aboutsummaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib
diff options
context:
space:
mode:
authorVinicius Cubas Brand <viniciuscb@gmail.com>2017-11-02 10:40:38 -0200
committerVinicius Cubas Brand <viniciuscb@gmail.com>2017-11-03 11:41:40 -0200
commit10ca793452e75ecd276589f8ad916f3090ecb441 (patch)
tree2d902024afb03a4f88356b68b97369f86cec8372 /apps/user_ldap/lib
parent576d31d48d1e368c0ca54a95f28dc3bc0e553d83 (diff)
downloadnextcloud-server-10ca793452e75ecd276589f8ad916f3090ecb441.tar.gz
nextcloud-server-10ca793452e75ecd276589f8ad916f3090ecb441.zip
Plugins infrastructure in User_LDAP
Signed-off-by: Vinicius Cubas Brand <viniciuscb@gmail.com>
Diffstat (limited to 'apps/user_ldap/lib')
-rw-r--r--apps/user_ldap/lib/Command/Search.php5
-rw-r--r--apps/user_ldap/lib/GroupPluginManager.php169
-rw-r--r--apps/user_ldap/lib/Group_LDAP.php116
-rw-r--r--apps/user_ldap/lib/Group_Proxy.php76
-rw-r--r--apps/user_ldap/lib/Helper.php4
-rw-r--r--apps/user_ldap/lib/IGroupLDAP.php45
-rw-r--r--apps/user_ldap/lib/ILDAPGroupPlugin.php88
-rw-r--r--apps/user_ldap/lib/ILDAPUserPlugin.php93
-rw-r--r--apps/user_ldap/lib/ILDAPWrapper.php2
-rw-r--r--apps/user_ldap/lib/Jobs/CleanUp.php3
-rw-r--r--apps/user_ldap/lib/Jobs/UpdateGroups.php4
-rw-r--r--apps/user_ldap/lib/LDAPProvider.php139
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFixGroup.php3
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFixUser.php3
-rw-r--r--apps/user_ldap/lib/UserPluginManager.php208
-rw-r--r--apps/user_ldap/lib/User_LDAP.php62
-rw-r--r--apps/user_ldap/lib/User_Proxy.php31
17 files changed, 1009 insertions, 42 deletions
diff --git a/apps/user_ldap/lib/Command/Search.php b/apps/user_ldap/lib/Command/Search.php
index d348d5b31c9..4b2212a43c9 100644
--- a/apps/user_ldap/lib/Command/Search.php
+++ b/apps/user_ldap/lib/Command/Search.php
@@ -111,7 +111,7 @@ class Search extends Command {
$this->validateOffsetAndLimit($offset, $limit);
if($input->getOption('group')) {
- $proxy = new Group_Proxy($configPrefixes, $ldapWrapper);
+ $proxy = new Group_Proxy($configPrefixes, $ldapWrapper, \OC::$server->query('LDAPGroupPluginManager'));
$getMethod = 'getGroups';
$printID = false;
// convert the limit of groups to null. This will show all the groups available instead of
@@ -125,7 +125,8 @@ class Search extends Command {
$ldapWrapper,
$this->ocConfig,
\OC::$server->getNotificationManager(),
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ \OC::$server->query('LDAPUserPluginManager')
);
$getMethod = 'getDisplayNames';
$printID = true;
diff --git a/apps/user_ldap/lib/GroupPluginManager.php b/apps/user_ldap/lib/GroupPluginManager.php
new file mode 100644
index 00000000000..6250ae6be04
--- /dev/null
+++ b/apps/user_ldap/lib/GroupPluginManager.php
@@ -0,0 +1,169 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br)
+ *
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\User_LDAP;
+
+use OC\Group\Backend;
+
+class GroupPluginManager {
+
+ private $respondToActions = 0;
+
+ private $which = array(
+ Backend::CREATE_GROUP => null,
+ Backend::DELETE_GROUP => null,
+ Backend::ADD_TO_GROUP => null,
+ Backend::REMOVE_FROM_GROUP => null,
+ Backend::COUNT_USERS => null,
+ Backend::GROUP_DETAILS => null
+ );
+
+ /**
+ * @return int All implemented actions
+ */
+ public function getImplementedActions() {
+ return $this->respondToActions;
+ }
+
+ /**
+ * Registers a group plugin that may implement some actions, overriding User_LDAP's group actions.
+ * @param ILDAPGroupPlugin $plugin
+ */
+ public function register(ILDAPGroupPlugin $plugin) {
+ $respondToActions = $plugin->respondToActions();
+ $this->respondToActions |= $respondToActions;
+
+ foreach($this->which as $action => $v) {
+ if ((bool)($respondToActions & $action)) {
+ $this->which[$action] = $plugin;
+ \OC::$server->getLogger()->debug("Registered action ".$action." to plugin ".get_class($plugin), ['app' => 'user_ldap']);
+ }
+ }
+ }
+
+ /**
+ * Signal if there is a registered plugin that implements some given actions
+ * @param int $action Actions defined in \OC\Group\Backend, like Backend::REMOVE_FROM_GROUP
+ * @return bool
+ */
+ public function implementsActions($actions) {
+ return ($actions & $this->respondToActions) == $actions;
+ }
+
+ /**
+ * Create a group
+ * @param string $gid Group Id
+ * @return string | null The group DN if group creation was successful.
+ * @throws \Exception
+ */
+ public function createGroup($gid) {
+ $plugin = $this->which[Backend::CREATE_GROUP];
+
+ if ($plugin) {
+ return $plugin->createGroup($gid);
+ }
+ throw new \Exception('No plugin implements createGroup in this LDAP Backend.');
+ }
+
+ /**
+ * Delete a group
+ * @param string $gid Group Id of the group to delete
+ * @return bool
+ * @throws \Exception
+ */
+ public function deleteGroup($gid) {
+ $plugin = $this->which[Backend::DELETE_GROUP];
+
+ if ($plugin) {
+ return $plugin->deleteGroup($gid);
+ }
+ throw new \Exception('No plugin implements deleteGroup in this LDAP Backend.');
+ }
+
+ /**
+ * Add a user to a group
+ * @param string $uid ID of the user to add to group
+ * @param string $gid ID of the group in which add the user
+ * @return bool
+ * @throws \Exception
+ *
+ * Adds a user to a group.
+ */
+ public function addToGroup($uid, $gid) {
+ $plugin = $this->which[Backend::ADD_TO_GROUP];
+
+ if ($plugin) {
+ return $plugin->addToGroup($uid, $gid);
+ }
+ throw new \Exception('No plugin implements addToGroup in this LDAP Backend.');
+ }
+
+ /**
+ * Removes a user from a group
+ * @param string $uid ID of the user to remove from group
+ * @param string $gid ID of the group from which remove the user
+ * @return bool
+ * @throws \Exception
+ *
+ * removes the user from a group.
+ */
+ public function removeFromGroup($uid, $gid) {
+ $plugin = $this->which[Backend::REMOVE_FROM_GROUP];
+
+ if ($plugin) {
+ return $plugin->removeFromGroup($uid, $gid);
+ }
+ throw new \Exception('No plugin implements removeFromGroup in this LDAP Backend.');
+ }
+
+ /**
+ * get the number of all users matching the search string in a group
+ * @param string $gid ID of the group
+ * @param string $search query string
+ * @return int|false
+ * @throws \Exception
+ */
+ public function countUsersInGroup($gid, $search = '') {
+ $plugin = $this->which[Backend::COUNT_USERS];
+
+ if ($plugin) {
+ return $plugin->countUsersInGroup($gid,$search);
+ }
+ throw new \Exception('No plugin implements countUsersInGroup in this LDAP Backend.');
+ }
+
+ /**
+ * get an array with group details
+ * @param string $gid
+ * @return array|false
+ * @throws \Exception
+ */
+ public function getGroupDetails($gid) {
+ $plugin = $this->which[Backend::GROUP_DETAILS];
+
+ if ($plugin) {
+ return $plugin->getGroupDetails($gid);
+ }
+ throw new \Exception('No plugin implements getGroupDetails in this LDAP Backend.');
+ }
+}
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 55d31649f10..39519cc462a 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -39,8 +39,9 @@
namespace OCA\User_LDAP;
use OC\Cache\CappedMemoryCache;
+use OC\Group\Backend;
-class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
+class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLDAP {
protected $enabled = false;
/**
@@ -53,7 +54,10 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
*/
protected $cachedGroupsByMember;
- public function __construct(Access $access) {
+ /** @var GroupPluginManager */
+ protected $groupPluginManager;
+
+ public function __construct(Access $access, GroupPluginManager $groupPluginManager) {
parent::__construct($access);
$filter = $this->access->connection->ldapGroupFilter;
$gassoc = $this->access->connection->ldapGroupMemberAssocAttr;
@@ -63,6 +67,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
$this->cachedGroupMembers = new CappedMemoryCache();
$this->cachedGroupsByMember = new CappedMemoryCache();
+ $this->groupPluginManager = $groupPluginManager;
}
/**
@@ -860,6 +865,10 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
* @return int|bool
*/
public function countUsersInGroup($gid, $search = '') {
+ if ($this->groupPluginManager->implementsActions(Backend::COUNT_USERS)) {
+ return $this->groupPluginManager->countUsersInGroup($gid, $search);
+ }
+
$cacheKey = 'countUsersInGroup-'.$gid.'-'.$search;
if(!$this->enabled || !$this->groupExists($gid)) {
return false;
@@ -1067,17 +1076,114 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
* @return boolean
*
* Returns the supported actions as int to be
- * compared with \OC\User\Backend::CREATE_USER etc.
+ * compared with \OC\Group\Backend::CREATE_GROUP etc.
*/
public function implementsActions($actions) {
- return (bool)(\OC\Group\Backend::COUNT_USERS & $actions);
+ return (bool)((\OC\Group\Backend::COUNT_USERS |
+ $this->groupPluginManager->getImplementedActions()) & $actions);
}
/**
* Return access for LDAP interaction.
* @return Access instance of Access for LDAP interaction
*/
- public function getLDAPAccess() {
+ public function getLDAPAccess($gid) {
return $this->access;
}
+
+ /**
+ * create a group
+ * @param string $gid
+ * @return bool
+ * @throws \Exception
+ */
+ public function createGroup($gid) {
+ if ($this->groupPluginManager->implementsActions(Backend::CREATE_GROUP)) {
+ if ($dn = $this->groupPluginManager->createGroup($gid)) {
+ //updates group mapping
+ $this->access->dn2ocname($dn, $gid, false);
+ $this->access->connection->writeToCache("groupExists".$gid, true);
+ }
+ return $dn != null;
+ }
+ throw new \Exception('Could not create group in LDAP backend.');
+ }
+
+ /**
+ * delete a group
+ * @param string $gid gid of the group to delete
+ * @return bool
+ * @throws \Exception
+ */
+ public function deleteGroup($gid) {
+ if ($this->groupPluginManager->implementsActions(Backend::DELETE_GROUP)) {
+ if ($ret = $this->groupPluginManager->deleteGroup($gid)) {
+ #delete group in nextcloud internal db
+ $this->access->getGroupMapper()->unmap($gid);
+ $this->access->connection->writeToCache("groupExists".$gid, false);
+ }
+ return $ret;
+ }
+ throw new \Exception('Could not delete group in LDAP backend.');
+ }
+
+ /**
+ * Add a user to a group
+ * @param string $uid Name of the user to add to group
+ * @param string $gid Name of the group in which add the user
+ * @return bool
+ * @throws \Exception
+ */
+ public function addToGroup($uid, $gid) {
+ if ($this->groupPluginManager->implementsActions(Backend::ADD_TO_GROUP)) {
+ if ($ret = $this->groupPluginManager->addToGroup($uid, $gid)) {
+ #$this->access->connection->clearCache();
+ }
+ return $ret;
+ }
+ throw new \Exception('Could not add user to group in LDAP backend.');
+ }
+
+ /**
+ * Removes a user from a group
+ * @param string $uid Name of the user to remove from group
+ * @param string $gid Name of the group from which remove the user
+ * @return bool
+ * @throws \Exception
+ */
+ public function removeFromGroup($uid, $gid) {
+ if ($this->groupPluginManager->implementsActions(Backend::REMOVE_FROM_GROUP)) {
+ if ($ret = $this->groupPluginManager->removeFromGroup($uid, $gid)) {
+ #$this->access->connection->clearCache();
+ }
+ return $ret;
+ }
+ throw new \Exception('Could not remove user from group in LDAP backend.');
+ }
+
+ /**
+ * Gets group details
+ * @param string $gid Name of the group
+ * @return array | false
+ * @throws \Exception
+ */
+ public function getGroupDetails($gid) {
+ if ($this->groupPluginManager->implementsActions(Backend::GROUP_DETAILS)) {
+ return $this->groupPluginManager->getGroupDetails($gid);
+ }
+ throw new \Exception('Could not get group details in LDAP backend.');
+ }
+
+ /**
+ * Return LDAP connection resource from a cloned connection.
+ * The cloned connection needs to be closed manually.
+ * of the current access.
+ * @param string $gid
+ * @return resource of the LDAP connection
+ */
+ public function getNewLDAPConnection($gid) {
+ $connection = clone $this->access->getConnection();
+ return $connection->getConnectionResource();
+ }
+
}
diff --git a/apps/user_ldap/lib/Group_Proxy.php b/apps/user_ldap/lib/Group_Proxy.php
index e546c84a90c..9902035faf0 100644
--- a/apps/user_ldap/lib/Group_Proxy.php
+++ b/apps/user_ldap/lib/Group_Proxy.php
@@ -26,7 +26,7 @@
namespace OCA\User_LDAP;
-class Group_Proxy extends Proxy implements \OCP\GroupInterface {
+class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP {
private $backends = array();
private $refBackend = null;
@@ -34,11 +34,11 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
* Constructor
* @param string[] $serverConfigPrefixes array containing the config Prefixes
*/
- public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap) {
+ public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap, GroupPluginManager $groupPluginManager) {
parent::__construct($ldap);
foreach($serverConfigPrefixes as $configPrefix) {
$this->backends[$configPrefix] =
- new \OCA\User_LDAP\Group_LDAP($this->getAccess($configPrefix));
+ new \OCA\User_LDAP\Group_LDAP($this->getAccess($configPrefix), $groupPluginManager);
if(is_null($this->refBackend)) {
$this->refBackend = &$this->backends[$configPrefix];
}
@@ -146,6 +146,51 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
}
/**
+ * @param string $gid
+ * @return bool
+ */
+ public function createGroup($gid) {
+ return $this->handleRequest(
+ $gid, 'createGroup', array($gid));
+ }
+
+ /**
+ * delete a group
+ * @param string $gid gid of the group to delete
+ * @return bool
+ */
+ public function deleteGroup($gid) {
+ return $this->handleRequest(
+ $gid, 'deleteGroup', array($gid));
+ }
+
+ /**
+ * Add a user to a group
+ * @param string $uid Name of the user to add to group
+ * @param string $gid Name of the group in which add the user
+ * @return bool
+ *
+ * Adds a user to a group.
+ */
+ public function addToGroup($uid, $gid) {
+ return $this->handleRequest(
+ $gid, 'addToGroup', array($uid, $gid));
+ }
+
+ /**
+ * Removes a user from a group
+ * @param string $uid Name of the user to remove from group
+ * @param string $gid Name of the group from which remove the user
+ * @return bool
+ *
+ * removes the user from a group.
+ */
+ public function removeFromGroup($uid, $gid) {
+ return $this->handleRequest(
+ $gid, 'removeFromGroup', array($uid, $gid));
+ }
+
+ /**
* returns the number of users in a group, who match the search term
* @param string $gid the internal group name
* @param string $search optional, a search string
@@ -157,6 +202,16 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
}
/**
+ * get an array with group details
+ * @param string $gid
+ * @return array|false
+ */
+ public function getGroupDetails($gid) {
+ return $this->handleRequest(
+ $gid, 'getGroupDetails', array($gid));
+ }
+
+ /**
* get a list of all groups
* @return string[] with group names
*
@@ -190,7 +245,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
* @return boolean
*
* Returns the supported actions as int to be
- * compared with \OC\User\Backend::CREATE_USER etc.
+ * compared with \OC\Group\Backend::CREATE_GROUP etc.
*/
public function implementsActions($actions) {
//it's the same across all our user backends obviously
@@ -203,6 +258,17 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
* @return Access instance of Access for LDAP interaction
*/
public function getLDAPAccess($gid) {
- return $this->handleRequest($gid, 'getLDAPAccess', []);
+ return $this->handleRequest($gid, 'getLDAPAccess', [$gid]);
}
+
+ /**
+ * Return a new LDAP connection for the specified group.
+ * The connection needs to be closed manually.
+ * @param string $gid
+ * @return resource of the LDAP connection
+ */
+ public function getNewLDAPConnection($gid) {
+ return $this->handleRequest($gid, 'getNewLDAPConnection', array($gid));
+ }
+
}
diff --git a/apps/user_ldap/lib/Helper.php b/apps/user_ldap/lib/Helper.php
index 891ab7f0a3a..ce65ee29099 100644
--- a/apps/user_ldap/lib/Helper.php
+++ b/apps/user_ldap/lib/Helper.php
@@ -294,10 +294,12 @@ class Helper {
$ldapWrapper = new LDAP();
$ocConfig = \OC::$server->getConfig();
$notificationManager = \OC::$server->getNotificationManager();
+
$userSession = \OC::$server->getUserSession();
+ $userPluginManager = \OC::$server->query('LDAPUserPluginManager');
$userBackend = new User_Proxy(
- $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession
+ $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession, $userPluginManager
);
$uid = $userBackend->loginName2UserName($param['uid'] );
if($uid !== false) {
diff --git a/apps/user_ldap/lib/IGroupLDAP.php b/apps/user_ldap/lib/IGroupLDAP.php
new file mode 100644
index 00000000000..378e182fb68
--- /dev/null
+++ b/apps/user_ldap/lib/IGroupLDAP.php
@@ -0,0 +1,45 @@
+<?php
+/**
+ *
+ * @copyright Copyright (c) 2017, EITA Cooperative (eita.org.br)
+ *
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\User_LDAP;
+
+interface IGroupLDAP {
+
+ //Used by LDAPProvider
+
+ /**
+ * Return access for LDAP interaction.
+ * @param string $gid
+ * @return Access instance of Access for LDAP interaction
+ */
+ public function getLDAPAccess($gid);
+
+ /**
+ * Return a new LDAP connection for the specified group.
+ * @param string $gid
+ * @return resource of the LDAP connection
+ */
+ public function getNewLDAPConnection($gid);
+
+}
diff --git a/apps/user_ldap/lib/ILDAPGroupPlugin.php b/apps/user_ldap/lib/ILDAPGroupPlugin.php
new file mode 100644
index 00000000000..468424a560d
--- /dev/null
+++ b/apps/user_ldap/lib/ILDAPGroupPlugin.php
@@ -0,0 +1,88 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br)
+ *
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\User_LDAP;
+
+
+interface ILDAPGroupPlugin {
+
+ /**
+ * Check if plugin implements actions
+ * @return int
+ *
+ * Returns the supported actions as int to be
+ * compared with OC_GROUP_BACKEND_CREATE_GROUP etc.
+ */
+ public function respondToActions();
+
+ /**
+ * @param string $gid
+ * @return string|null The group DN if group creation was successful.
+ */
+ public function createGroup($gid);
+
+ /**
+ * delete a group
+ * @param string $gid gid of the group to delete
+ * @return bool
+ */
+ public function deleteGroup($gid);
+
+ /**
+ * Add a user to a group
+ * @param string $uid Name of the user to add to group
+ * @param string $gid Name of the group in which add the user
+ * @return bool
+ *
+ * Adds a user to a group.
+ */
+ public function addToGroup($uid, $gid);
+
+ /**
+ * Removes a user from a group
+ * @param string $uid Name of the user to remove from group
+ * @param string $gid Name of the group from which remove the user
+ * @return bool
+ *
+ * removes the user from a group.
+ */
+ public function removeFromGroup($uid, $gid);
+
+ /**
+ * get the number of all users matching the search string in a group
+ * @param string $gid
+ * @param string $search
+ * @return int|false
+ */
+ public function countUsersInGroup($gid, $search = '');
+
+ /**
+ * get an array with group details
+ * @param string $gid
+ * @return array|false
+ */
+ public function getGroupDetails($gid);
+
+
+
+}
diff --git a/apps/user_ldap/lib/ILDAPUserPlugin.php b/apps/user_ldap/lib/ILDAPUserPlugin.php
new file mode 100644
index 00000000000..d2e8544c8a5
--- /dev/null
+++ b/apps/user_ldap/lib/ILDAPUserPlugin.php
@@ -0,0 +1,93 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br)
+ *
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\User_LDAP;
+
+
+interface ILDAPUserPlugin {
+
+ /**
+ * Check if plugin implements actions
+ * @return int
+ *
+ * Returns the supported actions as int to be
+ * compared with OC_USER_BACKEND_CREATE_USER etc.
+ */
+ public function respondToActions();
+
+ /**
+ * Create a new user in LDAP Backend
+ *
+ * @param string $uid The UID of the user to create
+ * @param string $password The password of the new user
+ * @return bool
+ */
+ public function createUser($uid, $password);
+
+ /**
+ * Set password
+ *
+ * @param string $uid The username
+ * @param string $password The new password
+ * @return bool
+ *
+ * Change the password of a user
+ */
+ public function setPassword($uid, $password);
+
+ /**
+ * get the user's home directory
+ * @param string $uid the username
+ * @return boolean
+ */
+ public function getHome($uid);
+
+ /**
+ * get display name of the user
+ * @param string $uid user ID of the user
+ * @return string display name
+ */
+ public function getDisplayName($uid);
+
+ /**
+ * set display name of the user
+ * @param string $uid user ID of the user
+ * @param string $displayName new user's display name
+ * @return string display name
+ */
+ public function setDisplayName($uid, $displayName);
+
+ /**
+ * checks whether the user is allowed to change his avatar in Nextcloud
+ * @param string $uid the Nextcloud user name
+ * @return boolean either the user can or cannot
+ */
+ public function canChangeAvatar($uid);
+
+ /**
+ * Count the number of users
+ * @return int|bool
+ */
+ public function countUsers();
+
+}
diff --git a/apps/user_ldap/lib/ILDAPWrapper.php b/apps/user_ldap/lib/ILDAPWrapper.php
index 71dd60c3725..e5969cc2986 100644
--- a/apps/user_ldap/lib/ILDAPWrapper.php
+++ b/apps/user_ldap/lib/ILDAPWrapper.php
@@ -163,7 +163,7 @@ interface ILDAPWrapper {
* @return resource|false an LDAP search result resource, false on error
*/
public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0);
-
+
/**
* Replace the value of a userPassword by $password
* @param resource $link LDAP link resource
diff --git a/apps/user_ldap/lib/Jobs/CleanUp.php b/apps/user_ldap/lib/Jobs/CleanUp.php
index 44e8f5469f1..92bca036b2e 100644
--- a/apps/user_ldap/lib/Jobs/CleanUp.php
+++ b/apps/user_ldap/lib/Jobs/CleanUp.php
@@ -100,7 +100,8 @@ class CleanUp extends TimedJob {
new LDAP(),
$this->ocConfig,
\OC::$server->getNotificationManager(),
- \OC::$server->getUserSession()
+ \OC::$server->getUserSession(),
+ \OC::$server->query('LDAPUserPluginManager')
);
}
diff --git a/apps/user_ldap/lib/Jobs/UpdateGroups.php b/apps/user_ldap/lib/Jobs/UpdateGroups.php
index 4c9a06a5f68..7e4f0c0c1be 100644
--- a/apps/user_ldap/lib/Jobs/UpdateGroups.php
+++ b/apps/user_ldap/lib/Jobs/UpdateGroups.php
@@ -193,9 +193,9 @@ class UpdateGroups extends \OC\BackgroundJob\TimedJob {
$userMapper = new UserMapping($dbc);
$ldapAccess->setGroupMapper($groupMapper);
$ldapAccess->setUserMapper($userMapper);
- self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess);
+ self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess, \OC::$server->query('LDAPGroupPluginManager'));
} else {
- self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper);
+ self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper, \OC::$server->query('LDAPGroupPluginManager'));
}
return self::$groupBE;
diff --git a/apps/user_ldap/lib/LDAPProvider.php b/apps/user_ldap/lib/LDAPProvider.php
index bf8691006c6..060c478ae38 100644
--- a/apps/user_ldap/lib/LDAPProvider.php
+++ b/apps/user_ldap/lib/LDAPProvider.php
@@ -3,6 +3,10 @@
*
* @copyright Copyright (c) 2016, Roger Szabo (roger.szabo@web.de)
*
+ * @author Roger Szabo <roger.szabo@web.de>
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
@@ -33,7 +37,8 @@ use OCA\User_LDAP\User\DeletedUsersIndex;
*/
class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
- private $backend;
+ private $userBackend;
+ private $groupBackend;
private $logger;
private $helper;
private $deletedUsersIndex;
@@ -47,14 +52,28 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
$this->logger = $serverContainer->getLogger();
$this->helper = $helper;
$this->deletedUsersIndex = $deletedUsersIndex;
+ $userBackendFound = false;
+ $groupBackendFound = false;
foreach ($serverContainer->getUserManager()->getBackends() as $backend){
- $this->logger->debug('instance '.get_class($backend).' backend.', ['app' => 'user_ldap']);
+ $this->logger->debug('instance '.get_class($backend).' user backend.', ['app' => 'user_ldap']);
if ($backend instanceof IUserLDAP) {
- $this->backend = $backend;
- return;
+ $this->userBackend = $backend;
+ $userBackendFound = true;
+ break;
}
}
- throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled');
+ foreach ($serverContainer->getGroupManager()->getBackends() as $backend){
+ $this->logger->debug('instance '.get_class($backend).' group backend.', ['app' => 'user_ldap']);
+ if ($backend instanceof IGroupLDAP) {
+ $this->groupBackend = $backend;
+ $groupBackendFound = true;
+ break;
+ }
+ }
+
+ if (!$userBackendFound or !$groupBackendFound) {
+ throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled');
+ }
}
/**
@@ -64,16 +83,33 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if translation was unsuccessful
*/
public function getUserDN($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- $result = $this->backend->getLDAPAccess($uid)->username2dn($uid);
+ $result = $this->userBackend->getLDAPAccess($uid)->username2dn($uid);
if(!$result){
throw new \Exception('Translation to LDAP DN unsuccessful');
}
return $result;
}
-
+
+ /**
+ * Translate a group id to LDAP DN.
+ * @param string $gid group id
+ * @return string
+ * @throws \Exception
+ */
+ public function getGroupDN($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ $result = $this->groupBackend->getLDAPAccess($gid)->groupname2dn($gid);
+ if(!$result){
+ throw new \Exception('Translation to LDAP DN unsuccessful');
+ }
+ return $result;
+ }
+
/**
* Translate a LDAP DN to an internal user name. If there is no mapping between
* the DN and the user name, a new one will be created.
@@ -82,7 +118,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if translation was unsuccessful
*/
public function getUserName($dn) {
- $result = $this->backend->dn2UserName($dn);
+ $result = $this->userBackend->dn2UserName($dn);
if(!$result){
throw new \Exception('Translation to internal user name unsuccessful');
}
@@ -115,10 +151,24 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPConnection($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getNewLDAPConnection($uid);
+ return $this->userBackend->getNewLDAPConnection($uid);
+ }
+
+ /**
+ * Return a new LDAP connection resource for the specified user.
+ * The connection must be closed manually.
+ * @param string $gid group id
+ * @return resource of the LDAP connection
+ * @throws \Exception if group id was not found in LDAP
+ */
+ public function getGroupLDAPConnection($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ return $this->groupBackend->getNewLDAPConnection($gid);
}
/**
@@ -128,10 +178,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPBaseUsers($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users'];
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users'];
}
/**
@@ -141,10 +191,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function getLDAPBaseGroups($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups'];
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups'];
}
/**
@@ -153,10 +203,23 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @throws \Exception if user id was not found in LDAP
*/
public function clearCache($uid) {
- if(!$this->backend->userExists($uid)){
+ if(!$this->userBackend->userExists($uid)){
throw new \Exception('User id not found in LDAP');
}
- $this->backend->getLDAPAccess($uid)->getConnection()->clearCache();
+ $this->userBackend->getLDAPAccess($uid)->getConnection()->clearCache();
+ }
+
+ /**
+ * Clear the cache if a cache is used, otherwise do nothing.
+ * Acts on the LDAP connection of a group
+ * @param string $gid group id
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function clearGroupCache($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ $this->groupBackend->getLDAPAccess($gid)->getConnection()->clearCache();
}
/**
@@ -165,7 +228,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
* @return bool whether the DN exists
*/
public function dnExists($dn) {
- $result = $this->backend->dn2UserName($dn);
+ $result = $this->userBackend->dn2UserName($dn);
return !$result ? false : true;
}
@@ -184,4 +247,44 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
public function unflagRecord($uid) {
//do nothing
}
+
+ /**
+ * Get the LDAP attribute name for the user's display name
+ * @param string $uid user id
+ * @return string the display name field
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function getLDAPDisplayNameField($uid) {
+ if(!$this->userBackend->userExists($uid)){
+ throw new \Exception('User id not found in LDAP');
+ }
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_display_name'];
+ }
+
+ /**
+ * Get the LDAP attribute name for the email
+ * @param string $uid user id
+ * @return string the email field
+ * @throws \Exception if user id was not found in LDAP
+ */
+ public function getLDAPEmailField($uid) {
+ if(!$this->userBackend->userExists($uid)){
+ throw new \Exception('User id not found in LDAP');
+ }
+ return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_email_attr'];
+ }
+
+ /**
+ * Get the LDAP type of association between users and groups
+ * @param string $gid group id
+ * @return string the configuration, one of: 'memberUid', 'uniqueMember', 'member', 'gidNumber'
+ * @throws \Exception if group id was not found in LDAP
+ */
+ public function getLDAPGroupMemberAssoc($gid) {
+ if(!$this->groupBackend->groupExists($gid)){
+ throw new \Exception('Group id not found in LDAP');
+ }
+ return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute'];
+ }
+
}
diff --git a/apps/user_ldap/lib/Migration/UUIDFixGroup.php b/apps/user_ldap/lib/Migration/UUIDFixGroup.php
index 9ea406efadf..94e0778b9a9 100644
--- a/apps/user_ldap/lib/Migration/UUIDFixGroup.php
+++ b/apps/user_ldap/lib/Migration/UUIDFixGroup.php
@@ -33,6 +33,7 @@ class UUIDFixGroup extends UUIDFix {
public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {
$this->mapper = $mapper;
$this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config,
- \OC::$server->getNotificationManager(), \OC::$server->getUserSession());
+ \OC::$server->getNotificationManager(), \OC::$server->getUserSession(),
+ \OC::$server->query('LDAPUserPluginManager'));
}
}
diff --git a/apps/user_ldap/lib/Migration/UUIDFixUser.php b/apps/user_ldap/lib/Migration/UUIDFixUser.php
index ee1457dcccb..68003fd118f 100644
--- a/apps/user_ldap/lib/Migration/UUIDFixUser.php
+++ b/apps/user_ldap/lib/Migration/UUIDFixUser.php
@@ -32,6 +32,7 @@ use OCP\IConfig;
class UUIDFixUser extends UUIDFix {
public function __construct(UserMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {
$this->mapper = $mapper;
- $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config);
+ $groupPluginManager = \OC::$server->query('LDAPGroupPluginManager');
+ $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $groupPluginManager);
}
}
diff --git a/apps/user_ldap/lib/UserPluginManager.php b/apps/user_ldap/lib/UserPluginManager.php
new file mode 100644
index 00000000000..374e545f4fd
--- /dev/null
+++ b/apps/user_ldap/lib/UserPluginManager.php
@@ -0,0 +1,208 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br)
+ *
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
+ *
+ * @license AGPL-3.0
+ *
+ * This code is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License, version 3,
+ * as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License, version 3,
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+namespace OCA\User_LDAP;
+
+use OC\User\Backend;
+
+class UserPluginManager {
+
+ public $test = false;
+
+ private $respondToActions = 0;
+
+ private $which = array(
+ Backend::CREATE_USER => null,
+ Backend::SET_PASSWORD => null,
+ Backend::GET_HOME => null,
+ Backend::GET_DISPLAYNAME => null,
+ Backend::SET_DISPLAYNAME => null,
+ Backend::PROVIDE_AVATAR => null,
+ Backend::COUNT_USERS => null,
+ 'deleteUser' => null
+ );
+
+ /**
+ * @return int All implemented actions, except for 'deleteUser'
+ */
+ public function getImplementedActions() {
+ return $this->respondToActions;
+ }
+
+ /**
+ * Registers a group plugin that may implement some actions, overriding User_LDAP's user actions.
+ * @param ILDAPGroupPlugin $plugin
+ */
+ public function register(ILDAPUserPlugin $plugin) {
+ $respondToActions = $plugin->respondToActions();
+ $this->respondToActions |= $respondToActions;
+
+ foreach($this->which as $action => $v) {
+ if ((bool)($respondToActions & $action)) {
+ $this->which[$action] = $plugin;
+ \OC::$server->getLogger()->debug("Registered action ".$action." to plugin ".get_class($plugin), ['app' => 'user_ldap']);
+ }
+ }
+ if (method_exists($plugin,'deleteUser')) {
+ $this->which['deleteUser'] = $plugin;
+ }
+ }
+
+ /**
+ * Signal if there is a registered plugin that implements some given actions
+ * @param int $action Actions defined in \OC\User\Backend, like Backend::CREATE_USER
+ * @return bool
+ */
+ public function implementsActions($actions) {
+ return ($actions & $this->respondToActions) == $actions;
+ }
+
+ /**
+ * Create a new user in LDAP Backend
+ *
+ * @param string $uid The username of the user to create
+ * @param string $password The password of the new user
+ * @return bool
+ * @throws \Exception
+ */
+ public function createUser($username, $password) {
+ $plugin = $this->which[Backend::CREATE_USER];
+
+ if ($plugin) {
+ return $plugin->createUser($username,$password);
+ }
+ throw new \Exception('No plugin implements createUser in this LDAP Backend.');
+ }
+
+ /**
+ * Change the password of a user*
+ * @param string $uid The username
+ * @param string $password The new password
+ * @return bool
+ * @throws \Exception
+ */
+ public function setPassword($uid, $password) {
+ $plugin = $this->which[Backend::SET_PASSWORD];
+
+ if ($plugin) {
+ return $plugin->setPassword($uid,$password);
+ }
+ throw new \Exception('No plugin implements setPassword in this LDAP Backend.');
+ }
+
+ /**
+ * checks whether the user is allowed to change his avatar in Nextcloud
+ * @param string $uid the Nextcloud user name
+ * @return boolean either the user can or cannot
+ * @throws \Exception
+ */
+ public function canChangeAvatar($uid) {
+ $plugin = $this->which[Backend::PROVIDE_AVATAR];
+
+ if ($plugin) {
+ return $plugin->canChangeAvatar($uid);
+ }
+ throw new \Exception('No plugin implements canChangeAvatar in this LDAP Backend.');
+ }
+
+ /**
+ * Get the user's home directory
+ * @param string $uid the username
+ * @return boolean
+ * @throws \Exception
+ */
+ public function getHome($uid) {
+ $plugin = $this->which[Backend::GET_HOME];
+
+ if ($plugin) {
+ return $plugin->getHome($uid);
+ }
+ throw new \Exception('No plugin implements getHome in this LDAP Backend.');
+ }
+
+ /**
+ * Get display name of the user
+ * @param string $uid user ID of the user
+ * @return string display name
+ * @throws \Exception
+ */
+ public function getDisplayName($uid) {
+ $plugin = $this->which[Backend::GET_DISPLAYNAME];
+
+ if ($plugin) {
+ return $plugin->getDisplayName($uid);
+ }
+ throw new \Exception('No plugin implements getDisplayName in this LDAP Backend.');
+ }
+
+ /**
+ * Set display name of the user
+ * @param string $uid user ID of the user
+ * @param string $displayName new user's display name
+ * @return string display name
+ * @throws \Exception
+ */
+ public function setDisplayName($uid, $displayName) {
+ $plugin = $this->which[Backend::SET_DISPLAYNAME];
+
+ if ($plugin) {
+ return $plugin->setDisplayName($uid, $displayName);
+ }
+ throw new \Exception('No plugin implements setDisplayName in this LDAP Backend.');
+ }
+
+ /**
+ * Count the number of users
+ * @return int|bool
+ * @throws \Exception
+ */
+ public function countUsers() {
+ $plugin = $this->which[Backend::COUNT_USERS];
+
+ if ($plugin) {
+ return $plugin->countUsers();
+ }
+ throw new \Exception('No plugin implements countUsers in this LDAP Backend.');
+ }
+
+ /**
+ * @return bool
+ */
+ public function canDeleteUser() {
+ return $this->which['deleteUser'] !== null;
+ }
+
+ /**
+ * @param $uid
+ * @return bool
+ * @throws \Exception
+ */
+ public function deleteUser($uid) {
+ $plugin = $this->which['deleteUser'];
+ if ($plugin) {
+ return $plugin->deleteUser($uid);
+ }
+ throw new \Exception('No plugin implements deleteUser in this LDAP Backend.');
+ }
+}
+
diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index 0a9a1cfe4c2..87706dcfe8b 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -16,6 +16,8 @@
* @author Thomas Müller <thomas.mueller@tmit.eu>
* @author Tom Needham <tom@owncloud.com>
* @author Roger Szabo <roger.szabo@web.de>
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
*
* @license AGPL-3.0
*
@@ -56,16 +58,20 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
/** @var string */
protected $currentUserInDeletionProcess;
+ /** @var UserPluginManager */
+ protected $userPluginManager;
+
/**
* @param Access $access
* @param \OCP\IConfig $ocConfig
* @param \OCP\Notification\IManager $notificationManager
* @param IUserSession $userSession
*/
- public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession) {
+ public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession, UserPluginManager $userPluginManager) {
parent::__construct($access);
$this->ocConfig = $ocConfig;
$this->notificationManager = $notificationManager;
+ $this->userPluginManager = $userPluginManager;
$this->registerHooks($userSession);
}
@@ -88,6 +94,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
* @return boolean either the user can or cannot
*/
public function canChangeAvatar($uid) {
+ if ($this->userPluginManager->implementsActions(Backend::PROVIDE_AVATAR)) {
+ return $this->userPluginManager->canChangeAvatar($uid);
+ }
+
$user = $this->access->userManager->get($uid);
if(!$user instanceof User) {
return false;
@@ -207,6 +217,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
* @return bool
*/
public function setPassword($uid, $password) {
+ if ($this->userPluginManager->implementsActions(Backend::SET_PASSWORD)) {
+ return $this->userPluginManager->setPassword($uid, $password);
+ }
+
$user = $this->access->userManager->get($uid);
if(!$user instanceof User) {
@@ -364,6 +378,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
* @return bool
*/
public function deleteUser($uid) {
+ if ($this->userPluginManager->canDeleteUser()) {
+ return $this->userPluginManager->deleteUser($uid);
+ }
+
$marked = $this->ocConfig->getUserValue($uid, 'user_ldap', 'isDeleted', 0);
if(intval($marked) === 0) {
\OC::$server->getLogger()->notice(
@@ -393,6 +411,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
return false;
}
+ if ($this->userPluginManager->implementsActions(Backend::GET_HOME)) {
+ return $this->userPluginManager->getHome($uid);
+ }
+
$cacheKey = 'getHome'.$uid;
$path = $this->access->connection->getFromCache($cacheKey);
if(!is_null($path)) {
@@ -425,6 +447,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
* @return string|false display name
*/
public function getDisplayName($uid) {
+ if ($this->userPluginManager->implementsActions(Backend::GET_DISPLAYNAME)) {
+ return $this->userPluginManager->getDisplayName($uid);
+ }
+
if(!$this->userExists($uid)) {
return false;
}
@@ -470,6 +496,19 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
}
/**
+ * set display name of the user
+ * @param string $uid user ID of the user
+ * @param string $displayName new display name of the user
+ * @return string|false display name
+ */
+ public function setDisplayName($uid, $displayName) {
+ if ($this->userPluginManager->implementsActions(Backend::SET_DISPLAYNAME)) {
+ return $this->userPluginManager->setDisplayName($uid, $displayName);
+ }
+ return false;
+ }
+
+ /**
* Get a list of all display names
*
* @param string $search
@@ -506,7 +545,8 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
| Backend::GET_DISPLAYNAME
| Backend::PROVIDE_AVATAR
| Backend::COUNT_USERS
- | ((intval($this->access->connection->turnOnPasswordChange) === 1)?(Backend::SET_PASSWORD):0))
+ | ((intval($this->access->connection->turnOnPasswordChange) === 1)?(Backend::SET_PASSWORD):0)
+ | $this->userPluginManager->getImplementedActions())
& $actions);
}
@@ -523,6 +563,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
* @return int|bool
*/
public function countUsers() {
+ if ($this->userPluginManager->implementsActions(Backend::COUNT_USERS)) {
+ return $this->userPluginManager->countUsers();
+ }
+
$filter = $this->access->getFilterForUserCount();
$cacheKey = 'countUsers-'.$filter;
if(!is_null($entries = $this->access->connection->getFromCache($cacheKey))) {
@@ -561,4 +605,18 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
$connection = clone $this->access->getConnection();
return $connection->getConnectionResource();
}
+
+ /**
+ * create new user
+ * @param string $username username of the new user
+ * @param string $password password of the new user
+ * @return bool was the user created?
+ */
+ public function createUser($username, $password) {
+ if ($this->userPluginManager->implementsActions(Backend::CREATE_USER)) {
+ return $this->userPluginManager->createUser($username, $password);
+ }
+ return false;
+ }
+
}
diff --git a/apps/user_ldap/lib/User_Proxy.php b/apps/user_ldap/lib/User_Proxy.php
index a25eb1bc621..c65999e3fde 100644
--- a/apps/user_ldap/lib/User_Proxy.php
+++ b/apps/user_ldap/lib/User_Proxy.php
@@ -10,6 +10,8 @@
* @author Robin McCorkell <robin@mccorkell.me.uk>
* @author Thomas Müller <thomas.mueller@tmit.eu>
* @author Roger Szabo <roger.szabo@web.de>
+ * @author Vinicius Brand <vinicius@eita.org.br>
+ * @author Daniel Tygel <dtygel@eita.org.br>
*
* @license AGPL-3.0
*
@@ -48,11 +50,13 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
* @param IUserSession $userSession
*/
public function __construct(array $serverConfigPrefixes, ILDAPWrapper $ldap, IConfig $ocConfig,
- INotificationManager $notificationManager, IUserSession $userSession) {
+ INotificationManager $notificationManager, IUserSession $userSession,
+ UserPluginManager $userPluginManager) {
parent::__construct($ldap);
foreach($serverConfigPrefixes as $configPrefix) {
$this->backends[$configPrefix] =
- new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession);
+ new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession, $userPluginManager);
+
if(is_null($this->refBackend)) {
$this->refBackend = &$this->backends[$configPrefix];
}
@@ -233,12 +237,23 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
}
/**
+ * set display name of the user
+ *
+ * @param string $uid user ID of the user
+ * @param string $displayName new display name
+ * @return string display name
+ */
+ public function setDisplayName($uid, $displayName) {
+ return $this->handleRequest($uid, 'setDisplayName', array($uid, $displayName));
+ }
+
+ /**
* checks whether the user is allowed to change his avatar in Nextcloud
* @param string $uid the Nextcloud user name
* @return boolean either the user can or cannot
*/
public function canChangeAvatar($uid) {
- return $this->handleRequest($uid, 'canChangeAvatar', array($uid), true);
+ return $this->handleRequest($uid, 'canChangeAvatar', array($uid));
}
/**
@@ -322,4 +337,14 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
public function getNewLDAPConnection($uid) {
return $this->handleRequest($uid, 'getNewLDAPConnection', array($uid));
}
+
+ /**
+ * Creates a new user in LDAP
+ * @param $username
+ * @param $password
+ * @return bool
+ */
+ public function createUser($username, $password) {
+ return $this->handleRequest($username, 'createUser', array($username,$password));
+ }
}