Browse Source
Merge pull request #44859 from nextcloud/feat/add-ldap-connection-setup-check
feat(user_ldap): Add setup check to verify connection configurationpull/44916/head
Ferdinand Thiessen
1 week ago
4 changed files with 115 additions and 0 deletions
+ 1
- 0
apps/user_ldap/composer/composer/autoload_classmap.php
View File
| @@ -83,6 +83,7 @@ return array( | |||
| 'OCA\\User_LDAP\\Service\\UpdateGroupsService' => $baseDir . '/../lib/Service/UpdateGroupsService.php', | |||
| 'OCA\\User_LDAP\\Settings\\Admin' => $baseDir . '/../lib/Settings/Admin.php', | |||
| 'OCA\\User_LDAP\\Settings\\Section' => $baseDir . '/../lib/Settings/Section.php', | |||
| 'OCA\\User_LDAP\\SetupChecks\\LdapConnection' => $baseDir . '/../lib/SetupChecks/LdapConnection.php', | |||
| 'OCA\\User_LDAP\\SetupChecks\\LdapInvalidUuids' => $baseDir . '/../lib/SetupChecks/LdapInvalidUuids.php', | |||
| 'OCA\\User_LDAP\\UserPluginManager' => $baseDir . '/../lib/UserPluginManager.php', | |||
| 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => $baseDir . '/../lib/User/DeletedUsersIndex.php', | |||
+ 1
- 0
apps/user_ldap/composer/composer/autoload_static.php
View File
| @@ -98,6 +98,7 @@ class ComposerStaticInitUser_LDAP | |||
| 'OCA\\User_LDAP\\Service\\UpdateGroupsService' => __DIR__ . '/..' . '/../lib/Service/UpdateGroupsService.php', | |||
| 'OCA\\User_LDAP\\Settings\\Admin' => __DIR__ . '/..' . '/../lib/Settings/Admin.php', | |||
| 'OCA\\User_LDAP\\Settings\\Section' => __DIR__ . '/..' . '/../lib/Settings/Section.php', | |||
| 'OCA\\User_LDAP\\SetupChecks\\LdapConnection' => __DIR__ . '/..' . '/../lib/SetupChecks/LdapConnection.php', | |||
| 'OCA\\User_LDAP\\SetupChecks\\LdapInvalidUuids' => __DIR__ . '/..' . '/../lib/SetupChecks/LdapInvalidUuids.php', | |||
| 'OCA\\User_LDAP\\UserPluginManager' => __DIR__ . '/..' . '/../lib/UserPluginManager.php', | |||
| 'OCA\\User_LDAP\\User\\DeletedUsersIndex' => __DIR__ . '/..' . '/../lib/User/DeletedUsersIndex.php', | |||
+ 2
- 0
apps/user_ldap/lib/AppInfo/Application.php
View File
| @@ -40,6 +40,7 @@ use OCA\User_LDAP\ILDAPWrapper; | |||
| use OCA\User_LDAP\LDAP; | |||
| use OCA\User_LDAP\LoginListener; | |||
| use OCA\User_LDAP\Notification\Notifier; | |||
| use OCA\User_LDAP\SetupChecks\LdapConnection; | |||
| use OCA\User_LDAP\SetupChecks\LdapInvalidUuids; | |||
| use OCA\User_LDAP\User\Manager; | |||
| use OCA\User_LDAP\User_Proxy; | |||
| @@ -118,6 +119,7 @@ class Application extends App implements IBootstrap { | |||
| ); | |||
| $context->registerEventListener(PostLoginEvent::class, LoginListener::class); | |||
| $context->registerSetupCheck(LdapInvalidUuids::class); | |||
| $context->registerSetupCheck(LdapConnection::class); | |||
| } | |||
| public function boot(IBootContext $context): void { | |||
+ 111
- 0
apps/user_ldap/lib/SetupChecks/LdapConnection.php
View File
| @@ -0,0 +1,111 @@ | |||
| <?php | |||
| declare(strict_types=1); | |||
| /** | |||
| * @copyright Copyright (c) 2024 Côme Chilliet <come.chilliet@nextcloud.com> | |||
| * | |||
| * @author Côme Chilliet <come.chilliet@nextcloud.com> | |||
| * | |||
| * @license GNU AGPL version 3 or any later version | |||
| * | |||
| * This program is free software: you can redistribute it and/or modify | |||
| * it under the terms of the GNU Affero General Public License as | |||
| * published by the Free Software Foundation, either version 3 of the | |||
| * License, or (at your option) any later version. | |||
| * | |||
| * This program is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
| * GNU Affero General Public License for more details. | |||
| * | |||
| * You should have received a copy of the GNU Affero General Public License | |||
| * along with this program. If not, see <https://www.gnu.org/licenses/>. | |||
| * | |||
| */ | |||
| namespace OCA\User_LDAP\SetupChecks; | |||
| use OCA\User_LDAP\AccessFactory; | |||
| use OCA\User_LDAP\ConnectionFactory; | |||
| use OCA\User_LDAP\Helper; | |||
| use OCP\IL10N; | |||
| use OCP\SetupCheck\ISetupCheck; | |||
| use OCP\SetupCheck\SetupResult; | |||
| class LdapConnection implements ISetupCheck { | |||
| public function __construct( | |||
| private IL10N $l10n, | |||
| private Helper $helper, | |||
| private ConnectionFactory $connectionFactory, | |||
| private AccessFactory $accessFactory, | |||
| ) { | |||
| } | |||
| public function getCategory(): string { | |||
| return 'ldap'; | |||
| } | |||
| public function getName(): string { | |||
| return $this->l10n->t('LDAP Connection'); | |||
| } | |||
| public function run(): SetupResult { | |||
| $availableConfigs = $this->helper->getServerConfigurationPrefixes(); | |||
| $inactiveConfigurations = []; | |||
| $bindFailedConfigurations = []; | |||
| $searchFailedConfigurations = []; | |||
| foreach ($availableConfigs as $configID) { | |||
| $connection = $this->connectionFactory->get($configID); | |||
| if (!$connection->ldapConfigurationActive) { | |||
| $inactiveConfigurations[] = $configID; | |||
| continue; | |||
| } | |||
| if (!$connection->bind()) { | |||
| $bindFailedConfigurations[] = $configID; | |||
| continue; | |||
| } | |||
| $access = $this->accessFactory->get($connection); | |||
| $result = $access->countObjects(1); | |||
| if (!is_int($result) || ($result <= 0)) { | |||
| $searchFailedConfigurations[] = $configID; | |||
| } | |||
| } | |||
| $output = ''; | |||
| if (!empty($bindFailedConfigurations)) { | |||
| $output .= $this->l10n->n( | |||
| 'Binding failed for this LDAP configuration: %s', | |||
| 'Binding failed for these LDAP configurations: %s', | |||
| count($bindFailedConfigurations), | |||
| [implode(',', $bindFailedConfigurations)] | |||
| )."\n"; | |||
| } | |||
| if (!empty($searchFailedConfigurations)) { | |||
| $output .= $this->l10n->n( | |||
| 'Searching failed for this LDAP configuration: %s', | |||
| 'Searching failed for these LDAP configurations: %s', | |||
| count($searchFailedConfigurations), | |||
| [implode(',', $searchFailedConfigurations)] | |||
| )."\n"; | |||
| } | |||
| if (!empty($inactiveConfigurations)) { | |||
| $output .= $this->l10n->n( | |||
| 'There is an inactive LDAP configuration: %s', | |||
| 'There are inactive LDAP configurations: %s', | |||
| count($inactiveConfigurations), | |||
| [implode(',', $inactiveConfigurations)] | |||
| )."\n"; | |||
| } | |||
| if (!empty($bindFailedConfigurations) || !empty($searchFailedConfigurations)) { | |||
| return SetupResult::error($output); | |||
| } elseif (!empty($inactiveConfigurations)) { | |||
| return SetupResult::warning($output); | |||
| } | |||
| return SetupResult::success($this->l10n->n( | |||
| 'Binding and searching works on the configured LDAP connection (%s)', | |||
| 'Binding and searching works on all of the configured LDAP connections (%s)', | |||
| count($availableConfigs), | |||
| [implode(',', $availableConfigs)] | |||
| )); | |||
| } | |||
| } | |||
Loading…