diff options
author | Arthur Schiwon <blizzz@owncloud.com> | 2012-05-17 19:33:38 +0200 |
---|---|---|
committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-05-18 12:55:37 +0200 |
commit | 253f101b392bdc65c0ca9fb7ab1ddf217300ec4c (patch) | |
tree | c57e428ef277d248ac06a0ce6ba1aa11a794716b /apps | |
parent | 73a72054a3e08b62e4f28c9c622f98b4737efeff (diff) | |
download | nextcloud-server-253f101b392bdc65c0ca9fb7ab1ddf217300ec4c.tar.gz nextcloud-server-253f101b392bdc65c0ca9fb7ab1ddf217300ec4c.zip |
LDAP: check wether applying naming rule would end up in conflicts on update, if so don't do it
Diffstat (limited to 'apps')
-rw-r--r-- | apps/user_ldap/appinfo/app.php | 6 | ||||
-rw-r--r-- | apps/user_ldap/appinfo/update.php | 24 | ||||
-rw-r--r-- | apps/user_ldap/lib_ldap.php | 46 |
3 files changed, 53 insertions, 23 deletions
diff --git a/apps/user_ldap/appinfo/app.php b/apps/user_ldap/appinfo/app.php index 79675f940bc..330574c1d42 100644 --- a/apps/user_ldap/appinfo/app.php +++ b/apps/user_ldap/appinfo/app.php @@ -27,12 +27,6 @@ require_once('apps/user_ldap/group_ldap.php'); OCP\App::registerAdmin('user_ldap','settings'); -// define LDAP_DEFAULT_PORT -define('OC_USER_BACKEND_LDAP_DEFAULT_PORT', 389); - -// define OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME -define('OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME', 'uid'); - // register user backend OC_User::useBackend( 'LDAP' ); OC_Group::useBackend( new OC_GROUP_LDAP() ); diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php index 07afeeea8a1..048d804217b 100644 --- a/apps/user_ldap/appinfo/update.php +++ b/apps/user_ldap/appinfo/update.php @@ -1,9 +1,33 @@ <?php //from version 0.1 to 0.2 + +//settings $pw = OCP\Config::getAppValue('user_ldap', 'ldap_password'); if(!is_null($pw)) { $pwEnc = base64_encode($pw); OCP\Config::setAppValue('user_ldap', 'ldap_agent_password', $pwEnc); OC_Appconfig::deleteKey('user_ldap', 'ldap_password'); +} + +//detect if we can switch on naming guidelines. We won't do it on conflicts. +//it's a bit spaghetti, but hey. +$sqlCleanMap = 'DELETE FROM *PREFIX*ldap_user_mapping'; + +require_once(OC::$APPSROOT.'/apps/user_ldap/lib_ldap.php'); +require_once(OC::$APPSROOT.'/apps/user_ldap/user_ldap.php'); + +OCP\Config::setSystemValue('ldapIgnoreNamingRules', true); +$LDAP_USER = new OC_USER_LDAP(); +$users_old = $LDAP_USER->getUsers(); +$query = OCP\DB::prepare($sqlCleanMap); +$query->execute(); +OCP\Config::setSystemValue('ldapIgnoreNamingRules', false); +OC_LDAP::init(true); +$users_new = $LDAP_USER->getUsers(); +$query = OCP\DB::prepare($sqlCleanMap); +$query->execute(); +if($users_old !== $users_new) { + //we don't need to check Groups, because they were not supported in 3' + OCP\Config::setSystemValue('ldapIgnoreNamingRules', true); }
\ No newline at end of file diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 5252f4cce7c..5cd7e0241bf 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -45,14 +45,21 @@ class OC_LDAP { static protected $ldapAgentPassword; static protected $ldapTLS; static protected $ldapNoCase; + static protected $ldapIgnoreNamingRules; // user and group settings, that are needed in both backends static protected $ldapUserDisplayName; static protected $ldapUserFilter; static protected $ldapGroupDisplayName; static protected $ldapLoginFilter; - static public function init() { - self::readConfiguration(); + /** + * @brief initializes the LDAP backend + * @param $force read the config settings no matter what + * + * initializes the LDAP backend + */ + static public function init($force = false) { + self::readConfiguration($force); self::establishConnection(); } @@ -527,6 +534,10 @@ class OC_LDAP { } static private function sanitizeUsername($name) { + if(self::$ldapIgnoreNamingRules) { + return $name; + } + //REPLACEMENTS $name = str_replace(' ', '_', $name); @@ -594,21 +605,22 @@ class OC_LDAP { /** * Caches the general LDAP configuration. */ - static private function readConfiguration() { - if(!self::$configured) { - self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', ''); - self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', OC_USER_BACKEND_LDAP_DEFAULT_PORT); - self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn',''); - self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password','')); - self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', ''); - self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase); - self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase); - self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0); - self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0); - self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', OC_USER_BACKEND_LDAP_DEFAULT_DISPLAY_NAME)); - self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person'); - self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)'); - self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR)); + static private function readConfiguration($force = false) { + if(!self::$configured || $force) { + self::$ldapHost = OCP\Config::getAppValue('user_ldap', 'ldap_host', ''); + self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', 389); + self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn',''); + self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password','')); + self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', ''); + self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase); + self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase); + self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0); + self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0); + self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid')); + self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person'); + self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)'); + self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR)); + self::$ldapIgnoreNamingRules = OCP\Config::getSystemValue('ldapIgnoreNamingRules', false); if(empty(self::$ldapBaseUsers)) { OCP\Util::writeLog('ldap', 'Base for Users is empty, using Base DN', OCP\Util::INFO); |