starting to create the ldap group backend (with some inspiration from Yoann Gini) and preparing an general LDAP class

3 files changed, 183 insertions, 0 deletions

diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php
index 5c56ca8191e..4e4da56f054 100644
--- a/apps/user_ldap/appinfo/app.php
+++ b/apps/user_ldap/appinfo/app.php
@@ -21,7 +21,9 @@
 *
 */
 
+require_once('apps/user_ldap/lib_ldap.php');
 require_once('apps/user_ldap/user_ldap.php');
+require_once('apps/user_ldap/group_ldap.php');
 
 OC_APP::registerAdmin('user_ldap','settings');
 
@@ -33,6 +35,7 @@ define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid');
 
 // register user backend
 OC_User::useBackend( 'LDAP' );
+OC_Group::useBackend( 'LDAP' );
 
 // add settings page to navigation
 $entry = array(
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
new file mode 100644
index 00000000000..a55c9064864
--- /dev/null
+++ b/apps/user_ldap/group_ldap.php
@@ -0,0 +1,79 @@
+<?php
+
+/**
+ * ownCloud – LDAP group backend
+ *
+ * @author Arthur Schiwon
+ * @copyright 2012 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+ class OC_GROUP_LDAP extends OC_Group_Backend {
+// 	//group specific settings
+	protected $ldapGroupFilter;
+	protected $ldapGroupDisplayName;
+
+	public function __construct() {
+		$this->ldapGroupFilter      = OC_Appconfig::getValue('user_ldap', 'ldap_group_filter', '(objectClass=posixGroup)');
+		$this->ldapGroupDisplayName = OC_Appconfig::getValue('user_ldap', 'ldap_group_display_name', 'cn');
+	}
+
+	/**
+	 * @brief is user in group?
+	 * @param $uid uid of the user
+	 * @param $gid gid of the group
+	 * @returns true/false
+	 *
+	 * Checks whether the user is member of a group or not.
+	 */
+	public function inGroup($uid, $gid) {
+	}
+
+	/**
+	 * @brief Get all groups a user belongs to
+	 * @param $uid Name of the user
+	 * @returns array with group names
+	 *
+	 * This function fetches all groups a user belongs to. It does not check
+	 * if the user exists at all.
+	 */
+	public function getUserGroups($uid) {
+	}
+
+	/**
+	 * @brief get a list of all users in a group
+	 * @returns array with user ids
+	 */
+	public function getUsersInGroup($gid) {
+	}
+
+	/**
+	 * @brief get a list of all groups
+	 * @returns array with group names
+	 *
+	 * Returns a list with all groups
+	 */
+	public function getGroups() {
+		$groups = OC_LDAP::search($this->ldapGroupFilter, $this->ldapGroupDisplayName);
+
+		if(count($groups) == 0 )
+			return array();
+		else {
+			return array_unique($groups, SORT_LOCALE_STRING);
+		}
+	}
+
+ }
\ No newline at end of file
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
new file mode 100644
index 00000000000..846a7a44cfc
--- /dev/null
+++ b/apps/user_ldap/lib_ldap.php
@@ -0,0 +1,101 @@
+<?php
+
+/**
+ * ownCloud – LDAP lib
+ *
+ * @author Arthur Schiwon
+ * @copyright 2012 Arthur Schiwon blizzz@owncloud.com
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public
+ * License along with this library.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+ class OC_LDAP {
+	static protected $ldapConnectionRes = false;
+	static protected $configured = false;
+
+	//cached settings
+	static protected $ldapHost;
+	static protected $ldapPort;
+	static protected $ldapBase;
+	static protected $ldapAgentName;
+	static protected $ldapAgentPassword;
+	static protected $ldapTLS;
+	static protected $ldapNoCase;
+
+	static public function init() {
+		self::readConfiguration();
+		self::establishConnection();
+	}
+
+	static public function search($filter, $attr = null) {
+		$sr = ldap_search(self::getConnectionResource(), self::$ldapBase, $filter);
+		$findings = ldap_get_entries(self::getConnectionResource(), $sr );
+
+		if(!is_null($attr)) {
+			$selection = array();
+			foreach($findings as $item) {
+				if(isset($item[strtolower($attr)])) {
+					$selection[] = $item[strtolower($attr)][0];
+				}
+			}
+			return $selection;
+		}
+
+		return $findings;
+	}
+
+	static private function getConnectionResource() {
+		if(!self::$ldapConnectionRes) {
+			self::init();
+		}
+		return self::$ldapConnectionRes;
+	}
+
+	static private function readConfiguration() {
+		if(!self::$configured) {
+			self::$ldapHost          = OC_Appconfig::getValue('user_ldap', 'ldap_host', '');
+			self::$ldapPort          = OC_Appconfig::getValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT);
+			self::$ldapAgentName     = OC_Appconfig::getValue('user_ldap', 'ldap_dn','');
+			self::$ldapAgentPassword = OC_Appconfig::getValue('user_ldap', 'ldap_password','');
+			self::$ldapBase          = OC_Appconfig::getValue('user_ldap', 'ldap_base','');
+			self::$ldapTLS           = OC_Appconfig::getValue('user_ldap', 'ldap_tls',0);
+			self::$ldapNoCase        = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
+
+			//TODO: sanity checking
+			self::$configured = true;
+		}
+	}
+
+	static private function establishConnection() {
+		if(!self::$ldapConnectionRes) {
+			self::$ldapConnectionRes = ldap_connect(self::$ldapHost, self::$ldapPort);
+			if(ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+					if(ldap_set_option(self::$ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+						if(self::$ldapTLS) {
+							ldap_start_tls(self::$ldapConnectionRes);
+						}
+					}
+			}
+
+			//TODO: Check if it works. Before, it was outside the resource-condition
+			$ldapLogin = @ldap_bind(self::$ldapConnectionRes, self::$ldapAgentName, self::$ldapAgentPassword );
+			if(!$ldapLogin) {
+				return false;
+			}
+		}
+	}
+
+
+ }
\ No newline at end of file