Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>tags/v24.0.0beta3
<command>OCA\User_LDAP\Command\CheckUser</command> | <command>OCA\User_LDAP\Command\CheckUser</command> | ||||
<command>OCA\User_LDAP\Command\CreateEmptyConfig</command> | <command>OCA\User_LDAP\Command\CreateEmptyConfig</command> | ||||
<command>OCA\User_LDAP\Command\DeleteConfig</command> | <command>OCA\User_LDAP\Command\DeleteConfig</command> | ||||
<command>OCA\User_LDAP\Command\ResetGroup</command> | |||||
<command>OCA\User_LDAP\Command\ResetUser</command> | <command>OCA\User_LDAP\Command\ResetUser</command> | ||||
<command>OCA\User_LDAP\Command\Search</command> | <command>OCA\User_LDAP\Command\Search</command> | ||||
<command>OCA\User_LDAP\Command\SetConfig</command> | <command>OCA\User_LDAP\Command\SetConfig</command> |
'OCA\\User_LDAP\\Command\\CheckUser' => $baseDir . '/../lib/Command/CheckUser.php', | 'OCA\\User_LDAP\\Command\\CheckUser' => $baseDir . '/../lib/Command/CheckUser.php', | ||||
'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => $baseDir . '/../lib/Command/CreateEmptyConfig.php', | 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => $baseDir . '/../lib/Command/CreateEmptyConfig.php', | ||||
'OCA\\User_LDAP\\Command\\DeleteConfig' => $baseDir . '/../lib/Command/DeleteConfig.php', | 'OCA\\User_LDAP\\Command\\DeleteConfig' => $baseDir . '/../lib/Command/DeleteConfig.php', | ||||
'OCA\\User_LDAP\\Command\\ResetGroup' => $baseDir . '/../lib/Command/ResetGroup.php', | |||||
'OCA\\User_LDAP\\Command\\ResetUser' => $baseDir . '/../lib/Command/ResetUser.php', | 'OCA\\User_LDAP\\Command\\ResetUser' => $baseDir . '/../lib/Command/ResetUser.php', | ||||
'OCA\\User_LDAP\\Command\\Search' => $baseDir . '/../lib/Command/Search.php', | 'OCA\\User_LDAP\\Command\\Search' => $baseDir . '/../lib/Command/Search.php', | ||||
'OCA\\User_LDAP\\Command\\SetConfig' => $baseDir . '/../lib/Command/SetConfig.php', | 'OCA\\User_LDAP\\Command\\SetConfig' => $baseDir . '/../lib/Command/SetConfig.php', |
'OCA\\User_LDAP\\Command\\CheckUser' => __DIR__ . '/..' . '/../lib/Command/CheckUser.php', | 'OCA\\User_LDAP\\Command\\CheckUser' => __DIR__ . '/..' . '/../lib/Command/CheckUser.php', | ||||
'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => __DIR__ . '/..' . '/../lib/Command/CreateEmptyConfig.php', | 'OCA\\User_LDAP\\Command\\CreateEmptyConfig' => __DIR__ . '/..' . '/../lib/Command/CreateEmptyConfig.php', | ||||
'OCA\\User_LDAP\\Command\\DeleteConfig' => __DIR__ . '/..' . '/../lib/Command/DeleteConfig.php', | 'OCA\\User_LDAP\\Command\\DeleteConfig' => __DIR__ . '/..' . '/../lib/Command/DeleteConfig.php', | ||||
'OCA\\User_LDAP\\Command\\ResetGroup' => __DIR__ . '/..' . '/../lib/Command/ResetGroup.php', | |||||
'OCA\\User_LDAP\\Command\\ResetUser' => __DIR__ . '/..' . '/../lib/Command/ResetUser.php', | 'OCA\\User_LDAP\\Command\\ResetUser' => __DIR__ . '/..' . '/../lib/Command/ResetUser.php', | ||||
'OCA\\User_LDAP\\Command\\Search' => __DIR__ . '/..' . '/../lib/Command/Search.php', | 'OCA\\User_LDAP\\Command\\Search' => __DIR__ . '/..' . '/../lib/Command/Search.php', | ||||
'OCA\\User_LDAP\\Command\\SetConfig' => __DIR__ . '/..' . '/../lib/Command/SetConfig.php', | 'OCA\\User_LDAP\\Command\\SetConfig' => __DIR__ . '/..' . '/../lib/Command/SetConfig.php', |
use OCP\GroupInterface; | use OCP\GroupInterface; | ||||
class GroupPluginManager { | class GroupPluginManager { | ||||
private $respondToActions = 0; | |||||
private int $respondToActions = 0; | |||||
private $which = [ | |||||
private array $which = [ | |||||
GroupInterface::CREATE_GROUP => null, | GroupInterface::CREATE_GROUP => null, | ||||
GroupInterface::DELETE_GROUP => null, | GroupInterface::DELETE_GROUP => null, | ||||
GroupInterface::ADD_TO_GROUP => null, | GroupInterface::ADD_TO_GROUP => null, | ||||
GroupInterface::GROUP_DETAILS => null | GroupInterface::GROUP_DETAILS => null | ||||
]; | ]; | ||||
private bool $suppressDeletion = false; | |||||
/** | /** | ||||
* @return int All implemented actions | * @return int All implemented actions | ||||
*/ | */ | ||||
throw new \Exception('No plugin implements createGroup in this LDAP Backend.'); | throw new \Exception('No plugin implements createGroup in this LDAP Backend.'); | ||||
} | } | ||||
public function canDeleteGroup(): bool { | |||||
return !$this->suppressDeletion && ($this->which[GroupInterface::DELETE_GROUP] !== null); | |||||
} | |||||
/** | |||||
* @return bool – the value before the change | |||||
*/ | |||||
public function setSuppressDeletion(bool $value): bool { | |||||
$old = $this->suppressDeletion; | |||||
$this->suppressDeletion = $value; | |||||
return $old; | |||||
} | |||||
/** | /** | ||||
* Delete a group | * Delete a group | ||||
* @param string $gid Group Id of the group to delete | * @param string $gid Group Id of the group to delete | ||||
$plugin = $this->which[GroupInterface::DELETE_GROUP]; | $plugin = $this->which[GroupInterface::DELETE_GROUP]; | ||||
if ($plugin) { | if ($plugin) { | ||||
if ($this->suppressDeletion) { | |||||
return false; | |||||
} | |||||
return $plugin->deleteGroup($gid); | return $plugin->deleteGroup($gid); | ||||
} | } | ||||
throw new \Exception('No plugin implements deleteGroup in this LDAP Backend.'); | throw new \Exception('No plugin implements deleteGroup in this LDAP Backend.'); |
use OC\Cache\CappedMemoryCache; | use OC\Cache\CappedMemoryCache; | ||||
use OC\ServerNotAvailableException; | use OC\ServerNotAvailableException; | ||||
use OCP\Group\Backend\IGetDisplayNameBackend; | use OCP\Group\Backend\IGetDisplayNameBackend; | ||||
use OCP\Group\Backend\IDeleteGroupBackend; | |||||
use OCP\GroupInterface; | use OCP\GroupInterface; | ||||
use Psr\Log\LoggerInterface; | use Psr\Log\LoggerInterface; | ||||
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend { | |||||
class Group_LDAP extends BackendUtility implements GroupInterface, IGroupLDAP, IGetDisplayNameBackend, IDeleteGroupBackend { | |||||
protected $enabled = false; | protected $enabled = false; | ||||
/** @var string[][] $cachedGroupMembers array of users with gid as key */ | /** @var string[][] $cachedGroupMembers array of users with gid as key */ | ||||
*/ | */ | ||||
public function implementsActions($actions) { | public function implementsActions($actions) { | ||||
return (bool)((GroupInterface::COUNT_USERS | | return (bool)((GroupInterface::COUNT_USERS | | ||||
GroupInterface::DELETE_GROUP | | |||||
$this->groupPluginManager->getImplementedActions()) & $actions); | $this->groupPluginManager->getImplementedActions()) & $actions); | ||||
} | } | ||||
* delete a group | * delete a group | ||||
* | * | ||||
* @param string $gid gid of the group to delete | * @param string $gid gid of the group to delete | ||||
* @return bool | |||||
* @throws Exception | * @throws Exception | ||||
*/ | */ | ||||
public function deleteGroup($gid) { | |||||
if ($this->groupPluginManager->implementsActions(GroupInterface::DELETE_GROUP)) { | |||||
public function deleteGroup(string $gid): bool { | |||||
if ($this->groupPluginManager->canDeleteGroup()) { | |||||
if ($ret = $this->groupPluginManager->deleteGroup($gid)) { | if ($ret = $this->groupPluginManager->deleteGroup($gid)) { | ||||
#delete group in nextcloud internal db | |||||
// Delete group in nextcloud internal db | |||||
$this->access->getGroupMapper()->unmap($gid); | $this->access->getGroupMapper()->unmap($gid); | ||||
$this->access->connection->writeToCache("groupExists" . $gid, false); | $this->access->connection->writeToCache("groupExists" . $gid, false); | ||||
} | } | ||||
return $ret; | return $ret; | ||||
} | } | ||||
throw new Exception('Could not delete group in LDAP backend.'); | |||||
// Getting dn, if false the group is not mapped | |||||
$dn = $this->access->groupname2dn($gid); | |||||
if (!$dn) { | |||||
throw new Exception('Could not delete unknown group '.$gid.' in LDAP backend.'); | |||||
} | |||||
if (!$this->groupExists($gid)) { | |||||
// The group does not exist in the LDAP, remove the mapping | |||||
$this->access->getGroupMapper()->unmap($gid); | |||||
$this->access->connection->writeToCache("groupExists" . $gid, false); | |||||
return true; | |||||
} | |||||
throw new Exception('Could not delete existing group '.$gid.' in LDAP backend.'); | |||||
} | } | ||||
/** | /** |
*/ | */ | ||||
namespace OCA\User_LDAP; | namespace OCA\User_LDAP; | ||||
use OCP\Group\Backend\INamedBackend; | |||||
use OCP\Group\Backend\IDeleteGroupBackend; | |||||
use OCP\Group\Backend\IGetDisplayNameBackend; | use OCP\Group\Backend\IGetDisplayNameBackend; | ||||
use OCP\Group\Backend\INamedBackend; | |||||
class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGetDisplayNameBackend, INamedBackend { | |||||
class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGetDisplayNameBackend, INamedBackend, IDeleteGroupBackend { | |||||
private $backends = []; | private $backends = []; | ||||
private $refBackend = null; | private $refBackend = null; | ||||
/** | /** | ||||
* delete a group | * delete a group | ||||
* | |||||
* @param string $gid gid of the group to delete | |||||
* @return bool | |||||
*/ | */ | ||||
public function deleteGroup($gid) { | |||||
public function deleteGroup(string $gid): bool { | |||||
return $this->handleRequest( | return $this->handleRequest( | ||||
$gid, 'deleteGroup', [$gid]); | $gid, 'deleteGroup', [$gid]); | ||||
} | } |
use OC\User\Backend; | use OC\User\Backend; | ||||
class UserPluginManager { | class UserPluginManager { | ||||
private $respondToActions = 0; | |||||
private int $respondToActions = 0; | |||||
private $which = [ | |||||
private array $which = [ | |||||
Backend::CREATE_USER => null, | Backend::CREATE_USER => null, | ||||
Backend::SET_PASSWORD => null, | Backend::SET_PASSWORD => null, | ||||
Backend::GET_HOME => null, | Backend::GET_HOME => null, | ||||
'deleteUser' => null | 'deleteUser' => null | ||||
]; | ]; | ||||
/** @var bool */ | |||||
private $suppressDeletion = false; | |||||
private bool $suppressDeletion = false; | |||||
/** | /** | ||||
* @return int All implemented actions, except for 'deleteUser' | * @return int All implemented actions, except for 'deleteUser' |
$output->writeln('<error>Group "' . $gid . '" could not be deleted.</error>'); | $output->writeln('<error>Group "' . $gid . '" could not be deleted.</error>'); | ||||
return 1; | return 1; | ||||
} | } | ||||
if (! $this->groupManager->groupExists($gid)) { | |||||
if (!$this->groupManager->groupExists($gid)) { | |||||
$output->writeln('<error>Group "' . $gid . '" does not exist.</error>'); | $output->writeln('<error>Group "' . $gid . '" does not exist.</error>'); | ||||
return 1; | return 1; | ||||
} | } |