]> source.dussan.org Git - nextcloud-server.git/commitdiff
single squashed commit for bug fix 20175/head
authorPhilipp Staiger <philipp@staiger.it>
Thu, 26 Mar 2020 08:01:35 +0000 (09:01 +0100)
committerbackportbot[bot] <backportbot[bot]@users.noreply.github.com>
Thu, 26 Mar 2020 10:30:50 +0000 (10:30 +0000)
Signed-off-by: Philipp Staiger <philipp@staiger.it>
apps/user_ldap/lib/User/User.php

index dea5d91c0ce0b28758faccc54f7989a571380203..467d5ca025ba6533b97397df42a420405000f0b1 100644 (file)
@@ -125,7 +125,7 @@ class User {
                IConfig $config, FilesystemHelper $fs, Image $image,
                LogWrapper $log, IAvatarManager $avatarManager, IUserManager $userManager,
                INotificationManager $notificationManager) {
-       
+
                if ($username === null) {
                        $log->log("uid for '$dn' must not be null!", ILogger::ERROR);
                        throw new \InvalidArgumentException('uid must not be null!');
@@ -683,7 +683,7 @@ class User {
         * @throws \OC\ServerNotAvailableException
         */
        public function updateExtStorageHome(string $valueFromLDAP = null):string {
-               if($valueFromLDAP === null) {
+               if ($valueFromLDAP === null) {
                        $extHomeValues = $this->access->readAttribute($this->getDN(), $this->connection->ldapExtStorageHomeAttribute);
                } else {
                        $extHomeValues = [$valueFromLDAP];
@@ -709,21 +709,21 @@ class User {
                        return;//password expiry handling disabled
                }
                $uid = $params['uid'];
-               if(isset($uid) && $uid === $this->getUsername()) {
+               if (isset($uid) && $uid === $this->getUsername()) {
                        //retrieve relevant user attributes
                        $result = $this->access->search('objectclass=*', array($this->dn), ['pwdpolicysubentry', 'pwdgraceusetime', 'pwdreset', 'pwdchangedtime']);
-                       
-                       if(array_key_exists('pwdpolicysubentry', $result[0])) {
+
+                       if (array_key_exists('pwdpolicysubentry', $result[0])) {
                                $pwdPolicySubentry = $result[0]['pwdpolicysubentry'];
-                               if($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){
+                               if ($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){
                                        $ppolicyDN = $pwdPolicySubentry[0];//custom ppolicy DN
                                }
                        }
-                       
-                       $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : null;
-                       $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : null;
-                       $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : null;
-                       
+
+                       $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : [];
+                       $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : [];
+                       $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : [];
+
                        //retrieve relevant password policy attributes
                        $cacheKey = 'ppolicyAttributes' . $ppolicyDN;
                        $result = $this->connection->getFromCache($cacheKey);
@@ -731,17 +731,15 @@ class User {
                                $result = $this->access->search('objectclass=*', array($ppolicyDN), ['pwdgraceauthnlimit', 'pwdmaxage', 'pwdexpirewarning']);
                                $this->connection->writeToCache($cacheKey, $result);
                        }
-                       
-                       $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : null;
-                       $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : null;
-                       $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : null;
-                       
+
+                       $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : [];
+                       $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : [];
+                       $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : [];
+
                        //handle grace login
-                       $pwdGraceUseTimeCount = count($pwdGraceUseTime);
-                       if($pwdGraceUseTime && $pwdGraceUseTimeCount > 0) { //was this a grace login?
-                               if($pwdGraceAuthNLimit 
-                                       && (count($pwdGraceAuthNLimit) > 0)
-                                       &&($pwdGraceUseTimeCount < (int)$pwdGraceAuthNLimit[0])) { //at least one more grace login available?
+                       if (!empty($pwdGraceUseTime)) { //was this a grace login?
+                               if (!empty($pwdGraceAuthNLimit)
+                                       && count($pwdGraceUseTime) < (int)$pwdGraceAuthNLimit[0]) { //at least one more grace login available?
                                        $this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true');
                                        header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute(
                                        'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid)));
@@ -752,24 +750,24 @@ class User {
                                exit();
                        }
                        //handle pwdReset attribute
-                       if($pwdReset && (count($pwdReset) > 0) && $pwdReset[0] === 'TRUE') { //user must change his password
+                       if (!empty($pwdReset) && $pwdReset[0] === 'TRUE') { //user must change his password
                                $this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true');
                                header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute(
                                'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid)));
                                exit();
                        }
                        //handle password expiry warning
-                       if($pwdChangedTime && (count($pwdChangedTime) > 0)) {
-                               if($pwdMaxAge && (count($pwdMaxAge) > 0)
-                                       && $pwdExpireWarning && (count($pwdExpireWarning) > 0)) {
+                       if (!empty($pwdChangedTime)) {
+                               if (!empty($pwdMaxAge)
+                                       && !empty($pwdExpireWarning)) {
                                        $pwdMaxAgeInt = (int)$pwdMaxAge[0];
                                        $pwdExpireWarningInt = (int)$pwdExpireWarning[0];
-                                       if($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){
+                                       if ($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){
                                                $pwdChangedTimeDt = \DateTime::createFromFormat('YmdHisZ', $pwdChangedTime[0]);
                                                $pwdChangedTimeDt->add(new \DateInterval('PT'.$pwdMaxAgeInt.'S'));
                                                $currentDateTime = new \DateTime();
                                                $secondsToExpiry = $pwdChangedTimeDt->getTimestamp() - $currentDateTime->getTimestamp();
-                                               if($secondsToExpiry <= $pwdExpireWarningInt) {
+                                               if ($secondsToExpiry <= $pwdExpireWarningInt) {
                                                        //remove last password expiry warning if any
                                                        $notification = $this->notificationManager->createNotification();
                                                        $notification->setApp('user_ldap')
@@ -782,7 +780,7 @@ class User {
                                                        $notification->setApp('user_ldap')
                                                                ->setUser($uid)
                                                                ->setDateTime($currentDateTime)
-                                                               ->setObject('pwd_exp_warn', $uid) 
+                                                               ->setObject('pwd_exp_warn', $uid)
                                                                ->setSubject('pwd_exp_warn_days', [(int) ceil($secondsToExpiry / 60 / 60 / 24)])
                                                        ;
                                                        $this->notificationManager->notify($notification);