示例#1
0
 /**
  * @brief get a list of all groups
  * @returns array with group names
  *
  * Returns a list with all groups
  */
 public function getGroups()
 {
     if (!$this->configured) {
         return array();
     }
     if (empty($this->_groups)) {
         $ldap_groups = OC_LDAP::fetchListOfGroups($this->ldapGroupFilter, array(OC_LDAP::conf('ldapGroupDisplayName'), 'dn'));
         $this->_groups = OC_LDAP::ownCloudGroupNames($ldap_groups);
     }
     return $this->_groups;
 }
示例#2
0
 /**
  * @brief Get a list of all users
  * @returns array with all uids
  *
  * Get a list of all users.
  */
 public function getUsers()
 {
     if (is_null($this->_users)) {
         $ldap_users = OC_LDAP::fetchListOfUsers($this->ldapUserFilter, array(OC_LDAP::conf('ldapUserDisplayName'), 'dn'));
         $this->_users = OC_LDAP::ownCloudUserNames($ldap_users);
     }
     return $this->_users;
 }
示例#3
0
//from version 0.1 to 0.2
//settings
$pw = OCP\Config::getAppValue('user_ldap', 'ldap_password');
if (!is_null($pw)) {
    $pwEnc = base64_encode($pw);
    OCP\Config::setAppValue('user_ldap', 'ldap_agent_password', $pwEnc);
    OC_Appconfig::deleteKey('user_ldap', 'ldap_password');
}
//detect if we can switch on naming guidelines. We won't do it on conflicts.
//it's a bit spaghetti, but hey.
$state = OCP\Config::getSystemValue('ldapIgnoreNamingRules', 'doCheck');
if ($state == 'doCheck') {
    $sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping';
    require_once OC::$APPSROOT . '/apps/user_ldap/lib_ldap.php';
    require_once OC::$APPSROOT . '/apps/user_ldap/user_ldap.php';
    OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
    $LDAP_USER = new OC_USER_LDAP();
    $users_old = $LDAP_USER->getUsers();
    $query = OCP\DB::prepare($sqlCleanMap);
    $query->execute();
    OCP\Config::setSystemValue('ldapIgnoreNamingRules', false);
    OC_LDAP::init(true);
    $users_new = $LDAP_USER->getUsers();
    $query = OCP\DB::prepare($sqlCleanMap);
    $query->execute();
    if ($users_old !== $users_new) {
        //we don't need to check Groups, because they were not supported in 3'
        OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
    }
}
示例#4
0
 /**
  * Connects and Binds to LDAP
  */
 private static function establishConnection()
 {
     if (!self::$configured) {
         OCP\Util::writeLog('ldap', 'Configuration is invalid, cannot connect', OCP\Util::INFO);
         return false;
     }
     if (!self::$ldapConnectionRes) {
         self::$ldapConnectionRes = ldap_connect(self::$ldapHost, self::$ldapPort);
         if (ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
             if (ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
                 if (self::$ldapTLS) {
                     ldap_start_tls(self::$ldapConnectionRes);
                 }
             }
         }
         $ldapLogin = @ldap_bind(self::$ldapConnectionRes, self::$ldapAgentName, self::$ldapAgentPassword);
         if (!$ldapLogin) {
             OCP\Util::writeLog('ldap', 'Bind failed: ' . ldap_errno(self::$ldapConnectionRes) . ': ' . ldap_error(self::$ldapConnectionRes), OCP\Util::ERROR);
             return false;
         }
     }
 }
示例#5
0
 /**
  * check if a group exists
  * @param string $gid
  * @return bool
  */
 public function groupExists($gid)
 {
     //getting dn, if false the group does not exist. If dn, it may be mapped only, requires more checking.
     $dn = OC_LDAP::groupname2dn($gid);
     if (!$dn) {
         return false;
     }
     //if user really still exists, we will be able to read his cn
     $exists = OC_LDAP::readAttribute($dn, 'objectclass');
     if (!$exists || empty($exists)) {
         return false;
     }
     return true;
 }
示例#6
0
 /**
  * Connects and Binds to LDAP
  */
 private static function establishConnection()
 {
     static $phpLDAPinstalled = true;
     if (!$phpLDAPinstalled) {
         return false;
     }
     if (!self::$configured) {
         OCP\Util::writeLog('ldap', 'Configuration is invalid, cannot connect', OCP\Util::INFO);
         return false;
     }
     if (!self::$ldapConnectionRes) {
         //check if php-ldap is installed
         if (!function_exists('ldap_connect')) {
             $phpLDAPinstalled = false;
             OCP\Util::writeLog('user_ldap', 'function ldap_connect is not available. Make sure that the PHP ldap module is installed.', OCP\Util::ERROR);
             return false;
         }
         self::$ldapConnectionRes = ldap_connect(self::$ldapHost, self::$ldapPort);
         if (ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
             if (ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
                 if (self::$ldapTLS) {
                     ldap_start_tls(self::$ldapConnectionRes);
                 }
             }
         }
         $ldapLogin = @ldap_bind(self::$ldapConnectionRes, self::$ldapAgentName, self::$ldapAgentPassword);
         if (!$ldapLogin) {
             OCP\Util::writeLog('ldap', 'Bind failed: ' . ldap_errno(self::$ldapConnectionRes) . ': ' . ldap_error(self::$ldapConnectionRes), OCP\Util::ERROR);
             return false;
         }
     }
 }
示例#7
0
 /**
  * @brief check if a user exists
  * @param string $uid the username
  * @return boolean
  */
 public function userExists($uid)
 {
     //getting dn, if false the user does not exist. If dn, he may be mapped only, requires more checking.
     $dn = OC_LDAP::username2dn($uid);
     if (!$dn) {
         return false;
     }
     //if user really still exists, we will be able to read his cn
     $cn = OC_LDAP::readAttribute($dn, 'cn');
     if (!$cn || empty($cn)) {
         return false;
     }
     return true;
 }