diff options
Diffstat (limited to 'apps/user_ldap/lib/Command/TestConfig.php')
| -rw-r--r-- | apps/user_ldap/lib/Command/TestConfig.php | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/apps/user_ldap/lib/Command/TestConfig.php b/apps/user_ldap/lib/Command/TestConfig.php new file mode 100644 index 00000000000..77eaac91d85 --- /dev/null +++ b/apps/user_ldap/lib/Command/TestConfig.php @@ -0,0 +1,94 @@ +<?php + +/** + * SPDX-FileCopyrightText: 2016-2024 Nextcloud GmbH and Nextcloud contributors + * SPDX-FileCopyrightText: 2016 ownCloud, Inc. + * SPDX-License-Identifier: AGPL-3.0-only + */ +namespace OCA\User_LDAP\Command; + +use OCA\User_LDAP\AccessFactory; +use OCA\User_LDAP\Connection; +use OCA\User_LDAP\Helper; +use OCA\User_LDAP\ILDAPWrapper; +use Symfony\Component\Console\Command\Command; +use Symfony\Component\Console\Input\InputArgument; +use Symfony\Component\Console\Input\InputInterface; +use Symfony\Component\Console\Output\OutputInterface; + +class TestConfig extends Command { + protected const ESTABLISHED = 0; + protected const CONF_INVALID = 1; + protected const BINDFAILURE = 2; + protected const SEARCHFAILURE = 3; + + public function __construct( + protected AccessFactory $accessFactory, + protected Helper $helper, + protected ILDAPWrapper $ldap, + ) { + parent::__construct(); + } + + protected function configure(): void { + $this + ->setName('ldap:test-config') + ->setDescription('tests an LDAP configuration') + ->addArgument( + 'configID', + InputArgument::REQUIRED, + 'the configuration ID' + ) + ; + } + + protected function execute(InputInterface $input, OutputInterface $output): int { + $availableConfigs = $this->helper->getServerConfigurationPrefixes(); + $configID = $input->getArgument('configID'); + if (!in_array($configID, $availableConfigs)) { + $output->writeln('Invalid configID'); + return self::FAILURE; + } + + $result = $this->testConfig($configID); + + $message = match ($result) { + static::ESTABLISHED => 'The configuration is valid and the connection could be established!', + static::CONF_INVALID => 'The configuration is invalid. Please have a look at the logs for further details.', + static::BINDFAILURE => 'The configuration is valid, but the bind failed. Please check the server settings and credentials.', + static::SEARCHFAILURE => 'The configuration is valid and the bind passed, but a simple search on the base fails. Please check the server base setting.', + default => 'Your LDAP server was kidnapped by aliens.', + }; + + $output->writeln($message); + + return $result === static::ESTABLISHED + ? self::SUCCESS + : self::FAILURE; + } + + /** + * Tests the specified connection + */ + protected function testConfig(string $configID): int { + $connection = new Connection($this->ldap, $configID); + + // Ensure validation is run before we attempt the bind + $connection->getConfiguration(); + + if (!$connection->setConfiguration([ + 'ldap_configuration_active' => 1, + ])) { + return static::CONF_INVALID; + } + if (!$connection->bind()) { + return static::BINDFAILURE; + } + $access = $this->accessFactory->get($connection); + $result = $access->countObjects(1); + if (!is_int($result) || ($result <= 0)) { + return static::SEARCHFAILURE; + } + return static::ESTABLISHED; + } +} |