summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorPhilipp Staiger <philipp@staiger.it>2020-03-26 09:01:35 +0100
committerPhilipp Staiger <philipp@staiger.it>2020-03-26 09:01:35 +0100
commit8769d97f62af1e7cfa49369cbe49cb86284f4ca2 (patch)
tree3ef732091fcba4eb3af765e9481328c34698312b /apps/user_ldap
parentbe4cf8992d31f39c8012413fca588ab4b87f6919 (diff)
downloadnextcloud-server-8769d97f62af1e7cfa49369cbe49cb86284f4ca2.tar.gz
nextcloud-server-8769d97f62af1e7cfa49369cbe49cb86284f4ca2.zip
single squashed commit for bug fix
Signed-off-by: Philipp Staiger <philipp@staiger.it>
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/lib/User/User.php54
1 files changed, 26 insertions, 28 deletions
diff --git a/apps/user_ldap/lib/User/User.php b/apps/user_ldap/lib/User/User.php
index dea5d91c0ce..467d5ca025b 100644
--- a/apps/user_ldap/lib/User/User.php
+++ b/apps/user_ldap/lib/User/User.php
@@ -125,7 +125,7 @@ class User {
IConfig $config, FilesystemHelper $fs, Image $image,
LogWrapper $log, IAvatarManager $avatarManager, IUserManager $userManager,
INotificationManager $notificationManager) {
-
+
if ($username === null) {
$log->log("uid for '$dn' must not be null!", ILogger::ERROR);
throw new \InvalidArgumentException('uid must not be null!');
@@ -683,7 +683,7 @@ class User {
* @throws \OC\ServerNotAvailableException
*/
public function updateExtStorageHome(string $valueFromLDAP = null):string {
- if($valueFromLDAP === null) {
+ if ($valueFromLDAP === null) {
$extHomeValues = $this->access->readAttribute($this->getDN(), $this->connection->ldapExtStorageHomeAttribute);
} else {
$extHomeValues = [$valueFromLDAP];
@@ -709,21 +709,21 @@ class User {
return;//password expiry handling disabled
}
$uid = $params['uid'];
- if(isset($uid) && $uid === $this->getUsername()) {
+ if (isset($uid) && $uid === $this->getUsername()) {
//retrieve relevant user attributes
$result = $this->access->search('objectclass=*', array($this->dn), ['pwdpolicysubentry', 'pwdgraceusetime', 'pwdreset', 'pwdchangedtime']);
-
- if(array_key_exists('pwdpolicysubentry', $result[0])) {
+
+ if (array_key_exists('pwdpolicysubentry', $result[0])) {
$pwdPolicySubentry = $result[0]['pwdpolicysubentry'];
- if($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){
+ if ($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){
$ppolicyDN = $pwdPolicySubentry[0];//custom ppolicy DN
}
}
-
- $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : null;
- $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : null;
- $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : null;
-
+
+ $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : [];
+ $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : [];
+ $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : [];
+
//retrieve relevant password policy attributes
$cacheKey = 'ppolicyAttributes' . $ppolicyDN;
$result = $this->connection->getFromCache($cacheKey);
@@ -731,17 +731,15 @@ class User {
$result = $this->access->search('objectclass=*', array($ppolicyDN), ['pwdgraceauthnlimit', 'pwdmaxage', 'pwdexpirewarning']);
$this->connection->writeToCache($cacheKey, $result);
}
-
- $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : null;
- $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : null;
- $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : null;
-
+
+ $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : [];
+ $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : [];
+ $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : [];
+
//handle grace login
- $pwdGraceUseTimeCount = count($pwdGraceUseTime);
- if($pwdGraceUseTime && $pwdGraceUseTimeCount > 0) { //was this a grace login?
- if($pwdGraceAuthNLimit
- && (count($pwdGraceAuthNLimit) > 0)
- &&($pwdGraceUseTimeCount < (int)$pwdGraceAuthNLimit[0])) { //at least one more grace login available?
+ if (!empty($pwdGraceUseTime)) { //was this a grace login?
+ if (!empty($pwdGraceAuthNLimit)
+ && count($pwdGraceUseTime) < (int)$pwdGraceAuthNLimit[0]) { //at least one more grace login available?
$this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true');
header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute(
'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid)));
@@ -752,24 +750,24 @@ class User {
exit();
}
//handle pwdReset attribute
- if($pwdReset && (count($pwdReset) > 0) && $pwdReset[0] === 'TRUE') { //user must change his password
+ if (!empty($pwdReset) && $pwdReset[0] === 'TRUE') { //user must change his password
$this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true');
header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute(
'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid)));
exit();
}
//handle password expiry warning
- if($pwdChangedTime && (count($pwdChangedTime) > 0)) {
- if($pwdMaxAge && (count($pwdMaxAge) > 0)
- && $pwdExpireWarning && (count($pwdExpireWarning) > 0)) {
+ if (!empty($pwdChangedTime)) {
+ if (!empty($pwdMaxAge)
+ && !empty($pwdExpireWarning)) {
$pwdMaxAgeInt = (int)$pwdMaxAge[0];
$pwdExpireWarningInt = (int)$pwdExpireWarning[0];
- if($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){
+ if ($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){
$pwdChangedTimeDt = \DateTime::createFromFormat('YmdHisZ', $pwdChangedTime[0]);
$pwdChangedTimeDt->add(new \DateInterval('PT'.$pwdMaxAgeInt.'S'));
$currentDateTime = new \DateTime();
$secondsToExpiry = $pwdChangedTimeDt->getTimestamp() - $currentDateTime->getTimestamp();
- if($secondsToExpiry <= $pwdExpireWarningInt) {
+ if ($secondsToExpiry <= $pwdExpireWarningInt) {
//remove last password expiry warning if any
$notification = $this->notificationManager->createNotification();
$notification->setApp('user_ldap')
@@ -782,7 +780,7 @@ class User {
$notification->setApp('user_ldap')
->setUser($uid)
->setDateTime($currentDateTime)
- ->setObject('pwd_exp_warn', $uid)
+ ->setObject('pwd_exp_warn', $uid)
->setSubject('pwd_exp_warn_days', [(int) ceil($secondsToExpiry / 60 / 60 / 24)])
;
$this->notificationManager->notify($notification);