mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26449 Commits
434 Branches
Tree: 2171cc02c3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2171cc02c3'
${ noResults }
nextcloud/apps/user_ldap/lib/helper.php

helper.php 6.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215 
  1. <?php

  2. /**

  3.  * @author Arthur Schiwon <blizzz@owncloud.com>

  4.  * @author Brice Maron <brice@bmaron.net>

  5.  * @author Jörn Friedrich Dreyer <jfd@butonic.de>

  6.  * @author Lukas Reschke <lukas@owncloud.com>

  7.  * @author Morris Jobke <hey@morrisjobke.de>

  8.  * @author Thomas Müller <thomas.mueller@tmit.eu>

  9.  * @author Vincent Petry <pvince81@owncloud.com>

  10.  *

  11.  * @copyright Copyright (c) 2015, ownCloud, Inc.

  12.  * @license AGPL-3.0

  13.  *

  14.  * This code is free software: you can redistribute it and/or modify

  15.  * it under the terms of the GNU Affero General Public License, version 3,

  16.  * as published by the Free Software Foundation.

  17.  *

  18.  * This program is distributed in the hope that it will be useful,

  19.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  20.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  21.  * GNU Affero General Public License for more details.

  22.  *

  23.  * You should have received a copy of the GNU Affero General Public License, version 3,

  24.  * along with this program.  If not, see <http://www.gnu.org/licenses/>

  25.  *

  26.  */

  27. 

  28. namespace OCA\user_ldap\lib;

  29. 

  30. use OCA\user_ldap\lib\LDAP;

  31. use OCA\user_ldap\User_Proxy;

  32. 

  33. class Helper {

  34. 

  35. 	/**

  36. 	 * returns prefixes for each saved LDAP/AD server configuration.

  37. 	 * @param bool $activeConfigurations optional, whether only active configuration shall be

  38. 	 * retrieved, defaults to false

  39. 	 * @return array with a list of the available prefixes

  40. 	 *

  41. 	 * Configuration prefixes are used to set up configurations for n LDAP or

  42. 	 * AD servers. Since configuration is stored in the database, table

  43. 	 * appconfig under appid user_ldap, the common identifiers in column

  44. 	 * 'configkey' have a prefix. The prefix for the very first server

  45. 	 * configuration is empty.

  46. 	 * Configkey Examples:

  47. 	 * Server 1: ldap_login_filter

  48. 	 * Server 2: s1_ldap_login_filter

  49. 	 * Server 3: s2_ldap_login_filter

  50. 	 *

  51. 	 * The prefix needs to be passed to the constructor of Connection class,

  52. 	 * except the default (first) server shall be connected to.

  53. 	 *

  54. 	 */

  55. 	public function getServerConfigurationPrefixes($activeConfigurations = false) {

  56. 		$referenceConfigkey = 'ldap_configuration_active';

  57. 

  58. 		$sql = '

  59. 			SELECT DISTINCT `configkey`

  60. 			FROM `*PREFIX*appconfig`

  61. 			WHERE `appid` = \'user_ldap\'

  62. 				AND `configkey` LIKE ?

  63. 		';

  64. 

  65. 		if($activeConfigurations) {

  66. 			if (\OC_Config::getValue( 'dbtype', 'sqlite' ) === 'oci') {

  67. 				//FIXME oracle hack: need to explicitly cast CLOB to CHAR for comparison

  68. 				$sql .= ' AND to_char(`configvalue`)=\'1\'';

  69. 			} else {

  70. 				$sql .= ' AND `configvalue` = \'1\'';

  71. 			}

  72. 		}

  73. 

  74. 		$stmt = \OCP\DB::prepare($sql);

  75. 

  76. 		$serverConfigs = $stmt->execute(array('%'.$referenceConfigkey))->fetchAll();

  77. 		$prefixes = array();

  78. 

  79. 		foreach($serverConfigs as $serverConfig) {

  80. 			$len = strlen($serverConfig['configkey']) - strlen($referenceConfigkey);

  81. 			$prefixes[] = substr($serverConfig['configkey'], 0, $len);

  82. 		}

  83. 

  84. 		return $prefixes;

  85. 	}

  86. 

  87. 	/**

  88. 	 *

  89. 	 * determines the host for every configured connection

  90. 	 * @return array an array with configprefix as keys

  91. 	 *

  92. 	 */

  93. 	public function getServerConfigurationHosts() {

  94. 		$referenceConfigkey = 'ldap_host';

  95. 

  96. 		$query = '

  97. 			SELECT DISTINCT `configkey`, `configvalue`

  98. 			FROM `*PREFIX*appconfig`

  99. 			WHERE `appid` = \'user_ldap\'

  100. 				AND `configkey` LIKE ?

  101. 		';

  102. 		$query = \OCP\DB::prepare($query);

  103. 		$configHosts = $query->execute(array('%'.$referenceConfigkey))->fetchAll();

  104. 		$result = array();

  105. 

  106. 		foreach($configHosts as $configHost) {

  107. 			$len = strlen($configHost['configkey']) - strlen($referenceConfigkey);

  108. 			$prefix = substr($configHost['configkey'], 0, $len);

  109. 			$result[$prefix] = $configHost['configvalue'];

  110. 		}

  111. 

  112. 		return $result;

  113. 	}

  114. 

  115. 	/**

  116. 	 * deletes a given saved LDAP/AD server configuration.

  117. 	 * @param string $prefix the configuration prefix of the config to delete

  118. 	 * @return bool true on success, false otherwise

  119. 	 */

  120. 	public function deleteServerConfiguration($prefix) {

  121. 		if(!in_array($prefix, self::getServerConfigurationPrefixes())) {

  122. 			return false;

  123. 		}

  124. 

  125. 		$saveOtherConfigurations = '';

  126. 		if(empty($prefix)) {

  127. 			$saveOtherConfigurations = 'AND `configkey` NOT LIKE \'s%\'';

  128. 		}

  129. 

  130. 		$query = \OCP\DB::prepare('

  131. 			DELETE

  132. 			FROM `*PREFIX*appconfig`

  133. 			WHERE `configkey` LIKE ?

  134. 				'.$saveOtherConfigurations.'

  135. 				AND `appid` = \'user_ldap\'

  136. 				AND `configkey` NOT IN (\'enabled\', \'installed_version\', \'types\', \'bgjUpdateGroupsLastRun\')

  137. 		');

  138. 		$delRows = $query->execute(array($prefix.'%'));

  139. 

  140. 		if(\OCP\DB::isError($delRows)) {

  141. 			return false;

  142. 		}

  143. 

  144. 		if($delRows === 0) {

  145. 			return false;

  146. 		}

  147. 

  148. 		return true;

  149. 	}

  150. 

  151. 	/**

  152. 	 * checks whether there is one or more disabled LDAP configurations

  153. 	 * @throws \Exception

  154. 	 * @return bool

  155. 	 */

  156. 	public function haveDisabledConfigurations() {

  157. 		$all = $this->getServerConfigurationPrefixes(false);

  158. 		$active = $this->getServerConfigurationPrefixes(true);

  159. 

  160. 		if(!is_array($all) || !is_array($active)) {

  161. 			throw new \Exception('Unexpected Return Value');

  162. 		}

  163. 

  164. 		return count($all) !== count($active) || count($all) === 0;

  165. 	}

  166. 

  167. 	/**

  168. 	 * extracts the domain from a given URL

  169. 	 * @param string $url the URL

  170. 	 * @return string|false domain as string on success, false otherwise

  171. 	 */

  172. 	public function getDomainFromURL($url) {

  173. 		$uinfo = parse_url($url);

  174. 		if(!is_array($uinfo)) {

  175. 			return false;

  176. 		}

  177. 

  178. 		$domain = false;

  179. 		if(isset($uinfo['host'])) {

  180. 			$domain = $uinfo['host'];

  181. 		} else if(isset($uinfo['path'])) {

  182. 			$domain = $uinfo['path'];

  183. 		}

  184. 

  185. 		return $domain;

  186. 	}

  187. 

  188. 	/**

  189. 	 * listens to a hook thrown by server2server sharing and replaces the given

  190. 	 * login name by a username, if it matches an LDAP user.

  191. 	 *

  192. 	 * @param array $param

  193. 	 * @throws \Exception

  194. 	 */

  195. 	public static function loginName2UserName($param) {

  196. 		if(!isset($param['uid'])) {

  197. 			throw new \Exception('key uid is expected to be set in $param');

  198. 		}

  199. 

  200. 		//ain't it ironic?

  201. 		$helper = new Helper();

  202. 

  203. 		$configPrefixes = $helper->getServerConfigurationPrefixes(true);

  204. 		$ldapWrapper = new LDAP();

  205. 		$ocConfig = \OC::$server->getConfig();

  206. 

  207. 		$userBackend  = new User_Proxy(

  208. 			$configPrefixes, $ldapWrapper, $ocConfig

  209. 		);

  210. 		$uid = $userBackend->loginName2UserName($param['uid'] );

  211. 		if($uid !== false) {

  212. 			$param['uid'] = $uid;

  213. 		}

  214. 	}

  215. }