diff options
| author | Juan Pablo Villafáñez <jvillafanez@solidgear.es> | 2016-08-05 10:35:54 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2016-08-19 12:23:41 +0200 |
| commit | 5b4e7520794f9ac080c07c13ca6241313545f1b9 (patch) | |
| tree | 3d4fea32885daff3c99eb7890a3a6a2a6ebaa71f /apps/user_ldap/ajax | |
| parent | 365797d4b41b6a53431a4667ef547ef913a47221 (diff) | |
| download | nextcloud-server-5b4e7520794f9ac080c07c13ca6241313545f1b9.tar.gz nextcloud-server-5b4e7520794f9ac080c07c13ca6241313545f1b9.zip | |
Hide the LDAP password in the client side
Connection checks will be done by using the configuration id, with the
stored password. LDAP password won't be sent to the client.
Diffstat (limited to 'apps/user_ldap/ajax')
| -rw-r--r-- | apps/user_ldap/ajax/getConfiguration.php | 7 | ||||
| -rw-r--r-- | apps/user_ldap/ajax/testConfiguration.php | 16 |
2 files changed, 17 insertions, 6 deletions
diff --git a/apps/user_ldap/ajax/getConfiguration.php b/apps/user_ldap/ajax/getConfiguration.php index 0537349bbeb..34ac97f29e7 100644 --- a/apps/user_ldap/ajax/getConfiguration.php +++ b/apps/user_ldap/ajax/getConfiguration.php @@ -32,4 +32,9 @@ OCP\JSON::callCheck(); $prefix = (string)$_POST['ldap_serverconfig_chooser']; $ldapWrapper = new OCA\User_LDAP\LDAP(); $connection = new \OCA\User_LDAP\Connection($ldapWrapper, $prefix); -OCP\JSON::success(array('configuration' => $connection->getConfiguration())); +$configuration = $connection->getConfiguration(); +if (isset($configuration['ldap_agent_password']) && $configuration['ldap_agent_password'] !== '') { + // hide password + $configuration['ldap_agent_password'] = '**PASSWORD SET**'; +} +OCP\JSON::success(array('configuration' => $configuration)); diff --git a/apps/user_ldap/ajax/testConfiguration.php b/apps/user_ldap/ajax/testConfiguration.php index f73e11d3e21..0416e49767b 100644 --- a/apps/user_ldap/ajax/testConfiguration.php +++ b/apps/user_ldap/ajax/testConfiguration.php @@ -33,12 +33,19 @@ OCP\JSON::callCheck(); $l = \OC::$server->getL10N('user_ldap'); $ldapWrapper = new OCA\User_LDAP\LDAP(); -$connection = new \OCA\User_LDAP\Connection($ldapWrapper, '', null); -//needs to be true, otherwise it will also fail with an irritating message -$_POST['ldap_configuration_active'] = 1; +$connection = new \OCA\User_LDAP\Connection($ldapWrapper, $_POST['ldap_serverconfig_chooser']); + try { - if ($connection->setConfiguration($_POST)) { + $configurationOk = true; + $conf = $connection->getConfiguration(); + if ($conf['ldap_configuration_active'] === '0') { + //needs to be true, otherwise it will also fail with an irritating message + $conf['ldap_configuration_active'] = '1'; + $configurationOk = $connection->setConfiguration($conf); + } + if ($configurationOk) { + //Configuration is okay /* * Clossing the session since it won't be used from this point on. There might be a potential * race condition if a second request is made: either this request or the other might not @@ -46,7 +53,6 @@ try { * problem with that other than the extra connection. */ \OC::$server->getSession()->close(); - //Configuration is okay if ($connection->bind()) { /* * This shiny if block is an ugly hack to find out whether anonymous |