diff options
Diffstat (limited to 'apps/user_ldap/lib')
| -rw-r--r-- | apps/user_ldap/lib/Configuration.php | 3 | ||||
| -rw-r--r-- | apps/user_ldap/lib/Connection.php | 1 | ||||
| -rw-r--r-- | apps/user_ldap/lib/User/DeletedUsersIndex.php | 51 | ||||
| -rw-r--r-- | apps/user_ldap/lib/User_LDAP.php | 66 | ||||
| -rw-r--r-- | apps/user_ldap/lib/User_Proxy.php | 53 |
5 files changed, 111 insertions, 63 deletions
diff --git a/apps/user_ldap/lib/Configuration.php b/apps/user_ldap/lib/Configuration.php index 5a0fcc79ab8..36258f5ad27 100644 --- a/apps/user_ldap/lib/Configuration.php +++ b/apps/user_ldap/lib/Configuration.php @@ -115,6 +115,7 @@ class Configuration { 'ldapExpertUsernameAttr' => null, 'ldapExpertUUIDUserAttr' => null, 'ldapExpertUUIDGroupAttr' => null, + 'markRemnantsAsDisabled' => false, 'lastJpegPhotoLookup' => null, 'ldapNestedGroups' => false, 'ldapPagingSize' => null, @@ -468,6 +469,7 @@ class Configuration { 'ldap_expert_uuid_group_attr' => '', 'has_memberof_filter_support' => 0, 'use_memberof_to_detect_membership' => 1, + 'ldap_mark_remnants_as_disabled' => 0, 'last_jpegPhoto_lookup' => 0, 'ldap_nested_groups' => 0, 'ldap_paging_size' => 500, @@ -543,6 +545,7 @@ class Configuration { 'ldap_expert_uuid_group_attr' => 'ldapExpertUUIDGroupAttr', 'has_memberof_filter_support' => 'hasMemberOfFilterSupport', 'use_memberof_to_detect_membership' => 'useMemberOfToDetectMembership', + 'ldap_mark_remnants_as_disabled' => 'markRemnantsAsDisabled', 'last_jpegPhoto_lookup' => 'lastJpegPhotoLookup', 'ldap_nested_groups' => 'ldapNestedGroups', 'ldap_paging_size' => 'ldapPagingSize', diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php index 861fb1e246b..b47e51fdf70 100644 --- a/apps/user_ldap/lib/Connection.php +++ b/apps/user_ldap/lib/Connection.php @@ -63,6 +63,7 @@ use Psr\Log\LoggerInterface; * @property string ldapEmailAttribute * @property string ldapExtStorageHomeAttribute * @property string homeFolderNamingRule + * @property bool|string markRemnantsAsDisabled * @property bool|string ldapNestedGroups * @property string[] ldapBaseGroups * @property string ldapGroupFilter diff --git a/apps/user_ldap/lib/User/DeletedUsersIndex.php b/apps/user_ldap/lib/User/DeletedUsersIndex.php index 1e057987eef..d679ca86d93 100644 --- a/apps/user_ldap/lib/User/DeletedUsersIndex.php +++ b/apps/user_ldap/lib/User/DeletedUsersIndex.php @@ -24,6 +24,7 @@ namespace OCA\User_LDAP\User; use OCA\User_LDAP\Mapping\UserMapping; +use OCP\IConfig; use OCP\Share\IManager; /** @@ -31,24 +32,16 @@ use OCP\Share\IManager; * @package OCA\User_LDAP */ class DeletedUsersIndex { - /** - * @var \OCP\IConfig $config - */ - protected $config; - - /** - * @var \OCA\User_LDAP\Mapping\UserMapping $mapping - */ - protected $mapping; + protected IConfig $config; + protected UserMapping $mapping; + protected ?array $deletedUsers = null; + private IManager $shareManager; - /** - * @var array $deletedUsers - */ - protected $deletedUsers; - /** @var IManager */ - private $shareManager; - - public function __construct(\OCP\IConfig $config, UserMapping $mapping, IManager $shareManager) { + public function __construct( + IConfig $config, + UserMapping $mapping, + IManager $shareManager + ) { $this->config = $config; $this->mapping = $mapping; $this->shareManager = $shareManager; @@ -56,11 +49,10 @@ class DeletedUsersIndex { /** * reads LDAP users marked as deleted from the database - * @return \OCA\User_LDAP\User\OfflineUser[] + * @return OfflineUser[] */ - private function fetchDeletedUsers() { - $deletedUsers = $this->config->getUsersForUserValue( - 'user_ldap', 'isDeleted', '1'); + private function fetchDeletedUsers(): array { + $deletedUsers = $this->config->getUsersForUserValue('user_ldap', 'isDeleted', '1'); $userObjects = []; foreach ($deletedUsers as $user) { @@ -73,9 +65,9 @@ class DeletedUsersIndex { /** * returns all LDAP users that are marked as deleted - * @return \OCA\User_LDAP\User\OfflineUser[] + * @return OfflineUser[] */ - public function getUsers() { + public function getUsers(): array { if (is_array($this->deletedUsers)) { return $this->deletedUsers; } @@ -84,9 +76,8 @@ class DeletedUsersIndex { /** * whether at least one user was detected as deleted - * @return bool */ - public function hasUsers() { + public function hasUsers(): bool { if (!is_array($this->deletedUsers)) { $this->fetchDeletedUsers(); } @@ -96,12 +87,10 @@ class DeletedUsersIndex { /** * marks a user as deleted * - * @param string $ocName * @throws \OCP\PreConditionNotMetException */ - public function markUser($ocName) { - $curValue = $this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0'); - if ($curValue === '1') { + public function markUser(string $ocName): void { + if ($this->isUserMarked($ocName)) { // the user is already marked, do not write to DB again return; } @@ -109,4 +98,8 @@ class DeletedUsersIndex { $this->config->setUserValue($ocName, 'user_ldap', 'foundDeleted', (string)time()); $this->deletedUsers = null; } + + public function isUserMarked(string $ocName): bool { + return ($this->config->getUserValue($ocName, 'user_ldap', 'isDeleted', '0') === '1'); + } } diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php index 772b2f46095..f9ae6bbee66 100644 --- a/apps/user_ldap/lib/User_LDAP.php +++ b/apps/user_ldap/lib/User_LDAP.php @@ -42,6 +42,7 @@ use OC\ServerNotAvailableException; use OC\User\Backend; use OC\User\NoUserException; use OCA\User_LDAP\Exceptions\NotOnLDAP; +use OCA\User_LDAP\User\DeletedUsersIndex; use OCA\User_LDAP\User\OfflineUser; use OCA\User_LDAP\User\User; use OCP\IConfig; @@ -50,34 +51,32 @@ use OCP\IUserSession; use OCP\Notification\IManager as INotificationManager; use OCP\User\Backend\ICountMappedUsersBackend; use OCP\User\Backend\ICountUsersBackend; +use OCP\User\Backend\IProvideEnabledStateBackend; use OCP\UserInterface; use Psr\Log\LoggerInterface; -class User_LDAP extends BackendUtility implements IUserBackend, UserInterface, IUserLDAP, ICountUsersBackend, ICountMappedUsersBackend { - /** @var \OCP\IConfig */ - protected $ocConfig; - - /** @var INotificationManager */ - protected $notificationManager; - - /** @var UserPluginManager */ - protected $userPluginManager; - - /** @var LoggerInterface */ - protected $logger; - - /** - * @param Access $access - * @param \OCP\IConfig $ocConfig - * @param \OCP\Notification\IManager $notificationManager - * @param IUserSession $userSession - */ - public function __construct(Access $access, IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession, UserPluginManager $userPluginManager) { +class User_LDAP extends BackendUtility implements IUserBackend, UserInterface, IUserLDAP, ICountUsersBackend, ICountMappedUsersBackend, IProvideEnabledStateBackend { + protected IConfig $ocConfig; + protected INotificationManager $notificationManager; + protected UserPluginManager $userPluginManager; + protected LoggerInterface $logger; + protected DeletedUsersIndex $deletedUsersIndex; + + public function __construct( + Access $access, + IConfig $ocConfig, + INotificationManager $notificationManager, + IUserSession $userSession, + UserPluginManager $userPluginManager, + LoggerInterface $logger, + DeletedUsersIndex $deletedUsersIndex, + ) { parent::__construct($access); $this->ocConfig = $ocConfig; $this->notificationManager = $notificationManager; $this->userPluginManager = $userPluginManager; - $this->logger = \OC::$server->get(LoggerInterface::class); + $this->logger = $logger; + $this->deletedUsersIndex = $deletedUsersIndex; } /** @@ -392,13 +391,13 @@ class User_LDAP extends BackendUtility implements IUserBackend, UserInterface, I } } - $marked = (int)$this->ocConfig->getUserValue($uid, 'user_ldap', 'isDeleted', 0); - if ($marked === 0) { + $marked = $this->deletedUsersIndex->isUserMarked($uid); + if (!$marked) { try { $user = $this->access->userManager->get($uid); if (($user instanceof User) && !$this->userExistsOnLDAP($uid, true)) { $user->markUser(); - $marked = 1; + $marked = true; } } catch (\Exception $e) { $this->logger->debug( @@ -406,7 +405,7 @@ class User_LDAP extends BackendUtility implements IUserBackend, UserInterface, I ['app' => 'user_ldap', 'exception' => $e] ); } - if ($marked === 0) { + if (!$marked) { $this->logger->notice( 'User '.$uid . ' is not marked as deleted, not cleaning up.', ['app' => 'user_ldap'] @@ -669,4 +668,21 @@ class User_LDAP extends BackendUtility implements IUserBackend, UserInterface, I } return false; } + + public function isUserEnabled(string $uid, callable $queryDatabaseValue): bool { + if ($this->deletedUsersIndex->isUserMarked($uid) && ((int)$this->access->connection->markRemnantsAsDisabled === 1)) { + return false; + } else { + return $queryDatabaseValue(); + } + } + + public function setUserEnabled(string $uid, bool $enabled, callable $queryDatabaseValue, callable $setDatabaseValue): bool { + $setDatabaseValue($enabled); + return $enabled; + } + + public function getDisabledUserList(int $offset = 0, ?int $limit = null): array { + throw new \Exception('This is implemented directly in User_Proxy'); + } } diff --git a/apps/user_ldap/lib/User_Proxy.php b/apps/user_ldap/lib/User_Proxy.php index b07c632eeeb..0449c89bd24 100644 --- a/apps/user_ldap/lib/User_Proxy.php +++ b/apps/user_ldap/lib/User_Proxy.php @@ -31,20 +31,23 @@ */ namespace OCA\User_LDAP; +use OCA\User_LDAP\User\DeletedUsersIndex; +use OCA\User_LDAP\User\OfflineUser; use OCA\User_LDAP\User\User; use OCP\IConfig; use OCP\IUserBackend; use OCP\IUserSession; use OCP\Notification\IManager as INotificationManager; +use OCP\UserInterface; use OCP\User\Backend\ICountMappedUsersBackend; use OCP\User\Backend\ICountUsersBackend; -use OCP\UserInterface; +use OCP\User\Backend\IProvideEnabledStateBackend; +use Psr\Log\LoggerInterface; -class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP, ICountUsersBackend, ICountMappedUsersBackend { - /** @var array<string,User_LDAP> */ - private $backends = []; - /** @var ?User_LDAP */ - private $refBackend = null; +class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP, ICountUsersBackend, ICountMappedUsersBackend, IProvideEnabledStateBackend { + /** @var User_LDAP[] */ + private array $backends = []; + private ?User_LDAP $refBackend = null; private bool $isSetUp = false; private Helper $helper; @@ -52,6 +55,8 @@ class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP private INotificationManager $notificationManager; private IUserSession $userSession; private UserPluginManager $userPluginManager; + private LoggerInterface $logger; + private DeletedUsersIndex $deletedUsersIndex; public function __construct( Helper $helper, @@ -60,7 +65,9 @@ class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP IConfig $ocConfig, INotificationManager $notificationManager, IUserSession $userSession, - UserPluginManager $userPluginManager + UserPluginManager $userPluginManager, + LoggerInterface $logger, + DeletedUsersIndex $deletedUsersIndex, ) { parent::__construct($ldap, $accessFactory); $this->helper = $helper; @@ -68,6 +75,8 @@ class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP $this->notificationManager = $notificationManager; $this->userSession = $userSession; $this->userPluginManager = $userPluginManager; + $this->logger = $logger; + $this->deletedUsersIndex = $deletedUsersIndex; } protected function setup(): void { @@ -77,8 +86,15 @@ class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP $serverConfigPrefixes = $this->helper->getServerConfigurationPrefixes(true); foreach ($serverConfigPrefixes as $configPrefix) { - $this->backends[$configPrefix] = - new User_LDAP($this->getAccess($configPrefix), $this->ocConfig, $this->notificationManager, $this->userSession, $this->userPluginManager); + $this->backends[$configPrefix] = new User_LDAP( + $this->getAccess($configPrefix), + $this->ocConfig, + $this->notificationManager, + $this->userSession, + $this->userPluginManager, + $this->logger, + $this->deletedUsersIndex, + ); if (is_null($this->refBackend)) { $this->refBackend = &$this->backends[$configPrefix]; @@ -438,4 +454,23 @@ class User_Proxy extends Proxy implements IUserBackend, UserInterface, IUserLDAP public function createUser($username, $password) { return $this->handleRequest($username, 'createUser', [$username, $password]); } + + public function isUserEnabled(string $uid, callable $queryDatabaseValue): bool { + return $this->handleRequest($uid, 'isUserEnabled', [$uid, $queryDatabaseValue]); + } + + public function setUserEnabled(string $uid, bool $enabled, callable $queryDatabaseValue, callable $setDatabaseValue): bool { + return $this->handleRequest($uid, 'setUserEnabled', [$uid, $enabled, $queryDatabaseValue, $setDatabaseValue]); + } + + public function getDisabledUserList(int $offset = 0, ?int $limit = null): array { + return array_map( + fn (OfflineUser $user) => $user->getOCName(), + array_slice( + $this->deletedUsersIndex->getUsers(), + $offset, + $limit + ) + ); + } } |