gandc/lldap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
872 Commits 7 Branches 10 Tags
fa9c503de7dfef79592c59464ccd588ea15abfea
Commit Graph

101 Commits

Author SHA1 Message Date
Valentin Tolmer
fa9c503de7 server: Add support for memberOf with plain user names, relax hard errors 
This should help when the client sends some invalid-looking queries as part of a bigger filter
 2024-08-16 23:21:20 +02:00
Valentin Tolmer
6f46ffd1e4 clippy: new fixes 2024-06-16 12:18:46 +02:00
Valentin Tolmer
4955b7fac1 server: Add support for the custom LDAP object classes in LDAP filters 2024-02-06 22:39:05 +01:00
Valentin Tolmer
646fe32645 server: Add support for custom LDAP object classes for users and groups 2024-02-05 22:51:02 +01:00
Valentin Tolmer
addd453287 server: don't error on global searches if only one side fails 2024-01-22 22:30:54 +01:00
Valentin Tolmer
bd0a58b476 server: clean up the attributes, relax the substring filter conditions 
This consolidates both user and group attributes in their map_{user,group}_attribute as the only point of parsing. It adds support for custom attribute filters for groups, and makes a SubString filter on an unknown attribute resolve to just false.
 2024-01-17 23:44:25 +01:00
Valentin Tolmer
2ea17c04ba server: Move the definition of UserId down to lldap_auth 2024-01-15 23:48:59 +01:00
Valentin Tolmer
c4be7f5b6f server: Serialize attribute values when searching 
This should fix #763 and allow filtering by custom attribute values.
 2024-01-13 13:37:46 +01:00
Valentin Tolmer
337101edea server: update ldap3_proto dependency 
This will fix the issue with some unhandled controls
 2024-01-08 16:10:11 +01:00
Valentin Tolmer
0d48b7f8c9 server: add support for entryDN 2023-12-31 08:27:25 +01:00
Valentin Tolmer
272c84c574 server: make attributes names, group names and emails case insensitive 
In addition, group names and emails keep their casing
 2023-12-15 23:21:22 +01:00
Valentin Tolmer
93e9985a81 server: rename SchemaBackendHandler -> ReadSchemaBackendHandler 2023-09-29 02:31:20 +02:00
Valentin Tolmer
3fadfb1944 server: add support for creating a user with attributes 2023-09-25 01:57:24 +02:00
Valentin Tolmer
39a75b2c35 server: read custom attributes from LDAP 2023-09-15 15:26:18 +02:00
Valentin Tolmer
034794d58d server: return user-defined attributes for groups in graphql 
Part of #67
 2023-09-14 13:02:45 +02:00
Valentin Tolmer
7671b61a6b server: Add support for querying the OUs 2023-09-11 00:58:15 +02:00
Valentin Tolmer
134796aa9f server: Switch tests to pretty_assertions 2023-09-10 22:29:32 +02:00
Valentin Tolmer
99ed6eface server: Update tracing-forest and take advantage of the span fields 2023-09-10 22:29:32 +02:00
Valentin Tolmer
08b7c6ce33 server: Allow creating a user with multiple objectClass 
Fixes #612
 2023-08-02 12:15:49 +02:00
Valentin Tolmer
d9f4adcb0e ldap: Add support for modifying the password with a modify operation 2023-07-29 12:39:23 +02:00
Valentin Tolmer
31a8ba24a0 server,graphql: Add a GraphQL method to get the schema 2023-07-10 17:18:33 +02:00
Valentin Tolmer
3140af63de server: Use schema to populate attributes 2023-06-29 11:11:20 +02:00
Valentin Tolmer
829ebf59f7 server: Add SchemaBackendHandler trait 2023-06-29 11:11:20 +02:00
Valentin Tolmer
70146e0b70 server: prepare DB schema for user attributes 
First step of #67.
 2023-06-14 23:20:37 +02:00
Valentin Tolmer
46b8f2a8a5 server: return groups in memberof by cn instead of uid 
Fixes #468.
 2023-03-20 22:10:38 +01:00
Valentin Tolmer
c9997d4c17 server: statically enforce access control 2023-03-01 11:28:04 +01:00
Valentin Tolmer
ea498df78b server: add a test for compare with uniqueMember 2023-02-13 19:31:12 +01:00
Valentin Tolmer
1ce239103c server: removed dbg 2023-02-13 16:14:52 +01:00
Valentin Tolmer
81036943c2 server: Add support for SubString ldap filter 2023-02-13 16:10:14 +01:00
Valentin Tolmer
21e51c3d38 server: Add support for LdapCompare op 2023-02-13 12:59:53 +01:00
Valentin Tolmer
9018e6fa34 server, refactor: Add a conversion from bool for the filters 2023-01-17 15:09:06 +01:00
Luca Tagliavini
807fd10d13 server: Add support for DN filters 2023-01-17 14:21:57 +01:00
Valentin Tolmer
e458aca3e3 db: Change the DB storage type to NaiveDateTime 
The entire internals of the server now work using only NaiveDateTime,
since we know they are all UTC. At the fringes (LDAP, GraphQL, JWT
tokens) we convert back into UTC to make sure we have a clear API.

This allows us to be compatible with Postgres (which doesn't support
DateTime<UTC>, only NaiveDateTime).

This change is backwards compatible since in SQlite with
Sea-query/Sea-ORM, the UTC datetimes are stored without a timezone, as
simple strings. It's the same format as NaiveDateTime.

Fixes #87.
 2023-01-13 15:50:03 +01:00
Valentin Tolmer
09a0522e2d server: move domain types to a separate file 2022-11-25 15:35:48 +01:00
Valentin Tolmer
e89b1538af server,app: migrate to sea-orm 2022-11-25 15:35:48 +01:00
Valentin Tolmer
234cb70b97 server: fix handling of present filters 
If the filter name was not in the list of attributes to return, it
wouldn't be counted as a valid attribute, meaning that the aliases of
attributes were not recognized.

Fixes #351
 2022-10-26 09:29:02 +02:00
Valentin Tolmer
27144ee37e server: Add support for creating a user through LDAP 2022-10-20 10:09:17 +02:00
Valentin Tolmer
2477439ecc server: Improve rootDSE 
Matches the case-insensitive "objectclass" filter, fix the reported
version, and declares the name context and some other attributes.

Potential fix to #330.
 2022-10-19 17:35:45 +02:00
Valentin Tolmer
4c69f917e7 server: Improve equality handling in filters 
Now the columns are checked and mapped to user columns, to avoid any
ambiguity.

Fixes #341.
 2022-10-19 08:43:38 +02:00
Valentin Tolmer
8d19678e39 server: refactor sql backend handler 
And add some missing tests
 2022-10-18 13:04:59 +02:00
Valentin Tolmer
35aa656677 server: refactor ldap_handler 
Split it into several files, move them into the domain folder, introduce
`LdapError` for better control flow.
 2022-10-17 14:39:44 +02:00
Valentin Tolmer
32850d4ff9 ldap: add entryUUID to the default fields 
It should help with #293.
 2022-10-12 18:35:40 +02:00
Valentin Tolmer
3aaf53442b server: implement healthcheck 2022-10-12 16:44:52 +02:00
Valentin Tolmer
60c594438c ldap: Stop returning empty attributes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
b130965264 ldap: return user's avatar 2022-08-09 13:03:28 +02:00
Valentin Tolmer
697a64991d server: Change attribute values to bytes 2022-08-09 13:03:28 +02:00
Valentin Tolmer
3acc448048 server: Add support for users' avatars in GrahpQL 2022-08-09 13:03:28 +02:00
Valentin Tolmer
64556fc744 server: stop returning "dn" as an attribute 
It's already part of the base response

Fixes #254.
 2022-08-01 18:26:47 +02:00
Valentin Tolmer
c108921dcf server: Add a log message when search is restricted 
Fixes #264.
 2022-08-01 14:02:24 +02:00
Valentin Tolmer
cf19fd41b0 server: Update permission checks for strict_readonly 2022-07-08 19:02:20 +02:00