diff --git a/changelog/unreleased/fix-user-renaming.md b/changelog/unreleased/fix-user-renaming.md new file mode 100644 index 000000000..438087c5e --- /dev/null +++ b/changelog/unreleased/fix-user-renaming.md @@ -0,0 +1,5 @@ +Bugfix: Renaming a user to a string with capital letters + +We fixed the issue that led to correct update but the 404 response code when renaming an existing user to a string with capital letters. + +https://github.com/owncloud/ocis/pull/7964 diff --git a/go.mod b/go.mod index 332f0eef8..5349a6305 100644 --- a/go.mod +++ b/go.mod @@ -55,7 +55,7 @@ require ( github.com/jinzhu/now v1.1.5 github.com/justinas/alice v1.2.0 github.com/leonelquinteros/gotext v1.5.3-0.20230317130943-71a59c05b2c1 - github.com/libregraph/idm v0.4.1-0.20230221143410-3503963047a5 + github.com/libregraph/idm v0.4.1-0.20231213140724-56a222fb4215 github.com/libregraph/lico v0.61.1 github.com/mitchellh/mapstructure v1.5.0 github.com/mna/pigeon v1.2.1 @@ -124,7 +124,7 @@ require ( github.com/acomagu/bufpipe v1.0.3 // indirect github.com/agnivade/levenshtein v1.1.1 // indirect github.com/ajg/form v1.5.1 // indirect - github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387 // indirect + github.com/alexedwards/argon2id v1.0.0 // indirect github.com/amoghe/go-crypt v0.0.0-20220222110647-20eada5f5964 // indirect github.com/armon/go-metrics v0.4.1 // indirect github.com/armon/go-radix v1.0.0 // indirect diff --git a/go.sum b/go.sum index 87e23dcb8..27c6b66b5 100644 --- a/go.sum +++ b/go.sum @@ -845,8 +845,8 @@ github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk5 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 h1:Kk6a4nehpJ3UuJRqlA3JxYxBZEqCeOmATOvrbT4p9RA= github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= -github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387 h1:loy0fjI90vF44BPW4ZYOkE3tDkGTy7yHURusOJimt+I= -github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387/go.mod h1:GuR5j/NW7AU7tDAQUDGCtpiPxWIOy/c3kiRDnlwiCHc= +github.com/alexedwards/argon2id v1.0.0 h1:wJzDx66hqWX7siL/SRUmgz3F8YMrd/nfX/xHHcQQP0w= +github.com/alexedwards/argon2id v1.0.0/go.mod h1:tYKkqIjzXvZdzPvADMWOEZ+l6+BD6CtBXMj5fnJppiw= github.com/aliyun/alibaba-cloud-sdk-go v1.61.976/go.mod h1:pUKYbK5JQ+1Dfxk80P0qxGqe5dkxDoabbZS7zOcouyA= github.com/amoghe/go-crypt v0.0.0-20220222110647-20eada5f5964 h1:I9YN9WMo3SUh7p/4wKeNvD/IQla3U3SUa61U7ul+xM4= github.com/amoghe/go-crypt v0.0.0-20220222110647-20eada5f5964/go.mod h1:eFiR01PwTcpbzXtdMces7zxg6utvFM5puiWHpWB8D/k= @@ -1621,8 +1621,8 @@ github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q= github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4= github.com/leonelquinteros/gotext v1.5.3-0.20230317130943-71a59c05b2c1 h1:k56sFOOJ0CYuQtGoRSeAMhP1R692+iNH+S1dC/CEz0w= github.com/leonelquinteros/gotext v1.5.3-0.20230317130943-71a59c05b2c1/go.mod h1:AT4NpQrOmyj1L/+hLja6aR0lk81yYYL4ePnj2kp7d6M= -github.com/libregraph/idm v0.4.1-0.20230221143410-3503963047a5 h1:brLMXSjWoWhGXs8LpK+Lx+FQCtGLUa51Mq/ggHv9AV0= -github.com/libregraph/idm v0.4.1-0.20230221143410-3503963047a5/go.mod h1:Tnm4pyVJTEbHm3GUNmceWT1DHzdrYqrJmZyt/xh7L+A= +github.com/libregraph/idm v0.4.1-0.20231213140724-56a222fb4215 h1:Yw/I6l/0S/zDq2Hnibvwy8cVLpMaBwDe0aUSv/FNU6U= +github.com/libregraph/idm v0.4.1-0.20231213140724-56a222fb4215/go.mod h1:h/B7mB5OqrsrobydErMGewHxonYDKjGOaJsFabXyRo8= github.com/libregraph/lico v0.61.1 h1:md5z939Fq3pUuRWNA0M2y8F7xel+XWgp9vCXwMih8mQ= github.com/libregraph/lico v0.61.1/go.mod h1:pnRet4pexWmy6rAB2fLAlEU885ShDIJhbjbuekDSlMU= github.com/libregraph/oidc-go v1.0.0 h1:l2tE/EwLyLXVy0B5BuVKgIFX9pNpz/5J3x5IBw0KEhc= @@ -2161,7 +2161,6 @@ golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.0.0-20211117183948-ae814b36b871/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220314234659-1baeb1ce4c0b/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= @@ -2171,6 +2170,7 @@ golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45 golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio= golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= +golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY= golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -2503,6 +2503,7 @@ golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= @@ -2520,6 +2521,7 @@ golang.org/x/term v0.9.0/go.mod h1:M6DEAAIenWoTxdKrOltXcmDY3rSplQUkrvaDU5FcQyo= golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o= golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= diff --git a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md index 331c3953b..fe33e7ccc 100644 --- a/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md +++ b/tests/acceptance/expected-failures-localAPI-on-OCIS-storage.md @@ -90,10 +90,6 @@ The expected failures in this file are from features in the owncloud/ocis repo. - [apiGraph/getGroup.feature:382](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L382) - [apiGraph/getGroup.feature:383](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/getGroup.feature#L383) -#### [Changing user with an uppercase name gives 404 error](https://github.com/owncloud/ocis/issues/7044) - -- [apiGraph/editUser.feature:67](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/editUser.feature#L67) - #### [Same users can be added in a group multiple time](https://github.com/owncloud/ocis/issues/5702) - [apiGraph/addUserToGroup.feature:285](https://github.com/owncloud/ocis/blob/master/tests/acceptance/features/apiGraph/addUserToGroup.feature#L285) diff --git a/vendor/github.com/alexedwards/argon2id/README.md b/vendor/github.com/alexedwards/argon2id/README.md index b26a37903..60bbade09 100644 --- a/vendor/github.com/alexedwards/argon2id/README.md +++ b/vendor/github.com/alexedwards/argon2id/README.md @@ -56,7 +56,7 @@ If the code is running on a machine with multiple cores, then you can decrease t params := &argon2id.Params{ Memory: 128 * 1024, Iterations: 4, - Parallelism: 4, + Parallelism: uint8(runtime.NumCPU()), SaltLength: 16, KeyLength: 32, } diff --git a/vendor/github.com/alexedwards/argon2id/argon2id.go b/vendor/github.com/alexedwards/argon2id/argon2id.go index 12cbc2f2f..dc5f8db7b 100644 --- a/vendor/github.com/alexedwards/argon2id/argon2id.go +++ b/vendor/github.com/alexedwards/argon2id/argon2id.go @@ -12,6 +12,7 @@ import ( "encoding/base64" "errors" "fmt" + "runtime" "strings" "golang.org/x/crypto/argon2" @@ -45,7 +46,7 @@ var ( var DefaultParams = &Params{ Memory: 64 * 1024, Iterations: 1, - Parallelism: 2, + Parallelism: uint8(runtime.NumCPU()), SaltLength: 16, KeyLength: 32, } diff --git a/vendor/github.com/libregraph/idm/pkg/ldapserver/filter.go b/vendor/github.com/libregraph/idm/pkg/ldapserver/filter.go index 739d4333f..1ec4cc115 100644 --- a/vendor/github.com/libregraph/idm/pkg/ldapserver/filter.go +++ b/vendor/github.com/libregraph/idm/pkg/ldapserver/filter.go @@ -148,18 +148,31 @@ func ServerApplyFilter(f *ber.Packet, entry *ldap.Entry) (bool, LDAPResultCode) func ServerFilterScope(baseDN string, scope int, entry *ldap.Entry) (bool, LDAPResultCode) { // constrained search scope + parsedBaseDn, err := ldap.ParseDN(baseDN) + if err != nil { + return false, ldap.LDAPResultOperationsError + } + parsedDn, err := ldap.ParseDN(entry.DN) + if err != nil { + return false, ldap.LDAPResultOperationsError + } switch scope { case ldap.ScopeWholeSubtree: // The scope is constrained to the entry named by baseObject and to all its subordinates. case ldap.ScopeBaseObject: // The scope is constrained to the entry named by baseObject. - if entry.DN != baseDN { + if !parsedDn.EqualFold(parsedBaseDn) { return false, ldap.LDAPResultSuccess } case ldap.ScopeSingleLevel: // The scope is constrained to the immediate subordinates of the entry named by baseObject. parts := strings.Split(entry.DN, ",") - if len(parts) < 2 && entry.DN != baseDN { + if len(parts) < 2 && !parsedDn.EqualFold(parsedBaseDn) { return false, ldap.LDAPResultSuccess } - if dn := strings.Join(parts[1:], ","); dn != baseDN { + subDn := strings.Join(parts[1:], ",") + parsedSubDn, err := ldap.ParseDN(subDn) + if err != nil { + return false, ldap.LDAPResultOperationsError + } + if !parsedSubDn.EqualFold(parsedBaseDn) { return false, ldap.LDAPResultSuccess } } diff --git a/vendor/modules.txt b/vendor/modules.txt index e4c07aacd..069742cb8 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -74,7 +74,7 @@ github.com/agnivade/levenshtein # github.com/ajg/form v1.5.1 ## explicit github.com/ajg/form -# github.com/alexedwards/argon2id v0.0.0-20211130144151-3585854a6387 +# github.com/alexedwards/argon2id v1.0.0 ## explicit; go 1.12 github.com/alexedwards/argon2id # github.com/amoghe/go-crypt v0.0.0-20220222110647-20eada5f5964 @@ -1239,7 +1239,7 @@ github.com/leodido/go-urn ## explicit; go 1.13 github.com/leonelquinteros/gotext github.com/leonelquinteros/gotext/plurals -# github.com/libregraph/idm v0.4.1-0.20230221143410-3503963047a5 +# github.com/libregraph/idm v0.4.1-0.20231213140724-56a222fb4215 ## explicit; go 1.18 github.com/libregraph/idm github.com/libregraph/idm/pkg/ldapdn