Exemple #1
0
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$l = \OC::$server->getL10N('user_ldap');
if (!isset($_POST['action'])) {
    \OCP\JSON::error(array('message' => $l->t('No action specified')));
}
$action = (string) $_POST['action'];
if (!isset($_POST['ldap_serverconfig_chooser'])) {
    \OCP\JSON::error(array('message' => $l->t('No configuration specified')));
}
$prefix = (string) $_POST['ldap_serverconfig_chooser'];
$ldapWrapper = new \OCA\User_LDAP\LDAP();
$configuration = new \OCA\User_LDAP\Configuration($prefix);
$con = new \OCA\User_LDAP\Connection($ldapWrapper, '', null);
$con->setConfiguration($configuration->getConfiguration());
$con->ldapConfigurationActive = true;
$con->setIgnoreValidation(true);
$userManager = new \OCA\User_LDAP\User\Manager(\OC::$server->getConfig(), new \OCA\User_LDAP\FilesystemHelper(), new \OCA\User_LDAP\LogWrapper(), \OC::$server->getAvatarManager(), new \OCP\Image(), \OC::$server->getDatabaseConnection(), \OC::$server->getUserManager());
$access = new \OCA\User_LDAP\Access($con, $ldapWrapper, $userManager);
$wizard = new \OCA\User_LDAP\Wizard($configuration, $ldapWrapper, $access);
switch ($action) {
    case 'guessPortAndTLS':
    case 'guessBaseDN':
    case 'detectEmailAttribute':
    case 'detectUserDisplayNameAttribute':
    case 'determineGroupMemberAssoc':
    case 'determineUserObjectClasses':
    case 'determineGroupObjectClasses':
    case 'determineGroupsForUsers':
    case 'determineGroupsForGroups':
 *
 * You should have received a copy of the GNU Affero General Public License, version 3,
 * along with this program.  If not, see <http://www.gnu.org/licenses/>
 *
 */
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$l = \OC::$server->getL10N('user_ldap');
$ldapWrapper = new OCA\User_LDAP\LDAP();
$connection = new \OCA\User_LDAP\Connection($ldapWrapper, '', null);
//needs to be true, otherwise it will also fail with an irritating message
$_POST['ldap_configuration_active'] = 1;
try {
    if ($connection->setConfiguration($_POST)) {
        //Configuration is okay
        if ($connection->bind()) {
            /*
             * This shiny if block is an ugly hack to find out whether anonymous
             * bind is possible on AD or not. Because AD happily and constantly
             * replies with success to any anonymous bind request, we need to
             * fire up a broken operation. If AD does not allow anonymous bind,
             * it will end up with LDAP error code 1 which is turned into an
             * exception by the LDAP wrapper. We catch this. Other cases may
             * pass (like e.g. expected syntax error).
             */
            try {
                $ldapWrapper->read($connection->getConnectionResource(), '', 'objectClass=*', array('dn'));
            } catch (\Exception $e) {
                if ($e->getCode() === 1) {