mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-19 03:20:49 -05:00
Code Issues Packages Projects Releases Wiki Activity
8,343 Commits 50 Branches 39 Tags
238d2dfdbc19fa4eaeef47c910bebcd17f31fc82
Commit Graph

24 Commits

Author SHA1 Message Date
Ralf Haferkamp
8a57545c30 Add "insecure" flag to graph LDAP backend 
To allow skipping TLS Certificate verification in development
environments.
 2022-02-09 18:29:57 +01:00
Ralf Haferkamp
04083a4fe0 Delete group memberships when deleting a user 
Upon deleting a User from the LDAP backend, we also need to cleanup
the user's group memberships as LDAP itself doesn't make any promises
about referential integrity.

Fixes #3027
 2022-02-02 10:24:05 +01:00
Ralf Haferkamp
d9aa33525a Add support for adding multiple members to a group at once 
Adding multiple members at once is done via PATCH on
`groups/{group-oid}` with a body containing a list of refernces to the
members.
 2022-02-01 11:45:14 +01:00
Ralf Haferkamp
166bda9ac6 Implement removing a group member 
This implements DELETE request on the
graph/v1.0/groups/{groupid}/members/{memberID}/$ref
endpoint. Allowing to remove a single member from a group.
 2022-02-01 10:18:54 +01:00
Ralf Haferkamp
eb3ace8629 Implement deleting a Group 
This implements DELETE request on the graph/v1.0/groups/{groupid}
endpoint. Allowing to remove an entire group.
 2022-02-01 10:17:48 +01:00
Ralf Haferkamp
c0d486f3a5 Implement adding a member to a Group 
This implements POST request to the graph/v1.0/groups/{groupid}/members/$ref
endpoint. Allowing to add members to a group.
 2022-02-01 10:17:46 +01:00
Ralf Haferkamp
2ffd2d51f4 Rework getLDAP*ByNameOrID helpers 
We need to be able to search by ID only as well. So split the helpers
into getLDAP*ByID and getLDAP*ByNameOrID.
 2022-02-01 10:16:11 +01:00
Ralf Haferkamp
6f14ef7843 Implement reading Group Members on Graph API 
This implement the graph/v1.0/groups/{groupid}/members endpoint.
Starting with the LDAP backend.
 2022-02-01 10:16:08 +01:00
Ralf Haferkamp
dd7ae9cb47 Implement CreateGroup support for Graph LDAP Backend 
This add basic support to create Groups in LDAP via the GraphAPI.
Currently this is hardcoded to use the standard LDAP "groupOfNames"
objectClass.
 2022-02-01 09:42:20 +01:00
David Christofas
ba2ef44ea0 fix graph code smells 2022-01-28 12:41:55 +01:00
Ralf Haferkamp
d57d40a0c1 graph: Fix LDAP retry handling 
The reconnect package was missing the retry loop for LDAP Write
Operations (add, delete, mod, modrdn)

Fixes: #2974
 2022-01-18 11:17:57 +01:00
Ralf Haferkamp
cb7f9f7922 Introduce write_enabled flag for graph user backend 
Defaults to `false` (for now). So the /graph/users endpoints are
read-only by default, which should be the default configured against
and existing external LDAP server.
 2022-01-13 16:30:09 +01:00
Ralf Haferkamp
53efa9ca14 Switch to generating our own UUIDs for users 
By default the GraphAPI will generate the UUID itself now instead of
relying on the LDAP server to generate a valid entryUUID attribute. This
can been be switched off via the new `use_server_uuid` toggle in the
LDAP config.
 2022-01-13 16:30:09 +01:00
Ralf Haferkamp
840c9a7ddd Implement UpdateUser support for the GraphAPI backend 2022-01-13 16:30:09 +01:00
Ralf Haferkamp
4915195d9c Implement DeleteUser support for the Graph LDAP backend 2022-01-13 16:30:09 +01:00
Alex Unger
5d6e361cff Implement CreateUser support for the Graph LDAP backend 
This adds basic support for creating users via the GraphAPI
LDAP backend. This currently just maintains the bare minimum
Attributes for the inetOrgPerson objectclass.

Co-authored-by: Ralf Haferkamp <rhaferkamp@owncloud.com>
 2022-01-13 16:30:09 +01:00
Michael Barz
4502d4dfcc Update graph api to 0.5.0 2021-12-16 13:39:27 +01:00
Ralf Haferkamp
d21ca0658f graph: Add unit test for LDAP identity backend 
This reworks the LDAP backend a bit to allow for mocking the ldap.Client
interface. It also add a couple of unit test for the backend
 2021-11-25 14:51:52 +01:00
Ralf Haferkamp
026da000dc LDAP group backend for GraphAPI 
This is an initial implementation of the /groups graph endpoint.
Currently it is only showing the ID and Name attributes of the groups.
Listing members is not yet supported.

As the userbackend this is still read-only and doesn't support any
advanced filtering.
 2021-11-25 14:51:52 +01:00
Ralf Haferkamp
f253f7bc8e graph: Groups convert CS3 code to its own backend 
Until the LDAP backend is ready the existing CS3 code should keep
working.

This also adds the initial stubs for the upcoming LDAP Backend.
 2021-11-25 14:51:52 +01:00
Ralf Haferkamp
76390f3d4f Rename userBackend to identityBackend 
This is suppoosed to handle Groups and Users so adjust the Name
 2021-11-25 14:51:52 +01:00
Ralf Haferkamp
fbdcdf255c LDAP user backend for GraphAPI 
This is still read-only and doesn't support any of the advanced
querying options of the graph API.
 2021-11-25 14:51:52 +01:00
Ralf Haferkamp
9130cd29f3 Add helper module for LDAP with automatic reconnect 
This module basically wraps ldap.Client and allows us to keep
to keep a long running LDAP connection open, which automatically
reconnects on network errors. Allows it allows to easiliy multiplex
multiple Operations on a single connection.
 2021-11-25 14:30:22 +01:00
Ralf Haferkamp
61d65daa89 Make identity backend configurable for GraphAPI 
In order to gradually switch to a new LDAP backend move
the existing code talking to CS3 into its own backend.
 2021-11-25 14:30:22 +01:00