LDAP Wizard: proper behaviour for raw filter input. remember the editing mode and compose filter only when desired.

4 files changed, 163 insertions, 27 deletions

diff --git a/apps/user_ldap/ajax/wizard.php b/apps/user_ldap/ajax/wizard.php
index e580c097867..daad0070119 100644
--- a/apps/user_ldap/ajax/wizard.php
+++ b/apps/user_ldap/ajax/wizard.php
@@ -53,8 +53,11 @@ switch($action) {
 	case 'determineGroupsForGroups':
 	case 'determineAttributes':
 	case 'getUserListFilter':
+	case 'getLoginFilterMode':
 	case 'getUserLoginFilter':
+	case 'getUserFilterMode':
 	case 'getGroupFilter':
+	case 'getGroupFilterMode':
 	case 'countUsers':
 	case 'countGroups':
 		try {
diff --git a/apps/user_ldap/js/settings.js b/apps/user_ldap/js/settings.js
index 4b219ee2085..9d824a9e7e5 100644
--- a/apps/user_ldap/js/settings.js
+++ b/apps/user_ldap/js/settings.js
@@ -106,7 +106,7 @@ var LdapConfiguration = {
 	clearMappings: function(mappingSubject) {
 		$.post(
 			OC.filePath('user_ldap','ajax','clearMappings.php'),
-			'ldap_clear_mapping='+mappingSubject,
+			'ldap_clear_mapping='+encodeURIComponent(mappingSubject),
 			function(result) {
 				if(result.status == 'success') {
 					OC.dialogs.info(
@@ -129,6 +129,8 @@ var LdapWizard = {
 	saveBlacklist: {},
 	userFilterGroupSelectState: 'enable',
 	spinner: '<img class="wizSpinner" src="'+ OC.imagePath('core', 'loading.gif') +'">',
+	filterModeAssisted: 0,
+	filterModeRaw: 1,
 
 	ajax: function(param, fnOnSuccess, fnOnError) {
 		$.post(
@@ -146,10 +148,7 @@ var LdapWizard = {
 
 	applyChanges: function (result) {
 		for (id in result.changes) {
-			if(!$.isArray(result.changes[id])) {
-				//no need to blacklist multiselect
-				LdapWizard.saveBlacklist[id] = true;
-			}
+			LdapWizard.blacklistAdd(id);
 			if(id.indexOf('count') > 0) {
 				$('#'+id).text(result.changes[id]);
 			} else {
@@ -181,6 +180,25 @@ var LdapWizard = {
 		}
 	},
 
+
+	blacklistAdd: function(id) {
+		obj = $('#'+id);
+		if(!(obj[0].hasOwnProperty('multiple') && obj[0]['multiple'] == true)) {
+			//no need to blacklist multiselect
+			LdapWizard.saveBlacklist[id] = true;
+			return true;
+		}
+		return false;
+	},
+
+	blacklistRemove: function(id) {
+		if(LdapWizard.saveBlacklist.hasOwnProperty(id)) {
+			delete LdapWizard.saveBlacklist[id];
+			return true;
+		}
+		return false;
+	},
+
 	checkBaseDN: function() {
 		host = $('#ldap_host').val();
 		port = $('#ldap_port').val();
@@ -189,7 +207,8 @@ var LdapWizard = {
 
 		if(host && port && user && pass) {
 			param = 'action=guessBaseDN'+
-					'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+					'&ldap_serverconfig_chooser='+
+					encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 			LdapWizard.showSpinner('#ldap_base');
 			$('#ldap_base').prop('disabled', 'disabled');
@@ -217,7 +236,8 @@ var LdapWizard = {
 
 		if(host && !port) {
 			param = 'action=guessPortAndTLS'+
-					'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+					'&ldap_serverconfig_chooser='+
+					encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 			LdapWizard.showSpinner('#ldap_port');
 			$('#ldap_port').prop('disabled', 'disabled');
@@ -241,6 +261,12 @@ var LdapWizard = {
 	},
 
 	composeFilter: function(type) {
+		subject = type.charAt(0).toUpperCase() + type.substr(1);
+		if(!$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
+			//Raw filter editing, i.e. user defined filter, don't compose
+			return;
+		}
+
 		if(type == 'user') {
 			action = 'getUserListFilter';
 		} else if(type == 'login') {
@@ -250,7 +276,8 @@ var LdapWizard = {
 		}
 
 		param = 'action='+action+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.ajax(param,
 			function(result) {
@@ -308,7 +335,8 @@ var LdapWizard = {
 
 	_countThings: function(method) {
 		param = 'action='+method+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.ajax(param,
 			function(result) {
@@ -330,7 +358,8 @@ var LdapWizard = {
 
 	detectGroupMemberAssoc: function() {
 		param = 'action=determineGroupMemberAssoc'+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.ajax(param,
 			function(result) {
@@ -344,7 +373,8 @@ var LdapWizard = {
 
 	findAttributes: function() {
 		param = 'action=determineAttributes'+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.showSpinner('#ldap_loginfilter_attributes');
 		LdapWizard.ajax(param,
@@ -359,7 +389,9 @@ var LdapWizard = {
 				LdapWizard.hideSpinner('#ldap_loginfilter_attributes');
 				LdapWizard.applyChanges(result);
 				$('#ldap_loginfilter_attributes').multiselect('refresh');
-				$('#ldap_loginfilter_attributes').multiselect('enable');
+				if($('#rawLoginFilterContainer').hasClass('invisible')) {
+					$('#ldap_loginfilter_attributes').multiselect('enable');
+				}
 			},
 			function (result) {
 				//deactivate if no attributes found
@@ -375,8 +407,9 @@ var LdapWizard = {
 		if(type != 'Users' && type != 'Groups') {
 			return false;
 		}
-		param = 'action=determineGroupsFor'+type+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+		param = 'action=determineGroupsFor'+encodeURIComponent(type)+
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.showSpinner('#'+multisel);
 		LdapWizard.ajax(param,
@@ -390,7 +423,11 @@ var LdapWizard = {
 				LdapWizard.hideSpinner('#'+multisel);
 				LdapWizard.applyChanges(result);
 				$('#'+multisel).multiselect('refresh');
-				$('#'+multisel).multiselect('enable');
+				part = type.slice(0, -1);
+				if($('#raw' + part + 'FilterContainer').hasClass('invisible')) {
+					//enable only when raw filter editing is not turned on
+					$('#'+multisel).multiselect('enable');
+				}
 			},
 			function (result) {
 				LdapWizard.hideSpinner('#'+multisel);
@@ -403,8 +440,9 @@ var LdapWizard = {
 		if(type != 'User' && type != 'Group') {
 			return false;
 		}
-		param = 'action=determine'+type+'ObjectClasses'+
-				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
+		param = 'action=determine'+encodeURIComponent(type)+'ObjectClasses'+
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
 
 		LdapWizard.showSpinner('#'+multisel);
 		LdapWizard.ajax(param,
@@ -466,15 +504,15 @@ var LdapWizard = {
 	},
 
 	initGroupFilter: function() {
+		LdapWizard.regardFilterMode('Group');
 		LdapWizard.findObjectClasses('ldap_groupfilter_objectclass', 'Group');
 		LdapWizard.findAvailableGroups('ldap_groupfilter_groups', 'Groups');
-		LdapWizard.composeFilter('group');
 		LdapWizard.countGroups();
 	},
 
 	initLoginFilter: function() {
+		LdapWizard.regardFilterMode('Login');
 		LdapWizard.findAttributes();
-		LdapWizard.composeFilter('login');
 	},
 
 	initMultiSelect: function(object, id, caption) {
@@ -490,9 +528,9 @@ var LdapWizard = {
 	},
 
 	initUserFilter: function() {
+		LdapWizard.regardFilterMode('User');
 		LdapWizard.findObjectClasses('ldap_userfilter_objectclass', 'User');
 		LdapWizard.findAvailableGroups('ldap_userfilter_groups', 'Users');
-		LdapWizard.composeFilter('user');
 		LdapWizard.countUsers();
 	},
 
@@ -546,9 +584,36 @@ var LdapWizard = {
 		}
 	},
 
+	regardFilterMode: function(subject) {
+		param = 'action=get'+encodeURIComponent(subject)+'FilterMode'+
+				'&ldap_serverconfig_chooser='+
+				encodeURIComponent($('#ldap_serverconfig_chooser').val());
+
+		LdapWizard.ajax(param,
+			function(result) {
+				property = 'ldap' + subject + 'FilterMode';
+				mode = result.changes[property];
+				if(mode == LdapWizard.filterModeRaw
+					&& $('#raw'+subject+'FilterContainer').hasClass('invisible')) {
+					LdapWizard['toggleRaw'+subject+'Filter']();
+				} else if(mode == LdapWizard.filterModeAssisted
+					&& !$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
+					LdapWizard['toggleRaw'+subject+'Filter']();
+				} else {
+					c = $('#raw'+subject+'FilterContainer').hasClass('invisible');
+				}
+			},
+			function (result) {
+				//on error case get back to default i.e. Assisted
+				if(!$('#raw'+subject+'FilterContainer').hasClass('invisible')) {
+					LdapWizard['toggleRaw'+subject+'Filter']();
+				}
+			}
+		);
+	},
+
 	save: function(inputObj) {
-		if(LdapWizard.saveBlacklist.hasOwnProperty(inputObj.id)) {
-			delete LdapWizard.saveBlacklist[inputObj.id];
+		if(LdapWizard.blacklistRemove(inputObj.id)) {
 			return;
 		}
 		if($(inputObj).is('input[type=checkbox]')
@@ -581,8 +646,8 @@ var LdapWizard = {
 	},
 
 	_save: function(object, value) {
-		param = 'cfgkey='+object.id+
-				'&cfgval='+value+
+		param = 'cfgkey='+encodeURIComponent(object.id)+
+				'&cfgval='+encodeURIComponent(value)+
 				'&action=save'+
 				'&ldap_serverconfig_chooser='+$('#ldap_serverconfig_chooser').val();
 
@@ -612,7 +677,7 @@ var LdapWizard = {
 		}
 	},
 
-	toggleRawFilter: function(container, moc, mg, stateVar) {
+	toggleRawFilter: function(container, moc, mg, stateVar, modeKey) {
 		//moc = multiselect objectclass
 		//mg = mutliselect groups
 		if($(container).hasClass('invisible')) {
@@ -624,42 +689,62 @@ var LdapWizard = {
 				LdapWizard[stateVar] = 'enable';
 			}
 			$(mg).multiselect('disable');
+			LdapWizard._save({ id: modeKey }, LdapWizard.filterModeRaw);
 		} else {
 			$(container).addClass('invisible');
 			$(mg).multiselect(LdapWizard[stateVar]);
 			$(moc).multiselect('enable');
+			LdapWizard._save({ id: modeKey }, LdapWizard.filterModeAssisted);
+			if(moc.indexOf('user') >= 0) {
+				LdapWizard.blacklistRemove('ldap_userlist_filter');
+				LdapWizard.composeFilter('user');
+			} else {
+				LdapWizard.blacklistRemove('ldap_group_filter');
+				LdapWizard.composeFilter('group');
+			}
 		}
 	},
 
 	toggleRawGroupFilter: function() {
+		LdapWizard.blacklistRemove('ldap_group_filter');
 		LdapWizard.toggleRawFilter('#rawGroupFilterContainer',
 								   '#ldap_groupfilter_objectclass',
 								   '#ldap_groupfilter_groups',
-								   'groupFilterGroupSelectState'
+								   'groupFilterGroupSelectState',
+								   'ldapGroupFilterMode'
   								);
 	},
 
 	toggleRawLoginFilter: function() {
+		LdapWizard.blacklistRemove('ldap_login_filter');
 		container = '#rawLoginFilterContainer';
 		if($(container).hasClass('invisible')) {
 			$(container).removeClass('invisible');
 			action = 'disable';
 			property = 'disabled';
+			mode = LdapWizard.filterModeRaw;
 		} else {
 			$(container).addClass('invisible');
 			action = 'enable';
 			property = false;
+			mode = LdapWizard.filterModeAssisted;
 		}
 		$('#ldap_loginfilter_attributes').multiselect(action);
 		$('#ldap_loginfilter_email').prop('disabled', property);
 		$('#ldap_loginfilter_username').prop('disabled', property);
+		LdapWizard._save({ id: 'ldapLoginFilterMode' }, mode);
+		if(action == 'enable') {
+			LdapWizard.composeFilter('login');
+		}
 	},
 
 	toggleRawUserFilter: function() {
+		LdapWizard.blacklistRemove('ldap_userlist_filter');
 		LdapWizard.toggleRawFilter('#rawUserFilterContainer',
 								   '#ldap_userfilter_objectclass',
 								   '#ldap_userfilter_groups',
-								   'userFilterGroupSelectState'
+								   'userFilterGroupSelectState',
+								   'ldapUserFilterMode'
   								);
 	}
 };
diff --git a/apps/user_ldap/lib/configuration.php b/apps/user_ldap/lib/configuration.php
index e14ed824a74..b85cdfe25df 100644
--- a/apps/user_ldap/lib/configuration.php
+++ b/apps/user_ldap/lib/configuration.php
@@ -47,12 +47,15 @@ class Configuration {
 		'ldapUserFilterObjectclass' => null,
 		'ldapUserFilterGroups' => null,
 		'ldapUserFilter' => null,
+		'ldapUserFilterMode' => null,
 		'ldapGroupFilter' => null,
+		'ldapGroupFilterMode' => null,
 		'ldapGroupFilterObjectclass' => null,
 		'ldapGroupFilterGroups' => null,
 		'ldapGroupDisplayName' => null,
 		'ldapGroupMemberAssocAttr' => null,
 		'ldapLoginFilter' => null,
+		'ldapLoginFilterMode' => null,
 		'ldapLoginFilterEmail' => null,
 		'ldapLoginFilterUsername' => null,
 		'ldapLoginFilterAttributes' => null,
@@ -301,13 +304,16 @@ class Configuration {
 			'ldap_base_users'					=> '',
 			'ldap_base_groups'					=> '',
 			'ldap_userlist_filter'				=> '',
+			'ldap_user_filter_mode'				=> 0,
 			'ldap_userfilter_objectclass'		=> '',
 			'ldap_userfilter_groups'			=> '',
 			'ldap_login_filter'					=> 'uid=%uid',
+			'ldap_login_filter_mode'			=> 0,
 			'ldap_loginfilter_email'			=> 0,
 			'ldap_loginfilter_username'			=> 1,
 			'ldap_loginfilter_attributes'		=> '',
 			'ldap_group_filter'					=> '',
+			'ldap_group_filter_mode'			=> 0,
 			'ldap_groupfilter_objectclass'		=> '',
 			'ldap_groupfilter_groups'			=> '',
 			'ldap_display_name'					=> 'displayName',
@@ -352,11 +358,14 @@ class Configuration {
 			'ldap_userfilter_objectclass' 		=> 'ldapUserFilterObjectclass',
 			'ldap_userfilter_groups'	 		=> 'ldapUserFilterGroups',
 			'ldap_userlist_filter'				=> 'ldapUserFilter',
+			'ldap_user_filter_mode'				=> 'ldapUserFilterMode',
 			'ldap_login_filter'					=> 'ldapLoginFilter',
+			'ldap_login_filter_mode'			=> 'ldapLoginFilterMode',
 			'ldap_loginfilter_email'			=> 'ldapLoginFilterEmail',
 			'ldap_loginfilter_username'			=> 'ldapLoginFilterUsername',
 			'ldap_loginfilter_attributes'		=> 'ldapLoginFilterAttributes',
 			'ldap_group_filter'					=> 'ldapGroupFilter',
+			'ldap_group_filter_mode'			=> 'ldapGroupFilterMode',
 			'ldap_groupfilter_objectclass'		=> 'ldapGroupFilterObjectclass',
 			'ldap_groupfilter_groups'			=> 'ldapGroupFilterGroups',
 			'ldap_display_name'					=> 'ldapUserDisplayName',
diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php
index 0b2a6a540ff..aac80f982a1 100644
--- a/apps/user_ldap/lib/wizard.php
+++ b/apps/user_ldap/lib/wizard.php
@@ -38,6 +38,9 @@ class Wizard extends LDAPUtility {
 	const LFILTER_USER_LIST  = 3;
 	const LFILTER_GROUP_LIST = 4;
 
+	const LFILTER_MODE_ASSISTED = 2;
+	const LFILTER_MODE_RAW = 1;
+
 	const LDAP_NW_TIMEOUT = 4;
 
 	/**
@@ -148,6 +151,42 @@ class Wizard extends LDAPUtility {
 	}
 
 	/**
+	 * @brief return the state of the Group Filter Mode
+	 */
+	public function getGroupFilterMode() {
+		$this->getFilterMode('ldapGroupFilterMode');
+		return $this->result;
+	}
+
+	/**
+	 * @brief return the state of the Login Filter Mode
+	 */
+	public function getLoginFilterMode() {
+		$this->getFilterMode('ldapLoginFilterMode');
+		return $this->result;
+	}
+
+	/**
+	 * @brief return the state of the User Filter Mode
+	 */
+	public function getUserFilterMode() {
+		$this->getFilterMode('ldapUserFilterMode');
+		return $this->result;
+	}
+
+	/**
+	 * @brief return the state of the mode of the specified filter
+	 * @param $confkey string, contains the access key of the Configuration
+	 */
+	private function getFilterMode($confkey) {
+		$mode = $this->configuration->$confkey;
+		if(is_null($mode)) {
+			$mode = $this->LFILTER_MODE_ASSISTED;
+		}
+		$this->result->addChange($confkey, $mode);
+	}
+
+	/**
 	 * @brief detects the available LDAP attributes
 	 * @returns the instance's WizardResult instance
 	 */