diff options
Diffstat (limited to 'apps/user_ldap/lib')
-rw-r--r-- | apps/user_ldap/lib/Command/Search.php | 5 | ||||
-rw-r--r-- | apps/user_ldap/lib/GroupPluginManager.php | 169 | ||||
-rw-r--r-- | apps/user_ldap/lib/Group_LDAP.php | 116 | ||||
-rw-r--r-- | apps/user_ldap/lib/Group_Proxy.php | 76 | ||||
-rw-r--r-- | apps/user_ldap/lib/Helper.php | 4 | ||||
-rw-r--r-- | apps/user_ldap/lib/IGroupLDAP.php | 45 | ||||
-rw-r--r-- | apps/user_ldap/lib/ILDAPGroupPlugin.php | 86 | ||||
-rw-r--r-- | apps/user_ldap/lib/ILDAPUserPlugin.php | 93 | ||||
-rw-r--r-- | apps/user_ldap/lib/ILDAPWrapper.php | 2 | ||||
-rw-r--r-- | apps/user_ldap/lib/Jobs/CleanUp.php | 3 | ||||
-rw-r--r-- | apps/user_ldap/lib/Jobs/UpdateGroups.php | 4 | ||||
-rw-r--r-- | apps/user_ldap/lib/LDAPProvider.php | 141 | ||||
-rw-r--r-- | apps/user_ldap/lib/Migration/UUIDFixGroup.php | 3 | ||||
-rw-r--r-- | apps/user_ldap/lib/Migration/UUIDFixUser.php | 3 | ||||
-rw-r--r-- | apps/user_ldap/lib/UserPluginManager.php | 210 | ||||
-rw-r--r-- | apps/user_ldap/lib/User_LDAP.php | 62 | ||||
-rw-r--r-- | apps/user_ldap/lib/User_Proxy.php | 31 |
17 files changed, 1011 insertions, 42 deletions
diff --git a/apps/user_ldap/lib/Command/Search.php b/apps/user_ldap/lib/Command/Search.php index d348d5b31c9..4b2212a43c9 100644 --- a/apps/user_ldap/lib/Command/Search.php +++ b/apps/user_ldap/lib/Command/Search.php @@ -111,7 +111,7 @@ class Search extends Command { $this->validateOffsetAndLimit($offset, $limit); if($input->getOption('group')) { - $proxy = new Group_Proxy($configPrefixes, $ldapWrapper); + $proxy = new Group_Proxy($configPrefixes, $ldapWrapper, \OC::$server->query('LDAPGroupPluginManager')); $getMethod = 'getGroups'; $printID = false; // convert the limit of groups to null. This will show all the groups available instead of @@ -125,7 +125,8 @@ class Search extends Command { $ldapWrapper, $this->ocConfig, \OC::$server->getNotificationManager(), - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + \OC::$server->query('LDAPUserPluginManager') ); $getMethod = 'getDisplayNames'; $printID = true; diff --git a/apps/user_ldap/lib/GroupPluginManager.php b/apps/user_ldap/lib/GroupPluginManager.php new file mode 100644 index 00000000000..50b50315b85 --- /dev/null +++ b/apps/user_ldap/lib/GroupPluginManager.php @@ -0,0 +1,169 @@ +<?php +/** + * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br) + * + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\User_LDAP; + +use OCP\GroupInterface; + +class GroupPluginManager { + + private $respondToActions = 0; + + private $which = array( + GroupInterface::CREATE_GROUP => null, + GroupInterface::DELETE_GROUP => null, + GroupInterface::ADD_TO_GROUP => null, + GroupInterface::REMOVE_FROM_GROUP => null, + GroupInterface::COUNT_USERS => null, + GroupInterface::GROUP_DETAILS => null + ); + + /** + * @return int All implemented actions + */ + public function getImplementedActions() { + return $this->respondToActions; + } + + /** + * Registers a group plugin that may implement some actions, overriding User_LDAP's group actions. + * @param ILDAPGroupPlugin $plugin + */ + public function register(ILDAPGroupPlugin $plugin) { + $respondToActions = $plugin->respondToActions(); + $this->respondToActions |= $respondToActions; + + foreach($this->which as $action => $v) { + if ((bool)($respondToActions & $action)) { + $this->which[$action] = $plugin; + \OC::$server->getLogger()->debug("Registered action ".$action." to plugin ".get_class($plugin), ['app' => 'user_ldap']); + } + } + } + + /** + * Signal if there is a registered plugin that implements some given actions + * @param int $actions Actions defined in \OCP\GroupInterface, like GroupInterface::REMOVE_FROM_GROUP + * @return bool + */ + public function implementsActions($actions) { + return ($actions & $this->respondToActions) == $actions; + } + + /** + * Create a group + * @param string $gid Group Id + * @return string | null The group DN if group creation was successful. + * @throws \Exception + */ + public function createGroup($gid) { + $plugin = $this->which[GroupInterface::CREATE_GROUP]; + + if ($plugin) { + return $plugin->createGroup($gid); + } + throw new \Exception('No plugin implements createGroup in this LDAP Backend.'); + } + + /** + * Delete a group + * @param string $gid Group Id of the group to delete + * @return bool + * @throws \Exception + */ + public function deleteGroup($gid) { + $plugin = $this->which[GroupInterface::DELETE_GROUP]; + + if ($plugin) { + return $plugin->deleteGroup($gid); + } + throw new \Exception('No plugin implements deleteGroup in this LDAP Backend.'); + } + + /** + * Add a user to a group + * @param string $uid ID of the user to add to group + * @param string $gid ID of the group in which add the user + * @return bool + * @throws \Exception + * + * Adds a user to a group. + */ + public function addToGroup($uid, $gid) { + $plugin = $this->which[GroupInterface::ADD_TO_GROUP]; + + if ($plugin) { + return $plugin->addToGroup($uid, $gid); + } + throw new \Exception('No plugin implements addToGroup in this LDAP Backend.'); + } + + /** + * Removes a user from a group + * @param string $uid ID of the user to remove from group + * @param string $gid ID of the group from which remove the user + * @return bool + * @throws \Exception + * + * removes the user from a group. + */ + public function removeFromGroup($uid, $gid) { + $plugin = $this->which[GroupInterface::REMOVE_FROM_GROUP]; + + if ($plugin) { + return $plugin->removeFromGroup($uid, $gid); + } + throw new \Exception('No plugin implements removeFromGroup in this LDAP Backend.'); + } + + /** + * get the number of all users matching the search string in a group + * @param string $gid ID of the group + * @param string $search query string + * @return int|false + * @throws \Exception + */ + public function countUsersInGroup($gid, $search = '') { + $plugin = $this->which[GroupInterface::COUNT_USERS]; + + if ($plugin) { + return $plugin->countUsersInGroup($gid,$search); + } + throw new \Exception('No plugin implements countUsersInGroup in this LDAP Backend.'); + } + + /** + * get an array with group details + * @param string $gid + * @return array|false + * @throws \Exception + */ + public function getGroupDetails($gid) { + $plugin = $this->which[GroupInterface::GROUP_DETAILS]; + + if ($plugin) { + return $plugin->getGroupDetails($gid); + } + throw new \Exception('No plugin implements getGroupDetails in this LDAP Backend.'); + } +} diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php index 55d31649f10..09303276c26 100644 --- a/apps/user_ldap/lib/Group_LDAP.php +++ b/apps/user_ldap/lib/Group_LDAP.php @@ -39,8 +39,9 @@ namespace OCA\User_LDAP; use OC\Cache\CappedMemoryCache; +use OCP\GroupInterface; -class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { +class Group_LDAP extends BackendUtility implements \OCP\GroupInterface, IGroupLDAP { protected $enabled = false; /** @@ -53,7 +54,10 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { */ protected $cachedGroupsByMember; - public function __construct(Access $access) { + /** @var GroupPluginManager */ + protected $groupPluginManager; + + public function __construct(Access $access, GroupPluginManager $groupPluginManager) { parent::__construct($access); $filter = $this->access->connection->ldapGroupFilter; $gassoc = $this->access->connection->ldapGroupMemberAssocAttr; @@ -63,6 +67,7 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { $this->cachedGroupMembers = new CappedMemoryCache(); $this->cachedGroupsByMember = new CappedMemoryCache(); + $this->groupPluginManager = $groupPluginManager; } /** @@ -860,6 +865,10 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { * @return int|bool */ public function countUsersInGroup($gid, $search = '') { + if ($this->groupPluginManager->implementsActions(GroupInterface::COUNT_USERS)) { + return $this->groupPluginManager->countUsersInGroup($gid, $search); + } + $cacheKey = 'countUsersInGroup-'.$gid.'-'.$search; if(!$this->enabled || !$this->groupExists($gid)) { return false; @@ -1067,17 +1076,114 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface { * @return boolean * * Returns the supported actions as int to be - * compared with \OC\User\Backend::CREATE_USER etc. + * compared with GroupInterface::CREATE_GROUP etc. */ public function implementsActions($actions) { - return (bool)(\OC\Group\Backend::COUNT_USERS & $actions); + return (bool)((GroupInterface::COUNT_USERS | + $this->groupPluginManager->getImplementedActions()) & $actions); } /** * Return access for LDAP interaction. * @return Access instance of Access for LDAP interaction */ - public function getLDAPAccess() { + public function getLDAPAccess($gid) { return $this->access; } + + /** + * create a group + * @param string $gid + * @return bool + * @throws \Exception + */ + public function createGroup($gid) { + if ($this->groupPluginManager->implementsActions(GroupInterface::CREATE_GROUP)) { + if ($dn = $this->groupPluginManager->createGroup($gid)) { + //updates group mapping + $this->access->dn2ocname($dn, $gid, false); + $this->access->connection->writeToCache("groupExists".$gid, true); + } + return $dn != null; + } + throw new \Exception('Could not create group in LDAP backend.'); + } + + /** + * delete a group + * @param string $gid gid of the group to delete + * @return bool + * @throws \Exception + */ + public function deleteGroup($gid) { + if ($this->groupPluginManager->implementsActions(GroupInterface::DELETE_GROUP)) { + if ($ret = $this->groupPluginManager->deleteGroup($gid)) { + #delete group in nextcloud internal db + $this->access->getGroupMapper()->unmap($gid); + $this->access->connection->writeToCache("groupExists".$gid, false); + } + return $ret; + } + throw new \Exception('Could not delete group in LDAP backend.'); + } + + /** + * Add a user to a group + * @param string $uid Name of the user to add to group + * @param string $gid Name of the group in which add the user + * @return bool + * @throws \Exception + */ + public function addToGroup($uid, $gid) { + if ($this->groupPluginManager->implementsActions(GroupInterface::ADD_TO_GROUP)) { + if ($ret = $this->groupPluginManager->addToGroup($uid, $gid)) { + $this->access->connection->clearCache(); + } + return $ret; + } + throw new \Exception('Could not add user to group in LDAP backend.'); + } + + /** + * Removes a user from a group + * @param string $uid Name of the user to remove from group + * @param string $gid Name of the group from which remove the user + * @return bool + * @throws \Exception + */ + public function removeFromGroup($uid, $gid) { + if ($this->groupPluginManager->implementsActions(GroupInterface::REMOVE_FROM_GROUP)) { + if ($ret = $this->groupPluginManager->removeFromGroup($uid, $gid)) { + $this->access->connection->clearCache(); + } + return $ret; + } + throw new \Exception('Could not remove user from group in LDAP backend.'); + } + + /** + * Gets group details + * @param string $gid Name of the group + * @return array | false + * @throws \Exception + */ + public function getGroupDetails($gid) { + if ($this->groupPluginManager->implementsActions(GroupInterface::GROUP_DETAILS)) { + return $this->groupPluginManager->getGroupDetails($gid); + } + throw new \Exception('Could not get group details in LDAP backend.'); + } + + /** + * Return LDAP connection resource from a cloned connection. + * The cloned connection needs to be closed manually. + * of the current access. + * @param string $gid + * @return resource of the LDAP connection + */ + public function getNewLDAPConnection($gid) { + $connection = clone $this->access->getConnection(); + return $connection->getConnectionResource(); + } + } diff --git a/apps/user_ldap/lib/Group_Proxy.php b/apps/user_ldap/lib/Group_Proxy.php index e546c84a90c..50c46dfbc0b 100644 --- a/apps/user_ldap/lib/Group_Proxy.php +++ b/apps/user_ldap/lib/Group_Proxy.php @@ -26,7 +26,7 @@ namespace OCA\User_LDAP; -class Group_Proxy extends Proxy implements \OCP\GroupInterface { +class Group_Proxy extends Proxy implements \OCP\GroupInterface, IGroupLDAP { private $backends = array(); private $refBackend = null; @@ -34,11 +34,11 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { * Constructor * @param string[] $serverConfigPrefixes array containing the config Prefixes */ - public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap) { + public function __construct($serverConfigPrefixes, ILDAPWrapper $ldap, GroupPluginManager $groupPluginManager) { parent::__construct($ldap); foreach($serverConfigPrefixes as $configPrefix) { $this->backends[$configPrefix] = - new \OCA\User_LDAP\Group_LDAP($this->getAccess($configPrefix)); + new \OCA\User_LDAP\Group_LDAP($this->getAccess($configPrefix), $groupPluginManager); if(is_null($this->refBackend)) { $this->refBackend = &$this->backends[$configPrefix]; } @@ -146,6 +146,51 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { } /** + * @param string $gid + * @return bool + */ + public function createGroup($gid) { + return $this->handleRequest( + $gid, 'createGroup', array($gid)); + } + + /** + * delete a group + * @param string $gid gid of the group to delete + * @return bool + */ + public function deleteGroup($gid) { + return $this->handleRequest( + $gid, 'deleteGroup', array($gid)); + } + + /** + * Add a user to a group + * @param string $uid Name of the user to add to group + * @param string $gid Name of the group in which add the user + * @return bool + * + * Adds a user to a group. + */ + public function addToGroup($uid, $gid) { + return $this->handleRequest( + $gid, 'addToGroup', array($uid, $gid)); + } + + /** + * Removes a user from a group + * @param string $uid Name of the user to remove from group + * @param string $gid Name of the group from which remove the user + * @return bool + * + * removes the user from a group. + */ + public function removeFromGroup($uid, $gid) { + return $this->handleRequest( + $gid, 'removeFromGroup', array($uid, $gid)); + } + + /** * returns the number of users in a group, who match the search term * @param string $gid the internal group name * @param string $search optional, a search string @@ -157,6 +202,16 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { } /** + * get an array with group details + * @param string $gid + * @return array|false + */ + public function getGroupDetails($gid) { + return $this->handleRequest( + $gid, 'getGroupDetails', array($gid)); + } + + /** * get a list of all groups * @return string[] with group names * @@ -190,7 +245,7 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { * @return boolean * * Returns the supported actions as int to be - * compared with \OC\User\Backend::CREATE_USER etc. + * compared with \OCP\GroupInterface::CREATE_GROUP etc. */ public function implementsActions($actions) { //it's the same across all our user backends obviously @@ -203,6 +258,17 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface { * @return Access instance of Access for LDAP interaction */ public function getLDAPAccess($gid) { - return $this->handleRequest($gid, 'getLDAPAccess', []); + return $this->handleRequest($gid, 'getLDAPAccess', [$gid]); } + + /** + * Return a new LDAP connection for the specified group. + * The connection needs to be closed manually. + * @param string $gid + * @return resource of the LDAP connection + */ + public function getNewLDAPConnection($gid) { + return $this->handleRequest($gid, 'getNewLDAPConnection', array($gid)); + } + } diff --git a/apps/user_ldap/lib/Helper.php b/apps/user_ldap/lib/Helper.php index 891ab7f0a3a..ce65ee29099 100644 --- a/apps/user_ldap/lib/Helper.php +++ b/apps/user_ldap/lib/Helper.php @@ -294,10 +294,12 @@ class Helper { $ldapWrapper = new LDAP(); $ocConfig = \OC::$server->getConfig(); $notificationManager = \OC::$server->getNotificationManager(); + $userSession = \OC::$server->getUserSession(); + $userPluginManager = \OC::$server->query('LDAPUserPluginManager'); $userBackend = new User_Proxy( - $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession + $configPrefixes, $ldapWrapper, $ocConfig, $notificationManager, $userSession, $userPluginManager ); $uid = $userBackend->loginName2UserName($param['uid'] ); if($uid !== false) { diff --git a/apps/user_ldap/lib/IGroupLDAP.php b/apps/user_ldap/lib/IGroupLDAP.php new file mode 100644 index 00000000000..378e182fb68 --- /dev/null +++ b/apps/user_ldap/lib/IGroupLDAP.php @@ -0,0 +1,45 @@ +<?php +/** + * + * @copyright Copyright (c) 2017, EITA Cooperative (eita.org.br) + * + * @author Vinicius Brand <vinicius@eita.org.br> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OCA\User_LDAP; + +interface IGroupLDAP { + + //Used by LDAPProvider + + /** + * Return access for LDAP interaction. + * @param string $gid + * @return Access instance of Access for LDAP interaction + */ + public function getLDAPAccess($gid); + + /** + * Return a new LDAP connection for the specified group. + * @param string $gid + * @return resource of the LDAP connection + */ + public function getNewLDAPConnection($gid); + +} diff --git a/apps/user_ldap/lib/ILDAPGroupPlugin.php b/apps/user_ldap/lib/ILDAPGroupPlugin.php new file mode 100644 index 00000000000..8afc4c86480 --- /dev/null +++ b/apps/user_ldap/lib/ILDAPGroupPlugin.php @@ -0,0 +1,86 @@ +<?php +/** + * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br) + * + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\User_LDAP; + + +interface ILDAPGroupPlugin { + + /** + * Check if plugin implements actions + * @return int + * + * Returns the supported actions as int to be + * compared with OC_GROUP_BACKEND_CREATE_GROUP etc. + */ + public function respondToActions(); + + /** + * @param string $gid + * @return string|null The group DN if group creation was successful. + */ + public function createGroup($gid); + + /** + * delete a group + * @param string $gid gid of the group to delete + * @return bool + */ + public function deleteGroup($gid); + + /** + * Add a user to a group + * @param string $uid Name of the user to add to group + * @param string $gid Name of the group in which add the user + * @return bool + * + * Adds a user to a group. + */ + public function addToGroup($uid, $gid); + + /** + * Removes a user from a group + * @param string $uid Name of the user to remove from group + * @param string $gid Name of the group from which remove the user + * @return bool + * + * removes the user from a group. + */ + public function removeFromGroup($uid, $gid); + + /** + * get the number of all users matching the search string in a group + * @param string $gid + * @param string $search + * @return int|false + */ + public function countUsersInGroup($gid, $search = ''); + + /** + * get an array with group details + * @param string $gid + * @return array|false + */ + public function getGroupDetails($gid); + +} diff --git a/apps/user_ldap/lib/ILDAPUserPlugin.php b/apps/user_ldap/lib/ILDAPUserPlugin.php new file mode 100644 index 00000000000..d2e8544c8a5 --- /dev/null +++ b/apps/user_ldap/lib/ILDAPUserPlugin.php @@ -0,0 +1,93 @@ +<?php +/** + * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br) + * + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\User_LDAP; + + +interface ILDAPUserPlugin { + + /** + * Check if plugin implements actions + * @return int + * + * Returns the supported actions as int to be + * compared with OC_USER_BACKEND_CREATE_USER etc. + */ + public function respondToActions(); + + /** + * Create a new user in LDAP Backend + * + * @param string $uid The UID of the user to create + * @param string $password The password of the new user + * @return bool + */ + public function createUser($uid, $password); + + /** + * Set password + * + * @param string $uid The username + * @param string $password The new password + * @return bool + * + * Change the password of a user + */ + public function setPassword($uid, $password); + + /** + * get the user's home directory + * @param string $uid the username + * @return boolean + */ + public function getHome($uid); + + /** + * get display name of the user + * @param string $uid user ID of the user + * @return string display name + */ + public function getDisplayName($uid); + + /** + * set display name of the user + * @param string $uid user ID of the user + * @param string $displayName new user's display name + * @return string display name + */ + public function setDisplayName($uid, $displayName); + + /** + * checks whether the user is allowed to change his avatar in Nextcloud + * @param string $uid the Nextcloud user name + * @return boolean either the user can or cannot + */ + public function canChangeAvatar($uid); + + /** + * Count the number of users + * @return int|bool + */ + public function countUsers(); + +} diff --git a/apps/user_ldap/lib/ILDAPWrapper.php b/apps/user_ldap/lib/ILDAPWrapper.php index 71dd60c3725..e5969cc2986 100644 --- a/apps/user_ldap/lib/ILDAPWrapper.php +++ b/apps/user_ldap/lib/ILDAPWrapper.php @@ -163,7 +163,7 @@ interface ILDAPWrapper { * @return resource|false an LDAP search result resource, false on error */ public function search($link, $baseDN, $filter, $attr, $attrsOnly = 0, $limit = 0); - + /** * Replace the value of a userPassword by $password * @param resource $link LDAP link resource diff --git a/apps/user_ldap/lib/Jobs/CleanUp.php b/apps/user_ldap/lib/Jobs/CleanUp.php index 44e8f5469f1..92bca036b2e 100644 --- a/apps/user_ldap/lib/Jobs/CleanUp.php +++ b/apps/user_ldap/lib/Jobs/CleanUp.php @@ -100,7 +100,8 @@ class CleanUp extends TimedJob { new LDAP(), $this->ocConfig, \OC::$server->getNotificationManager(), - \OC::$server->getUserSession() + \OC::$server->getUserSession(), + \OC::$server->query('LDAPUserPluginManager') ); } diff --git a/apps/user_ldap/lib/Jobs/UpdateGroups.php b/apps/user_ldap/lib/Jobs/UpdateGroups.php index 4c9a06a5f68..7e4f0c0c1be 100644 --- a/apps/user_ldap/lib/Jobs/UpdateGroups.php +++ b/apps/user_ldap/lib/Jobs/UpdateGroups.php @@ -193,9 +193,9 @@ class UpdateGroups extends \OC\BackgroundJob\TimedJob { $userMapper = new UserMapping($dbc); $ldapAccess->setGroupMapper($groupMapper); $ldapAccess->setUserMapper($userMapper); - self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess); + self::$groupBE = new \OCA\User_LDAP\Group_LDAP($ldapAccess, \OC::$server->query('LDAPGroupPluginManager')); } else { - self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper); + self::$groupBE = new \OCA\User_LDAP\Group_Proxy($configPrefixes, $ldapWrapper, \OC::$server->query('LDAPGroupPluginManager')); } return self::$groupBE; diff --git a/apps/user_ldap/lib/LDAPProvider.php b/apps/user_ldap/lib/LDAPProvider.php index bf8691006c6..c62372bdd12 100644 --- a/apps/user_ldap/lib/LDAPProvider.php +++ b/apps/user_ldap/lib/LDAPProvider.php @@ -3,6 +3,10 @@ * * @copyright Copyright (c) 2016, Roger Szabo (roger.szabo@web.de) * + * @author Roger Szabo <roger.szabo@web.de> + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> + * * @license GNU AGPL version 3 or any later version * * This program is free software: you can redistribute it and/or modify @@ -33,7 +37,8 @@ use OCA\User_LDAP\User\DeletedUsersIndex; */ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { - private $backend; + private $userBackend; + private $groupBackend; private $logger; private $helper; private $deletedUsersIndex; @@ -41,20 +46,36 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { /** * Create new LDAPProvider * @param \OCP\IServerContainer $serverContainer + * @param Helper $helper + * @param DeletedUsersIndex $deletedUsersIndex * @throws \Exception if user_ldap app was not enabled */ public function __construct(IServerContainer $serverContainer, Helper $helper, DeletedUsersIndex $deletedUsersIndex) { $this->logger = $serverContainer->getLogger(); $this->helper = $helper; $this->deletedUsersIndex = $deletedUsersIndex; + $userBackendFound = false; + $groupBackendFound = false; foreach ($serverContainer->getUserManager()->getBackends() as $backend){ - $this->logger->debug('instance '.get_class($backend).' backend.', ['app' => 'user_ldap']); + $this->logger->debug('instance '.get_class($backend).' user backend.', ['app' => 'user_ldap']); if ($backend instanceof IUserLDAP) { - $this->backend = $backend; - return; + $this->userBackend = $backend; + $userBackendFound = true; + break; } } - throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled'); + foreach ($serverContainer->getGroupManager()->getBackends() as $backend){ + $this->logger->debug('instance '.get_class($backend).' group backend.', ['app' => 'user_ldap']); + if ($backend instanceof IGroupLDAP) { + $this->groupBackend = $backend; + $groupBackendFound = true; + break; + } + } + + if (!$userBackendFound or !$groupBackendFound) { + throw new \Exception('To use the LDAPProvider, user_ldap app must be enabled'); + } } /** @@ -64,16 +85,33 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if translation was unsuccessful */ public function getUserDN($uid) { - if(!$this->backend->userExists($uid)){ + if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - $result = $this->backend->getLDAPAccess($uid)->username2dn($uid); + $result = $this->userBackend->getLDAPAccess($uid)->username2dn($uid); if(!$result){ throw new \Exception('Translation to LDAP DN unsuccessful'); } return $result; } - + + /** + * Translate a group id to LDAP DN. + * @param string $gid group id + * @return string + * @throws \Exception + */ + public function getGroupDN($gid) { + if(!$this->groupBackend->groupExists($gid)){ + throw new \Exception('Group id not found in LDAP'); + } + $result = $this->groupBackend->getLDAPAccess($gid)->groupname2dn($gid); + if(!$result){ + throw new \Exception('Translation to LDAP DN unsuccessful'); + } + return $result; + } + /** * Translate a LDAP DN to an internal user name. If there is no mapping between * the DN and the user name, a new one will be created. @@ -82,7 +120,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if translation was unsuccessful */ public function getUserName($dn) { - $result = $this->backend->dn2UserName($dn); + $result = $this->userBackend->dn2UserName($dn); if(!$result){ throw new \Exception('Translation to internal user name unsuccessful'); } @@ -115,10 +153,24 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if user id was not found in LDAP */ public function getLDAPConnection($uid) { - if(!$this->backend->userExists($uid)){ + if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - return $this->backend->getNewLDAPConnection($uid); + return $this->userBackend->getNewLDAPConnection($uid); + } + + /** + * Return a new LDAP connection resource for the specified user. + * The connection must be closed manually. + * @param string $gid group id + * @return resource of the LDAP connection + * @throws \Exception if group id was not found in LDAP + */ + public function getGroupLDAPConnection($gid) { + if(!$this->groupBackend->groupExists($gid)){ + throw new \Exception('Group id not found in LDAP'); + } + return $this->groupBackend->getNewLDAPConnection($gid); } /** @@ -128,10 +180,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if user id was not found in LDAP */ public function getLDAPBaseUsers($uid) { - if(!$this->backend->userExists($uid)){ + if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users']; + return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_users']; } /** @@ -141,10 +193,10 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if user id was not found in LDAP */ public function getLDAPBaseGroups($uid) { - if(!$this->backend->userExists($uid)){ + if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - return $this->backend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups']; + return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_base_groups']; } /** @@ -153,10 +205,23 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @throws \Exception if user id was not found in LDAP */ public function clearCache($uid) { - if(!$this->backend->userExists($uid)){ + if(!$this->userBackend->userExists($uid)){ throw new \Exception('User id not found in LDAP'); } - $this->backend->getLDAPAccess($uid)->getConnection()->clearCache(); + $this->userBackend->getLDAPAccess($uid)->getConnection()->clearCache(); + } + + /** + * Clear the cache if a cache is used, otherwise do nothing. + * Acts on the LDAP connection of a group + * @param string $gid group id + * @throws \Exception if user id was not found in LDAP + */ + public function clearGroupCache($gid) { + if(!$this->groupBackend->groupExists($gid)){ + throw new \Exception('Group id not found in LDAP'); + } + $this->groupBackend->getLDAPAccess($gid)->getConnection()->clearCache(); } /** @@ -165,7 +230,7 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { * @return bool whether the DN exists */ public function dnExists($dn) { - $result = $this->backend->dn2UserName($dn); + $result = $this->userBackend->dn2UserName($dn); return !$result ? false : true; } @@ -184,4 +249,44 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport { public function unflagRecord($uid) { //do nothing } + + /** + * Get the LDAP attribute name for the user's display name + * @param string $uid user id + * @return string the display name field + * @throws \Exception if user id was not found in LDAP + */ + public function getLDAPDisplayNameField($uid) { + if(!$this->userBackend->userExists($uid)){ + throw new \Exception('User id not found in LDAP'); + } + return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_display_name']; + } + + /** + * Get the LDAP attribute name for the email + * @param string $uid user id + * @return string the email field + * @throws \Exception if user id was not found in LDAP + */ + public function getLDAPEmailField($uid) { + if(!$this->userBackend->userExists($uid)){ + throw new \Exception('User id not found in LDAP'); + } + return $this->userBackend->getLDAPAccess($uid)->getConnection()->getConfiguration()['ldap_email_attr']; + } + + /** + * Get the LDAP type of association between users and groups + * @param string $gid group id + * @return string the configuration, one of: 'memberUid', 'uniqueMember', 'member', 'gidNumber' + * @throws \Exception if group id was not found in LDAP + */ + public function getLDAPGroupMemberAssoc($gid) { + if(!$this->groupBackend->groupExists($gid)){ + throw new \Exception('Group id not found in LDAP'); + } + return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute']; + } + } diff --git a/apps/user_ldap/lib/Migration/UUIDFixGroup.php b/apps/user_ldap/lib/Migration/UUIDFixGroup.php index 9ea406efadf..94e0778b9a9 100644 --- a/apps/user_ldap/lib/Migration/UUIDFixGroup.php +++ b/apps/user_ldap/lib/Migration/UUIDFixGroup.php @@ -33,6 +33,7 @@ class UUIDFixGroup extends UUIDFix { public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) { $this->mapper = $mapper; $this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config, - \OC::$server->getNotificationManager(), \OC::$server->getUserSession()); + \OC::$server->getNotificationManager(), \OC::$server->getUserSession(), + \OC::$server->query('LDAPUserPluginManager')); } } diff --git a/apps/user_ldap/lib/Migration/UUIDFixUser.php b/apps/user_ldap/lib/Migration/UUIDFixUser.php index ee1457dcccb..68003fd118f 100644 --- a/apps/user_ldap/lib/Migration/UUIDFixUser.php +++ b/apps/user_ldap/lib/Migration/UUIDFixUser.php @@ -32,6 +32,7 @@ use OCP\IConfig; class UUIDFixUser extends UUIDFix { public function __construct(UserMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) { $this->mapper = $mapper; - $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config); + $groupPluginManager = \OC::$server->query('LDAPGroupPluginManager'); + $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $groupPluginManager); } } diff --git a/apps/user_ldap/lib/UserPluginManager.php b/apps/user_ldap/lib/UserPluginManager.php new file mode 100644 index 00000000000..cee972f1454 --- /dev/null +++ b/apps/user_ldap/lib/UserPluginManager.php @@ -0,0 +1,210 @@ +<?php +/** + * @copyright Copyright (c) 2017 EITA Cooperative (eita.org.br) + * + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> + * + * @license AGPL-3.0 + * + * This code is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License, version 3, + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License, version 3, + * along with this program. If not, see <http://www.gnu.org/licenses/> + * + */ + +namespace OCA\User_LDAP; + +use OC\User\Backend; + +class UserPluginManager { + + public $test = false; + + private $respondToActions = 0; + + private $which = array( + Backend::CREATE_USER => null, + Backend::SET_PASSWORD => null, + Backend::GET_HOME => null, + Backend::GET_DISPLAYNAME => null, + Backend::SET_DISPLAYNAME => null, + Backend::PROVIDE_AVATAR => null, + Backend::COUNT_USERS => null, + 'deleteUser' => null + ); + + /** + * @return int All implemented actions, except for 'deleteUser' + */ + public function getImplementedActions() { + return $this->respondToActions; + } + + /** + * Registers a group plugin that may implement some actions, overriding User_LDAP's user actions. + * + * @param ILDAPUserPlugin $plugin + */ + public function register(ILDAPUserPlugin $plugin) { + $respondToActions = $plugin->respondToActions(); + $this->respondToActions |= $respondToActions; + + foreach($this->which as $action => $v) { + if (is_int($action) && (bool)($respondToActions & $action)) { + $this->which[$action] = $plugin; + \OC::$server->getLogger()->debug("Registered action ".$action." to plugin ".get_class($plugin), ['app' => 'user_ldap']); + } + } + if (method_exists($plugin,'deleteUser')) { + $this->which['deleteUser'] = $plugin; + \OC::$server->getLogger()->debug("Registered action deleteUser to plugin ".get_class($plugin), ['app' => 'user_ldap']); + } + } + + /** + * Signal if there is a registered plugin that implements some given actions + * @param int $actions Actions defined in \OC\User\Backend, like Backend::CREATE_USER + * @return bool + */ + public function implementsActions($actions) { + return ($actions & $this->respondToActions) == $actions; + } + + /** + * Create a new user in LDAP Backend + * + * @param string $username The username of the user to create + * @param string $password The password of the new user + * @return bool + * @throws \Exception + */ + public function createUser($username, $password) { + $plugin = $this->which[Backend::CREATE_USER]; + + if ($plugin) { + return $plugin->createUser($username,$password); + } + throw new \Exception('No plugin implements createUser in this LDAP Backend.'); + } + + /** + * Change the password of a user* + * @param string $uid The username + * @param string $password The new password + * @return bool + * @throws \Exception + */ + public function setPassword($uid, $password) { + $plugin = $this->which[Backend::SET_PASSWORD]; + + if ($plugin) { + return $plugin->setPassword($uid,$password); + } + throw new \Exception('No plugin implements setPassword in this LDAP Backend.'); + } + + /** + * checks whether the user is allowed to change his avatar in Nextcloud + * @param string $uid the Nextcloud user name + * @return boolean either the user can or cannot + * @throws \Exception + */ + public function canChangeAvatar($uid) { + $plugin = $this->which[Backend::PROVIDE_AVATAR]; + + if ($plugin) { + return $plugin->canChangeAvatar($uid); + } + throw new \Exception('No plugin implements canChangeAvatar in this LDAP Backend.'); + } + + /** + * Get the user's home directory + * @param string $uid the username + * @return boolean + * @throws \Exception + */ + public function getHome($uid) { + $plugin = $this->which[Backend::GET_HOME]; + + if ($plugin) { + return $plugin->getHome($uid); + } + throw new \Exception('No plugin implements getHome in this LDAP Backend.'); + } + + /** + * Get display name of the user + * @param string $uid user ID of the user + * @return string display name + * @throws \Exception + */ + public function getDisplayName($uid) { + $plugin = $this->which[Backend::GET_DISPLAYNAME]; + + if ($plugin) { + return $plugin->getDisplayName($uid); + } + throw new \Exception('No plugin implements getDisplayName in this LDAP Backend.'); + } + + /** + * Set display name of the user + * @param string $uid user ID of the user + * @param string $displayName new user's display name + * @return string display name + * @throws \Exception + */ + public function setDisplayName($uid, $displayName) { + $plugin = $this->which[Backend::SET_DISPLAYNAME]; + + if ($plugin) { + return $plugin->setDisplayName($uid, $displayName); + } + throw new \Exception('No plugin implements setDisplayName in this LDAP Backend.'); + } + + /** + * Count the number of users + * @return int|bool + * @throws \Exception + */ + public function countUsers() { + $plugin = $this->which[Backend::COUNT_USERS]; + + if ($plugin) { + return $plugin->countUsers(); + } + throw new \Exception('No plugin implements countUsers in this LDAP Backend.'); + } + + /** + * @return bool + */ + public function canDeleteUser() { + return $this->which['deleteUser'] !== null; + } + + /** + * @param $uid + * @return bool + * @throws \Exception + */ + public function deleteUser($uid) { + $plugin = $this->which['deleteUser']; + if ($plugin) { + return $plugin->deleteUser($uid); + } + throw new \Exception('No plugin implements deleteUser in this LDAP Backend.'); + } +} + diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php index 0a9a1cfe4c2..87706dcfe8b 100644 --- a/apps/user_ldap/lib/User_LDAP.php +++ b/apps/user_ldap/lib/User_LDAP.php @@ -16,6 +16,8 @@ * @author Thomas Müller <thomas.mueller@tmit.eu> * @author Tom Needham <tom@owncloud.com> * @author Roger Szabo <roger.szabo@web.de> + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> * * @license AGPL-3.0 * @@ -56,16 +58,20 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn /** @var string */ protected $currentUserInDeletionProcess; + /** @var UserPluginManager */ + protected $userPluginManager; + /** * @param Access $access * @param \OCP\IConfig $ocConfig * @param \OCP\Notification\IManager $notificationManager * @param IUserSession $userSession */ - public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession) { + public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession, UserPluginManager $userPluginManager) { parent::__construct($access); $this->ocConfig = $ocConfig; $this->notificationManager = $notificationManager; + $this->userPluginManager = $userPluginManager; $this->registerHooks($userSession); } @@ -88,6 +94,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * @return boolean either the user can or cannot */ public function canChangeAvatar($uid) { + if ($this->userPluginManager->implementsActions(Backend::PROVIDE_AVATAR)) { + return $this->userPluginManager->canChangeAvatar($uid); + } + $user = $this->access->userManager->get($uid); if(!$user instanceof User) { return false; @@ -207,6 +217,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * @return bool */ public function setPassword($uid, $password) { + if ($this->userPluginManager->implementsActions(Backend::SET_PASSWORD)) { + return $this->userPluginManager->setPassword($uid, $password); + } + $user = $this->access->userManager->get($uid); if(!$user instanceof User) { @@ -364,6 +378,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * @return bool */ public function deleteUser($uid) { + if ($this->userPluginManager->canDeleteUser()) { + return $this->userPluginManager->deleteUser($uid); + } + $marked = $this->ocConfig->getUserValue($uid, 'user_ldap', 'isDeleted', 0); if(intval($marked) === 0) { \OC::$server->getLogger()->notice( @@ -393,6 +411,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn return false; } + if ($this->userPluginManager->implementsActions(Backend::GET_HOME)) { + return $this->userPluginManager->getHome($uid); + } + $cacheKey = 'getHome'.$uid; $path = $this->access->connection->getFromCache($cacheKey); if(!is_null($path)) { @@ -425,6 +447,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * @return string|false display name */ public function getDisplayName($uid) { + if ($this->userPluginManager->implementsActions(Backend::GET_DISPLAYNAME)) { + return $this->userPluginManager->getDisplayName($uid); + } + if(!$this->userExists($uid)) { return false; } @@ -470,6 +496,19 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn } /** + * set display name of the user + * @param string $uid user ID of the user + * @param string $displayName new display name of the user + * @return string|false display name + */ + public function setDisplayName($uid, $displayName) { + if ($this->userPluginManager->implementsActions(Backend::SET_DISPLAYNAME)) { + return $this->userPluginManager->setDisplayName($uid, $displayName); + } + return false; + } + + /** * Get a list of all display names * * @param string $search @@ -506,7 +545,8 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn | Backend::GET_DISPLAYNAME | Backend::PROVIDE_AVATAR | Backend::COUNT_USERS - | ((intval($this->access->connection->turnOnPasswordChange) === 1)?(Backend::SET_PASSWORD):0)) + | ((intval($this->access->connection->turnOnPasswordChange) === 1)?(Backend::SET_PASSWORD):0) + | $this->userPluginManager->getImplementedActions()) & $actions); } @@ -523,6 +563,10 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * @return int|bool */ public function countUsers() { + if ($this->userPluginManager->implementsActions(Backend::COUNT_USERS)) { + return $this->userPluginManager->countUsers(); + } + $filter = $this->access->getFilterForUserCount(); $cacheKey = 'countUsers-'.$filter; if(!is_null($entries = $this->access->connection->getFromCache($cacheKey))) { @@ -561,4 +605,18 @@ class User_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn $connection = clone $this->access->getConnection(); return $connection->getConnectionResource(); } + + /** + * create new user + * @param string $username username of the new user + * @param string $password password of the new user + * @return bool was the user created? + */ + public function createUser($username, $password) { + if ($this->userPluginManager->implementsActions(Backend::CREATE_USER)) { + return $this->userPluginManager->createUser($username, $password); + } + return false; + } + } diff --git a/apps/user_ldap/lib/User_Proxy.php b/apps/user_ldap/lib/User_Proxy.php index a25eb1bc621..c65999e3fde 100644 --- a/apps/user_ldap/lib/User_Proxy.php +++ b/apps/user_ldap/lib/User_Proxy.php @@ -10,6 +10,8 @@ * @author Robin McCorkell <robin@mccorkell.me.uk> * @author Thomas Müller <thomas.mueller@tmit.eu> * @author Roger Szabo <roger.szabo@web.de> + * @author Vinicius Brand <vinicius@eita.org.br> + * @author Daniel Tygel <dtygel@eita.org.br> * * @license AGPL-3.0 * @@ -48,11 +50,13 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, * @param IUserSession $userSession */ public function __construct(array $serverConfigPrefixes, ILDAPWrapper $ldap, IConfig $ocConfig, - INotificationManager $notificationManager, IUserSession $userSession) { + INotificationManager $notificationManager, IUserSession $userSession, + UserPluginManager $userPluginManager) { parent::__construct($ldap); foreach($serverConfigPrefixes as $configPrefix) { $this->backends[$configPrefix] = - new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession); + new User_LDAP($this->getAccess($configPrefix), $ocConfig, $notificationManager, $userSession, $userPluginManager); + if(is_null($this->refBackend)) { $this->refBackend = &$this->backends[$configPrefix]; } @@ -233,12 +237,23 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, } /** + * set display name of the user + * + * @param string $uid user ID of the user + * @param string $displayName new display name + * @return string display name + */ + public function setDisplayName($uid, $displayName) { + return $this->handleRequest($uid, 'setDisplayName', array($uid, $displayName)); + } + + /** * checks whether the user is allowed to change his avatar in Nextcloud * @param string $uid the Nextcloud user name * @return boolean either the user can or cannot */ public function canChangeAvatar($uid) { - return $this->handleRequest($uid, 'canChangeAvatar', array($uid), true); + return $this->handleRequest($uid, 'canChangeAvatar', array($uid)); } /** @@ -322,4 +337,14 @@ class User_Proxy extends Proxy implements \OCP\IUserBackend, \OCP\UserInterface, public function getNewLDAPConnection($uid) { return $this->handleRequest($uid, 'getNewLDAPConnection', array($uid)); } + + /** + * Creates a new user in LDAP + * @param $username + * @param $password + * @return bool + */ + public function createUser($username, $password) { + return $this->handleRequest($username, 'createUser', array($username,$password)); + } } |