Skip to content

supresses disclosing the userid for LDAP users in the welcome mail #16551

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
MorrisJobke merged 1 commit into from
Jul 26, 2019
Merged

supresses disclosing the userid for LDAP users in the welcome mail #16551

MorrisJobke merged 1 commit into from
Jul 26, 2019

Conversation

@blizzz
Copy link
Member

@blizzz blizzz commented Jul 26, 2019

The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.

In order to be backportable I kept the solution simple. An advanced way would be to introduce another Interface for backends so that they can provide login information (login name, or perhaps type to not disclose more data than necessary in an email).

Fixes #12735 (the userid disclosre in sharing mentioned in the issue is already solved)

@blizzz
supresses disclosing the userid for LDAP users in the welcome mail
898430b 
The userid is not relevant here, and by default cannot be used to login
with. Typically, there is a common type of login names in organizations
(LDAP username or email most often) that does not need to be disclosed.

Signed-off-by: Arthur Schiwon <[email protected]>
@blizzz blizzz added this to the Nextcloud 17 milestone Jul 26, 2019
skjnldsv
skjnldsv approved these changes Jul 26, 2019
View reviewed changes
Copy link
Member

@skjnldsv skjnldsv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me!
There is no methods to check if the userid is valid of any use instead of hardcoding the ldap check?

@blizzz
Copy link
Member Author

blizzz commented Jul 26, 2019

There is no methods to check if the userid is valid of any use instead of hardcoding the ldap check?

That depends on the user backend, see the my description. I happily do a follow up PR with the proper solution, but right now I need something I can bring back to 16.

@blizzz
Copy link
Member Author

blizzz commented Jul 26, 2019

/backport to stable16

@MorrisJobke MorrisJobke added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Jul 26, 2019
@MorrisJobke MorrisJobke merged commit 71e5300 into master Jul 26, 2019
@delete-merged-branch delete-merged-branch bot deleted the fix/12735/displayname-email branch July 26, 2019 13:15
@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Jul 26, 2019
Merged
@backportbot-nextcloud
Copy link

backportbot-nextcloud bot commented Jul 26, 2019

backport to stable16 in #16561

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@juliusknorr juliusknorr juliusknorr approved these changes

@skjnldsv skjnldsv skjnldsv approved these changes

@nickvergessen nickvergessen Awaiting requested review from nickvergessen

@MorrisJobke MorrisJobke Awaiting requested review from MorrisJobke

Assignees

No one assigned

Labels

4. to release Ready to be released and/or waiting for tests to finish bug feature: users and groups

Projects

None yet

Milestone

Nextcloud 17

Development

Successfully merging this pull request may close these issues.

User userid instead of uid in Mails and Webinterface

5 participants

@blizzz @juliusknorr @skjnldsv @MorrisJobke