Merge pull request #8833 from nextcloud/feature/noid/add_ldap_user_hooks

add anounce- and (pre/|post)RevokeUser signals for non-native backends
author: Morris Jobke <hey@morrisjobke.de> 2018-04-11 00:44:39 +0200
committer: GitHub <noreply@github.com> 2018-04-11 00:44:39 +0200
commit: 38961a725f3b9243d9adaee078167c568c2a3dd6 (patch)
tree: c25c909c3fb4dc94fa28d45d32e0c7caf23b10dc /apps/user_ldap
parent: a3c20356740c392355364b3b119be626a9f34f56 (diff)
parent: f1565336bdaa72b6f4beddeb6fa04956f5da8f21 (diff)
download: nextcloud-server-38961a725f3b9243d9adaee078167c568c2a3dd6.tar.gz
nextcloud-server-38961a725f3b9243d9adaee078167c568c2a3dd6.zip
10 files changed, 101 insertions, 19 deletions
diff --git a/apps/user_ldap/ajax/clearMappings.php b/apps/user_ldap/ajax/clearMappings.php
index 01b6b7f0ef2..8e2d63e3eb2 100644
--- a/apps/user_ldap/ajax/clearMappings.php
+++ b/apps/user_ldap/ajax/clearMappings.php
@@ -33,13 +33,23 @@ use OCA\User_LDAP\Mapping\GroupMapping;
 
 $subject = (string)$_POST['ldap_clear_mapping'];
 $mapping = null;
-if($subject === 'user') {
-	$mapping = new UserMapping(\OC::$server->getDatabaseConnection());
-} else if($subject === 'group') {
-	$mapping = new GroupMapping(\OC::$server->getDatabaseConnection());
-}
 try {
-	if(is_null($mapping) || !$mapping->clear()) {
+	if($subject === 'user') {
+		$mapping = new UserMapping(\OC::$server->getDatabaseConnection());
+		$result = $mapping->clearCb(
+			function ($uid) {
+				\OC::$server->getUserManager()->emit('\OC\User', 'preUnassignedUserId', [$uid]);
+			},
+			function ($uid) {
+				\OC::$server->getUserManager()->emit('\OC\User', 'postUnassignedUserId', [$uid]);
+			}
+		);
+	} else if($subject === 'group') {
+		$mapping = new GroupMapping(\OC::$server->getDatabaseConnection());
+		$result = $mapping->clear();
+	}
+
+	if($mapping === null || !$result) {
 		$l = \OC::$server->getL10N('user_ldap');
 		throw new \Exception($l->t('Failed to clear the mappings.'));
 	}
diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php
index 9fb37090270..2395da1ec90 100644
--- a/apps/user_ldap/lib/Access.php
+++ b/apps/user_ldap/lib/Access.php
@@ -44,6 +44,7 @@
 namespace OCA\User_LDAP;
 
 use OC\HintException;
+use OC\Hooks\PublicEmitter;
 use OCA\User_LDAP\Exceptions\ConstraintViolationException;
 use OCA\User_LDAP\User\IUserTools;
 use OCA\User_LDAP\User\Manager;
@@ -52,6 +53,7 @@ use OCA\User_LDAP\Mapping\AbstractMapping;
 
 use OC\ServerNotAvailableException;
 use OCP\IConfig;
+use OCP\IUserManager;
 use OCP\Util;
 
 /**
@@ -95,13 +97,16 @@ class Access extends LDAPUtility implements IUserTools {
 	private $helper;
 	/** @var IConfig */
 	private $config;
+	/** @var IUserManager */
+	private $ncUserManager;
 
 	public function __construct(
 		Connection $connection,
 		ILDAPWrapper $ldap,
 		Manager $userManager,
 		Helper $helper,
-		IConfig $config
+		IConfig $config,
+		IUserManager $ncUserManager
 	) {
 		parent::__construct($ldap);
 		$this->connection = $connection;
@@ -109,6 +114,7 @@ class Access extends LDAPUtility implements IUserTools {
 		$this->userManager->setLdapAccess($this);
 		$this->helper = $helper;
 		$this->config = $config;
+		$this->ncUserManager = $ncUserManager;
 	}
 
 	/**
@@ -605,10 +611,13 @@ class Access extends LDAPUtility implements IUserTools {
 		// outside of core user management will still cache the user as non-existing.
 		$originalTTL = $this->connection->ldapCacheTTL;
 		$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
-		if(($isUser && $intName !== '' && !\OC::$server->getUserManager()->userExists($intName))
+		if(($isUser && $intName !== '' && !$this->ncUserManager->userExists($intName))
 			|| (!$isUser && !\OC::$server->getGroupManager()->groupExists($intName))) {
 			if($mapper->map($fdn, $intName, $uuid)) {
 				$this->connection->setConfiguration(array('ldapCacheTTL' => $originalTTL));
+				if($this->ncUserManager instanceof PublicEmitter) {
+					$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
+				}
 				$newlyMapped = true;
 				return $intName;
 			}
@@ -617,6 +626,9 @@ class Access extends LDAPUtility implements IUserTools {
 
 		$altName = $this->createAltInternalOwnCloudName($intName, $isUser);
 		if(is_string($altName) && $mapper->map($fdn, $altName, $uuid)) {
+			if($this->ncUserManager instanceof PublicEmitter) {
+				$this->ncUserManager->emit('\OC\User', 'assignedUserId', [$intName]);
+			}
 			$newlyMapped = true;
 			return $altName;
 		}
@@ -738,7 +750,7 @@ class Access extends LDAPUtility implements IUserTools {
 		//20 attempts, something else is very wrong. Avoids infinite loop.
 		while($attempts < 20){
 			$altName = $name . '_' . rand(1000,9999);
-			if(!\OC::$server->getUserManager()->userExists($altName)) {
+			if(!$this->ncUserManager->userExists($altName)) {
 				return $altName;
 			}
 			$attempts++;
diff --git a/apps/user_ldap/lib/AccessFactory.php b/apps/user_ldap/lib/AccessFactory.php
index 45ff779bb01..f03f7f74202 100644
--- a/apps/user_ldap/lib/AccessFactory.php
+++ b/apps/user_ldap/lib/AccessFactory.php
@@ -26,6 +26,7 @@ namespace OCA\User_LDAP;
 
 use OCA\User_LDAP\User\Manager;
 use OCP\IConfig;
+use OCP\IUserManager;
 
 class AccessFactory {
 	/** @var ILDAPWrapper */
@@ -36,17 +37,21 @@ class AccessFactory {
 	protected $helper;
 	/** @var IConfig */
 	protected $config;
+	/** @var IUserManager */
+	private $ncUserManager;
 
 	public function __construct(
 		ILDAPWrapper $ldap,
 		Manager $userManager,
 		Helper $helper,
-		IConfig $config)
+		IConfig $config,
+		IUserManager $ncUserManager)
 	{
 		$this->ldap = $ldap;
 		$this->userManager = $userManager;
 		$this->helper = $helper;
 		$this->config = $config;
+		$this->ncUserManager = $ncUserManager;
 	}
 
 	public function get(Connection $connection) {
@@ -55,7 +60,8 @@ class AccessFactory {
 			$this->ldap,
 			$this->userManager,
 			$this->helper,
-			$this->config
+			$this->config,
+			$this->ncUserManager
 		);
 	}
 }
diff --git a/apps/user_ldap/lib/Jobs/Sync.php b/apps/user_ldap/lib/Jobs/Sync.php
index 4ef0636a2eb..0abb9331a2f 100644
--- a/apps/user_ldap/lib/Jobs/Sync.php
+++ b/apps/user_ldap/lib/Jobs/Sync.php
@@ -376,7 +376,8 @@ class Sync extends TimedJob {
 				$this->ldap,
 				$this->userManager,
 				$this->ldapHelper,
-				$this->config
+				$this->config,
+				$this->ncUserManager
 			);
 		}
 	}
diff --git a/apps/user_ldap/lib/Jobs/UpdateGroups.php b/apps/user_ldap/lib/Jobs/UpdateGroups.php
index 2b57874c62f..c36ec80b93e 100644
--- a/apps/user_ldap/lib/Jobs/UpdateGroups.php
+++ b/apps/user_ldap/lib/Jobs/UpdateGroups.php
@@ -192,7 +192,7 @@ class UpdateGroups extends \OC\BackgroundJob\TimedJob {
 				\OC::$server->getUserManager(),
 				\OC::$server->getNotificationManager());
 			$connector = new Connection($ldapWrapper, $configPrefixes[0]);
-			$ldapAccess = new Access($connector, $ldapWrapper, $userManager, $helper, \OC::$server->getConfig());
+			$ldapAccess = new Access($connector, $ldapWrapper, $userManager, $helper, \OC::$server->getConfig(), \OC::$server->getUserManager());
 			$groupMapper = new GroupMapping($dbc);
 			$userMapper  = new UserMapping($dbc);
 			$ldapAccess->setGroupMapper($groupMapper);
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index f5f56ce03d6..c7d737a7631 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -279,6 +279,32 @@ abstract class AbstractMapping {
 	}
 
 	/**
+	 * clears the mapping table one by one and executing a callback with
+	 * each row's id (=owncloud_name col)
+	 *
+	 * @param callable $preCallback
+	 * @param callable $postCallback
+	 * @return bool true on success, false when at least one row was not
+	 * deleted
+	 */
+	public function clearCb(Callable $preCallback, Callable $postCallback): bool {
+		$picker = $this->dbc->getQueryBuilder();
+		$picker->select('owncloud_name')
+			->from($this->getTableName());
+		$cursor = $picker->execute();
+		$result = true;
+		while($id = $cursor->fetchColumn(0)) {
+			$preCallback($id);
+			if($isUnmapped = $this->unmap($id)) {
+				$postCallback($id);
+			}
+			$result &= $isUnmapped;
+		}
+		$cursor->closeCursor();
+		return $result;
+	}
+
+	/**
 	 * returns the number of entries in the mappings table
 	 *
 	 * @return int
diff --git a/apps/user_ldap/lib/Proxy.php b/apps/user_ldap/lib/Proxy.php
index ab5434f9fe5..8b5ff996085 100644
--- a/apps/user_ldap/lib/Proxy.php
+++ b/apps/user_ldap/lib/Proxy.php
@@ -82,7 +82,7 @@ abstract class Proxy {
 			new Manager($ocConfig, $fs, $log, $avatarM, new \OCP\Image(), $db,
 				$coreUserManager, $coreNotificationManager);
 		$connector = new Connection($this->ldap, $configPrefix);
-		$access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig);
+		$access = new Access($connector, $this->ldap, $userManager, new Helper($ocConfig), $ocConfig, $coreUserManager);
 		$access->setUserMapper($userMap);
 		$access->setGroupMapper($groupMap);
 		self::$accesses[$configPrefix] = $access;
diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index 5a2b993c334..e56e4675e39 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -396,7 +396,7 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn
 		\OC::$server->getLogger()->info('Cleaning up after user ' . $uid,
 			array('app' => 'user_ldap'));
 
-		$this->access->getUserMapper()->unmap($uid);
+		$this->access->getUserMapper()->unmap($uid); // we don't emit unassign signals here, since it is implicit to delete signals fired from core
 		$this->access->userManager->invalidate($uid);
 		return true;
 	}
diff --git a/apps/user_ldap/tests/AccessTest.php b/apps/user_ldap/tests/AccessTest.php
index 336b92af04f..43a34959c54 100644
--- a/apps/user_ldap/tests/AccessTest.php
+++ b/apps/user_ldap/tests/AccessTest.php
@@ -72,6 +72,8 @@ class AccessTest extends TestCase {
 	private $helper;
 	/** @var  IConfig|\PHPUnit_Framework_MockObject_MockObject */
 	private $config;
+	/** @var IUserManager|\PHPUnit_Framework_MockObject_MockObject */
+	private $ncUserManager;
 	/** @var Access */
 	private $access;
 
@@ -82,13 +84,15 @@ class AccessTest extends TestCase {
 		$this->helper = $this->createMock(Helper::class);
 		$this->config  = $this->createMock(IConfig::class);
 		$this->userMapper = $this->createMock(UserMapping::class);
+		$this->ncUserManager = $this->createMock(IUserManager::class);
 
 		$this->access = new Access(
 			$this->connection,
 			$this->ldap,
 			$this->userManager,
 			$this->helper,
-			$this->config
+			$this->config,
+			$this->ncUserManager
 		);
 		$this->access->setUserMapper($this->userMapper);
 	}
@@ -227,7 +231,7 @@ class AccessTest extends TestCase {
 		list($lw, $con, $um, $helper) = $this->getConnectorAndLdapMock();
 		/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject $config */
 		$config = $this->createMock(IConfig::class);
-		$access = new Access($con, $lw, $um, $helper, $config);
+		$access = new Access($con, $lw, $um, $helper, $config, $this->ncUserManager);
 
 		$lw->expects($this->exactly(1))
 			->method('explodeDN')
@@ -250,7 +254,7 @@ class AccessTest extends TestCase {
 		/** @var IConfig|\PHPUnit_Framework_MockObject_MockObject $config */
 		$config = $this->createMock(IConfig::class);
 		$lw = new LDAP();
-		$access = new Access($con, $lw, $um, $helper, $config);
+		$access = new Access($con, $lw, $um, $helper, $config, $this->ncUserManager);
 
 		if(!function_exists('ldap_explode_dn')) {
 			$this->markTestSkipped('LDAP Module not available');
@@ -431,7 +435,7 @@ class AccessTest extends TestCase {
 				$attribute => array('count' => 1, $dnFromServer)
 			)));
 
-		$access = new Access($con, $lw, $um, $helper, $config);
+		$access = new Access($con, $lw, $um, $helper, $config, $this->ncUserManager);
 		$values = $access->readAttribute('uid=whoever,dc=example,dc=org', $attribute);
 		$this->assertSame($values[0], strtolower($dnFromServer));
 	}
diff --git a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
index d3d33a82da9..54d8b49cdc8 100644
--- a/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
+++ b/apps/user_ldap/tests/Mapping/AbstractMappingTest.php
@@ -235,6 +235,29 @@ abstract class AbstractMappingTest extends \Test\TestCase {
 	}
 
 	/**
+	 * tests clear() for successful update.
+	 */
+	public function testClearCb() {
+		list($mapper, $data) = $this->initTest();
+
+		$callbackCalls = 0;
+		$test = $this;
+
+		$callback = function (string $id) use ($test, &$callbackCalls) {
+			$test->assertTrue(trim($id) !== '');
+			$callbackCalls++;
+		};
+
+		$done = $mapper->clearCb($callback, $callback);
+		$this->assertTrue($done);
+		$this->assertSame(count($data) * 2, $callbackCalls);
+		foreach($data as $entry) {
+			$name = $mapper->getNameByUUID($entry['uuid']);
+			$this->assertFalse($name);
+		}
+	}
+
+	/**
 	 * tests getList() method
 	 */
 	public function testList() {
author	Morris Jobke <hey@morrisjobke.de>	2018-04-11 00:44:39 +0200
committer	GitHub <noreply@github.com>	2018-04-11 00:44:39 +0200
commit	38961a725f3b9243d9adaee078167c568c2a3dd6 (patch)
tree	c25c909c3fb4dc94fa28d45d32e0c7caf23b10dc /apps/user_ldap
parent	a3c20356740c392355364b3b119be626a9f34f56 (diff)
parent	f1565336bdaa72b6f4beddeb6fa04956f5da8f21 (diff)
download	nextcloud-server-38961a725f3b9243d9adaee078167c568c2a3dd6.tar.gz nextcloud-server-38961a725f3b9243d9adaee078167c568c2a3dd6.zip