|
|
@@ -579,7 +579,19 @@ class Access extends LDAPUtility implements IUserTools { |
|
|
|
} else { |
|
|
|
$username = $uuid; |
|
|
|
} |
|
|
|
$intName = $this->sanitizeUsername($username); |
|
|
|
try { |
|
|
|
$intName = $this->sanitizeUsername($username); |
|
|
|
} catch (\InvalidArgumentException $e) { |
|
|
|
\OC::$server->getLogger()->logException($e, [ |
|
|
|
'app' => 'user_ldap', |
|
|
|
'level' => Util::WARN, |
|
|
|
]); |
|
|
|
// we don't attempt to set a username here. We can go for |
|
|
|
// for an alternativ 4 digit random number as we would append |
|
|
|
// otherwise, however it's likely not enough space in bigger |
|
|
|
// setups, and most importantly: this is not intended. |
|
|
|
return false; |
|
|
|
} |
|
|
|
} else { |
|
|
|
$intName = $ldapName; |
|
|
|
} |
|
|
@@ -1291,7 +1303,7 @@ class Access extends LDAPUtility implements IUserTools { |
|
|
|
|
|
|
|
/** |
|
|
|
* @param string $name |
|
|
|
* @return bool|mixed|string |
|
|
|
* @return string |
|
|
|
*/ |
|
|
|
public function sanitizeUsername($name) { |
|
|
|
if($this->connection->ldapIgnoreNamingRules) { |
|
|
@@ -1300,7 +1312,7 @@ class Access extends LDAPUtility implements IUserTools { |
|
|
|
|
|
|
|
// Transliteration |
|
|
|
// latin characters to ASCII |
|
|
|
$name = iconv('UTF-8', 'ASCII//TRANSLIT', $name); |
|
|
|
$name = iconv('UTF-8', 'ASCII//TRANSLIT', trim($name)); |
|
|
|
|
|
|
|
// Replacements |
|
|
|
$name = str_replace(' ', '_', $name); |
|
|
@@ -1308,6 +1320,10 @@ class Access extends LDAPUtility implements IUserTools { |
|
|
|
// Every remaining disallowed characters will be removed |
|
|
|
$name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name); |
|
|
|
|
|
|
|
if($name === '') { |
|
|
|
throw new \InvalidArgumentException('provided name template for username does not contain any allowed characters'); |
|
|
|
} |
|
|
|
|
|
|
|
return $name; |
|
|
|
} |
|
|
|
|