Commit Graph

23 Commits

Author SHA1 Message Date
Daniel Swärd 6f7bd454b2 Fix so that userType is not returned if not available. 2023-03-15 12:05:29 +01:00
Daniel Swärd 23ba180e8a graph: Use userType property to distinguish between Member and Guest accounts
Fixes 5603

- Calling POST /graph/v1.0/users with userType not set will create a user as "Member"
- Calling POST /graph/v1.0/users with userType set as "Member" or "Guest" will create a user as "Member" or "Guest"
- Calling POST /graph/v1.0/users with userType set as anything but "Member" or "Guest" returns error
- Calling POST /graph/v1.0/education/users with userType not set will create a user as "Member"
- Calling POST /graph/v1.0/education/users with userType set as "Member" will create a user as "Member" and primary role as parameter specifies
- Calling POST /graph/v1.0/education/users with userType set as "Guest" will create a user as "Guest" and primary role as parameter specifies
- Calling POST /graph/v1.0/education/users with userType not set as anything but "Member" or "Guest" returns error
- Calling PATCH on /users or /education/users will update attribute in the same way as for POST
2023-03-15 12:05:29 +01:00
Daniel Swärd ca746106d8 graph: Allow disabling user by adding to local group
* A new config option for disabling users with the options "none", "attribute" and "group".
* When set to "none", there will be no enabledAttribute returned in user info and trying to change enabledAttribute will return an error
* Disable/enable group name DN as config parameter
* Adding/removing users to specified group on user update
* Changing log level for service initialization failure to error
* Adding helper methods to check if user is enabled/disabled + tests

Fixes #5554
2023-03-06 09:31:23 +01:00
Daniel Swärd fcf5783a1b graph: Add accountEnabled flag to ldap backend. (#5588)
* graph: Add accountEnabled flag to ldap backend.

* Add missing accountEnabled attribute to user listing.
2023-02-17 13:48:12 +01:00
Daniël Franke 92f4d60a06 Properly generate new DN.
This fixes issue #5581 by properly parsing the old DN and replacing the
first part with the new DN.
2023-02-16 12:41:29 +01:00
Daniël Franke 9bd1551c6b Integrate @rhafer's feedback 2023-02-15 10:06:23 +01:00
Daniël Franke 172807bb69 Add testcase for changing username. 2023-02-15 10:06:23 +01:00
Daniël Franke bed4a82ff0 Finish working code and most of tests. 2023-02-15 10:06:23 +01:00
Ralf Haferkamp 26f7523ff8 graph: Pass parsed odata request to the identity backend
In preparation for some more advanced queries pass the parse odata request
tVo the identity backend methods instead of the raw url.Values{}. This also
add some helpers for validating $expand and $search queries to reject
some unsupported queries.

Also remove support for `$select=memberOf` and `$select=drive|drives` queries
and stick to the technically correct `$expand=...`.
2023-02-08 14:25:55 +01:00
Jörn Friedrich Dreyer 3aa864aecc Remove Staticcheck warnings (#5394)
* remove deprecated ioutil imports

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* remove duplicate imports

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* remove unused values

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* remove some unused types

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* remove deprecated ioutil import

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2023-01-13 15:29:14 +01:00
Ralf Haferkamp 6d5637ad79 graph: Move LDAP groups related code to a separate file 2023-01-12 17:37:10 +01:00
Daniël Franke b0cd8779a7 Consistently add user attributes to AddRequest (#5392)
To make the `CreateUser` flow easier to test, the attributes of the
LDAP add request need to be added consistently. This way we can
expect that argument with the mock.

This PR does the following:

* Add a method `getUserAttrTypes` that returns a static list of attr names.
* Alter `userToAddRequest` to iterate over the static list, and add the attr
  if it exists in the `attrMap`.

Closes #5390
2023-01-12 17:25:43 +01:00
Daniël Franke ddb0933033 Display surname and givenName attributes.
This PR makes it so that givenName and surname attributes are returned for users.

Fixes #5386
2023-01-12 15:01:14 +01:00
Daniël Franke 8055996874 Test CreateUser (#5382)
This tests the CreateUser functions.

Fixes #5375
2023-01-12 09:42:05 +01:00
Ralf Haferkamp ad1355d032 Implement LDAP backend for CreateSchool 2022-12-21 15:38:14 +01:00
Ralf Haferkamp 795bc70546 Add a more explict filter to DN based lookups
To make sure to read the right type of object
2022-12-21 15:38:14 +01:00
Ralf Haferkamp 23b9437c08 Avoid panics when LDAP users miss required attributes 2022-08-05 16:46:45 +02:00
Ralf Haferkamp c7359a849f Avoid unneeded extra LDAP query per group
When expanding members of an LDAP group we did two group lookup per
Group. This can be avoided by expanding the members right from the
Group entry of the first query.

This also add some more unit test coverage, especially to the expand/select
group member test cases.
2022-08-05 16:46:45 +02:00
Ralf Haferkamp d867a8bc7c Don't panic on missing group attributes
Closes #4274
2022-08-05 16:46:45 +02:00
Ralf Haferkamp 53751339a6 Use existing mockery mock instead of manual ldap.Client mock 2022-08-02 16:14:39 +02:00
Ralf Haferkamp fa36a73c54 Add missing new methods to fulfill ldap.Client interface 2022-08-02 15:34:59 +02:00
Christian Richter f8f1320501 refactor extensions -> services
Signed-off-by: Christian Richter <crichter@owncloud.com>
2022-06-27 14:05:36 +02:00
Christian Richter 78064e6bab rename folder extensions -> services
Signed-off-by: Christian Richter <crichter@owncloud.com>
2022-06-27 14:05:36 +02:00