diff options
Diffstat (limited to 'apps/user_ldap/ajax/testConfiguration.php')
| -rw-r--r-- | apps/user_ldap/ajax/testConfiguration.php | 87 |
1 files changed, 46 insertions, 41 deletions
diff --git a/apps/user_ldap/ajax/testConfiguration.php b/apps/user_ldap/ajax/testConfiguration.php index e9f5167bfe7..b77439fa3e8 100644 --- a/apps/user_ldap/ajax/testConfiguration.php +++ b/apps/user_ldap/ajax/testConfiguration.php @@ -1,43 +1,48 @@ <?php + +use OCA\User_LDAP\Exceptions\ConfigurationIssueException; +use OCA\User_LDAP\LDAP; +use OCP\ISession; +use OCP\Server; +use OCP\Util; + /** - * @author Arthur Schiwon <blizzz@owncloud.com> - * @author Bart Visscher <bartv@thisnet.nl> - * @author Morris Jobke <hey@morrisjobke.de> - * @author Robin Appelman <icewind@owncloud.com> - * @author Thomas Müller <thomas.mueller@tmit.eu> - * - * @copyright Copyright (c) 2016, ownCloud, Inc. - * @license AGPL-3.0 - * - * This code is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License, version 3, - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License, version 3, - * along with this program. If not, see <http://www.gnu.org/licenses/> - * + * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only */ - // Check user and app status -OCP\JSON::checkAdminUser(); -OCP\JSON::checkAppEnabled('user_ldap'); -OCP\JSON::callCheck(); +\OC_JSON::checkAdminUser(); +\OC_JSON::checkAppEnabled('user_ldap'); +\OC_JSON::callCheck(); -$l = \OC::$server->getL10N('user_ldap'); +$l = Util::getL10N('user_ldap'); + +$ldapWrapper = new LDAP(); +$connection = new \OCA\User_LDAP\Connection($ldapWrapper, $_POST['ldap_serverconfig_chooser']); -$ldapWrapper = new OCA\user_ldap\lib\LDAP(); -$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, '', null); -//needs to be true, otherwise it will also fail with an irritating message -$_POST['ldap_configuration_active'] = 1; try { - if ($connection->setConfiguration($_POST)) { + $configurationError = ''; + $conf = $connection->getConfiguration(); + if ($conf['ldap_configuration_active'] === '0') { + //needs to be true, otherwise it will also fail with an irritating message + $conf['ldap_configuration_active'] = '1'; + } + try { + $connection->setConfiguration($conf, throw: true); + } catch (ConfigurationIssueException $e) { + $configurationError = $e->getHint(); + } + if ($configurationError === '') { //Configuration is okay + /* + * Closing the session since it won't be used from this point on. There might be a potential + * race condition if a second request is made: either this request or the other might not + * contact the LDAP backup server the first time when it should, but there shouldn't be any + * problem with that other than the extra connection. + */ + Server::get(ISession::class)->close(); if ($connection->bind()) { /* * This shiny if block is an ugly hack to find out whether anonymous @@ -49,23 +54,23 @@ try { * pass (like e.g. expected syntax error). */ try { - $ldapWrapper->read($connection->getConnectionResource(), '', 'objectClass=*', array('dn')); + $ldapWrapper->read($connection->getConnectionResource(), '', 'objectClass=*', ['dn']); } catch (\Exception $e) { - if($e->getCode() === 1) { - OCP\JSON::error(array('message' => $l->t('The configuration is invalid: anonymous bind is not allowed.'))); + if ($e->getCode() === 1) { + \OC_JSON::error(['message' => $l->t('Invalid configuration: Anonymous binding is not allowed.')]); exit; } } - OCP\JSON::success(array('message' - => $l->t('The configuration is valid and the connection could be established!'))); + \OC_JSON::success(['message' + => $l->t('Valid configuration, connection established!')]); } else { - OCP\JSON::error(array('message' - => $l->t('The configuration is valid, but the Bind failed. Please check the server settings and credentials.'))); + \OC_JSON::error(['message' + => $l->t('Valid configuration, but binding failed. Please check the server settings and credentials.')]); } } else { - OCP\JSON::error(array('message' - => $l->t('The configuration is invalid. Please have a look at the logs for further details.'))); + \OC_JSON::error(['message' + => $l->t('Invalid configuration: %s', $configurationError)]); } } catch (\Exception $e) { - OCP\JSON::error(array('message' => $e->getMessage())); + \OC_JSON::error(['message' => $e->getMessage()]); } |