@) for password reset etc. Will also work. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Bearer tokens are app tokenRoeland Jago Douma2018-11-201-0/+4
| | | | | | | | | | Fixes #12498 This means that we set that it is a proper app token once it is validated. This will allow the 2FA middleware to just run the same check. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use the defined func()->count() instead of manual countingJoas Schilling2018-11-081-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Expose the backend of IUserRoeland Jago Douma2018-11-021-0/+4
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Error out early on an expired tokenRoeland Jago Douma2018-10-301-1/+11
| | | | | | | | | | | | | Fixes #12131 If we hit an expired token there is no need to continue checking. Since we know it is a token. We also should not register this with the bruteforce throttler as it is actually a valid token. Just expired. Instead the authentication should fail. And buisness continues as usual. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Properly escape column name in "createFunction" callMorris Jobke2018-10-161-2/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* filter null values for UserManager::getByEmailGeorg Ehrke2018-10-151-1/+5
| | | | Signed-off-by: Georg Ehrke <developer@georgehrke.com>
* Just update password hash without validatingRoeland Jago Douma2018-10-031-8/+12
| | | | | | | | | | | Fixes #11097 If your password hash changed (becuse your are on 7.2 and we moved to ARGON2). Then we shold not 'set a new password' but just update the hash. As else we invoke the password policy again which might lock out users. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update all the publickey tokens if needed on web loginRoeland Jago Douma2018-10-021-0/+4
| | | | | | | | | | * On weblogin check if we have invalid public key tokens * If so update them all with the new token This ensures that your marked as invalid tokens work again if you once login on the web. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Mark token as invalid if the password doesn't matchRoeland Jago Douma2018-10-021-3/+10
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make authenticated cookies laxRoeland Jago Douma2018-09-281-4/+31
| | | | | | | | | | | | | | This protects our cookies a bit more. It makes sure that when a 3rdparty websites embededs a public alendar for example. That all the users see this in anonymous mode there. It adds a small helper function. In the future we can think about protecting other cookies like this as well. But for now this is sufficient to not have the user logged in at all when doing 3rdparty requests. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update the scope of the lockdownmanagerRoeland Jago Douma2018-08-141-0/+3
| | | | | | We have the token anyway. So better the scope as well. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* make table name configurable for db user backendRobin Appelman2018-06-191-9/+13
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Merge pull request #9881 from nextcloud/user-db-backend-querybuilderMorris Jobke2018-06-191-13/+26
|\ | | | | use query builder in all places in the db user backend
| * use query builder in all places in the db user backendRobin Appelman2018-06-151-13/+26
| | | | | | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* | Allow updating the token on session regenerationRoeland Jago Douma2018-06-141-0/+2
|/ | | | | | | Sometimes when we force a session regeneration we want to update the current token for this session. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Ignore case when sorting usersJohn Molakvoæ (skjnldsv)2018-05-261-2/+2
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Added total count for subadminsJohn Molakvoæ (skjnldsv)2018-05-241-0/+19
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Added disabled count per groupsJohn Molakvoæ (skjnldsv)2018-05-241-6/+42
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* move log constants to ILoggerArthur Schiwon2018-04-261-1/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Numeric only uids are no funRoeland Jago Douma2018-04-241-1/+4
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Cast retrieved DB fields to stringRoeland Jago Douma2018-04-241-4/+4
| | | | | | | | | | Fixes #9279 If a pure numerical user is in the DB the value might be casted to a int when returned. Cast it all to a string so we don't break the strict typing. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooksMorris Jobke2018-04-112-0/+6
|\ | | | | add anounce- and (pre/|post)RevokeUser signals for non-native backends
| * more consistent namingArthur Schiwon2018-04-052-6/+6
| | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
| * admin_audit and dav listen to announce and revoke signalsArthur Schiwon2018-04-052-0/+6
| | | | | | | | | | | | also place them in doc Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | Properly return boolean on enable stateJohn Molakvoæ (skjnldsv)2018-04-091-3/+2
| | | | | | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* | Use the uid_lower columnRoeland Jago Douma2018-04-061-24/+65
|/ | | | | | This can use a proper index Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-05 07:19:18 +0000