From: Jakob Sack Date: Mon, 18 Apr 2011 09:39:29 +0000 (+0200) Subject: Added tons of Hooks to OC_USER and OC_GROUP X-Git-Tag: v3.0~267^2~558^2~69 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=b37fb9142f095b893db818437f8b42b58377f444;p=nextcloud-server.git Added tons of Hooks to OC_USER and OC_GROUP --- diff --git a/lib/User/backend.php b/lib/User/backend.php index 811e0cd75d1..e99016a5214 100644 --- a/lib/User/backend.php +++ b/lib/User/backend.php @@ -30,13 +30,14 @@ abstract class OC_USER_BACKEND { /** * @brief Create a new user - * @param $username The username of the user to create + * @param $uid The username of the user to create * @param $password The password of the new user * @returns true/false * - * Creates a new user + * Creates a new user. Basic checking of username is done in OC_USER + * itself, not in its subclasses. */ - public static function createUser($username, $password){} + public static function createUser($uid, $password){} /** * @brief delete a user diff --git a/lib/User/database.php b/lib/User/database.php index 2487d29c1c4..a0d06d63074 100644 --- a/lib/User/database.php +++ b/lib/User/database.php @@ -43,23 +43,24 @@ class OC_USER_DATABASE extends OC_USER_BACKEND { /** * @brief Create a new user - * @param $username The username of the user to create + * @param $uid The username of the user to create * @param $password The password of the new user * @returns true/false * - * Creates a new user + * Creates a new user. Basic checking of username is done in OC_USER + * itself, not in its subclasses. */ - public static function createUser( $username, $password ){ + public static function createUser( $uid, $password ){ // Check if the user already exists $query = OC_DB::prepare( "SELECT * FROM `*PREFIX*users` WHERE uid = ?" ); - $result = $query->execute( array( $username )); + $result = $query->execute( array( $uid )); if ( $result->numRows() > 0 ){ return false; } else{ $query = OC_DB::prepare( "INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )" ); - $result = $query->execute( array( $username, sha1( $password ))); + $result = $query->execute( array( $uid, sha1( $password ))); return $result ? true : false; } diff --git a/lib/group.php b/lib/group.php index 21f82cd81ce..ef8b7cecfb2 100644 --- a/lib/group.php +++ b/lib/group.php @@ -22,6 +22,16 @@ /** * This class provides all methods needed for managing groups. + * + * Hooks provided: + * pre_createGroup(&run, gid) + * post_createGroup(gid) + * pre_deleteGroup(&run, gid) + * post_deleteGroup(gid) + * pre_addToGroup(&run, uid, gid) + * post_addToGroup(uid, gid) + * pre_removeFromGroup(&run, uid, gid) + * post_removeFromGroup(uid, gid) */ class OC_GROUP { // The backend used for user management @@ -84,10 +94,26 @@ class OC_GROUP { * @returns true/false * * Trys to create a new group. If the group name already exists, false will - * be returned. + * be returned. Basic checking of Group name + * + * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-" */ public static function createGroup( $gid ){ - return self::$_backend->createGroup($gid); + // Check the name for bad characters + // Allowed are: "a-z", "A-Z", "0-9" and "_.@-" + if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $gid )){ + return false; + } + $run = true; + OC_HOOK::emit( "OC_GROUP", "pre_createGroup", array( "run" => &$run, "gid" => $gid )); + + if( $run && self::$_backend->createGroup( $gid )){ + OC_HOOK::emit( "OC_GROUP", "post_createGroup", array( "gid" => $gid )); + return true; + } + else{ + return false; + } } /** @@ -98,7 +124,16 @@ class OC_GROUP { * Deletes a group and removes it from the group_user-table */ public static function deleteGroup( $gid ){ - return self::$_backend->deleteGroup($gid); + $run = true; + OC_HOOK::emit( "OC_GROUP", "pre_deleteGroup", array( "run" => &$run, "gid" => $gid )); + + if( $run && self::$_backend->deleteGroup( $gid )){ + OC_HOOK::emit( "OC_GROUP", "post_deleteGroup", array( "gid" => $gid )); + return true; + } + else{ + return false; + } } /** @@ -122,7 +157,16 @@ class OC_GROUP { * Adds a user to a group. */ public static function addToGroup( $uid, $gid ){ - return self::$_backend->addToGroup($uid, $gid); + $run = true; + OC_HOOK::emit( "OC_GROUP", "pre_addToGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid )); + + if( $run && self::$_backend->addToGroup( $uid, $gid )){ + OC_HOOK::emit( "OC_GROUP", "post_addToGroup", array( "uid" => $uid, "gid" => $gid )); + return true; + } + else{ + return false; + } } /** @@ -134,7 +178,16 @@ class OC_GROUP { * removes the user from a group. */ public static function removeFromGroup( $uid, $gid ){ - return self::$_backend->removeFromGroup($uid, $gid); + $run = true; + OC_HOOK::emit( "OC_GROUP", "pre_removeFromGroup", array( "run" => &$run, "uid" => $uid, "gid" => $gid )); + + if( $run && self::$_backend->removeFromGroup( $uid, $gid )){ + OC_HOOK::emit( "OC_GROUP", "post_removeFromGroup", array( "uid" => $uid, "gid" => $gid )); + return true; + } + else{ + return false; + } } /** diff --git a/lib/user.php b/lib/user.php index 10f08576d4c..82b012f3a5c 100644 --- a/lib/user.php +++ b/lib/user.php @@ -26,6 +26,17 @@ if( !OC_CONFIG::getValue( "installed", false )){ /** * This class provides all methods for user management. + * + * Hooks provided: + * pre_createUser(&run, uid, password) + * post_createUser(uid, password) + * pre_deleteUser(&run, uid) + * post_deleteUser(uid) + * pre_setPassword(&run, uid, password) + * post_setPassword(uid, password) + * pre_login(&run, uid) + * post_login(uid) + * logout() */ class OC_USER { // The backend used for user management @@ -88,14 +99,31 @@ class OC_USER { /** * @brief Create a new user - * @param $username The username of the user to create + * @param $uid The username of the user to create * @param $password The password of the new user * @returns true/false * - * Creates a new user + * Creates a new user. Basic checking of username is done in OC_USER + * itself, not in its subclasses. + * + * Allowed characters in the username are: "a-z", "A-Z", "0-9" and "_.@-" */ - public static function createUser( $username, $password ){ - return self::$_backend->createUser( $username, $password ); + public static function createUser( $uid, $password ){ + // Check the name for bad characters + // Allowed are: "a-z", "A-Z", "0-9" and "_.@-" + if( preg_match( '/[^a-zA-Z0-9 _\.@\-]/', $uid )){ + return false; + } + $run = true; + OC_HOOK::emit( "OC_USER", "pre_createUser", array( "run" => &$run, "uid" => $uid, "password" => $password )); + + if( $run && self::$_backend->createUser( $uid, $password )){ + OC_HOOK::emit( "OC_USER", "post_createUser", array( "uid" => $uid, "password" => $password )); + return true; + } + else{ + return false; + } } /** @@ -106,7 +134,16 @@ class OC_USER { * Deletes a user */ public static function deleteUser( $uid ){ - return self::$_backend->deleteUser( $uid ); + $run = true; + OC_HOOK::emit( "OC_USER", "pre_deleteUser", array( "run" => &$run, "uid" => $uid )); + + if( $run && self::$_backend->deleteUser( $uid )){ + OC_HOOK::emit( "OC_USER", "post_deleteUser", array( "uid" => $uid )); + return true; + } + else{ + return false; + } } /** @@ -118,7 +155,16 @@ class OC_USER { * Log in a user - if the password is ok */ public static function login( $uid, $password ){ - return self::$_backend->login( $uid, $password ); + $run = true; + OC_HOOK::emit( "OC_USER", "pre_login", array( "run" => &$run, "uid" => $uid )); + + if( $run && self::$_backend->login( $uid, $password )){ + OC_HOOK::emit( "OC_USER", "post_login", array( "uid" => $uid )); + return true; + } + else{ + return false; + } } /** @@ -128,6 +174,7 @@ class OC_USER { * Logout, destroys session */ public static function logout(){ + OC_HOOK::emit( "OC_USER", "logout", array()); return self::$_backend->logout(); } @@ -160,7 +207,16 @@ class OC_USER { * Change the password of a user */ public static function setPassword( $uid, $password ){ - return self::$_backend->setPassword( $uid, $password ); + $run = true; + OC_HOOK::emit( "OC_USER", "pre_setPassword", array( "run" => &$run, "uid" => $uid, "password" => $password )); + + if( $run && self::$_backend->setPassword( $uid, $password )){ + OC_HOOK::emit( "OC_USER", "post_setPassword", array( "uid" => $uid, "password" => $password )); + return true; + } + else{ + return false; + } } /**