public function testOriginalAgentUnchangedOnClone() { //background: upon login a bind is done with the user credentials //which is valid for the whole LDAP resource. It needs to be reset //to the agent's credentials $lw = $this->getMock('\\OCA\\user_ldap\\lib\\ILDAPWrapper'); $connection = new \OCA\user_ldap\lib\Connection($lw, '', null); $agent = array('ldapAgentName' => 'agent', 'ldapAgentPassword' => '123456'); $connection->setConfiguration($agent); $testConnection = clone $connection; $user = array('ldapAgentName' => 'user', 'ldapAgentPassword' => 'password'); $testConnection->setConfiguration($user); $agentName = $connection->ldapAgentName; $agentPawd = $connection->ldapAgentPassword; $this->assertSame($agentName, $agent['ldapAgentName']); $this->assertSame($agentPawd, $agent['ldapAgentPassword']); }
} catch (\Exception $e) { \OCP\JSON::error(array('message' => $e->getMessage())); exit; } \OCP\JSON::error(); exit; break; case 'save': $key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false; $val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null; if ($key === false || is_null($val)) { \OCP\JSON::error(array('message' => $l->t('No data specified'))); exit; } $cfg = array($key => $val); $setParameters = array(); $configuration->setConfiguration($cfg, $setParameters); if (!in_array($key, $setParameters)) { \OCP\JSON::error(array('message' => $l->t($key . ' Could not set configuration %s', $setParameters[0]))); exit; } $configuration->saveConfiguration(); //clear the cache on save $connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix); $connection->clearCache(); OCP\JSON::success(); break; default: \OCP\JSON::error(array('message' => $l->t('Action does not exist'))); break; }
* License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ // Check user and app status OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $l = OC_L10N::get('user_ldap'); $ldapWrapper = new OCA\user_ldap\lib\LDAP(); $connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null); //needs to be true, otherwise it will also fail with an irritating message $_POST['ldap_configuration_active'] = 1; if ($connection->setConfiguration($_POST)) { //Configuration is okay if ($connection->bind()) { OCP\JSON::success(array('message' => $l->t('The configuration is valid and the connection could be established!'))); } else { OCP\JSON::error(array('message' => $l->t('The configuration is valid, but the Bind failed. Please check the server settings and credentials.'))); } } else { OCP\JSON::error(array('message' => $l->t('The configuration is invalid. Please have a look at the logs for further details.'))); }
/** * @author Arthur Schiwon <*****@*****.**> * @author Christopher Schäpers <*****@*****.**> * @author Lukas Reschke <*****@*****.**> * @author Morris Jobke <*****@*****.**> * * @copyright Copyright (c) 2016, ownCloud, Inc. * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ // Check user and app status OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $prefix = (string) $_POST['ldap_serverconfig_chooser']; $ldapWrapper = new OCA\user_ldap\lib\LDAP(); $connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix); OCP\JSON::success(array('configuration' => $connection->getConfiguration()));
* it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see <http://www.gnu.org/licenses/> * */ // Check user and app status OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $prefix = (string) $_POST['ldap_serverconfig_chooser']; // Checkboxes are not submitted, when they are unchecked. Set them manually. // only legacy checkboxes (Advanced and Expert tab) need to be handled here, // the Wizard-like tabs handle it on their own $chkboxes = array('ldap_configuration_active', 'ldap_override_main_server', 'ldap_turn_off_cert_check'); foreach ($chkboxes as $boxid) { if (!isset($_POST[$boxid])) { $_POST[$boxid] = 0; } } $ldapWrapper = new OCA\user_ldap\lib\LDAP(); $connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix); $connection->setConfiguration($_POST); $connection->saveConfiguration(); OCP\JSON::success();
<?php // Check user and app status OCP\JSON::checkAdminUser(); OCP\JSON::checkAppEnabled('user_ldap'); OCP\JSON::callCheck(); $l = \OC::$server->getL10N('user_ldap'); $ldapWrapper = new OCA\user_ldap\lib\LDAP(); $connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null); //needs to be true, otherwise it will also fail with an irritating message $_POST['ldap_configuration_active'] = 1; try { if ($connection->setConfiguration($_POST)) { //Configuration is okay if ($connection->bind()) { /* * This shiny if block is an ugly hack to find out whether anonymous * bind is possible on AD or not. Because AD happily and constantly * replies with success to any anonymous bind request, we need to * fire up a broken operation. If AD does not allow anonymous bind, * it will end up with LDAP error code 1 which is turned into an * exception by the LDAP wrapper. We catch this. Other cases may * pass (like e.g. expected syntax error). */ try { $ldapWrapper->read($connection->getConnectionResource(), 'neverwhere', 'objectClass=*', array('dn')); } catch (\Exception $e) { if ($e->getCode() === 1) { OCP\JSON::error(array('message' => $l->t('The configuration is invalid: anonymous bind is not allowed.'))); exit; }
* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE * License as published by the Free Software Foundation; either * version 3 of the License, or any later version. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU AFFERO GENERAL PUBLIC LICENSE for more details. * * You should have received a copy of the GNU Affero General Public * License along with this library. If not, see <http://www.gnu.org/licenses/>. * */ OC_Util::checkAdminUser(); $params = array('ldap_host', 'ldap_port', 'ldap_backup_host', 'ldap_backup_port', 'ldap_override_main_server', 'ldap_dn', 'ldap_agent_password', 'ldap_base', 'ldap_base_users', 'ldap_base_groups', 'ldap_userlist_filter', 'ldap_login_filter', 'ldap_group_filter', 'ldap_display_name', 'ldap_group_display_name', 'ldap_tls', 'ldap_turn_off_cert_check', 'ldap_nocase', 'ldap_quota_def', 'ldap_quota_attr', 'ldap_email_attr', 'ldap_group_member_assoc_attribute', 'ldap_cache_ttl', 'home_folder_naming_rule'); OCP\Util::addscript('user_ldap', 'settings'); OCP\Util::addstyle('user_ldap', 'settings'); // fill template $tmpl = new OCP\Template('user_ldap', 'settings'); $prefixes = \OCA\user_ldap\lib\Helper::getServerConfigurationPrefixes(); $tmpl->assign('serverConfigurationPrefixes', $prefixes); // assign default values if (!isset($ldap)) { $ldap = new \OCA\user_ldap\lib\Connection(); } $defaults = $ldap->getDefaults(); foreach ($defaults as $key => $default) { $tmpl->assign($key . '_default', $default); } // $tmpl->assign(); return $tmpl->fetchPage();
$value = empty($_POST[$param]) ? 'opt:username' : 'attr:' . $_POST[$param]; OCP\Config::setAppValue('user_ldap', $param, $value); } else { OCP\Config::setAppValue('user_ldap', $param, $_POST[$param]); } } elseif ('ldap_tls' == $param) { // unchecked checkboxes are not included in the post paramters OCP\Config::setAppValue('user_ldap', $param, 0); } elseif ('ldap_nocase' == $param) { OCP\Config::setAppValue('user_ldap', $param, 0); } elseif ('ldap_turn_off_cert_check' == $param) { OCP\Config::setAppValue('user_ldap', $param, 0); } } if ($clearCache) { $ldap = new \OCA\user_ldap\lib\Connection('user_ldap'); $ldap->clearCache(); } } // fill template $tmpl = new OCP\Template('user_ldap', 'settings'); foreach ($params as $param) { $value = OCP\Config::getAppValue('user_ldap', $param, ''); $tmpl->assign($param, $value); } // settings with default values $tmpl->assign('ldap_port', OCP\Config::getAppValue('user_ldap', 'ldap_port', '389')); $tmpl->assign('ldap_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid')); $tmpl->assign('ldap_group_display_name', OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', 'cn')); $tmpl->assign('ldap_group_member_assoc_attribute', OCP\Config::getAppValue('user_ldap', 'ldap_group_member_assoc_attribute', 'uniqueMember')); $tmpl->assign('ldap_agent_password', base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password')));
$uuid = $groupBE->getUUID($newDN); } try { $updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn'])); } catch (Exception $e) { \OCP\Util::writeLog('user_ldap', 'Could not update ' . $object . ' ' . $dn['ldap_dn'] . ' in the mappings table. ', \OCP\Util::WARN); } } } function escapeDN($dn) { $aDN = ldap_explode_dn($dn, false); unset($aDN['count']); foreach ($aDN as $key => $part) { $value = substr($part, strpos($part, '=') + 1); $escapedValue = strtr($value, array(',' => '\\2c', '=' => '\\3d', '+' => '\\2b', '<' => '\\3c', '>' => '\\3e', ';' => '\\3b', '\\' => '\\5c', '"' => '\\22', '#' => '\\23')); $part = str_replace($part, $value, $escapedValue); } $dn = implode(',', $aDN); return $dn; } // SUPPORTED UPGRADE FROM Version 0.3 (ownCloud 4.5) to 0.4 (ownCloud 5) if (!isset($connector)) { $connector = new \OCA\user_ldap\lib\Connection(); } //it is required, that connections do have ldap_configuration_active setting stored in the database $connector->getConfiguration(); $connector->saveConfiguration(); // we don't save it anymore, was a well-meant bad idea. Clean up database. $query = OC_DB::prepare('DELETE FROM `*PREFIX*preferences` WHERE `appid` = ? AND `configkey` = ?'); $query->execute(array('user_ldap', 'homedir'));