Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow using any ldap property as login name when using login credentials #24955

Merged
merged 1 commit into from
Jan 7, 2021
Merged

allow using any ldap property as login name when using login credentials #24955

merged 1 commit into from
Jan 7, 2021

Conversation

icewind1991
Copy link
Member

When using ldap, there are setups where neither the uid nor the loginname are the "correct" username to pass to external storages.

This adds an option to use any ldap property as the username to pass to the external storage, you can configure it using

occ files_external:config <mount id> login_ldap_attr <attribute name>

@icewind1991 icewind1991 added the 3. to review Waiting for reviews label Jan 4, 2021
@icewind1991 icewind1991 added this to the Nextcloud 21 milestone Jan 4, 2021
@icewind1991
allow using any ldap property as login name when using external stora…
58f3f5c 
…ge login credentials

Signed-off-by: Robin Appelman <robin@icewind.nl>
@rullzer rullzer mentioned this pull request Jan 6, 2021
Merged
5 tasks
rullzer
rullzer approved these changes Jan 7, 2021
View reviewed changes
Copy link
Member

@rullzer rullzer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fine by me
🐘

MorrisJobke
MorrisJobke approved these changes Jan 7, 2021
View reviewed changes
Copy link
Member

@MorrisJobke MorrisJobke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fine with me too 👍

@MorrisJobke MorrisJobke merged commit 38e534e into master Jan 7, 2021
@MorrisJobke MorrisJobke deleted the external-storage-login-ldap branch January 7, 2021 12:33
blizzz
blizzz reviewed Jan 7, 2021
View reviewed changes
apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php
Comment on lines +122 to +137
$access = $ldap->getLDAPAccess($user->getUID());
$connection = $access->getConnection();
$key = "external_login::" . $user->getUID() . "::" . $property;
$cached = $connection->getFromCache($key);

if ($cached !== null) {
return $cached;
}

$value = $access->readAttribute($access->username2dn($user->getUID()), $property);
if (count($value) > 0) {
$value = current($value);
} else {
return null;
}
$connection->writeToCache($key, $value);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd prefer it would use \OCP\ILDAPProvider (via its factory) instead of using private user_ldap classes. https://github.com/nextcloud/server/tree/master/lib/public/LDAP

@blizzz
Copy link
Member

blizzz commented Jan 7, 2021
edited
Loading

Either way. It should not have been merged after feature freeze → Reverting

@blizzz blizzz mentioned this pull request Jan 7, 2021
Merged
@blizzz blizzz restored the external-storage-login-ldap branch January 7, 2021 13:22
@icewind1991 icewind1991 mentioned this pull request Jan 14, 2021
Merged
@MorrisJobke MorrisJobke deleted the external-storage-login-ldap branch January 22, 2021 13:21
@icewind1991 icewind1991 mentioned this pull request Mar 31, 2021
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blizzz blizzz blizzz left review comments

@rullzer rullzer rullzer approved these changes

@MorrisJobke MorrisJobke MorrisJobke approved these changes

Assignees
No one assigned
Labels
3. to review Waiting for reviews
Projects
None yet
Milestone
Nextcloud 21
Development

Successfully merging this pull request may close these issues.
4 participants
@icewind1991 @blizzz @rullzer @MorrisJobke