LDAP: get user photo from LDAP and set it as avatar if available

1 files changed, 62 insertions, 1 deletions

diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 6f52bbdf233..2bff4b28212 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -70,6 +70,65 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 	}
 
 	/**
+	 * @brief reads jpegPhoto and set is as avatar if available
+	 * @param $uid string ownCloud user name
+	 * @param $dn string the user's LDAP DN
+	 * @return void
+	 */
+	private function updateAvatar($uid, $dn) {
+		$lastChecked = $this->access->connection->lastJpegPhotoLookup;
+		if((time() - $lastChecked) < 86400 ) {
+			//update only once a day
+			return;
+		}
+
+		$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
+		$this->access->connection->lastJpegPhotoLookup = time();
+		if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
+			//not set, nothing left to do;
+			return;
+		}
+
+		$image = new \OCP\Image($jpegPhoto[0]);
+		if(!$image->valid()) {
+			\OCP\Util::writeLog('user_ldap', 'jpegPhoto data invalid for '.$dn,
+								\OCP\Util::ERROR);
+			return;
+		}
+		//make sure it is a square and not bigger than 128x128
+		$size = min(array($image->width(), $image->height(), 128));
+		if(!$image->centerCrop($size)) {
+			\OCP\Util::writeLog('user_ldap',
+								'croping image for avatar failed for '.$dn,
+								\OCP\Util::ERROR);
+			return;
+		}
+
+		$avatarManager = \OC::$server->getAvatarManager();
+		$avatar = $avatarManager->getAvatar($uid);
+		$avatar->set($image->data());
+	}
+
+	/**
+	 * @brief checks whether the user is allowed to change his avatar in ownCloud
+	 * @param $uid string the ownCloud user name
+	 * @return boolean either the user can or cannot
+	 */
+	public function canChangeAvatar($uid) {
+		$dn = $this->access->username2dn($uid);
+		if(!$dn) {
+			return false;
+		}
+		$jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto');
+		if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) {
+			//The user is allowed to change his avatar in ownCloud only if no
+			//avatar is provided by LDAP
+			return true;
+		}
+		return false;
+	}
+
+	/**
 	 * @brief Check if the password is correct
 	 * @param $uid The username
 	 * @param $password The password
@@ -173,6 +232,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 
 		$this->access->connection->writeToCache('userExists'.$uid, true);
 		$this->updateQuota($dn);
+		$this->updateAvatar($uid, $dn);
 		return true;
 	}
 
@@ -289,7 +349,8 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface {
 	public function implementsActions($actions) {
 		return (bool)((OC_USER_BACKEND_CHECK_PASSWORD
 			| OC_USER_BACKEND_GET_HOME
-			| OC_USER_BACKEND_GET_DISPLAYNAME)
+			| OC_USER_BACKEND_GET_DISPLAYNAME
+			| OC_USER_BACKEND_PROVIDE_AVATAR)
 			& $actions);
 	}