diff options
author | Philipp Staiger <philipp@staiger.it> | 2020-03-26 09:01:35 +0100 |
---|---|---|
committer | Philipp Staiger <philipp@staiger.it> | 2020-03-26 09:01:35 +0100 |
commit | 8769d97f62af1e7cfa49369cbe49cb86284f4ca2 (patch) | |
tree | 3ef732091fcba4eb3af765e9481328c34698312b /apps/user_ldap | |
parent | be4cf8992d31f39c8012413fca588ab4b87f6919 (diff) | |
download | nextcloud-server-8769d97f62af1e7cfa49369cbe49cb86284f4ca2.tar.gz nextcloud-server-8769d97f62af1e7cfa49369cbe49cb86284f4ca2.zip |
single squashed commit for bug fix
Signed-off-by: Philipp Staiger <philipp@staiger.it>
Diffstat (limited to 'apps/user_ldap')
-rw-r--r-- | apps/user_ldap/lib/User/User.php | 54 |
1 files changed, 26 insertions, 28 deletions
diff --git a/apps/user_ldap/lib/User/User.php b/apps/user_ldap/lib/User/User.php index dea5d91c0ce..467d5ca025b 100644 --- a/apps/user_ldap/lib/User/User.php +++ b/apps/user_ldap/lib/User/User.php @@ -125,7 +125,7 @@ class User { IConfig $config, FilesystemHelper $fs, Image $image, LogWrapper $log, IAvatarManager $avatarManager, IUserManager $userManager, INotificationManager $notificationManager) { - + if ($username === null) { $log->log("uid for '$dn' must not be null!", ILogger::ERROR); throw new \InvalidArgumentException('uid must not be null!'); @@ -683,7 +683,7 @@ class User { * @throws \OC\ServerNotAvailableException */ public function updateExtStorageHome(string $valueFromLDAP = null):string { - if($valueFromLDAP === null) { + if ($valueFromLDAP === null) { $extHomeValues = $this->access->readAttribute($this->getDN(), $this->connection->ldapExtStorageHomeAttribute); } else { $extHomeValues = [$valueFromLDAP]; @@ -709,21 +709,21 @@ class User { return;//password expiry handling disabled } $uid = $params['uid']; - if(isset($uid) && $uid === $this->getUsername()) { + if (isset($uid) && $uid === $this->getUsername()) { //retrieve relevant user attributes $result = $this->access->search('objectclass=*', array($this->dn), ['pwdpolicysubentry', 'pwdgraceusetime', 'pwdreset', 'pwdchangedtime']); - - if(array_key_exists('pwdpolicysubentry', $result[0])) { + + if (array_key_exists('pwdpolicysubentry', $result[0])) { $pwdPolicySubentry = $result[0]['pwdpolicysubentry']; - if($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){ + if ($pwdPolicySubentry && (count($pwdPolicySubentry) > 0)){ $ppolicyDN = $pwdPolicySubentry[0];//custom ppolicy DN } } - - $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : null; - $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : null; - $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : null; - + + $pwdGraceUseTime = array_key_exists('pwdgraceusetime', $result[0]) ? $result[0]['pwdgraceusetime'] : []; + $pwdReset = array_key_exists('pwdreset', $result[0]) ? $result[0]['pwdreset'] : []; + $pwdChangedTime = array_key_exists('pwdchangedtime', $result[0]) ? $result[0]['pwdchangedtime'] : []; + //retrieve relevant password policy attributes $cacheKey = 'ppolicyAttributes' . $ppolicyDN; $result = $this->connection->getFromCache($cacheKey); @@ -731,17 +731,15 @@ class User { $result = $this->access->search('objectclass=*', array($ppolicyDN), ['pwdgraceauthnlimit', 'pwdmaxage', 'pwdexpirewarning']); $this->connection->writeToCache($cacheKey, $result); } - - $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : null; - $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : null; - $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : null; - + + $pwdGraceAuthNLimit = array_key_exists('pwdgraceauthnlimit', $result[0]) ? $result[0]['pwdgraceauthnlimit'] : []; + $pwdMaxAge = array_key_exists('pwdmaxage', $result[0]) ? $result[0]['pwdmaxage'] : []; + $pwdExpireWarning = array_key_exists('pwdexpirewarning', $result[0]) ? $result[0]['pwdexpirewarning'] : []; + //handle grace login - $pwdGraceUseTimeCount = count($pwdGraceUseTime); - if($pwdGraceUseTime && $pwdGraceUseTimeCount > 0) { //was this a grace login? - if($pwdGraceAuthNLimit - && (count($pwdGraceAuthNLimit) > 0) - &&($pwdGraceUseTimeCount < (int)$pwdGraceAuthNLimit[0])) { //at least one more grace login available? + if (!empty($pwdGraceUseTime)) { //was this a grace login? + if (!empty($pwdGraceAuthNLimit) + && count($pwdGraceUseTime) < (int)$pwdGraceAuthNLimit[0]) { //at least one more grace login available? $this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true'); header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute( 'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid))); @@ -752,24 +750,24 @@ class User { exit(); } //handle pwdReset attribute - if($pwdReset && (count($pwdReset) > 0) && $pwdReset[0] === 'TRUE') { //user must change his password + if (!empty($pwdReset) && $pwdReset[0] === 'TRUE') { //user must change his password $this->config->setUserValue($uid, 'user_ldap', 'needsPasswordReset', 'true'); header('Location: '.\OC::$server->getURLGenerator()->linkToRouteAbsolute( 'user_ldap.renewPassword.showRenewPasswordForm', array('user' => $uid))); exit(); } //handle password expiry warning - if($pwdChangedTime && (count($pwdChangedTime) > 0)) { - if($pwdMaxAge && (count($pwdMaxAge) > 0) - && $pwdExpireWarning && (count($pwdExpireWarning) > 0)) { + if (!empty($pwdChangedTime)) { + if (!empty($pwdMaxAge) + && !empty($pwdExpireWarning)) { $pwdMaxAgeInt = (int)$pwdMaxAge[0]; $pwdExpireWarningInt = (int)$pwdExpireWarning[0]; - if($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){ + if ($pwdMaxAgeInt > 0 && $pwdExpireWarningInt > 0){ $pwdChangedTimeDt = \DateTime::createFromFormat('YmdHisZ', $pwdChangedTime[0]); $pwdChangedTimeDt->add(new \DateInterval('PT'.$pwdMaxAgeInt.'S')); $currentDateTime = new \DateTime(); $secondsToExpiry = $pwdChangedTimeDt->getTimestamp() - $currentDateTime->getTimestamp(); - if($secondsToExpiry <= $pwdExpireWarningInt) { + if ($secondsToExpiry <= $pwdExpireWarningInt) { //remove last password expiry warning if any $notification = $this->notificationManager->createNotification(); $notification->setApp('user_ldap') @@ -782,7 +780,7 @@ class User { $notification->setApp('user_ldap') ->setUser($uid) ->setDateTime($currentDateTime) - ->setObject('pwd_exp_warn', $uid) + ->setObject('pwd_exp_warn', $uid) ->setSubject('pwd_exp_warn_days', [(int) ceil($secondsToExpiry / 60 / 60 / 24)]) ; $this->notificationManager->notify($notification); |