Implementation of Groupbackend #545

JonathanTreffler · 2021-09-07T16:11:37Z

continuation of #536

Rebase to keep up with master
migration strategy
gid collision handling
automatically delete groups without members
ensure admins cannot (un)assign members, create or delete saml groups
tests
Migrations for groups on existing installations

Since this is a long-running feature implementation with many PRs here's the timeline:

JonathanTreffler · 2021-09-08T08:38:16Z

Migrations for groups on existing installations

For this step we need input/advice from the maintainers because we are currently not sure which implementation for that would be the best.

melegiul · 2021-09-17T09:28:49Z

@blizzz Beneath the main parts of this PR, which already worked like a charm, we finished now the last open issues on this PR:

gid collision handling
tests
ensure admins cannot delete SAML groups
delete SAML groups without members

Can you please review our changes?

CarlSchwan

Just a bit more type hinting there possible

lib/GroupDuplicateChecker.php

lib/GroupManager.php

lib/Jobs/MigrateGroups.php

svenseeberg · 2022-02-11T10:48:54Z

Is there a chance that this will get merged at some point? Can we do anything to help with that? Otherwise we would start searching for a solution outside of the user_saml app.

svenseeberg · 2022-04-26T12:07:10Z

We're already using the changes introduced with this PR in production and it works quite well. Migrating the groups into a dedicated back end also went smoothly. I think merging this PR adds more flexibility to the group management with this app. However we're able to implement other mechanisms and migrate back to the normal group back end if there is no chance that this PR is going to be merged.

appinfo/app.php

lib/GroupBackend.php

lib/GroupDuplicateChecker.php

lib/Jobs/MigrateGroups.php

lib/Migration/Version2500Date20191008134400.php

lib/UserBackend.php

lib/GroupBackend.php

appinfo/app.php

lib/GroupManager.php

appinfo/app.php

lib/GroupBackend.php

blizzz · 2022-09-12T12:07:47Z

lib/GroupDuplicateChecker.php

+		$this->logger = $logger;
+	}
+
+	public function checkForDuplicates(string $group): void {


seems to be unused?

lib/GroupManager.php

Signed-off-by: Jonathan Treffler <[email protected]> Co-authored-by: Carl Schwan <[email protected]>

Signed-off-by: Giuliano Mele <[email protected]>

This reverts commit 48f331f. Signed-off-by: Giuliano Mele <[email protected]>

Co-authored-by: Carl Schwan <[email protected]> Signed-off-by: Giuliano Mele <[email protected]>

Signed-off-by: Giuliano Mele <[email protected]>

Co-authored-by: Carl Schwan <[email protected]> Signed-off-by: Giuliano Mele <[email protected]>

Signed-off-by: Giuliano Mele <[email protected]>

- Switch to new configuration setup, see nextcloud#558 Signed-off-by: Giuliano Mele <[email protected]>

Signed-off-by: Giuliano Mele <[email protected]>

- also fixes some logic errors and deprecations - GroupBackend can now implement INamedBackend Signed-off-by: Arthur Schiwon <[email protected]>

blizzz · 2022-09-26T13:04:41Z

@JonathanTreffler I think this commit got lost: netzbegruenung@f5173a9

lib/Migration/Version6000Date20220912152700.php

blizzz · 2022-09-26T16:43:07Z

My own smoke-testing otherwise went fine. Also the migration bits. Still would tend to add the IdP-identifiert to the default SAML-Prefix. Also with regard to #355 (comment) occ commands as migration utilities (removing groups from migration, and reverting migrations) should be added, but I would add this in a seperate PR and not blow up this PR more than further necessary. I consider adding integration tests, does not need to be a blocker either.

kevinmccurdybrd · 2022-10-04T03:33:14Z

Hi guys! Thanks for spending some time to resolve this. I'm not sure which is the better solution between this and #659, but if we could get one of these reviewed and merged, that would be fantastic.

Selfishly, I'm about to deploy 5 azure instances of NC, and this would completely eliminate LDAP out of my design. This is a game changer, and I deeply appreciate all of the development that has gone into this solution and as well what @Ma27 did in 659. Thanks in advance!

blizzz · 2022-11-08T17:55:42Z

Closing as work is continued in #662, where it can also being pushed to. Currently I am looking into integration tests and would like then to conclude the PR.

JonathanTreffler requested review from schiessle and juliusknorr September 7, 2021 16:11

JonathanTreffler mentioned this pull request Sep 7, 2021

Implementation of Groupbackend #536

Closed

6 tasks

JonathanTreffler force-pushed the groupbackend branch from f29f3ce to d34ad7c Compare September 7, 2021 16:37

melegiul force-pushed the groupbackend branch 5 times, most recently from 8467038 to aae3530 Compare September 16, 2021 17:06

JonathanTreffler requested a review from blizzz September 17, 2021 09:03

nickvergessen requested a review from LukasReschke September 29, 2021 07:15

CarlSchwan reviewed Sep 29, 2021

View reviewed changes

JonathanTreffler force-pushed the groupbackend branch 2 times, most recently from 5752099 to b0f45cd Compare September 29, 2021 09:51

melegiul force-pushed the groupbackend branch from 39c1e1d to 6741fb6 Compare December 7, 2021 19:02

CarlSchwan reviewed Apr 26, 2022

View reviewed changes

CarlSchwan reviewed May 2, 2022

View reviewed changes

lib/GroupBackend.php Outdated Show resolved Hide resolved

melegiul force-pushed the groupbackend branch from 2fcbd43 to 7f6df92 Compare July 13, 2022 15:48

CarlSchwan reviewed Jul 13, 2022

View reviewed changes

appinfo/app.php Outdated Show resolved Hide resolved

melegiul force-pushed the groupbackend branch from 9e1f67d to 4a32175 Compare July 14, 2022 11:07