summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib
diff options
context:
space:
mode:
authorArthur Schiwon <blizzz@arthur-schiwon.de>2020-04-17 16:02:04 +0200
committerArthur Schiwon <blizzz@arthur-schiwon.de>2020-04-23 21:34:05 +0200
commit4babdc082b988485608682a6a0bf3cccfd42fe8b (patch)
tree6cd1f1fd3a3d8eb2b1b0fdda1fa4e3624a5bb6cd /apps/user_ldap/lib
parentab550d682f5ddbef35c3a11f7672c2fab26d4659 (diff)
downloadnextcloud-server-4babdc082b988485608682a6a0bf3cccfd42fe8b.tar.gz
nextcloud-server-4babdc082b988485608682a6a0bf3cccfd42fe8b.zip
formatting
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
Diffstat (limited to 'apps/user_ldap/lib')
-rw-r--r--apps/user_ldap/lib/Access.php133
-rw-r--r--apps/user_ldap/lib/Group_LDAP.php96
-rw-r--r--apps/user_ldap/lib/Group_Proxy.php18
-rw-r--r--apps/user_ldap/lib/Helper.php25
-rw-r--r--apps/user_ldap/lib/Mapping/AbstractMapping.php38
-rw-r--r--apps/user_ldap/lib/Proxy.php25
-rw-r--r--apps/user_ldap/lib/User_Proxy.php27
7 files changed, 236 insertions, 126 deletions
diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php
index a564f6183bc..251c0eeeaa7 100644
--- a/apps/user_ldap/lib/Access.php
+++ b/apps/user_ldap/lib/Access.php
@@ -61,6 +61,7 @@ use OCP\IUserManager;
/**
* Class Access
+ *
* @package OCA\User_LDAP
*/
class Access extends LDAPUtility {
@@ -75,6 +76,7 @@ class Access extends LDAPUtility {
/**
* protected $cookies = [];
+ *
* @var AbstractMapping $userMapper
*/
protected $userMapper;
@@ -114,6 +116,7 @@ class Access extends LDAPUtility {
/**
* sets the User Mapper
+ *
* @param AbstractMapping $mapper
*/
public function setUserMapper(AbstractMapping $mapper) {
@@ -122,8 +125,9 @@ class Access extends LDAPUtility {
/**
* returns the User Mapper
- * @throws \Exception
+ *
* @return AbstractMapping
+ * @throws \Exception
*/
public function getUserMapper() {
if (is_null($this->userMapper)) {
@@ -134,6 +138,7 @@ class Access extends LDAPUtility {
/**
* sets the Group Mapper
+ *
* @param AbstractMapping $mapper
*/
public function setGroupMapper(AbstractMapping $mapper) {
@@ -142,8 +147,9 @@ class Access extends LDAPUtility {
/**
* returns the Group Mapper
- * @throws \Exception
+ *
* @return AbstractMapping
+ * @throws \Exception
*/
public function getGroupMapper() {
if (is_null($this->groupMapper)) {
@@ -161,6 +167,7 @@ class Access extends LDAPUtility {
/**
* returns the Connection instance
+ *
* @return \OCA\User_LDAP\Connection
*/
public function getConnection() {
@@ -226,7 +233,7 @@ class Access extends LDAPUtility {
$result = $this->extractRangeData($result, $attr);
if (!empty($result)) {
$normalizedResult = $this->extractAttributeValuesFromResult(
- [ $attr => $result['values'] ],
+ [$attr => $result['values']],
$attr
);
$values = array_merge($values, $normalizedResult);
@@ -236,14 +243,14 @@ class Access extends LDAPUtility {
// no more results left
return $values;
} else {
- $low = $result['rangeHigh'] + 1;
+ $low = $result['rangeHigh'] + 1;
$attrToRead = $result['attributeName'] . ';range=' . $low . '-*';
$isRangeRequest = true;
}
}
} while ($isRangeRequest);
- \OCP\Util::writeLog('user_ldap', 'Requested attribute '.$attr.' not found for '.$dn, ILogger::DEBUG);
+ \OCP\Util::writeLog('user_ldap', 'Requested attribute ' . $attr . ' not found for ' . $dn, ILogger::DEBUG);
return false;
}
@@ -300,7 +307,7 @@ class Access extends LDAPUtility {
$values = [];
if (isset($result[$attribute]) && $result[$attribute]['count'] > 0) {
$lowercaseAttribute = strtolower($attribute);
- for ($i=0;$i<$result[$attribute]['count'];$i++) {
+ for ($i = 0; $i < $result[$attribute]['count']; $i++) {
if ($this->resemblesDN($attribute)) {
$values[] = $this->helper->sanitizeDN($result[$attribute][$i]);
} elseif ($lowercaseAttribute === 'objectguid' || $lowercaseAttribute === 'guid') {
@@ -365,14 +372,15 @@ class Access extends LDAPUtility {
try {
// try PASSWD extended operation first
return @$this->invokeLDAPMethod('exopPasswd', $cr, $userDN, '', $password) ||
- @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
+ @$this->invokeLDAPMethod('modReplace', $cr, $userDN, $password);
} catch (ConstraintViolationException $e) {
- throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ').$e->getMessage(), $e->getCode());
+ throw new HintException('Password change rejected.', \OC::$server->getL10N('user_ldap')->t('Password change rejected. Hint: ') . $e->getMessage(), $e->getCode());
}
}
/**
* checks whether the given attributes value is probably a DN
+ *
* @param string $attr the attribute in question
* @return boolean if so true, otherwise false
*/
@@ -389,6 +397,7 @@ class Access extends LDAPUtility {
/**
* checks whether the given string is probably a DN
+ *
* @param string $string
* @return boolean
*/
@@ -403,6 +412,7 @@ class Access extends LDAPUtility {
* returns a DN-string that is cleaned from not domain parts, e.g.
* cn=foo,cn=bar,dc=foobar,dc=server,dc=org
* becomes dc=foobar,dc=server,dc=org
+ *
* @param string $dn
* @return string
*/
@@ -427,6 +437,7 @@ class Access extends LDAPUtility {
/**
* returns the LDAP DN for the given internal Nextcloud name of the group
+ *
* @param string $name the Nextcloud name in question
* @return string|false LDAP DN on success, otherwise false
*/
@@ -436,6 +447,7 @@ class Access extends LDAPUtility {
/**
* returns the LDAP DN for the given internal Nextcloud name of the user
+ *
* @param string $name the Nextcloud name in question
* @return string|false with the LDAP DN on success, otherwise false
*/
@@ -528,14 +540,14 @@ class Access extends LDAPUtility {
}
} else {
//If the UUID can't be detected something is foul.
- \OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for '.$fdn.'. Skipping.', ILogger::INFO);
+ \OCP\Util::writeLog('user_ldap', 'Cannot determine UUID for ' . $fdn . '. Skipping.', ILogger::INFO);
return false;
}
if (is_null($ldapName)) {
$ldapName = $this->readAttribute($fdn, $nameAttribute, $filter);
if (!isset($ldapName[0]) && empty($ldapName[0])) {
- \OCP\Util::writeLog('user_ldap', 'No or empty name for '.$fdn.' with filter '.$filter.'.', ILogger::INFO);
+ \OCP\Util::writeLog('user_ldap', 'No or empty name for ' . $fdn . ' with filter ' . $filter . '.', ILogger::INFO);
return false;
}
$ldapName = $ldapName[0];
@@ -594,7 +606,7 @@ class Access extends LDAPUtility {
}
//if everything else did not help..
- \OCP\Util::writeLog('user_ldap', 'Could not create unique name for '.$fdn.'.', ILogger::INFO);
+ \OCP\Util::writeLog('user_ldap', 'Could not create unique name for ' . $fdn . '.', ILogger::INFO);
return false;
}
@@ -604,7 +616,7 @@ class Access extends LDAPUtility {
string $name,
string $uuid,
bool $isUser
- ) :bool {
+ ): bool {
if ($mapper->map($fdn, $name, $uuid)) {
if ($this->ncUserManager instanceof PublicEmitter && $isUser) {
$this->cacheUserExists($name);
@@ -652,7 +664,7 @@ class Access extends LDAPUtility {
private function ldap2NextcloudNames($ldapObjects, $isUsers) {
if ($isUsers) {
$nameAttribute = $this->connection->ldapUserDisplayName;
- $sndAttribute = $this->connection->ldapUserDisplayName2;
+ $sndAttribute = $this->connection->ldapUserDisplayName2;
} else {
$nameAttribute = $this->connection->ldapGroupDisplayName;
}
@@ -704,27 +716,29 @@ class Access extends LDAPUtility {
/**
* caches the user display name
+ *
* @param string $ocName the internal Nextcloud username
* @param string|false $home the home directory path
*/
public function cacheUserHome($ocName, $home) {
- $cacheKey = 'getHome'.$ocName;
+ $cacheKey = 'getHome' . $ocName;
$this->connection->writeToCache($cacheKey, $home);
}
/**
* caches a user as existing
+ *
* @param string $ocName the internal Nextcloud username
*/
public function cacheUserExists($ocName) {
- $this->connection->writeToCache('userExists'.$ocName, true);
+ $this->connection->writeToCache('userExists' . $ocName, true);
}
/**
* caches a group as existing
*/
public function cacheGroupExists(string $gid): void {
- $this->connection->writeToCache('groupExists'.$gid, true);
+ $this->connection->writeToCache('groupExists' . $gid, true);
}
/**
@@ -742,7 +756,7 @@ class Access extends LDAPUtility {
}
$displayName = $user->composeAndStoreDisplayName($displayName, $displayName2);
$cacheKeyTrunk = 'getDisplayName';
- $this->connection->writeToCache($cacheKeyTrunk.$ocName, $displayName);
+ $this->connection->writeToCache($cacheKeyTrunk . $ocName, $displayName);
}
public function cacheGroupDisplayName(string $ncName, string $displayName): void {
@@ -752,6 +766,7 @@ class Access extends LDAPUtility {
/**
* creates a unique name for internal Nextcloud use for users. Don't call it directly.
+ *
* @param string $name the display name of the object
* @return string|false with with the name to use in Nextcloud or false if unsuccessful
*
@@ -763,7 +778,7 @@ class Access extends LDAPUtility {
//while loop is just a precaution. If a name is not generated within
//20 attempts, something else is very wrong. Avoids infinite loop.
while ($attempts < 20) {
- $altName = $name . '_' . rand(1000,9999);
+ $altName = $name . '_' . rand(1000, 9999);
if (!$this->ncUserManager->userExists($altName)) {
return $altName;
}
@@ -774,6 +789,7 @@ class Access extends LDAPUtility {
/**
* creates a unique name for internal Nextcloud use for groups. Don't call it directly.
+ *
* @param string $name the display name of the object
* @return string|false with with the name to use in Nextcloud or false if unsuccessful.
*
@@ -793,7 +809,7 @@ class Access extends LDAPUtility {
$lastName = array_pop($usedNames);
$lastNo = (int)substr($lastName, strrpos($lastName, '_') + 1);
}
- $altName = $name.'_'. (string)($lastNo+1);
+ $altName = $name . '_' . (string)($lastNo + 1);
unset($usedNames);
$attempts = 1;
@@ -812,6 +828,7 @@ class Access extends LDAPUtility {
/**
* creates a unique name for internal Nextcloud use.
+ *
* @param string $name the display name of the object
* @param boolean $isUser whether name should be created for a user (true) or a group (false)
* @return string|false with with the name to use in Nextcloud or false if unsuccessful
@@ -876,10 +893,10 @@ class Access extends LDAPUtility {
return $listOfDNs;
}, []);
$idsByDn = $this->userMapper->getListOfIdsByDn($listOfDNs);
- $recordsToUpdate = array_filter($ldapRecords, function($record) use ($isBackgroundJobModeAjax, $idsByDn) {
+ $recordsToUpdate = array_filter($ldapRecords, function ($record) use ($isBackgroundJobModeAjax, $idsByDn) {
$newlyMapped = false;
$uid = $idsByDn[$record['dn'][0]] ?? null;
- if($uid === null) {
+ if ($uid === null) {
$uid = $this->dn2ocname($record['dn'][0], null, true, $newlyMapped, $record);
}
if (is_string($uid)) {
@@ -907,7 +924,7 @@ class Access extends LDAPUtility {
// displayName is obligatory
continue;
}
- $ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
+ $ocName = $this->dn2ocname($userRecord['dn'][0], null, true);
if ($ocName === false) {
continue;
}
@@ -918,7 +935,7 @@ class Access extends LDAPUtility {
} else {
\OC::$server->getLogger()->debug(
"The ldap user manager returned null for $ocName",
- ['app'=>'user_ldap']
+ ['app' => 'user_ldap']
);
}
}
@@ -936,14 +953,14 @@ class Access extends LDAPUtility {
$listOfDNs = array_reduce($groupRecords, function ($listOfDNs, $entry) {
$listOfDNs[] = $entry['dn'][0];
- return$listOfDNs;
+ return $listOfDNs;
}, []);
$idsByDn = $this->groupMapper->getListOfIdsByDn($listOfDNs);
- array_walk($groupRecords, function($record) use ($idsByDn) {
+ array_walk($groupRecords, function ($record) use ($idsByDn) {
$newlyMapped = false;
$gid = $uidsByDn[$record['dn'][0]] ?? null;
- if($gid === null) {
+ if ($gid === null) {
$gid = $this->dn2ocname($record['dn'][0], null, false, $newlyMapped, $record);
}
if (!$newlyMapped && is_string($gid)) {
@@ -1071,6 +1088,7 @@ class Access extends LDAPUtility {
/**
* Returns the LDAP handler
+ *
* @throws \OC\ServerNotAvailableException
*/
@@ -1154,7 +1172,7 @@ class Access extends LDAPUtility {
// cannot use $cr anymore, might have changed in the previous call!
$error = $this->ldap->errno($this->connection->getConnectionResource());
if (!$this->ldap->isResource($sr) || $error !== 0) {
- \OCP\Util::writeLog('user_ldap', 'Attempt for Paging? '.print_r($pagedSearchOK, true), ILogger::ERROR);
+ \OCP\Util::writeLog('user_ldap', 'Attempt for Paging? ' . print_r($pagedSearchOK, true), ILogger::ERROR);
return false;
}
@@ -1201,7 +1219,7 @@ class Access extends LDAPUtility {
if (!is_null($limit) && (int)$this->connection->ldapPagingSize !== 0) {
\OC::$server->getLogger()->debug(
'Paged search was not available',
- [ 'app' => 'user_ldap' ]
+ ['app' => 'user_ldap']
);
}
}
@@ -1388,7 +1406,7 @@ class Access extends LDAPUtility {
//a) paged search unsuccessful, though attempted
//b) no paged search, but limit set
if ((!$this->getPagedSearchResultState()
- && $pagedSearchOK)
+ && $pagedSearchOK)
|| (
!$pagedSearchOK
&& !is_null($limit)
@@ -1433,7 +1451,8 @@ class Access extends LDAPUtility {
/**
* escapes (user provided) parts for LDAP filter
- * @param string $input, the provided value
+ *
+ * @param string $input , the provided value
* @param bool $allowAsterisk whether in * at the beginning should be preserved
* @return string the escaped string
*/
@@ -1443,13 +1462,14 @@ class Access extends LDAPUtility {
$asterisk = '*';
$input = mb_substr($input, 1, null, 'UTF-8');
}
- $search = ['*', '\\', '(', ')'];
+ $search = ['*', '\\', '(', ')'];
$replace = ['\\*', '\\\\', '\\(', '\\)'];
return $asterisk . str_replace($search, $replace, $input);
}
/**
* combines the input filters with AND
+ *
* @param string[] $filters the filters to connect
* @return string the combined filter
*/
@@ -1459,6 +1479,7 @@ class Access extends LDAPUtility {
/**
* combines the input filters with OR
+ *
* @param string[] $filters the filters to connect
* @return string the combined filter
* Combines Filter arguments with OR
@@ -1469,24 +1490,26 @@ class Access extends LDAPUtility {
/**
* combines the input filters with given operator
+ *
* @param string[] $filters the filters to connect
* @param string $operator either & or |
* @return string the combined filter
*/
private function combineFilter($filters, $operator) {
- $combinedFilter = '('.$operator;
+ $combinedFilter = '(' . $operator;
foreach ($filters as $filter) {
if ($filter !== '' && $filter[0] !== '(') {
- $filter = '('.$filter.')';
+ $filter = '(' . $filter . ')';
}
- $combinedFilter.=$filter;
+ $combinedFilter .= $filter;
}
- $combinedFilter.=')';
+ $combinedFilter .= ')';
return $combinedFilter;
}
/**
* creates a filter part for to perform search for users
+ *
* @param string $search the search term
* @return string the final filter part to use in LDAP searches
*/
@@ -1498,6 +1521,7 @@ class Access extends LDAPUtility {
/**
* creates a filter part for to perform search for groups
+ *
* @param string $search the search term
* @return string the final filter part to use in LDAP searches
*/
@@ -1510,6 +1534,7 @@ class Access extends LDAPUtility {
/**
* creates a filter part for searches by splitting up the given search
* string into single words
+ *
* @param string $search the search term
* @param string[] $searchAttributes needs to have at least two attributes,
* otherwise it does not make sense :)
@@ -1536,6 +1561,7 @@ class Access extends LDAPUtility {
/**
* creates a filter part for searches
+ *
* @param string $search the search term
* @param string[]|null $searchAttributes
* @param string $fallbackAttribute a fallback attribute in case the user
@@ -1569,7 +1595,7 @@ class Access extends LDAPUtility {
}
}
if (count($filter) === 1) {
- return '('.$filter[0].')';
+ return '(' . $filter[0] . ')';
}
return $this->combineFilterWithOr($filter);
}
@@ -1578,6 +1604,7 @@ class Access extends LDAPUtility {
* returns the search term depending on whether we are allowed
* list users found by ldap with the current input appended by
* a *
+ *
* @return string
*/
private function prepareSearchTerm($term) {
@@ -1596,6 +1623,7 @@ class Access extends LDAPUtility {
/**
* returns the filter used for counting users
+ *
* @return string
*/
public function getFilterForUserCount() {
@@ -1634,8 +1662,8 @@ class Access extends LDAPUtility {
*/
public function getUserDnByUuid($uuid) {
$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
- $filter = $this->connection->ldapUserFilter;
- $bases = $this->connection->ldapBaseUsers;
+ $filter = $this->connection->ldapUserFilter;
+ $bases = $this->connection->ldapBaseUsers;
if ($this->connection->ldapUuidUserAttribute === 'auto' && $uuidOverride === '') {
// Sacrebleu! The UUID attribute is unknown :( We need first an
@@ -1690,10 +1718,10 @@ class Access extends LDAPUtility {
*/
private function detectUuidAttribute($dn, $isUser = true, $force = false, array $ldapRecord = null) {
if ($isUser) {
- $uuidAttr = 'ldapUuidUserAttribute';
+ $uuidAttr = 'ldapUuidUserAttribute';
$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
} else {
- $uuidAttr = 'ldapUuidGroupAttribute';
+ $uuidAttr = 'ldapUuidGroupAttribute';
$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
}
@@ -1750,10 +1778,10 @@ class Access extends LDAPUtility {
*/
public function getUUID($dn, $isUser = true, $ldapRecord = null) {
if ($isUser) {
- $uuidAttr = 'ldapUuidUserAttribute';
+ $uuidAttr = 'ldapUuidUserAttribute';
$uuidOverride = $this->connection->ldapExpertUUIDUserAttr;
} else {
- $uuidAttr = 'ldapUuidGroupAttribute';
+ $uuidAttr = 'ldapUuidGroupAttribute';
$uuidOverride = $this->connection->ldapExpertUUIDGroupAttr;
}
@@ -1778,6 +1806,7 @@ class Access extends LDAPUtility {
/**
* converts a binary ObjectGUID into a string representation
+ *
* @param string $oguid the ObjectGUID in it's binary form as retrieved from AD
* @return string
* @link http://www.php.net/manual/en/function.ldap-get-values-len.php#73198
@@ -1833,16 +1862,16 @@ class Access extends LDAPUtility {
\OC::$server->getLogger()->info(
'Passed string does not resemble a valid GUID. Known UUID ' .
'({uuid}) probably does not match UUID configuration.',
- [ 'app' => 'user_ldap', 'uuid' => $guid ]
+ ['app' => 'user_ldap', 'uuid' => $guid]
);
return $guid;
}
- for ($i=0; $i < 3; $i++) {
+ for ($i = 0; $i < 3; $i++) {
$pairs = str_split($blocks[$i], 2);
$pairs = array_reverse($pairs);
$blocks[$i] = implode('', $pairs);
}
- for ($i=0; $i < 5; $i++) {
+ for ($i = 0; $i < 5; $i++) {
$pairs = str_split($blocks[$i], 2);
$blocks[$i] = '\\' . implode('\\', $pairs);
}
@@ -1858,7 +1887,7 @@ class Access extends LDAPUtility {
*/
public function getSID($dn) {
$domainDN = $this->getDomainDNFromDN($dn);
- $cacheKey = 'getSID-'.$domainDN;
+ $cacheKey = 'getSID-' . $domainDN;
$sid = $this->connection->getFromCache($cacheKey);
if (!is_null($sid)) {
return $sid;
@@ -1877,6 +1906,7 @@ class Access extends LDAPUtility {
/**
* converts a binary SID into a string representation
+ *
* @param string $sid
* @return string
*/
@@ -1915,6 +1945,7 @@ class Access extends LDAPUtility {
/**
* checks if the given DN is part of the given base DN(s)
+ *
* @param string $dn the DN
* @param string[] $bases array containing the allowed base DN or DNs
* @return bool
@@ -1925,7 +1956,7 @@ class Access extends LDAPUtility {
foreach ($bases as $base) {
$belongsToBase = true;
- if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen($base, 'UTF-8'))) {
+ if (mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8') - mb_strlen($base, 'UTF-8'))) {
$belongsToBase = false;
}
if ($belongsToBase) {
@@ -1958,6 +1989,7 @@ class Access extends LDAPUtility {
* be reset by other operations. Best, call it immediately after a search(),
* searchUsers() or searchGroups() call. count-methods are probably safe as
* well. Don't rely on it with any fetchList-method.
+ *
* @return bool
*/
public function hasMoreResults() {
@@ -1972,6 +2004,7 @@ class Access extends LDAPUtility {
/**
* Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search.
+ *
* @return boolean|null true on success, null or false otherwise
*/
public function getPagedSearchResultState() {
@@ -2024,10 +2057,10 @@ class Access extends LDAPUtility {
$this->abandonPagedSearch();
}
$pagedSearchOK = true === $this->invokeLDAPMethod(
- 'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
- );
+ 'controlPagedResult', $this->connection->getConnectionResource(), $limit, false
+ );
if ($pagedSearchOK) {
- \OC::$server->getLogger()->debug('Ready for a paged search',['app' => 'user_ldap']);
+ \OC::$server->getLogger()->debug('Ready for a paged search', ['app' => 'user_ldap']);
}
/* ++ Fixing RHDS searches with pages with zero results ++
* We coudn't get paged searches working with our RHDS for login ($limit = 0),
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 95bcbf50f8c..f05c8fb8ca4 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -85,6 +85,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* is user in group?
+ *
* @param string $uid uid of the user
* @param string $gid gid of the group
* @return bool
@@ -95,7 +96,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if (!$this->enabled) {
return false;
}
- $cacheKey = 'inGroup'.$uid.':'.$gid;
+ $cacheKey = 'inGroup' . $uid . ':' . $gid;
$inGroup = $this->access->connection->getFromCache($cacheKey);
if (!is_null($inGroup)) {
return (bool)$inGroup;
@@ -108,7 +109,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
return $isInGroup;
}
- $cacheKeyMembers = 'inGroup-members:'.$gid;
+ $cacheKeyMembers = 'inGroup-members:' . $gid;
$members = $this->access->connection->getFromCache($cacheKeyMembers);
if (!is_null($members)) {
$this->cachedGroupMembers[$gid] = $members;
@@ -199,13 +200,13 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$pos = strpos($memberURLs[0], '(');
if ($pos !== false) {
$memberUrlFilter = substr($memberURLs[0], $pos);
- $foundMembers = $this->access->searchUsers($memberUrlFilter,'dn');
+ $foundMembers = $this->access->searchUsers($memberUrlFilter, 'dn');
$dynamicMembers = [];
foreach ($foundMembers as $value) {
$dynamicMembers[$value['dn'][0]] = 1;
}
} else {
- \OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
+ \OCP\Util::writeLog('user_ldap', 'No search filter found on member url ' .
'of group ' . $dnGroup, ILogger::DEBUG);
}
}
@@ -228,7 +229,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
return [];
}
// used extensively in cron job, caching makes sense for nested groups
- $cacheKey = '_groupMembers'.$dnGroup;
+ $cacheKey = '_groupMembers' . $dnGroup;
$groupMembers = $this->access->connection->getFromCache($cacheKey);
if ($groupMembers !== null) {
return $groupMembers;
@@ -284,7 +285,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
* @return array
*/
private function walkNestedGroups(string $dn, \Closure $fetcher, array $list): array {
- $nesting = (int) $this->access->connection->ldapNestedGroups;
+ $nesting = (int)$this->access->connection->ldapNestedGroups;
// depending on the input, we either have a list of DNs or a list of LDAP records
// also, the output expects either DNs or records. Testing the first element should suffice.
$recordMode = is_array($list) && isset($list[0]) && is_array($list[0]) && isset($list[0]['dn'][0]);
@@ -319,6 +320,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* translates a gidNumber into an ownCloud internal name
+ *
* @param string $gid as given by gidNumber on POSIX LDAP
* @param string $dn a DN that belongs to the same domain as the group
* @return string|bool
@@ -354,6 +356,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the entry's gidNumber
+ *
* @param string $dn
* @param string $attribute
* @return string|bool
@@ -368,6 +371,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the group's primary ID
+ *
* @param string $dn
* @return string|bool
*/
@@ -377,6 +381,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the user's gidNumber
+ *
* @param string $dn
* @return string|bool
*/
@@ -410,7 +415,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if ($search !== '') {
$filterParts[] = $this->access->getFilterPartForUserSearch($search);
}
- $filterParts[] = $this->access->connection->ldapGidNumber .'=' . $groupID;
+ $filterParts[] = $this->access->connection->ldapGidNumber . '=' . $groupID;
return $this->access->combineFilterWithAnd($filterParts);
}
@@ -460,6 +465,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* gets the gidNumber of a user
+ *
* @param string $dn
* @return string
*/
@@ -477,6 +483,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* translates a primary group ID into an Nextcloud internal name
+ *
* @param string $gid as given by primaryGroupID on AD
* @param string $dn a DN that belongs to the same domain as the group
* @return string|bool
@@ -516,6 +523,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the entry's primary group ID
+ *
* @param string $dn
* @param string $attribute
* @return string|bool
@@ -530,6 +538,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the group's primary ID
+ *
* @param string $dn
* @return string|bool
*/
@@ -539,6 +548,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the user's primary group ID
+ *
* @param string $dn
* @return string|bool
*/
@@ -622,6 +632,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* gets the primary group of a user
+ *
* @param string $dn
* @return string
*/
@@ -639,6 +650,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Get all groups a user belongs to
+ *
* @param string $uid Name of the user
* @return array with group names
*
@@ -651,7 +663,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if (!$this->enabled) {
return [];
}
- $cacheKey = 'getUserGroups'.$uid;
+ $cacheKey = 'getUserGroups' . $uid;
$userGroups = $this->access->connection->getFromCache($cacheKey);
if (!is_null($userGroups)) {
return $userGroups;
@@ -671,14 +683,14 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if (!empty($dynamicGroupMemberURL)) {
// look through dynamic groups to add them to the result array if needed
$groupsToMatch = $this->access->fetchListOfGroups(
- $this->access->connection->ldapGroupFilter,['dn',$dynamicGroupMemberURL]);
+ $this->access->connection->ldapGroupFilter, ['dn', $dynamicGroupMemberURL]);
foreach ($groupsToMatch as $dynamicGroup) {
if (!array_key_exists($dynamicGroupMemberURL, $dynamicGroup)) {
continue;
}
$pos = strpos($dynamicGroup[$dynamicGroupMemberURL][0], '(');
if ($pos !== false) {
- $memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0],$pos);
+ $memberUrlFilter = substr($dynamicGroup[$dynamicGroupMemberURL][0], $pos);
// apply filter via ldap search to see if this user is in this
// dynamic group
$userMatch = $this->access->readAttribute(
@@ -696,7 +708,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
}
}
} else {
- \OCP\Util::writeLog('user_ldap', 'No search filter found on member url '.
+ \OCP\Util::writeLog('user_ldap', 'No search filter found on member url ' .
'of group ' . print_r($dynamicGroup, true), ILogger::DEBUG);
}
}
@@ -708,7 +720,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if ((int)$this->access->connection->hasMemberOfFilterSupport === 1
&& (int)$this->access->connection->useMemberOfToDetectMembership === 1
&& strtolower($this->access->connection->ldapGroupMemberAssocAttr) !== 'memberuid'
- ) {
+ ) {
$groupDNs = $this->_getGroupDNsFromMemberOf($userDN);
if (is_array($groupDNs)) {
foreach ($groupDNs as $dn) {
@@ -739,7 +751,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
} elseif (strtolower($this->access->connection->ldapGroupMemberAssocAttr) === 'memberuid') {
$result = $this->access->readAttribute($userDN, 'uid');
if ($result === false) {
- \OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN ' . $userDN . ' on '.
+ \OCP\Util::writeLog('user_ldap', 'No uid attribute found for DN ' . $userDN . ' on ' .
$this->access->connection->ldapHost, ILogger::DEBUG);
$uid = false;
} else {
@@ -789,7 +801,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
}
$allGroups = [];
$seen[$dn] = true;
- $filter = $this->access->connection->ldapGroupMemberAssocAttr.'='.$dn;
+ $filter = $this->access->connection->ldapGroupMemberAssocAttr . '=' . $dn;
$groups = $this->access->fetchListOfGroups($filter,
[strtolower($this->access->connection->ldapGroupMemberAssocAttr), $this->access->connection->ldapGroupDisplayName, 'dn']);
if (is_array($groups)) {
@@ -823,7 +835,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
return [];
}
$search = $this->access->escapeFilterPart($search, true);
- $cacheKey = 'usersInGroup-'.$gid.'-'.$search.'-'.$limit.'-'.$offset;
+ $cacheKey = 'usersInGroup-' . $gid . '-' . $search . '-' . $limit . '-' . $offset;
// check for cache of the exact query
$groupUsers = $this->access->connection->getFromCache($cacheKey);
if (!is_null($groupUsers)) {
@@ -831,7 +843,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
}
// check for cache of the query without limit and offset
- $groupUsers = $this->access->connection->getFromCache('usersInGroup-'.$gid.'-'.$search);
+ $groupUsers = $this->access->connection->getFromCache('usersInGroup-' . $gid . '-' . $search);
if (!is_null($groupUsers)) {
$groupUsers = array_slice($groupUsers, $offset, $limit);
$this->access->connection->writeToCache($cacheKey, $groupUsers);
@@ -907,7 +919,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$groupUsers = array_unique(array_merge($groupUsers, $primaryUsers, $posixGroupUsers));
natsort($groupUsers);
- $this->access->connection->writeToCache('usersInGroup-'.$gid.'-'.$search, $groupUsers);
+ $this->access->connection->writeToCache('usersInGroup-' . $gid . '-' . $search, $groupUsers);
$groupUsers = array_slice($groupUsers, $offset, $limit);
$this->access->connection->writeToCache($cacheKey, $groupUsers);
@@ -917,6 +929,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* returns the number of users in a group, who match the search term
+ *
* @param string $gid the internal group name
* @param string $search optional, a search string
* @return int|bool
@@ -926,7 +939,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
return $this->groupPluginManager->countUsersInGroup($gid, $search);
}
- $cacheKey = 'countUsersInGroup-'.$gid.'-'.$search;
+ $cacheKey = 'countUsersInGroup-' . $gid . '-' . $search;
if (!$this->enabled || !$this->groupExists($gid)) {
return false;
}
@@ -958,7 +971,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$search = $this->access->escapeFilterPart($search, true);
$isMemberUid =
(strtolower($this->access->connection->ldapGroupMemberAssocAttr)
- === 'memberuid');
+ === 'memberuid');
//we need to apply the search filter
//alternatives that need to be checked:
@@ -1015,10 +1028,10 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if (!$this->enabled) {
return [];
}
- $cacheKey = 'getGroups-'.$search.'-'.$limit.'-'.$offset;
+ $cacheKey = 'getGroups-' . $search . '-' . $limit . '-' . $offset;
//Check cache before driving unnecessary searches
- \OCP\Util::writeLog('user_ldap', 'getGroups '.$cacheKey, ILogger::DEBUG);
+ \OCP\Util::writeLog('user_ldap', 'getGroups ' . $cacheKey, ILogger::DEBUG);
$ldap_groups = $this->access->connection->getFromCache($cacheKey);
if (!is_null($ldap_groups)) {
return $ldap_groups;
@@ -1033,11 +1046,11 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$this->access->connection->ldapGroupFilter,
$this->access->getFilterPartForGroupSearch($search)
]);
- \OCP\Util::writeLog('user_ldap', 'getGroups Filter '.$filter, ILogger::DEBUG);
+ \OCP\Util::writeLog('user_ldap', 'getGroups Filter ' . $filter, ILogger::DEBUG);
$ldap_groups = $this->access->fetchListOfGroups($filter,
- [$this->access->connection->ldapGroupDisplayName, 'dn'],
- $limit,
- $offset);
+ [$this->access->connection->ldapGroupDisplayName, 'dn'],
+ $limit,
+ $offset);
$ldap_groups = $this->access->nextcloudGroupNames($ldap_groups);
$this->access->connection->writeToCache($cacheKey, $ldap_groups);
@@ -1078,7 +1091,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
$chunkLimit = min($pagingSize, $overallLimit - $chunkOffset);
$ldapGroups = $this->getGroupsChunk($search, $chunkLimit, $chunkOffset);
$nread = count($ldapGroups);
- \OCP\Util::writeLog('user_ldap', 'getGroups('.$search.'): read '.$nread.' at offset '.$chunkOffset.' (limit: '.$chunkLimit.')', ILogger::DEBUG);
+ \OCP\Util::writeLog('user_ldap', 'getGroups(' . $search . '): read ' . $nread . ' at offset ' . $chunkOffset . ' (limit: ' . $chunkLimit . ')', ILogger::DEBUG);
if ($nread) {
$allGroups = array_merge($allGroups, $ldapGroups);
$chunkOffset += $nread;
@@ -1100,11 +1113,12 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* check if a group exists
+ *
* @param string $gid
* @return bool
*/
public function groupExists($gid) {
- $groupExists = $this->access->connection->getFromCache('groupExists'.$gid);
+ $groupExists = $this->access->connection->getFromCache('groupExists' . $gid);
if (!is_null($groupExists)) {
return (bool)$groupExists;
}
@@ -1113,34 +1127,34 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
//only, requires more checking.
$dn = $this->access->groupname2dn($gid);
if (!$dn) {
- $this->access->connection->writeToCache('groupExists'.$gid, false);
+ $this->access->connection->writeToCache('groupExists' . $gid, false);
return false;
}
- if(!$this->access->isDNPartOfBase($dn, $this->access->connection->ldapBaseGroups)) {
- $this->access->connection->writeToCache('groupExists'.$gid, false);
+ if (!$this->access->isDNPartOfBase($dn, $this->access->connection->ldapBaseGroups)) {
+ $this->access->connection->writeToCache('groupExists' . $gid, false);
return false;
}
//if group really still exists, we will be able to read its objectclass
if (!is_array($this->access->readAttribute($dn, '', $this->access->connection->ldapGroupFilter))) {
- $this->access->connection->writeToCache('groupExists'.$gid, false);
+ $this->access->connection->writeToCache('groupExists' . $gid, false);
return false;
}
- $this->access->connection->writeToCache('groupExists'.$gid, true);
+ $this->access->connection->writeToCache('groupExists' . $gid, true);
return true;
}
- protected function filterValidGroups (array $listOfGroups): array {
+ protected function filterValidGroups(array $listOfGroups): array {
$validGroupDNs = [];
- foreach($listOfGroups as $key => $item) {
+ foreach ($listOfGroups as $key => $item) {
$dn = is_string($item) ? $item : $item['dn'][0];
$gid = $this->access->dn2groupname($dn);
- if(!$gid) {
+ if (!$gid) {
continue;
}
- if($this->groupExists($gid)) {
+ if ($this->groupExists($gid)) {
$validGroupDNs[$key] = $item;
}
}
@@ -1149,6 +1163,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Check if backend implements actions
+ *
* @param int $actions bitwise-or'ed actions
* @return boolean
*
@@ -1162,6 +1177,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Return access for LDAP interaction.
+ *
* @return Access instance of Access for LDAP interaction
*/
public function getLDAPAccess($gid) {
@@ -1170,6 +1186,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* create a group
+ *
* @param string $gid
* @return bool
* @throws \Exception
@@ -1197,6 +1214,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* delete a group
+ *
* @param string $gid gid of the group to delete
* @return bool
* @throws \Exception
@@ -1206,7 +1224,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
if ($ret = $this->groupPluginManager->deleteGroup($gid)) {
#delete group in nextcloud internal db
$this->access->getGroupMapper()->unmap($gid);
- $this->access->connection->writeToCache("groupExists".$gid, false);
+ $this->access->connection->writeToCache("groupExists" . $gid, false);
}
return $ret;
}
@@ -1215,6 +1233,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Add a user to a group
+ *
* @param string $uid Name of the user to add to group
* @param string $gid Name of the group in which add the user
* @return bool
@@ -1233,6 +1252,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Removes a user from a group
+ *
* @param string $uid Name of the user to remove from group
* @param string $gid Name of the group from which remove the user
* @return bool
@@ -1251,6 +1271,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
/**
* Gets group details
+ *
* @param string $gid Name of the group
* @return array | false
* @throws \Exception
@@ -1266,6 +1287,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLD
* Return LDAP connection resource from a cloned connection.
* The cloned connection needs to be closed manually.
* of the current access.
+ *
* @param string $gid
* @return resource of the LDAP connection
*/
diff --git a/apps/user_ldap/lib/Group_Proxy.php b/apps/user_ldap/lib/Group_Proxy.php
index a586906df8e..c6a2c7fb6fb 100644
--- a/apps/user_ldap/lib/Group_Proxy.php
+++ b/apps/user_ldap/lib/Group_Proxy.php
@@ -36,6 +36,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Constructor
+ *
* @param string[] $serverConfigPrefixes array containing the config Prefixes
*/
public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap, GroupPluginManager $groupPluginManager) {
@@ -51,6 +52,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Tries the backends one after the other until a positive result is returned from the specified method
+ *
* @param string $gid the gid connected to the request
* @param string $method the method of the group backend that shall be called
* @param array $parameters an array of parameters to be passed
@@ -60,7 +62,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
$cacheKey = $this->getGroupCacheKey($gid);
foreach ($this->backends as $configPrefix => $backend) {
if ($result = call_user_func_array([$backend, $method], $parameters)) {
- if(!$this->isSingleBackend()) {
+ if (!$this->isSingleBackend()) {
$this->writeToCache($cacheKey, $configPrefix);
}
return $result;
@@ -71,6 +73,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Asks the backend connected to the server that supposely takes care of the gid from the request.
+ *
* @param string $gid the gid connected to the request
* @param string $method the method of the group backend that shall be called
* @param array $parameters an array of parameters to be passed
@@ -107,6 +110,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* is user in group?
+ *
* @param string $uid uid of the user
* @param string $gid gid of the group
* @return bool
@@ -119,6 +123,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Get all groups a user belongs to
+ *
* @param string $uid Name of the user
* @return string[] with group names
*
@@ -140,6 +145,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* get a list of all users in a group
+ *
* @return string[] with user ids
*/
public function usersInGroup($gid, $search = '', $limit = -1, $offset = 0) {
@@ -166,6 +172,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* delete a group
+ *
* @param string $gid gid of the group to delete
* @return bool
*/
@@ -176,6 +183,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Add a user to a group
+ *
* @param string $uid Name of the user to add to group
* @param string $gid Name of the group in which add the user
* @return bool
@@ -189,6 +197,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Removes a user from a group
+ *
* @param string $uid Name of the user to remove from group
* @param string $gid Name of the group from which remove the user
* @return bool
@@ -202,6 +211,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* returns the number of users in a group, who match the search term
+ *
* @param string $gid the internal group name
* @param string $search optional, a search string
* @return int|bool
@@ -213,6 +223,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* get an array with group details
+ *
* @param string $gid
* @return array|false
*/
@@ -223,6 +234,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* get a list of all groups
+ *
* @return string[] with group names
*
* Returns a list with all groups
@@ -242,6 +254,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* check if a group exists
+ *
* @param string $gid
* @return bool
*/
@@ -251,6 +264,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Check if backend implements actions
+ *
* @param int $actions bitwise-or'ed actions
* @return boolean
*
@@ -264,6 +278,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Return access for LDAP interaction.
+ *
* @param string $gid
* @return Access instance of Access for LDAP interaction
*/
@@ -274,6 +289,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP, IGet
/**
* Return a new LDAP connection for the specified group.
* The connection needs to be closed manually.
+ *
* @param string $gid
* @return resource of the LDAP connection
*/
diff --git a/apps/user_ldap/lib/Helper.php b/apps/user_ldap/lib/Helper.php
index 2247cf6e278..05e56c318af 100644
--- a/apps/user_ldap/lib/Helper.php
+++ b/apps/user_ldap/lib/Helper.php
@@ -57,6 +57,7 @@ class Helper {
/**
* returns prefixes for each saved LDAP/AD server configuration.
+ *
* @param bool $activeConfigurations optional, whether only active configuration shall be
* retrieved, defaults to false
* @return array with a list of the available prefixes
@@ -97,6 +98,7 @@ class Helper {
/**
*
* determines the host for every configured connection
+ *
* @return array an array with configprefix as keys
*
*/
@@ -149,6 +151,7 @@ class Helper {
/**
* deletes a given saved LDAP/AD server configuration.
+ *
* @param string $prefix the configuration prefix of the config to delete
* @return bool true on success, false otherwise
*/
@@ -166,11 +169,11 @@ class Helper {
DELETE
FROM `*PREFIX*appconfig`
WHERE `configkey` LIKE ?
- '.$saveOtherConfigurations.'
+ ' . $saveOtherConfigurations . '
AND `appid` = \'user_ldap\'
AND `configkey` NOT IN (\'enabled\', \'installed_version\', \'types\', \'bgjUpdateGroupsLastRun\')
');
- $delRows = $query->execute([$prefix.'%']);
+ $delRows = $query->execute([$prefix . '%']);
if ($delRows === null) {
return false;
@@ -185,8 +188,9 @@ class Helper {
/**
* checks whether there is one or more disabled LDAP configurations
- * @throws \Exception
+ *
* @return bool
+ * @throws \Exception
*/
public function haveDisabledConfigurations() {
$all = $this->getServerConfigurationPrefixes(false);
@@ -201,6 +205,7 @@ class Helper {
/**
* extracts the domain from a given URL
+ *
* @param string $url the URL
* @return string|false domain as string on success, false otherwise
*/
@@ -234,6 +239,7 @@ class Helper {
/**
* sanitizes a DN received from the LDAP server
+ *
* @param array $dn the DN in question
* @return array|string the sanitized DN
*/
@@ -247,12 +253,12 @@ class Helper {
return $result;
}
- if(!is_string($dn)) {
+ if (!is_string($dn)) {
throw new \LogicException('String expected ' . \gettype($dn) . ' given');
}
if (($sanitizedDn = $this->sanitizeDnCache->get($dn)) !== null) {
- return $sanitizedDn;
+ return $sanitizedDn;
}
//OID sometimes gives back DNs with whitespace after the comma
@@ -274,9 +280,9 @@ class Helper {
'\;' => '\5c3B',
'\"' => '\5c22',
'\#' => '\5c23',
- '(' => '\28',
- ')' => '\29',
- '*' => '\2A',
+ '(' => '\28',
+ ')' => '\29',
+ '*' => '\2A',
];
$sanitizedDn = str_replace(array_keys($replacements), array_values($replacements), $sanitizedDn);
$this->sanitizeDnCache->set($dn, $sanitizedDn);
@@ -286,6 +292,7 @@ class Helper {
/**
* converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters
+ *
* @param string $dn the DN
* @return string
*/
@@ -316,7 +323,7 @@ class Helper {
$userSession = \OC::$server->getUserSession();
$userPluginManager = \OC::$server->query('LDAPUserPluginManager');
- $userBackend = new User_Proxy(
+ $userBackend = new User_Proxy(
$configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession, $userPluginManager
);
$uid = $userBackend->loginName2UserName($param['uid']);
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index c88b84635f9..6fd07f5f483 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -30,7 +30,7 @@ use OC\DB\QueryBuilder\QueryBuilder;
/**
* Class AbstractMapping
-*
+ *
* @package OCA\User_LDAP\Mapping
*/
abstract class AbstractMapping {
@@ -41,6 +41,7 @@ abstract class AbstractMapping {
/**
* returns the DB table name which holds the mappings
+ *
* @return string
*/
abstract protected function getTableName(bool $includePrefix = true);
@@ -57,6 +58,7 @@ abstract class AbstractMapping {
/**
* checks whether a provided string represents an existing table col
+ *
* @param string $col
* @return bool
*/
@@ -73,11 +75,12 @@ abstract class AbstractMapping {
/**
* Gets the value of one column based on a provided value of another column
+ *
* @param string $fetchCol
* @param string $compareCol
* @param string $search
- * @throws \Exception
* @return string|false
+ * @throws \Exception
*/
protected function getXbyY($fetchCol, $compareCol, $search) {
if (!$this->isColNameValid($fetchCol)) {
@@ -87,7 +90,7 @@ abstract class AbstractMapping {
}
$query = $this->dbc->prepare('
SELECT `' . $fetchCol . '`
- FROM `'. $this->getTableName() .'`
+ FROM `' . $this->getTableName() . '`
WHERE `' . $compareCol . '` = ?
');
@@ -101,6 +104,7 @@ abstract class AbstractMapping {
/**
* Performs a DELETE or UPDATE query to the database.
+ *
* @param \Doctrine\DBAL\Driver\Statement $query
* @param array $parameters
* @return bool true if at least one row was modified, false otherwise
@@ -113,12 +117,13 @@ abstract class AbstractMapping {
/**
* Gets the LDAP DN based on the provided name.
* Replaces Access::ocname2dn
+ *
* @param string $name
* @return string|false
*/
public function getDNByName($name) {
$dn = array_search($name, $this->cache);
- if($dn === false) {
+ if ($dn === false) {
$dn = $this->getXbyY('ldap_dn', 'owncloud_name', $name);
$this->cache[$dn] = $name;
}
@@ -127,6 +132,7 @@ abstract class AbstractMapping {
/**
* Updates the DN based on the given UUID
+ *
* @param string $fdn
* @param string $uuid
* @return bool
@@ -141,7 +147,7 @@ abstract class AbstractMapping {
$r = $this->modify($query, [$fdn, $uuid]);
- if($r && is_string($oldDn) && isset($this->cache[$oldDn])) {
+ if ($r && is_string($oldDn) && isset($this->cache[$oldDn])) {
$this->cache[$fdn] = $this->cache[$oldDn];
unset($this->cache[$oldDn]);
}
@@ -172,11 +178,12 @@ abstract class AbstractMapping {
/**
* Gets the name based on the provided LDAP DN.
+ *
* @param string $fdn
* @return string|false
*/
public function getNameByDN($fdn) {
- if(!isset($this->cache[$fdn])) {
+ if (!isset($this->cache[$fdn])) {
$this->cache[$fdn] = $this->getXbyY('owncloud_name', 'ldap_dn', $fdn);
}
return $this->cache[$fdn];
@@ -201,6 +208,7 @@ abstract class AbstractMapping {
/**
* Searches mapped names by the giving string in the name column
+ *
* @param string $search
* @param string $prefixMatch
* @param string $postfixMatch
@@ -209,11 +217,11 @@ abstract class AbstractMapping {
public function getNamesBySearch($search, $prefixMatch = "", $postfixMatch = "") {
$query = $this->dbc->prepare('
SELECT `owncloud_name`
- FROM `'. $this->getTableName() .'`
+ FROM `' . $this->getTableName() . '`
WHERE `owncloud_name` LIKE ?
');
- $res = $query->execute([$prefixMatch.$this->dbc->escapeLikeParameter($search).$postfixMatch]);
+ $res = $query->execute([$prefixMatch . $this->dbc->escapeLikeParameter($search) . $postfixMatch]);
$names = [];
if ($res !== false) {
while ($row = $query->fetch()) {
@@ -225,6 +233,7 @@ abstract class AbstractMapping {
/**
* Gets the name based on the provided LDAP UUID.
+ *
* @param string $uuid
* @return string|false
*/
@@ -238,6 +247,7 @@ abstract class AbstractMapping {
/**
* Gets the UUID based on the provided LDAP DN
+ *
* @param string $dn
* @return false|string
* @throws \Exception
@@ -248,6 +258,7 @@ abstract class AbstractMapping {
/**
* gets a piece of the mapping list
+ *
* @param int $offset
* @param int $limit
* @return array
@@ -269,6 +280,7 @@ abstract class AbstractMapping {
/**
* attempts to map the given entry
+ *
* @param string $fdn fully distinguished name (from LDAP)
* @param string $name
* @param string $uuid a unique identifier as used in LDAP
@@ -287,14 +299,14 @@ abstract class AbstractMapping {
}
$row = [
- 'ldap_dn' => $fdn,
- 'owncloud_name' => $name,
+ 'ldap_dn' => $fdn,
+ 'owncloud_name' => $name,
'directory_uuid' => $uuid
];
try {
$result = $this->dbc->insertIfNotExist($this->getTableName(), $row);
- if((bool)$result === true) {
+ if ((bool)$result === true) {
$this->cache[$fdn] = $name;
}
// insertIfNotExist returns values as int
@@ -306,12 +318,13 @@ abstract class AbstractMapping {
/**
* removes a mapping based on the owncloud_name of the entry
+ *
* @param string $name
* @return bool
*/
public function unmap($name) {
$query = $this->dbc->prepare('
- DELETE FROM `'. $this->getTableName() .'`
+ DELETE FROM `' . $this->getTableName() . '`
WHERE `owncloud_name` = ?');
return $this->modify($query, [$name]);
@@ -319,6 +332,7 @@ abstract class AbstractMapping {
/**
* Truncate's the mapping table
+ *
* @return bool
*/
public function clear() {
diff --git a/apps/user_ldap/lib/Proxy.php b/apps/user_ldap/lib/Proxy.php
index 09f4ac407d8..7bcbd19ff1c 100644
--- a/apps/user_ldap/lib/Proxy.php
+++ b/apps/user_ldap/lib/Proxy.php
@@ -40,7 +40,7 @@ use OCA\User_LDAP\User\Manager;
abstract class Proxy {
private static $accesses = [];
private $ldap = null;
- /** @var bool */
+ /** @var bool */
private $isSingleBackend;
/** @var \OCP\ICache|null */
@@ -72,11 +72,11 @@ abstract class Proxy {
static $coreNotificationManager;
if ($fs === null) {
$ocConfig = \OC::$server->getConfig();
- $fs = new FilesystemHelper();
- $log = new LogWrapper();
- $avatarM = \OC::$server->getAvatarManager();
- $db = \OC::$server->getDatabaseConnection();
- $userMap = new UserMapping($db);
+ $fs = new FilesystemHelper();
+ $log = new LogWrapper();
+ $avatarM = \OC::$server->getAvatarManager();
+ $db = \OC::$server->getDatabaseConnection();
+ $userMap = new UserMapping($db);
$groupMap = new GroupMapping($db);
$coreUserManager = \OC::$server->getUserManager();
$coreNotificationManager = \OC::$server->getNotificationManager();
@@ -107,7 +107,7 @@ abstract class Proxy {
* @return string
*/
protected function getUserCacheKey($uid) {
- return 'user-'.$uid.'-lastSeenOn';
+ return 'user-' . $uid . '-lastSeenOn';
}
/**
@@ -115,7 +115,7 @@ abstract class Proxy {
* @return string
*/
protected function getGroupCacheKey($gid) {
- return 'group-'.$gid.'-lastSeenOn';
+ return 'group-' . $gid . '-lastSeenOn';
}
/**
@@ -143,8 +143,8 @@ abstract class Proxy {
abstract protected function activeBackends(): int;
- protected function isSingleBackend(): bool{
- if($this->isSingleBackend === null) {
+ protected function isSingleBackend(): bool {
+ if ($this->isSingleBackend === null) {
$this->isSingleBackend = $this->activeBackends() === 1;
}
return $this->isSingleBackend;
@@ -152,6 +152,7 @@ abstract class Proxy {
/**
* Takes care of the request to the User backend
+ *
* @param string $id
* @param string $method string, the method of the user backend that shall be called
* @param array $parameters an array of parameters to be passed
@@ -177,7 +178,7 @@ abstract class Proxy {
if ($key === null) {
return $prefix;
}
- return $prefix.hash('sha256', $key);
+ return $prefix . hash('sha256', $key);
}
/**
@@ -206,7 +207,7 @@ abstract class Proxy {
if ($this->cache === null) {
return;
}
- $key = $this->getCacheKey($key);
+ $key = $this->getCacheKey($key);
$value = base64_encode(json_encode($value));
$this->cache->set($key, $value, 2592000);
}
diff --git a/apps/user_ldap/lib/User_Proxy.php b/apps/user_ldap/lib/User_Proxy.php
index d4eba412b40..a81e4668347 100644
--- a/apps/user_ldap/lib/User_Proxy.php
+++ b/apps/user_ldap/lib/User_Proxy.php
@@ -72,6 +72,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Tries the backends one after the other until a positive result is returned from the specified method
+ *
* @param string $uid the uid connected to the request
* @param string $method the method of the user backend that shall be called
* @param array $parameters an array of parameters to be passed
@@ -86,7 +87,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
$instance = $this->getAccess($configPrefix);
}
if ($result = call_user_func_array([$instance, $method], $parameters)) {
- if(!$this->isSingleBackend()) {
+ if (!$this->isSingleBackend()) {
$this->writeToCache($cacheKey, $configPrefix);
}
return $result;
@@ -97,6 +98,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Asks the backend connected to the server that supposely takes care of the uid from the request.
+ *
* @param string $uid the uid connected to the request
* @param string $method the method of the user backend that shall be called
* @param array $parameters an array of parameters to be passed
@@ -138,6 +140,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Check if backend implements actions
+ *
* @param int $actions bitwise-or'ed actions
* @return boolean
*
@@ -151,6 +154,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Backend name to be shown in user management
+ *
* @return string the name of the backend to be shown
*/
public function getBackendName() {
@@ -179,6 +183,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* check if a user exists
+ *
* @param string $uid the username
* @return boolean
*/
@@ -203,6 +208,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* check if a user exists on LDAP
+ *
* @param string|\OCA\User_LDAP\User\User $user either the Nextcloud user
* name or an instance of that user
* @return boolean
@@ -214,6 +220,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Check if the password is correct
+ *
* @param string $uid The username
* @param string $password The password
* @return bool
@@ -234,7 +241,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
$id = 'LOGINNAME,' . $loginName;
return $this->handleRequest($id, 'loginName2UserName', [$loginName]);
}
-
+
/**
* returns the username for the given LDAP DN, if available
*
@@ -248,6 +255,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* get the user's home directory
+ *
* @param string $uid the username
* @return boolean
*/
@@ -257,6 +265,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* get display name of the user
+ *
* @param string $uid user ID of the user
* @return string display name
*/
@@ -277,6 +286,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* checks whether the user is allowed to change his avatar in Nextcloud
+ *
* @param string $uid the Nextcloud user name
* @return boolean either the user can or cannot
*/
@@ -286,6 +296,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Get a list of all display names and user ids.
+ *
* @param string $search
* @param string|null $limit
* @param string|null $offset
@@ -305,6 +316,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* delete a user
+ *
* @param string $uid The username of the user to delete
* @return bool
*
@@ -313,9 +325,10 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
public function deleteUser($uid) {
return $this->handleRequest($uid, 'deleteUser', [$uid]);
}
-
+
/**
* Set password
+ *
* @param string $uid The username
* @param string $password The new password
* @return bool
@@ -334,6 +347,7 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Count the number of users
+ *
* @return int|bool
*/
public function countUsers() {
@@ -349,16 +363,18 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Return access for LDAP interaction.
+ *
* @param string $uid
* @return Access instance of Access for LDAP interaction
*/
public function getLDAPAccess($uid) {
return $this->handleRequest($uid, 'getLDAPAccess', [$uid]);
}
-
+
/**
* Return a new LDAP connection for the specified user.
* The connection needs to be closed manually.
+ *
* @param string $uid
* @return resource of the LDAP connection
*/
@@ -368,11 +384,12 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface,
/**
* Creates a new user in LDAP
+ *
* @param $username
* @param $password
* @return bool
*/
public function createUser($username, $password) {
- return $this->handleRequest($username, 'createUser', [$username,$password]);
+ return $this->handleRequest($username, 'createUser', [$username, $password]);
}
}