summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib
diff options
context:
space:
mode:
Diffstat (limited to 'apps/user_ldap/lib')
-rw-r--r--apps/user_ldap/lib/Access.php2
-rw-r--r--apps/user_ldap/lib/Connection.php2
-rw-r--r--apps/user_ldap/lib/Group_LDAP.php8
-rw-r--r--apps/user_ldap/lib/Group_Proxy.php9
-rw-r--r--apps/user_ldap/lib/Mapping/AbstractMapping.php19
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFix.php60
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFixGroup.php37
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFixInsert.php101
-rw-r--r--apps/user_ldap/lib/Migration/UUIDFixUser.php37
-rw-r--r--apps/user_ldap/lib/Proxy.php6
10 files changed, 280 insertions, 1 deletions
diff --git a/apps/user_ldap/lib/Access.php b/apps/user_ldap/lib/Access.php
index 9e93ef2ecaa..cc0446ae523 100644
--- a/apps/user_ldap/lib/Access.php
+++ b/apps/user_ldap/lib/Access.php
@@ -1473,7 +1473,7 @@ class Access extends LDAPUtility implements IUserTools {
return true;
}
- if ($uuidOverride !== '' && !$force) {
+ if (is_string($uuidOverride) && trim($uuidOverride) !== '' && !$force) {
$this->connection->$uuidAttr = $uuidOverride;
return true;
}
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
index becd39205bc..04f8c7401e2 100644
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@@ -47,6 +47,8 @@ use OC\ServerNotAvailableException;
* @property string[] ldapBaseUsers
* @property int|string ldapPagingSize holds an integer
* @property bool|mixed|void ldapGroupMemberAssocAttr
+ * @property string ldapUuidUserAttribute
+ * @property string ldapUuidGroupAttribute
*/
class Connection extends LDAPUtility {
private $ldapConnectionRes = null;
diff --git a/apps/user_ldap/lib/Group_LDAP.php b/apps/user_ldap/lib/Group_LDAP.php
index 49e5e724833..d620a00f849 100644
--- a/apps/user_ldap/lib/Group_LDAP.php
+++ b/apps/user_ldap/lib/Group_LDAP.php
@@ -902,4 +902,12 @@ class Group_LDAP extends BackendUtility implements \OCP\GroupInterface {
public function implementsActions($actions) {
return (bool)(\OC\Group\Backend::COUNT_USERS & $actions);
}
+
+ /**
+ * Return access for LDAP interaction.
+ * @return Access instance of Access for LDAP interaction
+ */
+ public function getLDAPAccess() {
+ return $this->access;
+ }
}
diff --git a/apps/user_ldap/lib/Group_Proxy.php b/apps/user_ldap/lib/Group_Proxy.php
index 64b85427f8f..c102e7ac626 100644
--- a/apps/user_ldap/lib/Group_Proxy.php
+++ b/apps/user_ldap/lib/Group_Proxy.php
@@ -196,4 +196,13 @@ class Group_Proxy extends Proxy implements \OCP\GroupInterface {
//it's the same across all our user backends obviously
return $this->refBackend->implementsActions($actions);
}
+
+ /**
+ * Return access for LDAP interaction.
+ * @param string $gid
+ * @return Access instance of Access for LDAP interaction
+ */
+ public function getLDAPAccess($gid) {
+ return $this->handleRequest($gid, 'getLDAPAccess', []);
+ }
}
diff --git a/apps/user_ldap/lib/Mapping/AbstractMapping.php b/apps/user_ldap/lib/Mapping/AbstractMapping.php
index 6fb4a5436c3..755cfadbccd 100644
--- a/apps/user_ldap/lib/Mapping/AbstractMapping.php
+++ b/apps/user_ldap/lib/Mapping/AbstractMapping.php
@@ -129,6 +129,25 @@ abstract class AbstractMapping {
}
/**
+ * Updates the UUID based on the given DN
+ *
+ * required by Migration/UUIDFix
+ *
+ * @param $uuid
+ * @param $fdn
+ * @return bool
+ */
+ public function setUUIDbyDN($uuid, $fdn) {
+ $query = $this->dbc->prepare('
+ UPDATE `' . $this->getTableName() . '`
+ SET `directory_uuid` = ?
+ WHERE `ldap_dn` = ?
+ ');
+
+ return $this->modify($query, [$uuid, $fdn]);
+ }
+
+ /**
* Gets the name based on the provided LDAP DN.
* @param string $fdn
* @return string|false
diff --git a/apps/user_ldap/lib/Migration/UUIDFix.php b/apps/user_ldap/lib/Migration/UUIDFix.php
new file mode 100644
index 00000000000..5b9e5e2231d
--- /dev/null
+++ b/apps/user_ldap/lib/Migration/UUIDFix.php
@@ -0,0 +1,60 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\User_LDAP\Migration;
+
+
+use OC\BackgroundJob\QueuedJob;
+use OCA\User_LDAP\Mapping\AbstractMapping;
+use OCA\User_LDAP\Proxy;
+use OCA\User_LDAP\User_Proxy;
+
+abstract class UUIDFix extends QueuedJob {
+ /** @var AbstractMapping */
+ protected $mapper;
+
+ /** @var Proxy */
+ protected $proxy;
+
+ public function run($argument) {
+ $isUser = $this->proxy instanceof User_Proxy;
+ foreach($argument['records'] as $record) {
+ $access = $this->proxy->getLDAPAccess($record['name']);
+ $uuid = $access->getUUID($record['dn'], $isUser);
+ if($uuid === false) {
+ // record not found, no prob, continue with the next
+ continue;
+ }
+ if($uuid !== $record['uuid']) {
+ $this->mapper->setUUIDbyDN($uuid, $record['dn']);
+ }
+ }
+ }
+
+ /**
+ * @param Proxy $proxy
+ */
+ public function overrideProxy(Proxy $proxy) {
+ $this->proxy = $proxy;
+ }
+}
diff --git a/apps/user_ldap/lib/Migration/UUIDFixGroup.php b/apps/user_ldap/lib/Migration/UUIDFixGroup.php
new file mode 100644
index 00000000000..cbc38366984
--- /dev/null
+++ b/apps/user_ldap/lib/Migration/UUIDFixGroup.php
@@ -0,0 +1,37 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\User_LDAP\Migration;
+
+use OCA\User_LDAP\Helper;
+use OCA\User_LDAP\LDAP;
+use OCA\User_LDAP\Mapping\GroupMapping;
+use OCA\User_LDAP\User_Proxy;
+use OCP\IConfig;
+
+class UUIDFixGroup extends UUIDFix {
+ public function __construct(GroupMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {
+ $this->mapper = $mapper;
+ $this->proxy = new User_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config);
+ }
+}
diff --git a/apps/user_ldap/lib/Migration/UUIDFixInsert.php b/apps/user_ldap/lib/Migration/UUIDFixInsert.php
new file mode 100644
index 00000000000..4a1104f2c6f
--- /dev/null
+++ b/apps/user_ldap/lib/Migration/UUIDFixInsert.php
@@ -0,0 +1,101 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\User_LDAP\Migration;
+
+use OCA\User_LDAP\Mapping\GroupMapping;
+use OCA\User_LDAP\Mapping\UserMapping;
+use OCP\BackgroundJob\IJobList;
+use OCP\IConfig;
+use OCP\Migration\IOutput;
+use OCP\Migration\IRepairStep;
+
+class UUIDFixInsert implements IRepairStep {
+
+ /** @var IConfig */
+ protected $config;
+
+ /** @var UserMapping */
+ protected $userMapper;
+
+ /** @var GroupMapping */
+ protected $groupMapper;
+
+ /** @var IJobList */
+ protected $jobList;
+
+ public function __construct(IConfig $config, UserMapping $userMapper, GroupMapping $groupMapper, IJobList $jobList) {
+ $this->config = $config;
+ $this->userMapper = $userMapper;
+ $this->groupMapper = $groupMapper;
+ $this->jobList = $jobList;
+ }
+
+ /**
+ * Returns the step's name
+ *
+ * @return string
+ * @since 9.1.0
+ */
+ public function getName() {
+ return 'Insert UUIDFix background job for user and group in batches';
+ }
+
+ /**
+ * Run repair step.
+ * Must throw exception on error.
+ *
+ * @param IOutput $output
+ * @throws \Exception in case of failure
+ * @since 9.1.0
+ */
+ public function run(IOutput $output) {
+ $installedVersion = $this->config->getAppValue('user_ldap', 'installed_version', '1.2.1');
+ if(version_compare($installedVersion, '1.2.1') !== -1) {
+ return;
+ }
+
+ foreach ([$this->userMapper, $this->groupMapper] as $mapper) {
+ $offset = 0;
+ $batchSize = 50;
+ $jobClass = $mapper instanceof UserMapping ? UUIDFixUser::class : UUIDFixGroup::class;
+ do {
+ $retry = false;
+ $records = $mapper->getList($offset, $batchSize);
+ if(count($records) === 0){
+ continue;
+ }
+ try {
+ $this->jobList->add($jobClass, ['records' => $records]);
+ $offset += $batchSize;
+ } catch (\InvalidArgumentException $e) {
+ if(strpos($e->getMessage(), 'Background job arguments can\'t exceed 4000') !== false) {
+ $batchSize = intval(floor(count($records) * 0.8));
+ $retry = true;
+ }
+ }
+ } while (count($records) === $batchSize || $retry);
+ }
+
+ }
+}
diff --git a/apps/user_ldap/lib/Migration/UUIDFixUser.php b/apps/user_ldap/lib/Migration/UUIDFixUser.php
new file mode 100644
index 00000000000..ee1457dcccb
--- /dev/null
+++ b/apps/user_ldap/lib/Migration/UUIDFixUser.php
@@ -0,0 +1,37 @@
+<?php
+/**
+ * @copyright Copyright (c) 2017 Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\User_LDAP\Migration;
+
+use OCA\User_LDAP\Helper;
+use OCA\User_LDAP\LDAP;
+use OCA\User_LDAP\Mapping\UserMapping;
+use OCA\User_LDAP\Group_Proxy;
+use OCP\IConfig;
+
+class UUIDFixUser extends UUIDFix {
+ public function __construct(UserMapping $mapper, LDAP $ldap, IConfig $config, Helper $helper) {
+ $this->mapper = $mapper;
+ $this->proxy = new Group_Proxy($helper->getServerConfigurationPrefixes(true), $ldap, $config);
+ }
+}
diff --git a/apps/user_ldap/lib/Proxy.php b/apps/user_ldap/lib/Proxy.php
index 6b896e0b13d..7f998314e20 100644
--- a/apps/user_ldap/lib/Proxy.php
+++ b/apps/user_ldap/lib/Proxy.php
@@ -128,6 +128,12 @@ abstract class Proxy {
abstract protected function walkBackends($id, $method, $parameters);
/**
+ * @param string $id
+ * @return Access
+ */
+ abstract public function getLDAPAccess($id);
+
+ /**
* Takes care of the request to the User backend
* @param string $id
* @param string $method string, the method of the user backend that shall be called