diff options
Diffstat (limited to 'apps/user_ldap')
| -rw-r--r-- | apps/user_ldap/appinfo/info.xml | 3 | ||||
| -rw-r--r-- | apps/user_ldap/js/settings.js | 1 | ||||
| -rw-r--r-- | apps/user_ldap/lib/access.php | 2 | ||||
| -rw-r--r-- | apps/user_ldap/lib/ildapwrapper.php | 4 | ||||
| -rw-r--r-- | apps/user_ldap/lib/ldap.php | 6 | ||||
| -rw-r--r-- | apps/user_ldap/lib/wizard.php | 5 | ||||
| -rw-r--r-- | apps/user_ldap/user_ldap.php | 33 |
7 files changed, 42 insertions, 12 deletions
diff --git a/apps/user_ldap/appinfo/info.xml b/apps/user_ldap/appinfo/info.xml index 148a72cecbb..9cc908e8522 100644 --- a/apps/user_ldap/appinfo/info.xml +++ b/apps/user_ldap/appinfo/info.xml @@ -14,4 +14,7 @@ <types> <authentication/> </types> + <documentation> + <admin>http://doc.owncloud.org/server/6.0/go.php?to=admin-ldap</admin> + </documentation> </info> diff --git a/apps/user_ldap/js/settings.js b/apps/user_ldap/js/settings.js index acf88ef58a4..792638f2b58 100644 --- a/apps/user_ldap/js/settings.js +++ b/apps/user_ldap/js/settings.js @@ -240,6 +240,7 @@ var LdapWizard = { LdapWizard.hideSpinner('#ldap_base'); LdapWizard.showInfoBox('Please specify a Base DN'); LdapWizard.showInfoBox('Could not determine Base DN'); + $('#ldap_base').prop('disabled', false); } ); } diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 579aedeefc3..8a8d8aa5e3a 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -750,7 +750,7 @@ class Access extends LDAPUtility { } } else { if(!is_null($limit)) { - \OCP\Util::writeLog('user_ldap', 'Paged search failed :(', \OCP\Util::INFO); + \OCP\Util::writeLog('user_ldap', 'Paged search was not available', \OCP\Util::INFO); } } } diff --git a/apps/user_ldap/lib/ildapwrapper.php b/apps/user_ldap/lib/ildapwrapper.php index 3cda2aac7a5..017d5549690 100644 --- a/apps/user_ldap/lib/ildapwrapper.php +++ b/apps/user_ldap/lib/ildapwrapper.php @@ -145,9 +145,11 @@ interface ILDAPWrapper { * @param $baseDN The DN of the entry to read from * @param $filter An LDAP filter * @param $attr array of the attributes to read + * @param $attrsonly optional, 1 if only attribute types shall be returned + * @param $limit optional, limits the result entries * @return an LDAP search result resource, false on error */ - public function search($link, $baseDN, $filter, $attr); + public function search($link, $baseDN, $filter, $attr, $attrsonly = 0, $limit = 0); /** * @brief Sets the value of the specified option to be $value diff --git a/apps/user_ldap/lib/ldap.php b/apps/user_ldap/lib/ldap.php index ffd97ab83f9..de9b7481c19 100644 --- a/apps/user_ldap/lib/ldap.php +++ b/apps/user_ldap/lib/ldap.php @@ -85,9 +85,9 @@ class LDAP implements ILDAPWrapper { return $this->invokeLDAPMethod('read', $link, $baseDN, $filter, $attr); } - public function search($link, $baseDN, $filter, $attr) { - return $this->invokeLDAPMethod('search', $link, $baseDN, - $filter, $attr); + public function search($link, $baseDN, $filter, $attr, $attrsonly = 0, $limit = 0) { + return $this->invokeLDAPMethod('search', $link, $baseDN, $filter, + $attr, $attrsonly, $limit); } public function setOption($link, $option, $value) { diff --git a/apps/user_ldap/lib/wizard.php b/apps/user_ldap/lib/wizard.php index 27edeb2a449..5079642d954 100644 --- a/apps/user_ldap/lib/wizard.php +++ b/apps/user_ldap/lib/wizard.php @@ -569,6 +569,10 @@ class Wizard extends LDAPUtility { //get a result set > 0 on a proper base $rr = $this->ldap->search($cr, $base, 'objectClass=*', array('dn'), 0, 1); if(!$this->ldap->isResource($rr)) { + $errorNo = $this->ldap->errno($cr); + $errorMsg = $this->ldap->error($cr); + \OCP\Util::writeLog('user_ldap', 'Wiz: Could not search base '.$base. + ' Error '.$errorNo.': '.$errorMsg, \OCP\Util::INFO); return false; } $entries = $this->ldap->countEntries($cr, $rr); @@ -1015,6 +1019,7 @@ class Wizard extends LDAPUtility { $this->configuration->ldapPort); $this->ldap->setOption($cr, LDAP_OPT_PROTOCOL_VERSION, 3); + $this->ldap->setOption($cr, LDAP_OPT_REFERRALS, 0); $this->ldap->setOption($cr, LDAP_OPT_NETWORK_TIMEOUT, self::LDAP_NW_TIMEOUT); if($this->configuration->ldapTLS === 1) { $this->ldap->startTls($cr); diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index f983c7835af..1088dafab71 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -85,15 +85,14 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { return; } - $jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto'); - \OCP\Config::setUserValue($uid, 'user_ldap', 'lastJpegPhotoLookup', time()); - if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) { + $avatarImage = $this->getAvatarImage($uid, $dn); + if($avatarImage === false) { //not set, nothing left to do; return; } $image = new \OCP\Image(); - $image->loadFromBase64(base64_encode($jpegPhoto[0])); + $image->loadFromBase64(base64_encode($avatarImage)); if(!$image->valid()) { \OCP\Util::writeLog('user_ldap', 'jpegPhoto data invalid for '.$dn, @@ -128,8 +127,7 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { if(!$dn) { return false; } - $jpegPhoto = $this->access->readAttribute($dn, 'jpegPhoto'); - if(!$jpegPhoto || !is_array($jpegPhoto) || !isset($jpegPhoto[0])) { + if($this->getAvatarImage($uid, $dn) === false) { //The user is allowed to change his avatar in ownCloud only if no //avatar is provided by LDAP return true; @@ -138,6 +136,26 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { } /** + * @brief reads the image from LDAP that shall be used as Avatar + * @param $uid string, the ownCloud user name + * @param $dn string, the user DN + * @return image data (provided by LDAP) | false + */ + private function getAvatarImage($uid, $dn) { + $attributes = array('jpegPhoto', 'thumbnailPhoto'); + foreach($attributes as $attribute) { + $result = $this->access->readAttribute($dn, $attribute); + \OCP\Config::setUserValue($uid, 'user_ldap', 'lastJpegPhotoLookup', + time()); + if($result !== false && is_array($result) && isset($result[0])) { + return $result[0]; + } + } + + return false; + } + + /** * @brief Check if the password is correct * @param string $uid The username * @param string $password The password @@ -238,7 +256,8 @@ class USER_LDAP extends BackendUtility implements \OCP\UserInterface { } //check if user really still exists by reading its entry if(!is_array($this->access->readAttribute($dn, ''))) { - \OCP\Util::writeLog('user_ldap', 'LDAP says no user '.$dn, \OCP\Util::DEBUG); + \OCP\Util::writeLog('user_ldap', 'LDAP says no user '.$dn.' on '. + $this->access->connection->ldapHost, \OCP\Util::DEBUG); $this->access->connection->writeToCache('userExists'.$uid, false); return false; } |