public function testOriginalAgentUnchangedOnClone()
{
//background: upon login a bind is done with the user credentials
//which is valid for the whole LDAP resource. It needs to be reset
//to the agent's credentials
$lw = $this->getMock('\\OCA\\user_ldap\\lib\\ILDAPWrapper');
$connection = new \OCA\user_ldap\lib\Connection($lw, '', null);
$agent = array('ldapAgentName' => 'agent', 'ldapAgentPassword' => '123456');
$connection->setConfiguration($agent);
$testConnection = clone $connection;
$user = array('ldapAgentName' => 'user', 'ldapAgentPassword' => 'password');
$testConnection->setConfiguration($user);
$agentName = $connection->ldapAgentName;
$agentPawd = $connection->ldapAgentPassword;
$this->assertSame($agentName, $agent['ldapAgentName']);
$this->assertSame($agentPawd, $agent['ldapAgentPassword']);
}
} catch (\Exception $e) {
\OCP\JSON::error(array('message' => $e->getMessage()));
exit;
}
\OCP\JSON::error();
exit;
break;
case 'save':
$key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
$val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
if ($key === false || is_null($val)) {
\OCP\JSON::error(array('message' => $l->t('No data specified')));
exit;
}
$cfg = array($key => $val);
$setParameters = array();
$configuration->setConfiguration($cfg, $setParameters);
if (!in_array($key, $setParameters)) {
\OCP\JSON::error(array('message' => $l->t($key . ' Could not set configuration %s', $setParameters[0])));
exit;
}
$configuration->saveConfiguration();
//clear the cache on save
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
$connection->clearCache();
OCP\JSON::success();
break;
default:
\OCP\JSON::error(array('message' => $l->t('Action does not exist')));
break;
}
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$l = OC_L10N::get('user_ldap');
$ldapWrapper = new OCA\user_ldap\lib\LDAP();
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null);
//needs to be true, otherwise it will also fail with an irritating message
$_POST['ldap_configuration_active'] = 1;
if ($connection->setConfiguration($_POST)) {
//Configuration is okay
if ($connection->bind()) {
OCP\JSON::success(array('message' => $l->t('The configuration is valid and the connection could be established!')));
} else {
OCP\JSON::error(array('message' => $l->t('The configuration is valid, but the Bind failed. Please check the server settings and credentials.')));
}
} else {
OCP\JSON::error(array('message' => $l->t('The configuration is invalid. Please have a look at the logs for further details.')));
}
/**
* @author Arthur Schiwon <*****@*****.**>
* @author Christopher Schäpers <*****@*****.**>
* @author Lukas Reschke <*****@*****.**>
* @author Morris Jobke <*****@*****.**>
*
* @copyright Copyright (c) 2016, ownCloud, Inc.
* @license AGPL-3.0
*
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$prefix = (string) $_POST['ldap_serverconfig_chooser'];
$ldapWrapper = new OCA\user_ldap\lib\LDAP();
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
OCP\JSON::success(array('configuration' => $connection->getConfiguration()));
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$prefix = (string) $_POST['ldap_serverconfig_chooser'];
// Checkboxes are not submitted, when they are unchecked. Set them manually.
// only legacy checkboxes (Advanced and Expert tab) need to be handled here,
// the Wizard-like tabs handle it on their own
$chkboxes = array('ldap_configuration_active', 'ldap_override_main_server', 'ldap_turn_off_cert_check');
foreach ($chkboxes as $boxid) {
if (!isset($_POST[$boxid])) {
$_POST[$boxid] = 0;
}
}
$ldapWrapper = new OCA\user_ldap\lib\LDAP();
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
$connection->setConfiguration($_POST);
$connection->saveConfiguration();
OCP\JSON::success();
<?php
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$l = \OC::$server->getL10N('user_ldap');
$ldapWrapper = new OCA\user_ldap\lib\LDAP();
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null);
//needs to be true, otherwise it will also fail with an irritating message
$_POST['ldap_configuration_active'] = 1;
try {
if ($connection->setConfiguration($_POST)) {
//Configuration is okay
if ($connection->bind()) {
/*
* This shiny if block is an ugly hack to find out whether anonymous
* bind is possible on AD or not. Because AD happily and constantly
* replies with success to any anonymous bind request, we need to
* fire up a broken operation. If AD does not allow anonymous bind,
* it will end up with LDAP error code 1 which is turned into an
* exception by the LDAP wrapper. We catch this. Other cases may
* pass (like e.g. expected syntax error).
*/
try {
$ldapWrapper->read($connection->getConnectionResource(), 'neverwhere', 'objectClass=*', array('dn'));
} catch (\Exception $e) {
if ($e->getCode() === 1) {
OCP\JSON::error(array('message' => $l->t('The configuration is invalid: anonymous bind is not allowed.')));
exit;
}
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OC_Util::checkAdminUser();
$params = array('ldap_host', 'ldap_port', 'ldap_backup_host', 'ldap_backup_port', 'ldap_override_main_server', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_turn_off_cert_check', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute', 'ldap_cache_ttl', 'home_folder_naming_rule');
OCP\Util::addscript('user_ldap', 'settings');
OCP\Util::addstyle('user_ldap', 'settings');
// fill template
$tmpl = new OCP\Template('user_ldap', 'settings');
$prefixes = \OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes();
$tmpl->assign('serverConfigurationPrefixes', $prefixes);
// assign default values
if (!isset($ldap)) {
$ldap = new \OCA\user_ldap\lib\Connection();
}
$defaults = $ldap->getDefaults();
foreach ($defaults as $key => $default) {
$tmpl->assign($key . '_default', $default);
}
// $tmpl->assign();
return $tmpl->fetchPage();
$value = empty($_POST[$param]) ? 'opt:username' : 'attr:' . $_POST[$param];
OCP\Config::setAppValue('user_ldap', $param, $value);
} else {
OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]);
}
} elseif ('ldap_tls' == $param) {
// unchecked checkboxes are not included in the post paramters
OCP\Config::setAppValue('user_ldap', $param, 0);
} elseif ('ldap_nocase' == $param) {
OCP\Config::setAppValue('user_ldap', $param, 0);
} elseif ('ldap_turn_off_cert_check' == $param) {
OCP\Config::setAppValue('user_ldap', $param, 0);
}
}
if ($clearCache) {
$ldap = new \OCA\user_ldap\lib\Connection('user_ldap');
$ldap->clearCache();
}
}
// fill template
$tmpl = new OCP\Template('user_ldap', 'settings');
foreach ($params as $param) {
$value = OCP\Config::getAppValue('user_ldap', $param, '');
$tmpl->assign($param, $value);
}
// settings with default values
$tmpl->assign('ldap_port', OCP\Config::getAppValue('user_ldap', 'ldap_port', '389'));
$tmpl->assign('ldap_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'));
$tmpl->assign('ldap_group_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', 'cn'));
$tmpl->assign('ldap_group_member_assoc_attribute', OCP\Config::getAppValue('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember'));
$tmpl->assign('ldap_agent_password', base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password')));
$uuid = $groupBE->getUUID($newDN);
}
try {
$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
} catch (Exception $e) {
\OCP\Util::writeLog('user_ldap', 'Could not update ' . $object . ' ' . $dn['ldap_dn'] . ' in the mappings table. ', \OCP\Util::WARN);
}
}
}
function escapeDN($dn)
{
$aDN = ldap_explode_dn($dn, false);
unset($aDN['count']);
foreach ($aDN as $key => $part) {
$value = substr($part, strpos($part, '=') + 1);
$escapedValue = strtr($value, array(',' => '\\2c', '=' => '\\3d', '+' => '\\2b', '<' => '\\3c', '>' => '\\3e', ';' => '\\3b', '\\' => '\\5c', '"' => '\\22', '#' => '\\23'));
$part = str_replace($part, $value, $escapedValue);
}
$dn = implode(',', $aDN);
return $dn;
}
// SUPPORTED UPGRADE FROM Version 0.3 (ownCloud 4.5) to 0.4 (ownCloud 5)
if (!isset($connector)) {
$connector = new \OCA\user_ldap\lib\Connection();
}
//it is required, that connections do have ldap_configuration_active setting stored in the database
$connector->getConfiguration();
$connector->saveConfiguration();
// we don't save it anymore, was a well-meant bad idea. Clean up database.
$query = OC_DB::prepare('DELETE FROM `*PREFIX*preferences` WHERE `appid` = ? AND `configkey` = ?');
$query->execute(array('user_ldap', 'homedir'));
