commit f828a63

Merge: e24a5a4 4ecf4c6
Author: Jörn Friedrich Dreyer <jfd@owncloud.com>
Date:   Mon Apr 11 22:36:28 2022 +0200

    Merge pull request #3476 from rhafer/share-ldap-con

    [full-ci] adapt for new LDAP config

extensions/_includes/graph-config-example.yaml

@@ -38,14 +38,16 @@ identity:
     write_enabled: false
     user_base_dn: ou=users,dc=ocis,dc=test
     user_search_scope: sub
-    user_filter: (objectClass=inetOrgPerson)
+    user_filter: ""
+    user_objectclass: inetOrgPerson
     user_mail_attribute: mail
     user_displayname_attribute: displayName
     user_name_attribute: uid
     user_id_attribute: owncloudUUID
     group_base_dn: ou=groups,dc=ocis,dc=test
     group_search_scope: sub
-    group_filter: (objectclass=groupOfNames)
+    group_filter: ""
+    group_objectclass: groupOfNames
     group_name_attribute: cn
     group_id_attribute: owncloudUUID
 events:

extensions/_includes/graph_configvars.md

@@ -16,23 +16,25 @@
 | OCIS_INSECURE;GRAPH_SPACES_INSECURE | bool | false | |
 | GRAPH_SPACES_EXTENDED_SPACE_PROPERTIES_CACHE_TTL | int | 0 | |
 | GRAPH_IDENTITY_BACKEND | string | cs3 | |
-| GRAPH_LDAP_URI | string | ldap://localhost:9125 | |
+| LDAP_URI;GRAPH_LDAP_URI | string | ldap://localhost:9125 | |
 | OCIS_INSECURE;GRAPH_LDAP_INSECURE | bool | false | |
-| GRAPH_LDAP_BIND_DN | string |  | |
-| GRAPH_LDAP_BIND_PASSWORD | string |  | |
+| LDAP_BIND_DN;GRAPH_LDAP_BIND_DN | string |  | |
+| LDAP_BIND_PASSWORD;GRAPH_LDAP_BIND_PASSWORD | string |  | |
 | GRAPH_LDAP_SERVER_UUID | bool | false | |
 | GRAPH_LDAP_SERVER_WRITE_ENABLED | bool | false | |
-| GRAPH_LDAP_USER_BASE_DN | string | ou=users,dc=ocis,dc=test | |
-| GRAPH_LDAP_USER_SCOPE | string | sub | |
-| GRAPH_LDAP_USER_FILTER | string | (objectClass=inetOrgPerson) | |
-| GRAPH_LDAP_USER_EMAIL_ATTRIBUTE | string | mail | |
-| GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE | string | displayName | |
-| GRAPH_LDAP_USER_NAME_ATTRIBUTE | string | uid | |
-| GRAPH_LDAP_USER_UID_ATTRIBUTE | string | owncloudUUID | |
-| GRAPH_LDAP_GROUP_BASE_DN | string | ou=groups,dc=ocis,dc=test | |
-| GRAPH_LDAP_GROUP_SEARCH_SCOPE | string | sub | |
-| GRAPH_LDAP_GROUP_FILTER | string | (objectclass=groupOfNames) | |
-| GRAPH_LDAP_GROUP_NAME_ATTRIBUTE | string | cn | |
-| GRAPH_LDAP_GROUP_ID_ATTRIBUTE | string | owncloudUUID | |
+| LDAP_USER_BASE_DN;GRAPH_LDAP_USER_BASE_DN | string | ou=users,dc=ocis,dc=test | |
+| LDAP_USER_SCOPE;GRAPH_LDAP_USER_SCOPE | string | sub | |
+| LDAP_USER_FILTER;GRAPH_LDAP_USER_FILTER | string |  | |
+| LDAP_USER_OBJECTCLASS;GRAPH_LDAP_USER_OBJECTCLASS | string | inetOrgPerson | |
+| LDAP_USER_SCHEMA_MAIL;GRAPH_LDAP_USER_EMAIL_ATTRIBUTE | string | mail | |
+| LDAP_USER_SCHEMA_DISPLAY_NAME;GRAPH_LDAP_USER_DISPLAYNAME_ATTRIBUTE | string | displayName | |
+| LDAP_USER_SCHEMA_USERNAME;GRAPH_LDAP_USER_NAME_ATTRIBUTE | string | uid | |
+| LDAP_USER_SCHEMA_ID;GRAPH_LDAP_USER_UID_ATTRIBUTE | string | owncloudUUID | |
+| LDAP_GROUP_BASE_DN;GRAPH_LDAP_GROUP_BASE_DN | string | ou=groups,dc=ocis,dc=test | |
+| LDAP_GROUP_SCOPE;GRAPH_LDAP_GROUP_SEARCH_SCOPE | string | sub | |
+| LDAP_GROUP_FILTER;GRAPH_LDAP_GROUP_FILTER | string |  | |
+| LDAP_GROUP_OBJECTCLASS;GRAPH_LDAP_GROUP_OBJECTCLASS | string | groupOfNames | |
+| LDAP_GROUP_SCHEMA_GROUPNAME;GRAPH_LDAP_GROUP_NAME_ATTRIBUTE | string | cn | |
+| LDAP_GROUP_SCHEMA_ID;GRAPH_LDAP_GROUP_ID_ATTRIBUTE | string | owncloudUUID | |
 | GRAPH_EVENTS_ENDPOINT | string | 127.0.0.1:9233 | the address of the streaming service|
 | GRAPH_EVENTS_CLUSTER | string | ocis-cluster | the clusterID of the streaming service. Mandatory when using nats|

extensions/_includes/idp-config-example.yaml

@@ -63,7 +63,8 @@ ldap:
   scope: sub
   login_attribute: cn
   email_attribute: mail
-  name_attribute: sn
+  name_attribute: displayName
   uuid_attribute: uid
   uuid_attribute_type: text
-  filter: (objectClass=posixaccount)
+  filter: ""
+  objectclass: posixAccount

extensions/_includes/idp_configvars.md

@@ -35,14 +35,15 @@
 | IDP_ID_TOKEN_EXPIRATION | uint64 | 3600 | |
 | IDP_REFRESH_TOKEN_EXPIRATION | uint64 | 94608000 | |
 |  | uint64 | 0 | |
-| IDP_LDAP_URI | string | ldap://localhost:9125 | |
-| IDP_LDAP_BIND_DN | string | cn=idp,ou=sysusers,dc=ocis,dc=test | |
-| IDP_LDAP_BIND_PASSWORD | string | idp | |
-| IDP_LDAP_BASE_DN | string | ou=users,dc=ocis,dc=test | |
-| IDP_LDAP_SCOPE | string | sub | |
+| LDAP_URI;IDP_LDAP_URI | string | ldap://localhost:9125 | |
+| LDAP_BIND_DN;IDP_LDAP_BIND_DN | string | cn=idp,ou=sysusers,dc=ocis,dc=test | |
+| LDAP_BIND_PASSWORD;IDP_LDAP_BIND_PASSWORD | string | idp | |
+| LDAP_USER_BASE_DN,IDP_LDAP_BASE_DN | string | ou=users,dc=ocis,dc=test | |
+| LDAP_USER_SCOPE;IDP_LDAP_SCOPE | string | sub | |
 | IDP_LDAP_LOGIN_ATTRIBUTE | string | cn | |
-| IDP_LDAP_EMAIL_ATTRIBUTE | string | mail | |
-| IDP_LDAP_NAME_ATTRIBUTE | string | sn | |
-| IDP_LDAP_UUID_ATTRIBUTE | string | uid | |
+| LDAP_USER_SCHEMA_MAIL;IDP_LDAP_EMAIL_ATTRIBUTE | string | mail | |
+| LDAP_USER_SCHEMA_USERNAME;IDP_LDAP_NAME_ATTRIBUTE | string | displayName | |
+| LDAP_USER_SCHEMA_ID;IDP_LDAP_UUID_ATTRIBUTE | string | uid | |
 | IDP_LDAP_UUID_ATTRIBUTE_TYPE | string | text | |
-| IDP_LDAP_FILTER | string | (objectClass=posixaccount) | |
+| LDAP_USER_FILTER;IDP_LDAP_FILTER | string |  | |
+| LDAP_USER_OBJECTCLASS;IDP_LDAP_OBJECTCLASS | string | posixAccount | |

extensions/_includes/storage-config-example.yaml

@@ -19,35 +19,38 @@ reva:
     uid_claim: ""
     gid_claim: ""
   ldap:
-    hostname: localhost
-    port: 9126
+    uri: ldaps://localhost:9126
     ca_cert: ~/.ocis/ldap/ldap.crt
     insecure: false
-    base_dn: dc=ocis,dc=test
-    login_filter: (&(objectclass=posixAccount)(|(cn={{login}})(mail={{login}})))
-    user_filter: (&(objectclass=posixAccount)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))
-    user_attribute_filter: (&(objectclass=posixAccount)({{attr}}={{value}}))
-    user_find_filter: (&(objectclass=posixAccount)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))
-    user_group_filter: (&(objectclass=posixGroup)(cn={{query}}*))
-    group_filter: (&(objectclass=posixGroup)(|(ownclouduuid={{.OpaqueId}})(cn={{.OpaqueId}})))
-    group_attribute_filter: (&(objectclass=posixGroup)({{attr}}={{value}}))
-    group_finder_filter: (&(objectclass=posixGroup)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))
-    group_member_filter: (&(objectclass=posixAccount)(ownclouduuid={{.OpaqueId}}*))
+    user_base_dn: dc=ocis,dc=test
+    group_base_dn: dc=ocis,dc=test
+    user_scope: sub
+    group_scope: sub
+    user_objectclass: posixAccount
+    group_objectclass: posixGroup
+    user_filter: ""
+    group_filter: ""
+    login_attributes:
+    - cn
+    - mail
     bind_dn: cn=reva,ou=sysusers,dc=ocis,dc=test
     bind_password: reva
     idp: https://localhost:9200
     user_schema:
-      uid: ownclouduuid
+      id: ownclouduuid
+      id_is_octet_string: false
       mail: mail
       display_name: displayname
-      cn: cn
+      user_name: cn
       uid_number: uidnumber
       gid_number: gidnumber
     group_schema:
-      gid: cn
+      id: cn
+      id_is_octet_string: false
       mail: mail
       display_name: cn
-      cn: cn
+      group_name: cn
+      member: cn
       gid_number: gidnumber
   user_group_rest:
     client_id: ""

grpc_apis/ocis/messages/accounts/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.accounts.v0"
 url: /grpc_apis/ocis_messages_accounts_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.settings.v0"
 url: /grpc_apis/ocis_messages_settings_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.store.v0"
 url: /grpc_apis/ocis_messages_store_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/messages/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.messages.thumbnails.v0"
 url: /grpc_apis/ocis_messages_thumbnails_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/accounts/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.accounts.v0"
 url: /grpc_apis/ocis_services_accounts_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/settings/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.settings.v0"
 url: /grpc_apis/ocis_services_settings_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/store/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.store.v0"
 url: /grpc_apis/ocis_services_store_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---

grpc_apis/ocis/services/thumbnails/v0/grpc.md

@@ -1,7 +1,7 @@
 ---
 title: "ocis.services.thumbnails.v0"
 url: /grpc_apis/ocis_services_thumbnails_v0
-date: 2022-04-11T16:08:18Z
+date: 2022-04-11T20:40:17Z
 weight: 50
 geekdocRepo: https://github.com/owncloud/ocis
 ---