summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--apps/user_ldap/appinfo/register_command.php1
-rw-r--r--apps/user_ldap/command/search.php100
-rw-r--r--apps/user_ldap/lib/access.php52
-rw-r--r--core/js/share.js2
4 files changed, 153 insertions, 2 deletions
diff --git a/apps/user_ldap/appinfo/register_command.php b/apps/user_ldap/appinfo/register_command.php
index f65b9773388..1a0227db95e 100644
--- a/apps/user_ldap/appinfo/register_command.php
+++ b/apps/user_ldap/appinfo/register_command.php
@@ -11,3 +11,4 @@ $application->add(new OCA\user_ldap\Command\SetConfig());
$application->add(new OCA\user_ldap\Command\TestConfig());
$application->add(new OCA\user_ldap\Command\CreateEmptyConfig());
$application->add(new OCA\user_ldap\Command\DeleteConfig());
+$application->add(new OCA\user_ldap\Command\Search());
diff --git a/apps/user_ldap/command/search.php b/apps/user_ldap/command/search.php
new file mode 100644
index 00000000000..e20255510d8
--- /dev/null
+++ b/apps/user_ldap/command/search.php
@@ -0,0 +1,100 @@
+<?php
+/**
+ * Copyright (c) 2014 Arthur Schiwon <blizzz@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OCA\user_ldap\Command;
+
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+
+use OCA\user_ldap\User_Proxy;
+use OCA\user_ldap\Group_Proxy;
+use OCA\user_ldap\lib\Helper;
+use OCA\user_ldap\lib\LDAP;
+
+class Search extends Command {
+ protected function configure() {
+ $this
+ ->setName('ldap:search')
+ ->setDescription('executes a user or group search')
+ ->addArgument(
+ 'search',
+ InputArgument::REQUIRED,
+ 'the search string (can be empty)'
+ )
+ ->addOption(
+ 'group',
+ null,
+ InputOption::VALUE_NONE,
+ 'searches groups instead of users'
+ )
+ ->addOption(
+ 'offset',
+ null,
+ InputOption::VALUE_REQUIRED,
+ 'The offset of the result set. Needs to be a multiple of limit. defaults to 0.',
+ 0
+ )
+ ->addOption(
+ 'limit',
+ null,
+ InputOption::VALUE_REQUIRED,
+ 'limit the results. 0 means no limit, defaults to 15',
+ 15
+ )
+ ;
+ }
+
+ /**
+ * Tests whether the offset and limit options are valid
+ * @param int $offset
+ * @param int $limit
+ * @throws \InvalidArgumentException
+ */
+ protected function validateOffsetAndLimit($offset, $limit) {
+ if($limit < 0) {
+ throw new \InvalidArgumentException('limit must be 0 or greater');
+ }
+ if($offset < 0) {
+ throw new \InvalidArgumentException('offset must be 0 or greater');
+ }
+ if($limit === 0 && $offset !== 0) {
+ throw new \InvalidArgumentException('offset must be 0 if limit is also set to 0');
+ }
+ if($offset > 0 && ($offset % $limit !== 0)) {
+ throw new \InvalidArgumentException('offset must be a multiple of limit');
+ }
+ }
+
+ protected function execute(InputInterface $input, OutputInterface $output) {
+ $configPrefixes = Helper::getServerConfigurationPrefixes(true);
+ $ldapWrapper = new LDAP();
+
+ $offset = intval($input->getOption('offset'));
+ $limit = intval($input->getOption('limit'));
+ $this->validateOffsetAndLimit($offset, $limit);
+
+ if($input->getOption('group')) {
+ $proxy = new Group_Proxy($configPrefixes, $ldapWrapper);
+ $getMethod = 'getGroups';
+ $printID = false;
+ } else {
+ $proxy = new User_Proxy($configPrefixes, $ldapWrapper);
+ $getMethod = 'getDisplayNames';
+ $printID = true;
+ }
+
+ $result = $proxy->$getMethod($input->getArgument('search'), $limit, $offset);
+ foreach($result as $id => $name) {
+ $line = $name . ($printID ? ' ('.$id.')' : '');
+ $output->writeln($line);
+ }
+ }
+}
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 6f28a87d30c..5a4d324fba2 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -403,6 +403,8 @@ class Access extends LDAPUtility implements user\IUserTools {
//a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups
//disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check
+ //NOTE: mind, disabling cache affects only this instance! Using it
+ // outside of core user management will still cache the user as non-existing.
$originalTTL = $this->connection->ldapCacheTTL;
$this->connection->setConfiguration(array('ldapCacheTTL' => 0));
if(($isUser && !\OCP\User::userExists($intName))
@@ -507,6 +509,7 @@ class Access extends LDAPUtility implements user\IUserTools {
if($isUsers) {
//cache the user names so it does not need to be retrieved
//again later (e.g. sharing dialogue).
+ $this->cacheUserExists($ocName);
$this->cacheUserDisplayName($ocName, $nameByLDAP);
}
}
@@ -516,6 +519,14 @@ class Access extends LDAPUtility implements user\IUserTools {
}
/**
+ * caches a user as existing
+ * @param string $ocName the internal ownCloud username
+ */
+ public function cacheUserExists($ocName) {
+ $this->connection->writeToCache('userExists'.$ocName, true);
+ }
+
+ /**
* caches the user display name
* @param string $ocName the internal ownCloud username
* @param string $displayName the display name
@@ -1142,6 +1153,33 @@ class Access extends LDAPUtility implements user\IUserTools {
}
/**
+ * creates a filter part for searches by splitting up the given search
+ * string into single words
+ * @param string $search the search term
+ * @param string[] $searchAttributes needs to have at least two attributes,
+ * otherwise it does not make sense :)
+ * @return string the final filter part to use in LDAP searches
+ * @throws \Exception
+ */
+ private function getAdvancedFilterPartForSearch($search, $searchAttributes) {
+ if(!is_array($searchAttributes) || count($searchAttributes) < 2) {
+ throw new \Exception('searchAttributes must be an array with at least two string');
+ }
+ $searchWords = explode(' ', trim($search));
+ $wordFilters = array();
+ foreach($searchWords as $word) {
+ $word .= '*';
+ //every word needs to appear at least once
+ $wordMatchOneAttrFilters = array();
+ foreach($searchAttributes as $attr) {
+ $wordMatchOneAttrFilters[] = $attr . '=' . $word;
+ }
+ $wordFilters[] = $this->combineFilterWithOr($wordMatchOneAttrFilters);
+ }
+ return $this->combineFilterWithAnd($wordFilters);
+ }
+
+ /**
* creates a filter part for searches
* @param string $search the search term
* @param string[]|null $searchAttributes
@@ -1151,7 +1189,19 @@ class Access extends LDAPUtility implements user\IUserTools {
*/
private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) {
$filter = array();
- $search = empty($search) ? '*' : '*'.$search.'*';
+ $haveMultiSearchAttributes = (is_array($searchAttributes) && count($searchAttributes) > 0);
+ if($haveMultiSearchAttributes && strpos(trim($search), ' ') !== false) {
+ try {
+ return $this->getAdvancedFilterPartForSearch($search, $searchAttributes);
+ } catch(\Exception $e) {
+ \OCP\Util::writeLog(
+ 'user_ldap',
+ 'Creating advanced filter for search failed, falling back to simple method.',
+ \OCP\Util::INFO
+ );
+ }
+ }
+ $search = empty($search) ? '*' : $search.'*';
if(!is_array($searchAttributes) || count($searchAttributes) === 0) {
if(empty($fallbackAttribute)) {
return '';
diff --git a/core/js/share.js b/core/js/share.js
index d9ae0168129..b856363d157 100644
--- a/core/js/share.js
+++ b/core/js/share.js
@@ -447,7 +447,7 @@ OC.Share={
$('#shareWith').autocomplete({minLength: 2, delay: 750, source: function(search, response) {
var $loading = $('#dropdown .shareWithLoading');
$loading.removeClass('hidden');
- $.get(OC.filePath('core', 'ajax', 'share.php'), { fetch: 'getShareWith', search: search.term, itemShares: OC.Share.itemShares }, function(result) {
+ $.get(OC.filePath('core', 'ajax', 'share.php'), { fetch: 'getShareWith', search: search.term.trim(), itemShares: OC.Share.itemShares }, function(result) {
$loading.addClass('hidden');
if (result.status == 'success' && result.data.length > 0) {
$( "#shareWith" ).autocomplete( "option", "autoFocus", true );