Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
New generic sync mechanism, aiming to fix some flaws the current mechanism has. In particular, the errors that could happen during syncing will be reported and be visible to the admin, so he'll know if something goes wrong; the command will fail (exit code different than 0) if something goes wrong.
The new sync mechanism will use specialized interfaces, not existing ones.
Advantages:
This PR includes the user sync service, which will allow admins to sync users from multiple backends. Right now, the DB backend is provided, and support for LDAP will be added in the user_ldap app (owncloud/user_ldap#808). Additional backends can be added in the respective apps.
Some simple examples:
occ sync:sync user
-> check and sync users from all registered backends (DB included). Missing users will be disabledocc sync:sync user -o 'missingAction=remove'
-> check and sync users from all registered backends (DB included). Missing users will be removedocc sync:sync user -o 'backends=OCA\User_LDAP\User_Proxy'
-> check and sync users just for that backend (DB users will be ignored). Missing users (from that backend) will be disabledocc sync:sync user -o 'missingAction=remove' -o 'backends=OCA\User_LDAP\User_Proxy'
-> check and sync users just for that backend. Missing users will be removedocc sync:sync user --only-one 59a09cfe-f23f-103d-992b-5b46a8a66263
-> check and sync only the user with that uid. If it's missing, the user will be disabledocc sync:sync user --only-one 59a09cfe-f23f-103d-992b-5b46a8a66263 -o 'backends=OC\User\Database' -o 'missingAction=remove'
-> check the user with that uid in the specified backend. If the user isn't in that backend (it might be from a different backend), it won't do anything; it will only remove the user if the backend matches and the user is missing. The command will try to sync the user from that backend (which should fail if it belongs to another backend).Related Issue
https://github.com/owncloud/enterprise/issues/5775
Motivation and Context
The current sync mechanism has an important problems when syncing LDAP users. There could be name collisions and the LDAP part could return less users than requested, causing the sync mechanism to stop and prevent syncing the rest of the LDAP users.
The new sync mechanism fixes that problem, and also make the error visible to the admin so it doesn't need to monitor the logs for specific errors.
How Has This Been Tested?
Manually tested, running the command in multiple scenarios
Screenshots (if appropriate):
Types of changes
Checklist: