summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib/LDAPProvider.php
diff options
context:
space:
mode:
authorVinicius Cubas Brand <viniciuscb@gmail.com>2017-11-02 10:40:38 -0200
committerVinicius Cubas Brand <viniciuscb@gmail.com>2017-11-03 11:41:40 -0200
commit10ca793452e75ecd276589f8ad916f3090ecb441 (patch)
tree2d902024afb03a4f88356b68b97369f86cec8372 /apps/user_ldap/lib/LDAPProvider.php
parent576d31d48d1e368c0ca54a95f28dc3bc0e553d83 (diff)
downloadnextcloud-server-10ca793452e75ecd276589f8ad916f3090ecb441.tar.gz
nextcloud-server-10ca793452e75ecd276589f8ad916f3090ecb441.zip
Plugins infrastructure in User_LDAP
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
Diffstat (limited to 'apps/user_ldap/lib/LDAPProvider.php')
-rw-r--r--apps/user_ldap/lib/LDAPProvider.php139
1 files changed, 121 insertions, 18 deletions
diff --git a/apps/user_ldap/lib/LDAPProvider.php b/apps/user_ldap/lib/LDAPProvider.php
index bf8691006c6..060c478ae38 100644
--- a/apps/user_ldap/lib/LDAPProvider.php
+++ b/apps/user_ldap/lib/LDAPProvider.php
@@ -3,6 +3,10 @@
*
* @copyright Copyright (c) 2016, Roger Szabo (roger.szabo@web.de)
*
+ * @author Roger Szabo <roger.szabo@web.de>
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
@@ -33,7 +37,8 @@ use OCA\User_LDAP\User\DeletedUsersIndex;
*/
class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
- private $backend;
+ private $userBackend;
+ private $groupBackend;
private $logger;
private $helper;
private $deletedUsersIndex;
@@ -47,14 +52,28 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
$this->logger = $serverContainer->getLogger();
$this->helper = $helper;
$this->deletedUsersIndex = $deletedUsersIndex;
+ $userBackendFound = false;
+ $groupBackendFound = false;
foreach ($serverContainer->getUserManager()->getBackends() as $backend){
- $this->logger->debug('instance '.get_class($backend).' backend.', ['app' => 'user_ldap']);
+ $this->logger->debug('instance '.get_class($backend).' user backend.', ['app' => 'user_ldap']);
if ($backend instanceof IUserLDAP) {
- $this->backend = $backend;
- return;
+ $this->userBackend = $backend;
+ $userBackendFound = true;
+ break;
}
}
- throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled');
+ foreach ($serverContainer->getGroupManager()->getBackends() as $backend){
+ $this->logger->debug('instance '.get_class($backend).' group backend.', ['app' => 'user_ldap']);
+ if ($backend instanceof IGroupLDAP) {
+ $this->groupBackend = $backend;
+ $groupBackendFound = true;
+ break;
+ }
+ }
+
+ if (!$userBackendFound or !$groupBackendFound) {
+ throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled');
+ }
}
/**
@@ -64,16 +83,33 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if translation was unsuccessful
*/
public function getUserDN($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- $result = $this->backend->getLDAPAccess($uid)->username2dn($uid);
+ $result = $this->userBackend->getLDAPAccess($uid)->username2dn($uid);
if(!$result){
throw new \Exception('Translation to LDAP DN unsuccessful');
}
return $result;
}
-
+
+ /**
+ * Translate a group id to LDAP DN.
+ * @param string $gid group id
+ * @return string
+ * @throws \Exception
+ */
+ public function getGroupDN($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ $result = $this->groupBackend->getLDAPAccess($gid)->groupname2dn($gid);
+ if(!$result){
+ throw new \Exception('Translation to LDAP DN unsuccessful');
+ }
+ return $result;
+ }
+
/**
* Translate a LDAP DN to an internal user name. If there is no mapping between
* the DN and the user name, a new one will be created.
@@ -82,7 +118,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if translation was unsuccessful
*/
public function getUserName($dn) {
- $result = $this->backend->dn2UserName($dn);
+ $result = $this->userBackend->dn2UserName($dn);
if(!$result){
throw new \Exception('Translation to internal user name unsuccessful');
}
@@ -115,10 +151,24 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPConnection($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getNewLDAPConnection($uid);
+ return $this->userBackend->getNewLDAPConnection($uid);
+ }
+
+ /**
+ * Return a new LDAP connection resource for the specified user.
+ * The connection must be closed manually.
+ * @param string $gid group id
+ * @return resource of the LDAP connection
+ * @throws \Exception if group id was not found in LDAP
+ */
+ public function getGroupLDAPConnection($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ return $this->groupBackend->getNewLDAPConnection($gid);
}
/**
@@ -128,10 +178,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPBaseUsers($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users'];
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users'];
}
/**
@@ -141,10 +191,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPBaseGroups($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups'];
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups'];
}
/**
@@ -153,10 +203,23 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function clearCache($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- $this->backend->getLDAPAccess($uid)->getConnection()->clearCache();
+ $this->userBackend->getLDAPAccess($uid)->getConnection()->clearCache();
+ }
+
+ /**
+ * Clear the cache if a cache is used, otherwise do nothing.
+ * Acts on the LDAP connection of a group
+ * @param string $gid group id
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function clearGroupCache($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ $this->groupBackend->getLDAPAccess($gid)->getConnection()->clearCache();
}
/**
@@ -165,7 +228,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @return bool whether the DN exists
*/
public function dnExists($dn) {
- $result = $this->backend->dn2UserName($dn);
+ $result = $this->userBackend->dn2UserName($dn);
return !$result ? false : true;
}
@@ -184,4 +247,44 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
public function unflagRecord($uid) {
//do nothing
}
+
+ /**
+ * Get the LDAP attribute name for the user's display name
+ * @param string $uid user id
+ * @return string the display name field
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function getLDAPDisplayNameField($uid) {
+ if(!$this->userBackend->userExists($uid)){
+ throw new \Exception('User id not found in LDAP');
+ }
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_display_name'];
+ }
+
+ /**
+ * Get the LDAP attribute name for the email
+ * @param string $uid user id
+ * @return string the email field
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function getLDAPEmailField($uid) {
+ if(!$this->userBackend->userExists($uid)){
+ throw new \Exception('User id not found in LDAP');
+ }
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_email_attr'];
+ }
+
+ /**
+ * Get the LDAP type of association between users and groups
+ * @param string $gid group id
+ * @return string the configuration, one of: 'memberUid', 'uniqueMember', 'member', 'gidNumber'
+ * @throws \Exception if group id was not found in LDAP
+ */
+ public function getLDAPGroupMemberAssoc($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute'];
+ }
+
}