mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity
525 Commits 6 Branches 7 Tags 10 MiB
27144ee37e
Commit Graph

65 Commits

Author SHA1 Message Date
Valentin Tolmer
27144ee37e server: Add support for creating a user through LDAP 2022-10-20 10:09:17 +02:00
Valentin Tolmer
2477439ecc server: Improve rootDSE 
Matches the case-insensitive "objectclass" filter, fix the reported
version, and declares the name context and some other attributes.

Potential fix to #330.
 2022-10-19 17:35:45 +02:00
Valentin Tolmer
4c69f917e7 server: Improve equality handling in filters 
Now the columns are checked and mapped to user columns, to avoid any
ambiguity.

Fixes #341.
 2022-10-19 08:43:38 +02:00
Valentin Tolmer
8d19678e39 server: refactor sql backend handler 
And add some missing tests
 2022-10-18 13:04:59 +02:00
Valentin Tolmer
35aa656677 server: refactor ldap_handler 
Split it into several files, move them into the domain folder, introduce
`LdapError` for better control flow.
 2022-10-17 14:39:44 +02:00
Valentin Tolmer
32850d4ff9 ldap: add entryUUID to the default fields 
It should help with #293.
 2022-10-12 18:35:40 +02:00
Valentin Tolmer
3aaf53442b server: implement healthcheck 2022-10-12 16:44:52 +02:00
Valentin Tolmer
60c594438c ldap: Stop returning empty attributes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
b130965264 ldap: return user's avatar 2022-08-09 13:03:28 +02:00
Valentin Tolmer
697a64991d server: Change attribute values to bytes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
3acc448048 server: Add support for users' avatars in GrahpQL 2022-08-09 13:03:28 +02:00
Valentin Tolmer
64556fc744 server: stop returning "dn" as an attribute 
It's already part of the base response

Fixes #254.
 2022-08-01 18:26:47 +02:00
Valentin Tolmer
c108921dcf server: Add a log message when search is restricted 
Fixes #264.
 2022-08-01 14:02:24 +02:00
Valentin Tolmer
cf19fd41b0 server: Update permission checks for strict_readonly 2022-07-08 19:02:20 +02:00
Valentin Tolmer
fab884711f server: Make objectClass matching case-insensitive 
Fixes https://github.com/nitnelave/lldap/issues/189
 2022-07-08 12:00:55 +02:00
Valentin Tolmer
1a37e1ee04 server: Allow readonly users to change non-admin passwords 2022-07-08 11:49:13 +02:00
Valentin Tolmer
c5017bbd42 ldap: remove copies from the wildcard expansion 2022-07-01 12:41:12 +02:00
Valentin Tolmer
c72c1fdf2c server: Add a Uuid attribute to every user and group 2022-07-01 12:41:12 +02:00
Valentin Tolmer
1a03346a38 server: refactor auth_service to use Results 
This simplifies the flow, and gets rid of wrong clippy warnings about
missing awaits due to the instrumentation.
 2022-06-30 17:14:13 +02:00
Valentin Tolmer
23a4763914 server: Add tracing logging 
Fixes #17
 2022-06-30 17:14:13 +02:00
Valentin Tolmer
733d363e25 ldap: handle full scope searches 
Nextcloud searches for users by specifying the entire user DN as the
scope. This commit adds support for these specific scopes.
 2022-06-10 17:18:46 +02:00
Valentin Tolmer
da186fab38 ldap: add support for memberOf attribute 
The "memberOf" filter was already supported, but not the attribute.

Fixes #179
 2022-06-10 15:22:06 +02:00
Valentin Tolmer
ff698df280 server: Introduce a read-only user 2022-06-06 17:27:37 +02:00
Valentin Tolmer
1efab58d0c ldap: add an option to silence unknown fields in the config 2022-05-30 20:08:02 +02:00
Valentin Tolmer
a0b0b455ed ldap: ignore unknown filters 2022-05-30 20:08:02 +02:00
Valentin Tolmer
1d8582f937 ldap: lowercase all DN, fields, values 2022-05-30 19:23:29 +02:00
Valentin Tolmer
7e62cc6eda ldap: handle "present" filters for groups 2022-05-29 19:30:07 +02:00
Matthew Strasiotto
b7957f598b ldap wildcard handler, error if '*' attribute makes it to get_x_attribute 2022-05-12 13:14:04 +02:00
Matthew Strasiotto
5150d8341f ldap wildcard handler, add tests 2022-05-12 13:14:04 +02:00
Matthew Strasiotto
e5c80b9f17 handle wildcards being given as ldap attribute params 
fix wildcard expansion

address some pr comments

Move ldap attribute expansion lists to constants

As per: https://github.com/nitnelave/lldap/pull/164#discussion_r867348971

lldap *+ expansion: remove unneccesary cloning

https://github.com/nitnelave/lldap/pull/164#discussion_r867349805

ldap attribute wildcard handling: remove duplicated wildcards

https://github.com/nitnelave/lldap/pull/164#issuecomment-1120211031

ldap wildcard expansion: refactor

ldap attribute handlers: handle '+' by ignoring, '*' and unmatched by warning and ignoring

attribute wildcard expansion: refactor, don't remove '+'
 2022-05-12 13:14:04 +02:00
Matthew Strasiotto
875c59758b handle dn attribute being queried as distinguishedname 2022-05-12 13:14:04 +02:00
Valentin Tolmer
ebffc1c086 server, ldap: Use group membership for admin status 2022-05-08 20:36:57 +02:00
Valentin Tolmer
f1b86a16ee ldap: return uids instead of cns for users 2022-05-03 12:13:43 +02:00
Valentin Tolmer
bd90a3a426 ldap: return actual "cn" value instead of "uid" in LDAP messages 2022-04-29 10:02:43 +02:00
Valentin Tolmer
e1e1d6cd20 ldap: accept "uid" or "cn" as username 2022-04-29 10:02:43 +02:00
Valentin Tolmer
f52197e76f server: allow non-admin user to do limited searches 2022-04-25 09:34:25 +02:00
Valentin Tolmer
3ac38bb96f ldap_handler: Reports groups as groupOfNames as well 2022-04-20 10:54:21 +02:00
Valentin Tolmer
2197fe77a5 server: Handle "1.1" special attribute 2022-04-18 12:01:58 +02:00
Valentin Tolmer
ca19e61f50 domain: introduce UserId to make uid case insensitive 
Note that if there was a non-lowercase user already in the DB, it cannot
be found again. To fix this, run in the DB:

sqlite> UPDATE users SET user_id = LOWER(user_id);
 2022-03-26 18:23:19 +01:00
Valentin Tolmer
c850fa4273 server: refactor group requests to use filters 2022-02-12 14:27:02 +01:00
Valentin Tolmer
a1fe703bf0 server: rename RequestFilter to UserRequestFilter 2022-02-12 14:27:02 +01:00
Valentin Tolmer
d20bd196bc ldap_handler: trim spaces in LDAP identifiers 2022-02-11 09:34:21 +01:00
Valentin Tolmer
790fd7c5d1 cargo: Update to 2021 edition 2021-11-23 00:25:47 +01:00
Valentin Tolmer
47ee56873e ldap: Improve coverage of filters 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ee863f74fc ldap: Add tests for password change 2021-11-08 11:10:40 +01:00
Valentin Tolmer
24e3125e34 ldap: Test the "memberOf" filter 2021-11-08 11:10:40 +01:00
Valentin Tolmer
06b6653dff ldap: Test more invalid DNs 2021-11-08 11:10:40 +01:00
Valentin Tolmer
62745970c6 ldap: Add context to the errors 2021-11-08 11:10:40 +01:00
Valentin Tolmer
ea3142da5d ldap: test message handler 2021-11-08 11:10:40 +01:00
Valentin Tolmer
d96b534921 ldap: Improve debug messages 2021-11-08 09:31:29 +01:00