nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Joas Schilling	01b4db62fb	Add dispatcher events to User and Group objects Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Roeland Jago Douma	03fe2b3b81	Use a case insensitive search for email Fixes #7084 Now entering wrongly cased email (roeland@ instead of Roeland@) for password reset etc. Will also work. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Georg Ehrke	2db26d87c4	filter null values for UserManager::getByEmail Signed-off-by: Georg Ehrke <developer@georgehrke.com>	7 years ago
Roeland Jago Douma	19f84f7b54	Add tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	00e99af586	Mark token as invalid if the password doesn't match Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
John Molakvoæ (skjnldsv)	ad6e548411	Added case example to tests Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
Roeland Jago Douma	991d9b5c3a	Fix session tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
John Molakvoæ (skjnldsv)	8b9bd37e4e	Fixed tests Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	8 years ago
Joas Schilling	870023365c	Fix "Undefined method setExpectedException()" Signed-off-by: Joas Schilling <coding@schilljs.com>	8 years ago
Roeland Jago Douma	ef127a30ec	Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Arthur Schiwon	4f3d52a364	never translate login names when requiring with a user id where appropriate, the preLoginNameUsedAsUserName hook should be thrown. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Arthur Schiwon	2fde21e318	extend tests for status quo Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	8 years ago
Robin Appelman	aad01894e3	refactor user searching add additional user searching tests Signed-off-by: Robin Appelman <robin@icewind.nl>	8 years ago
Abijeet	ec28c54dbc	Adds search by email function on the users screen. Fixes #7175. - Updated the query to fetch the users in users > everyone tab. - Updated the query to fetch the users in users > admin tab. - Tested to ensure that the disabled users are also being fetched. - Added test cases. Signed-off-by: Abijeet <abijeetpatro@gmail.com>	8 years ago
Morris Jobke	43e498844e	Use ::class in test mocks Signed-off-by: Morris Jobke <hey@morrisjobke.de>	8 years ago
Lukas Reschke	ed8a98eaa1	Prevent SQL error message in case of error `\OC\User\Database::createUser` can throw a PHP exception in case the UID is longer than permitted in the database. This is against it's PHPDocs and we should cast this to `false`, so that the regular error handling triggers in. The easiest way to reproduce is on MySQL: 1. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel 2. Create user `aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa` in admin panel again 3. See SQL exception as error message Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	8 years ago
Roeland Jago Douma	1ea7f14f0a	Fix SessionTest Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Arthur Schiwon	999455c1aa	emit changeUser only if there really was a change (quota, displayname) Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	9 years ago
Lukas Reschke	7927aed991	Adjust token name Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Arthur Schiwon	668fe7df51	UserManager can now count disabled users Users page takes advantage of that Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	9 years ago
Joas Schilling	9212089151	Use the new method in the old one to remove duplicate code Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Joas Schilling	ac0c21f4a7	Trigger change when a user is enabled/disabled Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Joas Schilling	ada615eb86	Use the correct Dummy and Backend class Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Joas Schilling	a3922bbcdc	Better validation of allowed user names Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Robin Appelman	baec42e80a	Save the scope of an auth token in the session Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Vincent Petry	aacfef463c	Add tests for database user backend caching Add comment, closeCursor in user DB query Invalidate user in cache after successful creation Signed-off-by: Morris Jobke <hey@morrisjobke.de>	9 years ago
Joas Schilling	6acfea61d0	Fix tests Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Vincent Petry	91cd57e55b	Get user home folder before deletion After the deletion getHome() will fail because the user doesn't exist any more, so we need to fetch that value earlier. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Roeland Jago Douma	7b4265ab59	Improve OC\User\User coverage Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Roeland Jago Douma	e368a745aa	Set last-login-check on basic auth Else the last-login-check fails hard because the session value is not set and thus defaults to 0. * Started with tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Christoph Wurst	6543182d13	fix parameter order Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	9b808c4014	do not remember session tokens by default We have to respect the value of the remember-me checkbox. Due to an error in the source code the default value for the session token was to remember it. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Lukas Reschke	9d6e01ef40	Add missing tests and fix PHPDoc Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Christoph Wurst	6f86e468d4	inject ISecureRandom into user session and use injected config too Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Christoph Wurst	d907666232	bring back remember-me * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	9 years ago
Roeland Jago Douma	f722640a32	Proper DI of config * Fixed comments Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Jörn Friedrich Dreyer	f8352fcb8d	introduce callForSeenUsers and countSeenUsers (#26361 ) * introduce callForSeenUsers and countSeenUsers * add tests * oracle should support not null on clob * since 9.2.0	9 years ago
Roeland Jago Douma	593d52fe91	Fix and cleanup SessionTest Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	9 years ago
Vincent Petry	6d1e858aa4	Fix logClientIn for non-existing users (#26292 ) The check for two factor enforcement would return true for non-existing users. This fix makes it return false in order to be able to perform the regular login which will then fail and return false. This prevents throwing PasswordLoginForbidden for non-existing users.	9 years ago
Robin Appelman	90db361827	Add test to ensure token times are updated Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Robin Appelman	25ed6714c7	dont update the auth token twice Signed-off-by: Robin Appelman <robin@icewind.nl>	9 years ago
Joas Schilling	4d1acfd4ef	Only trigger postDelete hooks when the user was deleted... Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Joas Schilling	f6ff60f4cb	Make sure that comments, notifications and preferences are deleted Signed-off-by: Joas Schilling <coding@schilljs.com>	9 years ago
Roeland Jago Douma	d616984879	Fix getMock User	9 years ago
Robin Appelman	6c93fe08f5	dont get bruteforce delay twice	9 years ago
Lukas Reschke	c1589f163c	Mitigate race condition	10 years ago
Lukas Reschke	ba4f12baa0	Implement brute force protection Class Throttler implements the bruteforce protection for security actions in Nextcloud. It is working by logging invalid login attempts to the database and slowing down all login attempts from the same subnet. The max delay is 30 seconds and the starting delay are 200 milliseconds. (after the first failed login)	10 years ago
Roeland Jago Douma	f2d091a963	Fix failing tests after db split	10 years ago
Christoph Wurst	1710de8afb	Login hooks (#25260 ) * fix login hooks * adjust user session tests * fix login return value of successful token logins * trigger preLogin hook earlier; extract method 'loginWithPassword' * call postLogin hook earlier; add PHPDoc	10 years ago
Bjoern Schiessle	2a990a0db5	verify user password on change	10 years ago

1 2

67 Commits (5eae69bd2d73bc3ec6b60e2c1eaecb70faa019cc)