mirror/lldap
1
0
Fork 0
mirror of https://github.com/nitnelave/lldap.git synced 2023-04-12 14:25:13 +00:00
Code Issues Projects Releases Wiki Activity
556 Commits 6 Branches 7 Tags 10 MiB
aaa6b065cc
Commit Graph

127 Commits

Author SHA1 Message Date
Valentin Tolmer
f979e16b95 server: Fix healthcheck return code 
The healthcheck was not returning a non-zero code when failing, due to
an extra layer of Results
 2023-01-16 17:35:08 +01:00
Valentin Tolmer
e458aca3e3 db: Change the DB storage type to NaiveDateTime 
The entire internals of the server now work using only NaiveDateTime,
since we know they are all UTC. At the fringes (LDAP, GraphQL, JWT
tokens) we convert back into UTC to make sure we have a clear API.

This allows us to be compatible with Postgres (which doesn't support
DateTime<UTC>, only NaiveDateTime).

This change is backwards compatible since in SQlite with
Sea-query/Sea-ORM, the UTC datetimes are stored without a timezone, as
simple strings. It's the same format as NaiveDateTime.

Fixes #87.
 2023-01-13 15:50:03 +01:00
Valentin Tolmer
09a0522e2d server: move domain types to a separate file 2022-11-25 15:35:48 +01:00
Valentin Tolmer
e89b1538af server,app: migrate to sea-orm 2022-11-25 15:35:48 +01:00
Waldemar Heinze
a4408cfacc
server: prefer immutable path 2022-11-25 00:14:29 +01:00
Waldemar Heinze
a3216a4550
server: fix clippy's suggestions 2022-11-24 23:52:57 +01:00
Waldemar Heinze
2668ea4553
server: make host configurable to enable IPv6 support 
This change also separates the API host and the LDAP host for further customization.
 2022-11-24 23:39:11 +01:00
Michał Mrozek
dd7e392626
server: use async api for email sending 
Fixes #378
 2022-11-24 14:47:56 +01:00
Valentin Tolmer
e81c87f288 server,app: Add support for resetting your password with email 
Instead of just username

Fixes #267
 2022-10-29 15:04:45 +02:00
Valentin Tolmer
234cb70b97 server: fix handling of present filters 
If the filter name was not in the list of attributes to return, it
wouldn't be counted as a valid attribute, meaning that the aliases of
attributes were not recognized.

Fixes #351
 2022-10-26 09:29:02 +02:00
Valentin Tolmer
27144ee37e server: Add support for creating a user through LDAP 2022-10-20 10:09:17 +02:00
Valentin Tolmer
2477439ecc server: Improve rootDSE 
Matches the case-insensitive "objectclass" filter, fix the reported
version, and declares the name context and some other attributes.

Potential fix to #330.
 2022-10-19 17:35:45 +02:00
Valentin Tolmer
ff66e918cf server: increase max payload size to 16MB 
Fixes #337
 2022-10-19 17:28:25 +02:00
Valentin Tolmer
4c69f917e7 server: Improve equality handling in filters 
Now the columns are checked and mapped to user columns, to avoid any
ambiguity.

Fixes #341.
 2022-10-19 08:43:38 +02:00
Valentin Tolmer
8d19678e39 server: refactor sql backend handler 
And add some missing tests
 2022-10-18 13:04:59 +02:00
Valentin Tolmer
35aa656677 server: refactor ldap_handler 
Split it into several files, move them into the domain folder, introduce
`LdapError` for better control flow.
 2022-10-17 14:39:44 +02:00
Valentin Tolmer
32850d4ff9 ldap: add entryUUID to the default fields 
It should help with #293.
 2022-10-12 18:35:40 +02:00
Valentin Tolmer
3aaf53442b server: implement healthcheck 2022-10-12 16:44:52 +02:00
Valentin Tolmer
8069516283 server: Add support for PKCS1 keys 
Fixes #288
 2022-09-30 13:56:03 +02:00
Valentin Tolmer
6c21f2ef4b clippy: fix warning by implementing Eq 2022-09-27 06:54:29 +02:00
Valentin Tolmer
7e1ce10df1 server: allow every config value to be specified as a file 
By using https://crates.io/crates/figment_file_provider_adapter

Fixes https://github.com/nitnelave/lldap/issues/263
 2022-09-14 11:16:50 +02:00
Valentin Tolmer
60c594438c ldap: Stop returning empty attributes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
b130965264 ldap: return user's avatar 2022-08-09 13:03:28 +02:00
Valentin Tolmer
697a64991d server: Change attribute values to bytes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
3acc448048 server: Add support for users' avatars in GrahpQL 2022-08-09 13:03:28 +02:00
Valentin Tolmer
64556fc744 server: stop returning "dn" as an attribute 
It's already part of the base response

Fixes #254.
 2022-08-01 18:26:47 +02:00
Valentin Tolmer
134a9366f5 server: create private key with 400 permissions 
Fixes #261.
 2022-08-01 17:43:37 +02:00
Valentin Tolmer
c108921dcf server: Add a log message when search is restricted 
Fixes #264.
 2022-08-01 14:02:24 +02:00
Valentin Tolmer
8c1ea11b95 server: add an option to use STARTTLS for smtp 2022-07-30 15:58:58 +02:00
Valentin Tolmer
cd0ab378ef server: deprecate smtp.tls_required, add smtp_encryption 2022-07-30 15:58:58 +02:00
Iván Izaguirre
5c584536b5
frontend: Add UUID and creation date 
This exposes the new info in the GraphQL API, and adds it to the frontend.
 2022-07-21 12:10:37 +02:00
Valentin Tolmer
c399ff2bfa server: switch from OpenSSL to Rustls 2022-07-15 15:49:15 +02:00
Frank Moskal
9e37a06514
server: allow admin email to be set via config 2022-07-13 14:32:35 +02:00
Valentin Tolmer
cf19fd41b0 server: Update permission checks for strict_readonly 2022-07-08 19:02:20 +02:00
Valentin Tolmer
fab884711f server: Make objectClass matching case-insensitive 
Fixes https://github.com/nitnelave/lldap/issues/189
 2022-07-08 12:00:55 +02:00
Valentin Tolmer
1a37e1ee04 server: Allow readonly users to change non-admin passwords 2022-07-08 11:49:13 +02:00
Valentin Tolmer
c5017bbd42 ldap: remove copies from the wildcard expansion 2022-07-01 12:41:12 +02:00
Valentin Tolmer
c72c1fdf2c server: Add a Uuid attribute to every user and group 2022-07-01 12:41:12 +02:00
Valentin Tolmer
1a03346a38 server: refactor auth_service to use Results 
This simplifies the flow, and gets rid of wrong clippy warnings about
missing awaits due to the instrumentation.
 2022-06-30 17:14:13 +02:00
Valentin Tolmer
23a4763914 server: Add tracing logging 
Fixes #17
 2022-06-30 17:14:13 +02:00
Valentin Tolmer
5e2eea0d97 sqlx: update dependency and protect against injections 2022-06-26 11:55:37 +02:00
Valentin Tolmer
733d363e25 ldap: handle full scope searches 
Nextcloud searches for users by specifying the entire user DN as the
scope. This commit adds support for these specific scopes.
 2022-06-10 17:18:46 +02:00
Valentin Tolmer
da186fab38 ldap: add support for memberOf attribute 
The "memberOf" filter was already supported, but not the attribute.

Fixes #179
 2022-06-10 15:22:06 +02:00
Valentin Tolmer
ff698df280 server: Introduce a read-only user 2022-06-06 17:27:37 +02:00
Valentin Tolmer
1efab58d0c ldap: add an option to silence unknown fields in the config 2022-05-30 20:08:02 +02:00
Valentin Tolmer
a0b0b455ed ldap: ignore unknown filters 2022-05-30 20:08:02 +02:00
Valentin Tolmer
1d8582f937 ldap: lowercase all DN, fields, values 2022-05-30 19:23:29 +02:00
Valentin Tolmer
7e62cc6eda ldap: handle "present" filters for groups 2022-05-29 19:30:07 +02:00
Matthew Strasiotto
b7957f598b ldap wildcard handler, error if '*' attribute makes it to get_x_attribute 2022-05-12 13:14:04 +02:00
Matthew Strasiotto
5150d8341f ldap wildcard handler, add tests 2022-05-12 13:14:04 +02:00