Skip to content

feat(ldap): Allow to search one user by one of its LDAP attribute#59928

Open
CarlSchwan wants to merge 1 commit intomasterfrom
carl/ldap-search-one-by-attribute
Open

feat(ldap): Allow to search one user by one of its LDAP attribute#59928
CarlSchwan wants to merge 1 commit intomasterfrom
carl/ldap-search-one-by-attribute

Conversation

@CarlSchwan
Copy link
Copy Markdown
Member

@CarlSchwan CarlSchwan commented Apr 27, 2026
edited
Loading

Summary

Part of #55284

Alternative to #56721

Related PRs:

Checklist

AI (if applicable)

  • The content of this PR was partly or fully generated using AI

@CarlSchwan CarlSchwan added this to the Nextcloud 34 milestone Apr 27, 2026
@CarlSchwan CarlSchwan self-assigned this Apr 27, 2026
@CarlSchwan CarlSchwan requested a review from a team as a code owner April 27, 2026 12:05
@CarlSchwan CarlSchwan requested review from come-nc, nfebe, salmart-dev and sorbaugh and removed request for a team April 27, 2026 12:05
@CarlSchwan
feat(ldap): Allow to search one user by one of its LDAP attribute
15f4ff4 
Signed-off-by: Carl Schwan <carlschwan@kde.org>
@CarlSchwan CarlSchwan force-pushed the carl/ldap-search-one-by-attribute branch from f8d70a0 to 15f4ff4 Compare April 27, 2026 16:05
@CarlSchwan CarlSchwan mentioned this pull request Apr 27, 2026
Draft
2 tasks
come-nc
come-nc requested changes Apr 28, 2026
View reviewed changes
Comment thread lib/public/LDAP/Exceptions/MultipleUsersReturnedException.php
@@ -0,0 +1,18 @@
<?php

Copy link
Copy Markdown
Contributor

@come-nc come-nc Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

strict types missing

Comment thread apps/user_ldap/lib/User_LDAP.php

#[Override]
public function getUserFromCustomAttribute(string $attribute, string $searchTerm): ?IUser {
$searchTerm = $this->access->escapeFilterPart($searchTerm);
Copy link
Copy Markdown
Contributor

@come-nc come-nc Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should $attribute be escaped or validated 🤔

Comment thread apps/user_ldap/lib/User_LDAP.php
$records = $this->access->searchUsers($filter, ['dn']);
if (count($records) === 1) {
$ldapUser = $this->access->userManager->get($records[0]['dn'][0]);
return $this->userManager->get($ldapUser->getUsername());
Copy link
Copy Markdown
Contributor

@come-nc come-nc Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should return the uid as a string to be consistent with the rest of the class and avoid having to inject UserManager in there.
Then LDAPProvider can wrap the UID in an IUser using IUserManager->getExistingUser.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@come-nc come-nc come-nc requested changes

@salmart-dev salmart-dev Awaiting requested review from salmart-dev salmart-dev is a code owner automatically assigned from nextcloud/server-backend

@nfebe nfebe Awaiting requested review from nfebe nfebe is a code owner automatically assigned from nextcloud/server-backend

@sorbaugh sorbaugh Awaiting requested review from sorbaugh sorbaugh is a code owner automatically assigned from nextcloud/server-backend

Requested changes must be addressed to merge this pull request.

Assignees

@CarlSchwan CarlSchwan

Labels

3. to review Waiting for reviews feature: ldap feature: users and groups

Projects

None yet

Milestone

Nextcloud 34

Development

Successfully merging this pull request may close these issues.

2 participants

@CarlSchwan @come-nc