Combing LDAP backend with LDAP extended backend

2012-02-16 17:55:39 +07:00 · 2012-02-16 17:55:39 +07:00 · 7ff4e40b20
parent 490c9db15d
commit 7ff4e40b20
3 changed files with 67 additions and 20 deletions
--- a/apps/user_ldap/appinfo/app.php
+++ b/apps/user_ldap/appinfo/app.php
@ -32,13 +32,13 @@ define('OC_USER_BACKEND_LDAP_DEFAULT_PORT', 389);
 define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid');

 // register user backend
-OC_User::useBackend( "LDAP" );
+OC_User::useBackend( 'LDAP' );

 // add settings page to navigation
 $entry = array(
-	'id' => "user_ldap_settings",
+	'id' => 'user_ldap_settings',
 	'order'=>1,
-	'href' => OC_Helper::linkTo( "user_ldap", "settings.php" ),
+	'href' => OC_Helper::linkTo( 'user_ldap', 'settings.php' ),
 	'name' => 'LDAP'
 );
 // OC_App::addNavigationSubEntry( "core_users", $entry);
--- a/apps/user_ldap/templates/settings.php
+++ b/apps/user_ldap/templates/settings.php
@ -12,6 +12,9 @@
 		<small><?php echo $l->t('Currently the display name field needs to be the same you matched %%uid against in the filter above, because ownCloud doesn\'t distinguish between user id and user name.');?></small></p>
 		<p><input type="checkbox" id="ldap_tls" name="ldap_tls" value="1"<?php if ($_['ldap_tls']) echo ' checked'; ?>><label for="ldap_tls"><?php echo $l->t('Use TLS');?></label></p>
 		<p><input type="checkbox" id="ldap_nocase" name="ldap_nocase" value="1"<?php if ($_['ldap_nocase']) echo ' checked'; ?>><label for="ldap_nocase"><?php echo $l->t('Case insensitve LDAP server (Windows)');?></label></p>
+		<p><label for="ldap_quota">Quota Attribute</label><input type="text" id="ldap_quota" name="ldap_quota" value="<?php echo $_['ldap_quota']; ?>" />
+                <label for="ldap_quota_def">Quota Default</label><input type="text" id="ldap_quota_def" name="ldap_quota_def" value="<?php echo $_['ldap_quota_def']; ?>" />bytes</p>
+                <p><label for="ldap_email">Email Attribute</label><input type="text" id="ldap_email" name="ldap_email" value="<?php echo $_['ldap_email']; ?>" /></p>
 		<input type="submit" value="Save" />
 	</fieldset>
 </form>
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@ -36,6 +36,12 @@ class OC_USER_LDAP extends OC_User_Backend {
 	protected $ldap_tls;
 	protected $ldap_nocase;
 	protected $ldap_display_name;
+	protected $ldap_quota;
+	protected $ldap_quota_def;
+	protected $ldap_email;
+
+	// will be retrieved from LDAP server
+	protected $ldap_dc = false;

 	function __construct() {
 		$this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host','');
@ -47,6 +53,9 @@ class OC_USER_LDAP extends OC_User_Backend {
 		$this->ldap_tls = OC_Appconfig::getValue('user_ldap', 'ldap_tls', 0);
 		$this->ldap_nocase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
 		$this->ldap_display_name = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME);
+		$this->ldap_quota_attr = OC_Appconfig::getValue('user_ldap', 'ldap_quota_attr','');
+		$this->ldap_quota_def = OC_Appconfig::getValue('user_ldap', 'ldap_quota_def','');
+		$this->ldap_email_attr = OC_Appconfig::getValue('user_ldap', 'ldap_email_attr','');

 		if( !empty($this->ldap_host)
 			&& !empty($this->ldap_port)
@ -66,6 +75,28 @@ class OC_USER_LDAP extends OC_User_Backend {
 			ldap_unbind($this->ds);
 	}

+	private function setQuota( $uid ) {
+		if( !$this->ldap_dc )
+			return false;
+
+		$quota = $this->ldap_dc[$this->ldap_quota_attr][0];
+		$quota = $quota != -1 ? $quota : $this->ldap_quota_def;
+		OC_Preferences::setValue($uid, 'files', 'quota', $quota);
+	}
+
+	private function setEmail( $uid ) {
+		if( !$this->ldap_dc )
+			return false;
+
+		$email = OC_Preferences::getValue($uid, 'settings', 'email', '');
+		if ( !empty( $email ) )
+			return false;
+
+		$email = $this->ldap_dc[$this->ldap_email_attr][0];
+		OC_Preferences::setValue($uid, 'settings', 'email', $email);
+	}
+
+	//Connect to LDAP and store the resource
 	private function getDs() {
 		if(!$this->ds) {
 			$this->ds = ldap_connect( $this->ldap_host, $this->ldap_port );
@ -74,18 +105,19 @@ class OC_USER_LDAP extends OC_User_Backend {
 						if($this->ldap_tls)
 							ldap_start_tls($this->ds);
 		}
-
+		//TODO: Not necessary to perform a bind each time, is it?
 		// login
 		if(!empty($this->ldap_dn)) {
 			$ldap_login = @ldap_bind( $this->ds, $this->ldap_dn, $this->ldap_password );
-			if(!$ldap_login)
+			if(!$ldap_login) {
 				return false;
+			}
 		}

 		return $this->ds;
 	}

-	private function getDn( $uid ) {
+	private function getDc( $uid ) {
 		if(!$this->configured)
 			return false;

@ -99,31 +131,43 @@ class OC_USER_LDAP extends OC_User_Backend {
 		$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
 		$entries = ldap_get_entries( $this->getDs(), $sr );

-		if( $entries['count'] == 0 )
+		if( $entries['count'] == 0 ) {
 			return false;
+		}
+
+		$this->ldap_dc = $entries[0];

-		return $entries[0]['dn'];
+		return $this->ldap_dc;
 	}

 	public function checkPassword( $uid, $password ) {
 		if(!$this->configured){
 			return false;
 		}
-		$dn = $this->getDn( $uid );
-		if( !$dn )
+		$dc = $this->getDc( $uid );
+		if( !$dc )
 			return false;

-		if (!@ldap_bind( $this->getDs(), $dn, $password ))
+		if (!@ldap_bind( $this->getDs(), $dc['dn'], $password )) {
 			return false;
-		
+		}
+
+		if(!empty($this->ldap_quota) && !empty($this->ldap_quota_def)) {
+			$this->setQuota($uid);
+		}
+
+		if(!empty($this->ldap_email_attr)) {
+			$this->setEmail($uid);
+		}
+
 		if($this->ldap_nocase) {
 			$filter = str_replace('%uid', $uid, $this->ldap_filter);
 			$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
 			$entries = ldap_get_entries( $this->getDs(), $sr );
 			if( $entries['count'] == 1 ) {
 				foreach($entries as $row) {
-					$ldap_display_name  = strtolower($this->ldap_display_name);					
-					if(isset($row[$ldap_display_name])) {					
+					$ldap_display_name  = strtolower($this->ldap_display_name);
+					if(isset($row[$ldap_display_name])) {
 						return $row[$ldap_display_name][0];
 					}
 				}
@ -131,12 +175,12 @@ class OC_USER_LDAP extends OC_User_Backend {
 			else {
 				return $uid;
 			}
-			
+
 		}
 		else {
 			return $uid;
 		}
-		
+
 	}

 	public function userExists( $uid ) {
@ -146,17 +190,17 @@ class OC_USER_LDAP extends OC_User_Backend {
 		$dn = $this->getDn($uid);
 		return !empty($dn);
 	}
-	
+
 	public function getUsers()
 	{
 		if(!$this->configured)
 		return false;
-	
+
 		// connect to server
 		$ds = $this->getDs();
 		if( !$ds )
 			return false;
-	
+
 		// get users
 		$filter = 'objectClass=person';
 		$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
@ -169,7 +213,7 @@ class OC_USER_LDAP extends OC_User_Backend {
 				// TODO ldap_get_entries() seems to lower all keys => needs review
 				$ldap_display_name  = strtolower($this->ldap_display_name);
 				if(isset($row[$ldap_display_name])) {
-					$users[] = $row[$ldap_display_name][0];					
+					$users[] = $row[$ldap_display_name][0];
 				}
 			}
 			// TODO language specific sorting of user names