Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>tags/v24.0.0beta3
@@ -50,6 +50,7 @@ A user logs into Nextcloud with their LDAP or AD credentials, and is granted acc | |||
<command>OCA\User_LDAP\Command\CheckUser</command> | |||
<command>OCA\User_LDAP\Command\CreateEmptyConfig</command> | |||
<command>OCA\User_LDAP\Command\DeleteConfig</command> | |||
<command>OCA\User_LDAP\Command\ResetGroup</command> | |||
<command>OCA\User_LDAP\Command\ResetUser</command> | |||
<command>OCA\User_LDAP\Command\Search</command> | |||
<command>OCA\User_LDAP\Command\SetConfig</command> |
@@ -14,6 +14,7 @@ return array( | |||
'OCA\\User_LDAP\\Command\\CheckUser' => $baseDir . '/../lib/Command/CheckUser.php', | |||
'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => $baseDir . '/../lib/Command/CreateEmptyConfig.php', | |||
'OCA\\User_LDAP\\Command\\DeleteConfig' => $baseDir . '/../lib/Command/DeleteConfig.php', | |||
'OCA\\User_LDAP\\Command\\ResetGroup' => $baseDir . '/../lib/Command/ResetGroup.php', | |||
'OCA\\User_LDAP\\Command\\ResetUser' => $baseDir . '/../lib/Command/ResetUser.php', | |||
'OCA\\User_LDAP\\Command\\Search' => $baseDir . '/../lib/Command/Search.php', | |||
'OCA\\User_LDAP\\Command\\SetConfig' => $baseDir . '/../lib/Command/SetConfig.php', |
@@ -29,6 +29,7 @@ class ComposerStaticInitUser_LDAP | |||
'OCA\\User_LDAP\\Command\\CheckUser' => __DIR__ . '/..' . '/../lib/Command/CheckUser.php', | |||
'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => __DIR__ . '/..' . '/../lib/Command/CreateEmptyConfig.php', | |||
'OCA\\User_LDAP\\Command\\DeleteConfig' => __DIR__ . '/..' . '/../lib/Command/DeleteConfig.php', | |||
'OCA\\User_LDAP\\Command\\ResetGroup' => __DIR__ . '/..' . '/../lib/Command/ResetGroup.php', | |||
'OCA\\User_LDAP\\Command\\ResetUser' => __DIR__ . '/..' . '/../lib/Command/ResetUser.php', | |||
'OCA\\User_LDAP\\Command\\Search' => __DIR__ . '/..' . '/../lib/Command/Search.php', | |||
'OCA\\User_LDAP\\Command\\SetConfig' => __DIR__ . '/..' . '/../lib/Command/SetConfig.php', |
@@ -26,9 +26,9 @@ namespace OCA\User_LDAP; | |||
use OCP\GroupInterface; | |||
class GroupPluginManager { | |||
private $respondToActions = 0; | |||
private int $respondToActions = 0; | |||
private $which = [ | |||
private array $which = [ | |||
GroupInterface::CREATE_GROUP => null, | |||
GroupInterface::DELETE_GROUP => null, | |||
GroupInterface::ADD_TO_GROUP => null, | |||
@@ -37,6 +37,8 @@ class GroupPluginManager { | |||
GroupInterface::GROUP_DETAILS => null | |||
]; | |||
private bool $suppressDeletion = false; | |||
/** | |||
* @return int All implemented actions | |||
*/ | |||
@@ -84,6 +86,19 @@ class GroupPluginManager { | |||
throw new \Exception('No plugin implements createGroup in this LDAP Backend.'); | |||
} | |||
public function canDeleteGroup(): bool { | |||
return !$this->suppressDeletion && ($this->which[GroupInterface::DELETE_GROUP] !== null); | |||
} | |||
/** | |||
* @return bool – the value before the change | |||
*/ | |||
public function setSuppressDeletion(bool $value): bool { | |||
$old = $this->suppressDeletion; | |||
$this->suppressDeletion = $value; | |||
return $old; | |||
} | |||
/** | |||
* Delete a group | |||
* @param string $gid Group Id of the group to delete | |||
@@ -94,6 +109,9 @@ class GroupPluginManager { | |||
$plugin = $this->which[GroupInterface::DELETE_GROUP]; | |||
if ($plugin) { | |||
if ($this->suppressDeletion) { | |||
return false; | |||
} | |||
return $plugin->deleteGroup($gid); | |||
} | |||
throw new \Exception('No plugin implements deleteGroup in this LDAP Backend.'); |
@@ -48,10 +48,11 @@ use OC; | |||
use OC\Cache\CappedMemoryCache; | |||
use OC\ServerNotAvailableException; | |||
use OCP\Group\Backend\IGetDisplayNameBackend; | |||
use OCP\Group\Backend\IDeleteGroupBackend; | |||
use OCP\GroupInterface; | |||
use Psr\Log\LoggerInterface; | |||
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend { | |||
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend, IDeleteGroupBackend { | |||
protected $enabled = false; | |||
/** @var string[][] $cachedGroupMembers array of users with gid as key */ | |||
@@ -1204,6 +1205,7 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I | |||
*/ | |||
public function implementsActions($actions) { | |||
return (bool)((GroupInterface::COUNT_USERS | | |||
GroupInterface::DELETE_GROUP | | |||
$this->groupPluginManager->getImplementedActions()) & $actions); | |||
} | |||
@@ -1249,19 +1251,32 @@ class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, I | |||
* delete a group | |||
* | |||
* @param string $gid gid of the group to delete | |||
* @return bool | |||
* @throws Exception | |||
*/ | |||
public function deleteGroup($gid) { | |||
if ($this->groupPluginManager->implementsActions(GroupInterface::DELETE_GROUP)) { | |||
public function deleteGroup(string $gid): bool { | |||
if ($this->groupPluginManager->canDeleteGroup()) { | |||
if ($ret = $this->groupPluginManager->deleteGroup($gid)) { | |||
#delete group in nextcloud internal db | |||
// Delete group in nextcloud internal db | |||
$this->access->getGroupMapper()->unmap($gid); | |||
$this->access->connection->writeToCache("groupExists" . $gid, false); | |||
} | |||
return $ret; | |||
} | |||
throw new Exception('Could not delete group in LDAP backend.'); | |||
// Getting dn, if false the group is not mapped | |||
$dn = $this->access->groupname2dn($gid); | |||
if (!$dn) { | |||
throw new Exception('Could not delete unknown group '.$gid.' in LDAP backend.'); | |||
} | |||
if (!$this->groupExists($gid)) { | |||
// The group does not exist in the LDAP, remove the mapping | |||
$this->access->getGroupMapper()->unmap($gid); | |||
$this->access->connection->writeToCache("groupExists" . $gid, false); | |||
return true; | |||
} | |||
throw new Exception('Could not delete existing group '.$gid.' in LDAP backend.'); | |||
} | |||
/** |
@@ -28,10 +28,11 @@ | |||
*/ | |||
namespace OCA\User_LDAP; | |||
use OCP\Group\Backend\INamedBackend; | |||
use OCP\Group\Backend\IDeleteGroupBackend; | |||
use OCP\Group\Backend\IGetDisplayNameBackend; | |||
use OCP\Group\Backend\INamedBackend; | |||
class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGetDisplayNameBackend, INamedBackend { | |||
class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGetDisplayNameBackend, INamedBackend, IDeleteGroupBackend { | |||
private $backends = []; | |||
private $refBackend = null; | |||
@@ -171,11 +172,8 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet | |||
/** | |||
* delete a group | |||
* | |||
* @param string $gid gid of the group to delete | |||
* @return bool | |||
*/ | |||
public function deleteGroup($gid) { | |||
public function deleteGroup(string $gid): bool { | |||
return $this->handleRequest( | |||
$gid, 'deleteGroup', [$gid]); | |||
} |
@@ -28,9 +28,9 @@ namespace OCA\User_LDAP; | |||
use OC\User\Backend; | |||
class UserPluginManager { | |||
private $respondToActions = 0; | |||
private int $respondToActions = 0; | |||
private $which = [ | |||
private array $which = [ | |||
Backend::CREATE_USER => null, | |||
Backend::SET_PASSWORD => null, | |||
Backend::GET_HOME => null, | |||
@@ -41,8 +41,7 @@ class UserPluginManager { | |||
'deleteUser' => null | |||
]; | |||
/** @var bool */ | |||
private $suppressDeletion = false; | |||
private bool $suppressDeletion = false; | |||
/** | |||
* @return int All implemented actions, except for 'deleteUser' |
@@ -61,7 +61,7 @@ class Delete extends Base { | |||
$output->writeln('<error>Group "' . $gid . '" could not be deleted.</error>'); | |||
return 1; | |||
} | |||
if (! $this->groupManager->groupExists($gid)) { | |||
if (!$this->groupManager->groupExists($gid)) { | |||
$output->writeln('<error>Group "' . $gid . '" does not exist.</error>'); | |||
return 1; | |||
} |