mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-05 20:49:25 -05:00
Code Issues Packages Projects Releases Wiki Activity
22,324 Commits 50 Branches 39 Tags
disableRunningCIWithWatchFS
Commit Graph

188 Commits

Author SHA1 Message Date
Christian Richter
acc38eb739 Merge pull request #1732 from dragonchaser/make-user-cache-tenant-aware 
make user cache tenant aware
 2025-11-13 10:45:18 +01:00
Christian Richter
2189edaa17 remove obsolete code 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-12 17:52:29 +01:00
Christian Richter
28fdfded71 incorporate requested changes 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-12 17:50:28 +01:00
Mikel Olasagasti Uranga
06b78b8261 chore: drop gofrs/uuid module usage and use google/uuid 
Signed-off-by: Mikel Olasagasti Uranga <mikel@olasagasti.info>
 2025-11-12 11:47:13 +01:00
Christian Richter
7fe511d6df fix test and check in return 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
c3d7560652 rewrite test with multiple users 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
ae37684a79 fix GetUserTest without tennantId 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
26da21abe7 change key of the cache 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
e112ac7721 move idendity cache to subpackage 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
5af51b089f add tests 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
8ffabad1e4 check tennantId 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Christian Richter
1404c69597 change function headers & calls 
Signed-off-by: Christian Richter <c.richter@opencloud.eu>
 2025-11-06 18:01:58 +01:00
Ralf Haferkamp
28ec9c3282 graph(education): Make 'schoolNumber' attribute optional 
It's already optional in the spec. For mulit-tenant provisioning
we want it to be optional as well.

Related: #1597
 2025-10-28 12:56:42 +01:00
Shawn Wilsher
920a6916c4 fix: only search LDAP group by name 2025-10-28 10:22:54 +01:00
Ralf Haferkamp
98d773bb9b fix: adjust for CS3 api change 
see: https://github.com/cs3org/cs3apis/pull/247
 2025-09-23 09:36:17 +02:00
Ralf Haferkamp
a5e0c1ec4b fix(graph): Set the full CS3 user id in the Create Share request 
Up to now we only set the OpaqueId attribute, which breaks sharing as soon as
multi-tenancy is enabled. We need the full UserId (including the
tenantId and the idp value).

Related Issue: #1194
 2025-09-09 15:10:28 +02:00
Ralf Haferkamp
07b97fa7ac revert(partial): "Filter users by tenant, add tenant ids to demo users" 
This reverts parts of commit 926a2c2080.

The LDAP identity backend of the graph service was supposed to stay single-tenant
only. The focus for multi-tenancy should be on the CS3 identity backend.

Also lets keep the internal IDM and demo users clean of any
multi-tenancy stuff for now.
 2025-09-04 08:47:19 +02:00
André Duffeck
b9f48edd87 Try to find users by username or id, just like the ldap backend does 2025-08-05 17:10:59 +02:00
André Duffeck
926a2c2080 Filter users by tenant, add tenant ids to demo users 2025-08-05 17:10:59 +02:00
06kellyjac
2a3a20693a build: Modify mockery config to work with v3 
Maintaining the positioning of the files from v2 to reduce cognitive
load.
Indentation of yaml files now matches `.editorconfig`.
All mock files regenerated.
Added empty `{}` following convention from `mockery init` etc.
Removed directory specification where it would already match.
 2025-06-19 16:25:39 +01:00
Ralf Haferkamp
76b16765d8 cleanup: Avoid fetching group membership when not needed 
Use the new GetUserNoGroups helper to lookup users without resolving
groupmemberships where possible.

Closes: #1005
 2025-06-12 09:47:53 +02:00
Jörn Friedrich Dreyer
981e8fe5a3 do not automatically expand drive root permissions 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-06-02 15:17:32 +02:00
Ralf Haferkamp
00ff858f19 graph: move to reva's auto-reconnect LDAP client 
To reduce code duplication
 2025-05-20 17:44:27 +02:00
Ralf Haferkamp
3dc9c0cb9a Switch to opencloud-eu fork of libre-graph-api-go 2025-05-15 14:11:35 +02:00
Jörn Friedrich Dreyer
3c38a3e3ed fix mockery warnings 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-04-29 11:01:17 +02:00
Michael Barz
22fb783724 test: extract go bin 2025-03-13 14:04:14 +01:00
Ralf Haferkamp
2678d0bb89 Bump mockery to 2.53.0 
Should fix build on go1.24. Also fix ci-go-generate step in multiarch
Dockerfile.

Closes: #289
 2025-03-03 16:02:59 +01:00
Ralf Haferkamp
6b08fa51ee fixup! Bump go-ldap to latest release 2025-02-20 09:24:03 +01:00
Ralf Haferkamp
0d03092669 Bump go-ldap to latest release 
To be able to build with latest reva again
 2025-02-20 09:06:07 +01:00
Ralf Haferkamp
734a1dc76b Adjust educational LDAP Attribute and Objectclasses 
This is largely untested and might need further adjustments, but should
be "good enough" to not block us for now.
 2025-01-29 11:59:06 +01:00
Ralf Haferkamp
1c96633985 Adjust LDAP base DN in tests to dc=example,dc=org 2025-01-29 11:59:06 +01:00
Ralf Haferkamp
0716b40fa0 Adjust LDAP Schema for new name 2025-01-29 11:58:57 +01:00
André Duffeck
e8d35e1280 Use the opencloud reva from now on 2025-01-21 11:16:38 +01:00
Jörn Friedrich Dreyer
b07b5a1149 use plain pkg module 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-13 16:42:19 +01:00
Jörn Friedrich Dreyer
8e028f17e9 change module name 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2025-01-13 09:58:18 +01:00
Ralf Haferkamp
82d2193ad6 fix(graph): Allow to combine $search and $filter in users query 
This fixes the 'graph/v1.0/users' endpoint to allow a combination of a
memberOf filter in $filter with a search string in $search.

Allowing queries like:

$filter=(memberOf/any(m:m/id eq 509a9dcd-bb37-4f4f-a01a-19dca27d9cfa))&$search="example"
 2024-12-02 17:15:21 +01:00
Jörn Friedrich Dreyer
404e3e5580 graph skip fetching members 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-12-02 10:37:07 +01:00
Ralf Haferkamp
6f90abd22d fix(ocm): Adjust for recend change for federated user IDs 
The UserIds as returned by e.g. GetAcceptedUser do already contain
the provider domain in the IDP field now.

Also adjust the provider domain in the OCM config to be really a domain
without URI scheme and path.
 2024-11-14 15:51:07 +01:00
Ralf Haferkamp
ce663c3a3a fix(graph): treat LDAP attribute names case-insensitive everywhere 
There were a couple of places where we were using the case-sensitive
GetAttributeValue method instead of the case-insensitive variant.

Fixes: #10200
 2024-10-02 10:48:33 +02:00
Ralf Haferkamp
34cc7b2e56 feat(graph): Add $filter support for lastSuccessfulSignInDateTime 
It is now possible to filter users based on the lastSuccessfulSignInDateTime attribute
using query filter like:
 '$filter=signInActivity/lastSuccessfulSignInDateTime le 2021-09-01T00:00:00Z'

Note: This does only work with LDAP servers actually supporting '<=' filters.
The built-in LDAP server (idm) does not support this feature.
 2024-09-23 10:49:49 +02:00
Ralf Haferkamp
231128950f feat(graph): expose 'signinactivity' for users 2024-09-23 10:49:49 +02:00
Ralf Haferkamp
724755426e graph: remove some code duplication 2024-09-23 10:49:49 +02:00
Ralf Haferkamp
0bd4b90d7f fix: Make linter happy 2024-09-17 16:02:47 +02:00
Ralf Haferkamp
8e158d52bb graph(oidc): Consume UserSignedIn events in graph service 
Pass them to the identity backend to update the last sign-in date of the user.
 2024-09-17 16:02:47 +02:00
Jörn Friedrich Dreyer
5ab53b2474 bump reva to 9878984ce702 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-09-05 15:03:05 +02:00
Jörn Friedrich Dreyer
a3c7bd3182 bump libre graph api 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-08-19 14:20:20 +02:00
Ralf Haferkamp
80e8a2ec1a (fix)graph: Always set UserType in /users responses 
LDAP users without a UserType attribute get the UserType "Member"
by default. Federated users get the UserType "Federated".

Related #9702
 2024-08-12 12:16:16 +02:00
Christian Richter
b529eb8335 add missing errorcheck 
Signed-off-by: Christian Richter <crichter@owncloud.com>
 2024-06-24 12:07:26 +02:00
Jörn Friedrich Dreyer
ab338884c6 rudimentary OCM support in graph 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2024-06-24 12:07:21 +02:00
Ralf Haferkamp
eace09ca05 graph: Allow to set the identities property on users 
Previously we only allowed setting the "identities" property on education users.
This changes move the related code to the main user object.
 2024-05-13 17:22:37 +02:00