OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $l = \OC::$server->getL10N('user_ldap'); if (!isset($_POST['action'])) { \OCP\JSON::error(array('message' => $l->t('No action specified'))); } $action = (string) $_POST['action']; if (!isset($_POST['ldap_serverconfig_chooser'])) { \OCP\JSON::error(array('message' => $l->t('No configuration specified'))); } $prefix = (string) $_POST['ldap_serverconfig_chooser']; $ldapWrapper = new \OCA\User_LDAP\LDAP(); $configuration = new \OCA\User_LDAP\Configuration($prefix); $con = new \OCA\User_LDAP\Connection($ldapWrapper, '', null); $con->setConfiguration($configuration->getConfiguration()); $con->ldapConfigurationActive = true; $con->setIgnoreValidation(true); $userManager = new \OCA\User_LDAP\User\Manager(\OC::$server->getConfig(), new \OCA\User_LDAP\FilesystemHelper(), new \OCA\User_LDAP\LogWrapper(), \OC::$server->getAvatarManager(), new \OCP\Image(), \OC::$server->getDatabaseConnection(), \OC::$server->getUserManager()); $access = new \OCA\User_LDAP\Access($con, $ldapWrapper, $userManager); $wizard = new \OCA\User_LDAP\Wizard($configuration, $ldapWrapper, $access); switch ($action) { case 'guessPortAndTLS': case 'guessBaseDN': case 'detectEmailAttribute': case 'detectUserDisplayNameAttribute': case 'determineGroupMemberAssoc': case 'determineUserObjectClasses': case 'determineGroupObjectClasses': case 'determineGroupsForUsers': case 'determineGroupsForGroups':
* * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ // Check user and app status OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $l = \OC::$server->getL10N('user_ldap'); $ldapWrapper = new OCA\User_LDAP\LDAP(); $connection = new \OCA\User_LDAP\Connection($ldapWrapper, '', null); //needs to be true, otherwise it will also fail with an irritating message $_POST['ldap_configuration_active'] = 1; try { if ($connection->setConfiguration($_POST)) { //Configuration is okay if ($connection->bind()) { /* * This shiny if block is an ugly hack to find out whether anonymous * bind is possible on AD or not. Because AD happily and constantly * replies with success to any anonymous bind request, we need to * fire up a broken operation. If AD does not allow anonymous bind, * it will end up with LDAP error code 1 which is turned into an * exception by the LDAP wrapper. We catch this. Other cases may * pass (like e.g. expected syntax error). */ try { $ldapWrapper->read($connection->getConnectionResource(), '', 'objectClass=*', array('dn')); } catch (\Exception $e) { if ($e->getCode() === 1) {