diff options
author | Arthur Schiwon <blizzz@owncloud.com> | 2012-02-16 17:55:39 +0100 |
---|---|---|
committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-02-20 10:39:55 +0100 |
commit | 7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115 (patch) | |
tree | a6c98ab64634e57bc5eab379694f7fbd15befdc8 | |
parent | 490c9db15da89797eea5c3e30fc9a0790bd60b32 (diff) | |
download | nextcloud-server-7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115.tar.gz nextcloud-server-7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115.zip |
Combing LDAP backend with LDAP extended backend
-rw-r--r-- | apps/user_ldap/appinfo/app.php | 6 | ||||
-rw-r--r-- | apps/user_ldap/templates/settings.php | 3 | ||||
-rw-r--r-- | apps/user_ldap/user_ldap.php | 78 |
3 files changed, 67 insertions, 20 deletions
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php index 3261708f590..5c56ca8191e 100644 --- a/apps/user_ldap/appinfo/app.php +++ b/apps/user_ldap/appinfo/app.php @@ -32,13 +32,13 @@ define('OC_USER_BACKEND_LDAP_DEFAULT_PORT', 389); define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid'); // register user backend -OC_User::useBackend( "LDAP" ); +OC_User::useBackend( 'LDAP' ); // add settings page to navigation $entry = array( - 'id' => "user_ldap_settings", + 'id' => 'user_ldap_settings', 'order'=>1, - 'href' => OC_Helper::linkTo( "user_ldap", "settings.php" ), + 'href' => OC_Helper::linkTo( 'user_ldap', 'settings.php' ), 'name' => 'LDAP' ); // OC_App::addNavigationSubEntry( "core_users", $entry); diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php index 2abb0b47291..5bbd5d4008d 100644 --- a/apps/user_ldap/templates/settings.php +++ b/apps/user_ldap/templates/settings.php @@ -12,6 +12,9 @@ <small><?php echo $l->t('Currently the display name field needs to be the same you matched %%uid against in the filter above, because ownCloud doesn\'t distinguish between user id and user name.');?></small></p> <p><input type="checkbox" id="ldap_tls" name="ldap_tls" value="1"<?php if ($_['ldap_tls']) echo ' checked'; ?>><label for="ldap_tls"><?php echo $l->t('Use TLS');?></label></p> <p><input type="checkbox" id="ldap_nocase" name="ldap_nocase" value="1"<?php if ($_['ldap_nocase']) echo ' checked'; ?>><label for="ldap_nocase"><?php echo $l->t('Case insensitve LDAP server (Windows)');?></label></p> + <p><label for="ldap_quota">Quota Attribute</label><input type="text" id="ldap_quota" name="ldap_quota" value="<?php echo $_['ldap_quota']; ?>" /> + <label for="ldap_quota_def">Quota Default</label><input type="text" id="ldap_quota_def" name="ldap_quota_def" value="<?php echo $_['ldap_quota_def']; ?>" />bytes</p> + <p><label for="ldap_email">Email Attribute</label><input type="text" id="ldap_email" name="ldap_email" value="<?php echo $_['ldap_email']; ?>" /></p> <input type="submit" value="Save" /> </fieldset> </form> diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index 106240e74b8..670d938ea95 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -36,6 +36,12 @@ class OC_USER_LDAP extends OC_User_Backend { protected $ldap_tls; protected $ldap_nocase; protected $ldap_display_name; + protected $ldap_quota; + protected $ldap_quota_def; + protected $ldap_email; + + // will be retrieved from LDAP server + protected $ldap_dc = false; function __construct() { $this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host',''); @@ -47,6 +53,9 @@ class OC_USER_LDAP extends OC_User_Backend { $this->ldap_tls = OC_Appconfig::getValue('user_ldap', 'ldap_tls', 0); $this->ldap_nocase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0); $this->ldap_display_name = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME); + $this->ldap_quota_attr = OC_Appconfig::getValue('user_ldap', 'ldap_quota_attr',''); + $this->ldap_quota_def = OC_Appconfig::getValue('user_ldap', 'ldap_quota_def',''); + $this->ldap_email_attr = OC_Appconfig::getValue('user_ldap', 'ldap_email_attr',''); if( !empty($this->ldap_host) && !empty($this->ldap_port) @@ -66,6 +75,28 @@ class OC_USER_LDAP extends OC_User_Backend { ldap_unbind($this->ds); } + private function setQuota( $uid ) { + if( !$this->ldap_dc ) + return false; + + $quota = $this->ldap_dc[$this->ldap_quota_attr][0]; + $quota = $quota != -1 ? $quota : $this->ldap_quota_def; + OC_Preferences::setValue($uid, 'files', 'quota', $quota); + } + + private function setEmail( $uid ) { + if( !$this->ldap_dc ) + return false; + + $email = OC_Preferences::getValue($uid, 'settings', 'email', ''); + if ( !empty( $email ) ) + return false; + + $email = $this->ldap_dc[$this->ldap_email_attr][0]; + OC_Preferences::setValue($uid, 'settings', 'email', $email); + } + + //Connect to LDAP and store the resource private function getDs() { if(!$this->ds) { $this->ds = ldap_connect( $this->ldap_host, $this->ldap_port ); @@ -74,18 +105,19 @@ class OC_USER_LDAP extends OC_User_Backend { if($this->ldap_tls) ldap_start_tls($this->ds); } - + //TODO: Not necessary to perform a bind each time, is it? // login if(!empty($this->ldap_dn)) { $ldap_login = @ldap_bind( $this->ds, $this->ldap_dn, $this->ldap_password ); - if(!$ldap_login) + if(!$ldap_login) { return false; + } } return $this->ds; } - private function getDn( $uid ) { + private function getDc( $uid ) { if(!$this->configured) return false; @@ -99,31 +131,43 @@ class OC_USER_LDAP extends OC_User_Backend { $sr = ldap_search( $this->getDs(), $this->ldap_base, $filter ); $entries = ldap_get_entries( $this->getDs(), $sr ); - if( $entries['count'] == 0 ) + if( $entries['count'] == 0 ) { return false; + } + + $this->ldap_dc = $entries[0]; - return $entries[0]['dn']; + return $this->ldap_dc; } public function checkPassword( $uid, $password ) { if(!$this->configured){ return false; } - $dn = $this->getDn( $uid ); - if( !$dn ) + $dc = $this->getDc( $uid ); + if( !$dc ) return false; - if (!@ldap_bind( $this->getDs(), $dn, $password )) + if (!@ldap_bind( $this->getDs(), $dc['dn'], $password )) { return false; - + } + + if(!empty($this->ldap_quota) && !empty($this->ldap_quota_def)) { + $this->setQuota($uid); + } + + if(!empty($this->ldap_email_attr)) { + $this->setEmail($uid); + } + if($this->ldap_nocase) { $filter = str_replace('%uid', $uid, $this->ldap_filter); $sr = ldap_search( $this->getDs(), $this->ldap_base, $filter ); $entries = ldap_get_entries( $this->getDs(), $sr ); if( $entries['count'] == 1 ) { foreach($entries as $row) { - $ldap_display_name = strtolower($this->ldap_display_name); - if(isset($row[$ldap_display_name])) { + $ldap_display_name = strtolower($this->ldap_display_name); + if(isset($row[$ldap_display_name])) { return $row[$ldap_display_name][0]; } } @@ -131,12 +175,12 @@ class OC_USER_LDAP extends OC_User_Backend { else { return $uid; } - + } else { return $uid; } - + } public function userExists( $uid ) { @@ -146,17 +190,17 @@ class OC_USER_LDAP extends OC_User_Backend { $dn = $this->getDn($uid); return !empty($dn); } - + public function getUsers() { if(!$this->configured) return false; - + // connect to server $ds = $this->getDs(); if( !$ds ) return false; - + // get users $filter = 'objectClass=person'; $sr = ldap_search( $this->getDs(), $this->ldap_base, $filter ); @@ -169,7 +213,7 @@ class OC_USER_LDAP extends OC_User_Backend { // TODO ldap_get_entries() seems to lower all keys => needs review $ldap_display_name = strtolower($this->ldap_display_name); if(isset($row[$ldap_display_name])) { - $users[] = $row[$ldap_display_name][0]; + $users[] = $row[$ldap_display_name][0]; } } // TODO language specific sorting of user names |