Added tons of Hooks to OC_USER and OC_GROUP

diff --git a/lib/User/backend.php b/lib/User/backend.php
index 811e0cd75d1b8d41846071cea67d6cfa00454c5b..e99016a5214b5ddd1e48793d0b9e38a023358016 100644 (file)
--- a/lib/User/backend.php
+++ b/lib/User/backend.php
@@ -30,13 +30,14 @@ abstract class OC_USER_BACKEND {
 
        /**
         * @brief Create a new user
-        * @param $username The username of the user to create
+        * @param $uid The username of the user to create
         * @param $password The password of the new user
         * @returns true/false
         *
-        * Creates a new user
+        * Creates a new user. Basic checking of username is done in OC_USER
+        * itself, not in its subclasses.
         */
-       public static function createUser($username, $password){}
+       public static function createUser($uid, $password){}
 
        /**
         * @brief delete a user

diff --git a/lib/User/database.php b/lib/User/database.php
index 2487d29c1c4357c495dd844ef389e8335befa2a8..a0d06d63074fe9b541343046fc7243aad9e0675b 100644 (file)
--- a/lib/User/database.php
+++ b/lib/User/database.php
@@ -43,23 +43,24 @@ class OC_USER_DATABASE extends OC_USER_BACKEND {
 
        /**
         * @brief Create a new user
-        * @param $username The username of the user to create
+        * @param $uid The username of the user to create
         * @param $password The password of the new user
         * @returns true/false
         *
-        * Creates a new user
+        * Creates a new user. Basic checking of username is done in OC_USER
+        * itself, not in its subclasses.
         */
-       public static function createUser( $username, $password ){
+       public static function createUser( $uid, $password ){
                // Check if the user already exists
                $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" );
-               $result = $query->execute( array( $username ));
+               $result = $query->execute( array( $uid ));
 
                if ( $result->numRows() > 0 ){
                        return false;
                }
                else{
                        $query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" );
-                       $result = $query->execute( array( $username, sha1( $password )));
+                       $result = $query->execute( array( $uid, sha1( $password )));
 
                        return $result ? true : false;
                }

diff --git a/lib/group.php b/lib/group.php
index 21f82cd81ce7792d5232afb87bd7b55c3ff37b4b..ef8b7cecfb238de308a7799f7df5c29f7d3d668e 100644 (file)
--- a/lib/group.php
+++ b/lib/group.php
@@ -22,6 +22,16 @@
 
 /**
  * This class provides all methods needed for managing groups.
+ *
+ * Hooks provided:
+ *   pre_createGroup(&run, gid)
+ *   post_createGroup(gid)
+ *   pre_deleteGroup(&run, gid)
+ *   post_deleteGroup(gid)
+ *   pre_addToGroup(&run, uid, gid)
+ *   post_addToGroup(uid, gid)
+ *   pre_removeFromGroup(&run, uid, gid)
+ *   post_removeFromGroup(uid, gid)
  */
 class OC_GROUP {
        // The backend used for user management
@@ -84,10 +94,26 @@ class OC_GROUP {
         * @returns true/false
         *
         * Trys to create a new group. If the group name already exists, false will
-        * be returned.
+        * be returned. Basic checking of Group name
+        *
+        * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
         */
        public static function createGroup( $gid ){
-               return self::$_backend->createGroup($gid);
+               // Check the name for bad characters
+               // Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
+               if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $gid )){
+                       return false;
+               }
+               $run = true;
+               OC_HOOK::emit( "OC_GROUP", "pre_createGroup", array( "run" => &$run, "gid" => $gid ));
+
+               if( $run && self::$_backend->createGroup( $gid )){
+                       OC_HOOK::emit( "OC_GROUP", "post_createGroup", array( "gid" => $gid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -98,7 +124,16 @@ class OC_GROUP {
         * Deletes a group and removes it from the group_user-table
         */
        public static function deleteGroup( $gid ){
-               return self::$_backend->deleteGroup($gid);
+               $run = true;
+               OC_HOOK::emit( "OC_GROUP", "pre_deleteGroup", array( "run" => &$run, "gid" => $gid ));
+
+               if( $run && self::$_backend->deleteGroup( $gid )){
+                       OC_HOOK::emit( "OC_GROUP", "post_deleteGroup", array( "gid" => $gid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -122,7 +157,16 @@ class OC_GROUP {
         * Adds a user to a group.
         */
        public static function addToGroup( $uid, $gid ){
-               return self::$_backend->addToGroup($uid, $gid);
+               $run = true;
+               OC_HOOK::emit( "OC_GROUP", "pre_addToGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid ));
+
+               if( $run && self::$_backend->addToGroup( $uid, $gid )){
+                       OC_HOOK::emit( "OC_GROUP", "post_addToGroup", array( "uid" => $uid, "gid" => $gid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -134,7 +178,16 @@ class OC_GROUP {
         * removes the user from a group.
         */
        public static function removeFromGroup( $uid, $gid ){
-               return self::$_backend->removeFromGroup($uid, $gid);
+               $run = true;
+               OC_HOOK::emit( "OC_GROUP", "pre_removeFromGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid ));
+
+               if( $run && self::$_backend->removeFromGroup( $uid, $gid )){
+                       OC_HOOK::emit( "OC_GROUP", "post_removeFromGroup", array( "uid" => $uid, "gid" => $gid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**

diff --git a/lib/user.php b/lib/user.php
index 10f08576d4c44f54a5ced326b1fa90006cd49650..82b012f3a5c72f568e488f5ce2f411398250dfe4 100644 (file)
--- a/lib/user.php
+++ b/lib/user.php
@@ -26,6 +26,17 @@ if( !OC_CONFIG::getValue( "installed", false )){
 
 /**
  * This class provides all methods for user management.
+ *
+ * Hooks provided:
+ *   pre_createUser(&run, uid, password)
+ *   post_createUser(uid, password)
+ *   pre_deleteUser(&run, uid)
+ *   post_deleteUser(uid)
+ *   pre_setPassword(&run, uid, password)
+ *   post_setPassword(uid, password)
+ *   pre_login(&run, uid)
+ *   post_login(uid)
+ *   logout()
  */
 class OC_USER {
        // The backend used for user management
@@ -88,14 +99,31 @@ class OC_USER {
 
        /**
         * @brief Create a new user
-        * @param $username The username of the user to create
+        * @param $uid The username of the user to create
         * @param $password The password of the new user
         * @returns true/false
         *
-        * Creates a new user
+        * Creates a new user. Basic checking of username is done in OC_USER
+        * itself, not in its subclasses.
+        *
+        * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-"
         */
-       public static function createUser( $username, $password ){
-               return self::$_backend->createUser( $username, $password );
+       public static function createUser( $uid, $password ){
+               // Check the name for bad characters
+               // Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
+               if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $uid )){
+                       return false;
+               }
+               $run = true;
+               OC_HOOK::emit( "OC_USER", "pre_createUser", array( "run" => &$run, "uid" => $uid, "password" => $password ));
+
+               if( $run && self::$_backend->createUser( $uid, $password )){
+                       OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -106,7 +134,16 @@ class OC_USER {
         * Deletes a user
         */
        public static function deleteUser( $uid ){
-               return self::$_backend->deleteUser( $uid );
+               $run = true;
+               OC_HOOK::emit( "OC_USER", "pre_deleteUser", array( "run" => &$run, "uid" => $uid ));
+
+               if( $run && self::$_backend->deleteUser( $uid )){
+                       OC_HOOK::emit( "OC_USER", "post_deleteUser", array( "uid" => $uid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -118,7 +155,16 @@ class OC_USER {
         * Log in a user - if the password is ok
         */
        public static function login( $uid, $password ){
-               return self::$_backend->login( $uid, $password );
+               $run = true;
+               OC_HOOK::emit( "OC_USER", "pre_login", array( "run" => &$run, "uid" => $uid ));
+
+               if( $run && self::$_backend->login( $uid, $password )){
+                       OC_HOOK::emit( "OC_USER", "post_login", array( "uid" => $uid ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**
@@ -128,6 +174,7 @@ class OC_USER {
         * Logout, destroys session
         */
        public static function logout(){
+               OC_HOOK::emit( "OC_USER", "logout", array());
                return self::$_backend->logout();
        }
 
@@ -160,7 +207,16 @@ class OC_USER {
         * Change the password of a user
         */
        public static function setPassword( $uid, $password ){
-               return self::$_backend->setPassword( $uid, $password );
+               $run = true;
+               OC_HOOK::emit( "OC_USER", "pre_setPassword", array( "run" => &$run, "uid" => $uid, "password" => $password ));
+
+               if( $run && self::$_backend->setPassword( $uid, $password )){
+                       OC_HOOK::emit( "OC_USER", "post_setPassword", array( "uid" => $uid, "password" => $password ));
+                       return true;
+               }
+               else{
+                       return false;
+               }
        }
 
        /**