To make the `CreateUser` flow easier to test, the attributes of the
LDAP add request need to be added consistently. This way we can
expect that argument with the mock.
This PR does the following:
* Add a method `getUserAttrTypes` that returns a static list of attr names.
* Alter `userToAddRequest` to iterate over the static list, and add the attr
if it exists in the `attrMap`.
Closes#5390
* Renamed files for consistency reasons
err_school.go implements the full education interface not just schools.
ldap_school.go renamed to ldap_education_school.go for making it
consistent with ldap_education_user.go
* graph: Add stubs for education/classes endpoints
The acutal backend implementations are still empty.
This makes the identity errors public so other packages can match on them.
It also moves them to the same file as the interface, as that makes them more discoverable.
This implements GetEducationUser, GetEducationUsers, DeleteEducationUser and
CreateEducationUser methods for the LDAP backend. It's still very basic and
no fancy filtering or expanding is there yet.
* standalone graph service with LDAP
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* no panic on PATCH and DELETE
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* fix apitoken yaml key
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* update user, fix response codes
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* fix group creation return code
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* remove unknown user property
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* fix create return code checks in graph feature context
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* updating uses 200 OK when returning a body
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* revert user statusCreated change for now
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* revert return code changes
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
* First iteration of a groups test
* Do not render a result in case of an error
* Generate mocks for identity.Backend
* Export listResponse (-> ListResponse)
* Add unit tests for GetGroups
* Finish GetGroups unit tests
* Increase test coverage
* Increase test coverage
* Increase test coverage
* Add missing mocks
* Fix return codes
* Fix error messages
Consolidate all services to use the Reva config struct for the shared package.
This works because all services (except 'notifications', 'thumbnails' and
'webdav') where using the same config keys and environment variables for
setting the reva gateway.
When expanding members of an LDAP group we did two group lookup per
Group. This can be avoided by expanding the members right from the
Group entry of the first query.
This also add some more unit test coverage, especially to the expand/select
group member test cases.
By default the graph API will now use the LDAP Password Modify Extended
Operation for setting user passwords. By this we make sure that the
LDAP server can e.g. properly hash the password with and algorithm that
it supports.
This can be reverted to the old behaviour (using "normal" LDAP modify
requests) by setting GRAPH_LDAP_SERVER_USE_PASSWORD_MODIFY_EXOP=false
Fixes: #3778
