protected function execute(InputInterface $input, OutputInterface $output)
{
$configPrefix = $input->getArgument('configID');
$success = $this->helper->deleteServerConfiguration($configPrefix);
if ($success) {
$output->writeln("Deleted configuration with configID '{$configPrefix}'");
} else {
$output->writeln("Cannot delete configuration with configID '{$configPrefix}'");
}
}
/**
* checks whether the setup allows reliable checking of LDAP user existence
* @throws \Exception
* @return true
*/
protected function isAllowed($force)
{
if ($this->helper->haveDisabledConfigurations() && !$force) {
throw new \Exception('Cannot check user existence, because ' . 'disabled LDAP configurations are present.');
}
// we don't check ldapUserCleanupInterval from config.php because this
// action is triggered manually, while the setting only controls the
// background job.
return true;
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$helper = new Helper();
$availableConfigs = $helper->getServerConfigurationPrefixes();
$configID = $input->getArgument('configID');
if (!in_array($configID, $availableConfigs)) {
$output->writeln("Invalid configID");
return;
}
$this->setValue($configID, $input->getArgument('configKey'), $input->getArgument('configValue'));
}
protected function getNewConfigurationPrefix()
{
$serverConnections = $this->helper->getServerConfigurationPrefixes();
// first connection uses no prefix
if (sizeof($serverConnections) == 0) {
return '';
}
sort($serverConnections);
$lastKey = array_pop($serverConnections);
$lastNumber = intval(str_replace('s', '', $lastKey));
$nextPrefix = 's' . str_pad($lastNumber + 1, 2, '0', STR_PAD_LEFT);
return $nextPrefix;
}
public function testTableTruncate()
{
$statement = \OCP\DB::prepare('INSERT INTO `*PREFIX*ldap_user_mapping` (`ldap_dn`, `owncloud_name`, `directory_uuid`) VALUES (?, ?, ?)');
$statement->execute(array('db01', 'oc1', '000-0000-0000'));
$statement->execute(array('db02', 'oc2', '000-0000-0001'));
$statement = \OCP\DB::prepare('SELECT count(*) FROM `*PREFIX*ldap_user_mapping`');
$result = $statement->execute();
$this->assertEquals(2, $result->fetchOne());
$helper = new Helper();
$helper->clearMapping('user');
$result = $statement->execute();
$this->assertEquals(0, $result->fetchOne());
}
/**
* Constructor
* @param ILDAPWrapper $ldap
* @param string $configPrefix a string with the prefix for the configkey column (appconfig table)
* @param string|null $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections
*/
public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap')
{
parent::__construct($ldap);
$this->configPrefix = $configPrefix;
$this->configID = $configID;
$this->configuration = new Configuration($configPrefix, !is_null($configID));
$memcache = \OC::$server->getMemCacheFactory();
if ($memcache->isAvailable()) {
$this->cache = $memcache->create();
}
$this->hasPagedResultSupport = $this->ldap->hasPagedResultSupport();
$helper = new Helper();
$this->doNotValidate = !in_array($this->configPrefix, $helper->getServerConfigurationPrefixes());
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$availableConfigs = $this->helper->getServerConfigurationPrefixes();
$configID = $input->getArgument('configID');
if (!is_null($configID)) {
$configIDs[] = $configID;
if (!in_array($configIDs[0], $availableConfigs)) {
$output->writeln("Invalid configID");
return;
}
} else {
$configIDs = $availableConfigs;
}
$this->renderConfigs($configIDs, $output, $input->getOption('show-password'));
}
/**
* checks whether cleaning up LDAP users is allowed
* @return bool
*/
public function isCleanUpAllowed()
{
try {
if ($this->ldapHelper->haveDisabledConfigurations()) {
return false;
}
} catch (\Exception $e) {
return false;
}
$enabled = $this->isCleanUpEnabled();
return $enabled;
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$helper = new Helper();
$configPrefixes = $helper->getServerConfigurationPrefixes(true);
$ldapWrapper = new LDAP();
$offset = intval($input->getOption('offset'));
$limit = intval($input->getOption('limit'));
$this->validateOffsetAndLimit($offset, $limit);
if ($input->getOption('group')) {
$proxy = new Group_Proxy($configPrefixes, $ldapWrapper);
$getMethod = 'getGroups';
$printID = false;
} else {
$proxy = new User_Proxy($configPrefixes, $ldapWrapper, $this->ocConfig);
$getMethod = 'getDisplayNames';
$printID = true;
}
$result = $proxy->{$getMethod}($input->getArgument('search'), $limit, $offset);
foreach ($result as $id => $name) {
$line = $name . ($printID ? ' (' . $id . ')' : '');
$output->writeln($line);
}
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$helper = new Helper();
$availableConfigs = $helper->getServerConfigurationPrefixes();
$configID = $input->getArgument('configID');
if (!in_array($configID, $availableConfigs)) {
$output->writeln("Invalid configID");
return;
}
$result = $this->testConfig($configID);
if ($result === 0) {
$output->writeln('The configuration is valid and the connection could be established!');
} else {
if ($result === 1) {
$output->writeln('The configuration is invalid. Please have a look at the logs for further details.');
} else {
if ($result === 2) {
$output->writeln('The configuration is valid, but the Bind failed. Please check the server settings and credentials.');
} else {
$output->writeln('Your LDAP server was kidnapped by aliens.');
}
}
}
}
/**
* ownCloud - user_ldap
*
* @author Arthur Schiwon
* @copyright 2013 Arthur Schiwon blizzz@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$subject = $_POST['ldap_clear_mapping'];
if (\OCA\user_ldap\lib\Helper::clearMapping($subject)) {
OCP\JSON::success();
} else {
$l = OC_L10N::get('user_ldap');
OCP\JSON::error(array('message' => $l->t('Failed to clear the mappings.')));
}
/**
* tries to determine a base dn from User DN or LDAP Host
* @return WizardResult|false WizardResult on success, false otherwise
*/
public function guessBaseDN()
{
if (!$this->checkRequirements(array('ldapHost', 'ldapPort'))) {
return false;
}
//check whether a DN is given in the agent name (99.9% of all cases)
$base = null;
$i = stripos($this->configuration->ldapAgentName, 'dc=');
if ($i !== false) {
$base = substr($this->configuration->ldapAgentName, $i);
if ($this->testBaseDN($base)) {
$this->applyFind('ldap_base', $base);
return $this->result;
}
}
//this did not help :(
//Let's see whether we can parse the Host URL and convert the domain to
//a base DN
$helper = new Helper();
$domain = $helper->getDomainFromURL($this->configuration->ldapHost);
if (!$domain) {
return false;
}
$dparts = explode('.', $domain);
while (count($dparts) > 0) {
$base2 = 'dc=' . implode(',dc=', $dparts);
if ($base !== $base2 && $this->testBaseDN($base2)) {
$this->applyFind('ldap_base', $base2);
return $this->result;
}
array_shift($dparts);
}
return false;
}
/**
* @return \OCA\user_ldap\GROUP_LDAP|\OCA\user_ldap\Group_Proxy
*/
private static function getGroupBE()
{
if (!is_null(self::$groupBE)) {
return self::$groupBE;
}
$helper = new Helper();
$configPrefixes = $helper->getServerConfigurationPrefixes(true);
$ldapWrapper = new LDAP();
if (count($configPrefixes) === 1) {
//avoid the proxy when there is only one LDAP server configured
$dbc = \OC::$server->getDatabaseConnection();
$userManager = new user\Manager(\OC::$server->getConfig(), new FilesystemHelper(), new LogWrapper(), \OC::$server->getAvatarManager(), new \OCP\Image(), $dbc);
$connector = new Connection($ldapWrapper, $configPrefixes[0]);
$ldapAccess = new Access($connector, $ldapWrapper, $userManager);
$groupMapper = new GroupMapping($dbc);
$userMapper = new UserMapping($dbc);
$ldapAccess->setGroupMapper($groupMapper);
$ldapAccess->setUserMapper($userMapper);
self::$groupBE = new \OCA\user_ldap\GROUP_LDAP($ldapAccess);
} else {
self::$groupBE = new \OCA\user_ldap\Group_Proxy($configPrefixes, $ldapWrapper);
}
return self::$groupBE;
}
<?php /** * Copyright (c) 2014 Arthur Schiwon <*****@*****.**> * This file is licensed under the Affero General Public License version 3 or * later. * See the COPYING-README file. */ use OCA\user_ldap\lib\Helper; use OCA\user_ldap\lib\LDAP; use OCA\user_ldap\User_Proxy; $application->add(new OCA\user_ldap\Command\ShowConfig()); $application->add(new OCA\user_ldap\Command\SetConfig()); $application->add(new OCA\user_ldap\Command\TestConfig()); $application->add(new OCA\user_ldap\Command\Search()); $application->add(new OCA\user_ldap\Command\ShowRemnants()); $helper = new OCA\user_ldap\lib\Helper(); $uBackend = new OCA\user_ldap\User_Proxy($helper->getServerConfigurationPrefixes(true), new OCA\user_ldap\lib\LDAP()); $application->add(new OCA\user_ldap\Command\CheckUser($uBackend, $helper, \OC::$server->getConfig()));
* it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ use OCA\user_ldap\lib\Helper; use OCA\user_ldap\lib\LDAP; use OCA\user_ldap\User_Proxy; use OCA\User_LDAP\Mapping\UserMapping; use OCA\User_LDAP\lib\User\DeletedUsersIndex; $dbConnection = \OC::$server->getDatabaseConnection(); $userMapping = new UserMapping($dbConnection); $helper = new Helper(); $ocConfig = \OC::$server->getConfig(); $uBackend = new User_Proxy($helper->getServerConfigurationPrefixes(true), new LDAP(), $ocConfig); $deletedUsersIndex = new DeletedUsersIndex($ocConfig, $dbConnection, $userMapping); $application->add(new OCA\user_ldap\Command\ShowConfig($helper)); $application->add(new OCA\user_ldap\Command\SetConfig()); $application->add(new OCA\user_ldap\Command\TestConfig()); $application->add(new OCA\user_ldap\Command\CreateEmptyConfig($helper)); $application->add(new OCA\user_ldap\Command\DeleteConfig($helper)); $application->add(new OCA\user_ldap\Command\Search($ocConfig)); $application->add(new OCA\user_ldap\Command\ShowRemnants($deletedUsersIndex, \OC::$server->getDateTimeFormatter())); $application->add(new OCA\user_ldap\Command\CheckUser($uBackend, $helper, $deletedUsersIndex, $userMapping));
/**
* ownCloud - user_ldap
*
* @author Arthur Schiwon
* @copyright 2013 Arthur Schiwon blizzz@owncloud.com
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
// Check user and app status
OCP\JSON::checkAdminUser();
OCP\JSON::checkAppEnabled('user_ldap');
OCP\JSON::callCheck();
$prefix = $_POST['ldap_serverconfig_chooser'];
if (\OCA\user_ldap\lib\Helper::deleteServerConfiguration($prefix)) {
OCP\JSON::success();
} else {
$l = \OC::$server->getL10N('user_ldap');
OCP\JSON::error(array('message' => $l->t('Failed to delete the server configuration')));
}
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OC_Util::checkAdminUser();
$params = array('ldap_host', 'ldap_port', 'ldap_backup_host', 'ldap_backup_port', 'ldap_override_main_server', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_turn_off_cert_check', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute', 'ldap_cache_ttl', 'home_folder_naming_rule');
OCP\Util::addscript('user_ldap', 'settings');
OCP\Util::addstyle('user_ldap', 'settings');
// fill template
$tmpl = new OCP\Template('user_ldap', 'settings');
$prefixes = \OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes();
$tmpl->assign('serverConfigurationPrefixes', $prefixes);
// assign default values
if (!isset($ldap)) {
$ldap = new \OCA\user_ldap\lib\Connection();
}
$defaults = $ldap->getDefaults();
foreach ($defaults as $key => $default) {
$tmpl->assign($key . '_default', $default);
}
// $tmpl->assign();
return $tmpl->fetchPage();
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
OC_Util::checkAdminUser();
OCP\Util::addScript('user_ldap', 'ldapFilter');
OCP\Util::addScript('user_ldap', 'experiencedAdmin');
OCP\Util::addScript('user_ldap', 'settings');
OCP\Util::addScript('core', 'jquery.multiselect');
OCP\Util::addStyle('user_ldap', 'settings');
OCP\Util::addStyle('core', 'jquery.multiselect');
OCP\Util::addStyle('core', 'jquery-ui-1.10.0.custom');
// fill template
$tmpl = new OCP\Template('user_ldap', 'settings');
$prefixes = \OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes();
$hosts = \OCA\user_ldap\lib\Helper::getServerConfigurationHosts();
$wizardHtml = '';
$toc = array();
$wControls = new OCP\Template('user_ldap', 'part.wizardcontrols');
$wControls = $wControls->fetchPage();
$sControls = new OCP\Template('user_ldap', 'part.settingcontrols');
$sControls = $sControls->fetchPage();
$l = \OC_L10N::get('user_ldap');
$wizTabs = array();
$wizTabs[] = array('tpl' => 'part.wizard-server', 'cap' => $l->t('Server'));
$wizTabs[] = array('tpl' => 'part.wizard-userfilter', 'cap' => $l->t('User Filter'));
$wizTabs[] = array('tpl' => 'part.wizard-loginfilter', 'cap' => $l->t('Login Filter'));
$wizTabs[] = array('tpl' => 'part.wizard-groupfilter', 'cap' => $l->t('Group Filter'));
for ($i = 0; $i < count($wizTabs); $i++) {
$tab = new OCP\Template('user_ldap', $wizTabs[$i]['tpl']);
if ($i === 0) {
/**
* listens to a hook thrown by server2server sharing and replaces the given
* login name by a username, if it matches an LDAP user.
*
* @param array $param
* @throws \Exception
*/
public static function loginName2UserName($param)
{
if (!isset($param['uid'])) {
throw new \Exception('key uid is expected to be set in $param');
}
//ain't it ironic?
$helper = new Helper();
$configPrefixes = $helper->getServerConfigurationPrefixes(true);
$ldapWrapper = new LDAP();
$ocConfig = \OC::$server->getConfig();
$userBackend = new User_Proxy($configPrefixes, $ldapWrapper, $ocConfig);
$uid = $userBackend->loginName2UserName($param['uid']);
if ($uid !== false) {
$param['uid'] = $uid;
}
}