Loading Dockerfile +2 −3 Original line number Original line Diff line number Diff line Loading @@ -7,7 +7,7 @@ ARG NEWS_VERSION="18.0.1" ARG QUOTA_WARN_VERSION="1.14.0" ARG QUOTA_WARN_VERSION="1.14.0" ARG NOTES_VERSION="4.3.1" ARG NOTES_VERSION="4.3.1" ARG CONTACTS_VERSION="4.1.1" ARG CONTACTS_VERSION="4.1.1" ARG CALENDAR_JOB_ID="309022" ARG CALENDAR_JOB_ID="321100" ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1" ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1" ARG EMAIL_RECOVERY_JOB_ID="313915" ARG EMAIL_RECOVERY_JOB_ID="313915" ARG RAINLOOP_VERSION="7.2.5" ARG RAINLOOP_VERSION="7.2.5" Loading @@ -17,7 +17,7 @@ ARG ECLOUD_LAUNCHER_JOB_ID="318040" ARG GOOGLE_INTEGRATION_VERSION="1.0.6" ARG GOOGLE_INTEGRATION_VERSION="1.0.6" ARG LDAP_WRITE_SUPPORT_VERSION="1.4.0" ARG LDAP_WRITE_SUPPORT_VERSION="1.4.0" RUN sed -i 's/22,2,8,1/22,2,8,11/' ${BASE_DIR}/version.php RUN sed -i 's/22,2,8,1/22,2,8,12/' ${BASE_DIR}/version.php COPY custom_entrypoint.sh / COPY custom_entrypoint.sh / RUN chmod +x /custom_entrypoint.sh RUN chmod +x /custom_entrypoint.sh RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images Loading Loading @@ -130,7 +130,6 @@ RUN rm -rf ${TMP_PATCH_DIR} # autocomplete leak tweak apps frontend with sed, disable group suggestion # autocomplete leak tweak apps frontend with sed, disable group suggestion RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/emit("new-contact")/emit("newContact")/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js Loading patches/002-login-without-domain.patch +33 −24 Original line number Original line Diff line number Diff line Loading @@ -8,11 +8,11 @@ only the admin user (also configured in env var) will not have his login appende diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php --- ./core/Controller/LoginController.php 2022-05-11 11:09:58.346364031 +0530 --- ./core/Controller/LoginController.php 2022-05-11 11:09:58.346364031 +0530 +++ ./core/Controller/LoginController-new.php 2022-05-11 11:21:08.460617172 +0530 +++ ./core/Controller/LoginController-new.php 2022-05-30 19:32:45.195279817 +0530 @@ -302,7 +302,22 @@ @@ -303,6 +303,27 @@ if (!$this->request->passesCSRFCheck()) { return $this->generateRedirect($redirect_url); return $this->generateRedirect($redirect_url); } } + $user = trim($user); + $user = trim($user); + $user = mb_strtolower($user, 'UTF-8'); + $user = mb_strtolower($user, 'UTF-8'); + $domain = $this->config->getSystemValue('mail_domain', ''); + $domain = $this->config->getSystemValue('mail_domain', ''); Loading @@ -21,39 +21,48 @@ diff --git ./core/Controller/LoginController.php ./core/Controller/LoginControll + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $is_admin = strcmp($user, $admin_username) === 0; + $is_admin = strcmp($user, $admin_username) === 0; + + if(!$is_admin) { + if(!$is_admin && stristr($user, $domain_suffix) !== FALSE) { + $user = str_replace($alt_domain_suffix, $domain_suffix, $user); + $user = str_replace($domain_suffix, '', $user); + } + + if (!$is_admin && stristr($user, $alt_domain_suffix) !== FALSE) { + $user = str_replace($alt_domain_suffix, '', $user); + } + } + + + if (!$is_admin && stristr($user, $domain_suffix) === FALSE) { + if(!$this->userManager->userExists($user)) { + $user = $user . $domain_suffix; + $user = $user . $domain_suffix; + } + } + $data = new LoginData( $data = new LoginData( $this->request, $this->request, trim($user), trim($user), --- ./core/Controller/WebAuthnController.php 2022-05-11 11:11:55.469731468 +0530 --- ./core/Controller/WebAuthnController.php 2022-05-11 11:11:55.469731468 +0530 +++ ./core/Controller/WebAuthnController-new.php 2022-05-11 11:27:43.978963021 +0530 +++ ./core/Controller/WebAuthnController-new.php 2022-05-30 19:34:53.540848852 +0530 @@ -73,6 +73,22 @@ @@ -73,6 +73,26 @@ $this->logger->debug('Converting login name to UID'); $this->logger->debug('Converting login name to UID'); $uid = $loginName; $uid = $loginName; + $uid = trim($uid); + $uid = trim($uid); + $uid = mb_strtolower($uid, 'UTF-8'); + $uid = mb_strtolower($uid, 'UTF-8'); + $domain = \OC::$server->getConfig()->getSystemValue('mail_domain', ''); + $domain = $this->config->getSystemValue('mail_domain', ''); + $domain_suffix = !empty($domain) ? '@' . $domain : ''; + $domain_suffix = !empty($domain) ? '@' . $domain : ''; + $alt_domain = \OC::$server->getConfig()->getSystemValue('alt_mail_domain', ''); + $alt_domain = $this->config->getSystemValue('alt_mail_domain', ''); + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $is_admin = strcmp($uid, $admin_username) === 0; + $is_admin = strcmp($uid, $admin_username) === 0; + + + if(!$is_admin) { + if(!$is_admin && stristr($uid, $domain_suffix) !== FALSE) { + $uid = str_replace($alt_domain_suffix, $domain_suffix, $uid); + $uid = str_replace($domain_suffix, '', $uid); + } + if (!$is_admin && stristr($uid, $alt_domain_suffix) !== FALSE) { + $uid = str_replace($alt_domain_suffix, '', $uid); + } + } + + + if (!$is_admin && stristr($uid, $domain_suffix) === FALSE) { + if(!$this->userManager->userExists($uid)) { + $uid = $uid . $domain_suffix; + $uid = $uid . $domain_suffix; + } + } + Util::emitHook( Util::emitHook( '\OCA\Files_Sharing\API\Server2Server', '\OCA\Files_Sharing\API\Server2Server', 'preLoginNameUsedAsUserName', 'preLoginNameUsedAsUserName', Loading
Dockerfile +2 −3 Original line number Original line Diff line number Diff line Loading @@ -7,7 +7,7 @@ ARG NEWS_VERSION="18.0.1" ARG QUOTA_WARN_VERSION="1.14.0" ARG QUOTA_WARN_VERSION="1.14.0" ARG NOTES_VERSION="4.3.1" ARG NOTES_VERSION="4.3.1" ARG CONTACTS_VERSION="4.1.1" ARG CONTACTS_VERSION="4.1.1" ARG CALENDAR_JOB_ID="309022" ARG CALENDAR_JOB_ID="321100" ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1" ARG USER_BACKEND_RAW_SQL_VERSION="1.1.1" ARG EMAIL_RECOVERY_JOB_ID="313915" ARG EMAIL_RECOVERY_JOB_ID="313915" ARG RAINLOOP_VERSION="7.2.5" ARG RAINLOOP_VERSION="7.2.5" Loading @@ -17,7 +17,7 @@ ARG ECLOUD_LAUNCHER_JOB_ID="318040" ARG GOOGLE_INTEGRATION_VERSION="1.0.6" ARG GOOGLE_INTEGRATION_VERSION="1.0.6" ARG LDAP_WRITE_SUPPORT_VERSION="1.4.0" ARG LDAP_WRITE_SUPPORT_VERSION="1.4.0" RUN sed -i 's/22,2,8,1/22,2,8,11/' ${BASE_DIR}/version.php RUN sed -i 's/22,2,8,1/22,2,8,12/' ${BASE_DIR}/version.php COPY custom_entrypoint.sh / COPY custom_entrypoint.sh / RUN chmod +x /custom_entrypoint.sh RUN chmod +x /custom_entrypoint.sh RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images RUN mkdir -p /var/www/skeleton/Documents && mkdir -p /var/www/skeleton/Images Loading Loading @@ -130,7 +130,6 @@ RUN rm -rf ${TMP_PATCH_DIR} # autocomplete leak tweak apps frontend with sed, disable group suggestion # autocomplete leak tweak apps frontend with sed, disable group suggestion RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/contacts && sed -i 's/emit("new-contact")/emit("newContact")/g' js/contacts-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/"GROUP","INDIVIDUAL"/"INDIVIDUAL"/g' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js RUN cd ${BASE_DIR}/custom_apps/calendar && sed -i 's/{name:\[a,"displayname"\]},//' js/calendar-main.js Loading
patches/002-login-without-domain.patch +33 −24 Original line number Original line Diff line number Diff line Loading @@ -8,11 +8,11 @@ only the admin user (also configured in env var) will not have his login appende diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php diff --git ./core/Controller/LoginController.php ./core/Controller/LoginController-new.php --- ./core/Controller/LoginController.php 2022-05-11 11:09:58.346364031 +0530 --- ./core/Controller/LoginController.php 2022-05-11 11:09:58.346364031 +0530 +++ ./core/Controller/LoginController-new.php 2022-05-11 11:21:08.460617172 +0530 +++ ./core/Controller/LoginController-new.php 2022-05-30 19:32:45.195279817 +0530 @@ -302,7 +302,22 @@ @@ -303,6 +303,27 @@ if (!$this->request->passesCSRFCheck()) { return $this->generateRedirect($redirect_url); return $this->generateRedirect($redirect_url); } } + $user = trim($user); + $user = trim($user); + $user = mb_strtolower($user, 'UTF-8'); + $user = mb_strtolower($user, 'UTF-8'); + $domain = $this->config->getSystemValue('mail_domain', ''); + $domain = $this->config->getSystemValue('mail_domain', ''); Loading @@ -21,39 +21,48 @@ diff --git ./core/Controller/LoginController.php ./core/Controller/LoginControll + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $is_admin = strcmp($user, $admin_username) === 0; + $is_admin = strcmp($user, $admin_username) === 0; + + if(!$is_admin) { + if(!$is_admin && stristr($user, $domain_suffix) !== FALSE) { + $user = str_replace($alt_domain_suffix, $domain_suffix, $user); + $user = str_replace($domain_suffix, '', $user); + } + + if (!$is_admin && stristr($user, $alt_domain_suffix) !== FALSE) { + $user = str_replace($alt_domain_suffix, '', $user); + } + } + + + if (!$is_admin && stristr($user, $domain_suffix) === FALSE) { + if(!$this->userManager->userExists($user)) { + $user = $user . $domain_suffix; + $user = $user . $domain_suffix; + } + } + $data = new LoginData( $data = new LoginData( $this->request, $this->request, trim($user), trim($user), --- ./core/Controller/WebAuthnController.php 2022-05-11 11:11:55.469731468 +0530 --- ./core/Controller/WebAuthnController.php 2022-05-11 11:11:55.469731468 +0530 +++ ./core/Controller/WebAuthnController-new.php 2022-05-11 11:27:43.978963021 +0530 +++ ./core/Controller/WebAuthnController-new.php 2022-05-30 19:34:53.540848852 +0530 @@ -73,6 +73,22 @@ @@ -73,6 +73,26 @@ $this->logger->debug('Converting login name to UID'); $this->logger->debug('Converting login name to UID'); $uid = $loginName; $uid = $loginName; + $uid = trim($uid); + $uid = trim($uid); + $uid = mb_strtolower($uid, 'UTF-8'); + $uid = mb_strtolower($uid, 'UTF-8'); + $domain = \OC::$server->getConfig()->getSystemValue('mail_domain', ''); + $domain = $this->config->getSystemValue('mail_domain', ''); + $domain_suffix = !empty($domain) ? '@' . $domain : ''; + $domain_suffix = !empty($domain) ? '@' . $domain : ''; + $alt_domain = \OC::$server->getConfig()->getSystemValue('alt_mail_domain', ''); + $alt_domain = $this->config->getSystemValue('alt_mail_domain', ''); + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $alt_domain_suffix = !empty($alt_domain) ? '@' . $alt_domain : ''; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $admin_username = $_ENV["NEXTCLOUD_ADMIN_USER"]; + $is_admin = strcmp($uid, $admin_username) === 0; + $is_admin = strcmp($uid, $admin_username) === 0; + + + if(!$is_admin) { + if(!$is_admin && stristr($uid, $domain_suffix) !== FALSE) { + $uid = str_replace($alt_domain_suffix, $domain_suffix, $uid); + $uid = str_replace($domain_suffix, '', $uid); + } + if (!$is_admin && stristr($uid, $alt_domain_suffix) !== FALSE) { + $uid = str_replace($alt_domain_suffix, '', $uid); + } + } + + + if (!$is_admin && stristr($uid, $domain_suffix) === FALSE) { + if(!$this->userManager->userExists($uid)) { + $uid = $uid . $domain_suffix; + $uid = $uid . $domain_suffix; + } + } + Util::emitHook( Util::emitHook( '\OCA\Files_Sharing\API\Server2Server', '\OCA\Files_Sharing\API\Server2Server', 'preLoginNameUsedAsUserName', 'preLoginNameUsedAsUserName',
