sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

LDAP: check wether applying naming rule would end up in conflicts on update, if so don't do it

remotes/origin/stable4
Arthur Schiwon 2012-05-17 19:33:38 +07:00
parent 73a72054a3
commit 253f101b39
3 changed files with 53 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/user_ldap/appinfo/app.php
Unescape Escape View File

@ -27,12 +27,6 @@ require_once('apps/user_ldap/group_ldap.php');
OCP\App::registerAdmin('user_ldap','settings');
// define LDAP_DEFAULT_PORT
define('OC_USER_BACKEND_LDAP_DEFAULT_PORT', 389);
// define OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME
define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid');
// register user backend
OC_User::useBackend( 'LDAP' );
OC_Group::useBackend( new OC_GROUP_LDAP() );

24
apps/user_ldap/appinfo/update.php
Unescape Escape View File

@ -1,9 +1,33 @@
<?php
//from version 0.1 to 0.2
//settings
$pw = OCP\Config::getAppValue('user_ldap', 'ldap_password');
if(!is_null($pw)) {
$pwEnc = base64_encode($pw);
OCP\Config::setAppValue('user_ldap', 'ldap_agent_password', $pwEnc);
OC_Appconfig::deleteKey('user_ldap', 'ldap_password');
}
//detect if we can switch on naming guidelines. We won't do it on conflicts.
//it's a bit spaghetti, but hey.
$sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping';
require_once(OC::$APPSROOT.'/apps/user_ldap/lib_ldap.php');
require_once(OC::$APPSROOT.'/apps/user_ldap/user_ldap.php');
OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
$LDAP_USER = new OC_USER_LDAP();
$users_old = $LDAP_USER->getUsers();
$query = OCP\DB::prepare($sqlCleanMap);
$query->execute();
OCP\Config::setSystemValue('ldapIgnoreNamingRules', false);
OC_LDAP::init(true);
$users_new = $LDAP_USER->getUsers();
$query = OCP\DB::prepare($sqlCleanMap);
$query->execute();
if($users_old !== $users_new) {
//we don't need to check Groups, because they were not supported in 3'
OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
}

46
apps/user_ldap/lib_ldap.php
Unescape Escape View File

@ -45,14 +45,21 @@ class OC_LDAP {
static protected $ldapAgentPassword;
static protected $ldapTLS;
static protected $ldapNoCase;
static protected $ldapIgnoreNamingRules;
// user and group settings, that are needed in both backends
static protected $ldapUserDisplayName;
static protected $ldapUserFilter;
static protected $ldapGroupDisplayName;
static protected $ldapLoginFilter;
static public function init() {
self::readConfiguration();
/**
* @brief initializes the LDAP backend
* @param $force read the config settings no matter what
*
* initializes the LDAP backend
*/
static public function init($force = false) {
self::readConfiguration($force);
self::establishConnection();
}
@ -527,6 +534,10 @@ class OC_LDAP {
}
static private function sanitizeUsername($name) {
if(self::$ldapIgnoreNamingRules) {
return $name;
}
//REPLACEMENTS
$name = str_replace(' ', '_', $name);
@ -594,21 +605,22 @@ class OC_LDAP {
/**
* Caches the general LDAP configuration.
*/
static private function readConfiguration() {
if(!self::$configured) {
self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', '');
self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT);
self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn','');
self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password',''));
self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', '');
self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase);
self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME));
self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person');
self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)');
self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR));
static private function readConfiguration($force = false) {
if(!self::$configured || $force) {
self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', '');
self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', 389);
self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn','');
self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password',''));
self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', '');
self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase);
self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'));
self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person');
self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)');
self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR));
self::$ldapIgnoreNamingRules = OCP\Config::getSystemValue('ldapIgnoreNamingRules', false);
if(empty(self::$ldapBaseUsers)) {
OCP\Util::writeLog('ldap', 'Base for Users is empty, using Base DN', OCP\Util::INFO);