summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/user_ldap.php
diff options
context:
space:
mode:
authorArthur Schiwon <blizzz@owncloud.com>2012-02-16 17:55:39 +0100
committerArthur Schiwon <blizzz@owncloud.com>2012-02-20 10:39:55 +0100
commit7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115 (patch)
treea6c98ab64634e57bc5eab379694f7fbd15befdc8 /apps/user_ldap/user_ldap.php
parent490c9db15da89797eea5c3e30fc9a0790bd60b32 (diff)
downloadnextcloud-server-7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115.tar.gz
nextcloud-server-7ff4e40b20dfeb937ff6dccbc87e42a8bc4f5115.zip
Combing LDAP backend with LDAP extended backend
Diffstat (limited to 'apps/user_ldap/user_ldap.php')
-rw-r--r--apps/user_ldap/user_ldap.php78
1 files changed, 61 insertions, 17 deletions
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 106240e74b8..670d938ea95 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -36,6 +36,12 @@ class OC_USER_LDAP extends OC_User_Backend {
protected $ldap_tls;
protected $ldap_nocase;
protected $ldap_display_name;
+ protected $ldap_quota;
+ protected $ldap_quota_def;
+ protected $ldap_email;
+
+ // will be retrieved from LDAP server
+ protected $ldap_dc = false;
function __construct() {
$this->ldap_host = OC_Appconfig::getValue('user_ldap', 'ldap_host','');
@@ -47,6 +53,9 @@ class OC_USER_LDAP extends OC_User_Backend {
$this->ldap_tls = OC_Appconfig::getValue('user_ldap', 'ldap_tls', 0);
$this->ldap_nocase = OC_Appconfig::getValue('user_ldap', 'ldap_nocase', 0);
$this->ldap_display_name = OC_Appconfig::getValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME);
+ $this->ldap_quota_attr = OC_Appconfig::getValue('user_ldap', 'ldap_quota_attr','');
+ $this->ldap_quota_def = OC_Appconfig::getValue('user_ldap', 'ldap_quota_def','');
+ $this->ldap_email_attr = OC_Appconfig::getValue('user_ldap', 'ldap_email_attr','');
if( !empty($this->ldap_host)
&& !empty($this->ldap_port)
@@ -66,6 +75,28 @@ class OC_USER_LDAP extends OC_User_Backend {
ldap_unbind($this->ds);
}
+ private function setQuota( $uid ) {
+ if( !$this->ldap_dc )
+ return false;
+
+ $quota = $this->ldap_dc[$this->ldap_quota_attr][0];
+ $quota = $quota != -1 ? $quota : $this->ldap_quota_def;
+ OC_Preferences::setValue($uid, 'files', 'quota', $quota);
+ }
+
+ private function setEmail( $uid ) {
+ if( !$this->ldap_dc )
+ return false;
+
+ $email = OC_Preferences::getValue($uid, 'settings', 'email', '');
+ if ( !empty( $email ) )
+ return false;
+
+ $email = $this->ldap_dc[$this->ldap_email_attr][0];
+ OC_Preferences::setValue($uid, 'settings', 'email', $email);
+ }
+
+ //Connect to LDAP and store the resource
private function getDs() {
if(!$this->ds) {
$this->ds = ldap_connect( $this->ldap_host, $this->ldap_port );
@@ -74,18 +105,19 @@ class OC_USER_LDAP extends OC_User_Backend {
if($this->ldap_tls)
ldap_start_tls($this->ds);
}
-
+ //TODO: Not necessary to perform a bind each time, is it?
// login
if(!empty($this->ldap_dn)) {
$ldap_login = @ldap_bind( $this->ds, $this->ldap_dn, $this->ldap_password );
- if(!$ldap_login)
+ if(!$ldap_login) {
return false;
+ }
}
return $this->ds;
}
- private function getDn( $uid ) {
+ private function getDc( $uid ) {
if(!$this->configured)
return false;
@@ -99,31 +131,43 @@ class OC_USER_LDAP extends OC_User_Backend {
$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
$entries = ldap_get_entries( $this->getDs(), $sr );
- if( $entries['count'] == 0 )
+ if( $entries['count'] == 0 ) {
return false;
+ }
+
+ $this->ldap_dc = $entries[0];
- return $entries[0]['dn'];
+ return $this->ldap_dc;
}
public function checkPassword( $uid, $password ) {
if(!$this->configured){
return false;
}
- $dn = $this->getDn( $uid );
- if( !$dn )
+ $dc = $this->getDc( $uid );
+ if( !$dc )
return false;
- if (!@ldap_bind( $this->getDs(), $dn, $password ))
+ if (!@ldap_bind( $this->getDs(), $dc['dn'], $password )) {
return false;
-
+ }
+
+ if(!empty($this->ldap_quota) && !empty($this->ldap_quota_def)) {
+ $this->setQuota($uid);
+ }
+
+ if(!empty($this->ldap_email_attr)) {
+ $this->setEmail($uid);
+ }
+
if($this->ldap_nocase) {
$filter = str_replace('%uid', $uid, $this->ldap_filter);
$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
$entries = ldap_get_entries( $this->getDs(), $sr );
if( $entries['count'] == 1 ) {
foreach($entries as $row) {
- $ldap_display_name = strtolower($this->ldap_display_name);
- if(isset($row[$ldap_display_name])) {
+ $ldap_display_name = strtolower($this->ldap_display_name);
+ if(isset($row[$ldap_display_name])) {
return $row[$ldap_display_name][0];
}
}
@@ -131,12 +175,12 @@ class OC_USER_LDAP extends OC_User_Backend {
else {
return $uid;
}
-
+
}
else {
return $uid;
}
-
+
}
public function userExists( $uid ) {
@@ -146,17 +190,17 @@ class OC_USER_LDAP extends OC_User_Backend {
$dn = $this->getDn($uid);
return !empty($dn);
}
-
+
public function getUsers()
{
if(!$this->configured)
return false;
-
+
// connect to server
$ds = $this->getDs();
if( !$ds )
return false;
-
+
// get users
$filter = 'objectClass=person';
$sr = ldap_search( $this->getDs(), $this->ldap_base, $filter );
@@ -169,7 +213,7 @@ class OC_USER_LDAP extends OC_User_Backend {
// TODO ldap_get_entries() seems to lower all keys => needs review
$ldap_display_name = strtolower($this->ldap_display_name);
if(isset($row[$ldap_display_name])) {
- $users[] = $row[$ldap_display_name][0];
+ $users[] = $row[$ldap_display_name][0];
}
}
// TODO language specific sorting of user names
: "Ĝisdatigata...", "Error while updating app" : "Eraris ĝisdatigo de la aplikaĵo", "Updated" : "Ĝisdatigita", "Delete" : "Forigi", "Select a profile picture" : "Elekti profilan bildon", "Very weak password" : "Tre malforta pasvorto", "Weak password" : "Malforta pasvorto", "So-so password" : "Mezaĉa pasvorto", "Good password" : "Bona pasvorto", "Strong password" : "Forta pasvorto", "Groups" : "Grupoj", "deleted {groupName}" : "{groupName} foriĝis", "undo" : "malfari", "never" : "neniam", "deleted {userName}" : "{userName} foriĝis", "A valid username must be provided" : "Valida uzantonomo devas proviziĝi", "A valid password must be provided" : "Valida pasvorto devas proviziĝi", "by %s" : "de %s", "%s-licensed" : "%s-permesila", "Documentation:" : "Dokumentaro:", "User documentation" : "Uzodokumentaro", "Admin documentation" : "Administrodokumentaro", "Show description …" : "Montri priskribon...", "Hide description …" : "Malmontri priskribon...", "Enable only for specific groups" : "Kapabligi nur por specifajn grupojn", "Common Name" : "Komuna nomo", "Valid until" : "Valida ĝis", "Valid until %s" : "Valida ĝis %s", "Administrator documentation" : "Administrodokumentaro", "Forum" : "Forumo", "Commercial support" : "Komerca subteno", "Profile picture" : "Profila bildo", "Upload new" : "Alŝuti novan", "Select from Files" : "Elekti el Dosieroj", "Remove image" : "Forigi bildon", "Cancel" : "Nuligi", "Full name" : "Plena nomo", "Email" : "Retpoŝto", "Your email address" : "Via retpoŝta adreso", "Password" : "Pasvorto", "Current password" : "Nuna pasvorto", "New password" : "Nova pasvorto", "Change password" : "Ŝanĝi la pasvorton", "Language" : "Lingvo", "Help translate" : "Helpu traduki", "Get the apps to sync your files" : "Ekhavu la aplikaĵojn por sinkronigi viajn dosierojn", "Desktop client" : "Labortabla kliento", "Android app" : "Android-aplikaĵo", "iOS app" : "iOS-aplikaĵo", "Username" : "Uzantonomo", "Done" : "Farita", "Version" : "Eldono", "None" : "Nenio", "Login" : "Ensaluti", "Email server" : "Retpoŝtoservilo", "Open documentation" : "Malfermi la dokumentaron", "Send mode" : "Sendi pli", "Encryption" : "Ĉifrado", "From address" : "El adreso", "mail" : "retpoŝto", "Authentication method" : "Aŭtentiga metodo", "Authentication required" : "Aŭtentiĝo nepras", "Server address" : "Servila adreso", "Port" : "Pordo", "Credentials" : "Aŭtentigiloj", "SMTP Username" : "SMTP-uzantonomo", "SMTP Password" : "SMTP-pasvorto", "Test email settings" : "Provi retpoŝtagordon", "Send email" : "Sendi retpoŝton", "This is the final warning: Do you really want to enable encryption?" : "Jen la fina averto: ĉu vi certe volas kapabligi ĉifradon?", "Enable encryption" : "Kapabligi ĉifradon", "Sharing" : "Kunhavigo", "Allow apps to use the Share API" : "Kapabligi aplikaĵojn uzi la API-on pri Kunhavigo", "Allow users to share via link" : "Permesi uzantojn kunhavigi ligile", "Allow public uploads" : "Permesi publikajn alŝutojn", "Expire after " : "Eksvalidigi post", "days" : "tagoj", "Allow resharing" : "Kapabligi rekunhavigon", "Show user backend" : "Montri uzantomotoron", "E-Mail" : "Retpoŝtadreso", "Create" : "Krei", "Everyone" : "Ĉiuj", "Admins" : "Administrantoj", "Unlimited" : "Senlima", "Other" : "Alia", "Quota" : "Kvoto", "change full name" : "ŝanĝi plenan nomon", "set new password" : "agordi novan pasvorton", "change email address" : "ŝanĝi retpoŝtadreson", "Default" : "Defaŭlta", "Enabled" : "Kapabligita", "Backend doesn't support password change, but the user's encryption key was successfully updated." : "Motoro ne subtenas ŝanĝi pasvorton, sed la ĉifroŝlosilo de la uzanto sukcese ĝisdatiĝis.", "Invalid request" : "Nevalida peto", "Admins can't remove themself from the admin group" : "Administrantoj ne povas forigi sin mem el la administra grupo.", "Unable to add user to group %s" : "Ne eblis aldoni la uzanton al la grupo %s", "Unable to remove user from group %s" : "Ne eblis forigi la uzantan el la grupo %s", "Sending..." : "Sendante...", "Uninstalling ...." : "Malinstalante...", "Error while uninstalling app" : "Eraris malinstalo de aplikaĵo", "Uninstall" : "Malinstali", "__language_name__" : "Esperanto", "Personal info" : "Persona informo", "Sync clients" : "Sinkronigi klientojn", "Cron" : "Cron", "Name" : "Nomo", "Show last log in" : "Montri lastan ensaluton" }, "nplurals=2; plural=(n != 1);");