mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 1008 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64972 Commits
428 Branches
Tree: 2c8e8083e7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2c8e8083e7'
${ noResults }
nextcloud/lib/private/User/Database.php

Database.php 14KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528 
  1. <?php

  2. 

  3. declare(strict_types=1);

  4. 

  5. /**

  6.  * @copyright Copyright (c) 2016, ownCloud, Inc.

  7.  *

  8.  * @author adrien <adrien.waksberg@believedigital.com>

  9.  * @author Aldo "xoen" Giambelluca <xoen@xoen.org>

  10.  * @author Arthur Schiwon <blizzz@arthur-schiwon.de>

  11.  * @author Bart Visscher <bartv@thisnet.nl>

  12.  * @author Bjoern Schiessle <bjoern@schiessle.org>

  13.  * @author Björn Schießle <bjoern@schiessle.org>

  14.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>

  15.  * @author Daniel Calviño Sánchez <danxuliu@gmail.com>

  16.  * @author fabian <fabian@web2.0-apps.de>

  17.  * @author Georg Ehrke <oc.list@georgehrke.com>

  18.  * @author Jakob Sack <mail@jakobsack.de>

  19.  * @author Joas Schilling <coding@schilljs.com>

  20.  * @author Jörn Friedrich Dreyer <jfd@butonic.de>

  21.  * @author Loki3000 <github@labcms.ru>

  22.  * @author Lukas Reschke <lukas@statuscode.ch>

  23.  * @author Morris Jobke <hey@morrisjobke.de>

  24.  * @author nishiki <nishiki@yaegashi.fr>

  25.  * @author Robin Appelman <robin@icewind.nl>

  26.  * @author Robin McCorkell <robin@mccorkell.me.uk>

  27.  * @author Roeland Jago Douma <roeland@famdouma.nl>

  28.  * @author Thomas Müller <thomas.mueller@tmit.eu>

  29.  * @author Vincent Petry <vincent@nextcloud.com>

  30.  *

  31.  * @license AGPL-3.0

  32.  *

  33.  * This code is free software: you can redistribute it and/or modify

  34.  * it under the terms of the GNU Affero General Public License, version 3,

  35.  * as published by the Free Software Foundation.

  36.  *

  37.  * This program is distributed in the hope that it will be useful,

  38.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  39.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

  40.  * GNU Affero General Public License for more details.

  41.  *

  42.  * You should have received a copy of the GNU Affero General Public License, version 3,

  43.  * along with this program. If not, see <http://www.gnu.org/licenses/>

  44.  *

  45.  */

  46. namespace OC\User;

  47. 

  48. use OCP\Cache\CappedMemoryCache;

  49. use OCP\EventDispatcher\IEventDispatcher;

  50. use OCP\IDBConnection;

  51. use OCP\Security\Events\ValidatePasswordPolicyEvent;

  52. use OCP\User\Backend\ABackend;

  53. use OCP\User\Backend\ICheckPasswordBackend;

  54. use OCP\User\Backend\ICountUsersBackend;

  55. use OCP\User\Backend\ICreateUserBackend;

  56. use OCP\User\Backend\IGetDisplayNameBackend;

  57. use OCP\User\Backend\IGetHomeBackend;

  58. use OCP\User\Backend\IGetRealUIDBackend;

  59. use OCP\User\Backend\ISearchKnownUsersBackend;

  60. use OCP\User\Backend\ISetDisplayNameBackend;

  61. use OCP\User\Backend\ISetPasswordBackend;

  62. 

  63. /**

  64.  * Class for user management in a SQL Database (e.g. MySQL, SQLite)

  65.  */

  66. class Database extends ABackend implements

  67. 	ICreateUserBackend,

  68. 			   ISetPasswordBackend,

  69. 			   ISetDisplayNameBackend,

  70. 			   IGetDisplayNameBackend,

  71. 			   ICheckPasswordBackend,

  72. 			   IGetHomeBackend,

  73. 			   ICountUsersBackend,

  74. 			   ISearchKnownUsersBackend,

  75. 			   IGetRealUIDBackend {

  76. 	/** @var CappedMemoryCache */

  77. 	private $cache;

  78. 

  79. 	/** @var IEventDispatcher */

  80. 	private $eventDispatcher;

  81. 

  82. 	/** @var IDBConnection */

  83. 	private $dbConn;

  84. 

  85. 	/** @var string */

  86. 	private $table;

  87. 

  88. 	/**

  89. 	 * \OC\User\Database constructor.

  90. 	 *

  91. 	 * @param IEventDispatcher $eventDispatcher

  92. 	 * @param string $table

  93. 	 */

  94. 	public function __construct($eventDispatcher = null, $table = 'users') {

  95. 		$this->cache = new CappedMemoryCache();

  96. 		$this->table = $table;

  97. 		$this->eventDispatcher = $eventDispatcher ? $eventDispatcher : \OC::$server->query(IEventDispatcher::class);

  98. 	}

  99. 

  100. 	/**

  101. 	 * FIXME: This function should not be required!

  102. 	 */

  103. 	private function fixDI() {

  104. 		if ($this->dbConn === null) {

  105. 			$this->dbConn = \OC::$server->getDatabaseConnection();

  106. 		}

  107. 	}

  108. 

  109. 	/**

  110. 	 * Create a new user

  111. 	 *

  112. 	 * @param string $uid The username of the user to create

  113. 	 * @param string $password The password of the new user

  114. 	 * @return bool

  115. 	 *

  116. 	 * Creates a new user. Basic checking of username is done in OC_User

  117. 	 * itself, not in its subclasses.

  118. 	 */

  119. 	public function createUser(string $uid, string $password): bool {

  120. 		$this->fixDI();

  121. 

  122. 		if (!$this->userExists($uid)) {

  123. 			$this->eventDispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password));

  124. 

  125. 			$qb = $this->dbConn->getQueryBuilder();

  126. 			$qb->insert($this->table)

  127. 				->values([

  128. 					'uid' => $qb->createNamedParameter($uid),

  129. 					'password' => $qb->createNamedParameter(\OC::$server->getHasher()->hash($password)),

  130. 					'uid_lower' => $qb->createNamedParameter(mb_strtolower($uid)),

  131. 				]);

  132. 

  133. 			$result = $qb->execute();

  134. 

  135. 			// Clear cache

  136. 			unset($this->cache[$uid]);

  137. 

  138. 			return $result ? true : false;

  139. 		}

  140. 

  141. 		return false;

  142. 	}

  143. 

  144. 	/**

  145. 	 * delete a user

  146. 	 *

  147. 	 * @param string $uid The username of the user to delete

  148. 	 * @return bool

  149. 	 *

  150. 	 * Deletes a user

  151. 	 */

  152. 	public function deleteUser($uid) {

  153. 		$this->fixDI();

  154. 

  155. 		// Delete user-group-relation

  156. 		$query = $this->dbConn->getQueryBuilder();

  157. 		$query->delete($this->table)

  158. 			->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));

  159. 		$result = $query->execute();

  160. 

  161. 		if (isset($this->cache[$uid])) {

  162. 			unset($this->cache[$uid]);

  163. 		}

  164. 

  165. 		return $result ? true : false;

  166. 	}

  167. 

  168. 	private function updatePassword(string $uid, string $passwordHash): bool {

  169. 		$query = $this->dbConn->getQueryBuilder();

  170. 		$query->update($this->table)

  171. 			->set('password', $query->createNamedParameter($passwordHash))

  172. 			->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));

  173. 		$result = $query->execute();

  174. 

  175. 		return $result ? true : false;

  176. 	}

  177. 

  178. 	/**

  179. 	 * Set password

  180. 	 *

  181. 	 * @param string $uid The username

  182. 	 * @param string $password The new password

  183. 	 * @return bool

  184. 	 *

  185. 	 * Change the password of a user

  186. 	 */

  187. 	public function setPassword(string $uid, string $password): bool {

  188. 		$this->fixDI();

  189. 

  190. 		if ($this->userExists($uid)) {

  191. 			$this->eventDispatcher->dispatchTyped(new ValidatePasswordPolicyEvent($password));

  192. 

  193. 			$hasher = \OC::$server->getHasher();

  194. 			$hashedPassword = $hasher->hash($password);

  195. 

  196. 			$return = $this->updatePassword($uid, $hashedPassword);

  197. 

  198. 			if ($return) {

  199. 				$this->cache[$uid]['password'] = $hashedPassword;

  200. 			}

  201. 

  202. 			return $return;

  203. 		}

  204. 

  205. 		return false;

  206. 	}

  207. 

  208. 	/**

  209. 	 * Set display name

  210. 	 *

  211. 	 * @param string $uid The username

  212. 	 * @param string $displayName The new display name

  213. 	 * @return bool

  214. 	 *

  215. 	 * @throws \InvalidArgumentException

  216. 	 *

  217. 	 * Change the display name of a user

  218. 	 */

  219. 	public function setDisplayName(string $uid, string $displayName): bool {

  220. 		if (mb_strlen($displayName) > 64) {

  221. 			throw new \InvalidArgumentException('Invalid displayname');

  222. 		}

  223. 

  224. 		$this->fixDI();

  225. 

  226. 		if ($this->userExists($uid)) {

  227. 			$query = $this->dbConn->getQueryBuilder();

  228. 			$query->update($this->table)

  229. 				->set('displayname', $query->createNamedParameter($displayName))

  230. 				->where($query->expr()->eq('uid_lower', $query->createNamedParameter(mb_strtolower($uid))));

  231. 			$query->execute();

  232. 

  233. 			$this->cache[$uid]['displayname'] = $displayName;

  234. 

  235. 			return true;

  236. 		}

  237. 

  238. 		return false;

  239. 	}

  240. 

  241. 	/**

  242. 	 * get display name of the user

  243. 	 *

  244. 	 * @param string $uid user ID of the user

  245. 	 * @return string display name

  246. 	 */

  247. 	public function getDisplayName($uid): string {

  248. 		$uid = (string)$uid;

  249. 		$this->loadUser($uid);

  250. 		return empty($this->cache[$uid]['displayname']) ? $uid : $this->cache[$uid]['displayname'];

  251. 	}

  252. 

  253. 	/**

  254. 	 * Get a list of all display names and user ids.

  255. 	 *

  256. 	 * @param string $search

  257. 	 * @param int|null $limit

  258. 	 * @param int|null $offset

  259. 	 * @return array an array of all displayNames (value) and the corresponding uids (key)

  260. 	 */

  261. 	public function getDisplayNames($search = '', $limit = null, $offset = null) {

  262. 		$limit = $this->fixLimit($limit);

  263. 

  264. 		$this->fixDI();

  265. 

  266. 		$query = $this->dbConn->getQueryBuilder();

  267. 

  268. 		$query->select('uid', 'displayname')

  269. 			->from($this->table, 'u')

  270. 			->leftJoin('u', 'preferences', 'p', $query->expr()->andX(

  271. 				$query->expr()->eq('userid', 'uid'),

  272. 				$query->expr()->eq('appid', $query->expr()->literal('settings')),

  273. 				$query->expr()->eq('configkey', $query->expr()->literal('email')))

  274. 			)

  275. 			// sqlite doesn't like re-using a single named parameter here

  276. 			->where($query->expr()->iLike('uid', $query->createPositionalParameter('%' . $this->dbConn->escapeLikeParameter($search) . '%')))

  277. 			->orWhere($query->expr()->iLike('displayname', $query->createPositionalParameter('%' . $this->dbConn->escapeLikeParameter($search) . '%')))

  278. 			->orWhere($query->expr()->iLike('configvalue', $query->createPositionalParameter('%' . $this->dbConn->escapeLikeParameter($search) . '%')))

  279. 			->orderBy($query->func()->lower('displayname'), 'ASC')

  280. 			->addOrderBy('uid_lower', 'ASC')

  281. 			->setMaxResults($limit)

  282. 			->setFirstResult($offset);

  283. 

  284. 		$result = $query->executeQuery();

  285. 		$displayNames = [];

  286. 		while ($row = $result->fetch()) {

  287. 			$displayNames[(string)$row['uid']] = (string)$row['displayname'];

  288. 		}

  289. 

  290. 		return $displayNames;

  291. 	}

  292. 

  293. 	/**

  294. 	 * @param string $searcher

  295. 	 * @param string $pattern

  296. 	 * @param int|null $limit

  297. 	 * @param int|null $offset

  298. 	 * @return array

  299. 	 * @since 21.0.1

  300. 	 */

  301. 	public function searchKnownUsersByDisplayName(string $searcher, string $pattern, ?int $limit = null, ?int $offset = null): array {

  302. 		$limit = $this->fixLimit($limit);

  303. 

  304. 		$this->fixDI();

  305. 

  306. 		$query = $this->dbConn->getQueryBuilder();

  307. 

  308. 		$query->select('u.uid', 'u.displayname')

  309. 			->from($this->table, 'u')

  310. 			->leftJoin('u', 'known_users', 'k', $query->expr()->andX(

  311. 				$query->expr()->eq('k.known_user', 'u.uid'),

  312. 				$query->expr()->eq('k.known_to', $query->createNamedParameter($searcher))

  313. 			))

  314. 			->where($query->expr()->eq('k.known_to', $query->createNamedParameter($searcher)))

  315. 			->andWhere($query->expr()->orX(

  316. 				$query->expr()->iLike('u.uid', $query->createNamedParameter('%' . $this->dbConn->escapeLikeParameter($pattern) . '%')),

  317. 				$query->expr()->iLike('u.displayname', $query->createNamedParameter('%' . $this->dbConn->escapeLikeParameter($pattern) . '%'))

  318. 			))

  319. 			->orderBy('u.displayname', 'ASC')

  320. 			->addOrderBy('u.uid_lower', 'ASC')

  321. 			->setMaxResults($limit)

  322. 			->setFirstResult($offset);

  323. 

  324. 		$result = $query->execute();

  325. 		$displayNames = [];

  326. 		while ($row = $result->fetch()) {

  327. 			$displayNames[(string)$row['uid']] = (string)$row['displayname'];

  328. 		}

  329. 

  330. 		return $displayNames;

  331. 	}

  332. 

  333. 	/**

  334. 	 * Check if the password is correct

  335. 	 *

  336. 	 * @param string $loginName The loginname

  337. 	 * @param string $password The password

  338. 	 * @return string

  339. 	 *

  340. 	 * Check if the password is correct without logging in the user

  341. 	 * returns the user id or false

  342. 	 */

  343. 	public function checkPassword(string $loginName, string $password) {

  344. 		$found = $this->loadUser($loginName);

  345. 

  346. 		if ($found && is_array($this->cache[$loginName])) {

  347. 			$storedHash = $this->cache[$loginName]['password'];

  348. 			$newHash = '';

  349. 			if (\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {

  350. 				if (!empty($newHash)) {

  351. 					$this->updatePassword($loginName, $newHash);

  352. 				}

  353. 				return (string)$this->cache[$loginName]['uid'];

  354. 			}

  355. 		}

  356. 

  357. 		return false;

  358. 	}

  359. 

  360. 	/**

  361. 	 * Load an user in the cache

  362. 	 *

  363. 	 * @param string $uid the username

  364. 	 * @return boolean true if user was found, false otherwise

  365. 	 */

  366. 	private function loadUser($uid) {

  367. 		$this->fixDI();

  368. 

  369. 		$uid = (string)$uid;

  370. 		if (!isset($this->cache[$uid])) {

  371. 			//guests $uid could be NULL or ''

  372. 			if ($uid === '') {

  373. 				$this->cache[$uid] = false;

  374. 				return true;

  375. 			}

  376. 

  377. 			$qb = $this->dbConn->getQueryBuilder();

  378. 			$qb->select('uid', 'displayname', 'password')

  379. 				->from($this->table)

  380. 				->where(

  381. 					$qb->expr()->eq(

  382. 						'uid_lower', $qb->createNamedParameter(mb_strtolower($uid))

  383. 					)

  384. 				);

  385. 			$result = $qb->execute();

  386. 			$row = $result->fetch();

  387. 			$result->closeCursor();

  388. 

  389. 			// "uid" is primary key, so there can only be a single result

  390. 			if ($row !== false) {

  391. 				$this->cache[$uid] = [

  392. 					'uid' => (string)$row['uid'],

  393. 					'displayname' => (string)$row['displayname'],

  394. 					'password' => (string)$row['password'],

  395. 				];

  396. 			} else {

  397. 				$this->cache[$uid] = false;

  398. 				return false;

  399. 			}

  400. 		}

  401. 

  402. 		return true;

  403. 	}

  404. 

  405. 	/**

  406. 	 * Get a list of all users

  407. 	 *

  408. 	 * @param string $search

  409. 	 * @param null|int $limit

  410. 	 * @param null|int $offset

  411. 	 * @return string[] an array of all uids

  412. 	 */

  413. 	public function getUsers($search = '', $limit = null, $offset = null) {

  414. 		$limit = $this->fixLimit($limit);

  415. 

  416. 		$users = $this->getDisplayNames($search, $limit, $offset);

  417. 		$userIds = array_map(function ($uid) {

  418. 			return (string)$uid;

  419. 		}, array_keys($users));

  420. 		sort($userIds, SORT_STRING | SORT_FLAG_CASE);

  421. 		return $userIds;

  422. 	}

  423. 

  424. 	/**

  425. 	 * check if a user exists

  426. 	 *

  427. 	 * @param string $uid the username

  428. 	 * @return boolean

  429. 	 */

  430. 	public function userExists($uid) {

  431. 		$this->loadUser($uid);

  432. 		return $this->cache[$uid] !== false;

  433. 	}

  434. 

  435. 	/**

  436. 	 * get the user's home directory

  437. 	 *

  438. 	 * @param string $uid the username

  439. 	 * @return string|false

  440. 	 */

  441. 	public function getHome(string $uid) {

  442. 		if ($this->userExists($uid)) {

  443. 			return \OC::$server->getConfig()->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/' . $uid;

  444. 		}

  445. 

  446. 		return false;

  447. 	}

  448. 

  449. 	/**

  450. 	 * @return bool

  451. 	 */

  452. 	public function hasUserListings() {

  453. 		return true;

  454. 	}

  455. 

  456. 	/**

  457. 	 * counts the users in the database

  458. 	 *

  459. 	 * @return int|bool

  460. 	 */

  461. 	public function countUsers() {

  462. 		$this->fixDI();

  463. 

  464. 		$query = $this->dbConn->getQueryBuilder();

  465. 		$query->select($query->func()->count('uid'))

  466. 			->from($this->table);

  467. 		$result = $query->execute();

  468. 

  469. 		return $result->fetchOne();

  470. 	}

  471. 

  472. 	/**

  473. 	 * returns the username for the given login name in the correct casing

  474. 	 *

  475. 	 * @param string $loginName

  476. 	 * @return string|false

  477. 	 */

  478. 	public function loginName2UserName($loginName) {

  479. 		if ($this->userExists($loginName)) {

  480. 			return $this->cache[$loginName]['uid'];

  481. 		}

  482. 

  483. 		return false;

  484. 	}

  485. 

  486. 	/**

  487. 	 * Backend name to be shown in user management

  488. 	 *

  489. 	 * @return string the name of the backend to be shown

  490. 	 */

  491. 	public function getBackendName() {

  492. 		return 'Database';

  493. 	}

  494. 

  495. 	public static function preLoginNameUsedAsUserName($param) {

  496. 		if (!isset($param['uid'])) {

  497. 			throw new \Exception('key uid is expected to be set in $param');

  498. 		}

  499. 

  500. 		$backends = \OC::$server->getUserManager()->getBackends();

  501. 		foreach ($backends as $backend) {

  502. 			if ($backend instanceof Database) {

  503. 				/** @var \OC\User\Database $backend */

  504. 				$uid = $backend->loginName2UserName($param['uid']);

  505. 				if ($uid !== false) {

  506. 					$param['uid'] = $uid;

  507. 					return;

  508. 				}

  509. 			}

  510. 		}

  511. 	}

  512. 

  513. 	public function getRealUID(string $uid): string {

  514. 		if (!$this->userExists($uid)) {

  515. 			throw new \RuntimeException($uid . ' does not exist');

  516. 		}

  517. 

  518. 		return $this->cache[$uid]['uid'];

  519. 	}

  520. 

  521. 	private function fixLimit($limit) {

  522. 		if (is_int($limit) && $limit >= 0) {

  523. 			return $limit;

  524. 		}

  525. 

  526. 		return null;

  527. 	}

  528. }