diff --git a/pkg/cbox/group/rest/rest.go b/pkg/cbox/group/rest/rest.go index 7ff26e1857..5957768bfd 100644 --- a/pkg/cbox/group/rest/rest.go +++ b/pkg/cbox/group/rest/rest.go @@ -315,7 +315,6 @@ func (m *manager) parseAndCacheGroup(ctx context.Context, groupData map[string]i } func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId) (*grouppb.Group, error) { - g, err := m.fetchCachedGroupDetails(gid) if err != nil { groupData, err := m.getGroupByParam(ctx, "groupIdentifier", gid.OpaqueId) @@ -335,6 +334,7 @@ func (m *manager) GetGroup(ctx context.Context, gid *grouppb.GroupId) (*grouppb. } func (m *manager) GetGroupByClaim(ctx context.Context, claim, value string) (*grouppb.Group, error) { + value = url.QueryEscape(value) opaqueID, err := m.fetchCachedParam(claim, value) if err == nil { return m.GetGroup(ctx, &grouppb.GroupId{OpaqueId: opaqueID}) @@ -420,7 +420,7 @@ func (m *manager) FindGroups(ctx context.Context, query string) ([]*grouppb.Grou for _, f := range filters { url := fmt.Sprintf("%s/Group/?filter=%s:contains:%s&field=groupIdentifier&field=displayName&field=gid", - m.conf.APIBaseURL, f, query) + m.conf.APIBaseURL, f, url.QueryEscape(query)) err := m.findGroupsByFilter(ctx, url, groups) if err != nil { return nil, err diff --git a/pkg/cbox/user/rest/rest.go b/pkg/cbox/user/rest/rest.go index 31bbc8d60a..f40a7a0175 100644 --- a/pkg/cbox/user/rest/rest.go +++ b/pkg/cbox/user/rest/rest.go @@ -327,7 +327,6 @@ func (m *manager) parseAndCacheUser(ctx context.Context, userData map[string]int } func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId) (*userpb.User, error) { - u, err := m.fetchCachedUserDetails(uid) if err != nil { userData, err := m.getUserByParam(ctx, "upn", uid.OpaqueId) @@ -347,6 +346,7 @@ func (m *manager) GetUser(ctx context.Context, uid *userpb.UserId) (*userpb.User } func (m *manager) GetUserByClaim(ctx context.Context, claim, value string) (*userpb.User, error) { + value = url.QueryEscape(value) opaqueID, err := m.fetchCachedParam(claim, value) if err == nil { return m.GetUser(ctx, &userpb.UserId{OpaqueId: opaqueID}) @@ -439,7 +439,7 @@ func (m *manager) FindUsers(ctx context.Context, query string) ([]*userpb.User, for _, f := range filters { url := fmt.Sprintf("%s/Identity/?filter=%s:contains:%s&field=id&field=upn&field=primaryAccountEmail&field=displayName&field=uid&field=gid&field=type", - m.conf.APIBaseURL, f, query) + m.conf.APIBaseURL, f, url.QueryEscape(query)) err := m.findUsersByFilter(ctx, url, users) if err != nil { return nil, err diff --git a/pkg/group/manager/json/json.go b/pkg/group/manager/json/json.go index 7b91a853a4..ad4a425dd6 100644 --- a/pkg/group/manager/json/json.go +++ b/pkg/group/manager/json/json.go @@ -130,7 +130,9 @@ func (m *manager) FindGroups(ctx context.Context, query string) ([]*grouppb.Grou } func groupContains(g *grouppb.Group, query string) bool { - return strings.Contains(g.GroupName, query) || strings.Contains(g.DisplayName, query) || strings.Contains(g.Mail, query) || strings.Contains(g.Id.OpaqueId, query) + query = strings.ToLower(query) + return strings.Contains(strings.ToLower(g.GroupName), query) || strings.Contains(strings.ToLower(g.DisplayName), query) || + strings.Contains(strings.ToLower(g.Mail), query) || strings.Contains(strings.ToLower(g.Id.OpaqueId), query) } func (m *manager) GetMembers(ctx context.Context, gid *grouppb.GroupId) ([]*userpb.UserId, error) { diff --git a/pkg/storage/utils/eosfs/eosfs.go b/pkg/storage/utils/eosfs/eosfs.go index f33ec4de6f..68f9a67786 100644 --- a/pkg/storage/utils/eosfs/eosfs.go +++ b/pkg/storage/utils/eosfs/eosfs.go @@ -767,7 +767,7 @@ func (fs *eosfs) GetQuota(ctx context.Context) (int, int, error) { return 0, 0, err } - qi, err := fs.c.GetQuota(ctx, u.Username, rootUID, rootGID, fs.conf.Namespace) + qi, err := fs.c.GetQuota(ctx, u.Username, rootUID, rootGID, fs.conf.QuotaNode) if err != nil { err := errors.Wrap(err, "eosfs: error getting quota") return 0, 0, err diff --git a/pkg/user/manager/json/json.go b/pkg/user/manager/json/json.go index 489553ea64..6a02e6c09e 100644 --- a/pkg/user/manager/json/json.go +++ b/pkg/user/manager/json/json.go @@ -124,7 +124,9 @@ func extractClaim(u *userpb.User, claim string) (string, error) { // TODO(jfd) search Opaque? compare sub? func userContains(u *userpb.User, query string) bool { - return strings.Contains(u.Username, query) || strings.Contains(u.DisplayName, query) || strings.Contains(u.Mail, query) || strings.Contains(u.Id.OpaqueId, query) + query = strings.ToLower(query) + return strings.Contains(strings.ToLower(u.Username), query) || strings.Contains(strings.ToLower(u.DisplayName), query) || + strings.Contains(strings.ToLower(u.Mail), query) || strings.Contains(strings.ToLower(u.Id.OpaqueId), query) } func (m *manager) FindUsers(ctx context.Context, query string) ([]*userpb.User, error) { diff --git a/tests/oc-integration-tests/drone/gateway.toml b/tests/oc-integration-tests/drone/gateway.toml index 8a0547a928..cd698955a6 100644 --- a/tests/oc-integration-tests/drone/gateway.toml +++ b/tests/oc-integration-tests/drone/gateway.toml @@ -19,6 +19,7 @@ storageregistrysvc = "localhost:19000" # user metadata preferencessvc = "localhost:18000" userprovidersvc = "localhost:18000" +groupprovidersvc = "localhost:18000" # an approvider lives on "localhost:18000" as well, see users.toml # sharing usershareprovidersvc = "localhost:17000" diff --git a/tests/oc-integration-tests/drone/ldap-users.toml b/tests/oc-integration-tests/drone/ldap-users.toml index 28e5e7ad91..d5e897db0b 100644 --- a/tests/oc-integration-tests/drone/ldap-users.toml +++ b/tests/oc-integration-tests/drone/ldap-users.toml @@ -44,3 +44,24 @@ uid="uid" displayName="displayName" dn="dn" cn="cn" + +[grpc.services.groupprovider] +driver = "ldap" + +[grpc.services.groupprovider.drivers.ldap] +hostname="ldap" +port=636 +base_dn="dc=owncloud,dc=com" +groupfilter="(&(objectclass=posixGroup)(|(gid={{.OpaqueId}})(cn={{.OpaqueId}})))" +findfilter="(&(objectclass=posixGroup)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))" +attributefilter="(&(objectclass=posixGroup)({{attr}}={{value}}))" +memberfilter="(&(objectclass=posixAccount)(cn={{.OpaqueId}}))" +bind_username="cn=admin,dc=owncloud,dc=com" +bind_password="admin" +idp="http://localhost:18000" + +[grpc.services.groupprovider.drivers.ldap.schema] +gid="gid" +displayName="displayName" +dn="dn" +cn="cn" diff --git a/tests/oc-integration-tests/local/gateway.toml b/tests/oc-integration-tests/local/gateway.toml index 8adea69f59..3805824a2b 100644 --- a/tests/oc-integration-tests/local/gateway.toml +++ b/tests/oc-integration-tests/local/gateway.toml @@ -19,6 +19,7 @@ storageregistrysvc = "localhost:19000" # user metadata preferencessvc = "localhost:18000" userprovidersvc = "localhost:18000" +groupprovidersvc = "localhost:18000" # an approvider lives on "localhost:18000" as well, see users.toml # sharing usershareprovidersvc = "localhost:17000" diff --git a/tests/oc-integration-tests/local/ldap-users.toml b/tests/oc-integration-tests/local/ldap-users.toml index 3bc0897276..afc638a989 100644 --- a/tests/oc-integration-tests/local/ldap-users.toml +++ b/tests/oc-integration-tests/local/ldap-users.toml @@ -44,3 +44,24 @@ uid="uid" displayName="displayName" dn="dn" cn="cn" + +[grpc.services.groupprovider] +driver = "ldap" + +[grpc.services.groupprovider.drivers.ldap] +hostname="localhost" +port=636 +base_dn="dc=owncloud,dc=com" +groupfilter="(&(objectclass=posixGroup)(|(gid={{.OpaqueId}})(cn={{.OpaqueId}})))" +findfilter="(&(objectclass=posixGroup)(|(cn={{query}}*)(displayname={{query}}*)(mail={{query}}*)))" +attributefilter="(&(objectclass=posixGroup)({{attr}}={{value}}))" +memberfilter="(&(objectclass=posixAccount)(cn={{.OpaqueId}}))" +bind_username="cn=admin,dc=owncloud,dc=com" +bind_password="admin" +idp="http://localhost:18000" + +[grpc.services.groupprovider.drivers.ldap.schema] +gid="gid" +displayName="displayName" +dn="dn" +cn="cn"