* Configure the file metadata cache for storage-users
* Also configure the cache for the system storage
* Update services/storage-system/pkg/config/config.go
Co-authored-by: Martin <github@diemattels.at>
* Improve documentation
* Bump reva to pull in the latest ini backend changes
* Fix missing comment
* Update services/storage-users/README.md
Co-authored-by: Martin <github@diemattels.at>
* Update services/storage-system/README.md
Co-authored-by: Martin <github@diemattels.at>
* Tweak docs
* Apply suggestions from code review
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
Co-authored-by: Martin <github@diemattels.at>
---------
Co-authored-by: Martin <github@diemattels.at>
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* A new config option for disabling users with the options "none", "attribute" and "group".
* When set to "none", there will be no enabledAttribute returned in user info and trying to change enabledAttribute will return an error
* Disable/enable group name DN as config parameter
* Adding/removing users to specified group on user update
* Changing log level for service initialization failure to error
* Adding helper methods to check if user is enabled/disabled + tests
Fixes#5554
This add support for combining filters on the /users with a logical "or" operation.
E.g. the filter:
"filter=(memberOf/any(m:m/id eq 509a9dcd-bb37-4f4f-a01a-19dca27d9cfa) or memberOf/any(m:m/id eq 262982c1-2362-4afa-bfdf-8cbfef64a06e)"
will return all users that are a member of either of the referenced group.
Closes: #5667
This adds support for configuring an LDAP Attribute that can be used as a flag
to disallow users to login. We currently default to 'ownCloudUserEnabled' as
used in the default configuration of the graph service.
This should improve the processing of filters for appRoleAssignments
a bit when combining them with other filters. We try to avoid reading
the full user list if possible. And delay the processing of an
appRoleAssignments filter so we can apply it on a subset of user.
E.g. a filter:
`appRoleAssignments/any(m:m/appRoleId eq 71881883-1768-46bd-a24d-a356a2afdf7f) and memberOf/any(m:m/id eq 509a9dcd-bb37-4f4f-a01a-19dca27d9cfa)`
Will be reordered to first process the memberOf filter (which can be
executed without reading the full user list) and only apply the
appRoleAssignments filter on the resultset of the memberOf filter.
