aboutsummaryrefslogtreecommitdiffstats
path: root/apps/user_ldap
diff options
context:
space:
mode:
authorArthur Schiwon <blizzz@owncloud.com>2012-05-17 19:33:38 +0200
committerArthur Schiwon <blizzz@owncloud.com>2012-05-18 12:55:37 +0200
commit253f101b392bdc65c0ca9fb7ab1ddf217300ec4c (patch)
treec57e428ef277d248ac06a0ce6ba1aa11a794716b /apps/user_ldap
parent73a72054a3e08b62e4f28c9c622f98b4737efeff (diff)
downloadnextcloud-server-253f101b392bdc65c0ca9fb7ab1ddf217300ec4c.tar.gz
nextcloud-server-253f101b392bdc65c0ca9fb7ab1ddf217300ec4c.zip
LDAP: check wether applying naming rule would end up in conflicts on update, if so don't do it
Diffstat (limited to 'apps/user_ldap')
-rw-r--r--apps/user_ldap/appinfo/app.php6
-rw-r--r--apps/user_ldap/appinfo/update.php24
-rw-r--r--apps/user_ldap/lib_ldap.php46
3 files changed, 53 insertions, 23 deletions
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php
index 79675f940bc..330574c1d42 100644
--- a/apps/user_ldap/appinfo/app.php
+++ b/apps/user_ldap/appinfo/app.php
@@ -27,12 +27,6 @@ require_once('apps/user_ldap/group_ldap.php');
OCP\App::registerAdmin('user_ldap','settings');
-// define LDAP_DEFAULT_PORT
-define('OC_USER_BACKEND_LDAP_DEFAULT_PORT', 389);
-
-// define OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME
-define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid');
-
// register user backend
OC_User::useBackend( 'LDAP' );
OC_Group::useBackend( new OC_GROUP_LDAP() );
diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php
index 07afeeea8a1..048d804217b 100644
--- a/apps/user_ldap/appinfo/update.php
+++ b/apps/user_ldap/appinfo/update.php
@@ -1,9 +1,33 @@
<?php
//from version 0.1 to 0.2
+
+//settings
$pw = OCP\Config::getAppValue('user_ldap', 'ldap_password');
if(!is_null($pw)) {
$pwEnc = base64_encode($pw);
OCP\Config::setAppValue('user_ldap', 'ldap_agent_password', $pwEnc);
OC_Appconfig::deleteKey('user_ldap', 'ldap_password');
+}
+
+//detect if we can switch on naming guidelines. We won't do it on conflicts.
+//it's a bit spaghetti, but hey.
+$sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping';
+
+require_once(OC::$APPSROOT.'/apps/user_ldap/lib_ldap.php');
+require_once(OC::$APPSROOT.'/apps/user_ldap/user_ldap.php');
+
+OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
+$LDAP_USER = new OC_USER_LDAP();
+$users_old = $LDAP_USER->getUsers();
+$query = OCP\DB::prepare($sqlCleanMap);
+$query->execute();
+OCP\Config::setSystemValue('ldapIgnoreNamingRules', false);
+OC_LDAP::init(true);
+$users_new = $LDAP_USER->getUsers();
+$query = OCP\DB::prepare($sqlCleanMap);
+$query->execute();
+if($users_old !== $users_new) {
+ //we don't need to check Groups, because they were not supported in 3'
+ OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
} \ No newline at end of file
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 5252f4cce7c..5cd7e0241bf 100644
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -45,14 +45,21 @@ class OC_LDAP {
static protected $ldapAgentPassword;
static protected $ldapTLS;
static protected $ldapNoCase;
+ static protected $ldapIgnoreNamingRules;
// user and group settings, that are needed in both backends
static protected $ldapUserDisplayName;
static protected $ldapUserFilter;
static protected $ldapGroupDisplayName;
static protected $ldapLoginFilter;
- static public function init() {
- self::readConfiguration();
+ /**
+ * @brief initializes the LDAP backend
+ * @param $force read the config settings no matter what
+ *
+ * initializes the LDAP backend
+ */
+ static public function init($force = false) {
+ self::readConfiguration($force);
self::establishConnection();
}
@@ -527,6 +534,10 @@ class OC_LDAP {
}
static private function sanitizeUsername($name) {
+ if(self::$ldapIgnoreNamingRules) {
+ return $name;
+ }
+
//REPLACEMENTS
$name = str_replace(' ', '_', $name);
@@ -594,21 +605,22 @@ class OC_LDAP {
/**
* Caches the general LDAP configuration.
*/
- static private function readConfiguration() {
- if(!self::$configured) {
- self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', '');
- self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT);
- self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn','');
- self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password',''));
- self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', '');
- self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase);
- self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
- self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
- self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
- self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME));
- self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person');
- self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)');
- self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR));
+ static private function readConfiguration($force = false) {
+ if(!self::$configured || $force) {
+ self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', '');
+ self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', 389);
+ self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn','');
+ self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password',''));
+ self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', '');
+ self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase);
+ self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
+ self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
+ self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
+ self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'));
+ self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person');
+ self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)');
+ self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR));
+ self::$ldapIgnoreNamingRules = OCP\Config::getSystemValue('ldapIgnoreNamingRules', false);
if(empty(self::$ldapBaseUsers)) {
OCP\Util::writeLog('ldap', 'Base for Users is empty, using Base DN', OCP\Util::INFO);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-04 08:22:52 +0000