diff options
| -rw-r--r-- | apps/user_ldap/appinfo/routes.php | 1 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Controller/ConfigAPIController.php | 94 | ||||
| -rw-r--r-- | build/integration/features/bootstrap/LDAPContext.php | 19 | ||||
| -rw-r--r-- | build/integration/ldap_features/ldap-ocs.feature | 22 |
4 files changed, 136 insertions, 0 deletions
diff --git a/apps/user_ldap/appinfo/routes.php b/apps/user_ldap/appinfo/routes.php index f08ec195add..45b43c21409 100644 --- a/apps/user_ldap/appinfo/routes.php +++ b/apps/user_ldap/appinfo/routes.php @@ -41,6 +41,7 @@ $application = new \OCP\AppFramework\App('user_ldap'); $application->registerRoutes($this, [ 'ocs' => [ ['name' => 'ConfigAPI#create', 'url' => '/api/v1/config', 'verb' => 'POST'], + ['name' => 'ConfigAPI#show', 'url' => '/api/v1/config/{configID}', 'verb' => 'GET'], ['name' => 'ConfigAPI#modify', 'url' => '/api/v1/config/{configID}', 'verb' => 'PUT'], ['name' => 'ConfigAPI#delete', 'url' => '/api/v1/config/{configID}', 'verb' => 'DELETE'], ] diff --git a/apps/user_ldap/lib/Controller/ConfigAPIController.php b/apps/user_ldap/lib/Controller/ConfigAPIController.php index 371ca899c26..5256b0d8aad 100644 --- a/apps/user_ldap/lib/Controller/ConfigAPIController.php +++ b/apps/user_ldap/lib/Controller/ConfigAPIController.php @@ -214,6 +214,100 @@ class ConfigAPIController extends OCSController { } /** + * retrieves a configuration + * + * <?xml version="1.0"?> + * <ocs> + * <meta> + * <status>ok</status> + * <statuscode>200</statuscode> + * <message>OK</message> + * </meta> + * <data> + * <ldapHost>ldaps://my.ldap.server</ldapHost> + * <ldapPort>7770</ldapPort> + * <ldapBackupHost></ldapBackupHost> + * <ldapBackupPort></ldapBackupPort> + * <ldapBase>ou=small,dc=my,dc=ldap,dc=server</ldapBase> + * <ldapBaseUsers>ou=users,ou=small,dc=my,dc=ldap,dc=server</ldapBaseUsers> + * <ldapBaseGroups>ou=small,dc=my,dc=ldap,dc=server</ldapBaseGroups> + * <ldapAgentName>cn=root,dc=my,dc=ldap,dc=server</ldapAgentName> + * <ldapAgentPassword>clearTextWithShowPassword=1</ldapAgentPassword> + * <ldapTLS>1</ldapTLS> + * <turnOffCertCheck>0</turnOffCertCheck> + * <ldapIgnoreNamingRules/> + * <ldapUserDisplayName>displayname</ldapUserDisplayName> + * <ldapUserDisplayName2>uid</ldapUserDisplayName2> + * <ldapUserFilterObjectclass>inetOrgPerson</ldapUserFilterObjectclass> + * <ldapUserFilterGroups></ldapUserFilterGroups> + * <ldapUserFilter>(&(objectclass=nextcloudUser)(nextcloudEnabled=TRUE))</ldapUserFilter> + * <ldapUserFilterMode>1</ldapUserFilterMode> + * <ldapGroupFilter>(&(|(objectclass=nextcloudGroup)))</ldapGroupFilter> + * <ldapGroupFilterMode>0</ldapGroupFilterMode> + * <ldapGroupFilterObjectclass>nextcloudGroup</ldapGroupFilterObjectclass> + * <ldapGroupFilterGroups></ldapGroupFilterGroups> + * <ldapGroupDisplayName>cn</ldapGroupDisplayName> + * <ldapGroupMemberAssocAttr>memberUid</ldapGroupMemberAssocAttr> + * <ldapLoginFilter>(&(|(objectclass=inetOrgPerson))(uid=%uid))</ldapLoginFilter> + * <ldapLoginFilterMode>0</ldapLoginFilterMode> + * <ldapLoginFilterEmail>0</ldapLoginFilterEmail> + * <ldapLoginFilterUsername>1</ldapLoginFilterUsername> + * <ldapLoginFilterAttributes></ldapLoginFilterAttributes> + * <ldapQuotaAttribute></ldapQuotaAttribute> + * <ldapQuotaDefault></ldapQuotaDefault> + * <ldapEmailAttribute>mail</ldapEmailAttribute> + * <ldapCacheTTL>20</ldapCacheTTL> + * <ldapUuidUserAttribute>auto</ldapUuidUserAttribute> + * <ldapUuidGroupAttribute>auto</ldapUuidGroupAttribute> + * <ldapOverrideMainServer></ldapOverrideMainServer> + * <ldapConfigurationActive>1</ldapConfigurationActive> + * <ldapAttributesForUserSearch>uid;sn;givenname</ldapAttributesForUserSearch> + * <ldapAttributesForGroupSearch></ldapAttributesForGroupSearch> + * <ldapExperiencedAdmin>0</ldapExperiencedAdmin> + * <homeFolderNamingRule></homeFolderNamingRule> + * <hasPagedResultSupport></hasPagedResultSupport> + * <hasMemberOfFilterSupport></hasMemberOfFilterSupport> + * <useMemberOfToDetectMembership>1</useMemberOfToDetectMembership> + * <ldapExpertUsernameAttr>uid</ldapExpertUsernameAttr> + * <ldapExpertUUIDUserAttr>uid</ldapExpertUUIDUserAttr> + * <ldapExpertUUIDGroupAttr></ldapExpertUUIDGroupAttr> + * <lastJpegPhotoLookup>0</lastJpegPhotoLookup> + * <ldapNestedGroups>0</ldapNestedGroups> + * <ldapPagingSize>500</ldapPagingSize> + * <turnOnPasswordChange>1</turnOnPasswordChange> + * <ldapDynamicGroupMemberURL></ldapDynamicGroupMemberURL> + * </data> + * </ocs> + * + * @param string $configID + * @param bool|string $showPassword + * @return DataResponse + * @throws OCSException + */ + public function show($configID, $showPassword = false) { + $this->ensureConfigIDExists($configID); + + try { + $config = new Configuration($configID); + $data = $config->getConfiguration(); + if(!boolval(intval($showPassword))) { + $data['ldapAgentPassword'] = '***'; + } + foreach ($data as $key => $value) { + if(is_array($value)) { + $value = implode(';', $value); + $data[$key] = $value; + } + } + } catch (\Exception $e) { + $this->logger->logException($e); + throw new OCSException('An issue occurred when modifying the config.'); + } + + return new DataResponse($data); + } + + /** * if the given config ID is not available, an exception is thrown * * @param string $configID diff --git a/build/integration/features/bootstrap/LDAPContext.php b/build/integration/features/bootstrap/LDAPContext.php index 3a66641685a..5d1f75ceff4 100644 --- a/build/integration/features/bootstrap/LDAPContext.php +++ b/build/integration/features/bootstrap/LDAPContext.php @@ -66,4 +66,23 @@ class LDAPContext implements Context { new \Behat\Gherkin\Node\TableNode([['key', $key], ['value', $value]]) ); } + + /** + * @Given /^the response should contain a tag "([^"]*)" with value "([^"]*)"$/ + */ + public function theResponseShouldContainATagWithValue($tagName, $expectedValue) { + $data = $this->response->xml()->data[0]->$tagName; + PHPUnit_Framework_Assert::assertEquals($expectedValue, $data[0]); + } + + /** + * @When /^getting the LDAP configuration with showPassword "([^"]*)"$/ + */ + public function gettingTheLDAPConfigurationWithShowPassword($showPassword) { + $this->sendingToWith( + 'GET', + $this->apiUrl . '/' . $this->configID . '?showPassword=' . $showPassword, + null + ); + } } diff --git a/build/integration/ldap_features/ldap-ocs.feature b/build/integration/ldap_features/ldap-ocs.feature index d925df3256d..df643b8a01c 100644 --- a/build/integration/ldap_features/ldap-ocs.feature +++ b/build/integration/ldap_features/ldap-ocs.feature @@ -46,3 +46,25 @@ Feature: LDAP | value | ldaps://my.ldap.server | Then the OCS status code should be "404" And the HTTP status code should be "404" + + Scenario: create, modify and get a configuration + Given As an "admin" + And creating an LDAP configuration at "/apps/user_ldap/api/v1/config" + And setting "ldapHost" of the LDAP configuration to "ldaps://my.ldap.server" + And setting "ldapLoginFilter" of the LDAP configuration to "(&(|(objectclass=inetOrgPerson))(uid=%uid))" + And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret" + When getting the LDAP configuration with showPassword "0" + Then the OCS status code should be "200" + And the HTTP status code should be "200" + And the response should contain a tag "ldapHost" with value "ldaps://my.ldap.server" + And the response should contain a tag "ldapLoginFilter" with value "(&(|(objectclass=inetOrgPerson))(uid=%uid))" + And the response should contain a tag "ldapAgentPassword" with value "***" + + Scenario: receiving password in plain text + Given As an "admin" + And creating an LDAP configuration at "/apps/user_ldap/api/v1/config" + And setting "ldapAgentPassword" of the LDAP configuration to "psst,secret" + When getting the LDAP configuration with showPassword "1" + Then the OCS status code should be "200" + And the HTTP status code should be "200" + And the response should contain a tag "ldapAgentPassword" with value "psst,secret" |