diff options
| -rw-r--r-- | apps/user_ldap/lib/access.php | 435 | ||||
| -rw-r--r-- | apps/user_ldap/lib/backendutility.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/configuration.php | 109 | ||||
| -rw-r--r-- | apps/user_ldap/lib/connection.php | 53 | ||||
| -rw-r--r-- | apps/user_ldap/lib/helper.php | 12 | ||||
| -rw-r--r-- | apps/user_ldap/lib/ildapwrapper.php | 116 | ||||
| -rw-r--r-- | apps/user_ldap/lib/jobs.php | 21 | ||||
| -rw-r--r-- | apps/user_ldap/lib/ldap.php | 121 | ||||
| -rw-r--r-- | apps/user_ldap/lib/ldaputility.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/proxy.php | 47 | ||||
| -rw-r--r-- | apps/user_ldap/lib/wizard.php | 130 | ||||
| -rw-r--r-- | apps/user_ldap/lib/wizardresult.php | 13 |
12 files changed, 683 insertions, 378 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 712407505fb..4b37f59f1d4 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -23,6 +23,10 @@ namespace OCA\user_ldap\lib; +/** + * Class Access + * @package OCA\user_ldap\lib + */ class Access extends LDAPUtility { public $connection; //never ever check this var directly, always use getPagedSearchResultState @@ -30,24 +34,30 @@ class Access extends LDAPUtility { protected $cookies = array(); + /** + * @param Connection $connection + * @param ILDAPWrapper $ldap + */ public function __construct(Connection $connection, ILDAPWrapper $ldap) { parent::__construct($ldap); $this->connection = $connection; } + /** + * @return bool + */ private function checkConnection() { return ($this->connection instanceof Connection); } /** * @brief reads a given attribute for an LDAP record identified by a DN - * @param $dn the record in question - * @param $attr the attribute that shall be retrieved + * @param string $dn the record in question + * @param string $attr the attribute that shall be retrieved * if empty, just check the record's existence - * @returns an array of values on success or an empty + * @param string $filter + * @return array|false an array of values on success or an empty * array if $attr is empty, false otherwise - * - * Reads an attribute from an LDAP entry or check if entry exists */ public function readAttribute($dn, $attr, $filter = 'objectClass=*') { if(!$this->checkConnection()) { @@ -105,7 +115,7 @@ class Access extends LDAPUtility { } /** - * @brief checks wether the given attribute`s valua is probably a DN + * @brief checks whether the given attributes value is probably a DN * @param string $attr the attribute in question * @return boolean if so true, otherwise false */ @@ -120,8 +130,8 @@ class Access extends LDAPUtility { /** * @brief sanitizes a DN received from the LDAP server - * @param $dn the DN in question - * @return the sanitized DN + * @param array $dn the DN in question + * @return array the sanitized DN */ private function sanitizeDN($dn) { //treating multiple base DNs @@ -163,7 +173,8 @@ class Access extends LDAPUtility { /** * gives back the database table for the query - * @param boolean $isUser + * @param bool $isUser + * @return string */ private function getMapTable($isUser) { if($isUser) { @@ -176,9 +187,7 @@ class Access extends LDAPUtility { /** * @brief returns the LDAP DN for the given internal ownCloud name of the group * @param string $name the ownCloud name in question - * @returns string with the LDAP DN on success, otherwise false - * - * returns the LDAP DN for the given internal ownCloud name of the group + * @return string with the LDAP DN on success, otherwise false */ public function groupname2dn($name) { $dn = $this->ocname2dn($name, false); @@ -192,10 +201,8 @@ class Access extends LDAPUtility { /** * @brief returns the LDAP DN for the given internal ownCloud name of the user - * @param $name the ownCloud name in question - * @returns string with the LDAP DN on success, otherwise false - * - * returns the LDAP DN for the given internal ownCloud name of the user + * @param string $name the ownCloud name in question + * @return string with the LDAP DN on success, otherwise false */ public function username2dn($name) { $dn = $this->ocname2dn($name, true); @@ -210,11 +217,9 @@ class Access extends LDAPUtility { /** * @brief returns the LDAP DN for the given internal ownCloud name - * @param $name the ownCloud name in question + * @param string $name the ownCloud name in question * @param boolean $isUser is it a user? otherwise group - * @returns string with the LDAP DN on success, otherwise false - * - * returns the LDAP DN for the given internal ownCloud name + * @return string with the LDAP DN on success, otherwise false */ private function ocname2dn($name, $isUser) { $table = $this->getMapTable($isUser); @@ -230,15 +235,12 @@ class Access extends LDAPUtility { } /** - * @brief returns the internal ownCloud name for the given LDAP DN of the group - * @param $dn the dn of the group object - * @param $ldapname optional, the display name of the object - * @returns string with with the name to use in ownCloud, false on DN outside of search DN - * - * returns the internal ownCloud name for the given LDAP DN of the - * group, false on DN outside of search DN or failure + * @brief returns the internal ownCloud name for the given LDAP DN of the group, false on DN outside of search DN or failure + * @param string $dn the dn of the group object + * @param string $ldapName optional, the display name of the object + * @return string with the name to use in ownCloud, false on DN outside of search DN */ - public function dn2groupname($dn, $ldapname = null) { + public function dn2groupname($dn, $ldapName = null) { //To avoid bypassing the base DN settings under certain circumstances //with the group support, check whether the provided DN matches one of //the given Bases @@ -246,18 +248,16 @@ class Access extends LDAPUtility { return false; } - return $this->dn2ocname($dn, $ldapname, false); + return $this->dn2ocname($dn, $ldapName, false); } /** - * @brief returns the internal ownCloud name for the given LDAP DN of the user - * @param $dn the dn of the user object - * @param $ldapname optional, the display name of the object - * @returns string with with the name to use in ownCloud - * - * returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN or failure + * @brief returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN or failure + * @param string $dn the dn of the user object + * @param string $ldapName optional, the display name of the object + * @return string with with the name to use in ownCloud */ - public function dn2username($dn, $ldapname = null) { + public function dn2username($dn, $ldapName = null) { //To avoid bypassing the base DN settings under certain circumstances //with the group support, check whether the provided DN matches one of //the given Bases @@ -265,19 +265,17 @@ class Access extends LDAPUtility { return false; } - return $this->dn2ocname($dn, $ldapname, true); + return $this->dn2ocname($dn, $ldapName, true); } /** - * @brief returns an internal ownCloud name for the given LDAP DN - * @param $dn the dn of the user object - * @param $ldapname optional, the display name of the object - * @param $isUser optional, wether it is a user object (otherwise group assumed) - * @returns string with with the name to use in ownCloud - * - * returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN + * @brief returns an internal ownCloud name for the given LDAP DN, false on DN outside of search DN + * @param string $dn the dn of the user object + * @param string $ldapName optional, the display name of the object + * @param bool $isUser optional, whether it is a user object (otherwise group assumed) + * @return string with with the name to use in ownCloud */ - public function dn2ocname($dn, $ldapname = null, $isUser = true) { + public function dn2ocname($dn, $ldapName = null, $isUser = true) { $table = $this->getMapTable($isUser); if($isUser) { $fncFindMappedName = 'findMappedUser'; @@ -288,9 +286,9 @@ class Access extends LDAPUtility { } //let's try to retrieve the ownCloud name from the mappings table - $ocname = $this->$fncFindMappedName($dn); - if($ocname) { - return $ocname; + $ocName = $this->$fncFindMappedName($dn); + if($ocName) { + return $ocName; } //second try: get the UUID and check if it is known. Then, update the DN and return the name. @@ -317,13 +315,13 @@ class Access extends LDAPUtility { return false; } - if(is_null($ldapname)) { - $ldapname = $this->readAttribute($dn, $nameAttribute); - if(!isset($ldapname[0]) && empty($ldapname[0])) { + if(is_null($ldapName)) { + $ldapName = $this->readAttribute($dn, $nameAttribute); + if(!isset($ldapName[0]) && empty($ldapName[0])) { \OCP\Util::writeLog('user_ldap', 'No or empty name for '.$dn.'.', \OCP\Util::INFO); return false; } - $ldapname = $ldapname[0]; + $ldapName = $ldapName[0]; } if($isUser) { @@ -334,27 +332,27 @@ class Access extends LDAPUtility { } else { $username = $uuid; } - $intname = $this->sanitizeUsername($username); + $intName = $this->sanitizeUsername($username); } else { - $intname = $ldapname; + $intName = $ldapName; } //a new user/group! Add it only if it doesn't conflict with other backend's users or existing groups //disabling Cache is required to avoid that the new user is cached as not-existing in fooExists check $originalTTL = $this->connection->ldapCacheTTL; $this->connection->setConfiguration(array('ldapCacheTTL' => 0)); - if(($isUser && !\OCP\User::userExists($intname)) - || (!$isUser && !\OC_Group::groupExists($intname))) { - if($this->mapComponent($dn, $intname, $isUser)) { + if(($isUser && !\OCP\User::userExists($intName)) + || (!$isUser && !\OC_Group::groupExists($intName))) { + if($this->mapComponent($dn, $intName, $isUser)) { $this->connection->setConfiguration(array('ldapCacheTTL' => $originalTTL)); - return $intname; + return $intName; } } $this->connection->setConfiguration(array('ldapCacheTTL' => $originalTTL)); - $altname = $this->createAltInternalOwnCloudName($intname, $isUser); - if($this->mapComponent($dn, $altname, $isUser)) { - return $altname; + $altName = $this->createAltInternalOwnCloudName($intName, $isUser); + if($this->mapComponent($dn, $altName, $isUser)) { + return $altName; } //if everything else did not help.. @@ -364,8 +362,8 @@ class Access extends LDAPUtility { /** * @brief gives back the user names as they are used ownClod internally - * @param $ldapGroups an array with the ldap Users result in style of array ( array ('dn' => foo, 'uid' => bar), ... ) - * @returns an array with the user names to use in ownCloud + * @param array $ldapUsers an array with the ldap Users result in style of array ( array ('dn' => foo, 'uid' => bar), ... ) + * @return array an array with the user names to use in ownCloud * * gives back the user names as they are used ownClod internally */ @@ -375,8 +373,8 @@ class Access extends LDAPUtility { /** * @brief gives back the group names as they are used ownClod internally - * @param $ldapGroups an array with the ldap Groups result in style of array ( array ('dn' => foo, 'cn' => bar), ... ) - * @returns an array with the group names to use in ownCloud + * @param array $ldapGroups an array with the ldap Groups result in style of array ( array ('dn' => foo, 'cn' => bar), ... ) + * @return array an array with the group names to use in ownCloud * * gives back the group names as they are used ownClod internally */ @@ -384,6 +382,10 @@ class Access extends LDAPUtility { return $this->ldap2ownCloudNames($ldapGroups, false); } + /** + * @param $dn + * @return bool|string + */ private function findMappedUser($dn) { static $query = null; if(is_null($query)) { @@ -400,6 +402,10 @@ class Access extends LDAPUtility { return false; } + /** + * @param $dn + * @return bool|string + */ private function findMappedGroup($dn) { static $query = null; if(is_null($query)) { @@ -416,9 +422,10 @@ class Access extends LDAPUtility { return false; } - /** - * @param boolean $isUsers + * @param $ldapObjects + * @param bool $isUsers + * @return array */ private function ldap2ownCloudNames($ldapObjects, $isUsers) { if($isUsers) { @@ -430,13 +437,13 @@ class Access extends LDAPUtility { foreach($ldapObjects as $ldapObject) { $nameByLDAP = isset($ldapObject[$nameAttribute]) ? $ldapObject[$nameAttribute] : null; - $ocname = $this->dn2ocname($ldapObject['dn'], $nameByLDAP, $isUsers); - if($ocname) { - $ownCloudNames[] = $ocname; + $ocName = $this->dn2ocname($ldapObject['dn'], $nameByLDAP, $isUsers); + if($ocName) { + $ownCloudNames[] = $ocName; if($isUsers) { //cache the user names so it does not need to be retrieved //again later (e.g. sharing dialogue). - $this->cacheUserDisplayName($ocname, $nameByLDAP); + $this->cacheUserDisplayName($ocName, $nameByLDAP); } } continue; @@ -446,18 +453,18 @@ class Access extends LDAPUtility { /** * @brief caches the user display name - * @param string the internal owncloud username - * @param string the display name + * @param string $ocName the internal ownCloud username + * @param string $displayName the display name */ - public function cacheUserDisplayName($ocname, $displayName) { + public function cacheUserDisplayName($ocName, $displayName) { $cacheKeyTrunk = 'getDisplayName'; - $this->connection->writeToCache($cacheKeyTrunk.$ocname, $displayName); + $this->connection->writeToCache($cacheKeyTrunk.$ocName, $displayName); } /** * @brief creates a unique name for internal ownCloud use for users. Don't call it directly. - * @param $name the display name of the object - * @returns string with with the name to use in ownCloud or false if unsuccessful + * @param string $name the display name of the object + * @return string with with the name to use in ownCloud or false if unsuccessful * * Instead of using this method directly, call * createAltInternalOwnCloudName($name, true) @@ -478,8 +485,8 @@ class Access extends LDAPUtility { /** * @brief creates a unique name for internal ownCloud use for groups. Don't call it directly. - * @param $name the display name of the object - * @returns string with with the name to use in ownCloud or false if unsuccessful. + * @param string $name the display name of the object + * @return string with with the name to use in ownCloud or false if unsuccessful. * * Instead of using this method directly, call * createAltInternalOwnCloudName($name, false) @@ -504,17 +511,17 @@ class Access extends LDAPUtility { $lastNo = 1; //will become name_2 } else { natsort($usedNames); - $lastname = array_pop($usedNames); - $lastNo = intval(substr($lastname, strrpos($lastname, '_') + 1)); + $lastName = array_pop($usedNames); + $lastNo = intval(substr($lastName, strrpos($lastName, '_') + 1)); } $altName = $name.'_'.strval($lastNo+1); unset($usedNames); $attempts = 1; while($attempts < 21){ - //Pro forma check to be really sure it is unique - //while loop is just a precaution. If a name is not generated within - //20 attempts, something else is very wrong. Avoids infinite loop. + // Check to be really sure it is unique + // while loop is just a precaution. If a name is not generated within + // 20 attempts, something else is very wrong. Avoids infinite loop. if(!\OC_Group::groupExists($altName)) { return $altName; } @@ -526,9 +533,9 @@ class Access extends LDAPUtility { /** * @brief creates a unique name for internal ownCloud use. - * @param $name the display name of the object + * @param string $name the display name of the object * @param boolean $isUser whether name should be created for a user (true) or a group (false) - * @returns string with with the name to use in ownCloud or false if unsuccessful + * @return string with with the name to use in ownCloud or false if unsuccessful */ private function createAltInternalOwnCloudName($name, $isUser) { $originalTTL = $this->connection->ldapCacheTTL; @@ -545,7 +552,7 @@ class Access extends LDAPUtility { /** * @brief retrieves all known groups from the mappings table - * @returns array with the results + * @return array with the results * * retrieves all known groups from the mappings table */ @@ -555,7 +562,7 @@ class Access extends LDAPUtility { /** * @brief retrieves all known users from the mappings table - * @returns array with the results + * @return array with the results * * retrieves all known users from the mappings table */ @@ -579,19 +586,19 @@ class Access extends LDAPUtility { /** * @brief inserts a new user or group into the mappings table - * @param $dn the record in question - * @param $ocname the name to use in ownCloud - * @param $isUser is it a user or a group? - * @returns true on success, false otherwise + * @param string $dn the record in question + * @param string $ocName the name to use in ownCloud + * @param bool $isUser is it a user or a group? + * @return bool true on success, false otherwise * * inserts a new user or group into the mappings table */ - private function mapComponent($dn, $ocname, $isUser = true) { + private function mapComponent($dn, $ocName, $isUser = true) { $table = $this->getMapTable($isUser); $sqlAdjustment = ''; - $dbtype = \OCP\Config::getSystemValue('dbtype'); - if($dbtype === 'mysql') { + $dbType = \OCP\Config::getSystemValue('dbtype'); + if($dbType === 'mysql') { $sqlAdjustment = 'FROM DUAL'; } @@ -607,9 +614,9 @@ class Access extends LDAPUtility { '); //feed the DB - $insRows = $insert->execute(array($dn, $ocname, + $insRows = $insert->execute(array($dn, $ocName, $this->getUUID($dn, $isUser), $dn, - $ocname)); + $ocName)); if(\OCP\DB::isError($insRows)) { return false; @@ -623,24 +630,31 @@ class Access extends LDAPUtility { } /** - * @param integer $limit - * @param integer $offset + * @param $filter + * @param $attr + * @param int $limit + * @param int $offset + * @return array */ public function fetchListOfUsers($filter, $attr, $limit = null, $offset = null) { return $this->fetchList($this->searchUsers($filter, $attr, $limit, $offset), (count($attr) > 1)); } /** - * @param string $filter - * @param integer $limit - * @param integer $offset + * @param $filter + * @param $attr + * @param int $limit + * @param int $offset + * @return array */ public function fetchListOfGroups($filter, $attr, $limit = null, $offset = null) { return $this->fetchList($this->searchGroups($filter, $attr, $limit, $offset), (count($attr) > 1)); } /** - * @param boolean $manyAttributes + * @param $list + * @param bool $manyAttributes + * @return array */ private function fetchList($list, $manyAttributes) { if(is_array($list)) { @@ -657,11 +671,11 @@ class Access extends LDAPUtility { /** * @brief executes an LDAP search, optimized for Users - * @param $filter the LDAP filter for the search - * @param $attr optional, when a certain attribute shall be filtered out + * @param string $filter the LDAP filter for the search + * @param string $attr optional, when a certain attribute shall be filtered out * @param integer $limit * @param integer $offset - * @returns array with the search result + * @return array with the search result * * Executes an LDAP search */ @@ -671,6 +685,10 @@ class Access extends LDAPUtility { /** * @param string $filter + * @param array $attr + * @param int $limit + * @param int $offset + * @return false|int */ public function countUsers($filter, $attr = array('dn'), $limit = null, $offset = null) { return $this->count($filter, $this->connection->ldapBaseUsers, $attr, $limit, $offset); @@ -679,10 +697,10 @@ class Access extends LDAPUtility { /** * @brief executes an LDAP search, optimized for Groups * @param string $filter the LDAP filter for the search - * @param $attr optional, when a certain attribute shall be filtered out + * @param string $attr optional, when a certain attribute shall be filtered out * @param integer $limit * @param integer $offset - * @returns array with the search result + * @return array with the search result * * Executes an LDAP search */ @@ -692,13 +710,13 @@ class Access extends LDAPUtility { /** * @brief prepares and executes an LDAP search operation - * @param $filter the LDAP filter for the search - * @param $base an array containing the LDAP subtree(s) that shall be searched - * @param $attr optional, array, one or more attributes that shall be + * @param string $filter the LDAP filter for the search + * @param array $base an array containing the LDAP subtree(s) that shall be searched + * @param array $attr optional, array, one or more attributes that shall be * retrieved. Results will according to the order in the array. - * @param $limit optional, maximum results to be counted - * @param $offset optional, a starting point - * @returns array with the search result as first value and pagedSearchOK as + * @param int $limit optional, maximum results to be counted + * @param int $offset optional, a starting point + * @return array|false array with the search result as first value and pagedSearchOK as * second | false if not successful */ private function executeSearch($filter, $base, &$attr = null, $limit = null, $offset = null) { @@ -715,7 +733,7 @@ class Access extends LDAPUtility { return false; } - //check wether paged search should be attempted + //check whether paged search should be attempted $pagedSearchOK = $this->initPagedSearch($filter, $base, $attr, $limit, $offset); $linkResources = array_pad(array(), count($base), $cr); @@ -738,16 +756,16 @@ class Access extends LDAPUtility { /** * @brief processes an LDAP paged search operation - * @param $sr the array containing the LDAP search resources - * @param $filter the LDAP filter for the search - * @param $base an array containing the LDAP subtree(s) that shall be searched - * @param $iFoundItems number of results in the search operation - * @param $limit maximum results to be counted - * @param $offset a starting point - * @param $pagedSearchOK whether a paged search has been executed - * @param boolean $skipHandling required for paged search when cookies to + * @param array $sr the array containing the LDAP search resources + * @param string $filter the LDAP filter for the search + * @param array $base an array containing the LDAP subtree(s) that shall be searched + * @param int $iFoundItems number of results in the search operation + * @param int $limit maximum results to be counted + * @param int $offset a starting point + * @param bool $pagedSearchOK whether a paged search has been executed + * @param bool $skipHandling required for paged search when cookies to * prior results need to be gained - * @returns array with the search result as first value and pagedSearchOK as + * @returns array|false array with the search result as first value and pagedSearchOK as * second | false if not successful */ private function processPagedSearchStatus($sr, $filter, $base, $iFoundItems, $limit, $offset, $pagedSearchOK, $skipHandling) { @@ -780,14 +798,14 @@ class Access extends LDAPUtility { /** * @brief executes an LDAP search, but counts the results only * @param string $filter the LDAP filter for the search - * @param $base an array containing the LDAP subtree(s) that shall be searched - * @param $attr optional, array, one or more attributes that shall be + * @param array $base an array containing the LDAP subtree(s) that shall be searched + * @param array $attr optional, array, one or more attributes that shall be * retrieved. Results will according to the order in the array. - * @param $limit optional, maximum results to be counted - * @param $offset optional, a starting point - * @param $skipHandling indicates whether the pages search operation is + * @param int $limit optional, maximum results to be counted + * @param int $offset optional, a starting point + * @param bool $skipHandling indicates whether the pages search operation is * completed - * @returns int | false if the search could not be initialized + * @returns int|false Integer or false if the search could not be initialized * */ private function count($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) { @@ -799,7 +817,7 @@ class Access extends LDAPUtility { $counter = 0; $count = null; - $cr = $this->connection->getConnectionResource(); + $this->connection->getConnectionResource(); do { $continue = false; @@ -821,10 +839,15 @@ class Access extends LDAPUtility { return $counter; } - private function countEntriesInSearchResults($searchResults, $limit, - &$hasHitLimit) { + /** + * @param $searchResults + * @param $limit + * @param $hasHitLimit + * @return int + */ + private function countEntriesInSearchResults($searchResults, $limit, &$hasHitLimit) { $cr = $this->connection->getConnectionResource(); - $count = 0; + $counter = 0; foreach($searchResults as $res) { $count = intval($this->ldap->countEntries($cr, $res)); @@ -838,14 +861,14 @@ class Access extends LDAPUtility { } /** - * @brief executes an LDAP search - * @param $filter the LDAP filter for the search - * @param $base an array containing the LDAP subtree(s) that shall be searched - * @param $attr optional, array, one or more attributes that shall be - * retrieved. Results will according to the order in the array. - * @returns array with the search result - * - * Executes an LDAP search + * @brief Executes an LDAP search + * @param string $filter the LDAP filter for the search + * @param array $base an array containing the LDAP subtree(s) that shall be searched + * @param array $attr optional, array, one or more attributes that shall be + * @param int $limit + * @param int $offset + * @param bool $skipHandling + * @return array with the search result */ private function search($filter, $base, $attr = null, $limit = null, $offset = null, $skipHandling = false) { $search = $this->executeSearch($filter, $base, $attr, $limit, $offset); @@ -873,7 +896,7 @@ class Access extends LDAPUtility { } $findings = array(); - foreach($sr as $key => $res) { + foreach($sr as $res) { $findings = array_merge($findings, $this->ldap->getEntries($cr , $res )); } @@ -889,9 +912,9 @@ class Access extends LDAPUtility { if(!is_null($attr)) { $selection = array(); - $multiarray = false; + $multiArray = false; if(count($attr) > 1) { - $multiarray = true; + $multiArray = true; $i = 0; } foreach($findings as $item) { @@ -900,7 +923,7 @@ class Access extends LDAPUtility { } $item = \OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8'); - if($multiarray) { + if($multiArray) { foreach($attr as $key) { $key = mb_strtolower($key, 'UTF-8'); if(isset($item[$key])) { @@ -931,7 +954,7 @@ class Access extends LDAPUtility { $findings = $selection; } //we slice the findings, when - //a) paged search insuccessful, though attempted + //a) paged search unsuccessful, though attempted //b) no paged search, but limit set if((!$this->getPagedSearchResultState() && $pagedSearchOK) @@ -945,19 +968,23 @@ class Access extends LDAPUtility { return $findings; } + /** + * @param $name + * @return bool|mixed|string + */ public function sanitizeUsername($name) { if($this->connection->ldapIgnoreNamingRules) { return $name; } - // Translitaration - //latin characters to ASCII + // Transliteration + // latin characters to ASCII $name = iconv('UTF-8', 'ASCII//TRANSLIT', $name); - //REPLACEMENTS + // Replacements $name = \OCP\Util::mb_str_replace(' ', '_', $name, 'UTF-8'); - //every remaining unallowed characters will be removed + // Every remaining disallowed characters will be removed $name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name); return $name; @@ -966,7 +993,7 @@ class Access extends LDAPUtility { /** * @brief escapes (user provided) parts for LDAP filter * @param string $input, the provided value - * @return the escaped string + * @return string the escaped string */ public function escapeFilterPart($input) { $search = array('*', '\\', '(', ')'); @@ -977,9 +1004,7 @@ class Access extends LDAPUtility { /** * @brief combines the input filters with AND * @param $filters array, the filters to connect - * @returns the combined filter - * - * Combines Filter arguments with AND + * @return string the combined filter */ public function combineFilterWithAnd($filters) { return $this->combineFilter($filters, '&'); @@ -988,9 +1013,7 @@ class Access extends LDAPUtility { /** * @brief combines the input filters with AND * @param $filters array, the filters to connect - * @returns the combined filter - * - * Combines Filter arguments with AND + * @return string the combined filter */ public function combineFilterWithOr($filters) { return $this->combineFilter($filters, '|'); @@ -1000,9 +1023,7 @@ class Access extends LDAPUtility { * @brief combines the input filters with given operator * @param $filters array, the filters to connect * @param string $operator either & or | - * @returns the combined filter - * - * Combines Filter arguments with AND + * @return string the combined filter */ private function combineFilter($filters, $operator) { $combinedFilter = '('.$operator; @@ -1017,7 +1038,7 @@ class Access extends LDAPUtility { } /** - * @brief creates a filter part for to perfrom search for users + * @brief creates a filter part for to perform search for users * @param string $search the search term * @return string the final filter part to use in LDAP searches */ @@ -1028,7 +1049,7 @@ class Access extends LDAPUtility { } /** - * @brief creates a filter part for to perfrom search for groups + * @brief creates a filter part for to perform search for groups * @param string $search the search term * @return string the final filter part to use in LDAP searches */ @@ -1041,9 +1062,10 @@ class Access extends LDAPUtility { /** * @brief creates a filter part for searches * @param string $search the search term + * @param $searchAttributes * @param string $fallbackAttribute a fallback attribute in case the user * did not define search attributes. Typically the display name attribute. - * @returns string the final filter part to use in LDAP searches + * @return string the final filter part to use in LDAP searches */ private function getFilterPartForSearch($search, $searchAttributes, $fallbackAttribute) { $filter = array(); @@ -1065,7 +1087,9 @@ class Access extends LDAPUtility { } /** + * @param string $name * @param string $password + * @return bool */ public function areCredentialsValid($name, $password) { $name = $this->DNasBaseParameter($name); @@ -1084,8 +1108,9 @@ class Access extends LDAPUtility { /** * @brief auto-detects the directory's UUID attribute - * @param $dn a known DN used to check against - * @param $force the detection should be run, even if it is not set to auto + * @param string $dn a known DN used to check against + * @param bool $isUser + * @param bool $force the detection should be run, even if it is not set to auto * @returns true on success, false otherwise */ private function detectUuidAttribute($dn, $isUser = true, $force = false) { @@ -1106,7 +1131,7 @@ class Access extends LDAPUtility { return true; } - //for now, supported attributes are entryUUID, nsuniqueid, objectGUID, ipaUniqueID + // for now, supported attributes are entryUUID, nsuniqueid, objectGUID, ipaUniqueID $testAttributes = array('entryuuid', 'nsuniqueid', 'objectguid', 'guid', 'ipauniqueid'); foreach($testAttributes as $attribute) { @@ -1126,6 +1151,11 @@ class Access extends LDAPUtility { return false; } + /** + * @param $dn + * @param bool $isUser + * @return array|bool|false + */ public function getUUID($dn, $isUser = true) { if($isUser) { $uuidAttr = 'ldapUuidUserAttribute'; @@ -1154,11 +1184,9 @@ class Access extends LDAPUtility { /** * @brief converts a binary ObjectGUID into a string representation - * @param $oguid the ObjectGUID in it's binary form as retrieved from AD - * @returns String - * - * converts a binary ObjectGUID into a string representation - * http://www.php.net/manual/en/function.ldap-get-values-len.php#73198 + * @param string $oguid the ObjectGUID in it's binary form as retrieved from AD + * @return string + * @link http://www.php.net/manual/en/function.ldap-get-values-len.php#73198 */ private function convertObjectGUID2Str($oguid) { $hex_guid = bin2hex($oguid); @@ -1181,12 +1209,9 @@ class Access extends LDAPUtility { } /** - * @brief converts a stored DN so it can be used as base parameter for LDAP queries - * @param $dn the DN - * @returns String - * - * converts a stored DN so it can be used as base parameter for LDAP queries - * internally we store them for usage in LDAP filters + * @brief converts a stored DN so it can be used as base parameter for LDAP queries, internally we store them for usage in LDAP filters + * @param string $dn the DN + * @return string */ private function DNasBaseParameter($dn) { return str_ireplace('\\5c', '\\', $dn); @@ -1194,12 +1219,14 @@ class Access extends LDAPUtility { /** * @brief checks if the given DN is part of the given base DN(s) - * @param $dn the DN + * @param string $dn the DN * @param $bases array containing the allowed base DN or DNs - * @returns Boolean + * @return bool */ private function isDNPartOfBase($dn, $bases) { + $belongsToBase = false; $bases = $this->sanitizeDN($bases); + foreach($bases as $base) { $belongsToBase = true; if(mb_strripos($dn, $base, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen($base, 'UTF-8'))) { @@ -1214,10 +1241,10 @@ class Access extends LDAPUtility { /** * @brief get a cookie for the next LDAP paged search - * @param $base a string with the base DN for the search - * @param $filter the search filter to identify the correct search - * @param $limit the limit (or 'pageSize'), to identify the correct search well - * @param $offset the offset for the new search to identify the correct search really good + * @param string $base a string with the base DN for the search + * @param string $filter the search filter to identify the correct search + * @param int $limit the limit (or 'pageSize'), to identify the correct search well + * @param int $offset the offset for the new search to identify the correct search really good * @returns string containing the key or empty if none is cached */ private function getPagedResultCookie($base, $filter, $limit, $offset) { @@ -1226,10 +1253,10 @@ class Access extends LDAPUtility { } $offset -= $limit; //we work with cache here - $cachekey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . intval($limit) . '-' . intval($offset); + $cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' . intval($limit) . '-' . intval($offset); $cookie = ''; - if(isset($this->cookies[$cachekey])) { - $cookie = $this->cookies[$cachekey]; + if(isset($this->cookies[$cacheKey])) { + $cookie = $this->cookies[$cacheKey]; if(is_null($cookie)) { $cookie = ''; } @@ -1239,22 +1266,22 @@ class Access extends LDAPUtility { /** * @brief set a cookie for LDAP paged search run - * @param $base a string with the base DN for the search - * @param $filter the search filter to identify the correct search - * @param $limit the limit (or 'pageSize'), to identify the correct search well - * @param $offset the offset for the run search to identify the correct search really good - * @param $cookie string containing the cookie returned by ldap_control_paged_result_response + * @param string $base a string with the base DN for the search + * @param string $filter the search filter to identify the correct search + * @param int $limit the limit (or 'pageSize'), to identify the correct search well + * @param int $offset the offset for the run search to identify the correct search really good + * @param string $cookie string containing the cookie returned by ldap_control_paged_result_response * @return void */ private function setPagedResultCookie($base, $filter, $limit, $offset, $cookie) { if(!empty($cookie)) { - $cachekey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' .intval($limit) . '-' . intval($offset); - $this->cookies[$cachekey] = $cookie; + $cacheKey = 'lc' . crc32($base) . '-' . crc32($filter) . '-' .intval($limit) . '-' . intval($offset); + $this->cookies[$cacheKey] = $cookie; } } /** - * @brief check wether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search. + * @brief Check whether the most recent paged search was successful. It flushed the state var. Use it always after a possible paged search. * @return boolean|null true on success, null or false otherwise */ public function getPagedSearchResultState() { @@ -1263,15 +1290,14 @@ class Access extends LDAPUtility { return $result; } - /** - * @brief prepares a paged search, if possible - * @param $filter the LDAP filter for the search - * @param $bases an array containing the LDAP subtree(s) that shall be searched - * @param $attr optional, when a certain attribute shall be filtered outside - * @param $limit - * @param $offset - * + * @brief Prepares a paged search, if possible + * @param string $filter the LDAP filter for the search + * @param array $bases an array containing the LDAP subtree(s) that shall be searched + * @param array $attr optional, when a certain attribute shall be filtered outside + * @param int $limit + * @param int $offset + * @return bool|true */ private function initPagedSearch($filter, $bases, $attr, $limit, $offset) { $pagedSearchOK = false; @@ -1287,8 +1313,9 @@ class Access extends LDAPUtility { $cookie = $this->getPagedResultCookie($base, $filter, $limit, $offset); if(empty($cookie) && ($offset > 0)) { // no cookie known, although the offset is not 0. Maybe cache run out. We need - // to start all over *sigh* (btw, Dear Reader, did you need LDAP paged + // to start all over *sigh* (btw, Dear Reader, did you know LDAP paged // searching was designed by MSFT?) + // Lukas: No, but thanks to reading that source I finally know! $reOffset = ($offset - $limit) < 0 ? 0 : $offset - $limit; //a bit recursive, $offset of 0 is the exit \OCP\Util::writeLog('user_ldap', 'Looking for cookie L/O '.$limit.'/'.$reOffset, \OCP\Util::INFO); diff --git a/apps/user_ldap/lib/backendutility.php b/apps/user_ldap/lib/backendutility.php index 815757a1a11..8ad26246c6b 100644 --- a/apps/user_ldap/lib/backendutility.php +++ b/apps/user_ldap/lib/backendutility.php @@ -30,7 +30,7 @@ abstract class BackendUtility { /** * @brief constructor, make sure the subclasses call this one! - * @param $access an instance of Access for LDAP interaction + * @param Access $access an instance of Access for LDAP interaction */ public function __construct(Access $access) { $this->access = $access; diff --git a/apps/user_ldap/lib/configuration.php b/apps/user_ldap/lib/configuration.php index c9ed1e648a2..a9d65963ad5 100644 --- a/apps/user_ldap/lib/configuration.php +++ b/apps/user_ldap/lib/configuration.php @@ -81,25 +81,37 @@ class Configuration { ); /** - * @param string $configPrefix + * @param $configPrefix + * @param bool $autoRead */ - public function __construct($configPrefix, $autoread = true) { + public function __construct($configPrefix, $autoRead = true) { $this->configPrefix = $configPrefix; - if($autoread) { + if($autoRead) { $this->readConfiguration(); } } + /** + * @param $name + * @return mixed|void + */ public function __get($name) { if(isset($this->config[$name])) { return $this->config[$name]; } } + /** + * @param $name + * @param $value + */ public function __set($name, $value) { $this->setConfiguration(array($name => $value)); } + /** + * @return array + */ public function getConfiguration() { return $this->config; } @@ -110,7 +122,7 @@ class Configuration { * must call saveConfiguration afterwards. * @param $config array that holds the config parameters in an associated * array - * @param &$applied optional; array where the set fields will be given to + * @param array &$applied optional; array where the set fields will be given to * @return false|null */ public function setConfiguration($config, &$applied = null) { @@ -119,11 +131,11 @@ class Configuration { } $cta = $this->getConfigTranslationArray(); - foreach($config as $inputkey => $val) { - if(strpos($inputkey, '_') !== false && array_key_exists($inputkey, $cta)) { - $key = $cta[$inputkey]; - } elseif(array_key_exists($inputkey, $this->config)) { - $key = $inputkey; + foreach($config as $inputKey => $val) { + if(strpos($inputKey, '_') !== false && array_key_exists($inputKey, $cta)) { + $key = $cta[$inputKey]; + } elseif(array_key_exists($inputKey, $this->config)) { + $key = $inputKey; } else { continue; } @@ -150,7 +162,7 @@ class Configuration { } $this->$setMethod($key, $val); if(is_array($applied)) { - $applied[] = $inputkey; + $applied[] = $inputKey; } } @@ -164,7 +176,7 @@ class Configuration { //some are determined continue; } - $dbkey = $cta[$key]; + $dbKey = $cta[$key]; switch($key) { case 'ldapBase': case 'ldapBaseUsers': @@ -180,7 +192,7 @@ class Configuration { break; case 'ldapIgnoreNamingRules': $readMethod = 'getSystemValue'; - $dbkey = $key; + $dbKey = $key; break; case 'ldapAgentPassword': $readMethod = 'getPwd'; @@ -193,7 +205,7 @@ class Configuration { $readMethod = 'getValue'; break; } - $this->config[$key] = $this->$readMethod($dbkey); + $this->config[$key] = $this->$readMethod($dbKey); } $this->configRead = true; } @@ -237,8 +249,12 @@ class Configuration { } } - protected function getMultiLine($varname) { - $value = $this->getValue($varname); + /** + * @param $varName + * @return array|string + */ + protected function getMultiLine($varName) { + $value = $this->getValue($varName); if(empty($value)) { $value = ''; } else { @@ -248,7 +264,11 @@ class Configuration { return $value; } - protected function setMultiLine($varname, $value) { + /** + * @param $varName + * @param $value + */ + protected function setMultiLine($varName, $value) { if(empty($value)) { $value = ''; } else if (!is_array($value)) { @@ -258,44 +278,69 @@ class Configuration { } } - $this->setValue($varname, $value); + $this->setValue($varName, $value); } - protected function getPwd($varname) { - return base64_decode($this->getValue($varname)); + /** + * @param $varName + * @return string + */ + protected function getPwd($varName) { + return base64_decode($this->getValue($varName)); } - protected function getLcValue($varname) { - return mb_strtolower($this->getValue($varname), 'UTF-8'); + /** + * @param $varName + * @return string + */ + protected function getLcValue($varName) { + return mb_strtolower($this->getValue($varName), 'UTF-8'); } - protected function getSystemValue($varname) { + /** + * @param $varName + * @return string + */ + protected function getSystemValue($varName) { //FIXME: if another system value is added, softcode the default value - return \OCP\Config::getSystemValue($varname, false); + return \OCP\Config::getSystemValue($varName, false); } - protected function getValue($varname) { + /** + * @param $varName + * @return string + */ + protected function getValue($varName) { static $defaults; if(is_null($defaults)) { $defaults = $this->getDefaults(); } return \OCP\Config::getAppValue('user_ldap', - $this->configPrefix.$varname, - $defaults[$varname]); + $this->configPrefix.$varName, + $defaults[$varName]); } - protected function setValue($varname, $value) { - $this->config[$varname] = $value; + /** + * @param $varName + * @param $value + */ + protected function setValue($varName, $value) { + $this->config[$varName] = $value; } - protected function saveValue($varname, $value) { + /** + * @param $varName + * @param $value + * @return bool + */ + protected function saveValue($varName, $value) { return \OCP\Config::setAppValue('user_ldap', - $this->configPrefix.$varname, + $this->configPrefix.$varName, $value); } /** - * @returns an associative array with the default values. Keys are correspond + * @return array an associative array with the default values. Keys are correspond * to config-value entries in the database table */ public function getDefaults() { @@ -350,7 +395,7 @@ class Configuration { } /** - * @return returns an array that maps internal variable names to database fields + * @return array that maps internal variable names to database fields */ public function getConfigTranslationArray() { //TODO: merge them into one representation diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php index 173c4ebcc23..bdcbeccf99d 100644 --- a/apps/user_ldap/lib/connection.php +++ b/apps/user_ldap/lib/connection.php @@ -43,8 +43,9 @@ class Connection extends LDAPUtility { /** * @brief Constructor - * @param $configPrefix a string with the prefix for the configkey column (appconfig table) - * @param $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections + * @param ILDAPWrapper $ldap + * @param string $configPrefix a string with the prefix for the configkey column (appconfig table) + * @param string $configID a string with the value for the appid column (appconfig table) or null for on-the-fly connections */ public function __construct(ILDAPWrapper $ldap, $configPrefix = '', $configID = 'user_ldap') { parent::__construct($ldap); @@ -82,6 +83,10 @@ class Connection extends LDAPUtility { !is_null($this->configID)); } + /** + * @param $name + * @return bool|mixed|void + */ public function __get($name) { if(!$this->configured) { $this->readConfiguration(); @@ -94,6 +99,10 @@ class Connection extends LDAPUtility { return $this->configuration->$name; } + /** + * @param $name + * @param $value + */ public function __set($name, $value) { $this->doNotValidate = false; $before = $this->configuration->$name; @@ -109,9 +118,7 @@ class Connection extends LDAPUtility { /** * @brief initializes the LDAP backend - * @param $force read the config settings no matter what - * - * initializes the LDAP backend + * @param bool $force read the config settings no matter what */ public function init($force = false) { $this->readConfiguration($force); @@ -119,7 +126,7 @@ class Connection extends LDAPUtility { } /** - * Returns the LDAP handler + * @brief Returns the LDAP handler */ public function getConnectionResource() { if(!$this->ldapConnectionRes) { @@ -135,7 +142,8 @@ class Connection extends LDAPUtility { } /** - * @param string|null $key + * @param $key + * @return string */ private function getCacheKey($key) { $prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-'; @@ -146,7 +154,8 @@ class Connection extends LDAPUtility { } /** - * @param string $key + * @param $key + * @return mixed|null */ public function getFromCache($key) { if(!$this->configured) { @@ -165,7 +174,8 @@ class Connection extends LDAPUtility { } /** - * @param string $key + * @param $key + * @return bool */ public function isCached($key) { if(!$this->configured) { @@ -179,7 +189,8 @@ class Connection extends LDAPUtility { } /** - * @param string $key + * @param $key + * @param $value */ public function writeToCache($key, $value) { if(!$this->configured) { @@ -200,7 +211,7 @@ class Connection extends LDAPUtility { /** * @brief Caches the general LDAP configuration. - * @param $force optional. true, if the re-read should be forced. defaults + * @param bool $force optional. true, if the re-read should be forced. defaults * to false. * @return null */ @@ -214,7 +225,7 @@ class Connection extends LDAPUtility { /** * @brief set LDAP configuration with values delivered by an array, not read from configuration * @param $config array that holds the config parameters in an associated array - * @param &$setParameters optional; array where the set fields will be given to + * @param array &$setParameters optional; array where the set fields will be given to * @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters */ public function setConfiguration($config, &$setParameters = null) { @@ -326,9 +337,9 @@ class Connection extends LDAPUtility { } //make sure empty search attributes are saved as simple, empty array - $sakeys = array('ldapAttributesForUserSearch', + $saKeys = array('ldapAttributesForUserSearch', 'ldapAttributesForGroupSearch'); - foreach($sakeys as $key) { + foreach($saKeys as $key) { $val = $this->configuration->$key; if(is_array($val) && count($val) === 1 && empty($val[0])) { $this->configuration->$key = array(); @@ -345,6 +356,9 @@ class Connection extends LDAPUtility { } } + /** + * @return bool + */ private function doCriticalValidation() { $configurationOK = true; $errorStr = 'Configuration Error (prefix '. @@ -435,8 +449,8 @@ class Connection extends LDAPUtility { // necessary, but advisable. If left empty, give an info message $this->doSoftValidation(); - //second step: critical checks. If left empty or filled wrong, set as - //unconfigured and give a warning. + //second step: critical checks. If left empty or filled wrong, mark as + //not configured and give a warning. return $this->doCriticalValidation(); } @@ -508,12 +522,17 @@ class Connection extends LDAPUtility { } } + /** + * @param $host + * @param $port + * @return false|void + */ private function doConnect($host, $port) { if(empty($host)) { return false; } if(strpos($host, '://') !== false) { - //ldap_connect ignores port paramater when URLs are passed + //ldap_connect ignores port parameter when URLs are passed $host .= ':' . $port; } $this->ldapConnectionRes = $this->ldap->connect($host, $port); diff --git a/apps/user_ldap/lib/helper.php b/apps/user_ldap/lib/helper.php index b5955cb2abb..5641db48a32 100644 --- a/apps/user_ldap/lib/helper.php +++ b/apps/user_ldap/lib/helper.php @@ -27,7 +27,7 @@ class Helper { /** * @brief returns prefixes for each saved LDAP/AD server configuration. - * @param bool optional, whether only active configuration shall be + * @param bool $activeConfigurations optional, whether only active configuration shall be * retrieved, defaults to false * @return array with a list of the available prefixes * @@ -80,7 +80,7 @@ class Helper { /** * * @brief determines the host for every configured connection - * @return an array with configprefix as keys + * @return array an array with configprefix as keys * */ static public function getServerConfigurationHosts() { @@ -107,7 +107,7 @@ class Helper { /** * @brief deletes a given saved LDAP/AD server configuration. - * @param string the configuration prefix of the config to delete + * @param string $prefix the configuration prefix of the config to delete * @return bool true on success, false otherwise */ static public function deleteServerConfiguration($prefix) { @@ -148,7 +148,7 @@ class Helper { * Truncate's the given mapping table * * @param string $mapping either 'user' or 'group' - * @return boolean true on success, false otherwise + * @return bool true on success, false otherwise */ static public function clearMapping($mapping) { if($mapping === 'user') { @@ -177,8 +177,8 @@ class Helper { /** * @brief extractsthe domain from a given URL - * @param $url the URL - * @return mixed, domain as string on success, false otherwise + * @param string $url the URL + * @return string|false domain as string on success, false otherwise */ static public function getDomainFromURL($url) { $uinfo = parse_url($url); diff --git a/apps/user_ldap/lib/ildapwrapper.php b/apps/user_ldap/lib/ildapwrapper.php index 017d5549690..146ada125bb 100644 --- a/apps/user_ldap/lib/ildapwrapper.php +++ b/apps/user_ldap/lib/ildapwrapper.php @@ -30,9 +30,9 @@ interface ILDAPWrapper { /** * @brief Bind to LDAP directory * @param resource $link LDAP link resource - * @param $dn an RDN to log in with - * @param $password the password - * @return true on success, false otherwise + * @param string $dn an RDN to log in with + * @param string $password the password + * @return bool true on success, false otherwise * * with $dn and $password as null a anonymous bind is attempted. */ @@ -40,28 +40,28 @@ interface ILDAPWrapper { /** * @brief connect to an LDAP server - * @param $host The host to connect to - * @param $port The port to connect to - * @return a link resource on success, otherwise false + * @param string $host The host to connect to + * @param string $port The port to connect to + * @return mixed a link resource on success, otherwise false */ public function connect($host, $port); /** * @brief Send LDAP pagination control - * @param $link LDAP link resource - * @param $pagesize number of results per page - * @param boolean $isCritical Indicates whether the pagination is critical of not. - * @param $cookie structure sent by LDAP server + * @param resource $link LDAP link resource + * @param int $pageSize number of results per page + * @param bool $isCritical Indicates whether the pagination is critical of not. + * @param array $cookie structure sent by LDAP server * @return true on success, false otherwise */ - public function controlPagedResult($link, $pagesize, $isCritical, $cookie); + public function controlPagedResult($link, $pageSize, $isCritical, $cookie); /** * @brief Retrieve the LDAP pagination cookie * @param $link LDAP link resource * @param $result LDAP result resource - * @param $cookie structure sent by LDAP server - * @return boolean on success, false otherwise + * @param array $cookie structure sent by LDAP server + * @return bool true on success, false otherwise * * Corresponds to ldap_control_paged_result_response */ @@ -69,101 +69,101 @@ interface ILDAPWrapper { /** * @brief Count the number of entries in a search - * @param $link LDAP link resource - * @param $result LDAP result resource - * @return mixed, number of results on success, false otherwise + * @param resource $link LDAP link resource + * @param resource $result LDAP result resource + * @return int|false number of results on success, false otherwise */ public function countEntries($link, $result); /** * @brief Return the LDAP error number of the last LDAP command - * @param $link LDAP link resource - * @return error message as string + * @param resource $link LDAP link resource + * @return string error message as string */ public function errno($link); /** * @brief Return the LDAP error message of the last LDAP command - * @param $link LDAP link resource - * @return error code as integer + * @param resource $link LDAP link resource + * @return int error code as integer */ public function error($link); /** * @brief Return first result id - * @param $link LDAP link resource - * @param $result LDAP result resource - * @return an LDAP search result resource + * @param resource $link LDAP link resource + * @param resource $result LDAP result resource + * @return Resource an LDAP search result resource * */ public function firstEntry($link, $result); /** * @brief Get attributes from a search result entry - * @param $link LDAP link resource - * @param $result LDAP result resource + * @param resource $link LDAP link resource + * @param resource $result LDAP result resource * @return array containing the results, false on error * */ public function getAttributes($link, $result); /** * @brief Get the DN of a result entry - * @param $link LDAP link resource - * @param $result LDAP result resource + * @param resource $link LDAP link resource + * @param resource $result LDAP result resource * @return string containing the DN, false on error */ public function getDN($link, $result); /** * @brief Get all result entries - * @param $link LDAP link resource - * @param $result LDAP result resource + * @param resource $link LDAP link resource + * @param resource $result LDAP result resource * @return array containing the results, false on error */ public function getEntries($link, $result); /** * @brief Return next result id - * @param $link LDAP link resource + * @param resource $link LDAP link resource * @param resource $result LDAP entry result resource - * @return an LDAP search result resource + * @return resource an LDAP search result resource * */ public function nextEntry($link, $result); /** * @brief Read an entry - * @param $link LDAP link resource - * @param $baseDN The DN of the entry to read from - * @param $filter An LDAP filter - * @param $attr array of the attributes to read - * @return an LDAP search result resource + * @param resource $link LDAP link resource + * @param array $baseDN The DN of the entry to read from + * @param string $filter An LDAP filter + * @param array $attr array of the attributes to read + * @return resource an LDAP search result resource */ public function read($link, $baseDN, $filter, $attr); /** * @brief Search LDAP tree - * @param $link LDAP link resource - * @param $baseDN The DN of the entry to read from - * @param $filter An LDAP filter - * @param $attr array of the attributes to read - * @param $attrsonly optional, 1 if only attribute types shall be returned - * @param $limit optional, limits the result entries - * @return an LDAP search result resource, false on error + * @param resource $link LDAP link resource + * @param string $baseDN The DN of the entry to read from + * @param string $filter An LDAP filter + * @param array $attr array of the attributes to read + * @param int $attrsOnly optional, 1 if only attribute types shall be returned + * @param int $limit optional, limits the result entries + * @return resource|false an LDAP search result resource, false on error */ - public function search($link, $baseDN, $filter, $attr, $attrsonly = 0, $limit = 0); + public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0); /** * @brief Sets the value of the specified option to be $value - * @param $link LDAP link resource - * @param $option a defined LDAP Server option - * @param integer $value the new value for the option - * @return true on success, false otherwise + * @param resource $link LDAP link resource + * @param string $option a defined LDAP Server option + * @param int $value the new value for the option + * @return bool true on success, false otherwise */ public function setOption($link, $option, $value); /** * @brief establish Start TLS - * @param $link LDAP link resource - * @return true on success, false otherwise + * @param resource|$link LDAP link resource + * @return bool true on success, false otherwise */ public function startTls($link); @@ -171,35 +171,35 @@ interface ILDAPWrapper { * @brief Sort the result of a LDAP search * @param $link LDAP link resource * @param $result LDAP result resource - * @param $sortfilter attribute to use a key in sort + * @param string $sortFilter attribute to use a key in sort */ - public function sort($link, $result, $sortfilter); + public function sort($link, $result, $sortFilter); /** * @brief Unbind from LDAP directory * @param resource $link LDAP link resource - * @return true on success, false otherwise + * @return bool true on success, false otherwise */ public function unbind($link); - //additional required methods in owncloud + //additional required methods in ownCloud /** * @brief Checks whether the server supports LDAP - * @return boolean if it the case, false otherwise + * @return bool true if it the case, false otherwise * */ public function areLDAPFunctionsAvailable(); /** * @brief Checks whether PHP supports LDAP Paged Results - * @return boolean if it the case, false otherwise + * @return bool true if it the case, false otherwise * */ public function hasPagedResultSupport(); /** * @brief Checks whether the submitted parameter is a resource - * @param $resource the resource variable to check - * @return boolean if it is a resource, false otherwise + * @param resource $resource the resource variable to check + * @return bool true if it is a resource, false otherwise */ public function isResource($resource); diff --git a/apps/user_ldap/lib/jobs.php b/apps/user_ldap/lib/jobs.php index 9b108da6331..49c77719721 100644 --- a/apps/user_ldap/lib/jobs.php +++ b/apps/user_ldap/lib/jobs.php @@ -33,6 +33,9 @@ class Jobs extends \OC\BackgroundJob\TimedJob { $this->interval = self::getRefreshInterval(); } + /** + * @param $argument + */ public function run($argument){ Jobs::updateGroups(); } @@ -57,11 +60,17 @@ class Jobs extends \OC\BackgroundJob\TimedJob { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Finished.', \OCP\Util::DEBUG); } + /** + * @return int + */ static private function getRefreshInterval() { //defaults to every hour return \OCP\Config::getAppValue('user_ldap', 'bgjRefreshInterval', 3600); } + /** + * @param $groups + */ static private function handleKnownGroups($groups) { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – Dealing with known Groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' @@ -97,6 +106,9 @@ class Jobs extends \OC\BackgroundJob\TimedJob { \OCP\Util::DEBUG); } + /** + * @param $createdGroups + */ static private function handleCreatedGroups($createdGroups) { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with created Groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' @@ -116,6 +128,9 @@ class Jobs extends \OC\BackgroundJob\TimedJob { \OCP\Util::DEBUG); } + /** + * @param $removedGroups + */ static private function handleRemovedGroups($removedGroups) { \OCP\Util::writeLog('user_ldap', 'bgJ "updateGroups" – dealing with removed groups.', \OCP\Util::DEBUG); $query = \OCP\DB::prepare(' @@ -134,6 +149,9 @@ class Jobs extends \OC\BackgroundJob\TimedJob { \OCP\Util::DEBUG); } + /** + * @return \OCA\user_ldap\GROUP_LDAP|\OCA\user_ldap\Group_Proxy + */ static private function getGroupBE() { if(!is_null(self::$groupBE)) { return self::$groupBE; @@ -152,6 +170,9 @@ class Jobs extends \OC\BackgroundJob\TimedJob { return self::$groupBE; } + /** + * @return array + */ static private function getKnownGroups() { if(is_array(self::$groupsFromDB)) { return self::$groupsFromDB; diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php index d1ca91045b2..9962d1267b8 100644 --- a/apps/user_ldap/lib/ldap.php +++ b/apps/user_ldap/lib/ldap.php @@ -27,14 +27,31 @@ class LDAP implements ILDAPWrapper { protected $curFunc = ''; protected $curArgs = array(); + /** + * @param resource $link + * @param string $dn + * @param string $password + * @return bool|mixed + */ public function bind($link, $dn, $password) { return $this->invokeLDAPMethod('bind', $link, $dn, $password); } + /** + * @param string $host + * @param string $port + * @return mixed + */ public function connect($host, $port) { return $this->invokeLDAPMethod('connect', $host, $port); } + /** + * @param LDAP $link + * @param LDAP $result + * @param $cookie + * @return bool|LDAP + */ public function controlPagedResultResponse($link, $result, &$cookie) { $this->preFunctionCall('ldap_control_paged_result_response', array($link, $result, $cookie)); @@ -44,64 +61,144 @@ class LDAP implements ILDAPWrapper { return $result; } - public function controlPagedResult($link, $pagesize, $isCritical, $cookie) { - return $this->invokeLDAPMethod('control_paged_result', $link, $pagesize, + /** + * @param LDAP $link + * @param int $pageSize + * @param bool $isCritical + * @param array $cookie + * @return mixed|true + */ + public function controlPagedResult($link, $pageSize, $isCritical, $cookie) { + return $this->invokeLDAPMethod('control_paged_result', $link, $pageSize, $isCritical, $cookie); } + /** + * @param LDAP $link + * @param LDAP $result + * @return mixed + */ public function countEntries($link, $result) { return $this->invokeLDAPMethod('count_entries', $link, $result); } + /** + * @param LDAP $link + * @return mixed|string + */ public function errno($link) { return $this->invokeLDAPMethod('errno', $link); } + /** + * @param LDAP $link + * @return int|mixed + */ public function error($link) { return $this->invokeLDAPMethod('error', $link); } + /** + * @param LDAP $link + * @param LDAP $result + * @return mixed + */ public function firstEntry($link, $result) { return $this->invokeLDAPMethod('first_entry', $link, $result); } + /** + * @param LDAP $link + * @param LDAP $result + * @return array|mixed + */ public function getAttributes($link, $result) { return $this->invokeLDAPMethod('get_attributes', $link, $result); } + /** + * @param LDAP $link + * @param LDAP $result + * @return mixed|string + */ public function getDN($link, $result) { return $this->invokeLDAPMethod('get_dn', $link, $result); } + /** + * @param LDAP $link + * @param LDAP $result + * @return array|mixed + */ public function getEntries($link, $result) { return $this->invokeLDAPMethod('get_entries', $link, $result); } + /** + * @param LDAP $link + * @param resource $result + * @return mixed|an + */ public function nextEntry($link, $result) { return $this->invokeLDAPMethod('next_entry', $link, $result); } + /** + * @param LDAP $link + * @param string $baseDN + * @param string $filter + * @param array $attr + * @return mixed + */ public function read($link, $baseDN, $filter, $attr) { return $this->invokeLDAPMethod('read', $link, $baseDN, $filter, $attr); } - public function search($link, $baseDN, $filter, $attr, $attrsonly = 0, $limit = 0) { - return $this->invokeLDAPMethod('search', $link, $baseDN, $filter, - $attr, $attrsonly, $limit); + /** + * @param LDAP $link + * @param string $baseDN + * @param string $filter + * @param array $attr + * @param int $attrsOnly + * @param int $limit + * @return mixed + */ + public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0) { + return $this->invokeLDAPMethod('search', $link, $baseDN, $filter, $attr, $attrsOnly, $limit); } + /** + * @param LDAP $link + * @param string $option + * @param int $value + * @return bool|mixed + */ public function setOption($link, $option, $value) { return $this->invokeLDAPMethod('set_option', $link, $option, $value); } - public function sort($link, $result, $sortfilter) { - return $this->invokeLDAPMethod('sort', $link, $result, $sortfilter); + /** + * @param LDAP $link + * @param LDAP $result + * @param string $sortFilter + * @return mixed + */ + public function sort($link, $result, $sortFilter) { + return $this->invokeLDAPMethod('sort', $link, $result, $sortFilter); } + /** + * @param LDAP $link + * @return mixed|true + */ public function startTls($link) { return $this->invokeLDAPMethod('start_tls', $link); } + /** + * @param resource $link + * @return bool|mixed + */ public function unbind($link) { return $this->invokeLDAPMethod('unbind', $link); } @@ -126,13 +223,16 @@ class LDAP implements ILDAPWrapper { /** * @brief Checks whether the submitted parameter is a resource - * @param $resource the resource variable to check - * @return boolean if it is a resource, false otherwise + * @param Resource $resource the resource variable to check + * @return bool true if it is a resource, false otherwise */ public function isResource($resource) { return is_resource($resource); } + /** + * @return mixed + */ private function invokeLDAPMethod() { $arguments = func_get_args(); $func = 'ldap_' . array_shift($arguments); @@ -148,6 +248,7 @@ class LDAP implements ILDAPWrapper { /** * @param string $functionName + * @param $args */ private function preFunctionCall($functionName, $args) { $this->curFunc = $functionName; @@ -181,4 +282,4 @@ class LDAP implements ILDAPWrapper { $this->curFunc = ''; $this->curArgs = array(); } -}
\ No newline at end of file +} diff --git a/apps/user_ldap/lib/ldaputility.php b/apps/user_ldap/lib/ldaputility.php index 7fffd9c88d1..0d942f3b6ae 100644 --- a/apps/user_ldap/lib/ldaputility.php +++ b/apps/user_ldap/lib/ldaputility.php @@ -28,7 +28,7 @@ abstract class LDAPUtility { /** * @brief constructor, make sure the subclasses call this one! - * @param $ldapWrapper an instance of an ILDAPWrapper + * @param ILDAPWrapper $ldapWrapper an instance of an ILDAPWrapper */ public function __construct(ILDAPWrapper $ldapWrapper) { $this->ldap = $ldapWrapper; diff --git a/apps/user_ldap/lib/proxy.php b/apps/user_ldap/lib/proxy.php index 0eb294eb7a0..2d5210791c5 100644 --- a/apps/user_ldap/lib/proxy.php +++ b/apps/user_ldap/lib/proxy.php @@ -29,16 +29,26 @@ abstract class Proxy { static private $accesses = array(); private $ldap = null; + /** + * @param ILDAPWrapper $ldap + */ public function __construct(ILDAPWrapper $ldap) { $this->ldap = $ldap; $this->cache = \OC_Cache::getGlobalCache(); } + /** + * @param $configPrefix + */ private function addAccess($configPrefix) { $connector = new Connection($this->ldap, $configPrefix); self::$accesses[$configPrefix] = new Access($connector, $this->ldap); } + /** + * @param $configPrefix + * @return mixed + */ protected function getAccess($configPrefix) { if(!isset(self::$accesses[$configPrefix])) { $this->addAccess($configPrefix); @@ -46,30 +56,45 @@ abstract class Proxy { return self::$accesses[$configPrefix]; } + /** + * @param $uid + * @return string + */ protected function getUserCacheKey($uid) { return 'user-'.$uid.'-lastSeenOn'; } + /** + * @param $gid + * @return string + */ protected function getGroupCacheKey($gid) { return 'group-'.$gid.'-lastSeenOn'; } /** - * @param boolean $passOnWhen - * @param string $method + * @param $id + * @param $method + * @param $parameters + * @param bool $passOnWhen + * @return mixed */ abstract protected function callOnLastSeenOn($id, $method, $parameters, $passOnWhen); /** - * @param string $method + * @param $id + * @param $method + * @param $parameters + * @return mixed */ abstract protected function walkBackends($id, $method, $parameters); /** * @brief Takes care of the request to the User backend - * @param $uid string, the uid connected to the request + * @param $id * @param string $method string, the method of the user backend that shall be called - * @param $parameters an array of parameters to be passed + * @param array $parameters an array of parameters to be passed + * @param bool $passOnWhen * @return mixed, the result of the specified method */ protected function handleRequest($id, $method, $parameters, $passOnWhen = false) { @@ -81,7 +106,8 @@ abstract class Proxy { } /** - * @param string|null $key + * @param $key + * @return string */ private function getCacheKey($key) { $prefix = 'LDAP-Proxy-'; @@ -92,7 +118,8 @@ abstract class Proxy { } /** - * @param string $key + * @param $key + * @return mixed|null */ public function getFromCache($key) { if(!$this->isCached($key)) { @@ -104,7 +131,8 @@ abstract class Proxy { } /** - * @param string $key + * @param $key + * @return bool */ public function isCached($key) { $key = $this->getCacheKey($key); @@ -112,7 +140,8 @@ abstract class Proxy { } /** - * @param string $key + * @param $key + * @param $value */ public function writeToCache($key, $value) { $key = $this->getCacheKey($key); diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php index 8406b2d42a5..ca32f10ff2d 100644 --- a/apps/user_ldap/lib/wizard.php +++ b/apps/user_ldap/lib/wizard.php @@ -45,8 +45,8 @@ class Wizard extends LDAPUtility { /** * @brief Constructor - * @param $configuration an instance of Configuration - * @param $ldap an instance of ILDAPWrapper + * @param Configuration $configuration an instance of Configuration + * @param ILDAPWrapper $ldap an instance of ILDAPWrapper */ public function __construct(Configuration $configuration, ILDAPWrapper $ldap) { parent::__construct($ldap); @@ -63,6 +63,10 @@ class Wizard extends LDAPUtility { } } + /** + * @return WizardResult + * @throws \Exception + */ public function countGroups() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -96,6 +100,10 @@ class Wizard extends LDAPUtility { return $this->result; } + /** + * @return WizardResult + * @throws \Exception + */ public function countUsers() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -125,7 +133,10 @@ class Wizard extends LDAPUtility { return $this->result; } - + /** + * @return WizardResult + * @throws \Exception + */ public function determineAttributes() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -152,6 +163,7 @@ class Wizard extends LDAPUtility { /** * @brief return the state of the Group Filter Mode + * @return WizardResult */ public function getGroupFilterMode() { $this->getFilterMode('ldapGroupFilterMode'); @@ -160,6 +172,7 @@ class Wizard extends LDAPUtility { /** * @brief return the state of the Login Filter Mode + * @return WizardResult */ public function getLoginFilterMode() { $this->getFilterMode('ldapLoginFilterMode'); @@ -168,6 +181,7 @@ class Wizard extends LDAPUtility { /** * @brief return the state of the User Filter Mode + * @return WizardResult */ public function getUserFilterMode() { $this->getFilterMode('ldapUserFilterMode'); @@ -176,19 +190,20 @@ class Wizard extends LDAPUtility { /** * @brief return the state of the mode of the specified filter - * @param string $confkey string, contains the access key of the Configuration + * @param string $confKey contains the access key of the Configuration */ - private function getFilterMode($confkey) { - $mode = $this->configuration->$confkey; + private function getFilterMode($confKey) { + $mode = $this->configuration->$confKey; if(is_null($mode)) { $mode = $this->LFILTER_MODE_ASSISTED; } - $this->result->addChange($confkey, $mode); + $this->result->addChange($confKey, $mode); } /** * @brief detects the available LDAP attributes - * @returns the instance's WizardResult instance + * @return array The instance's WizardResult instance + * @throws \Exception */ private function getUserAttributes() { if(!$this->checkRequirements(array('ldapHost', @@ -221,7 +236,7 @@ class Wizard extends LDAPUtility { /** * @brief detects the available LDAP groups - * @returns the instance's WizardResult instance + * @returns WizardResult the instance's WizardResult instance */ public function determineGroupsForGroups() { return $this->determineGroups('ldap_groupfilter_groups', @@ -231,7 +246,7 @@ class Wizard extends LDAPUtility { /** * @brief detects the available LDAP groups - * @returns the instance's WizardResult instance + * @returns WizardResult the instance's WizardResult instance */ public function determineGroupsForUsers() { return $this->determineGroups('ldap_userfilter_groups', @@ -240,11 +255,13 @@ class Wizard extends LDAPUtility { /** * @brief detects the available LDAP groups - * @param string $dbkey - * @param string $confkey - * @returns the instance's WizardResult instance + * @param string $dbKey + * @param string $confKey + * @param bool $testMemberOf + * @return WizardResult the instance's WizardResult instance + * @throws \Exception */ - private function determineGroups($dbkey, $confkey, $testMemberOf = true) { + private function determineGroups($dbKey, $confKey, $testMemberOf = true) { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', 'ldapBase', @@ -256,8 +273,8 @@ class Wizard extends LDAPUtility { throw new \Exception('Could not connect to LDAP'); } - $obclasses = array('posixGroup', 'group', 'zimbraDistributionList', '*'); - $this->determineFeature($obclasses, 'cn', $dbkey, $confkey); + $obClasses = array('posixGroup', 'group', 'zimbraDistributionList', '*'); + $this->determineFeature($obClasses, 'cn', $dbKey, $confKey); if($testMemberOf) { $this->configuration->hasMemberOfFilterSupport = $this->testMemberOf(); @@ -270,6 +287,10 @@ class Wizard extends LDAPUtility { return $this->result; } + /** + * @return bool|WizardResult + * @throws \Exception + */ public function determineGroupMemberAssoc() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -289,8 +310,9 @@ class Wizard extends LDAPUtility { } /** - * @brief detects the available object classes - * @returns the instance's WizardResult instance + * @brief Detects the available object classes + * @return WizardResult the instance's WizardResult instance + * @throws \Exception */ public function determineGroupObjectClasses() { if(!$this->checkRequirements(array('ldapHost', @@ -316,7 +338,8 @@ class Wizard extends LDAPUtility { /** * @brief detects the available object classes - * @returns the instance's WizardResult instance + * @return WizardResult + * @throws \Exception */ public function determineUserObjectClasses() { if(!$this->checkRequirements(array('ldapHost', @@ -344,6 +367,10 @@ class Wizard extends LDAPUtility { return $this->result; } + /** + * @return WizardResult + * @throws \Exception + */ public function getGroupFilter() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -364,6 +391,10 @@ class Wizard extends LDAPUtility { return $this->result; } + /** + * @return WizardResult + * @throws \Exception + */ public function getUserListFilter() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -386,6 +417,10 @@ class Wizard extends LDAPUtility { return $this->result; } + /** + * @return bool|WizardResult + * @throws \Exception + */ public function getUserLoginFilter() { if(!$this->checkRequirements(array('ldapHost', 'ldapPort', @@ -406,7 +441,8 @@ class Wizard extends LDAPUtility { /** * Tries to determine the port, requires given Host, User DN and Password - * @returns mixed WizardResult on success, false otherwise + * @returns WizardResult|false WizardResult on success, false otherwise + * @throws \Exception */ public function guessPortAndTLS() { if(!$this->checkRequirements(array('ldapHost', @@ -486,8 +522,7 @@ class Wizard extends LDAPUtility { * @brief sets the found value for the configuration key in the WizardResult * as well as in the Configuration instance * @param string $key the configuration key - * @param $value the (detected) value - * @return null + * @param string $value the (detected) value * */ private function applyFind($key, $value) { @@ -516,7 +551,8 @@ class Wizard extends LDAPUtility { /** * @brief tries to detect the group member association attribute which is * one of 'uniqueMember', 'memberUid', 'member' - * @return mixed, string with the attribute name, false on error + * @return string|false, string with the attribute name, false on error + * @throws \Exception */ private function detectGroupMemberAssoc() { $possibleAttrs = array('uniqueMember', 'memberUid', 'member', 'unfugasdfasdfdfa'); @@ -535,7 +571,7 @@ class Wizard extends LDAPUtility { } $er = $this->ldap->firstEntry($cr, $rr); while(is_resource($er)) { - $dn = $this->ldap->getDN($cr, $er); + $this->ldap->getDN($cr, $er); $attrs = $this->ldap->getAttributes($cr, $er); $result = array(); for($i = 0; $i < count($possibleAttrs); $i++) { @@ -558,6 +594,7 @@ class Wizard extends LDAPUtility { * @brief Checks whether for a given BaseDN results will be returned * @param string $base the BaseDN to test * @return bool true on success, false otherwise + * @throws \Exception */ private function testBaseDN($base) { $cr = $this->getConnection(); @@ -583,7 +620,8 @@ class Wizard extends LDAPUtility { * @brief Checks whether the server supports memberOf in LDAP Filter. * Requires that groups are determined, thus internally called from within * determineGroups() - * @return bool, true if it does, false otherwise + * @return bool true if it does, false otherwise + * @throws \Exception */ private function testMemberOf() { $cr = $this->getConnection(); @@ -624,7 +662,8 @@ class Wizard extends LDAPUtility { * @param integer $filterType int, for which use case the filter shall be created * can be any of self::LFILTER_USER_LIST, self::LFILTER_LOGIN or * self::LFILTER_GROUP_LIST - * @return mixed, string with the filter on success, false otherwise + * @return string|false string with the filter on success, false otherwise + * @throws \Exception */ private function composeLdapFilter($filterType) { $filter = ''; @@ -765,9 +804,11 @@ class Wizard extends LDAPUtility { /** * Connects and Binds to an LDAP Server - * @param $port the port to connect with - * @param $tls whether startTLS is to be used - * @return + * @param int $port the port to connect with + * @param bool $tls whether startTLS is to be used + * @param bool $ncc + * @return bool + * @throws \Exception */ private function connectAndBind($port = 389, $tls = false, $ncc = false) { if($ncc) { @@ -819,17 +860,17 @@ class Wizard extends LDAPUtility { if($ncc) { throw new \Exception('Certificate cannot be validated.'); } - \OCP\Util::writeLog('user_ldap', 'Wiz: Bind successfull to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG); + \OCP\Util::writeLog('user_ldap', 'Wiz: Bind successful to Port '. $port . ' TLS ' . intval($tls), \OCP\Util::DEBUG); return true; } - $errno = $this->ldap->errno($cr); + $errNo = $this->ldap->errno($cr); $error = ldap_error($cr); $this->ldap->unbind($cr); - if($errno === -1 || ($errno === 2 && $ncc)) { + if($errNo === -1 || ($errNo === 2 && $ncc)) { //host, port or TLS wrong return false; - } else if ($errno === 2) { + } else if ($errNo === 2) { return $this->connectAndBind($port, $tls, true); } throw new \Exception($error); @@ -838,8 +879,7 @@ class Wizard extends LDAPUtility { /** * @brief checks whether a valid combination of agent and password has been * provided (either two values or nothing for anonymous connect) - * @return boolean, true if everything is fine, false otherwise - * + * @return bool, true if everything is fine, false otherwise */ private function checkAgentRequirements() { $agent = $this->configuration->ldapAgentName; @@ -850,7 +890,8 @@ class Wizard extends LDAPUtility { } /** - * @param string[] $reqs + * @param array $reqs + * @return bool */ private function checkRequirements($reqs) { $this->checkAgentRequirements(); @@ -874,8 +915,7 @@ class Wizard extends LDAPUtility { * The lower, the faster * @param string $maxF string. if not null, this variable will have the filter that * yields most result entries - * @return mixed, an array with the values on success, false otherwise - * + * @return array|false an array with the values on success, false otherwise */ public function cumulativeSearchOnAttribute($filters, $attr, $lfw = true, $dnReadLimit = 3, &$maxF = null) { $dnRead = array(); @@ -949,7 +989,8 @@ class Wizard extends LDAPUtility { * Configuration class * @param $po boolean, whether the objectClass with most result entries * shall be pre-selected via the result - * @returns array, list of found items. + * @return array, list of found items. + * @throws \Exception */ private function determineFeature($objectclasses, $attr, $dbkey, $confkey, $po = false) { $cr = $this->getConnection(); @@ -1013,7 +1054,7 @@ class Wizard extends LDAPUtility { return self::LRESULT_PROCESSED_INVALID; } - //strtolower on all keys for proper comparison + // strtolower on all keys for proper comparison $result = \OCP\Util::mb_array_change_key_case($result); $attribute = strtolower($attribute); if(isset($result[$attribute])) { @@ -1031,6 +1072,9 @@ class Wizard extends LDAPUtility { } } + /** + * @return bool|mixed + */ private function getConnection() { if(!is_null($this->cr)) { return $this->cr; @@ -1057,6 +1101,9 @@ class Wizard extends LDAPUtility { return false; } + /** + * @return array + */ private function getDefaultLdapPortSettings() { static $settings = array( array('port' => 7636, 'tls' => false), @@ -1069,6 +1116,9 @@ class Wizard extends LDAPUtility { return $settings; } + /** + * @return array + */ private function getPortSettingsToTry() { //389 ← LDAP / Unencrypted or StartTLS //636 ← LDAPS / SSL diff --git a/apps/user_ldap/lib/wizardresult.php b/apps/user_ldap/lib/wizardresult.php index 9e0936faa69..5ed16732ca0 100644 --- a/apps/user_ldap/lib/wizardresult.php +++ b/apps/user_ldap/lib/wizardresult.php @@ -28,10 +28,17 @@ class WizardResult { protected $options = array(); protected $markedChange = false; + /** + * @param $key + * @param $value + */ public function addChange($key, $value) { $this->changes[$key] = $value; } + /** + * + */ public function markChange() { $this->markedChange = true; } @@ -47,10 +54,16 @@ class WizardResult { $this->options[$key] = $values; } + /** + * @return bool + */ public function hasChanges() { return (count($this->changes) > 0 || $this->markedChange); } + /** + * @return array + */ public function getResultArray() { $result = array(); $result['changes'] = $this->changes; |