nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Roeland Jago Douma	145eee91fe	Get the proper UID Some user backends (like the database backend) allow us to obtain a user case insensitive. However the UID itself is case sensitive. Example: * create a user User1 * login as User1 - This results the data/User1 folder to be created etc * now have some code somewhere that obtains the userFolder (from IRootFolder) but pas in 'uSER1' as uid - The code will check if that is a valid user. And in this case it is since User1 and uSER1 both map to the same user - However the the UID in the user object is used for the folder a new folder fill be create data/uSER1 With this PR this is avoided now. Since we obtain the real UID casing in the backend before creating the user object. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	ba60fafb9a	Add proper PostLoginEvent This can be used by othr mechanisms to listen for this event in a lazy fashion. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Christoph Wurst	3174012adf	Add event dispatcher to OCP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	170582d4f5	Add a login chain to reduce the complexity of LoginController::tryLogin Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Arthur Schiwon	96bab4f969	remove obsolete use statements Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	7 years ago
Leon Klingele	9a5ca231bf	lib/private/User: do not change user properties if value has not changed	7 years ago
Leon Klingele	3eb0d4f1a4	lib/private/User,apps/user_ldap/lib/User: always pass old value to User::triggerChange	7 years ago
Leon Klingele	f420647add	lib/private/User: do not change user properties if value has not changed Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Morris Jobke	36618b111f	Pass old value to user triggerChange hook Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Roeland Jago Douma	969fc45032	Do not allow invalid users to be created Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Joas Schilling	01b4db62fb	Add dispatcher events to User and Group objects Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Christoph Wurst	ad5a658e0c	Add isTokenLogin argument to post login hook/event Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Roeland Jago Douma	6980ecf7ab	Throttle with correct metadata Fixes #13202 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	03fe2b3b81	Use a case insensitive search for email Fixes #7084 Now entering wrongly cased email (roeland@ instead of Roeland@) for password reset etc. Will also work. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	c2beb36bfc	Bearer tokens are app token Fixes #12498 This means that we set that it is a proper app token once it is validated. This will allow the 2FA middleware to just run the same check. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Joas Schilling	bb352fb667	Use the defined func()->count() instead of manual counting Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Roeland Jago Douma	1fd640b40b	Expose the backend of IUser Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	2223d19997	Error out early on an expired token Fixes #12131 If we hit an expired token there is no need to continue checking. Since we know it is a token. We also should not register this with the bruteforce throttler as it is actually a valid token. Just expired. Instead the authentication should fail. And buisness continues as usual. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Morris Jobke	b458ed9c82	Properly escape column name in "createFunction" call Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Georg Ehrke	2db26d87c4	filter null values for UserManager::getByEmail Signed-off-by: Georg Ehrke <developer@georgehrke.com>	7 years ago
Roeland Jago Douma	0c9a3de68f	Just update password hash without validating Fixes #11097 If your password hash changed (becuse your are on 7.2 and we moved to ARGON2). Then we shold not 'set a new password' but just update the hash. As else we invoke the password policy again which might lock out users. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	d9febae5b2	Update all the publickey tokens if needed on web login * On weblogin check if we have invalid public key tokens * If so update them all with the new token This ensures that your marked as invalid tokens work again if you once login on the web. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	00e99af586	Mark token as invalid if the password doesn't match Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	9a7265babf	Make authenticated cookies lax This protects our cookies a bit more. It makes sure that when a 3rdparty websites embededs a public alendar for example. That all the users see this in anonymous mode there. It adds a small helper function. In the future we can think about protecting other cookies like this as well. But for now this is sufficient to not have the user logged in at all when doing 3rdparty requests. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	ac4735a4f2	Update the scope of the lockdownmanager We have the token anyway. So better the scope as well. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Robin Appelman	3392302d22	make table name configurable for db user backend Signed-off-by: Robin Appelman <robin@icewind.nl>	8 years ago
Robin Appelman	4187d2cdb3	use query builder in all places in the db user backend Signed-off-by: Robin Appelman <robin@icewind.nl>	8 years ago
Roeland Jago Douma	8c47a632e0	Allow updating the token on session regeneration Sometimes when we force a session regeneration we want to update the current token for this session. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
John Molakvoæ (skjnldsv)	0bfe3da664	Ignore case when sorting users Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
John Molakvoæ (skjnldsv)	c55cf79453	Added total count for subadmins Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
John Molakvoæ (skjnldsv)	10c135ca34	Added disabled count per groups Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
Arthur Schiwon	38a90130ce	move log constants to ILogger Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Roeland Jago Douma	81f71cb1f9	Numeric only uids are no fun Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	074a0e0665	Cast retrieved DB fields to string Fixes #9279 If a pure numerical user is in the DB the value might be casted to a int when returned. Cast it all to a string so we don't break the strict typing. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
John Molakvoæ (skjnldsv)	eae55761de	Properly return boolean on enable state Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
Roeland Jago Douma	8edbeb159e	Use the uid_lower column This can use a proper index Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Arthur Schiwon	373a1d5391	more consistent naming Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Arthur Schiwon	2ebf26e444	admin_audit and dav listen to announce and revoke signals also place them in doc Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Bjoern Schiessle	6795b35cdf	Move on with the next user if we found the user on one user back-end Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	8 years ago
Roeland Jago Douma	471272d456	Move to ABackend Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	cbd2be583a	Move Database backend over to new User/Backend interfaces Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Daniel Calviño Sánchez	0b96a71a68	Fix configuration values matched in user searches Due to a misplaced closing parenthesis the condition of the left join clause was just "userid = uid"; the other conditions were passed as additional parameters to "leftJoin", and thus they were ignored. Therefore, the result set contained every preference of each user instead of only the email, so the "WHERE configvalue LIKE XXX" matched any configuration value of the user. Besides the closing parenthesis this commit also fixes the literal values. Although "Literal" objects represent literal values they must be created through "IExpressionBuilder::literal()" to be properly quoted; otherwise it is just a plain string, which is treated as a column name. Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>	8 years ago
Morris Jobke	d3d045dd5c	Remove unused import statements Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Morris Jobke	a661f043e1	Remove unneeded semicolon and parentheses Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Morris Jobke	16a558871c	Use proper code flow instead of not needed else branch Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Roeland Jago Douma	ef127a30ec	Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	0660e57b1f	Don't polute log when loggin into dav with email * We first try the email as username but this fails * Then we get the uid from the email and try again We should not log the first attempt since it polutes the log with failed login attempts while the login actually is valid. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Arthur Schiwon	4f3d52a364	never translate login names when requiring with a user id where appropriate, the preLoginNameUsedAsUserName hook should be thrown. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Robin Appelman	aad01894e3	refactor user searching add additional user searching tests Signed-off-by: Robin Appelman <robin@icewind.nl>	8 years ago
Abijeet	ec28c54dbc	Adds search by email function on the users screen. Fixes #7175. - Updated the query to fetch the users in users > everyone tab. - Updated the query to fetch the users in users > admin tab. - Tested to ensure that the disabled users are also being fetched. - Added test cases. Signed-off-by: Abijeet <abijeetpatro@gmail.com>	8 years ago

1 2 3 4

190 Commits (4f31b7b9cc2dac060194de2c769b149a2ac861ba)