group LDAP: implemented inGroup()

3 files changed, 65 insertions, 4 deletions

diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index b9d00fc78af..3b817c65b76 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -21,7 +21,7 @@
  *
  */
 
- class OC_GROUP_LDAP extends OC_Group_Backend {
+class OC_GROUP_LDAP extends OC_Group_Backend {
 // 	//group specific settings
 	protected $ldapGroupFilter;
 	protected $ldapGroupDisplayName;
@@ -40,7 +40,20 @@
 	 * Checks whether the user is member of a group or not.
 	 */
 	public function inGroup($uid, $gid) {
-		return array();
+		$filter = OC_LDAP::combineFilterWithAnd(array(
+			$this->ldapGroupFilter,
+			LDAP_GROUP_MEMBER_ASSOC_ATTR.'='.$uid,
+			$this->ldapGroupDisplayName.'='.$gid
+		));
+		$groups = OC_LDAP::search($filter, $this->ldapGroupDisplayName);
+
+		if(count($groups) == 1) {
+			return true;
+		} else if(count($groups) < 1) {
+			return false;
+		} else {
+			throw new Exception('Too many groups of the same name!? – this excpetion should never been thrown :)');
+		}
 	}
 
 	/**
@@ -79,4 +92,4 @@
 		}
 	}
 
- }
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 62e478597bd..afb442e05f3 100644
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -21,7 +21,9 @@
  *
  */
 
- class OC_LDAP {
+define(LDAP_GROUP_MEMBER_ASSOC_ATTR,'memberUid');
+
+class OC_LDAP {
 	static protected $ldapConnectionRes = false;
 	static protected $configured = false;
 
@@ -65,6 +67,48 @@
 	}
 
 	/**
+	 * @brief combines the input filters with AND
+	 * @param $filters array, the filters to connect
+	 * @returns the combined filter
+	 *
+	 * Combines Filter arguments with AND
+	 */
+	static public function combineFilterWithAnd($filters) {
+		return self::combineFilter($filters,'&');
+	}
+
+	/**
+	 * @brief combines the input filters with AND
+	 * @param $filters array, the filters to connect
+	 * @returns the combined filter
+	 *
+	 * Combines Filter arguments with AND
+	 */
+	static public function combineFilterWithOr($filters) {
+		return self::combineFilter($filters,'|');
+	}
+
+	/**
+	 * @brief combines the input filters with given operator
+	 * @param $filters array, the filters to connect
+	 * @param $operator either & or |
+	 * @returns the combined filter
+	 *
+	 * Combines Filter arguments with AND
+	 */
+	static private function combineFilter($filters, $operator) {
+		$combinedFilter = '('.$operator;
+		foreach($filters as $filter) {
+		    if(substr($filter,0,1) != '(') {
+				$filter = '('.$filter.')';
+		    }
+		    $combinedFilter.=$filter;
+		}
+		$combinedFilter.=')';
+		return $combinedFilter;
+	}
+
+	/**
 	 * Returns the LDAP handler
 	 */
 	static private function getConnectionResource() {
diff --git a/apps/user_ldap/tests/group_ldap.php b/apps/user_ldap/tests/group_ldap.php
index 277a2348925..b328153b8b5 100644
--- a/apps/user_ldap/tests/group_ldap.php
+++ b/apps/user_ldap/tests/group_ldap.php
@@ -31,6 +31,10 @@ class Test_Group_Ldap extends UnitTestCase {
 
  		$this->assertIsA(OC_Group::getGroups(),gettype(array()));
 		$this->assertIsA($group_ldap->getGroups(),gettype(array()));
+
+		$this->assertFalse(OC_Group::inGroup('john','dosers'),gettype(false));
+		$this->assertFalse($group_ldap->inGroup('john','dosers'),gettype(false));
+		//TODO: check also for expected true result. This backend won't be able to do any modifications, maybe use a dummy for this.
 	}
 
 }