Commit Graph

30 Commits

Author SHA1 Message Date
Julian Koberg
563bbf28c0 fix: fix group creation in multi-instance ocis
Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com>
2026-01-22 18:00:04 +01:00
Julian Koberg
04b829e8a7 feat: expand mfa checks also to queries
Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com>
2025-09-23 14:03:32 +02:00
Julian Koberg
dda6104722 feat: document mfa package
Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com>
2025-09-18 16:23:14 +02:00
Julian Koberg
eeeeba199b feat: move mfa checks to handlers
Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com>
2025-09-17 12:42:28 +02:00
Julian Koberg
b979844791 feat(ocis): adjust reva imports
Signed-off-by: Julian Koberg <jkoberg@MBP-Julian-Koberg.local>
2025-03-05 11:14:44 +01:00
Ralf Haferkamp
a1ed2ce2e5 graph/groups: Handle quoted search terms in GetGroups
Fixes: #7990
2023-12-21 13:57:26 +01:00
Ralf Haferkamp
1ace257064 graph/groups: Allow unprivileged users to search for groups 2023-12-07 10:21:45 +01:00
Florian Schade
ad06a192d8 enhancement: add graph beta listPermissions endpoint (#7753)
* enhancement: add graph beta listPermissions endpoint

besides the new api endpoint it includes several utilities to simplify the graph api development.

* resolve drive and item id from the request path
* generic pointer and value utilities
* space root detection

* update GetDriveAndItemIDParam signature to return a error

* move errorcode package

* enhancement: add generic error code handling

* fix: rebase
2023-11-28 17:06:04 +01:00
Roman Perekhod
a6b75bc9f6 fix libre-graph status codes (#7705)
* fix libre-graph status codes

* owncloud-test-middleware bumped

---------

Co-authored-by: Roman Perekhod <rperekhod@owncloud.com>
2023-11-15 17:45:23 +01:00
Daniël Franke
952ebe7d7d Pass context to event publishing.
To allow tracing propagation via events, we need to pass the context
to the `Publish` function of reva events. This adds the context
everywhere where events are published. If there was no context to pass,
we started a new one with `context.Background()`.
2023-08-11 12:01:19 +02:00
Roman Perekhod
6b3c1327d0 fixed the ability to create a group with an empty name #5050 2023-06-12 09:19:54 +02:00
Ralf Haferkamp
77e773515d graph/users: gracefully handle PATCH requests with empty bodies
Return as success status code when the PATCH request comes with an empty
body. This is mainly to workaround issues like:
https://github.com/owncloud/web/issues/8946
2023-05-03 09:32:05 +02:00
Ralf Haferkamp
120887abcc graph: new config option GRAPH_LDAP_GROUP_CREATE_BASE_DN
By setting GRAPH_LDAP_GROUP_CREATE_BASE_DN a distinct subtree can be
configured where new LDAP groups are created. That subtree needs to be
subordinate to GRAPH_LDAP_GROUP_BASE_DN. All groups outside for
GRAPH_LDAP_GROUP_CREATE_BASE_DN are considered read-only and only groups
below that DN can be updated and deleted.

This is introduced for a pretty specific usecase where most groups are managed
in an external source (e.g. a read-only replica of an LDAP tree). But we still
want to allow the local administrator to create groups in a writeable subtree
attached to that replica.
2023-04-04 15:56:57 +02:00
Daniel Swärd
620940ec3f graph: Add strict json decoding to return errors when receiving unknown parameters 2023-04-03 15:39:23 +02:00
Daniel Swärd
ab07525602 graph: Allow updating of group name via PATCH request 2023-03-28 13:06:53 +02:00
Ralf Haferkamp
b7ec7c92c4 graph: Initial support for $filter in /users (#5533)
This adds some initial support for using $filter (as defined in the
odata spec) on the /users endpoint. Currently the following filters are
supported:

A single filter on `id` property of the `memberOf` relation of users.
To list all users that are members of a specific group:

```
curl 'https://localhost:9200/graph/v1.0/users?$filter=memberOf/any(m:m/id eq '262982c1-2362-4afa-bfdf-8cbfef64a06e')
```

A logical AND filteri on the `id` property of the `memberOf` relation of users.

`$filter=memberOf/any(m:m/id eq 262982c1-2362-4afa-bfdf-8cbfef64a06e) and memberOf/any(m:m/id eq 6040aa17-9c64-4fef-9bd0-77234d71bad0)`

This will cause at least two queries on the identity backend. The `and`
operation is performed locally.

Closes: #5487
2023-02-14 10:32:32 +01:00
Ralf Haferkamp
82021dca5a graph: Fix event handling for /groups
When running the graph service standalone with token auth we don't
have a user in the context. Avoid nil point exception when issueing
events in such a setup.
2023-02-02 16:04:03 +01:00
Ralf Haferkamp
709ef1ffca graph:Add stubs for education/classes endpoints (#5360)
* Renamed files for consistency reasons

err_school.go implements the full education interface not just schools.
ldap_school.go renamed to ldap_education_school.go for making it
consistent with ldap_education_user.go

* graph: Add stubs for education/classes endpoints

The acutal backend implementations are still empty.
2023-01-11 20:38:18 +01:00
Daniël Franke
425ebb8084 Change naming 2023-01-10 11:45:24 +01:00
Daniël Franke
49d71ea111 Make amount of users in patch configurable.
This PR changes the following:

* Create an API config section for API configurables.
* Add a setting `UserPatchLimit` that controls how many users can be changed in a PATCH request.
* Use this setting in the API to limit the amount of users that can be changed.
2023-01-10 11:45:24 +01:00
Ralf Haferkamp
4717248959 Simplify sort code a bit
Switch to sort.Slice() instead of sort.Sort(), which requires less
boilerplate.
2023-01-10 09:31:40 +01:00
Jörn Friedrich Dreyer
57fd00d238 handle /education/user
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2022-12-21 15:38:14 +01:00
Jörn Friedrich Dreyer
9844f5f8ce initial schools API
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2022-12-21 15:38:14 +01:00
David Christofas
39917330f6 fix goconst bugs 2022-12-21 14:46:01 +01:00
Jörn Friedrich Dreyer
d359a7c2cf [full-ci] standalone graph service with LDAP (#5199)
* standalone graph service with LDAP

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* no panic on PATCH and DELETE

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix apitoken yaml key

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* update user, fix response codes

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix group creation return code

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* remove unknown user property

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* fix create return code checks in graph feature context

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* updating uses 200 OK when returning a body

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* revert user statusCreated change for now

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* revert return code changes

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2022-12-12 12:46:10 +01:00
Jörn Friedrich Dreyer
b2b4f9893c align revactx package import (#5206)
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>

Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
2022-12-08 14:45:30 +01:00
Andre Duffeck
7c2961e18a Graph test coverage (#5098)
* First iteration of a groups test

* Do not render a result in case of an error

* Generate mocks for identity.Backend

* Export listResponse (-> ListResponse)

* Add unit tests for GetGroups

* Finish GetGroups unit tests

* Increase test coverage

* Increase test coverage

* Increase test coverage

* Add missing mocks

* Fix return codes

* Fix error messages
2022-11-23 14:01:29 +01:00
Michael Barz
0b7297d1b4 harden drives api and improve logging 2022-10-16 00:38:44 +02:00
Christian Richter
f8f1320501 refactor extensions -> services
Signed-off-by: Christian Richter <crichter@owncloud.com>
2022-06-27 14:05:36 +02:00
Christian Richter
78064e6bab rename folder extensions -> services
Signed-off-by: Christian Richter <crichter@owncloud.com>
2022-06-27 14:05:36 +02:00